Microsoft has released its Patch Tuesday updates for Windows 11 22H2 (KB5023706) and 21H2 (KB5023698). The release notes will be quite extensive but without further ado, here we go!
22H2
Highlights
This update addresses security issues for your Windows operating system.
Improvements (also includes improvements from KB5022913)
- This update implements phase three of Distributed Component Object Model (DCOM) hardening. See KB5004442. After you install this update, you cannot turn off the changes using the registry key.
- This update addresses an issue that affects a computer account and Active Directory. When you reuse an existing computer account to join an Active Directory domain, joining fails. This occurs on devices that have installed Windows updates dated October 11, 2022 or later. The error message is, “Error 0xaac (2732): NERR_AccountReuseBlockedByPolicy: ‘An account with the same name exists in Active Directory. Re-using the account was blocked by security policy.’” For more information, see KB5020276.
- New! This update adds the new Tamil Anjal keyboard for the Tamil language. To add it, make sure Tamil (Singapore), Tamil (Malaysia), Tamil (Sri Lanka), or Tamil (India) appears in Settings > Time & Language > Language & Region. Select the ellipses (…) next to the language. Select Language Options. Add Tamil Anjal (QWERTY) to the list of keyboards.
- This update improves the reliability of Windows after you install an update.
- This update affects the United Mexican States. This update supports the government’s daylight saving time change order for 2023.
- This update addresses a date information issue. It affects the format of dates sent between Windows and some versions of the Heimdal Kerberos library.
- This update addresses compatibility issues that affect some printers. These printers use Windows Graphical Device Interface (GDI) printer drivers. These drivers do not completely adhere to GDI specifications.
- This update addresses an issue that affects the software keyboard. It does not appear in the Out-of-Box Experience (OOBE) after a Push-button reset (factory reset). This type of reset requires an external keyboard to be attached to provide credentials.
- This update addresses an issue that affects AppV. It stops file names from having the correct letter case (uppercase or lowercase).
- This update addresses an issue that affects Microsoft Edge. The issue removes conflicting policies for Microsoft Edge. This occurs when you set the MDMWinsOverGPFlag in a Microsoft Intune tenant and Intune detects a policy conflict.
- This update addresses an issue that affects provisioning packages. They fail to apply in certain circumstances when elevation is required.
- This update addresses an issue that affects Azure Active Directory (Azure AD). Using a provisioning package for bulk provisioning fails.
- This update addresses an issue that affects Universal Print's Configuration Service Provider (CSP). A command prompt window appears when you install a printer.
- This update addresses a reliability issue that occurs when you use Task View.
- This update addresses an issue that might affect lsass.exe. It might stop responding. This occurs when it sends a Lightweight Directory Access Protocol (LDAP) query to a domain controller that has a very large LDAP filter.
- This update addresses an issue that affects the Local Security Authority Subsystem Service (LSASS). LSASS might stop responding. This occurs after you run Sysprep on a domain-joined machine.
- This update addresses an issue that affects copying from a network to a local drive. Copying is slower than expected for some users.
- This update addresses an issue that affects parity virtual disks. Using Server Manager to create them fails.
Windows 11 servicing stack update - 22621.1344
This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates.
Known issues
|
Applies to |
Symptom |
Workaround |
|---|---|---|
|
IT admins |
Using provisioning packages on Windows 11, version 22H2 (also called Windows 11 2022 Update) might not work as expected. Windows might only be partially configured, and the Out Of Box Experience might not finish or might restart unexpectedly. Provisioning packages are .PPKG files which are used to help configure new devices for use on business or school networks. Provisioning packages which are applied during initial setup are most likely to be impacted by this issue. For more information on provisioning packages, please see Provisioning packages for Windows. Note Provisioning Windows devices using Windows Autopilot is not affected by this issue. Windows devices used by consumers in their home or small offices are not likely to be affected by this issue. |
If you can provision the Windows device before upgrading to Windows 11, version 22H2, this will prevent the issue. We are presently investigating and will provide an update in an upcoming release. |
|
IT admins |
Copying large multiple gigabyte (GB) files might take longer than expected to finish on Windows 11, version 22H2. You are more likely to experience this issue copying files to Windows 11, version 22H2 from a network share via Server Message Block (SMB) but local file copy might also be affected.Windows devices used by consumers in their home or small offices are not likely to be affected by this issue. |
To mitigate this issue, you can use file copy tools that do not use cache manager (buffered I/O). This can be done by using the built-in command-line tools listed below: robocopy \\someserver\someshare c:\somefolder somefile.img /J or xcopy \\someserver\someshare c:\somefolder /J We are working on a resolution and will provide an update in an upcoming release. |
|
IT admins |
Updates released February 14, 2023 or later might not be offered from some Windows Server Update Services (WSUS) servers to Windows 11, version 22H2. The updates will download to the WSUS server but might not propagate further to client devices. Affected WSUS servers are only those running Windows Server 2022 which have been upgraded from Windows Server 2016 or Windows Server 2019. This issue is caused by the accidental removal of required Unified Update Platform (UUP) MIME types during the upgrade to Windows Server 2022 from a previous version of Windows Server. This issue might affect security updates or feature updates for Windows 11, version 22H2. Microsoft Configuration Manager is not affected by this issue. |
To mitigate this issue, please see Adding file types for Unified Update Platform on premises. We are working on a resolution and will provide an update in an upcoming release. |
|
All users |
After installing this or later updates, Windows devices with some third-party UI customization apps might not start up. These third-party apps might cause errors with explorer.exe that might repeat multiple times in a loop. The known affected third-party UI customization apps are ExplorerPatcher and StartAllBack. These types of apps often use unsupported methods to achieve their customization and as a result can have unintended results on your Windows device. |
We recommend uninstalling any third-party UI customization app before installing this or later updates to prevent this issue. If your Windows device is already experiencing this issue, you might need to contact customer support for the developer of the app you are using. If you are using StartAllBack, you might be able to prevent this issue by updating to the latest version (v3.5.6 or later). We are presently investigating and will provide more information when it is available. |
21H2
The highlights and improvements are the same in this version as the one above. There are also no known issues. The only difference is the service stack update number; in this release, it’s 22000.1630.
Both updates can be obtained through Windows Update. If you want to install them on an offline machine you can download them both from the Microsoft Update Catalog website (22H2, 21H2).
9 Comments - Add comment