This week Microsoft launched its last major monthly maintenance of the year 2022. This December Patch Tuesday gave rise to several cumulative updates including two KBs aimed at PCs running Windows 11.
It’s no wonder Microsoft is releasing not one but two cumulative updates for Windows 11. Why? The operating system has recently evolved with the release of 22H2. We thus find two distinct versions which are the target of two different updates.
In detail, Redmond has released the following two updates
- KB5021234 for Windows 11 21H2,: (OS Build 22000.1335)
- KB5021255 for Windows 11 22H2: (OS Build 22621.963)
The installation of the first allows the OS to evolve in construction 22000.1335 against 22621.963 for the second. These numbers are important because they allow you to verify that everything went well. You can find them by running “winver.exe” in Run.
Windows 11 and updates KB5021234 and KB5021255
We are on Patch Tuesday. The focus is on security. A total of 25 vulnerabilities are fixed. In this list we find 3 critical flaws affecting PowerShell and the SSTP protocol.
- CVE-2022-41076 -> Remote Code Execution in PowerShell,
- CVE-2022-44676 and CVE-2022-44670 -> Remote code execution through Windows Secure Socket Tunneling Protocol (SSTP).
In parallel Microsoft also corrects problems including a problematic bug with the Task Manager. It is the cause of a display problem with unexpected colors making it impossible to read the information. This bug was known and so far the solution was to switch from custom mode to light or dark world. Microsoft explains
This update fixes a known issue that may affect Task Manager. It may display some User Interface (UI) elements in unexpected colors. Some parts of the interface may not be readable. This issue can occur if you have set “Choose your mode” to “Custom” in the Personalization > Colors section of the settings.
This is in addition to resolving an issue causing VPN authentication to fail. This bug is particularly problematic for businesses. precise redmond
This update addresses an issue that may affect Data Protection Application Programming Interface (DPAPI) decryption. Decryption of a certificate private key may fail. For this reason, Virtual Private Network (VPN) and other 802.1 certificate-based authentications may fail. This issue can occur when you encrypt the DPAPI master key with an incorrect value.
In view of all this, it is recommended to install these two updates. Normally they are offered automatically by Windows Update. You can also retrieve them manually via Microsoft Catalog Update. Here are the links