Download Windows 10 KB5030211 Patch Tuesday Security Update [September 2023]

KB5030211 Windows 10 22H2KB5030211 Windows 10 22H2

It is now the second Tuesday of the month, and as anticipated, Microsoft has released KB5030211 for Windows 10 version 22H2 and 21H2 (specific editions only). As usual, this is a security update that includes patches for discovered vulnerabilities and also addresses issues with the OS.

Installing KB5030211 will upgrade the operating system’s build to 19044.3448 (21H2) and 19045.3448 (22H2).

Most of the improvements included in this release were included in last month’s optional non-security update KB5029331. But another improvement has since been added to this release that addresses authentication issues with smart cards while joining a PC to a domain.

Moreover, this release addresses a total of 63 vulnerabilities, out of which 2 are zero-day vulnerabilities that have already been exploited by attackers. More information on these ahead.

You can learn more about these security vulnerability fixes on Microsoft’s MSRC vulnerability guide. Set the filter to “Update Tuesday (2nd Tuesday of the month)” and then select “September 2023” in the “Vulnerabilities” tab.

KB5030211 release summary

The table below gives a brief summary of the update and the updated OS builds:

Article KBOS VersionRelease DateUpdated OS Build
KB5030211Windows 10 22H212 September 202319045.3448
KB5030211Windows 10 21H212 September 202319044.3448
September 2023 Patch Tuesday Summary for Windows 10

KB5030211 changelog

This update includes all the improvements that were introduced in KB5029331 which was released on 22nd August 2023 and was a Type D update. Other than those, one additional improvement has also been included

We have compiled and listed all of the new features and improvements in KB5030211 here for you:

  • [New] This update addresses an issue that affects authentication while using a smart card to join or rejoin a computer to an Active Directory domain. Previously, the computer failed to join the domain, and the issue started occurring after installing Windows updates dated October 2022 or later.
  • This update improves how Windows detects your location. This helps to give you better weather, news, and traffic information.
  • This update expands the rollout of notification badging for Microsoft accounts on the Start menu. A Microsoft account is what connects Windows to your Microsoft apps. The account backs up all your data and helps you to manage your subscriptions.
  • This update adds the Windows Backup app to your device.
  • This update supports daylight saving time (DST) changes in Israel.
  • This update addresses an issue that affects the display of the search box.
  • This update addresses an issue that affects settings. They do not sync even if you turn on the toggle on the Windows backup page in the Settings app.
  • This update addresses an issue that affects the Group Policy Service. It will not wait for 30 seconds, which is the default wait time, for the network to be available. Because of this, policies are not correctly processed.
  • This update adds a new API for D3D12 Independent Devices. You can use it to create multiple D3D12 devices on the same adapter.
  • This update addresses an issue that affects an app that simulates keyboard input. That app might not send Japanese characters to other apps.
  • This update addresses an issue that affects a WS_EX_LAYERED window. The window might be rendered with the wrong dimensions or at the wrong position. This occurs when you scale the display screen.
  • This update addresses an issue that affects print jobs that are sent to a virtual print queue. They fail without an error.
  • This update addresses an issue that affects disk partitions. The system might stop working. This occurs after you delete a disk partition and add the space from the deleted partition to an existing BitLocker partition.
  • This update addresses an issue that affects Remote Desktop (RD) sessions. They disconnect when multiple apps are in use.
  • This update addresses an issue that affects the Resultant Set of Policy (RSOP). The Windows LAPS “BackupDirectory” policy setting was not reported. This occurs when the setting is set to 1, which is “Back up to AAD.”
  • This update addresses a known issue that affects ClickOnce. Apps that you used ClickOnce to deploy might begin to prompt for installation. This occurs even when the ClickOnce apps are already installed and marked as “trusted”.
  • The update addresses an issue that affects those who use Windows Update for Business. After you are asked to change your password at sign-in, the change operation fails. Then you cannot sign in. The error code is 0xc000006d.

These are all of the features, improvements, and fixes that KB5030211 offers for Windows 10 22H2 and 21H2. To read more in-depth about these, refer to this Microsoft announcement of KB5030211.

Other than these improvements and fixes, this update also includes security updates.

Security updates in KB5030211

Out of the 63 vulnerabilities, 5 are deemed of critical importance. It means that their chances of being exploited are high. It is observed that most of these critical vulnerabilities address Remote Code Execution in Visual Studio, and one of these addresses an Elevation of privilege in Microsoft Azure Kubernetes.

Here is a quick summary of the critical vulnerabilities in this update:

  • CVE-2023-38148 – Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
  • CVE-2023-29332 – Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability
  • CVE-2023-36796 – Visual Studio Remote Code Execution Vulnerability
  • CVE-2023-36793 – Visual Studio Remote Code Execution Vulnerability
  • CVE-2023-36792 – Visual Studio Remote Code Execution Vulnerability

Additionally, 2 zero-day vulnerabilities have also been addressed in this month’s Patch Tuesday updates. These are CVE-2023-36761 which addressed a Microsoft Word Information Disclosure vulnerability, and CVE-2023-36802 which addresses a Microsoft Streaming Service Proxy Elevation of Privilege vulnerability.

While only CVE-2023-36761 has been publically disclosed both of these have already been exploited. Therefore, it is recommended that you install this KB article as soon as possible and patch up the vulnerabilities.

Moreover, Microsoft is currently not aware of any issues with this release.

Download and install KB5030211

This update can be installed through Windows Update and standalone installers.

We have given the direct download links to the standalone installers below, using which you can install the update on your respective Windows 10 version, or you can simply update to the latest build using Windows Update through the given guide below.

Standalone installers

Click on the links below to download the KB article for your Windows 10 version .

KB ArticleWindows VersionDownload
KB5030211Windows 10 22H2x64
KB5030211Windows 10 21H2x64
Download Windows 10 Patch Tuesday updates for September 2023

To install the update, simply run the downloaded MSU file and Windows will automatically install the update. You can also extract the CAB file from the MSU file and install it.

To download any other updates related to any of the above, please check the Microsoft Catalog.

Windows Update

To install this update via Windows Update, you need to be running Windows 10 version 22H2 or 21H2 (with the supported edition). To check the version and edition of the operating system, type in “winver” in the Run Command box and press Enter.

Once you have the right OS version, perform the following steps to install KB5030211 :

  1. Navigate to the following:

    Settings app >> Update and Security >> Windows Update
  2. Click “Check for updates” on the right.

    Check for updates windows 10
    Check for pending updates

    You will now see the following update downloading and installing automatically:

    2023-09 Cumulative Update for Windows 10 version 2XH2
     for x64/x86-based Systems (KB5030211)
  3. Click “Restart Now” when the update is ready for final installation.

    Restart computer 1
    Restart computer

Once the computer restarts, the update will be successfully installed. To confirm this, check the updated build number by typing in “winver” in the Run Command box.

KB5030211 successfully installed on Windows 10 22H2
KB5030211 successfully installed on Windows 10 22H2

Rollback/remove Windows 10 cumulative update

If you do not wish to keep the installed update for some reason, you can always roll back to the previous build of the OS. However, this can only be performed within the next 10 days after installing the new update.

To roll back after 10 days, you will need to apply this trick.

Cleanup after installing Windows updates

If you want to save space after installing Windows updates, you can run the following commands one after the other in Command Prompt with administrative privileges:

dism.exe /Online /Cleanup-Image /AnalyzeComponentStore
dism.exe /Online /Cleanup-Image /StartComponentCleanup
dism cleanup
Cleanup after Windows update installation

Block KB5030211 from installing

Since these are mandatory updates, they will download and install themselves on the schedule. If you want to block them from installing, temporarily or permanently, you can follow the steps below:

  1. Download the “Show or hide updates” tool from Microsoft.

  2. Run the utility and click Next to start the scanning process.

    Show or hide updates
    Show or hide updates
  3. Next, click the “Hide updates” button.

    Hide updates
    Hide updates
  4. Select the update(s) you want to block and click Next.

    This automatically hides the update from Windows Update and it will not be installed during the next update process.

  5. Click the Close button.

If you want to unhide or show hidden updates, run the tool again and select “Show hidden updates” instead of “Hide updates.” The rest of the process is the same.

Windows 10 KB5030211 hands-on

We have installed KB5030211 through Windows Update on one of our VMs and gained some insight that we’d like to share with our readers.

Since we had previously installed last month’s non-security update KB5029331, it did not take a lot of time to download and install KB5030211.

After it was installed, there were no visible changes within the OS, or in its functionality. This seems true since the release notes do not mention any new features either.

Furthermore, after having done some research, at the time of writing this post, no additional issues (other than the known issues) had been reported by any Windows 10 users.

Windows 10 Patch Tuesday History

KB ArticleOS VersionsBuildRelease DateSignificant ChangesAnnouncement
KB503476322H2, 21H21904X.404613-Feb-24Makes OS DMA compliant, dynamic weathers widget on lock screen, other fixes and security improvementsMicrosoft Announcement of KB5034763
KB503412222H2, 21H21904X.39309-Jan-24Fixes auto-shutdown issue after authenticating from smart card Microsoft Announcement of KB5034122
KB503337222H2, 21H21904X.380313-Dec-23Introduced Windows Copilot to Windows 10Microsoft Announcement of KB5033372
KB503218922H2, 21H21904X.369314-Nov-23Fixes update installation issues, touchscreen, and Outlook issues.Microsoft Announcement of KB5032189
KB503135622H2, 21H21904X.357010-Oct-23Improved search box experience, animations to certain icons, several fixes and security patchesMicrosoft Announcement of KB5031356
KB503021122H2, 21H21904X.344812-Sep-23Fixes smart card authentication for domain joining, improves location detection, expands the rollout of notification badging for Microsoft accounts on the Start menuMicrosoft Announcement of KB5030211
KB502924422H2, 21H21904X.33248-Aug-23Addresses VPN issues, makes notifications more reliable, and addresses critical Remote Code Execution vulnerabilities.Microsoft Announcement of KB5029244
KB502816622H2, 21H21904X.320811-Jul-23Improvements to Microsoft Defender for Endpoint, Printer Spooler, and others.Microsoft Announcement of KB5028166
KB502721522H2, 21H21904X.308613-Jun-23Ability to sync language and region settings, address issues with LSASS, and other security improvementsMicrosoft Announcement of KB5027215
KB502636122H2, 21H2, 20H21904X.29659-May-23The ability to sync language and region settings addresses issues with LSASS, other security improvementsMicrosoft Announcement of KB5026361
KB502522122H2, 21H2, 20H21904X.284611-Apr-23Ability to sync language and region settings addresses issues with LSASS, other security improvementsMicrosoft Announcement of KB5025221
KB502369622H2, 21H2, 20H21904X.272814-Mar-23Improved Windows Spotlight experience on the lock screen, fixed AD joining issue and othersMicrosoft Announcement of KB5023696
KB502283422H2, 21H2, 20H21904X.260414-Feb-23Fixes audio issues with IoT devicesMicrosoft Announcement of KB5022834
KB502228222H2, 21H2, 20H21904X.248610-Jan-23Microsoft ODBC SQL Server Driver connectivity issue resolvedMicrosoft Announcement of KB5022282
KB502123322H2, 21H2, 21H1, 20H21904X.236413-Dec-22-Search bar will now appear by default on the taskbar
-Cortana won’t be pinned in the taskbar by default
Microsoft Announcement of KB5021233
KB501995922H2, 21H2, 21H1, 20H21904X.22518-Nov-22Fixes to Microsoft Direct3D 9 and DCOMMicrosoft Announcement of KB5019959
Changelog for Windows 10 Patch Tuesday updates
If you liked this post, Share it on:

Get Updates in Your Inbox

Sign up for the regular updates and be the first to know about the latest tech information

Subhan Zafar is an established IT professional with interests in Windows and Server infrastructure testing and research, and is currently working with Itechtics as a research consultant. He has studied Electrical Engineering and is also certified by Huawei (HCNA & HCNP Routing and Switching).

Leave the first comment