Microsoft's June patch fixes 200 vulnerabilities — and breaks the Recycle Bin

Microsoft's June 2026 security update plugs around 200 vulnerabilities — including six zero-days — but it also broke the Recycle Bin confirmation dialog on every supported version of Windows. Instead of showing the real filename when you permanently delete something, the prompt now displays internal system codes like `$R12345.docx`. No files are lost, but the cryptic display is alarming enough to send plenty of users hunting for malware that isn't there.

What the bug actually does

When you right-click the Recycle Bin and choose "Empty Recycle Bin," Windows normally lists the files you're about to erase. After installing KB5094126, that confirmation dialog swaps human-readable names for the internal `$Rxxxxx` identifiers the file system uses behind the scenes. The Recycle Bin's main list view is unaffected — filenames look normal there. Restored files land back in their original location with their original names and content fully intact. This is a cosmetic glitch, not a data-loss risk.

Microsoft confirmed the issue on June 18 via its Windows Release Health dashboard. The bug hits Windows 10 22H2, Windows 11 23H2, 24H2, and 25H2, plus multiple Windows Server editions — essentially anything Microsoft still supports.

The wider picture

KB5094126 is a historically large patch. Tenable describes it as the biggest Patch Tuesday since the program began, addressing 198–200 CVEs with 33 rated critical. Three of the zero-days were publicly disclosed before the fix shipped; one was already being actively exploited. Skipping the update is not a realistic option.

The Recycle Bin glitch is one of several regressions the June rollout introduced. The same update has been linked to BitLocker boot loops on certain HP hardware, broken OneDrive integration in File Explorer, missing custom folder icons, and disrupted LAN access on some systems. Managed IT firms are reportedly fielding emergency rollback requests, particularly from HP-heavy corporate fleets — though rolling back also means losing the security fixes.

What to do now

For home users, the advice is straightforward: sit tight. There is no registry tweak or manual workaround available publicly. The fix will arrive in a future cumulative update, and the current bug poses no risk to your files.

Enterprise customers facing help-desk pressure from confused employees have one option: contact Microsoft Support for Business directly. Microsoft has not published a workaround, which means the path to relief sits behind a paid support contract — a frustrating two-tier experience for IT admins already stretched by the wider regressions this month.

Microsoft has not confirmed whether the fix will arrive in July's Patch Tuesday or via an out-of-band update.