KB5034204 for Windows 11 is out with Start menu fixes, File Explorer improvements, and more

Microsoft has prepared a new non-security update for Windows 11 users. The latest optional release for versions 23H2 and 22H2 (KB5034204, build numbers 22621.3085 and 22631.3085) fixes the broken search in the Start menu, makes video calls more reliable, resolves the bug that causes your computer to stop responding, fixes built-in troubleshooters, and more. You are not obliged to install KB5034204 right away, but you can go ahead and pull the trigger if you need a specific bug fix mentioned in the changelog below.

Here are quick links for your convenience:

• Update Highlights
• Full Changelog
• Known Bugs
• How to get the update

What is new in KB5034204 for Windows 11?

Here are the update highlights, aka the most important changes you should care about:

• This update addresses an issue that stops search from working on the Start menu for some users. The issue occurs because of a deadlock.

• This update addresses an issue to make video calls more reliable.

• This update addresses an issue that causes your device to stop responding. This is intermittent and occurs after you install a print support app.

• This update addresses an issue that makes the troubleshooting process fail. This occurs when you use the Get Help app.

• This update addresses an issue that affects the File Explorer Gallery. It stops you from closing a tooltip.

• This update addresses an issue that affects Bluetooth Low Energy (LE) Audio earbuds. They lose sound when you stream music.

• This update addresses an issue that affects a Bluetooth phone call. It stops the audio from routing through the PC when you answer the call on your PC.

And here is the rest of the changelog with additional fixes, enterprise-related changes, and more:

• This update addresses an issue that affects certain types of 7-Zip files. They appear as empty in File Explorer.
• This update addresses an issue that affects Wi-Fi Protected Access 3 (WPA3) in the Group Policy editor. HTML preview rendering fails.
• This update addresses an issue that affects Windows Management Instrumentation (WMI). A caching issue occurs. The issue causes CurrentTimeZone to change to the wrong value.
• This update makes Windows more reliable during power transitions. This reduces the risk of a stop error.
• This update addresses an issue that affects the OpenType font driver. On a certain architecture, the issue might affect how text renders for third-party applications.
• The update addresses a known issue that affects the color font format for COLRv1. It now renders properly. Windows uses this format to display emoji with a 3D-like appearance.
• This update addresses an issue that stops WMI from working. This occurs in certain scenarios with mobile device management (MDM) providers, such as Microsoft Intune.
• This update addresses a known issue that affects BitLocker data-only encryption. A mobile device management (MDM) service, such as Microsoft Intune, might not get the right data. This occurs when you use the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node.
• This update addresses an issue that affects Access Point Name (APN) profiles. It stops you from automatically configuring APN profiles for cellular enabled devices. This occurs when you run the “netsh mbn show readyinfo *” command.
• This update addresses an issue that affects Trusted Platform Modules. On certain devices, they did not initialize correctly. Because of this, TPM-based scenarios stopped working.
• This update includes quarterly changes to the Windows Kernel Vulnerable Driver Blocklist file, DriverSiPolicy.p7b. It adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
• This update affects Unified Extensible Firmware Interface (UEFI) Secure Boot systems. It adds a renewed signing certificate to the Secure Boot DB variable. You can now opt for this change.
• This update addresses an issue that affects RemoteApp windows. In certain cases, they persist on client devices after you close them.
• This update addresses an issue that affects a remote desktop client. It might connect to a wrong instance of a user's session. This occurs if a user has multiple sessions on the host.
• This update addresses an issue that occurs when you change the keyboard language. The change fails to apply to RemoteApps in some scenarios.
• This update addresses an issue that affects Windows Local Administrator Password Solution (LAPS) Post Authentication Actions (PAA). The actions occur at restart instead of at the end of the grace period.
• This update addresses an issue that affects Active Directory. Bind requests to IPv6 addresses fail. This occurs when the requestor is not joined to a domain.
• This update addresses an issue that affects the LocalUsersAndGroups CSP. It stops processing group memberships if it cannot find a group.
• This update addresses an issue that affects Group Policy Folder Redirection in a multi-forest deployment. The issue stops you from choosing a group account from the target domain. Because of this, you cannot apply advanced folder redirection settings to that domain. This issue occurs when the target domain has a one-way trust with the domain of the admin user. This issue affects all Enhanced Security Admin Environment (ESAE), Hardened Forests (HF) or Privileged Access Management (PAM) deployments.
• This update changes a setting in Active Directory Users & Computers. By default, the snap-in now uses a strong certificate mapping of X509IssuerSerialNumber. It does not use the weak mapping of x509IssuerSubject.

As a reminder, the update contains one known issue Microsoft confirmed earlier:

You can find more information about the update in the official documentation. To download KB5034204, head to Settings > Windows Update and click Download & Install under KB5034204. Alternatively, get the update using a direct link to the Microsoft Update Catalog.