Patchday: Windows 10-Updates (May 9, 2023)

Posted on 2023-05-10 by guenni

Windows[German]On May 9, 2023 (second Tuesday of the month, patchday at Microsoft), several cumulative updates were released for the supported Windows 10 builds (from RTM version to current version) as well as for the Windows Server counterparts. Here are some details on the respective security updates for Windows 10.

Advertising


A list of the updates can be found on this Microsoft website. I've pulled out the details below. Since March 2021, Microsoft has been integrating Servicing Stack Updates (SSUs) for newer Windows 10 builds into the cumulative update. March 2023 is the last time Preview Updates will be available for older Windows 10 builds. Windows 10 version 20H2 Enterprise/Education will receive a security update for the last time and will then be removed from support.

Updates for Windows 10 Version 20H2-22H2

For the Windows 10 versions mentioned above, Microsoft provides only one update package, which is mentioned below.

Update KB5026361 for Windows 10 Version 20H2 – 22H2

Cumulative Update KB5026361 raises the OS build of Windows 10 Enterprise/Education 20H2 and all Windows 10 variants from 21H2-22H2 to 1904x.2965. The update only contains security fixes, but no new operating system features. A list of fixes can be read in the article Windows 10 22H2 Preview Update KB5025297 (April 25, 2023). Cumulative update KB5026361 contains also the following additional fixes:

This update fixes a race condition in the Windows Local Administrator Password Solution (LAPS). The Local Security Authority Subsystem Service (LSASS) may stop responding. This occurs when the system processes multiple local account operations simultaneously. The error code for access violations is 0xc00005.

Microsoft also notes that this update makes quality improvements to the servicing stack (is responsible for Microsoft updates). This update is automatically downloaded and installed by Windows Update, but is also available from the Microsoft Update Catalog and via WSUS and WUfB. Please note the installation instructions and known issues described in the support article.

Updates for Windows 10/Server 1909

The following updates are available for Windows 10 Enterprise 2019 LTSC and Windows Server 2019.

Update KB5026362 for Windows 10 Enterprise 2019 LTSC /Windows Server 2019

Cumulative Update KB5026362 raises the OS build (according to MS) to 17763.4377 and includes quality improvements but no new OS features. This update is only available for Windows 10 2019 Enterprise LTSC and IoT Enterprise LTSC (the remaining variants are out of the security update supply on May 11, 2021) and Windows Server 2019. Microsoft lists the following highlights:

Advertising
  • This update addresses issues that affect the 32-bit version of Windows Calculator.
  • This update addresses an issue that affects Microsoft Edge IE mode. The issue stops you from configuring add-ons.
  • This update addresses security issues for your Windows operating system.

as well as subsequent improvements:

  • This update addresses an issue that affects conhost.exe. It stops responding.
  • This update affects the Islamic Republic of Iran. The update supports the government's daylight saving time change order from 2022.
  • The update addresses an issue that affects the Remote Procedure Call Service (RPCSS). A lock order inversion causes a deadlock in it.
  • This update addresses an issue that affects the Key Distribution Center (KDC) service. When the service stops on a local machine, signing in to all local Kerberos fails. The error is STATUS_NETLOGON_NOT_STARTED.
  • This update addresses an issue that affects accounts that run the Set-AdfsCertificate command. The command fails. This occurs when an account does not have read permissions for the related Distributed Key Manager (DKM) container.
  • This update addresses an Active Directory Federation Services (AD FS). You might need to retry authentication multiple times to sign in successfully.
  • This update addresses an issue that affects SMB Direct. Endpoints might not be available on systems that use multi-byte character sets.
  • This update addresses an issue that might affect the Windows Local Administrator Password Solution (LAPS). It might fail. This occurs on versions of Windows Server 2019 that run Server Core. The error is 0x8007007f.
  • This update addresses an issue that affects apps that use DirectX on older Intel graphics drivers. You might receive an error from apphelp.dll.
  • This update addresses a race condition in Windows LAPS. The Local Security Authority Subsystem Service (LSASS) might stop responding. This occurs when the system processes multiple local account operations at the same time. The access violation error code is 0xc0000005.
  • This update addresses an issue that affects the legacy Local Administrator Password Solution (LAPS) and the new Windows LAPS feature. They fail to manage the configured local account password. This occurs when you install the legacy LAPS .msi file after you have installed the April 11, 2023, Windows update on machines that have a legacy LAPS policy.

The update is automatically downloaded and installed by Windows Update, but is also available from the Microsoft Update Catalog, via WSUS and WUfB. Microsoft has also updated the Service Stack Update (SSU). Note the installation sequence described in the support article and also the notes on additional requirements. For the update, Microsoft states known issues in the support post.

Unlike the previous month, the aforementioned update is again offered via Windows Update on clients running Windows 10 2019 Enterprise LTSC, as affected readers told me.

Updates foür Windows 10 Version 1507 bis 1607

Updates for the Enterprise LTSC versions are available for Windows 10 RTM up to version 1607. These updates are automatically downloaded and installed by Windows Update, but are available for download from the Microsoft Update Catalog (search by KB number). Before manual installation, the latest Servicing Stack Update (SSU) must be installed. Details can be found in the respective KB article.

  • Windows 10 Version 1607: Update KB5026363 is now only available for Enterprise LTSC and Windows Server 2016. The update upgrades the OS build to 14393.5921, and addresses security and other issues.
  • Windows 10 Version 1507: Update KB5026382 is available for the RTM version (LTSC). The update raises the OS build to 10240.19926 and fixes vulnerabilities and bugs.

There was no update for the remaining Windows 10 versions, as these versions are no longer supported. Details about the above updates can be found in the respective Microsoft KB articles.

Similar articles:
Microsoft Security Update Summary (May 9, 2023)
Patchday: Windows 10-Updates (May 9, 2023)
Patchday: Windows 11/Server 2022-Updates (May 9, 2023)
Windows 7/Server 2008 R2; Server 2012 R2: Updates (May 9, 2023)
Patchday: Microsoft Office Updates (May 9, 2023)
Microsoft Office Updates (May 2, 2023)

Cookies helps to fund this blog: Cookie settings
Advertising

This entry was posted in Security, Update, Windows and tagged , , , . Bookmark the permalink.

2 Responses to Patchday: Windows 10-Updates (May 9, 2023)

  1. EP says:
    2023-05-16 at 1:50

    Win10 Media Creation tool recently downloads W10 22H2 esd install media with KB5026361 (build 19045.2965) integrated

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *