Patchday: Windows 10 Updates (April 11, 2023)

Posted on 2023-04-12 by guenni

Windows[German]On April 11, 2023 (second Tuesday of the month, patchday at Microsoft), several cumulative updates were released for the supported Windows 10 builds (from RTM version to current version) as well as for the Windows Server counterparts. Here are some details on the respective security updates for Windows 10.

Advertising

A list of the updates can be found on this Microsoft website. I've pulled out the details below. Since March 2021, Microsoft has been integrating Servicing Stack Updates (SSUs) for newer Windows 10 builds into the cumulative update.

Updates for Windows 10 Version 20H2-22H2

For the Windows 10 versions mentioned above, Microsoft provides only one update package, which is mentioned below.

Update KB5025221 for Windows 10 Version 20H2 – 22H2

Cumulative Update KB5025221 raises the OS build on Windows 10 Enterprise/Education 20H2 and all Windows 10 variants from 21H2-22H2 to 1904x.2846. The update only contains security fixes, but no (really) new OS features (compared to feature upgrades, only LAPS has been added to all Windows versions, see below). A list of fixes can be read in the article Windows 10 20H2-22H2 Preview Update KB5022906 (Feb. 21, 2023), these fixes have been adopted yes. For the cumulative update KB5025221, the following additional fixes are also specified:

    • New! This update implements the new Windows Local Administrator Password Solution (LAPS) as a Windows inbox feature. For more information, see By popular demand: Windows LAPS available now!
    • This update affects the Arab Republic of Egypt. The update supports the government's daylight saving time change order for 2023.
    • This update addresses a compatibility issue. The issue occurs because of unsupported use of the registry.
    • This update addresses a known issue that affects kiosk device profiles. If you have enabled automatic logon, it might not work. After Autopilot completes provisioning, these devices stay on the credential screen. This issue occurs after you install updates dated January 10, 2023, and later.

Microsoft also notes that this update makes quality improvements to the servicing stack (is responsible for Microsoft updates). This update is automatically downloaded and installed by Windows Update, but is also available from the Microsoft Update Catalog and via WSUS as well as WUfB. Note the installation sequence described in the support article and also the notes on further requirements. Microsoft states known issues for the update in the support article.

Updates for Windows 10/Server 1909

The following updates are available for Windows 10 Enterprise 2019 LTSC and Windows Server 2019.

Update KB5025229 for Windows 10 Enterprise 2019 LTSC /Windows Server 2019

Cumulative Update KB5025229 raises the OS build (according to MS) to 17763.4252 and includes quality improvements but no new OS features. This update is only available for Windows 10 2019 Enterprise LTSC and IoT Enterprise LTSC (the remaining variants are out of the security update supply on May 11, 2021) and Windows Server 2019. Microsoft lists the following highlights:

Advertising
  • This update addresses security issues for your Windows operating system.

as well as subsequent improvements:

  • New! This update adds many new features and improvements to Microsoft Defender for Endpoint. For more information, see Microsoft Defender for Endpoint.
  • New! This update implements the new Windows Local Administrator Password Solution (LAPS) as a Windows inbox feature. For more information, see By popular demand: Windows LAPS available now!
  • This update affects the Arab Republic of Egypt. The update supports the government's daylight saving time change order for 2023.
  • This update enables onunload events to create pop-up windows in IE Mode.
  • This update addresses an issue that affects Microsoft Edge IE mode and pages that use predictive prerendering. Edge IE mode does not support predictive prerendering. Because of this, a page that uses prerendering will load as if it was not in use.
  • This update addresses an issue that affects Desired State Configuration. It loses its previously configured options. This occurs if metaconfig.mof is missing.
  • This update addresses compatibility issues that affect some printers. These printers use Windows Graphical Device Interface (GDI) printer drivers. These drivers do not completely adhere to GDI specifications.
  • This update addresses an issue that affects the Host Networking Service. The service stops working. Because of this, there are traffic interruptions.
  • This update addresses an issue that affects Administrator Account Lockout policies. GPResult and Resultant Set of Policy did not report them.
  • This update addresses an issue that affects MySQL commands. The commands fail on Windows Xenon containers.
  • This update addresses an issue that affects repair storage jobs. The jobs are suspended. This occurs after two physical disks in two different rack-level fault domains (three fault domain in total) lose communication.

The update is automatically downloaded and installed by Windows Update, but is also available from the Microsoft Update Catalog, via WSUS and WUfB. Microsoft has also updated the Service Stack Update (SSU). Note the installation sequence described in the support article and also the notes on additional requirements. For the update, Microsoft states known issues in the support post.

Das Update wird automatisch von Windows Update heruntergeladen und installiert, ist aber auch im , per WSUS und WUfB erhältlich. Microsoft hat zudem das Service Stack Update (SSU) aktualisiert. Beachtet die im Support-Beitrag beschriebene Installationsreihenfolge und auch die Hinweise zu weiteren Anforderungen. Für das Update gibt Microsoft bekannte Probleme im Supportbeitrag an.

German blog readers point out that the mentioned update is not offered on their clients running Windows 10 2019 Enterprise LTSC. In an email, one reader wrote to me, "I have the "phenomenon" on a total of three LTSC systems with the same version level, so for now I'm not assuming anything is broken with my "Windows Update Catalogue"; i.e., so far I haven't tried stopping the Windows Update service and renaming C:\Windows\SoftwareDistribution, nor have I tried manually downloading and installing the update." Anyone else affected?

Updates for Windows 10 Version 1507 and 1607

Updates for the Enterprise LTSC versions are available for Windows 10 RTM up to version 1607. These updates are automatically downloaded and installed by Windows Update, but are available for download from the Microsoft Update Catalog (search by KB number). Before manual installation, the latest Servicing Stack Update (SSU) must be installed. Details can be found in the respective KB article.

  • Windows 10 Version 1607: Update KB5025228 is only available for Enterprise LTSC and Windows Server 2016. The update upgrades the OS build to 14393.5850, and addresses security and other issues.
  • Windows 10 Version 1507: Update KB5025234 is available for the RTM version (LTSC). The update raises the OS build to 10240.19869 and fixes vulnerabilities as well as bugs.

There was no update for the remaining Windows 10 versions, as these versions have fallen out of support. Details about the above updates can be found in the respective Microsoft KB articles.

Similar articles:
Microsoft Security Update Summary (April 11, 2023)
Patchday: Windows 10 Updates (April 11, 2023)
Patchday: Windows 11/Server 2022 Updates (April 11, 2023)
Windows 7/Server 2008 R2; Server 2012 R2: Updates (April 11, 2023)
Patchday: Microsoft Office Updates (April 11, 2023)

Cookies helps to fund this blog: Cookie settings
Advertising

This entry was posted in Security, Update, Windows and tagged , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *