Windows 11, version 21H2 known issues and notifications
Find information on known issues and the status of the Windows 11, version 21H2 rollout. For immediate help with Windows update issues, use the Get Help app in Windows or go to support.microsoft.com. Follow @WindowsUpdate on Twitter for Windows release health updates.
Known issues
| Summary | Originating update | Status | Last updated |
|---|---|---|---|
| Start menu, Windows Search and UWP apps might have issues opening Affected devices have apps installed which integrate with Windows, Microsoft Office, or Microsoft Outlook. | N/A | Investigating | 2023-01-24 09:58 PT |
| Application shortcuts might not work from the Start menu or other locations Errors might be observed when trying to run exe files. Changes to Microsoft Defender can help. | N/A | Resolved | 2023-01-18 19:28 PT |
| Database connections using Microsoft ODBC SQL Server driver might fail. Apps using ODBC connections might fail to connect to databases. | OS Build 22000.1219 KB5019961 2022-11-08 | Resolved KB5022287 | 2023-01-10 10:00 PT |
| KB5012170 might fail to install and you might receive a 0x800f0922 error Security update for Secure Boot DBX might fail to install. | OS Build 22000.850 KB5012170 2022-08-09 | Confirmed | 2022-12-14 16:12 PT |
| Domain join processes may fail with error "0xaac (2732)" This might be encountered when an account was created by a different identity than the one used to join the domain | OS Build 22000.1098 KB5018418 2022-10-11 | Confirmed | 2022-10-27 16:57 PT |
| Compatibility issues with Intel Smart Sound Technology drivers and Windows 11 Windows 11 devices with the affected Intel SST driver might receive an error with a blue screen. | N/A | Mitigated External | 2022-09-22 17:52 PT |
| Some devices might start up into BitLocker Recovery Some devices might require BitLocker Recovery key to start up after installing Security update for Secure Boot DBX. | OS Build 22000.850 KB5012170 2022-08-09 | Confirmed | 2022-08-19 19:46 PT |
Issue details
January 2023
Start menu, Windows Search and UWP apps might have issues opening
| Status | Originating update | History | Investigating | N/A | Last updated: 2023-01-24, 09:58 PT Opened: 2023-01-24, 09:47 PT |
|---|
The Start menu, Windows search, and Universal Windows Platform (UWP) apps might not work as expected or might have issues opening. Affected Windows devices might have damaged registry keys or data which might affect apps using Microsoft Office APIs to integrate with Windows, Microsoft Office, or Microsoft Outlook or Outlook Calendar. An example of an app affected by this issue is ClickShare. The underlying Issue is not caused by the installation of an update to Windows and might be exposed by an update to an affected app.
Workaround: To mitigate this issue, you can uninstall apps which integrate with Windows, Microsoft Office, Microsoft Outlook or Outlook Calendar. Updates to affected apps or guidance from the developer of the app might also be available. If you are using ClickShare by Barco, please see Symptom: Start Menu and other shell components fail when Apps including Barco's ClickShare access Office APIs and Unresponsive Windows taskbar or user shell folder permissions issues with ClickShare App Calendar integration.
Next steps: We are presently investigating and will provide an update in an upcoming release.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 20H2
- Server: None
Application shortcuts might not work from the Start menu or other locations
| Status | Originating update | History | Resolved | N/A | Resolved: 2023-01-18, 19:28 PT Opened: 2023-01-13, 13:40 PT |
|---|
After installing security intelligence update build 1.381.2140.0 for Microsoft Defender, application shortcuts in the Start menu, pinned to the taskbar, and on the Desktop might be missing or deleted. Additionally, errors might be observed when trying to run executable (.exe) files which have dependencies on shortcut files. Affected devices have the Atack Surface Reduction (ASR) rule "Block Win32 API calls from Office macro" enabled. After installing security intelligence build 1.381.2140.0, detections resulted in the deletion of certain Windows shortcut (.lnk) files that matched the incorrect detection pattern.
Windows devices used by consumers in their home or small offices are not likely to be affected by this issue.
Workaround: Changes to Microsoft Defender can mitigate this issue. The Atack Surface Reduction (ASR) rules in Microsoft Defender are used to regulate software behavior as part of security measures. Changing ASR rules to Audit Mode can help prevent this issue. This can be done through the following options:
- Using Intune: Enable attack surface reduction rules | Defender for Endpoint: Microsoft Endpoint Manager
- Using Group Policy: Enable attack surface reduction rules | Defender for Endpoint: Group Policy
Microsoft Office applications can be launched through the Microsoft 365 app launcher. More details on the Microsoft 365 app launcher can be found in Meet the Microsoft 365 app launcher
Next steps: This issue is resolved in security intelligence update build 1.381.2164.0. Installing security intelligence update build 1.381.2164.0 or later should prevent the issue, but it will not restore previously deleted shortcuts. You will need to recreate or restore these shortcuts through other methods. For additional information and help recovering missing shortcuts, see Recovering from Attack Surface Reduction rule shortcut deletions (updated on January 17, 2023 to include additional guidance and scripts to help with recovery).
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB
- Server: None
December 2022
Database connections using Microsoft ODBC SQL Server driver might fail.
| Status | Originating update | History | Resolved KB5022287 | OS Build 22000.1219 KB5019961 2022-11-08 | Resolved: 2023-01-10, 10:00 PT Opened: 2022-12-05, 15:45 PT |
|---|
After installing KB5019961, apps which use ODBC connections utilizing the Microsoft ODBC SQL Server Driver (sqlsrv32.dll) to access databases might fail to connect. You might receive an error within the app or you might receive an error from SQL Server, such as "The EMS System encountered a problem" with "Message: [Microsoft][ODBC SQL Server Driver] Protocol error in TDS Stream" or "Message: [Microsoft][ODBC SQL Server Driver]Unknown token received from SQL Server". Note for developers: Apps affected by this issue might fail to fetch data, for example when using the SQLFetch function. This issue might occur when calling SQLBindCol function before SQLFetch or calling SQLGetData function after SQLFetch and when a value of 0 (zero) is given for the ‘BufferLength’ argument for fixed datatypes larger than 4 bytes (such as SQL_C_FLOAT).
If you are unsure if you are using any affected apps, open any apps which use a database and then open Command Prompt (select Start then type command prompt and select it) and type the following command:
tasklist /m sqlsrv32.dll
Workaround: To mitigate this issue, you can do one of the following:
- If your app is already using or able to use Data Source Name (DSN) to select ODBC connections, install Microsoft ODBC Driver 17 for SQL Server and select it for use with your app using DSN. Note: We recommend the latest version of Microsoft ODBC Driver 17 for SQL Server, as it is more compatible with apps currently using the legacy Microsoft ODBC SQL Server Driver (sqlsrv32.dll) than Microsoft ODBC Driver 18 for SQL Server.
- If your app is unable to use DSN, the app will need to be modified to allow for DSN or to use a newer ODBC driver than Microsoft ODBC SQL Server Driver (sqlsrv32.dll).
Resolution: This issue was resolved in KB5022287. If you have implemented the above workaround, it is recommended to continue using the configuration in the workaround.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1
- Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
October 2022
Domain join processes may fail with error "0xaac (2732)"
| Status | Originating update | History | Confirmed | OS Build 22000.1098 KB5018418 2022-10-11 | Last updated: 2022-10-27, 16:57 PT Opened: 2022-10-27, 15:53 PT |
|---|
Domain join operations might intentionally fail with error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" and text "An account with the same name exists in Active Directory. Re-using the account was blocked by security policy."
This issue originates with the October 2022 security updates ( KB5018418) which introduced some hardening changes enabled by default for domain join. Please see KB5020276 - Netjoin: Domain join hardening changes to understand the new designed behavior.
Affected scenarios include some domain join or re-imaging operations where a computer account was created or pre-staged by a different identity than the identity used to join or re-join the computer to the domain.
Home users of Windows are unlikely to experience this issue.
Next steps: Please see KB5020276 to understand the designed behavior. We have added insights to this KB, and are evaluating whether optimizations can be made in a future Windows Update. This guidance will be updated once those changes have released.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1
- Server: Windows Server 2022; Windows Server, version 20H2; Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
August 2022
KB5012170 might fail to install and you might receive a 0x800f0922 error
| Status | Originating update | History | Confirmed | OS Build 22000.850 KB5012170 2022-08-09 | Last updated: 2022-12-14, 16:12 PT Opened: 2022-08-12, 17:08 PT |
|---|
When attempting to install KB5012170, it might fail to install, and you might receive an error 0x800f0922.
Note: This issue only affects the Security update for Secure Boot DBX ( KB5012170) and does not affect the latest cumulative security updates, monthly rollups, or security only updates.
Workaround: This issue can be mitigated on some devices by updating the UEFI bios to the latest version before attempting to install KB5012170.
Next steps: We are presently investigating and will provide an update in an upcoming release.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 11, version 21H2; Windows 10, version 22H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1
- Server: Windows Server 2022; Windows Server, version 20H2; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Some devices might start up into BitLocker Recovery
| Status | Originating update | History | Confirmed | OS Build 22000.850 KB5012170 2022-08-09 | Last updated: 2022-08-19, 19:46 PT Opened: 2022-08-19, 19:36 PT |
|---|
Some devices might enter BitLocker Recovery on the first or second restart after attempting to install Security update for Secure Boot DBX ( KB5012170), released August 9, 2022. Note: This issue only affects the Security update for Secure Boot DBX ( KB5012170) and does not affect the latest cumulative security updates, monthly rollups, or security only updates released on August 9, 2022.
Workaround: If your device is prompting for a BitLocker Recovery key, you will need to supply it to start up Windows. For more information, see Finding your BitLocker recovery key in Windows.
If you have not installed KB5012170 yet and have BitLocker enabled on your device, follow the instructions below to temporarily suspend BitLocker before installing.
If you have installed KB5012170 and have not yet restarted your device or have only restarted your device once, temporarily suspend BitLocker using the instructions below.
Important: If you have restarted your device two times or more after installing KB5012170, your device is not affected by this issue
To temporarily suspend BitLocker, or to avoid a BitLocker recovery when deploying KB5012170, follow these steps:
1. Run the following command from Administrator command prompt:
Manage-bde -protectors -disable %systemdrive% -rebootcount 2
2. Install the update KB5012170, if not already installed
3. Restart the device.
4. Restart the device again.
5. BitLocker should automatically be enabled after two boots. If you want to manually resume BitLocker to verify that it is enabled, use the following command:
Manage-bde -protectors -Enable %systemdrive%
Next steps: We are working on a resolution and will provide an update in an upcoming release.
Affected platforms:
- Client: Windows 11, version 21H2
- Server: None
November 2021
Compatibility issues with Intel Smart Sound Technology drivers and Windows 11
| Status | Originating update | History | Mitigated External | N/A | Last updated: 2022-09-22, 17:52 PT Opened: 2021-11-15, 16:40 PT |
|---|
Intel and Microsoft have found incompatibility issues with certain versions of drivers for Intel Smart Sound Technology (Intel SST) on Intel 11th Gen Core processors and Windows 11. Windows 11 devices with the affected Intel SST driver might receive an error with a blue screen. The affected driver will be named Intel® Smart Sound Technology (Intel® SST) Audio Controller under System Devices in Device Manager and have the file name IntcAudioBus.sys and a file version of 10.29.0.5152 or 10.30.0.5152. Only devices with both an Intel 11th Gen Core processors and an Intel SST driver version of 10.29.0.5152 or 10.30.0.5152 are affected by this issue.
To safeguard your upgrade experience, we have applied a compatibility hold on devices with affected Intel SST drivers from being offered Windows 11, version 22H2 or Windows 11, version 21H2. If your organization is using Update Compliance, the safeguard IDs are:
- Windows 11, version 21H2: 36899911
- Windows 11, version 22H2: 41291788
Workaround: To mitigate the safeguard, you will need to check with your device manufacturer (OEM) to see if an updated driver is available and install it. This issue is resolved by updating the Intel® Smart Sound Technology drivers to a version 10.30.00.5714 and later or 10.29.00.5714 and later. Important: Later versions refer to just the last part of the version number. For addressing this issue, 10.30.x versions are not newer than 10.29.x versions. Once you have updated to a compatible version of the Intel® Smart Sound Technology drivers, you should be able to upgrade to Windows 11. Please note, if there are no other safeguards that affect your device, it can take up to 48 hours before the upgrade to Windows 11 is offered.
Next Steps: If you encounter this safeguard hold and an updated driver is not yet available, you will need to contact your device manufacturer (OEM) for more information.
Note We recommend that you do not attempt to manually upgrade using the Update now button or the Media Creation Tool until this issue has been resolved and the safeguard removed.
Affected platforms:
- Client: Windows 11, version 22H2; Windows 11, version 21H2
Report a problem with Windows updates
To report an issue to Microsoft at any time, use the Feedback Hub app. To learn more, see Send feedback to Microsoft with the Feedback Hub app
Need help with Windows updates?
Search, browse, or ask a question on the Microsoft Support Community. If you are an IT pro supporting an organization, visit Windows release health on the Microsoft 365 admin center for additional details.
For direct help with your home PC, use the Get Help app in Windows or contact Microsoft Support. Organizations can request immediate support through Support for business.
View this site in your language
This site is available in 11 languages: English, Chinese Traditional, Chinese Simplified, French (France), German, Italian, Japanese, Korean, Portuguese (Brazil), Russian, and Spanish (Spain). All text will appear in English if your browser default language is not one of the 11 supported languages. To manually change the display language, scroll down to the bottom of this page, click on the current language displayed on the bottom left of the page, and select one of the 11 supported languages from the list.