Microsoft has released KB5011831 as an optional update for Windows 10 users. This is a “Type C” release made in the third or fourth week of the month to further test the improvements in live environments, and it needs to be installed manually. Of course, if any further improvements are required, they are then implemented by Microsoft and released in the following month’s Patch Tuesday update.
You can install this update on the following versions of Windows 10:
This update includes many fixes and improvements, but no new features. Installing it will upgrade your operating system’s build to 1904X.1682.
That said, KB5011831 was also released earlier for Insiders on the Release Preview channel, and has now made its way to the stable channel.
Let us see what it brings and what problems it may cause before we move on to installing it.
Table of Contents
Fixes and Improvements
The following lists all the improvements made to KB5011831 for Windows 10:
- (New improvements not released for Insiders) Improvements have been made to servicing the Secure Boot component of Windows.
- Improvements have been made to servicing the Secure Boot component of Windows.
- Microsoft has changed the timeout for Azure Active Directory (AAD) registration from 60 minutes to 90 minutes for hybrid Azure AD-joined Autopilot scenarios. This also deals with a race condition that causes an exception at timeout.
- An issue that causes a remote desktop session to close or reconnect to stop responding while waiting on the accessibility shortcut handler (sethc.exe) has been fixed.
- An issue that delays OS startup by approximately 40 minutes has been taken care of.
- An issue that incorrectly returns Execution Policy settings from the registry has been fixed.
- An issue that causes Internet Explorer to stop working when you copy and paste text using an Input Method Editor (IME) has been addressed.
- An issue that displays a black screen for some users when they sign in or sign out has been mitigated.
- An issue that causes Kerberos authentication to fail, and the error is “0xc0030009 (RPC_NT_NULL_REF_POINTER),” has been fixed.
- An issue that prevents you from changing your password that expires when you sign in to a Windows device has been fixed.
- An issue that could cause Windows to stop working when you apply a Windows Defender Application Control (WDAC) policy that doesn’t require a restart has been addressed.
- An issue that might fail to copy the security portion of a Group Policy to a machine has been fixed.
- An issue that causes the Key Distribution Center (KDC) code to incorrectly return the error message “KDC_ERR_TGT_REVOKED” during domain controller shutdown has been addressed.
- An issue that could prevent the Graphics Processing Unit (GPU) load balancing over Remote Desktop from working as intended has been fixed.
- An issue that prevents the instantiation of the Microsoft RDP Client Control, version 11 and higher, inside a Microsoft Foundation Class (MFC) dialog, has been addressed.
- An issue that could cause a Microsoft OneDrive file to lose focus after you rename it and press the Enter key has been mitigated.
- An issue that causes the news and interest panel to appear when you haven’t clicked, tapped, or moused over it has been taken care of.
- An issue that fails to pass the Shift KeyUp event to an application when you use the Korean IME has been fixed.
- An issue that might occur when you use Netdom.exe or the Active Directory Domains and Trusts snap-in to list or modify name suffixes routing has been addressed.
- An issue that displays the wrong IME mode indicator when the Font Mitigation policy is enabled is fixed.
- The issue that causes the primary domain controller (PDC) of the root domain to generate warnings and error events in the system log is fixed.
- An issue that affects the Multichannel connection of the Server Message Block (SMB) and could generate a 13A or C2 error is addressed.
- An issue that occurs when you map a network drive to a Server Message Block version 1 (SMBv1) share is fixed.
- An issue that damages the pool when the Client-Side Caching (CSC) cleanup method fails to delete a resource created is fixed.
- An issue that could cause the server to lock up, because the non-paged pool grows and uses all memory, is addressed.
- The overhead of resource contention in high input/output operations per second (IOPS) scenarios with many threads contending on a single file has been reduced.
Since this is a cumulative update, if you have installed the previous updates, only the new fixes will be applied to your PC.
With these improvements, the release also has a few known issues.
An issue with the standalone (clean) installation of Windows 10 with this update causes Microsoft Edge Legacy to be removed. However, the new Chromium-based Edge is not replacing it. This occurs only when Windows has a custom offline media or ISO image installed that does not include the 29th March 2021 SSU update.
Microsoft suggests that you either install the March SSU update through slipstreaming or simply update an existing OS through Windows Update, so you will not be facing this issue. Alternatively, you can simply download and install the new Microsoft Edge if you have already encountered this problem.
Another issue that users might face with this update is that they are unable to install it entirely. This may be because of a previously installed update KB5003690. If that is the case, you can find a workaround for it here in Microsoft’s post.
Users may also see an error message “Your credentials did not work. The credentials that were used to connect to (device name) did not work. Please enter new credentials” when connecting to devices in an untrusted domain using Remote Desktop while using smart card authentication. Microsoft has found a temporary fix around the issue which you can find here.
Microsoft also adds that the recovery discs created before installing the mentioned updates are not affected. However, there is currently no fix for the problem. Microsoft is currently working on this issue and intends to fix it in a future flight.
This issue applies not only to this release, but also to any updates released after the Windows 11 January 11, 2022 update.
The issues listed above have been present with Windows 10 for some time now. However, a new issue reported by Microsoft is that the Snip & Sketch app might occasionally fail to capture a screenshot and not open using the keyboard shortcut (Windows Key + Shift + S). At the moment, there is no solution to this problem.
If you are comfortable working with these problems, continue on down to learn how to install this update.
Download and Install Windows 10 KB5011831
For Windows 10 Version 21H2
For Windows 10 Version 21H1
For Windows 10 Version 20H2
To install the update, simply run the downloaded MSU file and Windows will automatically install the update. To download any other updates related to any of the above, please check the Microsoft Catalog.
To install this update via Windows Update, you need to be running Windows 10 version 21H2, 21H1, or 20H2. To check your version of the operating system, type in winver in Run and press Enter.
Follow these steps to install the update via Windows Update:
Navigate to the following:
Settings app >> Update & Security >> Windows Update
Here, click Check for updates.
You will then find the following update available:
2022-04 Cumulative Update Preview for Windows 10 Version 2XHX for x64-based Systems (KB5011831)
Click Download and install below it.
When it installs, click Restart now to finalize the installation.
Once the PC boots up again, you can then confirm that the update has been installed successfully through winver.
Rollback/Remove Windows 10 Cumulative Update
If you do not wish to keep the installed update for some reason, you can always roll back to the previous build of the OS. However, this can only be performed within the next 10 days after installing the new update.
To roll back after 10 days, you will need to apply this trick.
Cleanup After Installing Windows Updates
If you want to save space after installing Windows updates, you can run the following commands one after the other in Command Prompt with administrative privileges:
dism.exe /Online /Cleanup-Image /AnalyzeComponentStore
dism.exe /Online /Cleanup-Image /StartComponentCleanup
Windows 10 Cumulative Updates History
|Features and Fixes
|– Security improvements and fixes.
|– Security improvements and fixes.
|– Local Security Authority Server Service (LSASS) token leak fixed.
– Duplicate print queue issue fixed.
– Issue with language bar not displaying fixed.
|– Issue with PowerShell transcript logs fixed.
|– Security improvements and fixes.
|– (Windows 10) 3 publicly exploited vulnerabilities fixed.
|– Many new fixes were already released to Insiders two weeks ago.
|-The issue with some leftover files that were not deleted when resetting the PC was fixed.
|– An issue with Lightweight Directory Access Protocol (LDAP) was addressed.
|-An issue with the Japanese Input Method Editors (IME) was fixed.
|– A few security updates were implemented.
|-The display issue regarding certain apps using GDI+ was fixed.
|– The issue on devices subject to Microsoft Exploit Protection for Export Address Filtering (EAF) was addressed.