Microsoft Known Issue

Known issues in Microsoft Patches:
 
Microsoft often releases patches to address security and reliability issues. Sometimes, patches itself will introduce unprecedented issues after installing them. Here's the updated list of all the known issues in Microsoft patches and possible workaround for them.

Oops! No results for your search.

workaround
Nov 9, 2022
KB5020010
2022-11 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5020010) (CVE-2022-41128) (CVE-2022-41073) (CVE-2022-41125)
"After this update or a later Windows update is installed, domain join operations might be unsuccessful and error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" occurs. Additionally, text stating "An account with the same name exists in Active Directory. Re-using the account was blocked by security policy" might be displayed. Affected scenarios include some domain join or re-imaging operations where a computer account was created or pre-staged by a different identi"
We have added guidance to KB5020276 and are evaluating whether optimizations can be made in a future Windows Update. This guidance will be updated as soon as those changes are released.
workaround
Nov 9, 2022
KB5020003
2022-11 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5020003) (CVE-2022-41128) (CVE-2022-41073) (CVE-2022-41125)
"After this update or a later Windows update is installed, domain join operations might be unsuccessful and error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" occurs. Additionally, text stating "An account with the same name exists in Active Directory. Re-using the account was blocked by security policy" might be displayed. Affected scenarios include some domain join or re-imaging operations where a computer account was created or pre-staged by a different identi"
We have added guidance to KB5020276 and are evaluating whether optimizations can be made in a future Windows Update. This guidance will be updated as soon as those changes are released.
workaround
Nov 9, 2022
KB5020013
2022-11 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5020013) (ESU) (CVE-2022-41128) (CVE-2022-41073)
"After installing this update and restarting your device, you might receive the error, ?Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,? and the update might show as?Failed?in?Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see?KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this?blog?post. For information on the prerequisites, see the?How to get this update?section of this article.
workaround
Nov 9, 2022
KB5020013
2022-11 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5020013) (ESU) (CVE-2022-41128) (CVE-2022-41073)
"After this update or a later Windows update is installed, domain join operations might be unsuccessful and error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" occurs. Additionally, text stating "An account with the same name exists in Active Directory. Re-using the account was blocked by security policy" might be displayed. Affected scenarios include some domain join or re-imaging operations where a computer account was created or pre-staged by a different identi"
We have added guidance to KB5020276 and are evaluating whether optimizations can be made in a future Windows Update. This guidance will be updated as soon as those changes are released.
workaround
Nov 9, 2022
KB5020005
2022-11 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5020005) (ESU) (CVE-2022-41073)
"After installing this update and restarting your device, you might receive the error, ?Failure to configure Windows updates. Reverting Changes. Do not turn off your computer?, and the update might show as?Failed?in?Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see?KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this?blog?post.?For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Nov 9, 2022
KB5020005
2022-11 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5020005) (ESU) (CVE-2022-41073)
"After this update or a later Windows update is installed, domain join operations might be unsuccessful and error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" occurs. Additionally, text stating "An account with the same name exists in Active Directory. Re-using the account was blocked by security policy" might be displayed. Affected scenarios include some domain join or re-imaging operations where a computer account was created or pre-staged by a different identi"
We have added guidance to KB5020276 and are evaluating whether optimizations can be made in a future Windows Update. This guidance will be updated as soon as those changes are released.
workaround
Nov 9, 2022
KB5020023
2022-11 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5020023) (CVE-2022-41128) (CVE-2022-41073) (CVE-2022-41125)
"After this update or a later Windows update is installed, domain join operations might be unsuccessful and error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" occurs. Additionally, text stating "An account with the same name exists in Active Directory. Re-using the account was blocked by security policy" might be displayed. Affected scenarios include some domain join or re-imaging operations where a computer account was created or pre-staged by a different identi"
We have added guidance to KB5020276 and are evaluating whether optimizations can be made in a future Windows Update. This guidance will be updated as soon as those changes are released.
workaround
Nov 9, 2022
KB5020009
2022-11 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5020009) (CVE-2022-41128) (CVE-2022-41073) (CVE-2022-41125)
"After this update or a later Windows update is installed, domain join operations might be unsuccessful and error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" occurs. Additionally, text stating "An account with the same name exists in Active Directory. Re-using the account was blocked by security policy" might be displayed. Affected scenarios include some domain join or re-imaging operations where a computer account was created or pre-staged by a different identi"
We have added guidance to KB5020276 and are evaluating whether optimizations can be made in a future Windows Update. This guidance will be updated as soon as those changes are released.
workaround
Nov 9, 2022
KB5020000
2022-11 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5020000) (ESU) (CVE-2022-41128) (CVE-2022-41073)
"After installing this update and restarting your device, you might receive the error, "Failure to configure Windows updates. Reverting Changes. Do not turn off your computer", and the update might show as?Failed?in?Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see?KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this?blog?post.?For information on the prerequisites, see the How to get this update section of this article.
workaround
Nov 9, 2022
KB5020000
2022-11 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5020000) (ESU) (CVE-2022-41128) (CVE-2022-41073)
"After this update or a later Windows update is installed, domain join operations might be unsuccessful and error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" occurs. Additionally, text stating "An account with the same name exists in Active Directory. Re-using the account was blocked by security policy" might be displayed. Affected scenarios include some domain join or re-imaging operations where a computer account was created or pre-staged by a different identi"
We have added guidance to KB5020276 and are evaluating whether optimizations can be made in a future Windows Update. This guidance will be updated as soon as those changes are released.
workaround
Nov 9, 2022
KB5020019
2022-11 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5020019) (ESU) (CVE-2022-41073)
"After installing this update and restarting your device, you might receive the error, ?Failure to configure Windows updates. Reverting Changes. Do not turn off your computer?, and the update might show as?Failed?in?Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see?KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this?blog?post.?For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Nov 9, 2022
KB5020019
2022-11 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5020019) (ESU) (CVE-2022-41073)
"After this update or a later Windows update is installed, domain join operations might be unsuccessful and error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" occurs. Additionally, text stating "An account with the same name exists in Active Directory. Re-using the account was blocked by security policy" might be displayed. Affected scenarios include some domain join or re-imaging operations where a computer account was created or pre-staged by a different identi"
We have added guidance to KB5020276 and are evaluating whether optimizations can be made in a future Windows Update. This guidance will be updated as soon as those changes are released.
workaround
Nov 9, 2022
KB5019980
2022-11 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems (KB5019980) (CVE-2022-41128) (CVE-2022-41091) (CVE-2022-41073) (CVE-2022-41125)
"IT admins"
Copying large multiple gigabyte (GB) files might take longer than expected to finish on Windows 11, version 22H2. You are more likely to experience this issue copying files to Windows 11, version 22H2 from a network share via Server Message Block (SMB) but local file copy might also be affected.Windows devices used by consumers in their home or small offices are not likely to be affected by this issue.
workaround
Nov 9, 2022
KB5019959
2022-11 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5019959) (CVE-2022-41128) (CVE-2022-41091) (CVE-2022-41073) (CVE-2022-41125)
"Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire"
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business.
workaround
Nov 9, 2022
KB5019966
2022-11 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5019966) (CVE-2022-41128) (CVE-2022-41091) (CVE-2022-41125)
"After installing KB5001342?or later, the Cluster Service might fail to start because a Cluster Network Driver is not found."
This issue occurs because of an update to the PnP class drivers used by this service. ?After about 20 minutes, you should be able to restart your device and not encounter this issue. For more information about the specific errors, cause, and workaround for this issue, please see KB5003571.
workaround
Oct 12, 2022
KB5018476
2022-10 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5018476) (CVE-2022-41033)
"After installing this update, file copies which use Group Policy Preferences might fail or might create empty shortcuts or files that have 0 (zero) bytes. Known affected Group Policy Objects are related to files and shortcuts in User Configuration > Preferences > Windows Settings in Group Policy Editor."
To mitigate this issue, do ONE of the following: Clear the "Run in logged-on users security context (user policy option)" check box. Note This might not mitigate the issue for items that use a wildcard (*). In the affected Group Policy, change "Action" from "Replace" to "Update". If a wildcard (*) is used in the location or destination, deleting the trailing "" (backslash, without quotation marks) from the destination might allow the copy to be successful. We are working on a resolution and will provide an update in an upcoming release.
workaround
Oct 12, 2022
KB5018478
2022-10 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5018478) (CVE-2022-41033)
"After installing this update, file copies which use Group Policy Preferences might fail or might create empty shortcuts or files that have 0 (zero) bytes. Known affected Group Policy Objects are related to files and shortcuts in User Configuration > Preferences > Windows Settings in Group Policy Editor."
To mitigate this issue, do ONE of the following: Clear the "Run in logged-on users security context (user policy option)" check box. Note This might not mitigate the issue for items that use a wildcard (*). In the affected Group Policy, change "Action" from "Replace" to "Update". If a wildcard (*) is used in the location or destination, deleting the trailing "" (backslash, without quotation marks) from the destination might allow the copy to be successful. We are working on a resolution and will provide an update in an upcoming release.
workaround
Oct 12, 2022
KB5018479
2022-10 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5018479) (ESU) (CVE-2022-41033)
"After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the How to get this update section of this article.
workaround
Oct 12, 2022
KB5018479
2022-10 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5018479) (ESU) (CVE-2022-41033)
"After installing this update, file copies which use Group Policy Preferences might fail or might create empty shortcuts or files that have 0 (zero) bytes. Known affected Group Policy Objects are related to files and shortcuts in User Configuration > Preferences > Windows Settings in Group Policy Editor."
To mitigate this issue, do ONE of the following: Clear the "Run in logged-on users security context (user policy option)" check box. Note This might not mitigate the issue for items that use a wildcard (*). In the affected Group Policy, change "Action" from "Replace" to "Update". If a wildcard (*) is used in the location or destination, deleting the trailing "" (backslash, without quotation marks) from the destination might allow the copy to be successful. We are working on a resolution and will provide an update in an upcoming release.
workaround
Oct 12, 2022
KB5018474
2022-10 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5018474) (CVE-2022-41033)
"After installing this update, file copies which use Group Policy Preferences might fail or might create empty shortcuts or files that have 0 (zero) bytes. Known affected Group Policy Objects are related to files and shortcuts in User Configuration > Preferences > Windows Settings in Group Policy Editor."
To mitigate this issue, do ONE of the following: Clear the "Run in logged-on users security context (user policy option)" check box. Note This might not mitigate the issue for items that use a wildcard (*). In the affected Group Policy, change "Action" from "Replace" to "Update". If a wildcard (*) is used in the location or destination, deleting the trailing "" (backslash, without quotation marks) from the destination might allow the copy to be successful. We are working on a resolution and will provide an update in an upcoming release.
workaround
Oct 12, 2022
KB5018457
2022-10 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5018457) (CVE-2022-41033)
"After installing this update, file copies which use Group Policy Preferences might fail or might create empty shortcuts or files that have 0 (zero) bytes. Known affected Group Policy Objects are related to files and shortcuts in User Configuration > Preferences > Windows Settings in Group Policy Editor."
To mitigate this issue, do ONE of the following: Clear the "Run in logged-on users security context (user policy option)" check box. Note This might not mitigate the issue for items that use a wildcard (*). In the affected Group Policy, change "Action" from "Replace" to "Update". If a wildcard (*) is used in the location or destination, deleting the trailing "" (backslash, without quotation marks) from the destination might allow the copy to be successful. We are working on a resolution and will provide an update in an upcoming release.
workaround
Oct 12, 2022
KB5018454
2022-10 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB5018454) (ESU) (CVE-2022-41033)
"After installing this update and restarting your device, you might receive the error, "Failure to configure Windows updates. Reverting Changes. Do not turn off your computer", and the update might show as Failed in Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the How to get this update section of this article.
workaround
Oct 12, 2022
KB5018454
2022-10 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB5018454) (ESU) (CVE-2022-41033)
"After installing this update, file copies which use Group Policy Preferences might fail or might create empty shortcuts or files that have 0 (zero) bytes. Known affected Group Policy Objects are related to files and shortcuts in User Configuration > Preferences > Windows Settings in Group Policy Editor."
To mitigate this issue, do ONE of the following: Clear the "Run in logged-on users security context (user policy option)" check box. Note This might not mitigate the issue for items that use a wildcard (*). In the affected Group Policy, change "Action" from "Replace" to "Update". If a wildcard (*) is used in the location or destination, deleting the trailing "" (backslash, without quotation marks) from the destination might allow the copy to be successful. We are working on a resolution and will provide an update in an upcoming release.
workaround
Oct 12, 2022
KB5018427
2022-10 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems (KB5018427) (CVE-2022-41033)
"Using provisioning packages on Windows 11, version 22H2 (also called Windows 11 2022 Update) might not work as expected. Windows might only be partially configured, and the Out Of Box Experience might not finish or might restart unexpectedly. Provisioning packages are .PPKG files which are used to help configure new devices for use on business or school networks. Provisioning packages which are applied during initial setup are most likely to be impacted by this issu"
If you can provision the Windows device before upgrading to Windows 11, version 22H2, this will prevent the issue. We are presently investigating and will provide an update in an upcoming release.
workaround
Oct 12, 2022
KB5018427
2022-10 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems (KB5018427) (CVE-2022-41033)
"Copying large multiple gigabyte (GB) files might take longer than expected to finish on Windows 11, version 22H2. You are more likely to experience this issue copying files to Windows 11, version 22H2 from a network share via Server Message Block (SMB) but local file copy might also be affected.Windows devices used by consumers in their home or small offices are not likely to be affected by this issue."
To mitigate this issue, you can use file copy tools that do not use cache manager (buffered I/O). This can be done by using the built-in command-line tools listed below: robocopy \someserversomeshare c:somefolder somefile.img /J or xcopy \someserversomeshare c:somefolder /J We are working on a resolution and will provide an update in an upcoming release.
workaround
Oct 12, 2022
KB5018418
2022-10 Cumulative Update for Windows 11 for x64-based Systems (KB5018418) (CVE-2022-41033)
"IT admins"
After installing this update, file copies using Group Policy Preferences might fail or might create empty shortcuts or files using 0 (zero) bytes. Known affected Group Policy Objects are related to files and shortcuts in User Configuration > Preferences > Windows Settings in Group Policy Editor.
workaround
Oct 12, 2022
KB5018410
2022-10 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5018410) (CVE-2022-41033)
"Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire"
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business.
workaround
Oct 12, 2022
KB5018410
2022-10 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5018410) (CVE-2022-41033)
"After installing this update, file copies using Group Policy Preferences might fail or might create empty shortcuts or files using 0 (zero) bytes. Known affected Group Policy Objects are related to files and shortcuts in User Configuration > Preferences > Windows Settings in Group Policy Editor."
To mitigate this issue, you can do ONE of the following: Uncheck the "Run in logged-on users security context (user policy option)". Note: This might not mitigate the issue for items using a wildcard (*). Within the affected Group Policy, change "Action" from "Replace" to "Update". If a wildcard (*) is used in the location or destination, deleting the trailing "" (backslash, without quotes) from the destination might allow the copy to be successful. We are working on a resolution and will provide an update in an upcoming release.
workaround
Oct 12, 2022
KB5018419
2022-10 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5018419) (CVE-2022-41033)
"After installing KB5001342 or later, the Cluster Service might fail to start because a Cluster Network Driver is not found."
This issue occurs because of an update to the PnP class drivers used by this service.  After about 20 minutes, you should be able to restart your device and not encounter this issue. For more information about the specific errors, cause, and workaround for this issue, please see KB5003571.
workaround
Oct 12, 2022
KB5018421
2022-10 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5018421) (CVE-2022-41033)
"After installing this update, file copies using Group Policy Preferences might fail or might create empty shortcuts or files using 0 (zero) bytes. Known affected Group Policy Objects are related to files and shortcuts in User Configuration > Preferences > Windows Settings in Group Policy Editor."
To mitigate this issue, you can do ONE of the following: Uncheck the "Run in logged-on users security context (user policy option)". Note: This might not mitigate the issue for items using a wildcard (*). Within the affected Group Policy, change "Action" from "Replace" to "Update". If a wildcard (*) is used in the location or destination, deleting the trailing "" (backslash, without quotes) from the destination might allow the copy to be successful. We are working on a resolution and will provide an update in an upcoming release.
workaround
Sep 14, 2022
KB5017365
2022-09 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5017365) (CVE-2022-37969)
"Starting at 12:00 A.M. Saturday, September 10, 2022, the official time in Chile will advance 60 minutes in accordance with the August 9, 2022 official announcement by the Chilean government about a daylight saving time (DST) time zone change. This moves the DST change which was previously September 4 to September 10. Symptoms if the workaround is not used on devices between September 4, 2022 and September 11, 2022: ?Time shown in Windows and apps will not be correct"
To mitigate this issue, please see Possible issues caused by new Daylight Savings Time in Chile. We are working on a resolution and will provide an update in an upcoming release. Note We plan to release an update to support this change; however, there might be insufficient time to properly build, test, and release such an update before the change goes into effect. Please use the workaround above.
workaround
Sep 14, 2022
KB5017377
2022-09 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5017377) (CVE-2022-37969)
"Starting at 12:00 A.M. Saturday, September 10, 2022, the official time in Chile will advance 60 minutes in accordance with the August 9, 2022 official announcement by the Chilean government about a daylight saving time (DST) time zone change. This moves the DST change which was previously September 4 to September 10. Symptoms if the workaround is not used on devices between September 4, 2022 and September 11, 2022: ?Time shown in Windows and apps will not be correct"
To mitigate this issue, please see Possible issues caused by new Daylight Savings Time in Chile. We are working on a resolution and will provide an update in an upcoming release. Note We plan to release an update to support this change; however, there might be insufficient time to properly build, test, and release such an update before the change goes into effect. Please use the workaround above.
workaround
Sep 14, 2022
KB5017373
2022-09 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5017373) (ESU) (CVE-2022-37969)
"After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the How to get this update section of this article.
workaround
Sep 14, 2022
KB5017373
2022-09 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5017373) (ESU) (CVE-2022-37969)
"Starting at 12:00 A.M. Saturday, September 10, 2022, the official time in Chile will advance 60 minutes in accordance with the August 9, 2022 official announcement by the Chilean government about a daylight saving time (DST) time zone change. This moves the DST change which was previously September 4 to September 10. Symptoms if the workaround is not used on devices between September 4, 2022 and September 11, 2022: ?Time shown in Windows and apps will not be correct"
To mitigate this issue, please see Possible issues caused by new Daylight Savings Time in Chile. We are working on a resolution and will provide an update in an upcoming release. Note We plan to release an update to support this change; however, there might be insufficient time to properly build, test, and release such an update before the change goes into effect. Please use the workaround above.
workaround
Sep 14, 2022
KB5017371
2022-09 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5017371) (ESU) (CVE-2022-37969)
"After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Sep 14, 2022
KB5017371
2022-09 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5017371) (ESU) (CVE-2022-37969)
"Starting at 12:00 A.M. Saturday, September 10, 2022, the official time in Chile will advance 60 minutes in accordance with the August 9, 2022 official announcement by the Chilean government about a daylight saving time (DST) time zone change. This moves the DST change which was previously September 4 to September 10. Symptoms if the workaround is not used on devices between September 4, 2022 and September 11, 2022: ?Time shown in Windows and apps will not be correct"
To mitigate this issue, please see Possible issues caused by new Daylight Savings Time in Chile. We are working on a resolution and will provide an update in an upcoming release. Note We plan to release an update to support this change; however, there might be insufficient time to properly build, test, and release such an update before the change goes into effect. Please use the workaround above.
workaround
Sep 14, 2022
KB5017367
2022-09 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5017367) (CVE-2022-37969)
"Starting at 12:00 A.M. Saturday, September 10, 2022, the official time in Chile will advance 60 minutes in accordance with the August 9, 2022 official announcement by the Chilean government about a daylight saving time (DST) time zone change. This moves the DST change which was previously September 4 to September 10. Symptoms if the workaround is not used on devices between September 4, 2022 and September 11, 2022: ?Time shown in Windows and apps will not be correct"
To mitigate this issue, please see Possible issues caused by new Daylight Savings Time in Chile. We are working on a resolution and will provide an update in an upcoming release. Note We plan to release an update to support this change; however, there might be insufficient time to properly build, test, and release such an update before the change goes into effect. Please use the workaround above.
workaround
Sep 14, 2022
KB5017370
2022-09 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5017370) (CVE-2022-37969)
"Starting at 12:00 A.M. Saturday, September 10, 2022, the official time in Chile will advance 60 minutes in accordance with the August 9, 2022 official announcement by the Chilean government about a daylight saving time (DST) time zone change. This moves the DST change which was previously September 4 to September 10. Symptoms if the workaround is not used on devices between September 4, 2022 and September 11, 2022: ?Time shown in Windows and apps will not be correct"
To mitigate this issue, please see Possible issues caused by new Daylight Savings Time in Chile. We are working on a resolution and will provide an update in an upcoming release. Note We plan to release an update to support this change; however, there might be insufficient time to properly build, test, and release such an update before the change goes into effect. Please use the workaround above.
workaround
Sep 14, 2022
KB5017361
2022-09 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5017361) (ESU) (CVE-2022-37969)
"After installing this update and restarting your device, you might receive the error, "Failure to configure Windows updates. Reverting Changes. Do not turn off your computer", and the update might show as Failed in Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the How to get this update section of this article.
workaround
Sep 14, 2022
KB5017361
2022-09 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5017361) (ESU) (CVE-2022-37969)
"Starting at 12:00 A.M. Saturday, September 10, 2022, the official time in Chile will advance 60 minutes in accordance with the August 9, 2022 official announcement by the Chilean government about a daylight saving time (DST) time zone change. This moves the DST change which was previously September 4 to September 10. Symptoms if the workaround is not used on devices between September 4, 2022 and September 11, 2022: ?Time shown in Windows and apps will not be correct"
To mitigate this issue, please see Possible issues caused by new Daylight Savings Time in Chile. We are working on a resolution and will provide an update in an upcoming release. Note We plan to release an update to support this change; however, there might be insufficient time to properly build, test, and release such an update before the change goes into effect. Please use the workaround above.
workaround
Sep 14, 2022
KB5017358
2022-09 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5017358) (ESU) (CVE-2022-37969)
"After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Sep 14, 2022
KB5017358
2022-09 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5017358) (ESU) (CVE-2022-37969)
"Starting at 12:00 A.M. Saturday, September 10, 2022, the official time in Chile will advance 60 minutes in accordance with the August 9, 2022 official announcement by the Chilean government about a daylight saving time (DST) time zone change. This moves the DST change which was previously September 4 to September 10. Symptoms if the workaround is not used on devices between September 4, 2022 and September 11, 2022: ?Time shown in Windows and apps will not be correct"
To mitigate this issue, please see Possible issues caused by new Daylight Savings Time in Chile. We are working on a resolution and will provide an update in an upcoming release. Note We plan to release an update to support this change; however, there might be insufficient time to properly build, test, and release such an update before the change goes into effect. Please use the workaround above.
workaround
Sep 14, 2022
KB5017328
2022-09 Cumulative Update for Windows 11 for x64-based Systems (KB5017328) (CVE-2022-37969)
"IT admins"
After installing this update, XPS Viewer might be unable to open XML Paper Specification (XPS) documents in some non-English languages, including some Japanese and Chinese character encodings. This issue affects both XML Paper Specification (XPS) and Open XML Paper Specification (OXPS) files. When encountering this issue, you may receive an error, "This page cannot be displayed" within XPS Viewer or it might stop responding and have high CPU usage with continually increasing memory usage. When the error is encountered, if XPS Viewer is not closed it might reach up to 2.5GB of memory usage before closing unexpectedly. This issue does not affect most home users. The XPS Viewer is no longer installed by default as of Windows 10, version 1803 and must be manually installed.
workaround
Sep 14, 2022
KB5017328
2022-09 Cumulative Update for Windows 11 for x64-based Systems (KB5017328) (CVE-2022-37969)
"All users"
Starting at 12:00 A.M. Saturday, September 10, 2022, the official time in Chile will advance 60 minutes in accordance with the August 9, 2022 official announcement by the Chilean government about a daylight saving time (DST) time zone change. This moves the DST change which was previously September 4 to September 10. Symptoms if the workaround is not used on devices between September 4, 2022 and September 11, 2022: ?Time shown in Windows and apps will not be correct. ?Apps and cloud services which use date and time for integral functions, such as Microsoft Teams and Microsoft Outlook, notifications and scheduling of meetings might be 60 minutes off. ?Automation that uses date and time, such as Scheduled tasks, might not run at the expected time. ?Timestamp on transactions, files, and logs will be 60 minutes off. ?Operations that rely on time-dependent protocols such as Kerberos might cause authentication failures when attempting to logon or access resources. ?Windows devices and apps outside of Chile might also be affected if they are connecting to servers or devices in Chile or if they are scheduling or attending meetings taking place in Chile from another location or time zone. Windows devices outside of Chile should not use the workaround, as it would change their local time on the device.
workaround
Sep 14, 2022
KB5017308
2022-09 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5017308) (CVE-2022-37969)
"Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire"
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business.
workaround
Sep 14, 2022
KB5017308
2022-09 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5017308) (CVE-2022-37969)
""
 
workaround
Sep 14, 2022
KB5017308
2022-09 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5017308) (CVE-2022-37969)
"After installing this update, XPS Viewer might be unable to open XML Paper Specification (XPS) documents in some non-English languages, including some Japanese and Chinese character encodings. This issue affects both XML Paper Specification (XPS) and Open XML Paper Specification (OXPS) files. When encountering this issue, you may receive an error, "This page cannot be displayed" within XPS Viewer or it might stop responding and have high CPU usage with continually i"
We are working on a resolution and will provide an update in an upcoming release.
workaround
Sep 14, 2022
KB5017308
2022-09 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5017308) (CVE-2022-37969)
"Starting at 12:00 A.M. Saturday, September 10, 2022, the official time in Chile will advance 60 minutes in accordance with the August 9, 2022 official announcement by the Chilean government about a daylight saving time (DST) time zone change. This moves the DST change which was previously September 4 to September 10. Symptoms if the workaround is not used on devices between September 4, 2022 and September 11, 2022: ?Time shown in Windows and apps will not be correct"
To mitigate this issue, please see one of the following: Windows 10, version 21H2: Possible issues caused by new Daylight Savings Time in Chile Windows 10, version 21H1: Possible issues caused by new Daylight Savings Time in Chile Windows 10, version 20H2: Possible issues caused by new Daylight Savings Time in Chile We are working on a resolution and will provide an update in an upcoming release. Note We plan to release an update to support this change; however, there might be insufficient time to properly build, test, and release such an update before the change goes into effect. Please use the workaround above.
workaround
Sep 14, 2022
KB5017315
2022-09 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5017315) (CVE-2022-37969)
"After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.""
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Sep 14, 2022
KB5017315
2022-09 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5017315) (CVE-2022-37969)
"After installing KB5001342 or later, the Cluster Service might fail to start because a Cluster Network Driver is not found."
This issue occurs because of an update to the PnP class drivers used by this service.  After about 20 minutes, you should be able to restart your device and not encounter this issue. For more information about the specific errors, cause, and workaround for this issue, please see KB5003571.
workaround
Sep 14, 2022
KB5017315
2022-09 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5017315) (CVE-2022-37969)
"Starting at 12:00 A.M. Saturday, September 10, 2022, the official time in Chile will advance 60 minutes in accordance with the August 9, 2022 official announcement by the Chilean government about a daylight saving time (DST) time zone change. This moves the DST change which was previously September 4 to September 10. Symptoms if the workaround is not used on devices between September 4, 2022 and September 11, 2022: ?Time shown in Windows and apps will not be correct"
To mitigate this issue, please see Possible issues caused by new Daylight Savings Time in Chile. We are working on a resolution and will provide an update in an upcoming release. Note We plan to release an update to support this change; however, there might be insufficient time to properly build, test, and release such an update before the change goes into effect. Please use the workaround above.
workaround
Sep 14, 2022
KB5017305
2022-09 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5017305) (CVE-2022-37969)
"Starting at 12:00 A.M. Saturday, September 10, 2022, the official time in Chile will advance 60 minutes in accordance with the August 9, 2022 official announcement by the Chilean government about a daylight saving time (DST) time zone change. This moves the DST change which was previously September 4 to September 10. Symptoms if the workaround is not used on devices between September 4, 2022 and September 11, 2022: ?Time shown in Windows and apps will not be correct"
To mitigate this issue, please see Possible issues caused by new Daylight Savings Time in Chile. We are working on a resolution and will provide an update in an upcoming release. Note We plan to release an update to support this change; however, there might be insufficient time to properly build, test, and release such an update before the change goes into effect. Please use the workaround above.
workaround
Sep 14, 2022
KB5017327
2022-09 Cumulative Update for Windows 10 Version 1507 for x64-based Systems (KB5017327) (CVE-2022-37969)
"Starting at 12:00 A.M. Saturday, September 10, 2022, the official time in Chile will advance 60 minutes in accordance with the August 9, 2022 official announcement by the Chilean government about a daylight saving time (DST) time zone change. This moves the DST change which was previously September 4 to September 10. Symptoms if the workaround is not used on devices between September 4, 2022 and September 11, 2022: ?Time shown in Windows and apps will not be correct"
To mitigate this issue, please see Possible issues caused by new Daylight Savings Time in Chile. We are working on a resolution and will provide an update in an upcoming release. Note We plan to release an update to support this change; however, there might be insufficient time to properly build, test, and release such an update before the change goes into effect. Please use the workaround above.
workaround
Sep 14, 2022
KB5017316
2022-09 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5017316) (CVE-2022-37969)
"Starting at 12:00 A.M. Saturday, September 10, 2022, the official time in Chile will advance 60 minutes in accordance with the August 9, 2022 official announcement by the Chilean government about a daylight saving time (DST) time zone change. This moves the DST change which was previously September 4 to September 10. Symptoms if the workaround is not used on devices between September 4, 2022 and September 11, 2022: ?Time shown in Windows and apps will not be correct"
To mitigate this issue, please see Possible issues caused by new Daylight Savings Time in Chile. We are working on a resolution and will provide an update in an upcoming release. Note We plan to release an update to support this change; however, there might be insufficient time to properly build, test, and release such an update before the change goes into effect. Please use the workaround above.
workaround
Aug 9, 2022
KB5012170
KB5012170: Security update for Secure Boot DBX: August 9, 2022
"When attempting to install this update, it might fail to install, and you might receive Error 0x800f0922. Note This issue only affects this security update for Secure Boot DBX (KB5012170) and does not affect the latest cumulative security updates, monthly rollups, or security-only updates released on August 9, 2022."
workaround
Aug 10, 2022
KB5016679
2022-08 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5016679) (ESU) (CVE-2022-34713)
"After installing this update and restarting your device, you might receive the error, �Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,� and the update might show as�Failed�in�Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see�KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this�blog�post. For information on the prerequisites, see the�How to get this update�section of this article.
workaround
Aug 10, 2022
KB5016686
2022-08 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5016686) (ESU)
"After installing this update and restarting your device, you might receive the error, �Failure to configure Windows updates. Reverting Changes. Do not turn off your computer�, and the update might show as�Failed�in�Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see�KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this�blog�post.�For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Aug 10, 2022
KB5016676
2022-08 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5016676) (ESU) (CVE-2022-34713)
"After installing this update and restarting your device, you might receive the error, "Failure to configure Windows updates. Reverting Changes. Do not turn off your computer", and the update might show as�Failed�in�Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see�KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this�blog�post.�For information on the prerequisites, see the How to get this update section of this article.
workaround
Aug 10, 2022
KB5016669
2022-08 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5016669) (ESU)
"After installing this update and restarting your device, you might receive the error, �Failure to configure Windows updates. Reverting Changes. Do not turn off your computer�, and the update might show as�Failed�in�Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see�KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this�blog�post.�For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Aug 10, 2022
KB5016629
2022-08 Cumulative Update for Windows 11 for x64-based Systems (KB5016629) (CVE-2022-34713)
"IT admins"
After installing this update, XPS Viewer might be unable to open XML Paper Specification (XPS) documents in some non-English languages, including some Japanese and Chinese character encodings. This issue affects both XML Paper Specification (XPS) and Open XML Paper Specification (OXPS) files. When encountering this issue, you may receive an error, "This page cannot be displayed" within XPS Viewer or it might stop responding and have high CPU usage with continually increasing memory usage. When the error is encountered, if XPS Viewer is not closed it might reach up to 2.5GB of memory usage before closing unexpectedly. This issue does not affect most home users. The XPS Viewer is no longer installed by default as of Windows 10, version 1803 and must be manually installed.
workaround
Aug 10, 2022
KB5016616
2022-08 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5016616) (CVE-2022-34713)
"Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire"
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business.
workaround
Aug 10, 2022
KB5016616
2022-08 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5016616) (CVE-2022-34713)
""
 
workaround
Aug 10, 2022
KB5016616
2022-08 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5016616) (CVE-2022-34713)
"After installing this update, IE mode tabs in Microsoft Edge might stop responding when a site displays a modal dialog box. A modal dialog box is a form or dialog box that requires the user to respond before continuing or interacting with other portions of the webpage or app. Developer Note�Sites affected by this issue call window.focus."
This issue is resolved using Known Issue Rollback (KIR). Please note that it might take up to 24 hours for the resolution to propagate automatically to consumer devices and non-managed business devices. Restarting your Windows device might help the resolution apply to your device faster. For enterprise-managed devices that have installed an affected update and encountered this issue can resolve it by installing and configuring the special Group Policy listed below.�For information on deploying and configuring these special Group Policy, please see How to use Group Policy to deploy a Known Issue Rollback.� Group Policy download�with Group Policy name:� Download for Windows 10, version 20H2 and Windows 10, version 21H1 -�Windows 10 20H2, 21H1 and 21H2 KB5014023 220624_22551 Known Issue Rollback Important�You will need to install and configure the Group Policy for your version of Windows to resolve this issue.
workaround
Aug 10, 2022
KB5016616
2022-08 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5016616) (CVE-2022-34713)
"Microsoft has received reports of issues affecting some printing devices following installation of this update. Symptoms observed may include duplicate copies of printers installed on a device (commonly with a similar name and the suffix "Copy1"), and applications which refer to the printer by a specific name cannot print. Normal printer usage might be interrupted, resulting in failure of printing operations."
View the �Settings� app on your device. If a duplicate copy of a printer appears to exist under the �Bluetooth & devices� section, confirm whether this printer works. If so, this printer can be used normally, and other copies of the printer can be removed. If the issue persists, update the print driver for your device. For guidance, see Install the latest driver for your printer. If you are still having issues, uninstalling and reinstalling your printer should solve the issue. We are presently investigating a resolution and will provide an update when more information is available.
workaround
Aug 10, 2022
KB5016616
2022-08 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5016616) (CVE-2022-34713)
"After installing this update, XPS Viewer might be unable to open XML Paper Specification (XPS) documents in some non-English languages, including some Japanese and Chinese character encodings. This issue affects both XML Paper Specification (XPS) and Open XML Paper Specification (OXPS) files. When encountering this issue, you may receive an error, "This page cannot be displayed" within XPS Viewer or it might stop responding and have high CPU usage with continually i"
We are working on a resolution and will provide an update in an upcoming release.
workaround
Aug 10, 2022
KB5016623
2022-08 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5016623) (CVE-2022-34713)
"After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.""
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select�Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Aug 10, 2022
KB5016623
2022-08 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5016623) (CVE-2022-34713)
"After installing KB5001342�or later, the Cluster Service might fail to start because a Cluster Network Driver is not found."
This issue occurs because of an update to the PnP class drivers used by this service. �After about 20 minutes, you should be able to restart your device and not encounter this issue. For more information about the specific errors, cause, and workaround for this issue, please see KB5003571.
workaround
Aug 10, 2022
KB5016627
2022-08 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5016627) (CVE-2022-34713)
"After installing this update, IE mode tabs in Microsoft Edge might stop responding when a site displays a modal dialog box. A modal dialog box is a form or dialog box that requires the user to respond before continuing or interacting with other portions of the webpage or app. Developer Note�Sites affected by this issue call window.focus."
We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015877
2022-07 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5015877) (CVE-2022-22047)
"Certain operations, such as�rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, �STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)�. This occurs when you perform the operation on a CSV owner node from a process that doesn�t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn�t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015875
2022-07 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5015875) (CVE-2022-22047)
"Certain operations, such as�rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, �STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)�. This occurs when you perform the operation on a CSV owner node from a process that doesn�t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn�t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015862
2022-07 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5015862) (ESU) (CVE-2022-22047)
"After installing this update and restarting your device, you might receive the error, �Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,� and the update might show as�Failed�in�Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see�KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this�blog�post. For information on the prerequisites, see the�How to get this update�section of this article.
workaround
Jul 13, 2022
KB5015862
2022-07 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5015862) (ESU) (CVE-2022-22047)
"Certain operations, such as�rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error,�"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)". This occurs when you perform the operation on a CSV owner node from a process that doesn�t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn�t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015870
2022-07 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5015870) (ESU) (CVE-2022-22047)
"After installing this update and restarting your device, you might receive the error, �Failure to configure Windows updates. Reverting Changes. Do not turn off your computer�, and the update might show as�Failed�in�Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see�KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this�blog�post.�For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jul 13, 2022
KB5015870
2022-07 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5015870) (ESU) (CVE-2022-22047)
"Certain operations, such as�rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, �STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)�. This occurs when you perform the operation on a CSV owner node from a process that doesn�t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn�t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015874
2022-07 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5015874) (CVE-2022-22047)
"Certain operations, such as�rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, �STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)�. This occurs when you perform the operation on a CSV owner node from a process that doesn�t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn�t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015863
2022-07 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5015863) (CVE-2022-22047)
"Certain operations, such as�rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, �STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)�. This occurs when you perform the operation on a CSV owner node from a process that doesn�t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn�t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015861
2022-07 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5015861) (ESU) (CVE-2022-22047)
"After installing this update and restarting your device, you might receive the error, "Failure to configure Windows updates. Reverting Changes. Do not turn off your computer", and the update might show as�Failed�in�Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see�KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this�blog�post.�For information on the prerequisites, see the How to get this update section of this article.
workaround
Jul 13, 2022
KB5015861
2022-07 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5015861) (ESU) (CVE-2022-22047)
"Certain operations, such as�rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)". This occurs when you perform the operation on a CSV owner node from a process that doesn�t have administrator privilege."
Do one of the following:� Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn�t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015866
2022-07 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5015866) (ESU) (CVE-2022-22047)
"After installing this update and restarting your device, you might receive the error, �Failure to configure Windows updates. Reverting Changes. Do not turn off your computer�, and the update might show as�Failed�in�Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see�KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this�blog�post.�For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jul 13, 2022
KB5015866
2022-07 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5015866) (ESU) (CVE-2022-22047)
"Certain operations, such as�rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, �STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)�. This occurs when you perform the operation on a CSV owner node from a process that doesn�t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn�t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015814
2022-07 Cumulative Update for Windows 11 for x64-based Systems (KB5015814) (CVE-2022-22047)
"IT admins"
After installing this update, IE mode tabs in Microsoft Edge might stop responding when a site displays a modal dialog box. A modal dialog box is a form or dialog box that requires the user to respond before continuing or interacting with other portions of the webpage or app. Developer Note�Sites affected by this issue call window.focus.
workaround
Jul 13, 2022
KB5015807
2022-07 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5015807) (CVE-2022-22047)
"Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire"
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business.
workaround
Jul 13, 2022
KB5015807
2022-07 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5015807) (CVE-2022-22047)
"After installing the June 21, 2021 (KB5003690) update,�some devices�cannot install new updates, such as the July 6, 2021 (KB5004945)�or later updates.�You will receive the error message, "PSFX_E_MATCHING_BINARY_MISSING"."
For more information and a workaround, see KB5005322.
workaround
Jul 13, 2022
KB5015807
2022-07 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5015807) (CVE-2022-22047)
""
 
workaround
Jul 13, 2022
KB5015807
2022-07 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5015807) (CVE-2022-22047)
"After installing this update, IE mode tabs in Microsoft Edge might stop responding when a site displays a modal dialog box. A modal dialog box is a form or dialog box that requires the user to respond before continuing or interacting with other portions of the webpage or app. Developer Note�Sites affected by this issue call window.focus."
This issue is resolved using Known Issue Rollback (KIR). Please note that it might take up to 24 hours for the resolution to propagate automatically to consumer devices and non-managed business devices. Restarting your Windows device might help the resolution apply to your device faster. For enterprise-managed devices that have installed an affected update and encountered this issue can resolve it by installing and configuring the special Group Policy listed below.�For information on deploying and configuring these special Group Policy, please see How to use Group Policy to deploy a Known Issue Rollback.� Group Policy download�with Group Policy name:� Download for Windows 10, version 20H2 and Windows 10, version 21H1 -�Windows 10 20H2, 21H1 and 21H2 KB5014023 220624_22551 Known Issue Rollback Important�You will need to install and configure the Group Policy for your version of Windows to resolve this issue.
workaround
Jul 13, 2022
KB5015811
2022-07 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5015811) (CVE-2022-22047)
"After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.""
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select�Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015811
2022-07 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5015811) (CVE-2022-22047)
"After installing KB5001342�or later, the Cluster Service might fail to start because a Cluster Network Driver is not found."
This issue occurs because of an update to the PnP class drivers used by this service. �After about 20 minutes, you should be able to restart your device and not encounter this issue. For more information about the specific errors, cause, and workaround for this issue, please see KB5003571.
workaround
Jul 13, 2022
KB5015827
2022-07 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5015827) (CVE-2022-22047)
"After installing this update, IE mode tabs in Microsoft Edge might stop responding when a site displays a modal dialog box. A modal dialog box is a form or dialog box that requires the user to respond before continuing or interacting with other portions of the webpage or app. Developer Note�Sites affected by this issue call window.focus."
We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015877
2022-07 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5015877) (CVE-2022-22047)
"Certain operations, such as�rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, �STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)�. This occurs when you perform the operation on a CSV owner node from a process that doesn�t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn�t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015875
2022-07 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5015875) (CVE-2022-22047)
"Certain operations, such as�rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, �STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)�. This occurs when you perform the operation on a CSV owner node from a process that doesn�t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn�t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015862
2022-07 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5015862) (ESU) (CVE-2022-22047)
"After installing this update and restarting your device, you might receive the error, �Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,� and the update might show as�Failed�in�Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see�KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this�blog�post. For information on the prerequisites, see the�How to get this update�section of this article.
workaround
Jul 13, 2022
KB5015862
2022-07 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5015862) (ESU) (CVE-2022-22047)
"Certain operations, such as�rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error,�"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)". This occurs when you perform the operation on a CSV owner node from a process that doesn�t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn�t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015870
2022-07 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5015870) (ESU) (CVE-2022-22047)
"After installing this update and restarting your device, you might receive the error, �Failure to configure Windows updates. Reverting Changes. Do not turn off your computer�, and the update might show as�Failed�in�Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see�KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this�blog�post.�For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jul 13, 2022
KB5015870
2022-07 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5015870) (ESU) (CVE-2022-22047)
"Certain operations, such as�rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, �STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)�. This occurs when you perform the operation on a CSV owner node from a process that doesn�t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn�t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015874
2022-07 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5015874) (CVE-2022-22047)
"Certain operations, such as�rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, �STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)�. This occurs when you perform the operation on a CSV owner node from a process that doesn�t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn�t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015863
2022-07 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5015863) (CVE-2022-22047)
"Certain operations, such as�rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, �STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)�. This occurs when you perform the operation on a CSV owner node from a process that doesn�t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn�t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015861
2022-07 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5015861) (ESU) (CVE-2022-22047)
"After installing this update and restarting your device, you might receive the error, "Failure to configure Windows updates. Reverting Changes. Do not turn off your computer", and the update might show as�Failed�in�Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see�KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this�blog�post.�For information on the prerequisites, see the How to get this update section of this article.
workaround
Jul 13, 2022
KB5015861
2022-07 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5015861) (ESU) (CVE-2022-22047)
"Certain operations, such as�rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)". This occurs when you perform the operation on a CSV owner node from a process that doesn�t have administrator privilege."
Do one of the following:� Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn�t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015866
2022-07 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5015866) (ESU) (CVE-2022-22047)
"After installing this update and restarting your device, you might receive the error, �Failure to configure Windows updates. Reverting Changes. Do not turn off your computer�, and the update might show as�Failed�in�Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see�KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this�blog�post.�For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jul 13, 2022
KB5015866
2022-07 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5015866) (ESU) (CVE-2022-22047)
"Certain operations, such as�rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, �STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)�. This occurs when you perform the operation on a CSV owner node from a process that doesn�t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn�t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015814
2022-07 Cumulative Update for Windows 11 for x64-based Systems (KB5015814) (CVE-2022-22047)
"IT admins"
After installing this update, IE mode tabs in Microsoft Edge might stop responding when a site displays a modal dialog box. A modal dialog box is a form or dialog box that requires the user to respond before continuing or interacting with other portions of the webpage or app. Developer Note�Sites affected by this issue call window.focus.
workaround
Jul 13, 2022
KB5015807
2022-07 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5015807) (CVE-2022-22047)
"Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire"
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business.
workaround
Jul 13, 2022
KB5015807
2022-07 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5015807) (CVE-2022-22047)
"After installing the June 21, 2021 (KB5003690) update,�some devices�cannot install new updates, such as the July 6, 2021 (KB5004945)�or later updates.�You will receive the error message, "PSFX_E_MATCHING_BINARY_MISSING"."
For more information and a workaround, see KB5005322.
workaround
Jul 13, 2022
KB5015807
2022-07 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5015807) (CVE-2022-22047)
""
 
workaround
Jul 13, 2022
KB5015807
2022-07 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5015807) (CVE-2022-22047)
"After installing this update, IE mode tabs in Microsoft Edge might stop responding when a site displays a modal dialog box. A modal dialog box is a form or dialog box that requires the user to respond before continuing or interacting with other portions of the webpage or app. Developer Note�Sites affected by this issue call window.focus."
This issue is resolved using Known Issue Rollback (KIR). Please note that it might take up to 24 hours for the resolution to propagate automatically to consumer devices and non-managed business devices. Restarting your Windows device might help the resolution apply to your device faster. For enterprise-managed devices that have installed an affected update and encountered this issue can resolve it by installing and configuring the special Group Policy listed below.�For information on deploying and configuring these special Group Policy, please see How to use Group Policy to deploy a Known Issue Rollback.� Group Policy download�with Group Policy name:� Download for Windows 10, version 20H2 and Windows 10, version 21H1 -�Windows 10 20H2, 21H1 and 21H2 KB5014023 220624_22551 Known Issue Rollback Important�You will need to install and configure the Group Policy for your version of Windows to resolve this issue.
workaround
Jul 13, 2022
KB5015811
2022-07 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5015811) (CVE-2022-22047)
"After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.""
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select�Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 13, 2022
KB5015811
2022-07 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5015811) (CVE-2022-22047)
"After installing KB5001342�or later, the Cluster Service might fail to start because a Cluster Network Driver is not found."
This issue occurs because of an update to the PnP class drivers used by this service. �After about 20 minutes, you should be able to restart your device and not encounter this issue. For more information about the specific errors, cause, and workaround for this issue, please see KB5003571.
workaround
Jul 13, 2022
KB5015827
2022-07 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5015827) (CVE-2022-22047)
"After installing this update, IE mode tabs in Microsoft Edge might stop responding when a site displays a modal dialog box. A modal dialog box is a form or dialog box that requires the user to respond before continuing or interacting with other portions of the webpage or app. Developer Note�Sites affected by this issue call window.focus."
We are working on a resolution and will provide an update in an upcoming release.
workaround
Jun 15, 2022
KB5014746
2022-06 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5014746) (CVE-2022-30190)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jun 15, 2022
KB5014741
2022-06 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5014741) (CVE-2022-30190)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jun 15, 2022
KB5014742
2022-06 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5014742) (ESU) (CVE-2022-30190)
"After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the How to get this update section of this article.
workaround
Jun 15, 2022
KB5014742
2022-06 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5014742) (ESU) (CVE-2022-30190)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jun 15, 2022
KB5014743
2022-06 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5014743) (ESU)
"After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jun 15, 2022
KB5014743
2022-06 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5014743) (ESU)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jun 15, 2022
KB5014738
2022-06 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5014738) (CVE-2022-30190)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jun 15, 2022
KB5014747
2022-06 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5014747) (CVE-2022-30190)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jun 15, 2022
KB5014748
2022-06 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5014748) (ESU) (CVE-2022-30190)
"After installing this update and restarting your device, you might receive the error, "Failure to configure Windows updates. Reverting Changes. Do not turn off your computer", and the update might show as Failed in Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the How to get this update section of this article.
workaround
Jun 15, 2022
KB5014748
2022-06 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5014748) (ESU) (CVE-2022-30190)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following:  Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release. 
workaround
Jun 15, 2022
KB5014752
2022-06 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5014752) (ESU)
"After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jun 15, 2022
KB5014752
2022-06 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5014752) (ESU)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jun 15, 2022
KB5014699
2022-06 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5014699)
"Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire"
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business.
workaround
Jun 15, 2022
KB5014699
2022-06 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5014699)
"After installing the June 21, 2021 (KB5003690) update, some devices cannot install new updates, such as the July 6, 2021 (KB5004945) or later updates. You will receive the error message, "PSFX_E_MATCHING_BINARY_MISSING"."
For more information and a workaround, see KB5005322.
workaround
Jun 15, 2022
KB5014699
2022-06 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5014699)
"We are receiving reports that the Snip & Sketch app might fail to capture a screenshot and might fail to open using the keyboard shortcut (Windows key+shift+S). This issue occurs after installing KB5010342 (February 8, 2022) and later updates."
We are presently investigating and will provide an update when more information is available.
workaround
Jun 15, 2022
KB5014692
2022-06 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5014692)
"After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.""
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jun 15, 2022
KB5014692
2022-06 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5014692)
"After installing KB5001342 or later, the Cluster Service might fail to start because a Cluster Network Driver is not found."
This issue occurs because of an update to the PnP class drivers used by this service.  After about 20 minutes, you should be able to restart your device and not encounter this issue. For more information about the specific errors, cause, and workaround for this issue, please see KB5003571.
workaround
Jun 15, 2022
KB5014001
2022-05 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5014001) (CVE-2022-26925)
"After installing this update on your Windows Server 2012 R2 servers used as domain controllers, you might see authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). The issue affects how the domain controller manages the mapping of certificates to machine accounts. This issue o"
Install update KB5014986 on Windows Server 2012 R2 servers used as domain controllers and intermediary application servers which authenticate to domain controllers.
workaround
May 11, 2022
KB5014001
2022-05 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5014001)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 11, 2022
KB5014001
2022-05 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5014001)
"After installing updates released January 11, 2022 or later updates, apps using Microsoft .NET Framework to acquire or set Active Directory Forest Trust Information might fail, close, or you might receive an error from the app or Windows. You might also receive an access violation (0xc0000005) error. Note for developers: Affected apps use the System.DirectoryServices API."
To resolve this issue manually, apply the out-of-band updates for the version of .NET Framework used by the app. Note These out-of-band updates are not available from Windows Update and will not install automatically. To get the standalone package, search for the KB number for your version of Windows and .NET Framework in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. For instructions on how to install this update for your operating system, see the KB articles listed below: Windows Server 2022:  .NET Framework 4.8 KB5011258 Windows Server 2019:  .NET Framework 4.8 KB5011257 .NET Framework 4.7.2 KB5011259 Windows Server 2016:  .NET Framework 4.8 KB5011264 .NET Framework 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011329 Windows Server 2012 R2:  .NET Framework 4.8 KB5011266 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011263 .NET Framework 4.5.2 KB5011261 Windows Server 2012: .NET Framework 4.8 KB5011265 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011262 .NET Framework 4.5.2 KB5011260
workaround
Jun 15, 2022
KB5014018
2022-05 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5014018) (CVE-2022-26925)
"After installing this update on your Windows Server 2012 servers used as domain controllers, you might see authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). The issue affects how the domain controller manages the mapping of certificates to machine accounts. This issue only"
Install update KB5014991 on Windows Server 2012 servers used as domain controllers and intermediary application servers which authenticate to domain controllers.
workaround
May 11, 2022
KB5014018
2022-05 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5014018)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 11, 2022
KB5014018
2022-05 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5014018)
"After installing updates released January 11, 2022 or later updates, apps using Microsoft .NET Framework to acquire or set Active Directory Forest Trust Information might fail, close, or you might receive an error from the app or Windows. You might also receive an access violation (0xc0000005) error. Note for developers: Affected apps use the System.DirectoryServices API."
To resolve this issue manually, apply the out-of-band updates for the version of .NET Framework used by the app. Note These out-of-band updates are not available from Windows Update and will not install automatically. To get the standalone package, search for the KB number for your version of Windows and .NET Framework in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. For instructions on how to install this update for your operating system, see the KB articles listed below: Windows Server 2022:  .NET Framework 4.8 KB5011258 Windows Server 2019:  .NET Framework 4.8 KB5011257 .NET Framework 4.7.2 KB5011259 Windows Server 2016:  .NET Framework 4.8 KB5011264 .NET Framework 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011329 Windows Server 2012 R2:  .NET Framework 4.8 KB5011266 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011263 .NET Framework 4.5.2 KB5011261 Windows Server 2012: .NET Framework 4.8 KB5011265 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011262 .NET Framework 4.5.2 KB5011260
workaround
Jun 15, 2022
KB5013999
2022-05 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5013999) (ESU) (CVE-2022-26925)
"After installing this update on your Windows Server 2008 R2 SP1 servers used as domain controllers, you might see authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). The issue affects how the domain controller manages the mapping of certificates to machine accounts. This iss"
Install update KB5014987 on Windows Server 2008 R2 SP1 servers used as domain controllers and intermediary application servers which authenticate to domain controllers.
workaround
May 11, 2022
KB5013999
2022-05 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5013999) (ESU)
"After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the How to get this update section of this article.
workaround
May 11, 2022
KB5013999
2022-05 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5013999) (ESU)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jun 15, 2022
KB5014006
2022-05 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5014006) (ESU) (CVE-2022-26925)
"After installing this update on your Windows Server 2008 SP2 servers used as domain controllers, you might see authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). The issue affects how the domain controller manages the mapping of certificates to machine accounts. This issue "
Install update KB5014990 on Windows Server 2008 SP2 servers used as domain controllers and intermediary application servers which authenticate to domain controllers.
workaround
May 11, 2022
KB5014006
2022-05 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5014006) (ESU)
"After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
May 11, 2022
KB5014006
2022-05 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5014006) (ESU)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jun 15, 2022
KB5014011
2022-05 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5014011) (CVE-2022-26925)
"After installing this update on your Windows Server 2012 R2 servers used as domain controllers, you might see authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). The issue affects how the domain controller manages the mapping of certificates to machine accounts. This issue o"
Install update KB5014986 on Windows Server 2012 R2 servers used as domain controllers and intermediary application servers which authenticate to domain controllers.
workaround
May 11, 2022
KB5014011
2022-05 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5014011)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 11, 2022
KB5014011
2022-05 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5014011)
"After installing updates released January 11, 2022 or later updates, apps using Microsoft .NET Framework to acquire or set Active Directory Forest Trust Information might fail, close, or you might receive an error from the app or Windows. You might also receive an access violation (0xc0000005) error. Note for developers: Affected apps use the System.DirectoryServices API."
To resolve this issue manually, apply the out-of-band updates for the version of .NET Framework used by the app. Note These out-of-band updates are not available from Windows Update and will not install automatically. To get the standalone package, search for the KB number for your version of Windows and .NET Framework in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. For instructions on how to install this update for your operating system, see the KB articles listed below: Windows Server 2022:  .NET Framework 4.8 KB5011258 Windows Server 2019:  .NET Framework 4.8 KB5011257 .NET Framework 4.7.2 KB5011259 Windows Server 2016:  .NET Framework 4.8 KB5011264 .NET Framework 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011329 Windows Server 2012 R2:  .NET Framework 4.8 KB5011266 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011263 .NET Framework 4.5.2 KB5011261 Windows Server 2012: .NET Framework 4.8 KB5011265 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011262 .NET Framework 4.5.2 KB5011260
workaround
Jun 15, 2022
KB5014017
2022-05 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5014017) (CVE-2022-26925)
"After installing this update on your Windows Server 2012 servers used as domain controllers, you might see authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). The issue affects how the domain controller manages the mapping of certificates to machine accounts. This issue only"
Install update KB5014991 on Windows Server 2012 servers used as domain controllers and intermediary application servers which authenticate to domain controllers.
workaround
May 11, 2022
KB5014017
2022-05 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5014017)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 11, 2022
KB5014017
2022-05 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5014017)
"After installing updates released January 11, 2022 or later updates, apps using Microsoft .NET Framework to acquire or set Active Directory Forest Trust Information might fail, close, or you might receive an error from the app or Windows. You might also receive an access violation (0xc0000005) error. Note for developers: Affected apps use the System.DirectoryServices API."
To resolve this issue manually, apply the out-of-band updates for the version of .NET Framework used by the app. Note These out-of-band updates are not available from Windows Update and will not install automatically. To get the standalone package, search for the KB number for your version of Windows and .NET Framework in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. For instructions on how to install this update for your operating system, see the KB articles listed below: Windows Server 2022:  .NET Framework 4.8 KB5011258 Windows Server 2019:  .NET Framework 4.8 KB5011257 .NET Framework 4.7.2 KB5011259 Windows Server 2016:  .NET Framework 4.8 KB5011264 .NET Framework 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011329 Windows Server 2012 R2:  .NET Framework 4.8 KB5011266 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011263 .NET Framework 4.5.2 KB5011261 Windows Server 2012: .NET Framework 4.8 KB5011265 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011262 .NET Framework 4.5.2 KB5011260
workaround
Jun 15, 2022
KB5014012
2022-05 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5014012) (ESU) (CVE-2022-26925)
"After installing this update on your Windows Server 2008 R2 SP1 servers used as domain controllers, you might see authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). The issue affects how the domain controller manages the mapping of certificates to machine accounts. This iss"
Install update KB5014987 on Windows Server 2008 R2 SP1 servers used as domain controllers and intermediary application servers which authenticate to domain controllers.
workaround
May 11, 2022
KB5014012
2022-05 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5014012) (ESU)
"After installing this update and restarting your device, you might receive the error, "Failure to configure Windows updates. Reverting Changes. Do not turn off your computer", and the update might show as Failed in Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the How to get this update section of this article.
workaround
May 11, 2022
KB5014012
2022-05 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5014012) (ESU)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following:  Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. 
workaround
Jun 15, 2022
KB5014010
2022-05 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5014010) (ESU) (CVE-2022-26925)
"After installing this update on your Windows Server 2008 SP2 servers used as domain controllers, you might see authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). The issue affects how the domain controller manages the mapping of certificates to machine accounts. This issue "
Install update KB5014990 on Windows Server 2008 SP2 servers used as domain controllers and intermediary application servers which authenticate to domain controllers.
workaround
May 11, 2022
KB5014010
2022-05 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5014010) (ESU)
"After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
May 11, 2022
KB5014010
2022-05 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5014010) (ESU)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jun 15, 2022
KB5014023
2022-05 Cumulative Update Preview for Windows 10 Version 20H2 for x64-based Systems (KB5014023)
"Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire"
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business.
workaround
Jun 15, 2022
KB5014023
2022-05 Cumulative Update Preview for Windows 10 Version 20H2 for x64-based Systems (KB5014023)
"After installing the June 21, 2021 (KB5003690) update, some devices cannot install new updates, such as the July 6, 2021 (KB5004945) or later updates. You will receive the error message, "PSFX_E_MATCHING_BINARY_MISSING"."
For more information and a workaround, see KB5005322.
workaround
Jun 15, 2022
KB5014023
2022-05 Cumulative Update Preview for Windows 10 Version 20H2 for x64-based Systems (KB5014023)
"We are receiving reports that the Snip & Sketch app might fail to capture a screenshot and might fail to open using the keyboard shortcut (Windows key+shift+S). This issue occurs after installing KB5010342 (February 8, 2022) and later updates."
We are presently investigating and will provide an update when more information is available.
workaround
Jun 15, 2022
KB5014022
2022-05 Cumulative Update Preview for Windows 10 Version 1809 for x64-based Systems (KB5014022)
"After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.""
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jun 15, 2022
KB5014022
2022-05 Cumulative Update Preview for Windows 10 Version 1809 for x64-based Systems (KB5014022)
"After installing KB5001342 or later, the Cluster Service might fail to start because a Cluster Network Driver is not found."
This issue occurs because of an update to the PnP class drivers used by this service.  After about 20 minutes, you should be able to restart your device and not encounter this issue. For more information about the specific errors, cause, and workaround for this issue, please see KB5003571.
workaround
Jun 15, 2022
KB5015020
2022-05 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5015020)
"Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire"
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business.
workaround
Jun 15, 2022
KB5015020
2022-05 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5015020)
"After installing the June 21, 2021 (KB5003690) update, some devices cannot install new updates, such as the July 6, 2021 (KB5004945) or later updates. You will receive the error message, "PSFX_E_MATCHING_BINARY_MISSING"."
For more information and a workaround, see KB5005322.
workaround
Jun 15, 2022
KB5015020
2022-05 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5015020)
"We are receiving reports that the Snip & Sketch app might fail to capture a screenshot and might fail to open using the keyboard shortcut (Windows key+shift+S). This issue occurs after installing KB5010342 (February 8, 2022) and later updates."
We are presently investigating and will provide an update when more information is available.
workaround
Jun 15, 2022
KB5013942
2022-05 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5013942) (CVE-2022-22713)
"Updated May 27, 2022 After installing updates released May 10, 2022 on your domain controllers, you might see machine certificate authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). An issue has been found related to how the mapping of certificates to machine accounts is bei"
Updated May 27, 2022 The preferred mitigation for this issue is to manually map certificates to a machine account in Active Directory. For instructions, please see Certificate Mapping. Note The instructions are the same for mapping certificates to user or machine accounts in Active Directory. If the preferred mitigation will not work in your environment, please see KB5014754—Certificate-based authentication changes on Windows domain controllers for other possible mitigations in the SChannel registry key section. Note Any other mitigation except the preferred mitigations might lower or disable security hardening. This issue was addressed in out-of-band updates released May 19, 2022 for installation on all Domain Controllers in your environment, as well as all intermediary application servers such as Network Policy Servers (NPS), RADIUS, Certification Authority (CA), or web servers which passes the authentication certificate from the client being authenticated to the authenticating DC. If you used any workaround or mitigations for this issue, they are no longer needed, and we recommend you remove them. This includes the removal of the registry key (CertificateMappingMethods = 0x1F) documented in the SChannel registry key section of KB5014754. There is no action needed on the client side to resolve this authentication issue. To get the standalone package for these out-of-band updates, search for the KB number in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. Note The below updates are not available from Windows Update and will not install automatically. Cumulative updates: Windows Server 2022: KB5015013 Windows Server, version 20H2: KB5015020 Windows Server 2019: KB5015018 Windows Server 2016: KB5015019 Note You do not need to apply any previous update before installing these cumulative updates. If you have already installed updates released May 10, 2022, you do not need to uninstall the affected updates before installing any later updates including the updates listed above.
workaround
Jun 15, 2022
KB5013942
2022-05 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5013942) (CVE-2022-22713)
"After installing this update, you might receive an error code: 0xC002001B when attempting to install from the Microsoft Store. Some Microsoft Store apps might also fail to open. Affected Windows devices use a processor (CPU) which supports Control-flow Enforcement Technology (CET), such as such as 11th Gen and later Intel® Core™ Processors or later and certain AMD processors."
This issue was addressed in the out-of-band update KB5015020. It is a cumulative update, so you do not need to apply any previous update before installing it. To get the standalone package for KB5015020, search for it in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. Note KB5015020 is not available from Windows Update and will not install automatically.
workaround
May 11, 2022
KB5013942
2022-05 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5013942)
"Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire"
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business.
workaround
May 11, 2022
KB5013942
2022-05 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5013942)
"After installing the June 21, 2021 (KB5003690) update, some devices cannot install new updates, such as the July 6, 2021 (KB5004945) or later updates. You will receive the error message, "PSFX_E_MATCHING_BINARY_MISSING"."
For more information and a workaround, see KB5005322.
workaround
May 11, 2022
KB5013942
2022-05 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5013942)
"After installing the Windows updates released January 11, 2022 or later Windows versions on an affected version of Windows, recovery discs (CD or DVD) created by using the Backup and Restore (Windows 7) app in Control Panel might be unable to start. Recovery discs that were created by using the Backup and Restore (Windows 7) app on devices which have installed Windows updates released before January 11, 2022 are not affected by this issue and should start as expecte"
We are working on a resolution and will provide an update in an upcoming release.
workaround
May 11, 2022
KB5013942
2022-05 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5013942)
"We are receiving reports that the Snip & Sketch app might fail to capture a screenshot and might fail to open using the keyboard shortcut (Windows key+shift+S). This issue occurs after installing KB5010342 (February 8, 2022) and later updates."
We are presently investigating and will provide an update when more information is available.
workaround
Jun 15, 2022
KB5013942
2022-05 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5013942)
"After installing this update, Windows devices that use certain GPUs might cause apps to close unexpectedly or cause intermittent issues that affect some apps that use Direct3D 9. You might also receive an error in Event Log in Windows Logs/Applications, and the faulting module is d3d9on12.dll and the exception code is 0xc0000094."
This issue is addressed in KB5014023. If you cant install KB5014023, see the instructions below. This issue is addressed using Known Issue Rollback (KIR). Please note that it might take up to 24 hours for the KIR to propagate automatically to consumer devices and non-managed business devices. Restarting your Windows device might help the KIR apply to your device faster. For enterprise-managed, devices that have installed an affected update and encountered this issue can address it by installing and configuring the special Group Policy listed below. For information on deploying and configuring these special Group Policies, seeHow to use Group Policy to deploy a Known Issue Rollback. Group Policy download with Group Policy name: Download for Windows 10, version 2004, Windows 10, version 20H2, Windows 10, version 21H1, and Windows 10, version 21H2 - Group Policy name: KB5011831 220509_20051 Known Issue Rollback Important You must install and configure the Group Policy to address this issue. Please see, How to use Group Policy to deploy a Known Issue Rollback.
workaround
Jun 15, 2022
KB5013945
2022-05 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5013945)
"Updated May 27, 2022 After installing updates released May 10, 2022 on your domain controllers, you might see machine certificate authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). An issue has been found related to how the mapping of certificates to machine accounts is bei"
Updated May 27, 2022 The preferred mitigation for this issue is to manually map certificates to a machine account in Active Directory. For instructions, please see Certificate Mapping. Note The instructions are the same for mapping certificates to user or machine accounts in Active Directory. If the preferred mitigation will not work in your environment, please see KB5014754—Certificate-based authentication changes on Windows domain controllers for other possible mitigations in the SChannel registry key section. Note Any other mitigation except the preferred mitigations might lower or disable security hardening. This issue was addressed in out-of-band updates released May 19, 2022 for installation on all Domain Controllers in your environment, as well as all intermediary application servers such as Network Policy Servers (NPS), RADIUS, Certification Authority (CA), or web servers which passes the authentication certificate from the client being authenticated to the authenticating DC. If you used any workaround or mitigations for this issue, they are no longer needed, and we recommend you remove them. This includes the removal of the registry key (CertificateMappingMethods = 0x1F) documented in the SChannel registry key section of KB5014754. There is no action needed on the client side to resolve this authentication issue. To get the standalone package for these out-of-band updates, search for the KB number in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. Note The below updates are not available from Windows Update and will not install automatically. Cumulative updates: Windows Server 2022: KB5015013 Windows Server, version 20H2: KB5015020 Windows Server 2019: KB5015018 Windows Server 2016: KB5015019 Note You do not need to apply any previous update before installing these cumulative updates. If you have already installed updates released May 10, 2022, you do not need to uninstall the affected updates before installing any later updates including the updates listed above.
workaround
Jun 15, 2022
KB5015018
2022-05 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5015018)
"After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.""
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jun 15, 2022
KB5015018
2022-05 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5015018)
"After installing KB5001342 or later, the Cluster Service might fail to start because a Cluster Network Driver is not found."
This issue occurs because of an update to the PnP class drivers used by this service.  After about 20 minutes, you should be able to restart your device and not encounter this issue. For more information about the specific errors, cause, and workaround for this issue, please see KB5003571.
workaround
Jun 15, 2022
KB5015018
2022-05 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5015018)
"After installing the Windows updates released January 11, 2022 or later Windows versions on an affected version of Windows, recovery discs (CD or DVD) created by using the Backup and Restore (Windows 7) app in Control Panel might be unable to start. Recovery discs that were created by using the Backup and Restore (Windows 7) app on devices which have installed Windows updates released before January 11, 2022 are not affected by this issue and should start as expecte"
This issue is addressed in KB5014022.
workaround
Jun 15, 2022
KB5015018
2022-05 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5015018)
"Windows server computers might log Event ID 40 in the System event log each time a Group Policy is updated or refreshed on a server or client. The error is found with the Description, ”The event logging service encountered an error when attempting to apply one or more policy settings.” This issue occurs after installing Windows updates released on or after January 11, 2022. The gpupdate and Group Policy Object (GPO) refresh tasks will trigger this error when they ru"
This issue is addressed in KB5014022.
workaround
May 11, 2022
KB5013941
2022-05 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5013941)
"After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.""
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 11, 2022
KB5013941
2022-05 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5013941)
"After installing KB5001342 or later, the Cluster Service might fail to start because a Cluster Network Driver is not found."
This issue occurs because of an update to the PnP class drivers used by this service.  After about 20 minutes, you should be able to restart your device and not encounter this issue. For more information about the specific errors, cause, and workaround for this issue, please see KB5003571.
workaround
May 11, 2022
KB5013941
2022-05 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5013941)
"After installing updates released January 11, 2022 or later, apps that use the Microsoft .NET Framework to acquire or set Active Directory Forest Trust Information might have issues. The apps might fail or close or you might receive an error from the app or Windows. You might also receive an access violation (0xc0000005) error.  Note for developers Affected apps use the System.DirectoryServices API."
To resolve this issue manually, apply the out-of-band updates for the version of the .NET Framework used by the app. Note These out-of-band updates are not available from Windows Update and will not install automatically. To get the standalone package, search for the KB number for your version of Windows and .NET Framework in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog.  For instructions on how to install this update for your operating system, see the KB articles listed below: Windows Server 2022:  .NET Framework 4.8 KB5011258 Windows Server 2019:  .NET Framework 4.8 KB5011257 .NET Framework 4.7.2 KB5011259 Windows Server 2016:  .NET Framework 4.8 KB5011264 .NET Framework 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011329 Windows Server 2012 R2:  .NET Framework 4.8 KB5011266 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011263 .NET Framework 4.5.2 KB5011261 Windows Server 2012: .NET Framework 4.8 KB5011265 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011262 .NET Framework 4.5.2 KB5011260
workaround
May 11, 2022
KB5013941
2022-05 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5013941)
"After installing the Windows updates released January 11, 2022 or later Windows versions on an affected version of Windows, recovery discs (CD or DVD) created by using the Backup and Restore (Windows 7) app in Control Panel might be unable to start. Recovery discs that were created by using the Backup and Restore (Windows 7) app on devices which have installed Windows updates released before January 11, 2022 are not affected by this issue and should start as expecte"
We are working on a resolution and will provide an update in an upcoming release.
workaround
May 11, 2022
KB5013941
2022-05 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5013941)
"Windows server computers might log Event ID 40 in the System event log each time a Group Policy is updated or refreshed on a server or client. The error is found with the Description, ”The event logging service encountered an error when attempting to apply one or more policy settings.” This issue occurs after installing Windows updates released on or after January 11, 2022. The gpupdate and Group Policy Object (GPO) refresh tasks will trigger this error when they ru"
We are working on a resolution and will provide an update in an upcoming release.
workaround
Jun 15, 2022
KB5013941
2022-05 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5013941)
"Updated May 27, 2022 After installing updates released May 10, 2022 on your domain controllers, you might see machine certificate authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). An issue has been found related to how the mapping of certificates to machine accounts is bei"
Updated May 27, 2022 The preferred mitigation for this issue is to manually map certificates to a machine account in Active Directory. For instructions, please see Certificate Mapping. Note The instructions are the same for mapping certificates to user or machine accounts in Active Directory. If the preferred mitigation will not work in your environment, please see KB5014754—Certificate-based authentication changes on Windows domain controllers for other possible mitigations in the SChannel registry key section. Note Any other mitigation except the preferred mitigations might lower or disable security hardening. This issue was addressed in out-of-band updates released May 19, 2022 for installation on all Domain Controllers in your environment, as well as all intermediary application servers such as Network Policy Servers (NPS), RADIUS, Certification Authority (CA), or web servers which passes the authentication certificate from the client being authenticated to the authenticating DC. If you used any workaround or mitigations for this issue, they are no longer needed, and we recommend you remove them. This includes the removal of the registry key (CertificateMappingMethods = 0x1F) documented in the SChannel registry key section of KB5014754. There is no action needed on the client side to resolve this authentication issue. To get the standalone package for these out-of-band updates, search for the KB number in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. Note The below updates are not available from Windows Update and will not install automatically. Cumulative updates: Windows Server 2022: KB5015013 Windows Server, version 20H2: KB5015020 Windows Server 2019: KB5015018 Windows Server 2016: KB5015019 Note You do not need to apply any previous update before installing these cumulative updates. If you have already installed updates released May 10, 2022, you do not need to uninstall the affected updates before installing any later updates including the updates listed above.
workaround
May 11, 2022
KB5013952
2022-05 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5013952)
"After installing updates released January 11, 2022 or later, apps that use the Microsoft .NET Framework to acquire or set Active Directory Forest Trust Information might have issues. The apps might fail or close or you might receive an error from the app or Windows. You might also receive an access violation (0xc0000005) error.  Note for developers Affected apps use the System.DirectoryServices API."
To resolve this issue manually, apply the out-of-band updates for the version of the .NET Framework used by the app. Note These out-of-band updates are not available from Windows Update and will not install automatically. To get the standalone package, search for the KB number for your version of Windows and .NET Framework in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog.  For instructions on how to install this update for your operating system, see the KB articles listed below: Windows Server 2022:  .NET Framework 4.8 KB5011258 Windows Server 2019:  .NET Framework 4.8 KB5011257 .NET Framework 4.7.2 KB5011259 Windows Server 2016:  .NET Framework 4.8 KB5011264 .NET Framework 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011329 Windows Server 2012 R2:  .NET Framework 4.8 KB5011266 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011263 .NET Framework 4.5.2 KB5011261 Windows Server 2012: .NET Framework 4.8 KB5011265 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011262 .NET Framework 4.5.2 KB5011260
workaround
Jun 15, 2022
KB5013952
2022-05 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5013952)
"Updated May 27, 2022 After installing updates released May 10, 2022 on your domain controllers, you might see machine certificate authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). An issue has been found related to how the mapping of certificates to machine accounts is bei"
Updated May 27, 2022 The preferred mitigation for this issue is to manually map certificates to a machine account in Active Directory. For instructions, please see Certificate Mapping. Note The instructions are the same for mapping certificates to user or machine accounts in Active Directory. If the preferred mitigation will not work in your environment, please see KB5014754—Certificate-based authentication changes on Windows domain controllers for other possible mitigations in the SChannel registry key section. Note Any other mitigation except the preferred mitigations might lower or disable security hardening. This issue was addressed in out-of-band updates released May 19, 2022 for installation on all Domain Controllers in your environment, as well as all intermediary application servers such as Network Policy Servers (NPS), RADIUS, Certification Authority (CA), or web servers which passes the authentication certificate from the client being authenticated to the authenticating DC. If you used any workaround or mitigations for this issue, they are no longer needed, and we recommend you remove them. This includes the removal of the registry key (CertificateMappingMethods = 0x1F) documented in the SChannel registry key section of KB5014754. There is no action needed on the client side to resolve this authentication issue. To get the standalone package for these out-of-band updates, search for the KB number in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. Note The below updates are not available from Windows Update and will not install automatically. Cumulative updates: Windows Server 2022: KB5015013 Windows Server, version 20H2: KB5015020 Windows Server 2019: KB5015018 Windows Server 2016: KB5015019 Note You do not need to apply any previous update before installing these cumulative updates. If you have already installed updates released May 10, 2022, you do not need to uninstall the affected updates before installing any later updates including the updates listed above.
workaround
Jun 15, 2022
KB5013963
2022-05 Cumulative Update for Windows 10 Version 1507 for x64-based Systems (KB5013963)
"Updated May 27, 2022 After installing updates released May 10, 2022 on your domain controllers, you might see machine certificate authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). An issue has been found related to how the mapping of certificates to machine accounts is bei"
Updated May 27, 2022 The preferred mitigation for this issue is to manually map certificates to a machine account in Active Directory. For instructions, please see Certificate Mapping. Note The instructions are the same for mapping certificates to user or machine accounts in Active Directory. If the preferred mitigation will not work in your environment, please see KB5014754—Certificate-based authentication changes on Windows domain controllers for other possible mitigations in the SChannel registry key section. Note Any other mitigation except the preferred mitigations might lower or disable security hardening. This issue was addressed in out-of-band updates released May 19, 2022 for installation on all Domain Controllers in your environment, as well as all intermediary application servers such as Network Policy Servers (NPS), RADIUS, Certification Authority (CA), or web servers which passes the authentication certificate from the client being authenticated to the authenticating DC. If you used any workaround or mitigations for this issue, they are no longer needed, and we recommend you remove them. This includes the removal of the registry key (CertificateMappingMethods = 0x1F) documented in the SChannel registry key section of KB5014754. There is no action needed on the client side to resolve this authentication issue. To get the standalone package for these out-of-band updates, search for the KB number in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. Note The below updates are not available from Windows Update and will not install automatically. Cumulative updates: Windows Server 2022: KB5015013 Windows Server, version 20H2: KB5015020 Windows Server 2019: KB5015018 Windows Server 2016: KB5015019 Note You do not need to apply any previous update before installing these cumulative updates. If you have already installed updates released May 10, 2022, you do not need to uninstall the affected updates before installing any later updates including the updates listed above.
workaround
May 11, 2022
KB5013944
2022-05 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5013944)
"After installing updates released January 11, 2022 or later, apps that use the Microsoft .NET Framework to acquire or set Active Directory Forest Trust Information might have issues. The apps might fail or close or you might receive an error from the app or Windows. You might also receive an access violation (0xc0000005) error.  Note for developers Affected apps use the System.DirectoryServices API."
To resolve this issue manually, apply the out-of-band updates for the version of the .NET Framework used by the app. Note These out-of-band updates are not available from Windows Update and will not install automatically. To get the standalone package, search for the KB number for your version of Windows and .NET Framework in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog.  For instructions on how to install this update for your operating system, see the KB articles listed below: Windows Server 2022:  .NET Framework 4.8 KB5011258 Windows Server 2019:  .NET Framework 4.8 KB5011257 .NET Framework 4.7.2 KB5011259 Windows Server 2016:  .NET Framework 4.8 KB5011264 .NET Framework 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011329 Windows Server 2012 R2:  .NET Framework 4.8 KB5011266 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011263 .NET Framework 4.5.2 KB5011261 Windows Server 2012: .NET Framework 4.8 KB5011265 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011262 .NET Framework 4.5.2 KB5011260
workaround
Jun 15, 2022
KB5013944
2022-05 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5013944)
"Updated May 27, 2022 After installing updates released May 10, 2022 on your domain controllers, you might see machine certificate authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). An issue has been found related to how the mapping of certificates to machine accounts is bei"
Updated May 27, 2022 The preferred mitigation for this issue is to manually map certificates to a machine account in Active Directory. For instructions, please see Certificate Mapping. Note The instructions are the same for mapping certificates to user or machine accounts in Active Directory. If the preferred mitigation will not work in your environment, please see KB5014754—Certificate-based authentication changes on Windows domain controllers for other possible mitigations in the SChannel registry key section. Note Any other mitigation except the preferred mitigations might lower or disable security hardening. This issue was addressed in out-of-band updates released May 19, 2022 for installation on all Domain Controllers in your environment, as well as all intermediary application servers such as Network Policy Servers (NPS), RADIUS, Certification Authority (CA), or web servers which passes the authentication certificate from the client being authenticated to the authenticating DC. If you used any workaround or mitigations for this issue, they are no longer needed, and we recommend you remove them. This includes the removal of the registry key (CertificateMappingMethods = 0x1F) documented in the SChannel registry key section of KB5014754. There is no action needed on the client side to resolve this authentication issue. To get the standalone package for these out-of-band updates, search for the KB number in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. Note The below updates are not available from Windows Update and will not install automatically. Cumulative updates: Windows Server 2022: KB5015013 Windows Server, version 20H2: KB5015020 Windows Server 2019: KB5015018 Windows Server 2016: KB5015019 Note You do not need to apply any previous update before installing these cumulative updates. If you have already installed updates released May 10, 2022, you do not need to uninstall the affected updates before installing any later updates including the updates listed above.
workaround
Apr 13, 2022
KB5012639
2022-04 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5012639)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 13, 2022
KB5012639
2022-04 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5012639)
"After installing updates released January 11, 2022 or later updates, apps using Microsoft .NET Framework to acquire or set Active Directory Forest Trust Information might fail, close, or you might receive an error from the app or Windows. You might also receive an access violation (0xc0000005) error. Note for developers: Affected apps use the System.DirectoryServices API."
To resolve this issue manually, apply the out-of-band updates for the version of .NET Framework used by the app. Note These out-of-band updates are not available from Windows Update and will not install automatically. To get the standalone package, search for the KB number for your version of Windows and .NET Framework in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. For instructions on how to install this update for your operating system, see the KB articles listed below: Windows Server 2022:  .NET Framework 4.8 KB5011258 Windows Server 2019:  .NET Framework 4.8 KB5011257 .NET Framework 4.7.2 KB5011259 Windows Server 2016:  .NET Framework 4.8 KB5011264 .NET Framework 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011329 Windows Server 2012 R2:  .NET Framework 4.8 KB5011266 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011263 .NET Framework 4.5.2 KB5011261 Windows Server 2012: .NET Framework 4.8 KB5011265 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011262 .NET Framework 4.5.2 KB5011260
workaround
Apr 13, 2022
KB5012666
2022-04 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5012666)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 13, 2022
KB5012666
2022-04 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5012666)
"After installing updates released January 11, 2022 or later updates, apps using Microsoft .NET Framework to acquire or set Active Directory Forest Trust Information might fail, close, or you might receive an error from the app or Windows. You might also receive an access violation (0xc0000005) error. Note for developers: Affected apps use the System.DirectoryServices API."
To resolve this issue manually, apply the out-of-band updates for the version of .NET Framework used by the app. Note These out-of-band updates are not available from Windows Update and will not install automatically. To get the standalone package, search for the KB number for your version of Windows and .NET Framework in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. For instructions on how to install this update for your operating system, see the KB articles listed below: Windows Server 2022:  .NET Framework 4.8 KB5011258 Windows Server 2019:  .NET Framework 4.8 KB5011257 .NET Framework 4.7.2 KB5011259 Windows Server 2016:  .NET Framework 4.8 KB5011264 .NET Framework 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011329 Windows Server 2012 R2:  .NET Framework 4.8 KB5011266 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011263 .NET Framework 4.5.2 KB5011261 Windows Server 2012: .NET Framework 4.8 KB5011265 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011262 .NET Framework 4.5.2 KB5011260
workaround
Apr 13, 2022
KB5012649
2022-04 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5012649) (ESU)
"After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the How to get this update section of this article.
workaround
Apr 13, 2022
KB5012649
2022-04 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5012649) (ESU)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 13, 2022
KB5012632
2022-04 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5012632) (ESU)
"After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Apr 13, 2022
KB5012632
2022-04 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5012632) (ESU)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 13, 2022
KB5012670
2022-04 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5012670)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 13, 2022
KB5012670
2022-04 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5012670)
"After installing updates released January 11, 2022 or later updates, apps using Microsoft .NET Framework to acquire or set Active Directory Forest Trust Information might fail, close, or you might receive an error from the app or Windows. You might also receive an access violation (0xc0000005) error. Note for developers: Affected apps use the System.DirectoryServices API."
To resolve this issue manually, apply the out-of-band updates for the version of .NET Framework used by the app. Note These out-of-band updates are not available from Windows Update and will not install automatically. To get the standalone package, search for the KB number for your version of Windows and .NET Framework in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. For instructions on how to install this update for your operating system, see the KB articles listed below: Windows Server 2022:  .NET Framework 4.8 KB5011258 Windows Server 2019:  .NET Framework 4.8 KB5011257 .NET Framework 4.7.2 KB5011259 Windows Server 2016:  .NET Framework 4.8 KB5011264 .NET Framework 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011329 Windows Server 2012 R2:  .NET Framework 4.8 KB5011266 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011263 .NET Framework 4.5.2 KB5011261 Windows Server 2012: .NET Framework 4.8 KB5011265 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011262 .NET Framework 4.5.2 KB5011260
workaround
Apr 13, 2022
KB5012650
2022-04 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5012650)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 13, 2022
KB5012650
2022-04 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5012650)
"After installing updates released January 11, 2022 or later updates, apps using Microsoft .NET Framework to acquire or set Active Directory Forest Trust Information might fail, close, or you might receive an error from the app or Windows. You might also receive an access violation (0xc0000005) error. Note for developers: Affected apps use the System.DirectoryServices API."
To resolve this issue manually, apply the out-of-band updates for the version of .NET Framework used by the app. Note These out-of-band updates are not available from Windows Update and will not install automatically. To get the standalone package, search for the KB number for your version of Windows and .NET Framework in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. For instructions on how to install this update for your operating system, see the KB articles listed below: Windows Server 2022:  .NET Framework 4.8 KB5011258 Windows Server 2019:  .NET Framework 4.8 KB5011257 .NET Framework 4.7.2 KB5011259 Windows Server 2016:  .NET Framework 4.8 KB5011264 .NET Framework 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011329 Windows Server 2012 R2:  .NET Framework 4.8 KB5011266 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011263 .NET Framework 4.5.2 KB5011261 Windows Server 2012: .NET Framework 4.8 KB5011265 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011262 .NET Framework 4.5.2 KB5011260
workaround
Apr 13, 2022
KB5012626
2022-04 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5012626) (ESU)
"After installing this update and restarting your device, you might receive the error, "Failure to configure Windows updates. Reverting Changes. Do not turn off your computer", and the update might show as Failed in Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the How to get this update section of this article.
workaround
Apr 13, 2022
KB5012626
2022-04 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5012626) (ESU)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following:  Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. 
workaround
Apr 13, 2022
KB5012658
2022-04 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5012658) (ESU)
"After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History."
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Apr 13, 2022
KB5012658
2022-04 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5012658) (ESU)
"Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege."
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 11, 2022
KB5011831
2022-04 Cumulative Update Preview for Windows 10 Version 20H2 for x64-based Systems (KB5011831)
"Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire"
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business.
workaround
May 11, 2022
KB5011831
2022-04 Cumulative Update Preview for Windows 10 Version 20H2 for x64-based Systems (KB5011831)
"After installing the June 21, 2021 (KB5003690) update, some devices cannot install new updates, such as the July 6, 2021 (KB5004945) or later updates. You will receive the error message, "PSFX_E_MATCHING_BINARY_MISSING"."
For more information and a workaround, see KB5005322.
workaround
May 11, 2022
KB5011831
2022-04 Cumulative Update Preview for Windows 10 Version 20H2 for x64-based Systems (KB5011831)
"After installing the Windows updates released January 11, 2022 or later Windows versions on an affected version of Windows, recovery discs (CD or DVD) created by using the Backup and Restore (Windows 7) app in Control Panel might be unable to start. Recovery discs that were created by using the Backup and Restore (Windows 7) app on devices which have installed Windows updates released before January 11, 2022 are not affected by this issue and should start as expecte"
We are working on a resolution and will provide an update in an upcoming release.
workaround
May 11, 2022
KB5011831
2022-04 Cumulative Update Preview for Windows 10 Version 20H2 for x64-based Systems (KB5011831)
"We are receiving reports that the Snip & Sketch app might fail to capture a screenshot and might fail to open using the keyboard shortcut (Windows key+shift+S). This issue occurs after installing KB5010342 (February 8, 2022) and later updates."
We are presently investigating and will provide an update when more information is available.
workaround
Jun 15, 2022
KB5011831
2022-04 Cumulative Update Preview for Windows 10 Version 20H2 for x64-based Systems (KB5011831)
"After installing this update, Windows devices that use certain GPUs might cause apps to close unexpectedly or cause intermittent issues that affect some apps that use Direct3D 9. You might also receive an error in Event Log in Windows Logs/Applications, and the faulting module is d3d9on12.dll and the exception code is 0xc0000094."
This issue is addressed in KB5014023. If you cant install KB5014023, see the instructions below. This issue is addressed using Known Issue Rollback (KIR). Please note that it might take up to 24 hours for the KIR to propagate automatically to consumer devices and non-managed business devices. Restarting your Windows device might help the KIR apply to your device faster. For enterprise-managed, devices that have installed an affected update and encountered this issue can address it by installing and configuring the special Group Policy listed below. For information on deploying and configuring these special Group Policies, seeHow to use Group Policy to deploy a Known Issue Rollback. Group Policy download with Group Policy name: Download for Windows 10, version 2004, Windows 10, version 20H2, Windows 10, version 21H1, and Windows 10, version 21H2 - Group Policy name: KB5011831 220509_20051 Known Issue Rollback Important You must install and configure the Group Policy to address this issue. Please see, How to use Group Policy to deploy a Known Issue Rollback.
workaround
Jun 15, 2022
KB5011831
2022-04 Cumulative Update Preview for Windows 10 Version 20H2 for x64-based Systems (KB5011831)
"After installing this update, you might receive an error code: 0xC002001B when attempting to install from the Microsoft Store. Some Microsoft Store apps might also fail to open. Affected Windows devices use a processor (CPU) which supports Control-flow Enforcement Technology (CET), such as such as 11th Gen and later Intel® Core™ Processors or later and certain AMD processors."
This issue was addressed in the out-of-band update KB5015020. It is a cumulative update, so you do not need to apply any previous update before installing it. To get the standalone package for KB5015020, search for it in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. Note KB5015020 is not available from Windows Update and will not install automatically.
workaround
May 11, 2022
KB5012636
2022-04 Cumulative Update Preview for Windows 10 Version 1809 for x64-based Systems (KB5012636)
"After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.""
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 11, 2022
KB5012636
2022-04 Cumulative Update Preview for Windows 10 Version 1809 for x64-based Systems (KB5012636)
"After installing KB5001342 or later, the Cluster Service might fail to start because a Cluster Network Driver is not found."
This issue occurs because of an update to the PnP class drivers used by this service.  After about 20 minutes, you should be able to restart your device and not encounter this issue. For more information about the specific errors, cause, and workaround for this issue, please see KB5003571.
workaround
May 11, 2022
KB5012636
2022-04 Cumulative Update Preview for Windows 10 Version 1809 for x64-based Systems (KB5012636)
"After installing updates released January 11, 2022 or later, apps that use the Microsoft .NET Framework to acquire or set Active Directory Forest Trust Information might have issues. The apps might fail or close or you might receive an error from the app or Windows. You might also receive an access violation (0xc0000005) error.  Note for developers Affected apps use the System.DirectoryServices API."
To resolve this issue manually, apply the out-of-band updates for the version of the .NET Framework used by the app. Note These out-of-band updates are not available from Windows Update and will not install automatically. To get the standalone package, search for the KB number for your version of Windows and .NET Framework in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog.  For instructions on how to install this update for your operating system, see the KB articles listed below: Windows Server 2022:  .NET Framework 4.8 KB5011258 Windows Server 2019:  .NET Framework 4.8 KB5011257 .NET Framework 4.7.2 KB5011259 Windows Server 2016:  .NET Framework 4.8 KB5011264 .NET Framework 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011329 Windows Server 2012 R2:  .NET Framework 4.8 KB5011266 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011263 .NET Framework 4.5.2 KB5011261 Windows Server 2012: .NET Framework 4.8 KB5011265 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011262 .NET Framework 4.5.2 KB5011260
workaround
May 11, 2022
KB5012636
2022-04 Cumulative Update Preview for Windows 10 Version 1809 for x64-based Systems (KB5012636)
"After installing the Windows updates released January 11, 2022 or later Windows versions on an affected version of Windows, recovery discs (CD or DVD) created by using the Backup and Restore (Windows 7) app in Control Panel might be unable to start. Recovery discs that were created by using the Backup and Restore (Windows 7) app on devices which have installed Windows updates released before January 11, 2022 are not affected by this issue and should start as expecte"
We are working on a resolution and will provide an update in an upcoming release.
workaround
May 11, 2022
KB5012636
2022-04 Cumulative Update Preview for Windows 10 Version 1809 for x64-based Systems (KB5012636)
"Windows server computers might log Event ID 40 in the System event log each time a Group Policy is updated or refreshed on a server or client. The error is found with the Description, ”The event logging service encountered an error when attempting to apply one or more policy settings.” This issue occurs after installing Windows updates released on or after January 11, 2022. The gpupdate and Group Policy Object (GPO) refresh tasks will trigger this error when they ru"
We are working on a resolution and will provide an update in an upcoming release.
workaround
May 11, 2022
KB5012637
2022-04 Cumulative Update Preview for Microsoft server operating system version 21H2 for x64-based Systems (KB5012637)
"After installing updates released January 11, 2022 or later, apps that use the Microsoft .NET Framework to acquire or set Active Directory Forest Trust Information might have issues. The apps might fail or close or you might receive an error from the app or Windows. You might also receive an access violation (0xc0000005) error.  Note for developers Affected apps use the System.DirectoryServices API."
To resolve this issue manually, apply the out-of-band updates for the version of the .NET Framework used by the app. Note These out-of-band updates are not available from Windows Update and will not install automatically. To get the standalone package, search for the KB number for your version of Windows and .NET Framework in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog.  For instructions on how to install this update for your operating system, see the KB articles listed below: Windows Server 2022:  .NET Framework 4.8 KB5011258 Windows Server 2019:  .NET Framework 4.8 KB5011257 .NET Framework 4.7.2 KB5011259 Windows Server 2016:  .NET Framework 4.8 KB5011264 .NET Framework 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011329 Windows Server 2012 R2:  .NET Framework 4.8 KB5011266 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011263 .NET Framework 4.5.2 KB5011261 Windows Server 2012: .NET Framework 4.8 KB5011265 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 or 4.7.2 KB5011262 .NET Framework 4.5.2 KB5011260
workaround
May 11, 2022
KB5012599
2022-04 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5012599) (CVE-2022-26904) (CVE-2022-24521)
"We are receiving reports that the Snip & Sketch app might fail to capture a screenshot and might fail to open using the keyboard shortcut (Windows key+shift+S). This issue occurs after installing KB5010342 (February 8, 2022) and later updates."
We are presently investigating and will provide an update when more information is available.

Disclaimer:This webpage is intended to provide you information about patch announcement for certain specific software products. The information is provided "As Is" without warranty of any kind. The links provided point to pages on the vendors websites. You can get more information by clicking the links to visit the relevant pages on the vendors website.