The second Tuesday of September 2022 has arrived, and we’re ready for the Patch Tuesday updates from Microsoft. Microsoft has released KB5017328 cumulative update for Windows 11, its latest Operating System. If you have Windows 10 installed on your system, you may want to install KB5017308 (21H2) to get the latest patches for your system.
Microsoft has already released a preview version of the cumulative update in August. If you have installed KB5016691, then most of the fixes included in KB5017328 have already been installed on your system.
Table of contents
Let’s go through the changelog and see what’s included in this update.
Fixes and improvements in KB5017328
Since this update includes all the fixes and improvements that came with KB5016691, we will list the fixes here for your ease.
- IT administrators can now remotely add languages and language-related features. Additionally, they can now manage language scenarios across several endpoint managers.
- The file will now be compressed regardless of its size if you have configured Server Message Block (SMB) Compression.
- Microsoft Defender for Endpoint has been enhanced to identify and intercept ransomware and advanced attacks.
- An issue that causes ServerAssignedConfigurations to be null in a few full configuration scenarios has been fixed.
- An issue that affects the automatic high dynamic range (Auto HDR) feature for cross-adapter resource scan-out (CASO)-capable GPU drivers has been addressed.
- An issue that causes Microsoft Edge to stop responding when using IE mode has been fixed. This issue also prevented you from interacting with a dialog box.
- An issue that prevents virtualized App-V Microsoft Office applications from opening or causes them to stop working entirely has been fixed.
- An issue that might cause the deployment of the Windows Hello for Business certificate to fail in certain circumstances after you reset a device is mitigated.
- Multiple issues related to USB printing have been addressed, such as:
- The printer malfunctions after you restart or reinstall it.
- Being in the wrong mode after you switch from an Internet Printing Protocol (IPP) Class Driver to an independent hardware vendor (IHV) driver.
- Experiencing bidirectional communication issues that prevent you from accessing device features.
- An issue that affects the ProjectionManager.StartProjectingAsync API has been addressed.
- An issue that degrades BitLocker performance has been addressed.
- An issue that prevents Windows 11 SE from trusting some Microsoft Store applications has been fixed.
- An issue that prevents HyperVisor Code Integrity from being enabled automatically on systems that have Arm64 processors has been addressed.
- An issue that stops non-Windows devices from authenticating has been mitigated.
- An issue that causes the Resultant Set of Policy tool (Rsop.msc) to stop working when it processes 1,000 or more “File System” security settings has been fixed.
- An issue that causes the Take a Test app to remove all policies related to lockdown enforcement when you close the app has been fixed.
- An issue that causes the Settings app to stop working on server Domain Controllers (DCs) when accessing the Privacy >> Activity history page has been fixed.
- An issue that might cause certain Bluetooth audio headsets to stop playing after a progress bar adjustment has been fixed. This issue affects modern systems that support Advanced Audio Distribution Profile (A2DP) offload.
- An issue that prevents devices from receiving an offer from Windows Update for the same extension driver when that extension driver is already installed without the base driver has been taken care of.
- A race condition that causes the Local Security Authority Subsystem Service (LSASS) to stop working on Active Directory domain controllers has been mitigated.
- An issue that affects a lookup for a nonexistent security ID (SID) from the local domain using a read-only domain controller (RODC) has been addressed. The lookup unexpectedly returned the STATUS_TRUSTED_DOMAIN_FAILURE error instead of STATUS_NONE_MAPPED or STATUS_SOME_MAPPED.
- An issue that might cause the Local Security Authority Server Service (LSASS) to leak tokens has been fixed. This issue affects devices that have installed Windows updates dated June 14, 2022, or later.
In addition, this update includes some further fixes, including problems with the last preview update.
- Addresses a known issue that affects Microsoft accounts (MSA). The web dialog that you use to sign in or sign out might not appear. This issue occurs on devices that have installed KB5016691.
- A few vulnerabilities have also been fixed. Microsoft has not mentioned any specific vulnerability, but you can go through the vulnerability list on MSRC. Look for the following CVE updates for Windows 11:
- CVE-2022-38011 – Raw Image Extension Remote Code Execution Vulnerability
- CVE-2022-38004 – Windows Fax Service Remote Code Execution Vulnerability
There are some known issues Microsoft has still not addressed. You can go through the issues here.
- After installing KB5017328, XPS Viewer may stop opening XPS documents. Instead, XPS Viewer will start taking large amounts of RAM if not closed manually.
- Possible incorrect display time and date if you are in Chile. DST settings were officially changed, from 4th September to 10th September. If Windows doesn’t change the time automatically, you will need to update it manually. Otherwise, there will be a time difference of 60 minutes from Chile’s official time.
Download and Install KB5017328
You can install this update on a Windows 11 PC through Windows Update as well as a standalone installer.
Perform the following steps to download and install KB5017328 on your Windows 11 computer:
Navigate to the following:
Settings app >> Windows Update
Here, click Check for updates.
You will now see the following update downloading:
2022-08 Cumulative Update for Windows 11 for x64-based Systems (KB5016629)
When downloaded, click Install Now.
Once it is installed, click Restart Now to reboot your PC and finalize the installation.
Once the computer reboots, the update will be successfully installed. To confirm this, check the updated build number by typing in winver in the Run Command box.
Download KB5017328 Offline Installers
To download KB5017328 MSU offline installer, click on the respective link below:
To download any other updates related to any of the above, please check the Microsoft Catalog.
Rollback/Remove Windows 11 Cumulative Update
If you do not wish to keep the installed update for some reason, you can always roll back to the previous build of the OS. However, this can only be performed within the next 10 days after installing the new update.
To roll back after 10 days, you will need to apply this trick.
Cleanup After Installing Windows Update
If you want to save space after installing Windows updates, you can run the following commands one after the other in Command Prompt with administrative privileges:
dism.exe /Online /Cleanup-Image /AnalyzeComponentStore
dism.exe /Online /Cleanup-Image /StartComponentCleanup
Block KB5017328 from installing
Since KB5017328 is a mandatory update, it will download and install itself on the schedule. If you want to block it from temporarily or permanently installing, you can follow the steps below:
Download Show or hide updates tool from Microsoft.
Run the utility and start Next to start the scanning process.
Next, select the Hide updates button.
The tool will show available updates to hide. Select problematic updates and press Next.
This automatically hides the update from Windows Update and it will not be installed during the next update process. Press the Close button to close.
If you want to unhide or show hidden updates, run the tool again and select Show hidden updates instead of Hide updates. The rest of the process is the same.
Microsoft is known to release software updates with problems. For example, the last preview update had problems with the Microsoft account. This update fixes those issues, but comes with its own known issues. So our advice is always to wait for some time before installing the Patch Tuesday updates, especially for your production computers.
This update seems to only affect users who use XPS viewer or users living in Chile. If you’re not one of those, you can install this update without any problems. If you are a sysadmin and want to save bandwidth or install updates on systems without Internet access (if not using WSUS or Intune), you can download these updates to one system and install them manually on your network.
Windows 11 Cumulative Updates History
|KB Update||Release Date||Features and fixes|
|KB5018427/KB5018418||12-Oct-22||– Security improvements and fixes|
|KB5017328||14-Sep-22||– Remotely add languages, Windows Defender blocks ransomware and advanced attacks.|
|KB5016629||10-Aug-22||– Fixed start menu not opening.|
|KB5015814||13-Jul-22||– New feature: Search highlights|
|KB5014697||15-Jun-22||– Windows Spotlight for Desktop|
– Family safety improvements
– Faster file copying and network transfers
|KB5013943||10-May-22||– (Windows 11) 3 publicly exploits fixed|
|KB5012643||25-Apr-22||– Fix Windows 11 startup delay|
|KB5011493||8-Mar-22||– Clock and dates added to taskbar on multiple monitors.|
– Weather flyout shifted to left of taskbar.
– Mute/Unmute Microsoft Teams from taskbar.
|KB5010386||8-Feb-22||– An issue with Lightweight Directory Access Protocol (LDAP) was fixed.|
|KB5009566||11-Jan-22||– Introduction of Fluent-style emojis.|
|KB5008215||14-Dec-21||– Few security updates.|
|KB5007215||9-Nov-21||– A display issue regarding certain apps using GDI+ was fixed.|
|KB5006674||12-Oct-21||– A compatibility issue between some Intel “Killer” and “SmartByte” networking software and Windows 11 was fixed.|