Resolved issues in Windows 10, version 21H2
Find information on recently resolved issues for Windows 10, version 21H2. To find a specific issue, use the search function on your browser (CTRL + F for Microsoft Edge). For immediate help with Windows update issues, use Get Help in Windows or go to support.microsoft.com. Follow @WindowsUpdate on X (formerly Twitter) for Windows release health updates.
Resolved issues
| Summary | Originating update | Status | Date resolved |
|---|---|---|---|
| The October 2023 security update might fail to install Some Windows 10 devices might initially display progress, but then fail to complete. | OS Build 19044.3570 KB5031356 2023-10-10 | Resolved KB5032189 | 2023-11-14 10:00 PT |
| Apps deployed via ClickOnce might prompt for installation when opened Apps which were deployed using ClickOnce might begin to prompt for installation even though they're already installed. | OS Build 19044.3324 KB5029244 2023-08-08 | Resolved KB5031356 | 2023-10-10 10:00 PT |
| Start menu, Windows Search and UWP apps might have issues opening Affected devices have apps installed which integrate with Windows, Microsoft Office, or Microsoft Outlook. | N/A | Resolved KB5028166 | 2023-07-11 10:00 PT |
| You might receive an error with apphelp.dll from apps using DirectX After installing KB5019980 or later updates, devices with older Intel graphics drivers might encounter issues. | OS Build 19044.2251 KB5019959 2022-11-08 | Resolved KB5026361 | 2023-05-09 10:00 PT |
| KB5012170 might fail to install and you might receive a 0x800f0922 error Security update for Secure Boot DBX might fail to install. | OS Build 19044.1880 KB5012170 2022-08-09 | Resolved KB5022906 | 2023-02-21 14:00 PT |
| When using Outlook, opening links in emails might display an error Office updates released July 11, 2023 introduce this behavior by design due to the new security protections | N/A | Resolved | 2023-07-25 18:26 PT |
| Microsoft Outlook and some apps might not open 32-bit apps from Microsoft or third-parties might fail to open with certain security software installed. | OS Build 19044.3086 KB5027215 2023-06-13 | Resolved External | 2023-06-28 17:36 PT |
| Taskbar elements might flicker and causes device instability This issue is resolved using Known Issue Rollback (KIR) | OS Build 19044.2075 KB5017380 2022-09-20 | Resolved KB5019275 | 2023-01-19 14:00 PT |
| Saving or copying files might intermittently fail You might receive an error or files might intermittently fail to save or copy, especially to network shares. | OS Build 19044.2788 KB5023773 2023-03-21 | Resolved KB5027215 | 2023-06-13 10:00 PT |
| Domain join processes may fail with error "0xaac (2732)" This might be encountered when an account was created by a different identity than the one used to join the domain | OS Build 19044.2130 KB5018410 2022-10-11 | Resolved KB5023696 | 2023-03-14 10:00 PT |
| Windows 11 upgrades were offered to ineligible devices Affected devices were not able to complete the installation process. | N/A | Resolved | 2023-02-24 18:01 PT |
| Application shortcuts might not work from the Start menu or other locations Errors might be observed when trying to run exe files. Changes to Microsoft Defender can help. | N/A | Resolved | 2023-01-18 19:28 PT |
| Database connections using Microsoft ODBC SQL Server driver might fail. Apps using ODBC connections might fail to connect to databases. | OS Build 19044.2251 KB5019959 2022-11-08 | Resolved KB5022282 | 2023-01-10 10:00 PT |
| You might receive an error (0xc000021a) with a blue screen Some Windows devices might start up to an error. | OS Build 19044.2364 KB5021233 2022-12-13 | Resolved KB5022282 | 2023-01-10 10:00 PT |
| Direct Access might be unable to reconnect after your device has connectivity issues This issue might happen after losing network connectivity or transitioning between Wi-Fi networks. | OS Build 19044.2193 KB5018482 2022-10-25 | Resolved KB5021233 | 2022-12-13 10:00 PT |
| Sign in failures and other issues related to Kerberos authentication After installing updates released November 2022, you might have Kerberos authentication issues. | OS Build 19044.2251 KB5019959 2022-11-08 | Resolved | 2022-11-18 16:22 PT |
| Your desktop or taskbar might momentarily disappear or might become unresponsive You might experience an error in which the desktop or taskbar disappearing then reappearing. | OS Build 19044.1949 KB5016688 2022-08-26 | Resolved KB5021233 | 2022-12-13 10:00 PT |
Issue details
October 2023
The October 2023 security update might fail to install
| Status | Originating update | History | Resolved KB5032189 | OS Build 19044.3570 KB5031356 2023-10-10 | Resolved: 2023-11-14, 10:00 PT Opened: 2023-10-13, 10:33 PT |
|---|
Microsoft has received reports of an issue where Windows updates released October 10, 2023 ( KB5031356) fail to install. Devices might initially display progress, but then fail to complete installation.
Based on our reports, some of the most common errors being encountered is Error 8007000D (ERROR_INVALID_DATA). This error can be found from the Windows Update view under System settings, by selecting Update History.
For additional guidance on quality update install errors, see Troubleshoot problems updating Windows.
Resolution: This issue was resolved in updates released November 14, 2023 ( KB5032189) and later. We recommend you install the latest security update for your device. It contains important improvements and issue resolutions, including this one. If you install an update released November 14, 2023 or later, you do not need to use a Known Issue Rollback (KIR) or a special Group Policy to resolve this issue.
If necessary, the following manual steps can be used to speed up the recovery:
- Run command Prompt as Administrator. To do this, you can open the Start menu and type 'cmd'. From the right-side panel of the search results, select the option 'Run as administrator'
- In the window that opens, type the following to execute a restore command: Dism /online /cleanup-image /RestoreHealth
- Wait for it to complete successfully, then close the windows. You can now search for updates again from the Windows Updates from the Settings view.
The Windows Updates settings view can always be found by opening the Start menu and typing 'Windows Updates'. Then select 'Check for updates' from the search results.
If you are using an update released before November 14, 2023 ( KB5032189), and have this issue, you can resolve it by installing and configuring the special Group Policy listed below. The special Group Policy can be found in Computer Configuration -> Administrative Templates -> <Group Policy name listed below>. For information on deploying and configuring these special Group Policy, please see How to use Group Policy to deploy a Known Issue Rollback.
Group Policy downloads with Group Policy name:
- Download for Windows 10, version 22H2 and Windows 10, version 21H2 - Windows 10 21H2 and 22H2 KB5026879 230627_173533 Known Issue Rollback.msi
Please note that it might take up to 48 hours for the resolution to propagate automatically to consumer devices and non-managed business devices.
Affected platforms:
- Client: Windows 10, version 22H2; Windows 10, version 21H2
August 2023
Apps deployed via ClickOnce might prompt for installation when opened
| Status | Originating update | History | Resolved KB5031356 | OS Build 19044.3324 KB5029244 2023-08-08 | Resolved: 2023-10-10, 10:00 PT Opened: 2023-08-13, 18:39 PT |
|---|
After installing KB5029244 or later updates, apps which were deployed using ClickOnce might begin to prompt for installation even when the ClickOnce apps are already installed and marked as “trusted”.
Workaround: To temporarily workaround the issue, uninstall the impacted ClickOnce Application and reinstall the application again.
Resolution: This issue was resolved in updates released October 10, 2023 ( KB5031356) and later. After installing KB5031356 or later updates, you do not need to use a Known Issue Rollback (KIR) or a special Group Policy to resolve this issue. If you are using an update released before October 10, 2023, and have this issue, you can resolve it by installing and configuring the special Group Policy listed below. The special Group Policy can be found in Computer Configuration -> Administrative Templates -> <Group Policy name listed below>.
For information on deploying and configuring these special Group Policy, please see How to use Group Policy to deploy a Known Issue Rollback.
Group Policy downloads with Group Policy name:
- Download for Windows 10, version 22H2; Windows 10, version 21H2 - Windows 10 20H2, 21H1, 21H2 and 22H2 KB5028244 230814_03351 Known Issue Rollback
Important: You will need to install and configure the Group Policy for your version of Windows to resolve this issue.
Affected platforms:
- Client: Windows 10, version 22H2; Windows 10, version 21H2
- Server: None
July 2023
When using Outlook, opening links in emails might display an error
| Status | Originating update | History | Resolved | N/A | Resolved: 2023-07-25, 18:26 PT Opened: 2023-07-25, 18:14 PT |
|---|
When clicking on links in emails in Microsoft Outlook, you might receive an error message with the text “Something unexpected went wrong with this URL”. Opening links in emails on Microsoft Outlook may also display an error stating "Microsoft Office has identified a potential security concern. This location may be unsafe."
As a result of Microsoft Office security hardening changes, hyperlinks which contain fully-qualified domain name (FQDN) or IP address will display this message. This is due to protections released July 11, 2023.
Please note: This behavior is caused by a protection update in Outlook released July 11, 2023. It is not caused by Windows Updates.
Resolution: These messages are displayed as part of recent Office security changes. Details can be seen in KB article Outlook blocks opening FQDN and IP address hyperlinks after installing protections for Microsoft Outlook Security Feature Bypass Vulnerability released July 11, 2023.
In order to ensure continued access to files on FQDN or IP address paths, add those URLs to the Trusted Sites zone in accordance with Windows guidance. An Intranet site is identified as an Internet site when you use an FQDN or an IP address. This can be accomplished with the following steps:
- Open the "Internet Properties" settings. This can be done in one of the following ways:
- Open "Control Panel" from the start menu and select "Internet Options" under "Network and Internet"
- On your keyboard, press and hold the Windows key, then press the letter S. In the search dialog that appears, type "Internet Properties" and select the first result.
- Click the Security tab, then select Trusted Sites.
- Under "Add this website to the zone", add the URL, UNC, FQDN path that you want to allow. For example, add: file://server.usa.corp.com
Note: If the entry you wish to add does not explicitly start with ‘https:’, you must first uncheck the ‘Require server verification (https) for all sites in this zone’ checkbox before it can be saved.
This workaround can also be deployed via group policy. See policy: \\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Site to Zone Assignment List on the Group Policy Search site.
For additional information see the respective CVEs below.
- MSRC CVE-2023-33151: Microsoft Outlook Spoofing Vulnerability
- MSRC CVE-2023-35311: Microsoft Outlook Security Feature Bypass Vulnerability
- KB5002427: Description of the security update for Outlook 2016: July 11, 2023 (KB5002427)
- KB5002432: Description of the security update for Outlook 2013: July 11, 2023 (KB5002432)
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2
- Server: None
June 2023
Microsoft Outlook and some apps might not open
| Status | Originating update | History | Resolved External | OS Build 19044.3086 KB5027215 2023-06-13 | Last updated: 2023-06-28, 17:36 PT Opened: 2023-06-28, 17:14 PT |
|---|
After installing KB5027215 or later updates on Windows devices with certain antivirus, antimalware or security software installed, you might not be able to open Microsoft or third-party apps. Some known affected apps are Microsoft Outlook and other Microsoft Office apps. This issue only occurs with 32-bit apps running on 64-bit Windows with Trellix Endpoint Security version earlier than 35.31.25. When attempting to open an affected app, Event Log indicates an access violation with the error "module is unknown". This issue is not likely to be encountered by consumers using Windows devices in their home.
Resolution: This issue has been resolved by Trellix in Endpoint Security Agent (HX) 35.31.25 and later. If you are experiencing this issue with other security software installed or after installing the latest version of Trellix Endpoint Security Agent, please contact customer support of the security software you are using.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2
- Server: Windows Server 2022
May 2023
Saving or copying files might intermittently fail
| Status | Originating update | History | Resolved KB5027215 | OS Build 19044.2788 KB5023773 2023-03-21 | Resolved: 2023-06-13, 10:00 PT Opened: 2023-05-24, 10:32 PT |
|---|
After installing KB5023773 or later updates, you might have intermittent issues saving, or copying, or attaching files using 32-bit apps which are large address aware and using the CopyFile API. Windows devices are more likely to be affected by this issue when using some commercial/enterprise security software which uses extended file attributes. We are not receiving reports that copying files using File Explorer is affected, but CopyFile API used within apps might be affected. Microsoft Office apps such as Microsoft Word or Microsoft Excel are only affected when using 32-bit versions and you might receive the error, "Document not saved." This issue is unlikely to be experienced by consumers using Windows devices in their home or on non-managed comercial device. Note: Apps are not affected by this issue if they are 64-bit or 32-bit and NOT large address aware.
Workaround: To mitigate the issue, you can attempt to save or copy again. Since the issue is intermittent, it is likely to succeed on a subsequent try. Important: If the resolution below does not resolve intermittent save or copy issues in your environment, then you might be experiencing a different issue with similar symptoms.
Resolution: This issue was resolved in updates released June 13, 2023 ( KB5027215) and later. We recommend you install the latest security update for your device. It contains important improvements and issue resolutions, including this one. If you install an update released June 13, 2023 or later, you do not need to use a Known Issue Rollback (KIR) or a special Group Policy to resolve this issue. If you are using an update released before June 13, 2023, and have this issue, you can resolve it by installing and configuring the special Group Policy listed below.
Enterprise-managed devices that have installed an affected update and have encountered this issue can resolve it by installing and configuring a special Group Policy. The special Group Policy can be found in Computer Configuration -> Administrative Templates -> <Group Policy name listed below>.
For information on deploying and configuring these special Group Policy, please see How to use Group Policy to deploy a Known Issue Rollback.
Group Policy downloads with Group Policy name:
- Download for Windows 11, version 21H2 - KB5023774 230222_032017 Known Issue Rollback
- Download for Windows 10, version 22H2; Windows 10, version 21H2 - KB5023773 230222_032013 Known Issue Rollback
Important: You will need to install and configure the Group Policy for your version of Windows to resolve this issue.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2
- Server: None
February 2023
You might receive an error with apphelp.dll from apps using DirectX
| Status | Originating update | History | Resolved KB5026361 | OS Build 19044.2251 KB5019959 2022-11-08 | Resolved: 2023-05-09, 10:00 PT Opened: 2023-02-08, 15:49 PT |
|---|
After installing KB5019959 or later updates, you might receive an error with apphelp.dll on Windows devices using Intel graphics drivers with versions 26.20.100.7463 up to 30.0.101.1190. This issue might happen intermittently and affects a small number of enterprise apps which use DirectX or Direct3D to render part or all of their content. Windows devices using updated Intel graphics drivers with a version later than 30.0.101.1190 are not affected by this issue and already have the Intel resolution for this issue installed.
Home users of Windows are unlikely to experience this issue, as the few affected apps are more commonly used in enterprise environments.
Workaround: To mitigate this issue, you can install an Intel graphics driver with a later version than 30.0.101.1190. It is recommended to check your Windows device manufacturer's support for the latest version of the Intel graphics driver for your device. If they do not offer a driver later than 30.0.101.1190, you can check List of Drivers for Intel Graphics for information on how to download and install the latest Intel graphics driver available from Intel directly.
Resolution: This issue was resolved in KB5026361.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019
- Server: Windows Server 2022
Windows 11 upgrades were offered to ineligible devices
| Status | Originating update | History | Resolved | N/A | Resolved: 2023-02-24, 18:01 PT Opened: 2023-02-24, 17:43 PT |
|---|
Some hardware ineligible Windows 10 and Windows 11, version 21H2 devices were offered an inaccurate upgrade to Windows 11. These ineligible devices did not meet the minimum requirements to run Window 11. Devices that experienced this issue were not able to complete the upgrade installation process.
This issue was detected on February 23, 2023, and resolved on the same day.
Resolution: This issue is resolved. It might take 24 to 48 hours to propagate to all affected devices. Affected users do not need to take any steps.
Affected platforms:
- Client: Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 20H2
January 2023
Start menu, Windows Search and UWP apps might have issues opening
| Status | Originating update | History | Resolved KB5028166 | N/A | Resolved: 2023-07-11, 10:00 PT Opened: 2023-01-24, 09:47 PT |
|---|
The Start menu, Windows search, and Universal Windows Platform (UWP) apps might not work as expected or might have issues opening. Affected Windows devices might have damaged registry keys or data which might affect apps using Microsoft Office APIs to integrate with Windows, Microsoft Office, or Microsoft Outlook or Outlook Calendar. An example of an app affected by this issue is ClickShare. The underlying Issue is not caused by the installation of an update to Windows and might be exposed by an update to an affected app.
Workaround: To mitigate this issue, you can uninstall apps which integrate with Windows, Microsoft Office, Microsoft Outlook or Outlook Calendar. Updates to affected apps or guidance from the developer of the app might also be available. If you are using ClickShare by Barco, please see Symptom: Start Menu and other shell components fail when Apps including Barco's ClickShare access Office APIs and Unresponsive Windows taskbar or user shell folder permissions issues with ClickShare App Calendar integration.
Resolution: This issue was resolved in KB5028166.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 20H2
- Server: None
Application shortcuts might not work from the Start menu or other locations
| Status | Originating update | History | Resolved | N/A | Resolved: 2023-01-18, 19:28 PT Opened: 2023-01-13, 13:40 PT |
|---|
After installing security intelligence update build 1.381.2140.0 for Microsoft Defender, application shortcuts in the Start menu, pinned to the taskbar, and on the Desktop might be missing or deleted. Additionally, errors might be observed when trying to run executable (.exe) files which have dependencies on shortcut files. Affected devices have the Atack Surface Reduction (ASR) rule "Block Win32 API calls from Office macro" enabled. After installing security intelligence build 1.381.2140.0, detections resulted in the deletion of certain Windows shortcut (.lnk) files that matched the incorrect detection pattern.
Windows devices used by consumers in their home or small offices are not likely to be affected by this issue.
Workaround: Changes to Microsoft Defender can mitigate this issue. The Atack Surface Reduction (ASR) rules in Microsoft Defender are used to regulate software behavior as part of security measures. Changing ASR rules to Audit Mode can help prevent this issue. This can be done through the following options:
- Using Intune: Enable attack surface reduction rules | Defender for Endpoint: Microsoft Endpoint Manager
- Using Group Policy: Enable attack surface reduction rules | Defender for Endpoint: Group Policy
Microsoft Office applications can be launched through the Microsoft 365 app launcher. More details on the Microsoft 365 app launcher can be found in Meet the Microsoft 365 app launcher
Next steps: This issue is resolved in security intelligence update build 1.381.2164.0. Installing security intelligence update build 1.381.2164.0 or later should prevent the issue, but it will not restore previously deleted shortcuts. You will need to recreate or restore these shortcuts through other methods. For additional information and help recovering missing shortcuts, see Recovering from Attack Surface Reduction rule shortcut deletions (updated on January 17, 2023 to include additional guidance and scripts to help with recovery).
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB
- Server: None
December 2022
Taskbar elements might flicker and causes device instability
| Status | Originating update | History | Resolved KB5019275 | OS Build 19044.2075 KB5017380 2022-09-20 | Resolved: 2023-01-19, 14:00 PT Opened: 2022-12-16, 09:00 PT |
|---|
After installing updates released September 20, 2022 or later, taskbar elements might flicker and cause system instability. Symptoms might include:
- The Weather or News and Interests widget or icons flickers on the Windows taskbar
- The Windows taskbar stops responding
- Windows Explorer stops responding
- Applications including Microsoft Word or Excel might stop responding if they are open when the issue occurs
Restarting the devices can alleviate the issue in some cases, but possibly not all.
Resolution: This issue was resolved in updates released January 19, 2023 ( KB5019275) and later. We recommend you install the latest security update for your device. It contains important improvements and issue resolutions, including this one.
If you install an update released January 19, 2023 or later, you do not need to use a Known Issue Rollback (KIR) or a special Group Policy to resolve this issue. If you are using an update released before January 19, 2023, and have this issue, you can resolve it by installing and configuring the special Group Policy listed below.
KIRs are applied to most consumer (home) and non-managed devices without the need for any manual action. Enterprise-managed devices which have installed an affected update and encountered this issue can be resolved by installing and configuring a special Group Policy. The special Group Policy can be found in Computer Configuration -> Administrative Templates -> <Group Policy name listed below>.
Group Policy download with Group Policy name:
Download for Windows 10 version 22H2, 21H2, 21H1, and 20H2 - Windows 10 20H2, 21H1, 21H2 and 22H2 KB5017380 221207_23451 Feature Preview.msi
Affected platforms:
- Client: Windows 10, version 22H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2
- Server: None
Database connections using Microsoft ODBC SQL Server driver might fail.
| Status | Originating update | History | Resolved KB5022282 | OS Build 19044.2251 KB5019959 2022-11-08 | Resolved: 2023-01-10, 10:00 PT Opened: 2022-12-05, 15:45 PT |
|---|
After installing KB5019959, apps which use ODBC connections utilizing the Microsoft ODBC SQL Server Driver (sqlsrv32.dll) to access databases might fail to connect. You might receive an error within the app or you might receive an error from SQL Server, such as "The EMS System encountered a problem" with "Message: [Microsoft][ODBC SQL Server Driver] Protocol error in TDS Stream" or "Message: [Microsoft][ODBC SQL Server Driver]Unknown token received from SQL Server". Note for developers: Apps affected by this issue might fail to fetch data, for example when using the SQLFetch function. This issue might occur when calling SQLBindCol function before SQLFetch or calling SQLGetData function after SQLFetch and when a value of 0 (zero) is given for the ‘BufferLength’ argument for fixed datatypes larger than 4 bytes (such as SQL_C_FLOAT).
If you are unsure if you are using any affected apps, open any apps which use a database and then open Command Prompt (select Start then type command prompt and select it) and type the following command:
tasklist /m sqlsrv32.dll
Workaround: To mitigate this issue, you can do one of the following:
- If your app is already using or able to use Data Source Name (DSN) to select ODBC connections, install Microsoft ODBC Driver 17 for SQL Server and select it for use with your app using DSN. Note: We recommend the latest version of Microsoft ODBC Driver 17 for SQL Server, as it is more compatible with apps currently using the legacy Microsoft ODBC SQL Server Driver (sqlsrv32.dll) than Microsoft ODBC Driver 18 for SQL Server.
- If your app is unable to use DSN, the app will need to be modified to allow for DSN or to use a newer ODBC driver than Microsoft ODBC SQL Server Driver (sqlsrv32.dll).
Resolution: This issue was resolved in KB5022282. If you have implemented the above workaround, it is recommended to continue using the configuration in the workaround.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1
- Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
You might receive an error (0xc000021a) with a blue screen
| Status | Originating update | History | Resolved KB5022282 | OS Build 19044.2364 KB5021233 2022-12-13 | Resolved: 2023-01-10, 10:00 PT Opened: 2022-12-17, 15:18 PT |
|---|
After installing KB5021233, some Windows devices might start up to an error (0xc000021a) with a blue screen. Technical note: After installing KB5021233, there might be a mismatch between the file versions of hidparse.sys in c:/windows/system32 and c:/windows/system32/drivers (assuming Windows is installed to your C: drive), which might cause signature validation to fail when cleanup occurs.
Workaround: To mitigate this issue on devices already experiencing it, you will need to use Windows Recovery Environment (WinRE) with the following steps:
- You will need to enter Windows Recovery Environment. If your device has not automatically started up into WinRE, please see Entry points into WinRE.
- Select the Troubleshoot button.
- Select the "Start recovery, troubleshooting, and diagnostic tools" button.
- Select the "Advanced Options" button.
- Select the "Command Prompt" button and wait for your device to restart, if needed.
- Your device should restart to a Command Prompt window. You might need to sign into your device with your password before getting to the Command Prompt window.
- Run the following command (Important: If Windows is not installed to C:\windows you will need to modify the command to your environment): xcopy C:\windows\system32\drivers\hidparse.sys C:\windows\system32\hidparse.sys
- Once the previous command completes, type: exit
- Select the "Continue" button.
- Windows should now start up as expected.
Important: It is not recommended to follow any other workaround than those recommended above. We do not recommend deleting the hidparse.sys from your Windows\System32 folder.
Resolution: This issue was resolved in KB5022282. This update should prevent the issue from occurring. Windows devices in which this issue has already occurred will still need to follow the workaround above.
Affected platforms:
- Client: Windows 10, version 22H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2
- Server: None
November 2022
Direct Access might be unable to reconnect after your device has connectivity issues
| Status | Originating update | History | Resolved KB5021233 | OS Build 19044.2193 KB5018482 2022-10-25 | Resolved: 2022-12-13, 10:00 PT Opened: 2022-11-13, 14:49 PT |
|---|
After installing KB5018482 or later updates, you might be unable to reconnect to Direct Access after temporarily losing network connectivity or transitioning between Wi-Fi networks or access points. Note: This issue should not affect other remote access solutions such as VPN (sometimes called Remote Access Server or RAS) and Always On VPN (AOVPN).
Windows devices used at home by consumers or devices in organizations which are not using Direct Access to remotely access the organization's network resources are not affected.
Workaround: You can mitigate this issue by restarting your Windows device.
Resolution: This issue was resolved in updates released December 13, 2022 ( KB5021233) and later. We recommend you install the latest security update for your device. It contains important improvements and issue resolutions, including this one. If you install an update released December 13, 2022 ( KB5021233) or later, you do not need to use a Known Issue Rollback (KIR) or a special Group Policy to resolve this issue. If you are using an update released before December 13, 2022, and have this issue, you can resolve it by installing and configuring the special Group Policy listed below. The special Group Policy can be found in Computer Configuration -> Administrative Templates -> <Group Policy name listed below>.
For information on deploying and configuring these special Group Policy, please see How to use Group Policy to deploy a Known Issue Rollback.
Group Policy downloads with Group Policy name:
- Download for Windows 11, version 22H2 - KB5018427 221029_091533 Known Issue Rollback
- Download for Windows 11, version 21H2 - KB5018483 220927_043051 Known Issue Rollback
- Download for Windows Server 2022 - KB5018485 220927_043049 Known Issue Rollback
- Download for Windows 10, version 22H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2 - KB5018482 220927_043047 Known Issue Rollback
Important: You will need to install and configure the Group Policy for your version of Windows to resolve this issue.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019
- Server: Windows Server 2022; Windows Server 2019
Sign in failures and other issues related to Kerberos authentication
| Status | Originating update | History | Resolved | OS Build 19044.2251 KB5019959 2022-11-08 | Resolved: 2022-11-18, 16:22 PT Opened: 2022-11-13, 15:16 PT |
|---|
Updated November 18, 2022: Added update information for Windows Server 2008 R2 SP1.
After installing updates released on November 8, 2022 or later on Windows Servers with the Domain Controller role, you might have issues with Kerberos authentication. This issue might affect any Kerberos authentication in your environment. Some scenarios which might be affected:
- Domain user sign in might fail. This also might affect Active Directory Federation Services (AD FS) authentication.
- Group Managed Service Accounts (gMSA) used for services such as Internet Information Services (IIS Web Server) might fail to authenticate.
- Remote Desktop connections using domain users might fail to connect.
- You might be unable to access shared folders on workstations and file shares on servers.
- Printing that requires domain user authentication might fail.
When this issue is encountered you might receive a Microsoft-Windows-Kerberos-Key-Distribution-Center Event ID 14 error event in the System section of Event Log on your Domain Controller with the below text. Note: affected events will have "the missing key has an ID of 1":
While processing an AS request for target service <service>, the account <account name> did not have a suitable key for generating a Kerberos ticket (the missing key has an ID of 1). The requested etypes : 18 3. The accounts available etypes : 23 18 17. Changing or resetting the password of <account name> will generate a proper key.
Note: This issue is not an expected part of the security hardening for Netlogon and Kerberos starting with November 2022 security update. You will still need to follow the guidance in these articles even after this issue is resolved.
Windows devices used at home by consumers or devices which are not part of a on premises domain are not affected by this issue. Azure Active Directory environments that are not hybrid and do not have any on premises Active Directory servers are not affected.
Resolution: This issue was resolved in out-of-band updates released November 17, 2022 and November 18, 2022 for installation on all the Domain Controllers (DCs) in your environment. You do not need to install any update or make any changes to other servers or client devices in your environment to resolve this issue. If you used any workaround or mitigations for this issue, they are no longer needed, and we recommend you remove them.
To get the standalone package for these out-of-band updates, search for the KB number in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. Note The below updates are not available from Windows Update and will not install automatically.
Cumulative updates:
Note: You do not need to apply any previous update before installing these cumulative updates. If you have already installed updates released November 8, 2022, you do not need to uninstall the affected updates before installing any later updates including the updates listed above.
Standalone Updates:
- Windows Server 2012 R2: KB5021653
- Windows Server 2012: KB5021652
- Windows Server 2008 R2 SP1: KB5021651 (released November 18, 2022)
- Windows Server 2008 SP2: KB5021657
Note: If you are using security only updates for these versions of Windows Server, you only need to install these standalone updates for the month of November 2022. Security only updates are not cumulative, and you will also need to install all previous Security only updates to be fully up to date. Monthly rollup updates are cumulative and include security and all quality updates. If you are using Monthly rollup updates, you will need to install both the standalone updates listed above to resolve this issue, and install the Monthly rollups released November 8, 2022 to receive the quality updates for November 2022. If you have already installed updates released November 8, 2022, you do not need to uninstall the affected updates before installing any later updates including the updates listed above.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1
- Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Your desktop or taskbar might momentarily disappear or might become unresponsive
| Status | Originating update | History | Resolved KB5021233 | OS Build 19044.1949 KB5016688 2022-08-26 | Resolved: 2022-12-13, 10:00 PT Opened: 2022-11-16, 19:36 PT |
|---|
After installing KB5016688 or later updates, you might experience an error in which the desktop or taskbar might momentarily disappear, or your device might become unresponsive.
Workaround: If you are unable to use the resolution below, you can mitigate this issue by restarting your Windows device.
Resolution: This issue was resolved in updates released December 13, 2022 ( KB5021233) and later. We recommend you install the latest security update for your device. It contains important improvements and issue resolutions, including this one. If you install an update released December 13, 2022 ( KB5021233) or later, you do not need to use a Known Issue Rollback (KIR) or a special Group Policy to resolve this issue. If you are using an update released before December 13, 2022, and have this issue, you can resolve it by installing and configuring a special Group Policy. The special Group Policy can be found in Computer Configuration -> Administrative Templates -> <Group Policy name listed below>.
For information on deploying and configuring these special Group Policy, please see How to use Group Policy to deploy a Known Issue Rollback.
Group Policy downloads with Group Policy name:
- Download for Windows 10, version 22H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2 - KB5016688 220820_03051 Known Issue Rollback
Affected platforms:
- Client: Windows 10, version 22H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2
- Server: None
October 2022
Domain join processes may fail with error "0xaac (2732)"
| Status | Originating update | History | Resolved KB5023696 | OS Build 19044.2130 KB5018410 2022-10-11 | Resolved: 2023-03-14, 10:00 PT Opened: 2022-10-27, 15:53 PT |
|---|
Domain join operations might intentionally fail with error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" and text "An account with the same name exists in Active Directory. Re-using the account was blocked by security policy."
This issue originates with the October 2022 security updates ( KB5018410) which introduced some hardening changes enabled by default for domain join. Please see KB5020276 - Netjoin: Domain join hardening changes to understand the new designed behavior.
Affected scenarios include some domain join or re-imaging operations where a computer account was created or pre-staged by a different identity than the identity used to join or re-join the computer to the domain.
Home users of Windows are unlikely to experience this issue.
Resolution: This issue was resolved in updates released March 14, 2023 ( KB5023696) or later. Please see KB5020276 to understand the newly re-designed behavior. We have added information about a new Allowlist policy for trusted computer account creators to this KB.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1
- Server: Windows Server 2022; Windows Server, version 20H2; Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
August 2022
KB5012170 might fail to install and you might receive a 0x800f0922 error
| Status | Originating update | History | Resolved KB5022906 | OS Build 19044.1880 KB5012170 2022-08-09 | Resolved: 2023-02-21, 14:00 PT Opened: 2022-08-12, 17:08 PT |
|---|
When attempting to install KB5012170, it might fail to install, and you might receive an error 0x800f0922.
Note: This issue only affects the Security update for Secure Boot DBX ( KB5012170) and does not affect the latest cumulative security updates, monthly rollups, or security only updates.
Workaround: This issue can be mitigated on some devices by updating the UEFI bios to the latest version before attempting to install KB5012170.
Resolution: This issue was resolved in KB5022906 or later updates.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 11, version 21H2; Windows 10, version 22H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1
- Server: Windows Server 2022; Windows Server, version 20H2; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Report a problem with Windows updates
To report an issue to Microsoft at any time, use the Feedback Hub app. To learn more, see Send feedback to Microsoft with the Feedback Hub app.
Need help with Windows updates?
Search, browse, or ask a question on the Microsoft Support Community. If you are an IT pro supporting an organization, visit Windows release health on the Microsoft 365 admin center for additional details.
For direct help with your home PC, use the Get Help app in Windows or contact Microsoft Support. Organizations can request immediate support through Support for business.
View this site in your language
This site is available in 11 languages: English, Chinese Traditional, Chinese Simplified, French (France), German, Italian, Japanese, Korean, Portuguese (Brazil), Russian, and Spanish (Spain). All text will appear in English if your browser default language is not one of the 11 supported languages. To manually change the display language, scroll down to the bottom of this page, click on the current language displayed on the bottom left of the page, and select one of the 11 supported languages from the list.