December 13, 2022—KB5021234 (OS Build 22000.1335)
Highlights
- This update addresses security issues for your Windows operating system.
Improvements
- This update addresses an issue that affects remote networks. This issue stops you from reconnecting to them using DirectAccess.
- This update addresses an issue that might affect Data Protection Application Programming Interface (DPAPI) decryption. The decryption of a certificate private key might fail. Because of this, virtual private network (VPN) and other 802.1 certificate-based authentication might fail. This issue might occur when you encrypt the DPAPI master key with a wrong value.
If you installed earlier updates, only the new updates contained in this package will be downloaded and installed on your device.
For more information about security vulnerabilities, please refer to the Security Update Guide website and the December 2022 Security Updates.
Windows 11 servicing stack update – 22000.1270
This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates.
Known issues in this update
| Applies to | Symptom | Workaround |
|---|---|---|
| IT admins | After you install this or later updates, you might be unable to reconnect to Direct Access after temporarily losing network connectivity or transitioning between Wi-Fi networks or access points.
Note This issue should not affect other remote access solutions such as VPN (sometimes called Remote Access Server or RAS) and Always On VPN (AOVPN). Windows devices used at home by consumers or devices in organizations which are not using Direct Access to remotely access the organization’s network resources are not affected.
|
If you cannot use the resolution below, you can mitigate this issue by restarting your Windows device.
This issue is resolved using Known Issue Rollback (KIR). Please note that it might take up to 24 hours for the resolution to propagate automatically to consumer devices and non-managed business devices. Restarting your Windows device might help the resolution apply to your device faster. For enterprise-managed devices that have installed an affected update and encountered this issue can be resolved by installing and configuring a special Group Policy. The special Group Policy can be found in Computer Configuration -> Administrative Templates -> <Group Policy name listed below>. For information on deploying and configuring these special Group Policy, please see How to use Group Policy to deploy a Known Issue Rollback. Group Policy downloads with Group Policy name:
Important You will need to install and configure the Group Policy for your version of Windows to resolve this issue.
|
| IT admins | After installing this update, apps that use ODBC connections through Microsoft ODBC SQL Server Driver (sqlsrv32.dll) to access databases might not connect. Additionally, you might receive an error in the app, or you might receive an error from the SQL Server. Errors you might receive include the following messages:
To decide whether you are using an affected app, open the app that connects to a database. Open a Command Prompt window, type the following command and then press Enter: tasklist /m sqlsrv32.dll If the command lists a task, then the app might be affected.
|
We are working on a resolution and will provide an update in an upcoming release.
|
How to get this update
Before installing this update
Microsoft combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
Install this update
| Release Channel | Available | Next Step |
| Windows Update and Microsoft Update | Yes | None. This update will be downloaded and installed automatically from Windows Update. |
| Windows Update for Business | Yes | None. This update will be downloaded and installed automatically from Windows Update in accordance with configured policies. |
| Microsoft Update Catalog | Yes | To get the standalone package for this update, go to the Microsoft Update Catalog website. |
| Windows Server Update Services (WSUS) | Yes | This update will automatically sync with WSUS if you configure Products and Classifications as follows:
Product: Windows 11 Classification: Security Updates |
If you want to remove the LCU
To remove the LCU after installing the combined SSU and LCU package, use the DISM/Remove-Package command line option with the LCU package name as the argument. You can find the package name by using this command: DISM /online /get-packages.
Running Windows Update Standalone Installer (wusa.exe) with the /uninstall switch on the combined package will not work because the combined package contains the SSU. You cannot remove the SSU from the system after installation.
File information
For a list of the files that are provided in this update, download the file information for cumulative update 5021234.
For a list of the files that are provided in the servicing stack update, download the file information for the SSU – version 22000.1270.
Source: https://support.microsoft.com/en-gb/topic/december-13-2022-kb5021234-os-build-22000-1335-56a94ce4-7122-447d-98d8-360e95fc0cf9
Download links
MSU file from Microsoft Update Catalog
Download KB5021234 MSU for Windows 11 v21H2 64-bit (x64) – 315.5 MB
Download KB5021234 MSU for Windows 11 v21H2 ARM64 – 432.6 MB
