Patchday: Windows 11/Server 2022-Updates (May 9, 2023)

Posted on 2023-05-10 by guenni

Windows[German]On May 9, 2023 (second Tuesday of the month, Microsoft patch day), Microsoft also released cumulative updates for Windows 11 22H1 and 22H2. In addition, Windows Server 2022 received an update. Here are some details about these updates, which are supposed to fix vulnerabilities as well as issues.

Advertising

Updates for Windows 11 21H1 – 22H2

A list of Windows 11 updates can be found on this Microsoft web page. I have pulled out the details below. Microsoft now provides the following updates for the Windows 11 versions mentioned above.

Update KB5026372 for Windows 11 22H2

Cumulative Update KB5026372 raises the OS build for Windows 11 to 22621.1702 and includes quality improvements as well as security patches. In this update, the new features mentioned in the preview update from the previous month are also applied (see Windows 11 22H2: Preview-Update KB5025305 (April 25, 2023)). In the support article, Microsoft states the following highlights and new features:

  • New! This update adds a new toggle control on the Settings > Windows Update page. When you turn it on, we will prioritize your device to get the latest non-security updates and enhancements when they are available for your device. For managed devices, the toggle is disabled by default. For more information, see Get Windows updates as soon as they're available for your device.
  • This update addresses security issues for your Windows operating system.

This update is automatically downloaded and installed by Windows Update, but is also available from the Microsoft Update Catalog and via WSUS and WUfB. The patch includes the Windows 11 Servicing Stack Update. The update causes various problems, which are listed in the support article.

Update KB502636 for Windows 11 21H2

Cumulative Update KB5026368 raises the OS build for Windows 11 to 22000.1936 and includes quality improvements and security patches, but no new operating system features. The fixes from the previous month's preview update have been incorporated (see Windows 11 21H2 Preview Update KB5025298 (April 25, 2023)). Regarding the implemented improvements, Microsoft mentions the following:

This update addresses a race condition in Windows Local Administrator Password Solution (LAPS). The Local Security Authority Subsystem Service (LSASS) might stop responding. This occurs when the system processes multiple local account operations at the same time. The access violation error code is 0xc0000005.

Microsoft notes that this update makes quality improvements to the servicing stack (which is responsible for Microsoft updates). This update is automatically downloaded and installed by Windows Update, but is also available from the Microsoft Update Catalog and via WSUS and WUfB. Notes on known issues with the update can be found in the support article.

Windows Server 2022

According to this Microsoft page, the cumulative update KB5026370 was released for Windows Server 2022, which raises the OS build to 20348.5026370. About the fixes this update makes, Microsoft writes:

Advertising
  • New! This update changes firewall settings. You can now configure application group rules.
  • This update addresses an issue that affects conhost.exe. It stops responding.
  • This update affects the Islamic Republic of Iran. The update supports the government's daylight saving time change order from 2022.
  • This update addresses issues that affect the 32-bit version of Windows Calculator.
  • This update addresses an issue that affects apps that use DirectX on older Intel graphics drivers. You might receive an error from apphelp.dll.
  • The update addresses an issue that sends unexpected password expiration notices to users. This occurs when you set up an account to use "Smart Card is Required for Interactive Logon" and set "Enable rolling of expiring NTLM secrets".
  • This update addresses an issue that affects Microsoft Edge IE mode. Pop-up windows open in the background instead of in the foreground.
  • This update addresses an issue that affects the software defined networking (SDN) virtual subnet. The delete operation creates an error. This stops the virtual subnet from being deleted.
  • The update addresses an issue that affects AzureService Fabric containers. This change is off by default. To enable the change, set Globals.RouteResolutionOrderConfig to TRUE. To propagate the value, move the primary node for VswitchService and SDNAPI. After you set the value, this change will apply to new and current network traffic routes.
  • This update addresses an issue that affects protected content. When you minimize a window that has protected content, the content displays when it should not. This occurs when you are using Taskbar Thumbnail Live Preview.
  • This update addresses an issue that affects mobile device management (MDM) customers. The issue stops you from printing. This occurs because of an exception.
  • This update addresses an issue that affects signed Windows Defender Application Control (WDAC) policies. They are not applied to the Secure Kernel. This occurs when you enable Secure Boot.
  • This update addresses an issue that affects the Windows Defender Application Control. The policy that blocks software using a hash rule might not stop the software from running.
  • This update addresses an Active Directory Federation Services (AD FS). You might need to retry authentication multiple times to sign in successfully.
  • This update addresses an issue that affects accounts that run the Set-AdfsCertificate command. The command fails. This occurs when an account does not have read permissions for the related Distributed Key Manager (DKM) container.
  • This update addresses a race condition in Windows Local Administrator Password Solution (LAPS). The Local Security Authority Subsystem Service (LSASS) might stop responding. This occurs when the system processes multiple local account operations at the same time. The access violation error code is 0xc0000005.
  • This update addresses an issue that affects the legacy Local Administrator Password Solution (LAPS) and the new Windows LAPS feature. They fail to manage the configured local account password. This occurs when you install the legacy LAPS .msi file after you have installed the April 11, 2023, Windows update on machines that have a legacy LAPS policy.
  • This update addresses an issue that affects SMB Direct. Endpoints might not be available on systems that use multi-byte character sets.

Microsoft notes that this update makes quality improvements to the servicing stack (which is responsible for Microsoft updates). This update is automatically downloaded and installed by Windows Update, but is also available from the Microsoft Update Catalog and via WSUS and WUfB. Notes on known issues with the update can be found in the support article.

Similar articles:
Microsoft Security Update Summary (May 9, 2023)
Patchday: Windows 10-Updates (May 9, 2023)
Patchday: Windows 11/Server 2022-Updates (May 9, 2023)
Windows 7/Server 2008 R2; Server 2012 R2: Updates (May 9, 2023)
Patchday: Microsoft Office Updates (May 9, 2023)
Microsoft Office Updates (May 2, 2023)

Cookies helps to fund this blog: Cookie settings
Advertising

This entry was posted in Security, Update, Windows and tagged , , , , . Bookmark the permalink.

2 Responses to Patchday: Windows 11/Server 2022-Updates (May 9, 2023)

  1. EP says:
    2023-05-16 at 1:48

    Win11 Media Creation tool recently downloads 22H2 esd install media with KB5026372 (build 22621.1702) integrated

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *