Windows 11 Patch Tuesday updates out for 22H2 (KB5025239) and 21H2 (KB5025224)

Patch Tuesday

Microsoft has released the Patch Tuesday updates for Windows 11 22H2 (KB5025239) and 21H2 (KB5025224). Both of the updates come with a number of improvements and roll-in updates that were pushed out as part of separate updates (KB5023778, KB5023774) at the end of March. Below, you’ll see the release notes for both versions of Windows 11, with the new features from the end of March updates included too.

22H2 (KB5025239)

Highlights

This update addresses security issues for your Windows operating system.
New! This update introduces notifications for Microsoft accounts in the Start menu. This is only available to a small audience right now. It will deploy more broadly in the coming months. Some devices might notice different visual treatments as we gather feedback. See the example below.
New! The search box on the taskbar will be lighter when you set Windows to a custom color mode. This will occur when you set the Windows mode to dark and the app mode to light in Settings > Personalization > Colors.
This update addresses an issue that affects the Notepad combo box in Settings. It fails to show all the available options.
This update addresses an issue that affects Microsoft PowerPoint. It stops responding. This occurs when you use accessibility tools.
This update addresses an issue that affects Microsoft Narrator. It fails to read items in dropdown lists in Microsoft Excel.
This update addresses an issue that affects USB printers. The system classifies them as multimedia devices even though they are not.

Improvements

New! This update implements the new Windows Local Administrator Password Solution (LAPS) as a Windows inbox feature. For more information, see By popular demand: Windows LAPS available now!
This update addresses a compatibility issue. The issue occurs because of unsupported use of the registry.
New! This update adds many new features and improvements to Microsoft Defender for Endpoint. For more information, see Microsoft Defender for Endpoint.
New! Once you have access to the new Bing, the search box on the taskbar might include a button that opens the Bing chat experience in Microsoft Edge. If you don’t have access, the search box on the taskbar will feature a dynamic search highlight button.
This update addresses an issue that affects complexity policy settings for PINs. They are ignored.
This update addresses an issue that affects the Fast Identity Online 2.0 (FIDO2) PIN credential icon. It does not appear on the credentials screen of an external monitor. This occurs when that monitor is attached to a closed laptop.
This update addresses an issue that affects a Clustered Shared Volume (CSV). The CSV fails to come online. This occurs if you enable BitLocker and local CSV managed protectors, and the system recently rotated the BitLocker keys.
This update addresses an issue that affects Active Directory Users & Computers. It stops responding. This occurs when you use TaskPad view to enable or disable many objects at the same time.
The update addresses an issue that affects the Remote Procedure Call Service (rpcss.exe). The issue might cause a race condition between the Distributed Component Object Model (DCOM) and the Microsoft Remote Procedure Call (RPC) endpoint mapper.
This update addresses an issue that affects Microsoft PowerPoint. It stops responding on the Azure Virtual Desktop (AVD). This occurs when you use Visual Basic for Applications (VBA).
This update addresses an issue that affects Windows Search. Windows Search fails inside of Windows container images.
This update affects the Group Policy Editor. It adds Transport Layer Security (TLS) 1.3 to the list of protocols that you can set.
This update affects the Arab Republic of Egypt. The update supports the government’s daylight saving time change order for 2023.
This update affects jscript9Legacy.dll. It adds ITracker and ITrackingService to stop MHTML from not responding.
This update addresses an issue that affects the Microsoft HTML Application Host (HTA). This issue blocks code execution that uses Microsoft HTA. This occurs when you turn on Windows Defender Application Control (WDAC) User Mode Code Integrity (UMCI) enforced mode.
This update affects the Group Policy Management Console. It addresses a scripting error in the Group Policy Preferences window.
This update addresses an issue that affects the Windows Remote Management (WinRM) client. The client returns an HTTP server error status (500). This error occurs when it runs a transfer job in the Storage Migration Service.
This update addresses an issue that affects Desired State Configuration. It loses its previously configured options. This occurs if metaconfig.mof is missing.
This update addresses an issue that affects the Dynamic Host Configuration Protocol (DHCP) option 119 - Domain Search Option. The issue stops you from using a connection-specific DNS Suffix Search List.
This update addresses a rare issue that might cause an input destination to be null. This issue might occur when you attempt to convert a physical point to a logical point during hit testing. Because of this, the computer raises a stop error.
This update addresses an issue that affects the Simple Certificate Enrollment Protocol (SCEP) certificate. The system reports some SCEP certificate installations as failed. Instead, the system should report them as pending.
This update addresses an issue that affects the new Windows Runtime (WinRT) API. This issue stops an application from querying for location information using MBIM2.0+.
This update addresses a known issue that affects kiosk device profiles. If you have enabled automatic logon, it might not work. After Autopilot completes provisioning, these devices stay on the credential screen. This issue occurs after you install updates dated January 10, 2023, and later.
This update affects Xbox Elite users who have the Xbox Adaptive Controller. This update applies your controller remapping preferences on the desktop.
This update addresses an issue that might affect your audio. It might cause glitching or screeching. This occurs when the system is under a heavy load or wakes from sleep.
This update addresses an issue that stops WDAC from parsing fields from binaries.
This update addresses an issue that might affect Win32 and Universal Windows Platform (UWP) apps. They might close when devices enter Modern Standby. Modern Standby is an expansion of the Connected Standby power model. This issue occurs if certain Bluetooth PhoneLink features are turned on.

21H2 (KB5025224)

Highlights

This update addresses security issues for your Windows operating system.
New! This update improves the search box experience on the taskbar. As you type in the search box, search results now appear in the search flyout box. You can also change the search experience you want for your taskbar by going to Settings > Personalization > Taskbar. For commercial customers, this update adds a new policy for IT administrators to manage how the search box on the taskbar appears in your organization. For more information, see Customizing search on the Windows 11 taskbar.
This update addresses an issue that affects the Notepad combo box in Settings. It fails to show all the available options.
This update addresses an issue that affects Microsoft PowerPoint. It stops responding. This occurs when you use accessibility tools.
This update addresses an issue that affects USB printers. The system classifies them as multimedia devices even though they are not.
This update addresses an issue that affects Xbox subscribers. If you purchase an Xbox subscription using the "Redeem code" option, the Xbox subscription card does not appear on the Settings Accounts page. This occurs when recurring billing is off.

Improvements

New! This update implements the new Windows Local Administrator Password Solution (LAPS) as a Windows inbox feature. For more information, see By popular demand: Windows LAPS available now!
This update affects the Arab Republic of Egypt. The update supports the government’s daylight saving time change order for 2023.
This update addresses a compatibility issue. The issue occurs because of unsupported use of the registry.
This update addresses a known issue that affects kiosk device profiles. If you have enabled automatic logon, it might not work. After Autopilot completes provisioning, these devices stay on the credential screen. This issue occurs after you install updates dated January 10, 2023, and later.
This update addresses an issue that affects the command line. It fails when you set the system locale to Japanese and cmd.exe is configured in legacy mode.
The update addresses an issue that affects the Remote Procedure Call Service (rpcss.exe). The issue might cause a race condition between the Distributed Component Object Model (DCOM) and the Microsoft Remote Procedure Call (RPC) endpoint mapper.
This update affects the ms-appinstaller URI. It now works with the DesktopAppInstaller policy.
This update addresses an issue that affects Microsoft PowerPoint. It stops responding on the Azure Virtual Desktop (AVD). This occurs when you use Visual Basic for Applications (VBA).
This update addresses an issue that affects Windows Search. Windows Search fails inside of Windows container images.
This update addresses an issue that affects the Microsoft HTML Application Host (HTA). This issue blocks code execution that uses Microsoft HTA. This occurs when you turn on Windows Defender Application Control (WDAC) User Mode Code Integrity (UMCI) enforced mode.
This update addresses an issue that affects Desired State Configuration. It loses its previously configured options. This occurs if metaconfig.mof is missing.
This update addresses compatibility issues that affect some printers. These printers use Windows Graphical Device Interface (GDI) printer drivers. These drivers do not completely adhere to GDI specifications.
This update addresses an issue that affects the Simple Certificate Enrollment Protocol (SCEP) certificate. The system reports some SCEP certificate installations as failed. Instead, the system should report them as pending.
This update addresses an issue that affects the new Windows Runtime (WinRT) API. This issue stops an application from querying for location information using MBIM2.0+.
This update addresses an issue that affects the Fast Identity Online 2.0 (FIDO2) PIN credential icon. It does not appear on the credentials screen of an external monitor. This occurs when that monitor is attached to a closed laptop.
This update affects the “Set a default associations configuration file” Group Policy Object (GPO). You can now use it to create an extension to specific applications.
This update addresses an issue that affects the SharedPC account manager. It cannot delete multiple accounts during cleanup.
This update addresses an issue that might affect lsass.exe. It might stop responding. This occurs when it sends a Lightweight Directory Access Protocol (LDAP) query to a domain controller that has a very large LDAP filter.

Known Issues

Applies to	Symptom	Workaround
All users	After installing this or later updates, Windows devices with some third-party UI customization apps might not start up. These third-party apps might cause errors with explorer.exe that might repeat multiple times in a loop. The known affected third-party UI customization apps are ExplorerPatcher and StartAllBack. These types of apps often use unsupported methods to achieve their customization and as a result can have unintended results on your Windows device.	We recommend uninstalling any third-party UI customization app before installing this or later updates to prevent this issue. If your Windows device is already experiencing this issue, you might need to contact customer support for the developer of the app you are using. If you are using StartAllBack, you might be able to prevent this issue by updating to the latest version (v3.5.6 or later). We are presently investigating and will provide more information when it is available.
All users	After installing this or later updates, Red Dead Redemption 2 might not open. When attempting to open it from the Rockstar Games Launcher by selecting the "Play" button, it will switch to "Loading", but Red Dead Redemption 2 might not open, and the button will revert to "Play".	This issue was resolved in an update from Rockstar Games for Red Dead Redemption 2. After updating to the latest version of the game, you should be able to open it as expected.

Applies to

Symptom

Workaround

All users

After installing this or later updates, Windows devices with some third-party UI customization apps might not start up. These third-party apps might cause errors with explorer.exe that might repeat multiple times in a loop. The known affected third-party UI customization apps are ExplorerPatcher and StartAllBack. These types of apps often use unsupported methods to achieve their customization and as a result can have unintended results on your Windows device.

We recommend uninstalling any third-party UI customization app before installing this or later updates to prevent this issue. If your Windows device is already experiencing this issue, you might need to contact customer support for the developer of the app you are using. If you are using StartAllBack, you might be able to prevent this issue by updating to the latest version (v3.5.6 or later).

We are presently investigating and will provide more information when it is available.

All users

After installing this or later updates, Red Dead Redemption 2 might not open. When attempting to open it from the Rockstar Games Launcher by selecting the "Play" button, it will switch to "Loading", but Red Dead Redemption 2 might not open, and the button will revert to "Play".

This issue was resolved in an update from Rockstar Games for Red Dead Redemption 2. After updating to the latest version of the game, you should be able to open it as expected.

The preferred method to install these updates is via Windows Update, however, if you’re offline, you can fetch them from the Microsoft Update Catalog website (22H2, 21H2).