Microsoft has released KB4598242 cumulative update for Windows 10 Version 20H2. This update is part of the Microsoft Windows Patch Tuesday for January 2021, and shall be automatically installed on all registered devices through Windows Update, or manually through other means, including manually downloading and installing or using Windows Server Update Services servers (WSUS).
Along with this release, Microsoft has also released updates for the older versions of Windows 10, going back to v1507.
The updates and details for each of these are as follows:
- Windows 10 Version 20H2 | Update: KB4598242 | New Build: 19042.746
- Windows 10 Version 2004 | Update: KB4598242 | New Build: 19041.746
- Windows 10 Version 1909 | Update: KB4598229 | New Build: 18363.1316
- Windows 10 Version 1809 | Update: KB4598230 | New Build: 17763.1697
- Windows 10 Version 1803 | Update: KB4598245 | New Build: 17134.1967
- Windows 10 Version 1703 | Update: KB4599208 | New Build: 15063.2614
- Windows 10 Version 1607 | Update: KB4598243 | New Build: 14393.4169
- Windows 10 Version 1507 | Update: KB4598231 | New Build: 10240.18818
Unfortunately, the Windows 10 version not mentioned in the list above, such as v1903 and v1709, have reached the End of Servicing. Thus, no updates have been released for them. Microsoft suggests that users of such versions should update their computer to the latest one.
- 1 What’s new in these updates
- 2 Install KB4598242 and other updates using Windows Update
- 3 Download offline installers
- 4 Issues related to the updates
- 5 Uninstall the cumulative updates
- 6 Cleanup after installing Windows Updates
- 7 Continue Reading:
What’s new in these updates
As per the Microsoft Security Response Center, a total of 182 vulnerabilities have been addressed for Windows 10 Version 20H2 alone, and a total of 1,084 for all of the Windows 10 versions combined. These are inclusive of the 32-bit, 64-bit, and ARM64 based systems.
In the cumulative update KB4598242 for Windows 10 version 20H2, 7 of the vulnerabilities addressed are critical, all of which address Remote Code Execution.
Other important matters addressed include elevation of privilege, information disclosure, and denial of service.
The highlights of KB4598242 for Windows 10 Version 20H2 are:
- Improved security protocols when using external peripherals, such as controllers, printers, webcams, etc.
- Improved security when performing basic Windows operations
The improvements and fixes in KB4598242 are:
- The security vulnerability has been addressed concerning the HTTPS-based intranet servers. After the installation of this release, the HTTPS-based intranet servers cannot detect updates using a user proxy. In order to do so, you will need to configure a user proxy for each client so that they can detect Windows updates. Microsoft recommends using Windows Server Update Security (WSUS) Transport Layer Security (TLS) for maximum security. Visit this link to learn more about the said changes.
- A security bypass vulnerability has been addressed that exists in the method of the Printer Remote Procedure Call (RPC) binding handling the authentication of the remote Winspool interface.
- This release also includes security updates for the following:
- Windows App Platform and Frameworks
- Windows Media
- Windows Fundamentals
- Windows Cryptography
- Windows Virtualization
- Windows Peripherals
- Windows Hybrid Storage Services
Since Windows 10 20H2 and v2004 have the same core and support the same update, the above-mentioned improvements are applicable to both when installed.
For more elaborate information on KB4598242, check out this Microsoft help page, or refer to the links for each update stated above to view information regarding the update for each individual version of Windows 10.
Install KB4598242 and other updates using Windows Update
The size of the updates for each individual version can vary, and range from 131.4 MB to 1.6 GB. Surprisingly, the later versions, such as v20H2, take up less space, which climbs up as going to the previous versions. Therefore, it is recommended to give your computer the appropriate time to download and install these updates according to your Windows 10 version.
If you are missing any previous updates, installing January 2021 cumulative updates will install all the security fixes included in the previous ones.
To install this update using Windows Update, please go to
Start Menu –> Settings –> Update & Security –> Windows Update. In the right-hand pane, click on the Check for updates button. You will then be able to see the update. Click the Install now button to begin the installation.
Download offline installers
These updates can also be installed on any computer that has the relevant version of Windows 10, without having an internet connection. Download the offline installers below as per your Windows 10 version and platform requirements:
For Windows 10 Version 20H2
For Windows 10 Version 2004
For Windows 10 Version 1909
For Windows 10 Version 1809
For Windows 10 Version 1803
For Windows 10 Version 1703
For Windows 10 Version 1607
For Windows 10 Version 1507
To install the update, simply run the downloaded MSU file and Windows will automatically install the cumulative update.
You can check out your current Windows build by launching Run and then typing winver.
To download any other updates related to any of the above, please check the Microsoft Catalog.
As with all updates, Microsoft is aware of the issues concerning these new updates. We have discussed the issues related to each update below.
The updates for Windows 10 version 1909, 2004, and 20H2 (KB4598229 and KB4598242) may cause the system and user certificates to be lost when updating from Windows 10 v1809 or later, to a later version of the OS. Microsoft says this might only happen if that particular device has any Latest Cumulative Update (LCU) installed from September 16, 2020, or later. A workaround for this, as suggested by Microsoft, is to delete the update entirely, and then reinstall it (if you wish to) once the issue has been addressed. A guide to revert to a previous version has been discussed further down the article.
An issue with the update for v20H2 and v2004 is that users might have to enter the Furigana characters manually in the Microsoft Japanese Input Method Editor (IME), as automatically getting the Furigana characters would not be possible when entering the Kanji characters.
Moreover, an issue in KB4598230 for Windows 10 version 1809 also exists in the fonts. After installing this update, users might not be able to use some Asian language packs and may be prompted with the error “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.” The only workaround for this is to revert the PC to an older state and not install the update. This problem was also identified in the previous cumulative update for v1809 and has not yet been addressed.
When installing the update KB4598243 for Windows 10 version 1607, the Windows cluster service may fail to start if the Minimum Password Length is configured to greater than 14 characters in the Group Policy. This, too, was identified in the previous cumulative update for v1809 and has not been addressed.
There are no known issues with other updates that are applicable to different versions of Windows 10.
Uninstall the cumulative updates
Here is a quick guide on how you can uninstall the updates on your computer if you face any issues with them:
Uninstall updates using Windows Update History tool
- Navigate to the following:
Start Menu ->Settings –> Update & Security –> Windows Update.
- From the right-hand pane, click on View Update History.
- Now click on Uninstall updates.
- Select Update for Microsoft Windows with the relevant update name and press the Uninstall button.
Uninstall updates using command-line
You can also delete the update by entering several commands in the Command Prompt. Here is how:
- Open Command Prompt (Run –> cmd)
- Run the following command:
wmic qfe list brief /format:table
- This will show all the updates installed on the computer. Make sure the relevant updates are on the list.
- To uninstall the update, run the following command
wusa /uninstall /kb:UpdateName
Replace UpdateName with the number from the update. For example, if the update you want to uninstall is KB4598242, you will enter the following command:
wusa /uninstall /kb:4598242
Restart your computer once the update is uninstalled.
Cleanup after installing Windows Updates
If you want to save space after installing Windows updates, you can run the following commands:
dism.exe /Online /Cleanup-Image /AnalyzeComponentStore
dism.exe /Online /Cleanup-Image /StartComponentCleanup