Download KB5023696 Cumulative Update For Windows 10 22H2, 21H2, 20H2 [Patch Tuesday]

Microsoft releases Windows updates every second Tuesday of the month, known as Patch Tuesday updates. These are mandatory updates that include vulnerability and bug fixes, and occasionally new features. Learn…

Subhan Zafar
Subhan ZafarLast updated: March 15, 2023
Patch Tuesday Windows 10Patch Tuesday Windows 10Patch Tuesday Windows 10

It is now the second Tuesday of the month, and all of us Microsoft geeks know it’s Patch Tuesday. The Windows updates released on Patch Tuesday are cumulative updates, which means that they will install all features and implement all fixes released in the previous Windows updates.

Microsoft has released KB5023696 for Windows 10 versions 22H2, 21H2, & 20H2 (Enterprise and Education editions).

KB5023696 includes some fixes and many security patches for the operating system. However, it does not include any new significant features. That said, it does address 2 zero-day vulnerabilities with Microsoft Outlook and SmartScreen.

You can learn more about the security vulnerability fixes on Microsoft’s MSRC vulnerability guide.

Table of contents

KB5023696 Release Summary

The table below gives a brief summary of the update and the updated OS builds:

Article KBOS and VersionRelease DateUpdated OS Build
KB5023696Windows 10 22H214 Mar 202319045.2728
KB5023696Windows 10 21H214 Mar 202319044.2728
KB5023696Windows 10 20H2 (Enterprise and Education editions only)14 Mar 202319042.2728
March 2023 Patch Tuesday Summary for Windows 10

Fixes and Improvements in KB5023696

This update includes all the improvements that were introduced in KB5022906 which was released on 21st February 2023 and was a Type C update, and then some. We have compiled and listed all of the updates below:

  • CVE-2023-24880 – is a Windows SmartScreen Security Feature Bypass Vulnerability. Microsoft also confirmed that exploitation was detected for this vulnerability and was publicly disclosed.
  • CVE-2023-23397 – is a Microsoft Outlook Elevation of Privilege Vulnerability. It’s already confirmed that the exploitation was detected. However, this vulnerability is not publicly disclosed.
  • This update implements phase three of Distributed Component Object Model (DCOM) hardening. After you install this update, you cannot turn off the changes using the registry key.
  • This update addresses an issue that affects a computer account and Active Directory. When you reused an existing computer account to join an Active Directory domain, joining failed. This occurred on devices that have installed Windows updates dated October 11, 2022, or later.
  • This update improves your experience when you use Windows Spotlight on your lock screen. The informational links open faster.
  • This update addresses an issue that affects IE mode. The text on the status bar is not always visible.
  • This update addresses accessibility issues. They affected Narrator on the Settings home page.
  • This update addresses an issue that stops hyperlinks from working in Microsoft Excel.
  • This update addresses an issue that affects a certain streaming app. The issue stops video playback after an advertisement plays in the app.
  • This update addresses an issue that affects the Appx State Repository. When you remove a user profile, the cleanup is incomplete. Because of this, its database grows as time passes. This growth might cause delays when users sign in to multi-user environments like FSLogix.
  • This update affects the United Mexican States. This update supports the government’s daylight saving time change order for 2023. 
  • This update addresses a resource conflict issue between two or more threads (known as a deadlock). This deadlock affects COM+ applications.  
  • This update addresses an issue that affects cbs.log. This issue logs messages that are not error messages in cbs.log.
  • This update improves how the Remove-Item cmdlet works for Microsoft OneDrive folders.
  • This update addresses an issue that affects AppV. It stops file names from having the correct letter case (uppercase or lowercase).
  • This update addresses an issue that affects Microsoft Edge. The issue removes conflicting policies for Microsoft Edge. This occurs when you set the MDMWinsOverGPFlag in a Microsoft Intune tenant and Intune detects a policy conflict.
  • This update addresses an issue that affects Azure Active Directory (Azure AD). Using a provisioning package for bulk provisioning fails.
  • This update addresses an issue that affects MSInfo.exe. It does not correctly report the enforcement status of the Windows Defender Application Control (WDAC) user mode policy.
  • This update addresses an issue that affects the Local Security Authority Subsystem Service (LSASS). LSASS might stop responding. This occurs after you run Sysprep on a domain-joined machine.
  • This update addresses an issue that affects virtual machines (VM). They stop responding when you add a new disk to a storage pool in thin provisioning scenarios.

Many of these fixes are the same as for Windows 11 Patch Tuesday for March 2023.

With these improvements, there are also some known issues with this update.

Known Issues in KB5023696

An issue with the standalone (clean) installation of Windows 10 with this update is causing Microsoft Edge Legacy to be removed. However, it is not being replaced by the new Chromium-based Edge.

This occurs only when Windows has a custom offline media or an ISO image installed that does not include the 29th March 2021 SSU update. Microsoft suggests that you either install the March SSU update through slipstreaming or simply update an existing OS through Windows Update, so you will not be facing this issue.

Alternatively, you can simply download and install the new Microsoft Edge if you have already encountered this problem.

Download and Install Windows 10 KB5023696

This update can be installed through Windows Update and standalone installers.

We have given the direct download links to the standalone installers below, using which you can install the update on your respective Windows 10 version, or you can simply update to the latest build using Windows Update through the given guide below.

Offline Installers

For Windows 10 Version 22H2

Download KB5023696 for Windows 10 Version 22H2 64-Bit [700.7 MB]

Download KB5023696 for Windows 10 Version 22H2 32-Bit [359.3 MB]

For Windows 10 Version 21H2

Download KB5023696 for Windows 10 Version 21H2 64-Bit [700.7 MB]

Download KB5023696 for Windows 10 Version 21H2 32-Bit [359.3 MB]

For Windows 10 Version 20H2 (Enterprise & Education Editions)

Download KB5023696 for Windows 10 Version 20H2 64-Bit [700.7 MB]

Download KB5023696 for Windows 10 Version 20H2 32-Bit [359.3 MB]

To install the update, simply run the downloaded MSU file and Windows will automatically install the update. To download any other updates related to any of the above, please check the Microsoft Catalog.

Windows Update

To install this update via Windows Update, you need to be running Windows 10 version 22H2, 21H2, or 20H2 (Enterprise or Education editions). To check your version of the operating system, type in winver in the Run Command box and press Enter.

Once ensured you have the right OS version, perform the following steps to install KB5023696:

  1. Navigate to the following:

    Settings app >> Update and Security >> Windows Update

  2. Here, click Check for updates from the right side of the app.

    Check for updates windows 10
    Check for pending updates

  3. Once the update is downloaded and installed, click Restart Now.

    Restart computer 3
    Restart computer

    You will now see the following update download and install automatically:

    2023-03 Cumulative Update for Windows 10 Version 2XHX for x64/32-based Systems (KB5023696)

    When it downloads, click “Restart now.”

Once the computer reboots, the update will be successfully installed. To confirm this, check the updated build number by typing in winver in the Run Command box.

Installed 1
KB5023696 installed on Windows 10 22H2

Rollback/Remove Windows 10 Cumulative Update

If you do not wish to keep the installed update for some reason, you can always roll back to the previous build of the OS. However, this can only be performed within the next 10 days after installing the new update.

To roll back after 10 days, you will need to apply this trick.

Cleanup After Installing Windows Updates

If you want to save space after installing Windows updates, you can run the following commands one after the other in Command Prompt with administrative privileges:

dism.exe /Online /Cleanup-Image /AnalyzeComponentStore
dism.exe /Online /Cleanup-Image /StartComponentCleanup
dism cleanup
DISM cleanup

Block KB5023696 from Installing

Since these are mandatory updates, they will download and install themselves on the schedule. If you want to block them from installing, temporarily or permanently, you can follow the steps below:

  1. Download the “Show or hide updates” tool from Microsoft.

  2. Run the utility and click Next to start the scanning process.

    Show or hide updates
    Show or hide updates

  3. Next, click the Hide updates button.

    Hide updates
    Hide updates

  4. Select the updates you want to block and click Next.

    list of updates to hide
    List of updates to hide

    This automatically hides the update from Windows Update and it will not be installed during the next update process.

  5. Press the Close button to close.

If you want to unhide or show hidden updates, run the tool again and select Show hidden updates instead of “Hide updates.” The rest of the process is the same.

Final Analysis

Patch Tuesday updates are thoroughly vetted by Microsoft and other Insider users through feedback. Moreover, type C and D updates are also released prior to Patch Tuesday updates to address any remaining issues. Even so, the final update is not without its problems.

Nonetheless, we still recommend that you install the latest cumulative updates to patch up those vulnerabilities and keep your systems safe from outside threats.

Windows 10 Patch Tuesday History

KB ArticleOS VersionsBuildRelease DateSignificant ChangesAnnouncement
KB502369622H2, 21H2, 20H21904X.272814-Mar-23– Improved Windows Spotlight experience on the lock screen, fixed AD joining issue and othersMicrosoft Announcement of KB5023696
KB502283422H2, 21H2, 20H21904X.260414-Feb-23– Fixes audio issues with IoT devicesMicrosoft Announcement of KB5022834
KB502228222H2, 21H2, 20H21904X.248610-Jan-23-Microsoft ODBC SQL Server Driver connectivity issue resolvedMicrosoft Announcement of KB5022282
KB502123322H2, 21H2, 21H1, 20H21904X.236413-Dec-22-Search bar will now appear by default on the taskbar
-Cortana won’t be pinned in the taskbar by default		Microsoft Announcement of KB5021233
KB501995922H2, 21H2, 21H1, 20H21904X.22518-Nov-22-Fixes to Microsoft Direct3D 9 and DCOMMicrosoft Announcement of KB5019959
Changelog for Windows 10 Patch Tuesday updates

Related posts:

Also see:

Filed under:

Windows 10
Subhan Zafar

Subhan Zafar

Subhan Zafar is an established IT professional with interests in Windows and Server infrastructure testing and research, and is currently working with Itechtics as a research consultant. He has studied Electrical Engineering and is also certified by Huawei (HCNA & HCNP Routing and Switching).

See all posts from Subhan Zafar

Leave a Reply