It is now the second Tuesday of the month, and as anticipated, Microsoft has released KB5030211 for Windows 10 version 22H2 and 21H2 (specific editions only). As usual, this is a security update that includes patches for discovered vulnerabilities and also addresses issues with the OS.
Installing KB5030211 will upgrade the operating system’s build to 19044.3448 (21H2) and 19045.3448 (22H2).
Most of the improvements included in this release were included in last month’s optional non-security update KB5029331. But another improvement has since been added to this release that addresses authentication issues with smart cards while joining a PC to a domain.
Moreover, this release addresses a total of 63 vulnerabilities, out of which 2 are zero-day vulnerabilities that have already been exploited by attackers. More information on these ahead.
You can learn more about these security vulnerability fixes on Microsoft’s MSRC vulnerability guide. Set the filter to “Update Tuesday (2nd Tuesday of the month)” and then select “September 2023” in the “Vulnerabilities” tab.
This page covers
KB5030211 release summary
The table below gives a brief summary of the update and the updated OS builds:
|Article KB||OS Version||Release Date||Updated OS Build|
|KB5030211||Windows 10 22H2||12 September 2023||19045.3448|
|KB5030211||Windows 10 21H2||12 September 2023||19044.3448|
This update includes all the improvements that were introduced in KB5029331 which was released on 22nd August 2023 and was a Type D update. Other than those, one additional improvement has also been included
We have compiled and listed all of the new features and improvements in KB5030211 here for you:
- [New] This update addresses an issue that affects authentication while using a smart card to join or rejoin a computer to an Active Directory domain. Previously, the computer failed to join the domain, and the issue started occurring after installing Windows updates dated October 2022 or later.
- This update improves how Windows detects your location. This helps to give you better weather, news, and traffic information.
- This update expands the rollout of notification badging for Microsoft accounts on the Start menu. A Microsoft account is what connects Windows to your Microsoft apps. The account backs up all your data and helps you to manage your subscriptions.
- This update adds the Windows Backup app to your device.
- This update supports daylight saving time (DST) changes in Israel.
- This update addresses an issue that affects the display of the search box.
- This update addresses an issue that affects settings. They do not sync even if you turn on the toggle on the Windows backup page in the Settings app.
- This update addresses an issue that affects the Group Policy Service. It will not wait for 30 seconds, which is the default wait time, for the network to be available. Because of this, policies are not correctly processed.
- This update adds a new API for D3D12 Independent Devices. You can use it to create multiple D3D12 devices on the same adapter.
- This update addresses an issue that affects an app that simulates keyboard input. That app might not send Japanese characters to other apps.
- This update addresses an issue that affects a WS_EX_LAYERED window. The window might be rendered with the wrong dimensions or at the wrong position. This occurs when you scale the display screen.
- This update addresses an issue that affects print jobs that are sent to a virtual print queue. They fail without an error.
- This update addresses an issue that affects disk partitions. The system might stop working. This occurs after you delete a disk partition and add the space from the deleted partition to an existing BitLocker partition.
- This update addresses an issue that affects Remote Desktop (RD) sessions. They disconnect when multiple apps are in use.
- This update addresses an issue that affects the Resultant Set of Policy (RSOP). The Windows LAPS “BackupDirectory” policy setting was not reported. This occurs when the setting is set to 1, which is “Back up to AAD.”
- This update addresses a known issue that affects ClickOnce. Apps that you used ClickOnce to deploy might begin to prompt for installation. This occurs even when the ClickOnce apps are already installed and marked as “trusted”.
- The update addresses an issue that affects those who use Windows Update for Business. After you are asked to change your password at sign-in, the change operation fails. Then you cannot sign in. The error code is 0xc000006d.
These are all of the features, improvements, and fixes that KB5030211 offers for Windows 10 22H2 and 21H2. To read more in-depth about these, refer to this Microsoft announcement of KB5030211.
Other than these improvements and fixes, this update also includes security updates.
Security updates in KB5030211
Out of the 63 vulnerabilities, 5 are deemed of critical importance. It means that their chances of being exploited are high. It is observed that most of these critical vulnerabilities address Remote Code Execution in Visual Studio, and one of these addresses an Elevation of privilege in Microsoft Azure Kubernetes.
Here is a quick summary of the critical vulnerabilities in this update:
- CVE-2023-38148 – Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
- CVE-2023-29332 – Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability
- CVE-2023-36796 – Visual Studio Remote Code Execution Vulnerability
- CVE-2023-36793 – Visual Studio Remote Code Execution Vulnerability
- CVE-2023-36792 – Visual Studio Remote Code Execution Vulnerability
Additionally, 2 zero-day vulnerabilities have also been addressed in this month’s Patch Tuesday updates. These are CVE-2023-36761 which addressed a Microsoft Word Information Disclosure vulnerability, and CVE-2023-36802 which addresses a Microsoft Streaming Service Proxy Elevation of Privilege vulnerability.
While only CVE-2023-36761 has been publically disclosed both of these have already been exploited. Therefore, it is recommended that you install this KB article as soon as possible and patch up the vulnerabilities.
Moreover, Microsoft is currently not aware of any issues with this release.
Download and install KB5030211
This update can be installed through Windows Update and standalone installers.
We have given the direct download links to the standalone installers below, using which you can install the update on your respective Windows 10 version, or you can simply update to the latest build using Windows Update through the given guide below.
Click on the links below to download the KB article for your Windows 10 version.
|KB Article||Windows Version||Download|
|KB5030211||Windows 10 22H2||x64|
|KB5030211||Windows 10 21H2||x64|
To download any other updates related to any of the above, please check the Microsoft Catalog.
To install this update via Windows Update, you need to be running Windows 10 version 22H2 or 21H2 (with the supported edition). To check the version and edition of the operating system, type in “winver” in the Run Command box and press Enter.
Once you have the right OS version, perform the following steps to install KB5030211:
Navigate to the following:
Settings app >> Update and Security >> Windows Update
Click “Check for updates” on the right.
You will now see the following update downloading and installing automatically:
2023-09 Cumulative Update for Windows 10 version 2XH2 for x64/x86-based Systems (KB5030211)
Click “Restart Now” when the update is ready for final installation.
Once the computer restarts, the update will be successfully installed. To confirm this, check the updated build number by typing in “winver” in the Run Command box.
Rollback/remove Windows 10 cumulative update
If you do not wish to keep the installed update for some reason, you can always roll back to the previous build of the OS. However, this can only be performed within the next 10 days after installing the new update.
To roll back after 10 days, you will need to apply this trick.
Cleanup after installing Windows updates
If you want to save space after installing Windows updates, you can run the following commands one after the other in Command Prompt with administrative privileges:
dism.exe /Online /Cleanup-Image /AnalyzeComponentStore dism.exe /Online /Cleanup-Image /StartComponentCleanup
Block KB5030211 from installing
Since these are mandatory updates, they will download and install themselves on the schedule. If you want to block them from installing, temporarily or permanently, you can follow the steps below:
Download the “Show or hide updates” tool from Microsoft.
Run the utility and click Next to start the scanning process.
Next, click the “Hide updates” button.
Select the update(s) you want to block and click Next.
This automatically hides the update from Windows Update and it will not be installed during the next update process.
Click the Close button.
If you want to unhide or show hidden updates, run the tool again and select “Show hidden updates” instead of “Hide updates.” The rest of the process is the same.
Windows 10 KB5030211 hands-on
We have installed KB5030211 through Windows Update on one of our VMs and gained some insight that we’d like to share with our readers.
Since we had previously installed last month’s non-security update KB5029331, it did not take a lot of time to download and install KB5030211.
After it was installed, there were no visible changes within the OS, or in its functionality. This seems true since the release notes do not mention any new features either.
Furthermore, after having done some research, at the time of writing this post, no additional issues (other than the known issues) had been reported by any Windows 10 users.
Windows 10 Patch Tuesday History
|KB Article||OS Versions||Build||Release Date||Significant Changes||Announcement|
|KB5030211||22H2, 21H2||1904X.3448||12-Sep-23||Fixes smart card authentication for domain joining, improves location detection, expands the rollout of notification badging for Microsoft accounts on the Start menu||Microsoft Announcement of KB5030211|
|KB5029244||22H2, 21H2||1904X.3324||8-Aug-23||Addresses VPN issues, makes notifications more reliable, and addresses critical Remote Code Execution vulnerabilities.||Microsoft Announcement of KB5029244|
|KB5028166||22H2, 21H2||1904X.3208||11-Jul-23||Improvements to Microsoft Defender for Endpoint, Printer Spooler, and others.||Microsoft Announcement of KB5028166|
|KB5027215||22H2, 21H2||1904X.3086||13-Jun-23||Fixes issues with 32-bit apps, patches a Windows kernel information disclosure vulnerability||Microsoft Announcement of KB5027215|
|KB5026361||22H2, 21H2, 20H2||1904X.2965||9-May-23||Ability to sync language and region settings, addresses issues with LSASS, and other security improvements||Microsoft Announcement of KB5026361|
|KB5025221||22H2, 21H2, 20H2||1904X.2846||11-Apr-23||Ability to sync language and region settings addresses issues with LSASS, other security improvements||Microsoft Announcement of KB5025221|
|KB5023696||22H2, 21H2, 20H2||1904X.2728||14-Mar-23||Improved Windows Spotlight experience on the lock screen, fixed AD joining issue and others||Microsoft Announcement of KB5023696|
|KB5022834||22H2, 21H2, 20H2||1904X.2604||14-Feb-23||Fixes audio issues with IoT devices||Microsoft Announcement of KB5022834|
|KB5022282||22H2, 21H2, 20H2||1904X.2486||10-Jan-23||Microsoft ODBC SQL Server Driver connectivity issue resolved||Microsoft Announcement of KB5022282|
|KB5021233||22H2, 21H2, 21H1, 20H2||1904X.2364||13-Dec-22||-Search bar will now appear by default on the taskbar|
-Cortana won’t be pinned in the taskbar by default
|Microsoft Announcement of KB5021233|
|KB5019959||22H2, 21H2, 21H1, 20H2||1904X.2251||8-Nov-22||Fixes to Microsoft Direct3D 9 and DCOM||Microsoft Announcement of KB5019959|