Patchday: Windows 10-Updates (March 14, 2023)

Windows[German]On March 14, 2023 (second Tuesday of the month, Patchday at Microsoft), several cumulative updates were released for the supported Windows 10 builds (from RTM version to current version) as well as for the Windows Server counterparts. Here are some details about the respective security updates for Windows 10.


Advertising


A list of updates can be found on this Microsoft website. I have pulled out the details below. Since March 2021, Microsoft has integrated the Servicing Stack Updates (SSUs) for newer Windows 10 builds into the cumulative update. March 2023 is the last time preview updates will be available for older Windows 10 builds.

Updates for Windows 10 Version 20H2-22H2

For the Windows 10 versions mentioned above, Microsoft provides only one update package, which is mentioned below.

Update KB5023696 for Windows 10 Version 20H2 – 22H2

Cumulative Update KB5023696 hraises the OS build on Windows 10 Enterprise/Education 20H2 and all Windows 10 variants from 21H2-22H2 to 1904x.2728. The update only includes security fixes, but no new OS features. A list of fixes can be read in the article Windows 10 20H2-22H2 Preview Update KB5022906 (Feb. 21, 2023), these fixes have been adopted yes. For cumulative update KB5023696, the following, additional fixes are specified:

  • This update implements phase three of Distributed Component Object Model (DCOM) hardening. See KB5004442. After you install this update, you cannot turn off the changes using the registry key.
  • This update addresses an issue that affects a computer account and Active Directory. When you reuse an existing computer account to join an Active Directory domain, joining fails. This occurs on devices that have installed Windows updates dated October 11, 2022 or later. The error message is, "Error 0xaac (2732): NERR_AccountReuseBlockedByPolicy: 'An account with the same name exists in Active Directory. Re-using the account was blocked by security policy.'" For more information, see KB5020276.

Microsoft also notes that this update makes quality improvements to the servicing stack (is responsible for Microsoft updates). This update is automatically downloaded and installed by Windows Update, but is also available from the Microsoft Update Catalog and via WSUS as well as WUfB. Note the installation sequence described in the support article and also the notes on further requirements. Microsoft states known issues for the update in the support article.

Updates for Windows 10/Server 1909

The following updates are available for Windows 10 Enterprise 2019 LTSC and Windows Server 2019.

Update KB5023702 for Windows 10 Enterprise 2019 LTSC /Windows Server 2019

Cumulative update KB5023702 raises the OS build (according to MS) to 17763.4131and includes quality improvements but no new OS features. This update is only available for Windows 10 2019 Enterprise LTSC and IoT Enterprise LTSC (the remaining variants are out of the security update supply on May 11, 2021) and Windows Server 2019. Microsoft lists the following highlights:


Advertising

  • This update addresses security issues for your Windows operating system.
  • This update addresses an issue that stops hyperlinks from working in Microsoft Excel.

as well as the following improvements:

  • This update implements phase three of Distributed Component Object Model (DCOM) hardening. See KB5004442. After you install this update, you cannot turn off the changes using the registry key.
  • This update addresses an issue that affects the registry size. It grows very large. This occurs because the registry entries are not removed when users sign out of an Azure Virtual Desktop (AVD) environment that uses FSlogix.
  • This update affects the United Mexican States. This update supports the government's daylight saving time change order for 2023.
  • This update addresses an issue that might affect lsass.exe. It might stop responding when it sends a Lightweight Directory Access Protocol (LDAP) query to a domain controller that has a very large LDAP filter.
  • This update addresses an issue that affects the Local Security Authority Subsystem Service (LSASS). LSASS might stop responding. This occurs after you run Sysprep on a domain-joined machine.
  • This update addresses an issue that affects a computer account and Active Directory. When you reuse an existing computer account to join an Active Directory domain, joining fails. This occurs on devices that have installed Windows updates dated October 11, 2022 or later. The error message is, "Error 0xaac (2732): NERR_AccountReuseBlockedByPolicy: 'An account with the same name exists in Active Directory. Re-using the account was blocked by security policy.'" For more information, see KB5020276.
  • This update addresses an issue that affects the Routing and Remote Access Service (RRAS). RRAS cannot accept any new incoming virtual private network (VPN) connections.
  • This update addresses an issue that affects Cluster Name Object of Failover Clustering on Azure virtual machines (VM). The issue stops you from repairing it.

The update is automatically downloaded and installed by Windows Update, but is also available from the Microsoft Update Catalog, via WSUS and WUfB. Microsoft has also updated the Service Stack Update (SSU). Note the installation sequence described in the support article and also the notes on further requirements. For the update, Microsoft states known issues in the support post.

Updates for Windows 10 Version 1507 to 1607

Updates for the Enterprise LTSC versions are available for Windows 10 RTM up to version 1607. These updates are automatically downloaded and installed by Windows Update, but are available for download from the Microsoft Update Catalog (search for the KB number). Before manual installation, the latest Servicing Stack Update (SSU) must be installed. Details can be found in the respective KB article.

  • Windows 10 Version 1607: Update KB5023697 steht nur noch für Enterprise LTSC sowie Windows Server 2016 bereit. Das Update hebt die OS-Build auf 14393.5786, und adressiert Sicherheitsprobleme sowie andere Probleme.
  • Windows 10 Version 1507: Update KB5023713 steht für die RTM-Version (LTSC) bereit. Das Update hebt die OS-Build auf 10240.19805 und fixt Schwachstellen sowie Bugs.

There was no update for the remaining Windows 10 versions, since these versions are no longer supported. Details ab

Similar articles:
Microsoft Security Update Summary (March 14, 2023)
Patchday: Windows 10-Updates (March 14, 2023)
Patchday: Windows 11/Server 2022-Updates (March 14, 2023)
Windows 7/Server 2008 R2; Server 2012 R2: Updates (March 14, 2023)
Patchday: Microsoft Office Updates (March 14, 2023)
Exchange Server Security Updates (March 14, 2023)


Advertising

This entry was posted in Security, Update, Windows and tagged , , , . Bookmark the permalink.

3 Responses to Patchday: Windows 10-Updates (March 14, 2023)

  1. Chris Pugson says:

    I have done the Patch Dday updates on two Windows 10 22H2 laptops. Both are healthy systems. After the update on one, the system hanged while attempting a restart including the final tidying up after the update. After powering off then on, twice, things eventually worked and the restart was accomplished.

    The second laptop restarted OK but I then ran System File Checker which threw up unspecified errors which needed correction and were fortunately successfully corrected.

    I can cope with the situation with the first update and the system hang problem. That outcome might not be so successful with a non-tech user. I share Herr Born's feelings about Microsoft.

  2. Chris Pugson says:

    Sometimes, the Settings 'Windows Update' feature appears not to complete and yet it has. The checking for updates goes on and on, ad infinitum. This can be most confusing, especially for non-technical users.

    Does Microsoft actually test this important procedure on real world devices? This month, this issue has occurred on around 40% of the computers I look after.

    How the heck do I tell deaf and blind Microsoft? Its defences against helpful information are impregnable.

  3. Yuki says:

    my Teams and File explorer top bar went white blank after updates. SFC found errors but failed to correct the issue. uninstalling the update restore partially the top bar and my sticky notes background is entirely white. Win 10 20H2

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).