Download KB5026372 And KB5026368 Cumulative Updates For Windows 11 [Patch Tuesday]

It is now the second Tuesday of the month, and all of us Microsoft geeks know it’s Patch Tuesday. Windows updates released on Patch Tuesday are cumulative updates, which means they will install all features and implement all fixes released in previous Windows updates.

Microsoft has released KB5026372 for Windows 11 22H2 and KB5026368 for Windows 11 original release (21H2). These are both security updates but also include new non-security features.

A while back, Microsoft changed its approach to releasing the preview cumulative updates for the Windows operating system. If you already installed the preview update, then this will be a small Windows update package.

KB5026372 (Windows 11 22H2) does not include many new improvements on its own, since most of them are carried forward from KB5025305 which was April 2023’s optional update for Windows 11. If you did not install it then, then you may be getting some minor new features with this update, such as an option to get the latest non-security updates immediately, and some new animation effects in the widgets icons in the taskbar.

That said, KB5026368 (Windows 11 21H2) does include similar security patches, but not many of the same features.

These Windows 11 updates include some fixes and many security patches for the operating system. Together, the 2 updates fix 63 vulnerabilities. You can learn more about these security vulnerability fixes on Microsoft’s MSRC vulnerability guide.

Set the filter to “Update Tuesday (2nd Tuesday of the month)” and then select “April 2023” in the “Vulnerabilities” tab.

Release Summary: KB5026372 and KB5026368

The table below gives a brief summary of these updates and the updated OS builds:

Article KB	OS	Release Date	Updated OS Build
KB5026372	Windows 11 22H2	9 May 2023	22621.1702
KB5026368	Windows 11 21H2	9 May 2023	22000.1936

KB5026372 Changelog

This update includes all the features and improvements that were introduced in KB5025305 which was released on 25th April 2023, and then some. We have compiled and listed all of the new features and improvements in KB5026372 here for you.

New Features in KB5026372

• New animation effect

  Some animation effects have been added to the Widgets icons in the taskbar. These will only appear on two conditions:

  • A new announcement appears on the Widgets taskbar button.
  • You hover over or click the Widgets taskbar button.

  Additionally, you must also have the animation effects enabled on your OS. Here is how to enable it:

  1. Go to the following:

     Settings app >> Accessiblity >> Visual Effects

  2. Toggle the slider in front of “Animations effect” into the On position.

     

• Opt to get the latest non-security updates immediately

  Microsoft has now added the option for you to choose whether you want to receive the latest non-security Windows updates on priority. When this option is enabled, Microsoft will prioritize your device to get the latest enhancements and features before many others.

  Follow these steps to opt-in to receive the latest updates on priority:

  1. Go to the following:

     Settings app >> Windows Update

  2. Toggle the slider in front of “Get the latest updates as soon as they’re available” into the On position.

     

Fixes and improvements in KB5026372

The following list of fixes and improvements have been implemented with this release:

• [New] This update affects the Kernel-mode Hardware-enforced Stack Protection security feature. The update adds more drivers to the database of drivers that are not compatible with it. A device uses this database when you enable this security feature in the Windows Security UI and it loads the drivers.
• [New] This update addresses a race condition in Windows Local Administrator Password Solution (LAPS). The Local Security Authority Subsystem Service (LSASS) might stop responding. This occurs when the system processes multiple local account operations at the same time. The access violation error code is 0xc0000005.
• This update addresses an issue that affects Microsoft Edge IE mode. Pop-up windows open in the background instead of in the foreground.
• This update addresses an issue that affects the Chinese input method. You cannot see all of the first suggested items.
• This update changes firewall settings. You can now configure application group rules.
• This update affects the Islamic Republic of Iran. The update supports the government’s daylight saving time change order from 2022.
• This update addresses an issue that affects Microsoft Edge IE mode. The Tab Window Manager stops responding.
• This update addresses an issue that affects protected content. When you minimize a window that has protected content, the content displays when it should not. This occurs when you are using Taskbar Thumbnail Live Preview.
• This update addresses an issue that affects mobile device management (MDM) customers. The issue stops you from printing. This occurs because of an exception.
• This update changes the app icons for certain mobile providers.
• This update addresses an issue that affects signed Windows Defender Application Control (WDAC) policies. They are not applied to the Secure Kernel. This occurs when you enable Secure Boot.
• This update addresses an issue that displays Task View in the wrong area. This occurs when you close a full-screen game by pressing Win+Tab.
• This update addresses an issue that occurs when you use a PIN to sign in to Windows Hello for Business. Signing in to Remote Desktop Services might fail. The error message is, “The request is not supported”.  
• This update addresses an issue that affects Administrator Account Lockout policies. GPResult and Resultant Set of Policy did not report them.
• This update addresses an issue that affects the Unified Write Filter (UWF). When you turn it off by using a call to Windows Management Instrumentation (WMI), your device might stop responding.
• This update addresses an issue that affects the Resilient File System (ReFS). A stop error occurs that stops the OS from starting up correctly.
• This update addresses an issue that affects MySQL commands. The commands fail on Windows Xenon containers.
• This update addresses an issue that affects SMB Direct. Endpoints might not be available on systems that use multi-byte character sets.
• This update addresses an issue that affects apps that use DirectX on older Intel graphics drivers. You might receive an error from apphelp.dll.
• This update addresses an issue that affects the legacy Local Administrator Password Solution (LAPS) and the new Windows LAPS feature. They fail to manage the configured local account password. This occurs when you install the legacy LAPS .msi file after you have installed the April 11, 2023, Windows update on machines that have a legacy LAPS policy.  

These are all of the features, improvements, and fixes that KB5026372 offers for Windows 11 22H2. To read more in-depth about these, refer to this Microsoft announcement.

Moreover, there are also some known issues with this update. You can read all about the open (and fixed) known issues in our separate post:

Windows 11 Known Issues

KB5026368 Changelog

Fixes and improvements

KB5026368, which applies to Windows 11 version 21H2, does not include any significant features. However, This update includes all the improvements that were introduced in KB5025298 which was released on 25th April 2023 and was a Type D update, and then some more. We have listed the cumulative changes below:

• [New] This update addresses a race condition in Windows Local Administrator Password Solution (LAPS). The Local Security Authority Subsystem Service (LSASS) might stop responding. This occurs when the system processes multiple local account operations at the same time. The access violation error code is 0xc0000005.
• This update addresses an issue that affects Microsoft Edge IE mode. Pop-up windows open in the background instead of in the foreground.
• This update affects Xbox Elite users who have the Xbox Adaptive Controller. This update applies to your controller remapping preferences on the desktop.
• This update changes the app icons for certain mobile providers.
• This update changes firewall settings. You can now configure application group rules.
• This update affects the Islamic Republic of Iran. The update supports the government’s daylight saving time change order from 2022. This update addresses an issue that affects the Local Security Authority Subsystem Service (LSASS) process. It might stop responding. Because of this, the machine restarts. The error is 0xc0000005 (STATUS_ACCESS_VIOLATION).
• This update addresses an issue that affects Edge IE mode. The Tab Window Manager stops responding.
• This update addresses an issue that affects the Windows Remote Management (WinRM) client. The client returns an HTTP server error status (500). This error occurs when it runs a transfer job in the Storage Migration Service.
• This update addresses a rare issue that might cause an input destination to be null. This issue might occur when you attempt to convert a physical point to a logical point during hit testing. Because of this, the computer raises a stop error.
• This update addresses an issue that affects protected content. When you minimize a window that has protected content, the content displays when it should not. This occurs when you are using Taskbar Thumbnail Live Preview.
• This update addresses an issue that affects provisioning packages. They fail to apply in certain circumstances when elevation is required.
• This update addresses an issue that affects mobile device management (MDM) customers. The issue stops you from printing. This occurs because of an exception.
• This update addresses an issue that affects signed Windows Defender Application Control (WDAC) policies. They are not applied to the Secure Kernel. This occurs when you enable Secure Boot.
• This update addresses an issue that affects the Windows Defender Application Control. The policy that blocks software using a hash rule might not stop the software from running.
• This update addresses an issue that occurs when you use a PIN to sign in to Windows Hello for Business. Signing in to Remote Desktop Services might fail. The error message is, “The request is not supported”.
• This update makes improvements to the performance of the search box.
• This update addresses an issue that affects Administrator Account Lockout policies. GPResult and Resultant Set of Policy did not report them.
• This update addresses an issue that affects Active Directory Users & Computers. It stops responding. This occurs when you use TaskPad view to enable or disable many objects at the same time.
• This update addresses an issue that affects the Unified Write Filter (UWF). When you turn it off by using a call to Windows Management Instrumentation (WMI), your device might stop responding.
• This update addresses an issue that affects the Resilient File System (ReFS). A stop error prevents the OS from starting up correctly.
• This update addresses an issue that affects MySQL commands. The commands fail on Windows Xenon containers.
• This update addresses an issue that affects SMB Direct. Endpoints might not be available on systems that use multi-byte character sets.
• This update addresses an issue that affects apps that use DirectX on older Intel graphics drivers. You might receive an error from apphelp.dll.
• This update addresses an issue that affects the legacy Local Administrator Password Solution (LAPS) and the new Windows LAPS feature. They fail to manage the configured local account password. This occurs when you install the legacy LAPS .msi file after you have installed the April 11, 2023, Windows update on machines that have a legacy LAPS policy.

That said, there are also some known issues with this release. You can read all about the open (and fixed) known issues in our separate post:

Windows 11 Known Issues

After considering both the improvements as well as the known issues in these updates, if you still feel like upgrading to this build, continue reading to learn how.

Download and Install KB5026372 & KB5026368

You can install these updates on a Windows 11 PC through Windows Update as well as a standalone installer.

Download and install Windows 11, or check if your system meets the minimum hardware requirements for Windows 11.

Download KB5026372 Offline Installers

To download the KB5026372 MSU offline installer for Windows 11 22H2, click on the respective link below:

Download Windows 11 KB5026372 for x64-based systems [275.0 MB]

Download Windows 11 KB5026372 for ARM-based systems [388.6 MB]

Download KB5026368 Offline Installers

To download the KB5026368 MSU offline installer for Windows 11 21H2, click on the respective link below:

Download Windows 11 KB5026368 for x64-based systems [336.5 MB]

Download Windows 11 KB5026368 for ARM-based systems [457.3 MB]

To install the update, simply run the downloaded MSU file and Windows will automatically install the update. You can also extract the CAB file from the MSU file and install it.

To download any other updates related to any of the above, please check the Microsoft Catalog.

Windows Update

Perform the following steps to download and install the Patch Tuesday update on your Windows 11 computer:

1. Navigate to the following:

   Settings app >> Windows Update

2. Click “Check for updates.”

   

3. Click “Restart Now” when the update has been installed.

   

   You will now see one of the following updates downloading and installing automatically, depending on your Windows 11 version:

   2023-05 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems (KB5026372)

   2023-05 Cumulative Update for Windows 11 for x64-based Systems (KB5026368)

   Once installed, click “Restart Now” to finalize the installation.

Once the computer reboots, the update will be successfully installed. To confirm this, check the updated build number by typing in winver in the Run Command box.

Rollback/Remove Windows 11 Cumulative Update

If you do not wish to keep the installed update for some reason, you can always roll back to the previous build of the OS. However, this can only be performed within the next 10 days after installing the new update.

To roll back after 10 days, you will need to apply this trick.

Cleanup After Installing Windows Update

If you want to save space after installing Windows updates, you can run the following commands one after the other in Command Prompt with administrative privileges:

dism.exe /Online /Cleanup-Image /AnalyzeComponentStore
dism.exe /Online /Cleanup-Image /StartComponentCleanup

Block KB5026372 or KB5026368 from Installing

Since these are mandatory updates, they will download and install themselves on the schedule. If you want to block them from installing, temporarily or permanently, you can follow the steps below:

1. Download the “Show or hide updates” tool from Microsoft.

2. Run the utility and click Next to start the scanning process.

   

3. Next, click the “Hide updates” button.

   

4. Select the updates you want to block and click Next.

   

   This automatically hides the update from Windows Update and it will not be installed during the next update process.

5. Press the Close button to close.

If you want to unhide or show hidden updates, run the tool again and select Show hidden updates instead of “Hide updates.” The rest of the process is the same.

Final Analysis

Patch Tuesday updates are thoroughly vetted by Microsoft and other Insider users through feedback. Moreover, type C and D updates are also released before Patch Tuesday updates to address any remaining issues. Even so, the final update is not without its problems.

If you are a Windows user, then it is always recommended that you install the latest Patch Tuesday releases unless one of the known issues significantly impacts your workflow.

Windows 11 Patch Tuesday History

KB Article	OS Version	Build	Release Date	Significant Changes	Announcement
KB5030219	22H2	22621.2283	12-Sep-23	Improved Search app, search flyout box on hover, easily tab through search results	Microsoft announcement of KB5030219
KB5029263	22H2	22621.2134	8-Aug-23	Addresses VPN issues, more accurate brightness levels, notifications more reliable	Microsoft Announcement of KB5029263
KB5029253	21H2	22000.2295	8-Aug-23	Addresses VPN issues, reliable notifications	Microsoft Announcement of KB5029253
KB5028185	22H2	22621.1992	11-Jul-23	Share local files with Outlook contacts, 78 vulnerabilities addresses	Microsoft Announcement of KB5028185
KB5028182	21H2	22000.2176	11-Jul-23	Announcement of some Windows 11 22H2 editions EOL, share local files with Outlook contacts	Microsoft Announcement of KB5028182
KB5027231	22H2	22621.1848	13-Jun-23	Fixes a known issue with 32-bit apps, addresses a Windows kernel information disclosure vulnerability	Microsoft Announcement of KB5027231
KB5027223	21H2	22000.2057	13-Jun-23	Fixes a known issue with 32-bit apps, addresses a Windows kernel information disclosure vulnerability	Microsoft Announcement of KB5027223
KB5026372	22H2	22621.1702	9-May-23	Option to get the latest non-security updates immediately, new animations in the Widgets icons	Microsoft Announcement of KB5026372
KB5026368	21H2	22000.1936	9-May-23	Addresses issues with LSASS and other fixes	Microsoft Announcement of KB5026368
KB5025239	22H2	22621.1555	11-Apr-23	Microsoft account notifications in the Start menu, the search box will be lighter in a custom color theme, and a plethora of fixes	Microsoft Announcement of KB5025239
KB5025224	21H2	22000.1817	11-Apr-23	Fixes known issues with kiosk devices	Microsoft Announcement of KB5025224
KB5023706	22H2	22621.1413	14-Mar-23	AI Bing search box, iOS linking, tabbed notepad, screen recording from Snipping Tool, redesigned Quick Assist	Microsoft Announcement of KB5023706
KB5023698	21H2	22000.1696	14-Mar-23	Phase three of DCOM hardening, other fixes	Microsoft Announcement of KB5023698
KB5022845	22H2	22621.1265	14-Feb-23	.NET Framework updates integrated into UUP-based feature updates	Microsoft Announcement of KB5022845
KB5022836	21H2	22000.1574	14-Feb-23	– Combines Windows Spotlight with Themes on the Personalization page – Multiple changes to the Accounts Settings page	Microsoft Announcement of KB5022836
KB5022303	22H2	22621.1105	10-Jan-23	– ODBC Connectivity with SQL Server fixed. – Local Session Manager security issues fixed	Microsoft Announcement of KB5022303
KB5022287	21H2	22000.1455	10-Jan-23	– ODBC Connectivity with SQL Server fixed. – Local Session Manager security issues fixed	Microsoft Announcement of KB5022287
KB5021255	22H2	22621.963	13-Dec-22	-UI discrepancies in Task Manager are fixed -DPAPI decryption issue is fixed	Microsoft Announcement of KB5021255
KB5021234	21H2	22000.1335	13-Dec-22	-UI discrepancies in Task Manager are fixed -DPAPI decryption issue is fixed	Microsoft Announcement of KB5021234
KB5019980	22H2	22621.819	8-Nov-22	Task Manager option added to taskbar’s context menu	Microsoft Announcement of KB5019980
KB5019961	21H2	22000.1219	8-Nov-22	Task Manager option added to taskbar’s context menu	Microsoft Announcement of KB5019961