Resolved issues in Windows 11, version 21H2
Find information on recently resolved issues for Windows 11, version 21H2. To find a specific issue, use the search function on your browser (CTRL + F for Microsoft Edge). For immediate help with Windows update issues, use Get Help in Windows or go to support.microsoft.com. Follow @WindowsUpdate on X (formerly Twitter) for Windows release health updates.
Resolved issues
| Summary | Originating update | Status | Date resolved |
|---|---|---|---|
| Microsoft received reports about an “UNSUPPORTED_PROCESSOR” error Investigation concluded that the error reported by users was not caused by the August 2023 preview updates. | OS Build 22000.2360 KB5029332 2023-08-22 | Resolved External | 2023-09-07 16:51 PT |
| You might receive an error with apphelp.dll from apps using DirectX After installing KB5019980 or later updates, devices with older Intel graphics drivers might encounter issues. | OS Build 22000.1219 KB5019961 2022-11-08 | Resolved KB5025298 | 2023-04-25 10:00 PT |
| Some devices might start up into BitLocker Recovery Some devices might require BitLocker Recovery key to start up after installing Security update for Secure Boot DBX. | OS Build 22000.850 KB5012170 2022-08-09 | Resolved KB5022905 | 2023-02-21 14:00 PT |
| KB5012170 might fail to install and you might receive a 0x800f0922 error Security update for Secure Boot DBX might fail to install. | OS Build 22000.850 KB5012170 2022-08-09 | Resolved KB5022905 | 2023-02-21 14:00 PT |
| Computing effective access might not show results You might be unable to view effective access and explorer.exe might continue to use CPU after closing the dialog. | OS Build 22000.1936 KB5026368 2023-05-09 | Resolved KB5027292 | 2023-06-28 14:00 PT |
| Some apps might fail to playback, record, or capture video Apps and cameras using WVC1 codec might fail to function as expected. | OS Build 22000.30000 KB5028245 2023-07-25 | Resolved | 2023-07-25 14:58 PT |
| When using Outlook, opening links in emails might display an error Office updates released July 11, 2023 introduce this behavior by design due to the new security protections | N/A | Resolved | 2023-07-25 18:26 PT |
| "Local Security Authority protection is off." with persistent restart Once enabled, your Windows device might persistently notify you that it is vulnerable, and a restart is required. | N/A | Resolved | 2023-07-05 17:46 PT |
| Integrated camera might not work as expected on some Arm-based devices Starting May 23, 2023, some Arm-based devices might be unable to use the integrated webcam due to a driver issue. | N/A | Resolved External | 2023-07-10 11:21 PT |
| Microsoft Outlook and some apps might not open 32-bit apps from Microsoft or third-parties might fail to open with certain security software installed. | OS Build 22000.2057 KB5027223 2023-06-13 | Resolved External | 2023-06-28 17:36 PT |
| Start menu, Windows Search and UWP apps might have issues opening Affected devices have apps installed which integrate with Windows, Microsoft Office, or Microsoft Outlook. | N/A | Resolved KB5027292 | 2023-06-28 14:00 PT |
| Saving or copying files might intermittently fail You might receive an error or files might intermittently fail to save or copy, especially to network shares. | OS Build 22000.1761 KB5023774 2023-03-28 | Resolved KB5027223 | 2023-06-13 10:00 PT |
| Domain join processes may fail with error "0xaac (2732)" This might be encountered when an account was created by a different identity than the one used to join the domain | OS Build 22000.1098 KB5018418 2022-10-11 | Resolved KB5023698 | 2023-03-14 10:00 PT |
| Third-party UI customization apps might cause Windows to not start up Apps to change behaviors or UI in Windows 11 might cause issues with updates released February 28, 2023 or later. | OS Build 22000.30000 KB5023774 2023-03-28 | Resolved External | 2023-05-09 10:06 PT |
| Red Dead Redemption 2 might not open Rockstar Games Launcher might be unable to open Red Dead Redemption 2. | OS Build 22000.30000 KB5023774 2023-03-21 | Resolved External | 2023-04-03 14:39 PT |
| Windows 11 upgrades were offered to ineligible devices Affected devices were not able to complete the installation process. | N/A | Resolved | 2023-02-24 18:01 PT |
| Application shortcuts might not work from the Start menu or other locations Errors might be observed when trying to run exe files. Changes to Microsoft Defender can help. | N/A | Resolved | 2023-01-18 19:28 PT |
| Database connections using Microsoft ODBC SQL Server driver might fail. Apps using ODBC connections might fail to connect to databases. | OS Build 22000.1219 KB5019961 2022-11-08 | Resolved KB5022287 | 2023-01-10 10:00 PT |
| Direct Access might be unable to reconnect after your device has connectivity issues This issue might happen after losing network connectivity or transitioning between Wi-Fi networks. | OS Build 22000.1165 KB5018483 2022-10-25 | Resolved KB5021234 | 2022-12-13 10:00 PT |
| Sign in failures and other issues related to Kerberos authentication After installing updates released November 2022, you might have Kerberos authentication issues. | OS Build 22000.1219 KB5019961 2022-11-08 | Resolved | 2022-11-18 16:22 PT |
Issue details
August 2023
Microsoft received reports about an “UNSUPPORTED_PROCESSOR” error
| Status | Originating update | History | Resolved External | OS Build 22000.2360 KB5029332 2023-08-22 | Last updated: 2023-09-07, 16:51 PT Opened: 2023-08-23, 19:44 PT |
|---|
Microsoft has received reports of an issue in which users are receiving an “UNSUPPORTED_PROCESSOR” error message on a blue screen after installing updates released on August 22, 2023 ( KB5029332) and then restarting their device. KB5029332 might automatically uninstall to allow Windows to start up as expected. If this occurs, we recommend that you do not attempt to reinstall KB5029332.
Resolution: After investigating these reports, we have found that the “UNSUPPORTED_PROCESSOR” error was not caused by issues in KB5029332 and is limited to a specific subset of processors. For more information on this issue, please see 13th Gen Intel® Core™ Processor Families with Performance Hybrid Architecture Blue Screen Hang Issue with Windows* Preview Updates. This issue will not affect future monthly updates released for Windows. KB5029332 will not be offered to Windows devices that might be affected by this issue and it is recommended that you do not attempt to manually install it on affected devices.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2
- Server: None
July 2023
Some apps might fail to playback, record, or capture video
| Status | Originating update | History | Resolved | OS Build 22000.30000 KB5028245 2023-07-25 | Resolved: 2023-07-25, 14:58 PT Opened: 2023-07-25, 14:47 PT |
|---|
After installing KB5028245 or later updates, some apps might fail to playback, record, or capture video when using the WVC1 codec (VC-1). Certain cameras or webcams might also fail to work if they use the WVC1 codec by default.
Resolution: This issue is resolved using Known Issue Rollback (KIR). Please note that it might take up to 24 hours for the resolution to propagate automatically to consumer devices and non-managed business devices. Restarting your Windows device might help the resolution apply to your device faster. For enterprise-managed devices that have installed an affected update and encountered this issue, it can be resolved by installing and configuring a special Group Policy. The special Group Policy can be found in Computer Configuration -> Administrative Templates -> <Group Policy name listed below>
For information on deploying and configuring these special Group Policy, please see How to use Group Policy to deploy a Known Issue Rollback.
Group Policy downloads with Group Policy name:
- Download for Windows 11, version 22H2 - Windows 11 22H2 KB5027303 230528_03453 Known Issue Rollback
- Download for Windows 11, version 21H2 - Windows 11 (original release) KB5028245 230630_032045 Known Issue Rollback
- Download for Windows 10, version 22H2 - Windows 10 20H2, 21H1, 21H2 and 22H2 KB5028244 230627_173555 Known Issue Rollback
Important: You will need to install and configure the Group Policy for your version of Windows to resolve this issue. You will also need to restart your device(s) to apply the group policy setting.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2
- Server: None
When using Outlook, opening links in emails might display an error
| Status | Originating update | History | Resolved | N/A | Resolved: 2023-07-25, 18:26 PT Opened: 2023-07-25, 18:14 PT |
|---|
When clicking on links in emails in Microsoft Outlook, you might receive an error message with the text “Something unexpected went wrong with this URL”. Opening links in emails on Microsoft Outlook may also display an error stating "Microsoft Office has identified a potential security concern. This location may be unsafe."
As a result of Microsoft Office security hardening changes, hyperlinks which contain fully-qualified domain name (FQDN) or IP address will display this message. This is due to protections released July 11, 2023.
Please note: This behavior is caused by a protection update in Outlook released July 11, 2023. It is not caused by Windows Updates.
Resolution: These messages are displayed as part of recent Office security changes. Details can be seen in KB article Outlook blocks opening FQDN and IP address hyperlinks after installing protections for Microsoft Outlook Security Feature Bypass Vulnerability released July 11, 2023.
In order to ensure continued access to files on FQDN or IP address paths, add those URLs to the Trusted Sites zone in accordance with Windows guidance. An Intranet site is identified as an Internet site when you use an FQDN or an IP address. This can be accomplished with the following steps:
- Open the "Internet Properties" settings. This can be done in one of the following ways:
- Open "Control Panel" from the start menu and select "Internet Options" under "Network and Internet"
- On your keyboard, press and hold the Windows key, then press the letter S. In the search dialog that appears, type "Internet Properties" and select the first result.
- Click the Security tab, then select Trusted Sites.
- Under "Add this website to the zone", add the URL, UNC, FQDN path that you want to allow. For example, add: file://server.usa.corp.com
Note: If the entry you wish to add does not explicitly start with ‘https:’, you must first uncheck the ‘Require server verification (https) for all sites in this zone’ checkbox before it can be saved.
This workaround can also be deployed via group policy. See policy: \\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Site to Zone Assignment List on the Group Policy Search site.
For additional information see the respective CVEs below.
- MSRC CVE-2023-33151: Microsoft Outlook Spoofing Vulnerability
- MSRC CVE-2023-35311: Microsoft Outlook Security Feature Bypass Vulnerability
- KB5002427: Description of the security update for Outlook 2016: July 11, 2023 (KB5002427)
- KB5002432: Description of the security update for Outlook 2013: July 11, 2023 (KB5002432)
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2
- Server: None
June 2023
Computing effective access might not show results
| Status | Originating update | History | Resolved KB5027292 | OS Build 22000.1936 KB5026368 2023-05-09 | Resolved: 2023-06-28, 14:00 PT Opened: 2023-06-21, 16:37 PT |
|---|
After installing updates released on May 9, 2023 or later updates, you might be unable to view Effective Access in the "Advanced Security Settings" dialog for shared files or folders. On affected devices, when the "View effective access" button is selected, you will receive the message "Computing effective access...." but the results of the query might not be displayed and explorer.exe might continue to use CPU after the Advanced Security settings dialog is closed. This issue is unlikely to be experienced by consumers using Windows devices in their home.
Workaround: If you have attempted to view effective access, you can mitigate the CPU usage issue by restarting your device or by signing out for the affected user. Note: Locking Windows will not mitigate this issue, you must sign out.
Resolution: This issue was resolved in KB5027292.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 11, version 21H2
- Server: Windows Server 2022
Microsoft Outlook and some apps might not open
| Status | Originating update | History | Resolved External | OS Build 22000.2057 KB5027223 2023-06-13 | Last updated: 2023-06-28, 17:36 PT Opened: 2023-06-28, 17:14 PT |
|---|
After installing KB5027223 or later updates on Windows devices with certain antivirus, antimalware or security software installed, you might not be able to open Microsoft or third-party apps. Some known affected apps are Microsoft Outlook and other Microsoft Office apps. This issue only occurs with 32-bit apps running on 64-bit Windows with Trellix Endpoint Security version earlier than 35.31.25. When attempting to open an affected app, Event Log indicates an access violation with the error "module is unknown". This issue is not likely to be encountered by consumers using Windows devices in their home.
Resolution: This issue has been resolved by Trellix in Endpoint Security Agent (HX) 35.31.25 and later. If you are experiencing this issue with other security software installed or after installing the latest version of Trellix Endpoint Security Agent, please contact customer support of the security software you are using.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2
- Server: Windows Server 2022
May 2023
Integrated camera might not work as expected on some Arm-based devices
| Status | Originating update | History | Resolved External | N/A | Last updated: 2023-07-10, 11:21 PT Opened: 2023-05-26, 18:02 PT |
|---|
Windows devices using certain Arm-based processors might have issues using integrated cameras starting on May 23, 2023. When encountering this issue, you might receive an “0xA00F4271<MediaCaptureFailedEvent> (0x80004005)” error when attempting to use the Camera app. Affected devices use these processors: Qualcomm 8cx Gen 1, Qualcomm 8cx Gen 2, Microsoft SQ1, and Microsoft SQ2. Note: This issue does not affect USB cameras or webcams, even when attached to an affected Windows devices.
Workaround: Microsoft is deploying a critical troubleshooter to mitigate this issue on most affected Windows devices. Troubleshooters are applied automatically and can't be run manually. For more information about troubleshooting, see keep your device running smoothly with recommended troubleshooting. To check if the troubleshooter has been applied, look for the following in troubleshooter history:
To mitigate this issue on managed devices where troubleshooters are disabled by your organization or if you want the mitigation before the troubleshooter has run automatically, use the following steps to disable the affected feature of the camera driver. Important: You should apply this workaround only on devices experiencing this issue. Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall the operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk:
- Select the Start button and type cmd, then right click or long press on Command Prompt and select Run as administrator.
- Copy and paste the following command and run the command by pressing Enter: reg add "HKLM\SYSTEM\CurrentControlSet\Control\Qualcomm\Camera" /v EnableQCOMFD /t REG_DWORD /d 0 /f
- Restart any app which uses the camera or restart your Windows device.
- The integrated camera should now function as expected.
Note: This workaround might disable some features of the camera or lower the image quality but should allow the camera to function until the issue is resolved by the device manufacturer with an updated camera driver. An updated driver should restore full camera functionality and the workaround should not need to be undone.
Resolution: This issue was resolved with the release of updated camera drivers. The updated drivers should offer and install automatically from Windows Update in the coming weeks. If you would like to check if updated drivers are available for your device, you can manually check for updates. If updated camera drivers are not already installed and not offered when manually checking Windows Update, they might not be available yet for affected devices from your Windows device manufacturer (OEM).
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2
- Server: None
Saving or copying files might intermittently fail
| Status | Originating update | History | Resolved KB5027223 | OS Build 22000.1761 KB5023774 2023-03-28 | Resolved: 2023-06-13, 10:00 PT Opened: 2023-05-24, 10:32 PT |
|---|
After installing KB5023774 or later updates, you might have intermittent issues saving, or copying, or attaching files using 32-bit apps which are large address aware and using the CopyFile API. Windows devices are more likely to be affected by this issue when using some commercial/enterprise security software which uses extended file attributes. We are not receiving reports that copying files using File Explorer is affected, but CopyFile API used within apps might be affected. Microsoft Office apps such as Microsoft Word or Microsoft Excel are only affected when using 32-bit versions and you might receive the error, "Document not saved." This issue is unlikely to be experienced by consumers using Windows devices in their home or on non-managed comercial device. Note: Apps are not affected by this issue if they are 64-bit or 32-bit and NOT large address aware.
Workaround: To mitigate the issue, you can attempt to save or copy again. Since the issue is intermittent, it is likely to succeed on a subsequent try. Important: If the resolution below does not resolve intermittent save or copy issues in your environment, then you might be experiencing a different issue with similar symptoms.
Resolution: This issue was resolved in updates released June 13, 2023 ( KB5027223) and later. We recommend you install the latest security update for your device. It contains important improvements and issue resolutions, including this one. If you install an update released June 13, 2023 or later, you do not need to use a Known Issue Rollback (KIR) or a special Group Policy to resolve this issue. If you are using an update released before June 13, 2023, and have this issue, you can resolve it by installing and configuring the special Group Policy listed below.
Enterprise-managed devices that have installed an affected update and have encountered this issue can resolve it by installing and configuring a special Group Policy. The special Group Policy can be found in Computer Configuration -> Administrative Templates -> <Group Policy name listed below>.
For information on deploying and configuring these special Group Policy, please see How to use Group Policy to deploy a Known Issue Rollback.
Group Policy downloads with Group Policy name:
- Download for Windows 11, version 21H2 - KB5023774 230222_032017 Known Issue Rollback
- Download for Windows 10, version 22H2; Windows 10, version 21H2 - KB5023773 230222_032013 Known Issue Rollback
Important: You will need to install and configure the Group Policy for your version of Windows to resolve this issue.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2
- Server: None
March 2023
"Local Security Authority protection is off." with persistent restart
| Status | Originating update | History | Resolved | N/A | Resolved: 2023-07-05, 17:46 PT Opened: 2023-03-21, 11:18 PT |
|---|
After installing "Update for Microsoft Defender Antivirus antimalware platform - KB5007651 (Version 1.0.2302.21002)", you might receive a security notification or warning stating that "Local Security protection is off. Your device may be vulnerable." and once protections are enabled, your Windows device might persistently prompt that a restart is required. Important: This issue affects only "Update for Microsoft Defender Antivirus antimalware platform - KB5007651 (Version 1.0.2302.21002)". All other Windows updates released on March 14, 2023 for affected platforms (KB5023706 and KB5023698), do not cause this issue.
Workaround: If you have enabled Local Security Authority (LSA) protection and have restarted your device at least once, you can dismiss warning notifications and ignore any additional notifications prompting for a restart. You can verify that LSA protection is enabled by looking in Event Viewer using the information available here. Important: Currently, we do not recommend any other workaround for this issue.
Resolution: This issue was resolved in an update for Windows Security platform antimalware platform KB5007651 (Version 1.0.2306.10002). If you would like to install the update before it is installed automatically, you will need to check for updates.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 11, version 21H2
- Server: None
Red Dead Redemption 2 might not open
| Status | Originating update | History | Resolved External | OS Build 22000.30000 KB5023774 2023-03-21 | Last updated: 2023-04-03, 14:39 PT Opened: 2023-03-27, 18:59 PT |
|---|
After installing KB5023774 or later updates, Red Dead Redemption 2 might not open. When attempting to open it from the Rockstar Games Launcher by selecting the "Play" button, it will switch to "Loading", but Red Dead Redemption 2 might not open, and the button will revert to "Play".
Workaround: To mitigate this issue, you can upgrade to Windows 11, version 22H2. If you are interested in moving to Windows 11, version 22H2, open Windows Update settings and select Check for updates. If your device is ready, you will see the option to Download and install.
Resolution: This issue was resolved in an update from Rockstar Games for Red Dead Redemption 2. After updating to the latest version of the game, you should be able to open it as expected.
Affected platforms:
- Client: Windows 11, version 21H2
- Server: None
February 2023
You might receive an error with apphelp.dll from apps using DirectX
| Status | Originating update | History | Resolved KB5025298 | OS Build 22000.1219 KB5019961 2022-11-08 | Resolved: 2023-04-25, 10:00 PT Opened: 2023-02-08, 15:49 PT |
|---|
After installing KB5019961 or later updates, you might receive an error with apphelp.dll on Windows devices using Intel graphics drivers with versions 26.20.100.7463 up to 30.0.101.1190. This issue might happen intermittently and affects a small number of enterprise apps which use DirectX or Direct3D to render part or all of their content. Windows devices using updated Intel graphics drivers with a version later than 30.0.101.1190 are not affected by this issue and already have the Intel resolution for this issue installed.
Home users of Windows are unlikely to experience this issue, as the few affected apps are more commonly used in enterprise environments.
Workaround: To mitigate this issue, you can install an Intel graphics driver with a later version than 30.0.101.1190. It is recommended to check your Windows device manufacturer's support for the latest version of the Intel graphics driver for your device. If they do not offer a driver later than 30.0.101.1190, you can check List of Drivers for Intel Graphics for information on how to download and install the latest Intel graphics driver available from Intel directly.
Resolution: This issue was resolved in KB5025298.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019
- Server: Windows Server 2022
Third-party UI customization apps might cause Windows to not start up
| Status | Originating update | History | Resolved External | OS Build 22000.30000 KB5023774 2023-03-28 | Last updated: 2023-05-09, 10:06 PT Opened: 2023-02-28, 09:54 PT |
|---|
After installing KB5023774 or later updates, Windows devices with some third-party UI customization apps might not start up. These third-party apps might cause errors with explorer.exe that might repeat multiple times in a loop. The known affected third-party UI customization apps are ExplorerPatcher and StartAllBack. These types of apps often use unsupported methods to achieve their customization and as a result can have unintended results on your Windows device.
Workaround: We recommend uninstalling any third-party UI customization app before installing KB5023774 to prevent this issue. If your Windows device is already experiencing this issue, you might need to contact customer support for the developer of the app you are using.
Resolution: ExplorerPatcher and StartAllBack have released a version which lists this issue as resolved. Note: If you are using any third-party UI customization app and encounter this or any other issues, you will need to contact customer support for the developer of the app you are using.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 11, version 21H2
- Server: None
Windows 11 upgrades were offered to ineligible devices
| Status | Originating update | History | Resolved | N/A | Resolved: 2023-02-24, 18:01 PT Opened: 2023-02-24, 17:43 PT |
|---|
Some hardware ineligible Windows 10 and Windows 11, version 21H2 devices were offered an inaccurate upgrade to Windows 11. These ineligible devices did not meet the minimum requirements to run Window 11. Devices that experienced this issue were not able to complete the upgrade installation process.
This issue was detected on February 23, 2023, and resolved on the same day.
Resolution: This issue is resolved. It might take 24 to 48 hours to propagate to all affected devices. Affected users do not need to take any steps.
Affected platforms:
- Client: Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 20H2
January 2023
Start menu, Windows Search and UWP apps might have issues opening
| Status | Originating update | History | Resolved KB5027292 | N/A | Resolved: 2023-06-28, 14:00 PT Opened: 2023-01-24, 09:47 PT |
|---|
The Start menu, Windows search, and Universal Windows Platform (UWP) apps might not work as expected or might have issues opening. Affected Windows devices might have damaged registry keys or data which might affect apps using Microsoft Office APIs to integrate with Windows, Microsoft Office, or Microsoft Outlook or Outlook Calendar. An example of an app affected by this issue is ClickShare. The underlying Issue is not caused by the installation of an update to Windows and might be exposed by an update to an affected app.
Workaround: To mitigate this issue, you can uninstall apps which integrate with Windows, Microsoft Office, Microsoft Outlook or Outlook Calendar. Updates to affected apps or guidance from the developer of the app might also be available. If you are using ClickShare by Barco, please see Symptom: Start Menu and other shell components fail when Apps including Barco's ClickShare access Office APIs and Unresponsive Windows taskbar or user shell folder permissions issues with ClickShare App Calendar integration.
Resolution: This issue was resolved in KB5027292.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 20H2
- Server: None
Application shortcuts might not work from the Start menu or other locations
| Status | Originating update | History | Resolved | N/A | Resolved: 2023-01-18, 19:28 PT Opened: 2023-01-13, 13:40 PT |
|---|
After installing security intelligence update build 1.381.2140.0 for Microsoft Defender, application shortcuts in the Start menu, pinned to the taskbar, and on the Desktop might be missing or deleted. Additionally, errors might be observed when trying to run executable (.exe) files which have dependencies on shortcut files. Affected devices have the Atack Surface Reduction (ASR) rule "Block Win32 API calls from Office macro" enabled. After installing security intelligence build 1.381.2140.0, detections resulted in the deletion of certain Windows shortcut (.lnk) files that matched the incorrect detection pattern.
Windows devices used by consumers in their home or small offices are not likely to be affected by this issue.
Workaround: Changes to Microsoft Defender can mitigate this issue. The Atack Surface Reduction (ASR) rules in Microsoft Defender are used to regulate software behavior as part of security measures. Changing ASR rules to Audit Mode can help prevent this issue. This can be done through the following options:
- Using Intune: Enable attack surface reduction rules | Defender for Endpoint: Microsoft Endpoint Manager
- Using Group Policy: Enable attack surface reduction rules | Defender for Endpoint: Group Policy
Microsoft Office applications can be launched through the Microsoft 365 app launcher. More details on the Microsoft 365 app launcher can be found in Meet the Microsoft 365 app launcher
Next steps: This issue is resolved in security intelligence update build 1.381.2164.0. Installing security intelligence update build 1.381.2164.0 or later should prevent the issue, but it will not restore previously deleted shortcuts. You will need to recreate or restore these shortcuts through other methods. For additional information and help recovering missing shortcuts, see Recovering from Attack Surface Reduction rule shortcut deletions (updated on January 17, 2023 to include additional guidance and scripts to help with recovery).
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB
- Server: None
December 2022
Database connections using Microsoft ODBC SQL Server driver might fail.
| Status | Originating update | History | Resolved KB5022287 | OS Build 22000.1219 KB5019961 2022-11-08 | Resolved: 2023-01-10, 10:00 PT Opened: 2022-12-05, 15:45 PT |
|---|
After installing KB5019961, apps which use ODBC connections utilizing the Microsoft ODBC SQL Server Driver (sqlsrv32.dll) to access databases might fail to connect. You might receive an error within the app or you might receive an error from SQL Server, such as "The EMS System encountered a problem" with "Message: [Microsoft][ODBC SQL Server Driver] Protocol error in TDS Stream" or "Message: [Microsoft][ODBC SQL Server Driver]Unknown token received from SQL Server". Note for developers: Apps affected by this issue might fail to fetch data, for example when using the SQLFetch function. This issue might occur when calling SQLBindCol function before SQLFetch or calling SQLGetData function after SQLFetch and when a value of 0 (zero) is given for the ‘BufferLength’ argument for fixed datatypes larger than 4 bytes (such as SQL_C_FLOAT).
If you are unsure if you are using any affected apps, open any apps which use a database and then open Command Prompt (select Start then type command prompt and select it) and type the following command:
tasklist /m sqlsrv32.dll
Workaround: To mitigate this issue, you can do one of the following:
- If your app is already using or able to use Data Source Name (DSN) to select ODBC connections, install Microsoft ODBC Driver 17 for SQL Server and select it for use with your app using DSN. Note: We recommend the latest version of Microsoft ODBC Driver 17 for SQL Server, as it is more compatible with apps currently using the legacy Microsoft ODBC SQL Server Driver (sqlsrv32.dll) than Microsoft ODBC Driver 18 for SQL Server.
- If your app is unable to use DSN, the app will need to be modified to allow for DSN or to use a newer ODBC driver than Microsoft ODBC SQL Server Driver (sqlsrv32.dll).
Resolution: This issue was resolved in KB5022287. If you have implemented the above workaround, it is recommended to continue using the configuration in the workaround.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1
- Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
November 2022
Direct Access might be unable to reconnect after your device has connectivity issues
| Status | Originating update | History | Resolved KB5021234 | OS Build 22000.1165 KB5018483 2022-10-25 | Resolved: 2022-12-13, 10:00 PT Opened: 2022-11-13, 14:49 PT |
|---|
After installing KB5018483 or later updates, you might be unable to reconnect to Direct Access after temporarily losing network connectivity or transitioning between Wi-Fi networks or access points. Note: This issue should not affect other remote access solutions such as VPN (sometimes called Remote Access Server or RAS) and Always On VPN (AOVPN).
Windows devices used at home by consumers or devices in organizations which are not using Direct Access to remotely access the organization's network resources are not affected.
Workaround: You can mitigate this issue by restarting your Windows device.
Resolution: This issue was resolved in updates released December 13, 2022 ( KB5021234) and later. We recommend you install the latest security update for your device. It contains important improvements and issue resolutions, including this one. If you install an update released December 13, 2022 ( KB5021234) or later, you do not need to use a Known Issue Rollback (KIR) or a special Group Policy to resolve this issue. If you are using an update released before December 13, 2022, and have this issue, you can resolve it by installing and configuring the special Group Policy listed below. The special Group Policy can be found in Computer Configuration -> Administrative Templates -> <Group Policy name listed below>.
For information on deploying and configuring these special Group Policy, please see How to use Group Policy to deploy a Known Issue Rollback.
Group Policy downloads with Group Policy name:
- Download for Windows 11, version 22H2 - KB5018427 221029_091533 Known Issue Rollback
- Download for Windows 11, version 21H2 - KB5018483 220927_043051 Known Issue Rollback
- Download for Windows Server 2022 - KB5018485 220927_043049 Known Issue Rollback
- Download for Windows 10, version 22H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2 - KB5018482 220927_043047 Known Issue Rollback
Important: You will need to install and configure the Group Policy for your version of Windows to resolve this issue.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019
- Server: Windows Server 2022; Windows Server 2019
Sign in failures and other issues related to Kerberos authentication
| Status | Originating update | History | Resolved | OS Build 22000.1219 KB5019961 2022-11-08 | Resolved: 2022-11-18, 16:22 PT Opened: 2022-11-13, 15:16 PT |
|---|
Updated November 18, 2022: Added update information for Windows Server 2008 R2 SP1.
After installing updates released on November 8, 2022 or later on Windows Servers with the Domain Controller role, you might have issues with Kerberos authentication. This issue might affect any Kerberos authentication in your environment. Some scenarios which might be affected:
- Domain user sign in might fail. This also might affect Active Directory Federation Services (AD FS) authentication.
- Group Managed Service Accounts (gMSA) used for services such as Internet Information Services (IIS Web Server) might fail to authenticate.
- Remote Desktop connections using domain users might fail to connect.
- You might be unable to access shared folders on workstations and file shares on servers.
- Printing that requires domain user authentication might fail.
When this issue is encountered you might receive a Microsoft-Windows-Kerberos-Key-Distribution-Center Event ID 14 error event in the System section of Event Log on your Domain Controller with the below text. Note: affected events will have "the missing key has an ID of 1":
While processing an AS request for target service <service>, the account <account name> did not have a suitable key for generating a Kerberos ticket (the missing key has an ID of 1). The requested etypes : 18 3. The accounts available etypes : 23 18 17. Changing or resetting the password of <account name> will generate a proper key.
Note: This issue is not an expected part of the security hardening for Netlogon and Kerberos starting with November 2022 security update. You will still need to follow the guidance in these articles even after this issue is resolved.
Windows devices used at home by consumers or devices which are not part of a on premises domain are not affected by this issue. Azure Active Directory environments that are not hybrid and do not have any on premises Active Directory servers are not affected.
Resolution: This issue was resolved in out-of-band updates released November 17, 2022 and November 18, 2022 for installation on all the Domain Controllers (DCs) in your environment. You do not need to install any update or make any changes to other servers or client devices in your environment to resolve this issue. If you used any workaround or mitigations for this issue, they are no longer needed, and we recommend you remove them.
To get the standalone package for these out-of-band updates, search for the KB number in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. Note The below updates are not available from Windows Update and will not install automatically.
Cumulative updates:
Note: You do not need to apply any previous update before installing these cumulative updates. If you have already installed updates released November 8, 2022, you do not need to uninstall the affected updates before installing any later updates including the updates listed above.
Standalone Updates:
- Windows Server 2012 R2: KB5021653
- Windows Server 2012: KB5021652
- Windows Server 2008 R2 SP1: KB5021651 (released November 18, 2022)
- Windows Server 2008 SP2: KB5021657
Note: If you are using security only updates for these versions of Windows Server, you only need to install these standalone updates for the month of November 2022. Security only updates are not cumulative, and you will also need to install all previous Security only updates to be fully up to date. Monthly rollup updates are cumulative and include security and all quality updates. If you are using Monthly rollup updates, you will need to install both the standalone updates listed above to resolve this issue, and install the Monthly rollups released November 8, 2022 to receive the quality updates for November 2022. If you have already installed updates released November 8, 2022, you do not need to uninstall the affected updates before installing any later updates including the updates listed above.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1
- Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
October 2022
Domain join processes may fail with error "0xaac (2732)"
| Status | Originating update | History | Resolved KB5023698 | OS Build 22000.1098 KB5018418 2022-10-11 | Resolved: 2023-03-14, 10:00 PT Opened: 2022-10-27, 15:53 PT |
|---|
Domain join operations might intentionally fail with error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" and text "An account with the same name exists in Active Directory. Re-using the account was blocked by security policy."
This issue originates with the October 2022 security updates ( KB5018418) which introduced some hardening changes enabled by default for domain join. Please see KB5020276 - Netjoin: Domain join hardening changes to understand the new designed behavior.
Affected scenarios include some domain join or re-imaging operations where a computer account was created or pre-staged by a different identity than the identity used to join or re-join the computer to the domain.
Home users of Windows are unlikely to experience this issue.
Resolution: This issue was resolved in updates released March 14, 2023 ( KB5023698) or later. Please see KB5020276 to understand the newly re-designed behavior. We have added information about a new Allowlist policy for trusted computer account creators to this KB.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1
- Server: Windows Server 2022; Windows Server, version 20H2; Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
August 2022
Some devices might start up into BitLocker Recovery
| Status | Originating update | History | Resolved KB5022905 | OS Build 22000.850 KB5012170 2022-08-09 | Resolved: 2023-02-21, 14:00 PT Opened: 2022-08-19, 19:36 PT |
|---|
Some devices might enter BitLocker Recovery on the first or second restart after attempting to install Security update for Secure Boot DBX ( KB5012170), released August 9, 2022. Note: This issue only affects the Security update for Secure Boot DBX ( KB5012170) and does not affect the latest cumulative security updates, monthly rollups, or security only updates released on August 9, 2022.
Workaround: If your device is prompting for a BitLocker Recovery key, you will need to supply it to start up Windows. For more information, see Finding your BitLocker recovery key in Windows.
If you have not installed KB5012170 yet and have BitLocker enabled on your device, follow the instructions below to temporarily suspend BitLocker before installing.
If you have installed KB5012170 and have not yet restarted your device or have only restarted your device once, temporarily suspend BitLocker using the instructions below.
Important: If you have restarted your device two times or more after installing KB5012170, your device is not affected by this issue
To temporarily suspend BitLocker, or to avoid a BitLocker recovery when deploying KB5012170, follow these steps:
1. Run the following command from Administrator command prompt:
Manage-bde -protectors -disable %systemdrive% -rebootcount 2
2. Install the update KB5012170, if not already installed
3. Restart the device.
4. Restart the device again.
5. BitLocker should automatically be enabled after two boots. If you want to manually resume BitLocker to verify that it is enabled, use the following command:
Manage-bde -protectors -Enable %systemdrive%
Resolution: This issue was resolved in KB5022905 and later updates.
Affected platforms:
- Client: Windows 11, version 21H2
- Server: None
KB5012170 might fail to install and you might receive a 0x800f0922 error
| Status | Originating update | History | Resolved KB5022905 | OS Build 22000.850 KB5012170 2022-08-09 | Resolved: 2023-02-21, 14:00 PT Opened: 2022-08-12, 17:08 PT |
|---|
When attempting to install KB5012170, it might fail to install, and you might receive an error 0x800f0922.
Note: This issue only affects the Security update for Secure Boot DBX ( KB5012170) and does not affect the latest cumulative security updates, monthly rollups, or security only updates.
Workaround: This issue can be mitigated on some devices by updating the UEFI bios to the latest version before attempting to install KB5012170.
Resolution: This issue was resolved in KB5022905 or later updates.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 11, version 21H2; Windows 10, version 22H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1
- Server: Windows Server 2022; Windows Server, version 20H2; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Report a problem with Windows updates
To report an issue to Microsoft at any time, use the Feedback Hub app. To learn more, see Send feedback to Microsoft with the Feedback Hub app.
Need help with Windows updates?
Search, browse, or ask a question on the Microsoft Support Community. If you are an IT pro supporting an organization, visit Windows release health on the Microsoft 365 admin center for additional details.
For direct help with your home PC, use the Get Help app in Windows or contact Microsoft Support. Organizations can request immediate support through Support for business.
View this site in your language
This site is available in 11 languages: English, Chinese Traditional, Chinese Simplified, French (France), German, Italian, Japanese, Korean, Portuguese (Brazil), Russian, and Spanish (Spain). All text will appear in English if your browser default language is not one of the 11 supported languages. To manually change the display language, scroll down to the bottom of this page, click on the current language displayed on the bottom left of the page, and select one of the 11 supported languages from the list.