The launch of a major Windows 10 update isn’t the end of a process — it’s really just the beginning. As soon as one of Microsoft’s feature updates (such as Windows 10 version 22H2) is released, the company quickly gets to work on improving it by fixing bugs, releasing security patches, and occasionally adding new features.
In this story we summarize what you need to know about each update released to the public for the most recent versions of Windows 10 — versions 22H2 and 21H2. (Microsoft releases updates for those two versions together.) For each build, we’ve included the date of its initial release and a link to Microsoft’s announcement about it. The most recent updates appear first.
For details about how to install and manage Windows updates, see “How to handle Windows 10 and 11 updates.” If you’re looking for information about Insider Program previews for upcoming feature releases of Windows 10, see “Windows 10 Insider Previews: A guide to the builds.”
Updates to Windows 10 versions 21H2 and 22H2
KB5032189 (OS Builds 19044.3693 and 19045.3693)
Release date: December 12, 2023
This build has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and December 2023 Security Updates.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There is one known issue in this build, which affects ID admins, in which using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in MDM apps might incorrectly show a 65000 error in the "Require Device Encryption" setting for some devices in your environment. To mitigate the issue in Intune, you can set the “Enforce drive encryption type on operating system drives” or "Enforce drive encryption on fixed drives" policies to not configured.
(Get more info about KB5033372.)
Windows 10 22H2 KB5032278 (OS Build 19045.3758) Preview
Release date: November 30, 2023
The update adds the Copilot in Windows (in preview) button to the right side of the taskbar. This only applies to devices that run Home or Pro editions (non-managed business devices). When you select it, the AI-powered Copilot in Windows appears at the right on your screen. It will not overlap with desktop content or block open app windows. The update also adds Windows Update opt-in notifications to the screen when you sign in.
The update also fixes a variety of bugs, including one that affected non-admin processes. It also fixes a leak in volatile notifications, which might have stopped you from signing into your computer.
There is one known issue in this build that applies to IT admins, in which using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the "Require Device Encryption" setting for some devices in your environment.
(Get more info about Windows 10 22H2 KB5032278 Preview.)
KB5032189 (OS Builds 19044.3693 and 19045.3693)
Release date: November 14, 2023
This build has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and November 2023 Security Updates.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There is one known issue in this build that affects ID admins, in which using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in MDM apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment. To mitigate the issue in Microsoft Intune, you can set the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies to not configured.
(Get more info about KB5032189.)
KB5031445 (OS Build 19045.3636) Preview
Release date: October 26, 2023
The update fixes a variety of bugs, including one in which touchscreens did not work properly when you used more than one display, and another in which there was a memory leak in ctfmon.exe.
There is one known issue in this build, which applies to IT admins, in which using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the "Require Device Encryption" setting for some devices in your environment.
(Get more info about KB5031445 Preview.)
KB5031356 (OS Builds 19044.3570 and 19045.3570)
Release date: October 10, 2023
This build has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and October 2023 Security Updates.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
(Get more info about KB5031356.)
KB5030300 (OS Build 19045.3516) Preview
Release date: September 26, 2023
This update brings back a search box design for accessing apps, files, settings, and more from Windows and the web. If you have a top, bottom, regular, or small icons taskbar, the search box appears.
The build also fixes a variety of bugs, including one in which Microsoft Defender stopped some USB printers from printing, and another in which in Windows Defender Application Control (WDAC) AppID Tagging policies could have greatly increased device startup time.
(Get more info about KB5030300 Preview.)
KB5030211 (OS Builds 19044.3448 and 19045.3448)
Release date: September 12, 2023
This build fixes a bug that affected authentication in which using a smart card to join or rejoin a computer to an Active Directory domain could have failed.
The build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and September 2023 Security Updates.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
(Get more info about KB5030211.)
KB5029331 (OS Build 19045.3393) Preview
Release date: August 22, 2023
This update improves how Windows detects your location to help give you better weather, news, and traffic information. It also expands the rollout of notification badging for Microsoft accounts on the Start menu, which gives you quick access to important account-related notifications. In addition, it adds Windows Backup to your device.
The update also fixes a wide variety of bugs, including one in which print jobs sent to a virtual print queue failed without an error, and another in which Remote Desktop (RD) sessions disconnected when multiple apps were in use.
There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5029331 Preview.)
KB5029244 (OS Builds 19044.3324 and 19045.3324)
Release date: August 8, 2023
This build has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and August 2023 Security Updates.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5029244.)
KB5028244 (OS Build 19045.3271) Preview
Release date: July 25, 2023
This update fixes a wide variety of bugs, including one in which Timeout Detection and Recovery (TDR) errors might have occurred when you played a game, another in which some display and audio devices were missing when your system resumed from sleep, and another in which some VPN clients could not establish connections.
There is one issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5028244 Preview.)
KB5028166 (OS Builds 19044.3208 and 19045.3208)
Release date: July 11, 2023
This build has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and July 2023 Security Updates.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5028166.)
KB5027293 (OS Build 19045.3155) Preview
Release date: June 27, 2023
This update adds new features and improvements to Microsoft Defender for Endpoint. For more information, see Microsoft Defender for Endpoint. It also lets you authenticate across Microsoft clouds. This feature also satisfies Conditional Access checks if they are needed.
A variety of bugs have been fixed, including one in which scheduled monthly tasks might not have run on time if the next occurrence happened when daylight savings time occured, and another in which all the registry settings under the Policies paths could have been deleted when you did not rename the local temporary user policy file during Group Policy processing.
There is one known issue in this update, in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5027293 Preview.)
KB5027215 (OS Builds 19044.3086 and 19045.3086)
Release date: June 13, 2023
This build has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and June 2023 Security Updates.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5027215.)
KB5026435 (OS Build 19045.3031) Preview
Release date: May 23, 2023
This update revamps the search box; Microsoft claims it will let you “easily access apps, files, settings, and more from Windows and the web. You will also have access to the latest search updates, such as search highlights.” If you don’t like the design, you can revert to the existing search box via taskbar context menu or by responding to a dialog that appears when you use search.
A variety of bugs have been fixed, including one that did not let you access the Server Message Block (SMB) shared folder and another in which the Windows Firewall dropped all connections to the IP address of a captive portal when you chose the Captive Portal Addresses option.
There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5026435 Preview.)
Updates to Windows 10 versions 20H2, 21H1, 21H2, and 22H2
KB5026361 (OS Builds 19042.2965, 19044.2965, and 19045.2965)
Release date: May 9, 2023
The update fixes a race condition in the Windows Local Administrator Password Solution (LAPS) in which the Local Security Authority Subsystem Service (LSASS) stopped responding when the system processed multiple local account operations at the same time.
This build also includes the quality updates from the April 25 KB5025297 Preview (detailed below), along with a wide variety of security updates. For details, see Microsoft’s Security Update Guide and May 2023 Security Updates.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5026361.)
KB5025297 (OS Build 19045.2913) Preview
Release date: April 25, 2023
This update adds the ability to sync language and region settings when you change your Microsoft account display language or regional format. Windows saves those settings to your account if you have turned on Language preferences sync in your Windows backup settings. It also lets you configure application group rules for firewall settings.
A variety of bugs have been fixed, including one that stopped mobile device management (MDM) customers from printing, and another in which the Tab Window Manager stopped responding in IE mode.
There is one known issue in this update: devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5025297 Preview.)
KB5025221 (OS Builds 19042.2846, 19044.2846, and 19045.2846)
Release date: April 11, 2023
This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and April 2023 Security Updates.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5025221.)
KB5023773 (OS Builds 19042.2788, 19044.2788, and 19045.2788) Preview
Release date: March 21, 2023
This build fixes a variety of bugs, including one in which Windows classifies USB printers as multimedia devices even though they are not, and another in which lsass.exe might stop responding when it sends a Lightweight Directory Access Protocol (LDAP) query to a domain controller that has a very large LDAP filter.
There is one known issue in this update, in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5023773 Preview.)
KB5023696 (OS Builds 19042.2728, 19044.2728, and 19045.2728)
Release date: March 14, 2023
This build implements phase three of Distributed Component Object Model (DCOM) hardening. After you install this update, you cannot turn off the changes using the registry key. See KB5004442 for details. It also fixes a bug in which joining an Active Directory domain failed when you reused an existing computer account. See KB5020276 for details.
It also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and March 2023 Security Updates.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5023696.)
KB5022906 (OS Builds 19042.2673, 19044.2673, and 19045.2673) Preview
Release date: February 21, 2023
In this build, informational links open faster when you use Windows Spotlight on the lock screen. Several bugs were also fixed, including one that that stopped hyperlinks from working in Microsoft Excel, and another in IE mode in which the text on the status bar was not always visible.
There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5022906 Preview.)
KB5022834 (OS Builds 19042.2604, 19044.2604, and 19045.2604)
Release date: February 14, 2023
This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and February 2023 Security Updates.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There is one known issue in this update, in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5022834.)
KB5019275 (OS Builds 19042.2546, 19044.2546, and 19045.2546) Preview
Release date: January 19, 2023
This build displays storage alerts for Microsoft OneDrive subscribers on the Systems page in the Settings app. Alerts appear when you are close to your storage limit. You can also manage your storage and purchase additional storage.
The build also fixes a number of bugs, including one that affected searchindexer.exe and randomly stopped you from signing in or signing out.
There is one known issue in this update, in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5019275 Preview.)
KB5022282 (OS Builds 19042.2486, 19044.2486, and 19045.2486)
Release date: January 10, 2023
This build fixes Local Session Manager (LSM) bugs that allowed users who did not have admin rights to perform admin actions.
It also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and January 2023 Security Updates. It also fixes a bug in the Camera app, which stopped responding when memory is low.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There is one known issue in this update, in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5022282.)
KB5021233 (OS Builds 19042.2364, 19043.2364, 19044.2364, and 19045.2364)
Release date: December 13, 2022
This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the December 2022 Security Updates. It also fixes a bug in the Camera app, which stopped responding when memory was low.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There is one known issue in this update, in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5019959.)
KB5020030 (OS Builds 19042.2311, 19043.2311, 19044.2311, and 19045.2311) Preview
Release date: November 15, 2022
In this build, the search box now appears, by default, on the taskbar when the taskbar is at the top of your screen or when you turn on small taskbar button mode. In addition, Cortana is no longer pre-pinned to your taskbar by default.
The build also fixes a variety of bugs, including one in which print outputs were misaligned on some printers and another in Microsoft Defender for Endpoint in which automated investigation blocked live response investigations. The build also addresses some persistent update failures for the Microsoft Store.
There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed, but not automatically replaced by the new Microsoft Edge. In another bug, after installing this update, the audio on some Windows devices might not work.
(Get more info about KB5020030 Preview.)
KB5019959 (OS Builds 19042.2251, 19043.2251, 19044.2251, and 19045.2251)
Release date: November 8, 2022
This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5019959.)
KB5020953 (OS Builds 19042.2194, 19043.2194, 19044.2194, and 19045.2194)
Release date: October 28, 2022
This build fixes a single bug that caused Microsoft OneDrive to stop working. It happened after you unlinked your device, stopped syncing, or signed out of your account.
This build has one known issue, in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5020953.)
Windows 10 2022 Update (version 22H2)
Release date: October 18, 2022
The Windows 10 2022 Update is, in Microsoft’s words, “a scoped release focused on quality improvements to the overall Windows experience in existing feature areas such as quality, productivity and security.” In other words, there’s not much new here, although Computerworld blogger Susan Bradley did uncover a handful of new group policies in the release.
Home and Pro editions of the 2022 Update will receive 18 months of servicing, and Enterprise and Education editions will have 30 months of servicing.
To install the update, go to Settings > Update & Security > Windows Update and select Check for updates. If the update appears, select Download to install it.
(Get more info about the Windows 10 2022 Update.)
Updates to Windows 10 versions 20H2, 21H1, and 21H2
KB5018482 (OS Builds 19042.2193, 19043.2193, and 19044.2193)
Release date: October 25, 2022
This build fixes a variety of bugs, including one that that caused an OS upgrade to stop responding, and then fail, and another in Microsoft Direct3D 9 games in which the graphics hardware stopped working if it didn’t have a native Direct3D 9 driver.
This build has one known issue, in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5018482.)
KB5020435 (OS Builds 19042.2132, 19043.2132, and 19044.2132)
Release date: October 17, 2022
This build fixes an issue that affected some types of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) connections, in which there were handshake failures. For developers, the affected connections are likely to receive one or more records followed by a partial record with a size of less than 5 bytes within a single input buffer. If the connection fails, your app will receive the error, “SEC_E_ILLEGAL_MESSAGE”.
This build has two known issues, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5020435 (OS Builds 19042.2132, 19043.2132, and 19044.2132)
KB5018410 (OS Builds 19042.2130, 19043.2130, and 19044.2130)
Release date: October 11, 2022
This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and October 2022 Security Updates.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There are two known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5018410.)
KB5017380 (OS Builds 19042.2075, 19043.2075, and 19044.2075) Preview
Release date: September 20, 2022
This build lets you search for the controls for news and interests on the taskbar and modify them using the Settings app. To change your settings, navigate to Settings > Personalization > Taskbar > News and interests. You can also right-click the taskbar and select Taskbar settings.
The build also fixes a variety of bugs, including one that required you to reinstall an app if you didn’t get the app from the Microsoft Store. This occurs after you upgrade to Windows 10. It also fixes a bug that forced the IE mode tabs in a session to reload.
There are three known issues in this update, including one which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed, but not automatically replaced by the new Microsoft Edge. In another bug, after installing this update, the audio on some Windows devices might not work.
(Get more info about KB5017380 Preview.)
KB5017308 (OS Builds 19042.2006, 19043.2006, and 19044.2006)
Release date: September 13, 2022
This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5017308.)
KB5016688 (OS Builds 19042.1949, 19043.1949, and 19044.1949) Preview
Release date: August 26, 2022
This build fixes a variety of bugs, including one in which Microsoft Edge stopped responding when you use IE mode. This issue also prevented you from interacting with a dialog. It also fixes a bug that caused error 0x1E when a device was shut down or restarted.
There are three known issues in this update, including one which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed, but not automatically replaced by the new Microsoft Edge. In another bug, after installing this update, the audio on some Windows devices might not work.
(Get more info about KB5016688 Preview.)
KB5016616 (OS Builds 19042.1889, 19043.1889, and 19044.1889)
Release date: August 9, 2022
This build fixes several bugs, including one that can prevent the Input Indicator and Language Bar from displaying in the notification area. This issue affects devices that have more than one language installed.
It also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5016616.)
KB5015878 (OS Builds 19042.1865, 19043.1865, and 19044.1865) Preview
Release date: July 26, 2022
This build lets you receive urgent notifications when focus assist is on and restores functionality for Windows Autopilot deployment scenarios that are affected by the security mitigation for hardware reuse. It also fixes a variety of bugs, including one that prevented troubleshooters from opening, one that caused certain docking stations to lose internet connectivity when waking from Sleep mode, and one that improves the reliability of a push-button reset after an OS upgrade.
There are three known issues in this update, including one which IE mode tabs in Microsoft Edge might stop responding when a site displays a modal dialog box. In another issue, after installing this update, some devices might be unable to open the Start menu. On affected devices, clicking or selecting the Start button or using the Windows key on your keyboard might have no effect. In the final issue, devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5015878 Preview.)
KB5015807 (OS Builds 19042.1826, 19043.1826, and 19044.1826)
Date: July 12, 2022
This build addresses an issue that redirects the PowerShell command output so that transcript logs do not contain any output of the command. That means the decrypted password is lost. The build also includes improvements made in the KB5014666 update.
This build has three known issues, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5015807.)
KB5014666 (OS Builds 19042.1806, 19043.1806, and 19044.1806) Preview
Release Date: June 28, 2022
This build adds IP address auditing for incoming Windows Remote Management (WinRM) connections in security event 4262 and WinRM event 91. This addresses an issue that fails to log the source IP address and machine name for a remote PowerShell connection. The build also includes several new Print and Scan features.
The build also fixes a number of bugs, including one that prevented the Snip & Sketch app from capturing a screenshot or from opening using the keyboard shortcut (Windows logo key + Shift + S).
This build has three known issues, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5014666 Preview.)
KB5016139 (OS Builds 19042.1767, 19043.1767, and 19044.1767)
Release date: June 20, 2022
This out-of-band build, which is only available for Windows devices that use Arm processors, fixes a bug that prevented Windows Arm-based devices from signing in using Azure Active Directory (AAD). Apps and services that use AAD to sign in, such as VPN connections, Microsoft Teams, and Microsoft Outlook, might also be affected.
This build has four known issues, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. In another, Windows devices might be unable use the Wi-Fi hotspot feature. When attempting to use the hotspot feature, the host device might lose the connection to the internet after a client device connects.
(Get more info about KB5016139.)
KB5014699 (OS Builds 19042.1766, 19043.1766, and 19044.1766)
Release date: June 14, 2022
This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5014699.)
KB5014023 (OS Builds 19042.1741, 19043.1741, and 19044.1741) Preview
Release date: June 2, 2022
This build fixes several bugs, including one that prevented Excel or Outlook from opening, one that slowed down file copying, and one that prevented internet shortcuts from updating.
There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info KB5014023 Preview.)
KB5015020 (OS Build 19042.1708)
Release date: May 19, 2022
This out-of-band build fixes two bugs: one that could cause authentication failures for some services on a server or client after you install the May 10, 2022 update on domain controllers, and another that could prevent the installation of Microsoft Store apps when you enable Control-flow Enforcement.
There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5015020.)
KB5013942 (OS Builds 19042.1706, 19043.1706, and 19044.1706)
Release date: May 10, 2022
This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the May 2022 Security Updates notes.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5013942).
KB5011831 (OS Builds 19042.1682, 19043.1682, and 19044.1682) Preview
Release date: April 25, 2022
This build fixes a wide variety of bugs, including one that caused a remote desktop session to close or a reconnection to stop responding while waiting on the accessibility shortcut handler (sethc.exe), another that that displayed a black screen for some users when they sign in or sign out, and another that prevented you from changing a password that has expired when you sign in to a Windows device.
(Get more info about KB5011831 Preview.)
KB5012599 (OS Builds 19042.1645, 19043.1645, and 19044.1645)
Release date: April 12, 2022
This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the April 2022 Security Updates notes.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5012599.)
KB5011543 (OS Builds 19042.1620, 19043.1620, and 19044.1620) Preview
Release date: March 22, 2022
This build introduces Search highlights, which display notable moments about each day, including holidays, anniversaries, and other events globally and in your region. To see more details at a glance, hover or click on the illustration in the search box.
There are also a variety of small new features, including a new policy that expands an app’s top three notifications by default in the Action Center for apps that send Windows notifications. It displays multiple notifications that you can interact with simultaneously.
In addition, there are a wide variety of bug fixes, including for a bug that stopped Microsoft Outlook’s offline search from returning recent emails, and another that prevented the User Account Control (UAC) dialog from correctly showing the application that is requesting elevated privileges.
There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5011543 Preview.)
KB5011487 (OS Builds 19042.1586, 19043.1586, and 19044.1586)
Release date: March 8, 2022
This build fixes a bug that occurs when you attempt to reset a Windows device and its apps have folders that contain reparse data, such as Microsoft OneDrive or OneDrive for Business. When you select Remove everything, files that have been downloaded or synced locally from Microsoft OneDrive might not be deleted.
It also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the March 2022 Security Updates notes.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5011487.)
KB5010415 (OS Builds 19042.1566, 19043.1566, and 19044.1566) Preview
Release date: February 15, 2022
The build lets you share cookies between Microsoft Edge Internet Explorer mode and Microsoft Edge, and adds support for hot adding and the removal of non-volatile memory (NVMe) namespaces.
It also fixes a wide variety of bugs, including one that affected the Windows search service and occurred when you queried using the proximity operator, and one that caused the Remote Desktop Service (RDS) server to become unstable when the number of signed in users exceeds 100. This prevented you from accessing published applications using RDS on Windows Server 2019.
There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5010415 Preview.)
KB5010342 (OS Builds 19042.1526, 19043.1526, and 19044.1526)
Release date: February 8, 2022
The build fixes a bug that causes a Lightweight Directory Access Protocol (LDAP) modify operation to fail if the operation contains the SamAccountName and UserAccountControl attribute. It also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the February 2022 Security Updates notes.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5010342.)
KB5009596 (OS Builds 19042.1503, 19043.1503, and 19044.1503) Preview
Release date: January 25, 2022
The build fixes a variety of bugs, including one that stops printing or prints the wrong output when you print using USB on Windows 10 version 2004 or later, and another that causes functioning Bluetooth devices to stop working when you attempt to connect to a non-functioning Bluetooth device. It also adds a reminder to Internet Explorer 11 that notifies you about its upcoming retirement.
There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5009596.)
KB5010793 (OS Builds 19042.1469, 19043.1469, and 19044.1469)
Release date: January 17, 2022
This out-of-band build fixes several bugs, including one that caused IP Security (IPSEC) connections that contain a Vendor ID to fail. VPN connections using Layer 2 Tunneling Protocol (L2TP) or IP security Internet Key Exchange (IPSEC IKE) could have also been affected. It also fixed a bug that could cause Windows Servers to restart unexpectedly after installing the January 11, 2022 update on domain controllers (DCs).
There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5010793.)
KB5009543 (OS Builds 19042.1466, 19043.1466, and 19044.1466)
Release date: January 11, 2022
The build fixes a bug in the Japanese Input Method Editors (IME) and includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the January 2022 Security Update notes.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5009543.)
Updates to Windows 10 versions 2004, 20H2, 21H1, and 21H2
KB5008212 (OS Builds 19041.1415, 19042.1415, 19043.1415, and 19044.1415)
Release date: December 14, 2021
The build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the December 2021 Security Update notes.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5008212.)
KB5007253 (OS Builds 19041.1387, 19042.1387, 19043.1387, and 19044.1387) Preview
Release date: November 22, 2021
This optional update can be downloaded from the Microsoft Update Catalog or by going to Settings > Update & Security > Windows Update > Optional updates available.
The build fixes a variety of bugs, including one that caused the 32-bit version of Microsoft Excel to stop working on certain devices when you exported to PDF, and another that caused the Settings page to unexpectedly close after you uninstalled a font.
There are several known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5007253 Preview.)
Windows 10 November 2021 Update (version 21H2)
Release date: November 16, 2021
Version 21H2, called the Windows 10 November 2021 Update, is the second feature update to Windows 10 released in 2021. Here’s a quick summary of what’s new:
- Wi-Fi security has been enhanced with WPA3 H2E standards support.
- GPU compute support has been added in the Windows Subsystem for Linux (WSL) and Azure IoT Edge for Linux on Windows (EFLOW) deployments for machine learning and other compute-intensive workflows.
There are also a number of features designed for IT and business:
- Windows Hello for Business has a new deployment method called cloud trust that simplifies passwordless deployments.
- For increased security, there have been changes to the Universal Windows Platform (UWP) VPN APIs, which includes the ability to implement common web-based authentication schemes and to reuse existing protocols.
- Apps can now be provisioned from Azure Virtual Desktop. This allows those apps to run just like local apps, including the ability to copy and paste between remote and local apps.
- The release closes the gap between Group Policy and mobile device management (MDM) settings. The device configuration settings catalog has been updated to list more than 1,400 settings previously not available for configuration via MDM. The new MDM policies include administrative template (ADMX) policies, such as App Compat, Event Forwarding, Servicing, and Task Scheduler.
- An upgrade to Windows 10 Enterprise includes Universal Print, which now supports print jobs of up to 1GB or a series of print jobs from an individual user that add up to 1GB within any 15-minute period.
- Universal Print integrates with OneDrive for web and Excel for web. This allows users of any browser or device connected to the internet to print documents hosted in OneDrive for web to a printer in their organization without installing printer drivers on their devices.
Microsoft has also announced that starting with this release, Windows 10 will get feature updates only once a year.
Updates to Windows 10 versions 2004, 20H2, and 21H1
KB5007186 (OS Builds 19041.1348, 19042.1348, and 19043.1348)
Release date: November 9, 2021
This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. The build also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the November 2021 Security Update notes.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5007186.)
KB5006738 (OS Builds 19041.1320, 19042.1320, and 19043.1320)
Release date: October 26, 2021
This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. It also fixes a wide variety of bugs, including one that prevented subtitles from displaying for some video apps and streaming video sites, and another that sometimes caused lock screen backgrounds to appear black if they were set up to have a slideshow of pictures as the lock screen background.
There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5006738.)
KB5006670 (OS Builds 19041.1288, 19042.1288, and 19043.1288)
Release date: October 12, 2021
This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. It also fixes a bug that prevented some applications, such as Microsoft Office and Adobe Reader, from opening or caused them to stop responding.
The build also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the October 2021 Security Update notes.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There are two known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5006670.)
KB5005611 (OS Builds 19041.1266, 19042.1266, and 19043.1266) Preview
Release date: September 30, 2021
This build fixes a small number of bugs, including one in which applications such as Microsoft Outlook suddenly stopped working during normal use, and another that caused blurry News and Interests icons with certain screen resolutions.
(Get more info about KB5005611.)
KB5005565 (OS Builds 19041.1237, 19042.1237, and 19043.1237)
Release date: September 14, 2021
This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. It also fixes a bug that caused PowerShell to create an infinite number of child directories. The issue occurred when you used the PowerShell Move-Item command to move a directory to one of its children. As a result, the volume filled up and the system stopped responding.
The build also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There are two known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5005565.)
KB5005101 (OS Builds 19041.1202, 19042.1202, and 19043.1202)
Release date: September 1, 2021
This build fixes a wide variety of bugs, including one that reset syncing for Microsoft OneDrive to “Known folders only” after you installed a Windows update, and another in which flickering and residual line artifacts appeared when resizing images.
The build also includes more than 1,400 new mobile device management (MDM) policies. With them, you can configure policies that Group Policies also support. These new MDM policies include administrative template (ADMX) policies, such as App Compat, Event Forwarding, Servicing, and Task Scheduler. Starting in September 2021, you can use the Microsoft Endpoint Manager (MEM) Settings Catalog to configure these new MDM policies.
There are several known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5005101.)
KB5005033 (OS Builds 19041.1165, 19042.1165, and 19043.1165)
Release date: August 10, 2021
This build changes the default privilege requirement for installing drivers when using Point and Print. After installing this update, you must have administrative privileges to install drivers. See KB5005652, Point and Print Default Behavior Change, and CVE-2021-34481 for more information. The build also makes quality improvements to the servicing stack, which is the component that installs Windows updates.
The build also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There are several known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5005033.)
KB5004296 (OS Builds 19041.1151, 19042.1151, and 19043.1151)
Release date: July 29, 2021
This build fixes a wide variety of bugs, including one that caused the File Explorer window to lose focus when mapping a network drive, another that failed to detect internet connectivity when connected to a VPN, and another that caused System Integrity to leak memory.
There are several known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5004296.)
KB5004237 (OS Builds 19041.1110, 19042.1110, and 19043.1110)
Release date: July 13, 2021
This build fixes several bugs, including one that made it difficult to print to a variety of printers, primarily USB receipt or label printers. It also removes support for the PerformTicketSignature setting and permanently enables Enforcement mode for CVE-2020-17049.
It also has a variety of security updates for Windows Apps, Windows Management, Windows Fundamentals, Windows Authentication, Windows User Account Control (UAC), Operating System Security, Windows Virtualization, Windows Linux, the Windows Kernel, the Microsoft Scripting Engine, the Windows HTML Platforms, the Windows MSHTML Platform, and Windows Graphics.
For more details, see Microsoft’s Security Update Guide.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
There are several known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5004237.)
KB5004945 (OS Builds 19041.1083, 19042.1083, and 19043.1083)
Release date: July 6, 2021
This build closes a remote code execution exploit in the Windows Print Spooler service, known as “PrintNightmare,” as documented in CVE-2021-34527.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
(Get more info about KB5004945.)
KB5004760 (OS Builds 19041.1082, 19042.1082, and 19043.1082)
Release date: June 29, 2021
This out-of-band build fixes a bug that may prevent you from opening PDFs using Internet Explorer 11 or apps that use the 64-bit version of the WebBrowser control.
Among the build’s known issues are one in which when using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the characters manually.
(Get more info about KB5004760.)
KB5003690 (OS Builds 19041.1081, 19042.1081, and 19043.1081)
Release date: June 21, 2021
This build addresses about three dozen bugs, including one in which signing in using a PIN fails, and another that might cause a VPN to fail after renewing a user auto-enrolled certificate. It also removes Adobe Flash from your PC and makes improvements to the servicing stack, the component that installs Windows updates.
Among the build’s known issues are one in which when using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the characters manually.
(Get more info about KB5003690.)
KB5004476 (OS Builds 19041.1055, 19042.1055, and 19043.1055)
Release date: June 11, 2021
This out-of-band build fixes a bug that might redirect you to the Microsoft Store page for Gaming Services when you try to install or start an Xbox Game Pass game on your Windows 10 device. Additionally, you might receive error 0x80073D26 or 0x8007139F. For more information, see KB5004327.
In addition, the build makes improvements to the servicing stack, the component that installs Windows updates.
(Get more info about KB5004476.)
KB5003637 (OS Builds 19041.1052, 19042.1052, and 19043.1052)
Release date: June 8, 2021
This build includes improvements to the servicing stack, which is the component that installs Windows updates. It also includes changes for verifying user names and passwords and for storing and managing files.
It also has a variety of security updates to the Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Input and Composition, Windows Management, Windows Cloud Infrastructure, Windows Authentication, Windows Fundamentals, Windows Virtualization, Windows Kernel, Windows HTML Platform, and Windows Storage and Filesystems.
For more details, see Microsoft’s Security Update Guide.
There are several known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10. Devices using Windows Update for Business or that connect directly to Windows Update are not impacted.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
(Get more info about KB5003637.)
KB5003214 (OS Builds 19041.1023, 19042.1023, and 19043.1023) Preview
Release date: May 25, 2021
This build adds the Open on hover option (which is checked by default) to the News and interests menu. To access it, right-click a blank space on the Windows taskbar and open the News and interests menu.
In addition, it makes quality improvements to the servicing stack, which is the component that installs Windows updates. It also includes a wide variety of small bug fixes, including one that displayed items on the desktop after they have been deleted from the desktop, and another that caused configuration problems with devices that were configured using mobile device management (MDM) RestrictedGroups, LocalUsersAndGroups, or UserRights policies.
(Get more info about KB5003214 Preview.)
Windows 10 May 2021 Update (version 21H1)
Release date: May 18, 2021
Version 21H1, called the Windows 10 May 2021 Update, is the most recent update to Windows 10. This is a relatively minor update, but it does have a few new features.
Here’s a quick summary of what’s new in 21H1:
- Windows Hello multicamera support: If you have an external Windows Hello camera for your PC, you can set the external camera as your default camera. (Windows Hello is used for signing into PCs.) Why should this change matter to you? If you have an external camera, you probably bought it because it’s superior to the built-in, internal one on your computer. So with this change, you’ll be able to use the more accurate camera for logging into your PC.
- Improved Windows Defender Application Guard performance: Windows Defender Application Guard lets administrators configure applications to run in an isolated, virtualized container for improved security. With this change, documents will open more quickly. It can currently take up to a minute to open an Office document in it.
- Better Windows Management Instrumentation (WMI) Group Policy Service support: Microsoft has made it easier for administrators to change settings to support remote work.
Updates to Windows 10 versions 2004 and 20H2 prior to the 21H1 release
KB5003173 (OS Builds 19041.985 and 19042.985)
Release date: May 11, 2021
This build includes a variety of security updates for Windows App Platform and Frameworks, the Windows Kernel, Windows Media, the Microsoft Scripting Engine, and the Windows Silicon Platform. For more details, see Microsoft’s Security Update Guide. It also updates security for Bluetooth drivers and Windows OLE (compound documents).
There are several known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10. Devices using Windows Update for Business or that connect directly to Windows Update are not impacted.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
(Get more info about KB5003173.)
KB5001391 (OS Builds 19041.964 and 19042.964) Preview
Release date: April 28, 2021
This update gives you quick access to an integrated feed of dynamic content, such as news, weather, sports, and more, that updates throughout the day, via the Windows taskbar. You can personalize the feed to match your interests. For more details, see Microsoft’s “Personalized content at a glance: Introducing news and interests on the Windows 10 taskbar.”
There are several known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10. In addition, devices with Windows installations created from custom offline media or custom ISO images might have the legacy version of Microsoft Edge removed by the update, but not automatically replaced by the new Microsoft Edge.
(Get more info about KB5001391 Preview.)
KB5001330 (OS Builds 19041.928 and 19042.928)
Release date: April 13, 2021
This update includes a wide variety of security updates, for Windows App Platform and Frameworks, Windows Apps, Windows Input and Composition, Windows Office Media, Windows Fundamentals, Windows Cryptography, the Windows AI Platform, Windows Kernel, Windows Virtualization, and Windows Media. For details, see Microsoft's Security Update Guide website.
There are several other security issues addressed, including fixing a potential elevation of privilege vulnerability in the way Azure Active Directory web sign-in allows arbitrary browsing from the third-party endpoints used for federated authentication.
In this build, Microsoft also removed the Microsoft Edge legacy browser and replaced it with the new Chromium-based Edge.
There are several known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10. Devices using Windows Update for Business or that connect directly to Windows Update are not impacted.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
(Get more info about KB5001330.)
KB5000842 (OS Builds 19041.906 and 19042.906) Preview
Release date: March 29, 2021
This update fixes a variety of minor bugs, including one that made high dynamic range (HDR) screens appear much darker than expected, and another that caused video playback to be out of sync in duplicate mode with multiple monitors.
There are several known issues in this build, including one in which System and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10. Devices using Windows Update for Business or that connect directly to Windows Update are not impacted.
(Get more info about KB5000842 Preview.)
KB5001649 (OS Builds 19041.870 and 19042.870)
Release date: March 18, 2021
This out-of-band update fixes a single bug in which graphical content could not be printed.
There is one known issue in this update, in which system and user certificates may be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10.
(Get more info about KB5001649.)
KB5001567 (OS Builds 19041.868 and 19042.868)
Date: March 15, 2021
This out-of-band update fixes a single bug, which caused a blue screen when you attempted to print to certain printers using some apps.
There is one known issue in this update, in which system and user certificates may be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10.
(Get more info about KB5001567.)
KB5000802 (OS Builds 19041.867 and 19042.867)
Release date: March 9, 2021
This update includes a wide variety of security updates for the Windows Shell, Windows Fundamentals, Windows Management, Windows Apps, Windows User Account Control (UAC), Windows Virtualization, the Windows Kernel, the Microsoft Graphics Component, Internet Explorer, Microsoft Edge Legacy, and Windows Media. For details, see the Microsoft Security Update Guide.
There are three known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
(Get more info about KB5000802.)
KB4601382 (OS Builds 19041.844 and 19042.844) Preview
Release date: February 24, 2021
This update fixes a variety of minor bugs, including one that caused video playback to flicker when rendering on certain low-latency capable monitors, and another that sometimes prevented the input of strings into the Input Method Editor (IME).
(Get more info about KB4601382.)
KB4601319 (OS Builds 19041.804 and 19042.804)
Release date: February 9, 2021
This update fixes a bug and includes a variety of security updates. The bug fixed could damage the file system of some devices and prevent them from starting up after running chkdsk /f.
Security updates are provided for Windows App Platform and Frameworks, Windows Apps, Windows Input and Composition, Windows Cloud Infrastructure, Windows Management, Windows Authentication, Windows Fundamentals, Windows Cryptography, Windows Virtualization, Windows Core Networking, and Windows Hybrid Cloud Networking. For details, see the Microsoft Security Update Guide.
There are three known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
(Get more info about KB4601319.)
KB4598242 (OS Builds 19041.746 and 19042.746)
Release date: January 12, 2021
This build fixes a variety of security vulnerabilities, including one with HTTPS-based intranet servers, and a security bypass vulnerability in the way the Printer Remote Procedure Call (RPC) binding handles authentication for the remote Winspool interface.
There are also security updates to Windows App Platform and Frameworks, Windows Media, Windows Fundamentals, Windows Kernel, Windows Cryptography, Windows Virtualization, Windows Peripherals, and Windows Hybrid Storage Services. For details see the Microsoft Security Update Guide.
There are two known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10, version 1809.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
(Get more info about KB4598242.)
KB4592438 (OS Builds 19041.685 and 19042.685)
Release date: December 8, 2020
This update fixes a security vulnerability by preventing applications that run as a SYSTEM account from printing to “FILE:” ports. It also has security updates for the legacy version of Microsoft Edge, the Microsoft Graphics Component, Windows Media, Windows Fundamentals, and Windows Virtualization. For details see the Microsoft Security Update Guide.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
(Get more info about KB4592438.)
KB4586853 (OS Builds 19041.662 and 19042.662) Preview
Release date: November 30, 2020
This build fixes a wide variety of bugs, including one that caused Narrator to stop responding after you unlock a device if the app was in use before you locked the device, and another that made makes the touch keyboard unstable in the Mail app.
There are two known issues in this update, one in which system and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10, and another in which users of the Microsoft Input Method Editor (IME) for Japanese or Chinese languages might experience issues when attempting various tasks.
(Get more info about KB4586853.)
KB4594440 (OS Builds 19041.631 and 19042.631)
Release date: November 19, 2020
This minor build fixes issues with Kerberos authentication related to the PerformTicketSignature registry subkey value in CVE-2020-17049, which was a part of the November 10, 2020 Windows update.
There are two known issues in this update, one in which system and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10, and another in which users of the Microsoft Input Method Editor (IME) for Japanese or Chinese languages might experience issues when attempting various tasks.
(Get more info about KB4594440.)
KB4586781 (OS Builds 19041.630 and 19042.630)
Release date: November 10, 2020
This build updates the 2020 DST start date for the Fiji Islands to December 20, 2020 and includes security updates to the Microsoft Scripting Engine, Windows Input and Composition, Microsoft Graphics Component, the Windows Wallet Service, Windows Fundamentals, and the Windows Kernel. For details see the release notes for November 2020 Security Updates.
There are two known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10, and another in which users of the Microsoft Input Method Editor (IME) for Japanese or Chinese languages might experience issues when attempting various tasks.
What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.
(Get more info about KB4586781.)
KB4580364 (OS Builds 19041.610 and 19042.610)
Release date: October 29, 2020
This update makes it easier to connect to others in Skype, using Meet Now from the taskbar. In addition, there are a wide variety of bug fixes, including for one that displayed the incorrect CPU frequency for certain processors, another that displayed nothing on the screen for five minutes or more during a Remote Desktop Protocol (RDP) session, and another that caused the Docker pull operation to fail due to a Code Integrity (CI) Policy that blocks the import of a Windows container image.
There are two known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10, and another in which users of the Microsoft Input Method Editor (IME) for Japanese or Chinese languages might experience issues when attempting various tasks.
(Get more info about KB4580364.)
Windows 10 October 2020 Update (version 20H2)
Release date: October 20, 2020
Version 20H2, called the Windows 10 October 2020 Update, is the most recent update to Windows 10. This is a relatively minor update but does have a few new features.
Here’s a quick summary of what’s new in 20H2:
- The new Chromium-based version of the Microsoft Edge browser is now built directly into Windows 10.
- The System page of Control Panel has been removed. Those settings have been moved to the Settings app.
- The Start menu’s tiled background will match your choice of Windows themes. So the tiled background will be light if you’re using the Windows 10 light theme and dark if you’re using the Windows 10 dark theme.
- When you use Alt-Tab, Edge will now display each tab in your browser in a different Alt-Tab window. Previously, when you used Alt-Tab, Edge would get only a single window. You can change this new behavior by going to Settings > System > Multitasking.
- When you pin a site to the taskbar in Edge, you can click or mouse over its icon to see all your browser tabs that are open for that website.
- When you detach a keyboard on a 2-in-1 device, the device will automatically switch to the tablet-based interface. Previously, you were asked whether you wanted to switch. You can change that setting by going to Settings > System > Tablet.
- The Your Phone app gets a variety of new features for some Samsung devices. When using one of the devices, you can interact with the Android apps on your phone from the Your Phone app on Windows 10.
What IT needs to know: Windows 10 version 20H2 also has a variety of small changes of note for sysadmins and those in IT.
- IT professionals who administer multiple mobile devices get a new Modern Device Management (MDM) “Local Users and Groups” settings policy that mirrors options available for devices that are managed through Group Policy.
- Windows Autopilot, used to set up and configure devices in enterprises, has gained a variety of small enhancement, including better deployment of HoloLens devices, the addition of co-management policies, enhancements to Autopilot deployment reporting, and the ability to reuse Configuration Manager task sequences to configure devices.
- Microsoft Defender Application Guard now supports Office. This allows untrusted Office documents from outside an enterprise to launch in an isolated container to stop potentially malicious content from compromising computers or exploiting personal information found on them.
- Latest Cumulative Updates (LCUs) and Servicing Stack Updates (SSUs) have been combined into a single cumulative monthly update, available via Microsoft Catalog or Windows Server Update Services.
- Biometric sign-on has been made more secure. Windows Hello now has support for virtualization-based security for certain fingerprint and face sensors, which protects, isolates, and secures a user's biometric authentication data.
For more details, see Microsoft’s “What’s new for IT pros in Windows 10, version 20H2.”