Win Update KB5034129 Cumulative Update for Windows Server 2022 Build 20348.2227

January 9, 2024 - KB5034129 (OS Build 20348.2227)​

For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page.

Note Follow @WindowsUpdate to find out when new content is published to the Windows release health dashboard.

Improvements​

This security update includes quality improvements. When you install this KB:

• This update addresses an issue that affects Microsoft Intune. One of its new features does not work properly.
• This update addresses an issue that affects account lockout event 4625. The format of the event is wrong in the ForwardedEvents log. This occurs when an account name is in the user principal name (UPN) format.
• This update addresses an issue that affects hybrid joined devices. You cannot sign in to them if they are not connected to the internet. This occurs when you use a Windows Hello for Business PIN or biometric credentials. This issue applies to a cloud trust deployment.
• This update addresses an issue that affects the Trusted Sites Zone logon policy. You cannot manage it using mobile device management (MDM).
• This update addresses an issue that affects Microsoft Excel. It stops responding when you try to share a file as a PDF in Outlook.
• This update addresses an issue that affects the Server Manager pop-up text. It removes the words “Azure Automanage.”
• This update addresses an issue that affects XPath queries on FileHash and other binary fields. It stops them from matching values in event records.
• This update addresses an issue that affects certain network functions on VMs. Deployment of them fails.
• This update addresses an issue that affects the Network Controller. The issue makes you create more rules for outbound traffic so that return traffic is not blocked.
• This update addresses an issue that affects a WS_EX_LAYERED window. The window might render with the wrong dimensions or at the wrong position. This occurs when you scale the display screen.
• This update addresses an issue that affects printing to PDF metadata. It extracts the username that you sign in with and puts it into the author name metadata box. Instead, print to PDF should place your display name in that box.
• This update addresses an issue that affects disk partitions. Your system might stop responding. This occurs if you add space from a deleted partition to an existing BitLocker partition.
• This update addresses an issue that affects Windows Defender Application Control (WDAC). AppID Tagging policies might greatly increase how long it takes your device to start up.
• This update addresses an issue that causes your device to shut down after 60 seconds. This occurs when you use a smart card to authenticate on a remote system.
• This update addresses an issue that affects the display of a smart card icon. The icon does not appear when you sign in. This occurs when there are multiple certificates on the smart card.
• This update addresses an issue that affects Active Directory domain controllers. They report DS_BUSY errors when you create new users. This only occurs on primary domain controller emulators (PDCe).
• This update addresses an issue that affects the Windows Local Administrator Password Solution (Windows LAPS). The LAPS account does not work. This occurs if the password is older than the age that the maximum age device policy allows.
• This update addresses an issue that affects the Kerberos Key Distribution Center (KDC). It returns a KDC_ERR_S_PRINCIPAL_UNKNOWN error during trust referrals, which is wrong.
• This update addresses an issue that affects the msDS-KeyCredentialLink attribute. In some cases, it is updated when it should not be.
• This update addresses an issue that causes lsass.exe to stop responding. Because of this, a restart loop occurs.
• This update addresses an issue that affects the Key Distribution Service (KDS). It does not start in the time required if LDAP referrals are needed.

If you installed earlier updates, only the new updates contained in this package will be downloaded and installed on your device.

For more information about security vulnerabilities, please refer to the Security Update Guide and the January 2024 Security Updates.

Windows Server 2022 servicing stack update - 20348.2200​

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates.

Known issues in this update​

Microsoft is not currently aware of any issues with this update.

How to get this update​

Before installing this update

Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.

Install this update

Release Channel	Available	Next Step
Windows Update and Microsoft Update	Yes	None. This update will be downloaded and installed automatically from Windows Update.
Windows Update for Business	Yes	None. This update will be downloaded and installed automatically from Windows Update in accordance with configured policies.
Microsoft Update Catalog	Yes	To get the standalone package for this update, go to the Microsoft Update Catalog website.
Windows Server Update Services (WSUS)	Yes	This update will automatically sync with WSUS if you configure Products and Classifications as follows: Product: Microsoft Server operating system-21H2 Classification: Security Updates

If you want to remove the LCU

To remove the LCU after installing the combined SSU and LCU package, use the DISM/Remove-Package command line option with the LCU package name as the argument. You can find the package name by using this command: DISM /online /get-packages.

Running Windows Update Standalone Installer (wusa.exe) with the /uninstall switch on the combined package will not work because the combined package contains the SSU. You cannot remove the SSU from the system after installation.

File Information

For a list of the files that are provided in this update, download the file information for cumulative update 5034129.

For a list of the files that are provided in the servicing stack update, download the file information for the SSU - version 20348.2200.

Click to expand...

January 9, 2024—KB5034129 (OS Build 20348.2227) - Microsoft Support

support.microsoft.com

Select language for Feature update to Microsoft server operating system, version 21H2 (20348.2227) amd64

Select language for Feature update to Microsoft server operating system, version 21H2 (20348.2227) amd64 on UUP dump. UUP dump lets you download Unified Update Platform files, like Windows Insider updates, directly from Windows Update.

uupdump.net

UUP Dump - Download Windows Insider ISO

UUP Dump is the most practical and easy way to get ISO images of any Insider Windows 10 or Windows 11 version, as soon as Microsoft has released a new build. UUP Dump creates a download configuration file according to your choices, downloads necessary files directly from Microsoft servers, and...

www.elevenforum.com