Windows 11 KB5067036 Update: Enhanced Security and Revamped Start Menu Arrive

🎙️ Dive Deeper with Our Podcast!

Windows 11 KB5067036 Security and Start Menu Revamp

👉 Listen to the Episode: https://technijian.com/podcast/windows-11-kb5067036-security-and-start-menu-revamp/

Subscribe: Youtube | Spotify | Amazon

Microsoft has just released the KB5067036 preview update for Windows 11, and it’s bringing some significant changes that users have been waiting for. Released on October 28, 2025, this optional cumulative update introduces the much-anticipated Administrator Protection feature alongside a completely redesigned Start Menu experience.

This isn’t your typical security patch. As part of Microsoft’s monthly preview update cycle, KB5067036 serves as a testing ground for features that will eventually make their way to the standard Patch Tuesday releases. While it doesn’t include security updates, it’s packed with improvements that could transform how you interact with Windows 11.

What’s New in the KB5067036 Update?

The latest preview update targets both Windows 11 24H2 and 25H2 versions, bringing them to builds 26100.5074 and 26100.7019 respectively. This release represents Microsoft’s ongoing commitment to refining the Windows 11 experience based on user feedback and emerging security needs.

Administrator Protection: Your New Security Guardian

The headline feature of this update is Administrator Protection, a security enhancement that’s been in development for quite some time. Think of it as an additional gatekeeper for your system’s most sensitive operations.

Here’s how it works: whenever you or an application attempts to perform an action requiring administrative privileges—like installing software, modifying system settings, or accessing protected data—Windows Hello authentication kicks in. You’ll need to verify your identity before the action proceeds.

This might sound like an extra step, but consider what it prevents. Malware that somehow makes its way onto your system can no longer silently escalate privileges and make system-level changes without your knowledge. Even accidental clicks on malicious links or downloads face an additional barrier before they can compromise your machine.

The feature isn’t enabled by default, which means you have control over when to activate it. System administrators can deploy it across their networks using Microsoft Intune or Group Policy, making it particularly valuable for business environments where security is paramount.

Start Menu Gets a Complete Makeover

If you’ve felt that finding apps in the current Start Menu was more of a treasure hunt than it should be, you’re not alone. Microsoft has completely reimagined the Start Menu with this update, focusing on usability and efficiency.

The redesign introduces several smart improvements:

Scrollable “All Apps” Section: No more clicking through multiple pages. The main view now features a continuously scrollable list, letting you quickly scan through all your installed applications.

Dual View Options: Switch between category view and grid view depending on your preference. Category view intelligently groups applications by type and highlights the ones you use most frequently. Grid view takes a more traditional approach, arranging apps alphabetically with extra horizontal space for easier reading.

Adaptive Layout: The Start Menu now responds to your display size. Working on a large monitor? You’ll see more pinned apps, recommendations, and categories by default. On smaller screens, it adjusts accordingly. Sections expand and collapse based on available content, and you can fine-tune these behaviors in the personalization settings.

Phone Link Integration: A new button next to the search bar lets you quickly access content from your connected Android or iOS device. This feature works in most markets, with European Economic Area availability coming in 2025.

The best part? The Start Menu remembers your preferred view, so you don’t have to reconfigure it every time you restart your computer.

File Explorer Enhancements You’ll Actually Notice

File Explorer receives its share of improvements in this update, addressing both functionality and long-standing bugs that have frustrated users.

The recommended files section now works with personal Microsoft accounts and local accounts, not just work accounts. These recommendations pull from files you frequently use, recent downloads, and items in your Gallery. If you prefer a cleaner view, you can disable this feature entirely in Folder Options, which will restore your pinned Quick Access folders.

For cloud storage providers, Microsoft has introduced new StorageProvider APIs, allowing better integration with File Explorer Home. This opens the door for smoother experiences with services like OneDrive, Dropbox, and others.

Several persistent bugs have been squashed too. The context menu no longer randomly switches between normal and “Show More Options” views. Custom folder views finally stick when opening folders from other applications. And if you’ve ever encountered the dreaded “Catastrophic Error” when extracting large archives, that’s been fixed as well.

Visual and Performance Improvements Across the Board

Microsoft has addressed numerous visual glitches and performance issues that emerged from previous updates.

The new battery icons throughout the system provide clearer status information at a glance. Green indicates charging and healthy battery levels, yellow shows battery saver mode at 20% or below, and red signals critically low power. These enhanced indicators appear in the system tray, Quick Settings, Settings app, and now on the lock screen.

Display issues that caused partially unresponsive content when background apps were updating have been resolved. Videos and games that appeared with an unexpected red tint after previous updates should now display correctly.

Text rendering problems in multiline text boxes have been fixed, along with screen reader issues that caused unexpected “legacy window” announcements without reading actual content.

Authentication and Networking Fixes

For IT professionals and power users, this update includes several important fixes for authentication and networking scenarios.

The ACCESS_DENIED error that prevented password changes on remote member servers or workgroup devices is now resolved. The Kerberos Key Distribution Center service on domain controllers works properly again when manually stopped and restarted.

Web servers using HTTP.sys, including Internet Information Services, will no longer reject HTTP/2 requests with “NOT_SUPPORTED” errors. This was particularly problematic for localhost web development and testing scenarios.

How to Install KB5067036

Getting this update installed is straightforward, though it requires a bit more intention than standard Patch Tuesday updates since it’s optional.

Open your Settings app and navigate to Windows Update. Click “Check for Updates” and you’ll see KB5067036 listed with a “Download and install” link. Click that link to begin the installation process.

If you’ve enabled the “Get the latest updates as soon as they’re available” option in Windows Update settings, the update will install automatically.

Alternatively, you can download the standalone package from the Microsoft Update Catalog and install it manually. This option is useful if you’re installing the update on multiple machines or want to keep an offline copy.

System Requirements and Compatibility

This update applies specifically to Windows 11 version 24H2 and 25H2. If you’re running an older version of Windows 11, you’ll need to upgrade to one of these versions first before you can install KB5067036.

Microsoft reports no known issues with this update, which is refreshing given that preview updates sometimes introduce new problems while fixing others. However, as with any major update, it’s wise to create a system restore point before installation.

What’s Not Included

It’s worth noting what this update doesn’t contain. As a preview cumulative update, KB5067036 doesn’t include security patches. Those remain exclusive to the monthly Patch Tuesday releases.

This update is entirely optional. If you prefer to wait and let others test the new features first, the improvements will eventually roll into a future mandatory update anyway. However, if you’re interested in the new Administrator Protection feature or the redesigned Start Menu, installing this preview gives you early access.

Frequently Asked Questions

Is the KB5067036 update safe to install?

Yes, this is an official Microsoft update with no known issues reported. However, as with any system update, it’s good practice to back up your important files and create a system restore point before installation.

Will this update install automatically?

Not unless you have the “Get the latest updates as soon as they’re available” option enabled in Windows Update settings. Otherwise, you’ll need to manually choose to download and install it.

Can I uninstall this update if I experience problems?

Yes, you can uninstall KB5067036 through Windows Update settings if you encounter any issues. Navigate to Settings > Windows Update > Update history > Uninstall updates, find KB5067036, and remove it.

Does Administrator Protection slow down my computer?

The authentication requirement adds a brief verification step when performing administrative actions, but it doesn’t impact general system performance. For most users, this minor inconvenience is worth the added security.

Do I need to enable Administrator Protection manually?

Yes, Administrator Protection is disabled by default. You can enable it through Group Policy or Microsoft Intune. Home users should consult Microsoft’s documentation for specific configuration steps.

Will the new Start Menu affect my current layout?

Your existing pinned apps and customizations remain intact. The update adds new viewing options and features while preserving your current setup.

Can I revert to the old Start Menu if I don’t like the new one?

The new Start Menu replaces the previous version entirely. However, you can customize its behavior extensively through Settings > Personalization > Start to match your preferences.

Does this update affect Windows 11 23H2 or earlier versions?

No, KB5067036 is exclusively for Windows 11 versions 24H2 and 25H2. Users on earlier versions won’t see this update in Windows Update.

How long does the installation take?

Installation time varies depending on your system specifications, but most users can expect the process to take 10-20 minutes, including the restart.

Will this update break any of my applications?

Microsoft has tested this update extensively, and no application compatibility issues have been reported. However, if you run specialized software, check with the vendor to ensure compatibility with the latest Windows 11 builds.

How Technijian Can Help

Keeping your Windows systems updated and secure doesn’t have to be a hassle. At Technijian, we understand that while updates like KB5067036 bring valuable features, they also require careful planning and implementation, especially in business environments.

Our team of certified IT professionals can help you navigate Windows 11 updates with confidence. We offer comprehensive update management services that include testing updates in controlled environments before deploying them across your network, ensuring that new features like Administrator Protection are properly configured for your security needs, and monitoring systems post-update to quickly address any unexpected issues.

Whether you’re a small business owner concerned about maintaining productivity during updates or an IT manager looking to implement Administrator Protection across your organization, Technijian provides the expertise you need. We handle the technical complexity so you can focus on what matters most—running your business.

Our managed IT services include proactive update management, security configuration, system optimization, and 24/7 support. We work with businesses across all industries to keep their Windows environments running smoothly and securely.

Don’t let update management become a distraction from your core business objectives. Contact Technijian today to learn how our IT support services can keep your systems current, secure, and running at peak performance. Visit our website or give us a call to schedule a consultation with one of our IT specialists.

About Technijian

Technijian is a premier managed IT services provider, committed to delivering innovative technology solutions that empower businesses across Southern California. Headquartered in Irvine, we offer robust IT support and comprehensive managed IT services tailored to meet the unique needs of organizations of all sizes. Our expertise spans key cities like Aliso Viejo, Anaheim, Brea, Buena Park, Costa Mesa, Cypress, Dana Point, Fountain Valley, Fullerton, Garden Grove, Huntington Beach, Irvine, La Habra, La Palma, Laguna Beach, Laguna Hills, Laguna Niguel, Laguna Woods, Lake Forest, Los Alamitos, Mission Viejo, Newport Beach, Orange, Placentia, Rancho Santa Margarita, San Clemente, San Juan Capistrano, Santa Ana, Seal Beach, Stanton, Tustin, Villa Park, Westminster, and Yorba Linda. Our focus is on creating secure, scalable, and streamlined IT environments that drive operational success.

As a trusted IT partner, we prioritize aligning technology with business objectives through personalized IT consulting services. Our extensive expertise covers IT infrastructure management, IT outsourcing, and proactive cybersecurity solutions. From managed IT services in Anaheim to dynamic IT support in Laguna Beach, Mission Viejo, and San Clemente, we work tirelessly to ensure our clients can focus on business growth while we manage their technology needs efficiently.

At Technijian, we understand modern challenges such as the rise of AI tools like Microsoft Copilot, increasing attempts to hack Gmail accounts, rising security concerns highlighted by cases like the T-Mobile lawsuit, and evolving communication technologies including RCS message standards. To address these threats, we provide a suite of flexible IT solutions designed to enhance performance, protect sensitive data, and strengthen cybersecurity. Our services include Microsoft 365 security optimization, cloud computing, network management, IT systems management, and disaster recovery planning. We extend our dedicated support across Orange County and the wider Southern California region, ensuring businesses stay adaptable and future-ready in a rapidly evolving digital landscape.

Cyber threats are no longer limited to large corporations—small and mid-sized businesses are increasingly being targeted due to weaker defenses and the proliferation of AI tools that can expose improperly secured data. That’s why Technijian emphasizes proactive monitoring, endpoint protection, data loss prevention, and multi-layered security protocols that reduce the risk of downtime and data breaches. Our Microsoft Copilot security expertise ensures that businesses can leverage AI productivity tools without compromising sensitive information or violating compliance requirements.

Beyond security, we also focus on compliance and regulatory readiness. Whether it’s HIPAA for healthcare organizations, PCI DSS for businesses processing payments, SOC 2 for service providers, or GDPR for companies handling EU citizen data, our team ensures that businesses remain audit-ready and avoid costly penalties while maintaining trust with customers. Our Microsoft 365 governance and security services ensure that cloud collaboration platforms like SharePoint, Teams, and OneDrive are configured correctly from both security and compliance perspectives.

We also recognize the importance of scalable IT strategies. From supporting hybrid workplaces to deploying advanced collaboration tools securely, we design infrastructures that evolve with your company’s growth. Coupled with our 24/7 helpdesk and rapid incident response, you can count on Technijian not just as an IT provider, but as a long-term partner in business resilience.

Our proactive approach to IT management also includes comprehensive help desk support, advanced cybersecurity services, Microsoft 365 administration and security, and customized IT consulting for a wide range of industries including healthcare, legal, financial services, professional services, and manufacturing. We proudly serve businesses throughout Orange County and Southern California, providing the expertise and support necessary to navigate today’s complex technology and security landscape.

Partnering with Technijian means gaining a strategic ally dedicated to optimizing your IT infrastructure while ensuring robust security for modern tools like Microsoft Copilot. Experience the Technijian Advantage with our innovative IT support services, expert Microsoft 365 security consulting, and reliable managed IT services in Irvine. We help businesses stay secure, efficient, and competitive in today’s AI-driven, digital-first world.