Windows 11 KB5089573: Performance and Reliability Fixes for 24H2/25H2

Microsoft has officially released the KB5089573 preview cumulative update for Windows 11 versions 25H2 and 24H2. This release, characterized as a “C” update, contains approximately 30 individual improvements designed to enhance the stability and performance of the operating system. According to BleepingComputer, these changes prioritize resolving graphical anomalies and filesystem bottlenecks that have impacted enterprise users during regular operations.

Windows 11 24H2 KB5089573 update analysis

From a technical perspective, KB5089573 is a non-security optional update, meaning it does not address any specific CVE entries. However, maintaining the reliability of core system components is a foundational element of a defensive posture. For instance, the update resolves a known issue where Task Manager incorrectly displays 0% CPU usage for certain processes even when they are consuming active resources. In a SOC environment, such discrepancies can hinder incident response if analysts cannot accurately monitor resource consumption during a suspected malware event or performance degradation.

Furthermore, the update addresses critical failures within the Windows Sandbox environment. Previously, users encountered errors—specifically error 0x80370106—when attempting to launch the Sandbox, which is a vital tool for malware analysis and testing untrusted applications. These Windows 11 Sandbox stability improvements ensure that security researchers and developers can continue to utilize isolated environments without persistent infrastructure failures.

Resolving File System and Interface Bugs

A significant portion of this update focuses on the Resilient File System (ReFS). Many enterprise configurations utilize ReFS for its data integrity features and protection against corruption, yet users have reported performance regressions during heavy metadata operations. Administrators researching how to fix ReFS performance issues Windows 11 will find that KB5089573 specifically optimizes these metadata workloads, significantly reducing latency in high-density storage environments.

Additional improvements included in this release are:

• Addressing a bug where the clipboard history does not display copied items after a system restart, which impacts productivity and automation scripts.
• Fixing a performance lag in Narrator when navigating extremely large documents or complex web pages, improving accessibility compliance.
• Correcting an issue where certain desktop icons would disappear or fail to render correctly in the taskbar when multiple windows were active.

Strategic Deployment for Enterprise Environments

While preview updates are optional, they serve as an early warning system for SIEM administrators and desktop engineers. By deploying this update to a subset of machines, organizations can validate that future mandatory patches will not disrupt Lateral Movement detection tools or EDR agents. This proactive approach is especially relevant for environments utilizing Zero Trust architectures, where endpoint health and predictable software behavior are prerequisites for granting access. An unstable operating system component can trigger false positives in automated monitoring systems, wasting valuable analyst time.

While this update does not remediate a specific Privilege Escalation vector, the cumulative nature of Windows servicing means that the reliability fixes introduced here will be integrated into the next security-focused release. Administrators should manage the rollout of KB5089573 through Windows Update for Business or WSUS. Because it is a “C” update, it will not install automatically on most managed systems unless explicitly triggered for testing purposes. Testing these changes now prevents unforeseen compatibility issues with third-party security software that hooks into the Windows kernel or file system drivers.