When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

December Patch Tuesday update for Windows 11 22H2 (KB5021255) and 21H2 (KB5021234) out now

Patch Tuesday

Microsoft has released the latest Patch Tuesday updates for Windows 11 22H2 and 21H2. The update is KB5021255 on Windows 11 22H2 and KB5021234 on Windows 11 21H2. The updates also come with Windows 11 servicing stack updates, which ensure future Windows updates can be delivered reliably.

The release notes for these updates are as follows:

Highlights (22H2)

  • This update addresses a known issue that might affect Task Manager. It might display certain elements in the user interface (UI) in unexpected colors. Some parts of the UI might not be readable. This issue might occur if you have "Choose your mode" set to "Custom" in the Personalization > Colors section of Settings.
  • This update addresses security issues for your Windows operating system.
  • New! It gives Microsoft OneDrive subscribers storage alerts on the Systems page in the Settings app. The alerts appear when you are close to your storage limit. You can also manage your storage and purchase additional storage, if needed.
  • New! It provides the full amount of the storage capacity of all your OneDrive subscriptions. It also displays the total storage on the Accounts page in the Settings app.
  • New! It combines Windows Spotlight with Themes on the Personalization page. This makes it easier for you to discover and turn on the Windows Spotlight feature.
  • It addresses an issue that affects some modern applications. It stops them from opening.
  • It addresses a known issue that affects the Input Method Editor (IME). Certain applications might stop responding. This occurs when you use keyboard shortcuts to change the input mode of the IME.
  • It addresses an issue that causes File Explorer to stop working. This occurs when you close context menus and menu items.
  • It addresses an issue that might cause certain apps to stop responding. This occurs when you use the Open File dialog.
  • It addresses the suspension of daylight saving time (DST) in the Republic of Fiji for this year.

Improvements

  • This update addresses an issue that might affect Data Protection Application Programming Interface (DPAPI) decryption. The decryption of a certificate private key might fail. Because of this, virtual private network (VPN) and other 802.1 certificate-based authentication might fail. This issue might occur when you encrypt the DPAPI master key with a wrong value.
  • New! It gives Microsoft OneDrive subscribers storage alerts on the Systems page in the Settings app. The alerts appear when you are close to your storage limit. You can also manage your storage and purchase additional storage, if needed.
  • New! It provides the full amount of the storage capacity of all your OneDrive subscriptions. It also displays the total storage on the Accounts page in the Settings app.
  • New! It combines Windows Spotlight with Themes on the Personalization page. This makes it easier for you to discover and turn on the Windows Spotlight feature.
  • New! It adds a new mobile device management (MDM) policy for organizational messages. It gives your company the option to enroll tenant devices so that they receive custom messages from you. For example, you can use Intune to write the messages. They will render within Windows.
  • It addresses an issue that affects some modern applications. It stops them from opening.
  • It addresses an issue that affects some devices that are managed by an enterprise. We improve the reliability of app installations for them.
  • It addresses the suspension of daylight saving time (DST) in the Republic of Fiji for this year.
  • It addresses an issue that affects Distributed Component Object Model (DCOM) authentication hardening. We will automatically raise the authentication level for all non-anonymous activation requests from DCOM clients to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY. This occurs if the authentication level is below Packet Integrity.
  • It addresses an issue that affects Unified Update Platform (UUP) on-premises customers. It removes the block that stops them from getting offline language packs.
  • It addresses an issue that affects process creation. It fails to create security audits for it and other related audit events.
  • It addresses an issue that affects cluster name objects (CNO) or virtual computer objects (VCO). Password reset fails. The error message is, " There was an error resetting the AD password... // 0x80070005”.
  • It addresses an issue that affects transparency in layered windows. This occurs when you are in High Definition remote applications integrated locally (RAIL) mode.
  • It addresses a known issue that affects the Input Method Editor (IME). Certain applications might stop responding. This occurs when you use keyboard shortcuts to change the input mode of the IME.
  • It addresses an issue that affects microphone streams that use the Listen To feature to route to the speaker endpoint. The microphone stops working after you restart the device.
  • It addresses an issue that might affect applications that run on the Windows Lock Down Policy (WLDP). They might stop working.
  • It addresses an issue that affects Microsoft Defender when it is not the primary antivirus. Microsoft Defender fails to turn off passive mode. This issue occurs when you turn off Smart App Control (SAC).
  • It adds .wcx to the list of Dangerous Extensions that some app control policies do not allow.
  • It addresses an issue that affects Microsoft Defender for Endpoint. Automated investigation blocks live response investigations.
  • It addresses an issue that affects printing in landscape mode in Microsoft Edge. The print output is incorrect. This issue occurs when you use Microsoft Defender Application Guard.
  • It addresses an issue that causes File Explorer to stop working. This occurs when you close context menus and menu items.
  • It addresses an issue that might cause certain apps to stop responding. This occurs when you use the Open File dialog.
  • It addresses an issue that sometimes affects File Explorer when you open a file. Because of this issue, there is high CPU usage.
  • It addresses an issue that affects protocol activation of the Settings app. The app fails to open a page under the Accounts category.
  • It addresses an issue that affects a computer account. Use of non-standard characters can stop the cleanup of the Out of Box Experience (OOBE) accounts.
  • It addresses an issue that affects the CopyFile function. It might sometimes return error 317: ERROR_MR_MID_NOT_FOUND.
  • It addresses an issue that affects the Windows Firewall service. It does not start when you turn on the Override block rules option.
  • It addresses an issue that affects the performance of some games and applications. This issue is related to GPU performance debugging features.
  • It addresses an issue that affects cumulative update installations. They fail, and the error code is 0x800f0806.

Highlights (21H2)

  • This update addresses security issues for your Windows operating system.
  • It addresses some persistent update failures for the Microsoft Store.
  • It addresses an issue that affects pinned apps on the Start menu. The Start menu stops working when you move between pages of pinned apps. This issue occurs when the language is a right to left (RTL) language.
  • It addresses the suspension of daylight saving time (DST) in the Republic of Fiji for this year.

Improvements

  • This update addresses an issue that affects remote networks. This issue stops you from reconnecting to them using DirectAccess.
  • This update addresses an issue that might affect Data Protection Application Programming Interface (DPAPI) decryption. The decryption of a certificate private key might fail. Because of this, virtual private network (VPN) and other 802.1 certificate-based authentication might fail. This issue might occur when you encrypt the DPAPI master key with a wrong value.
  • New! It provides the Quick Assist application for your client device.
  • New! It provides a way to authenticate Azure Active Directory joined devices to determine if they are on a trusted network. This helps the Windows Defender Firewall to apply the right policies as configured by your organization. This feature is only for enterprise customers. An IT administrator must configure this feature using a mobile device management (MDM) policy. For more information on how to configure a configuration service provider (CSP), see Policy CSP – NetworkListManager.
  • It addresses some persistent update failures for the Microsoft Store.
  • It addresses the suspension of daylight saving time (DST) in the Republic of Fiji for this year.
  • It addresses an issue that affects some devices that are managed by an enterprise. It improves the reliability of app installations for them.
  • It addresses an issue that affects Unified Update Platform (UUP) on-premises customers. It removes the block that stops them from getting offline language packs.
  • It addresses an issue that affects cluster name objects (CNO) or virtual computer objects (VCO). Password reset fails. The error message is, " There was an error resetting the AD password... // 0x80070005”.
  • It addresses an issue that affects Microsoft Direct3D 9 (D3D9). It causes D3D9 to stop working when you use Microsoft Remote Desktop.
  • It addresses an issue that affects the Windows Firewall service. It does not start when you turn on the Override block rules option.
  • It addresses an issue that might affect applications that run on the Windows Lock Down Policy (WLDP). They might stop working.
  • It addresses an issue that affects Microsoft Defender for Endpoint. Automated investigation blocks live response investigations.
  • It addresses an issue that affects TextInputHost.exe. It stops responding.
  • It addresses an issue that affects pinned apps on the Start menu. The Start menu stops working when you move between pages of pinned apps. This issue occurs when the language is a right to left (RTL) language.

Windows 11 servicing stack update – 22000.898 (22H2) / 22000.1270 (21H2)

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates.

Known issues in this update (22H2)

Applies to

Symptom Workaround

IT admins

Using provisioning packages on Windows 11, version 22H2 (also called Windows 11 2022 Update) might not work as expected. Windows might only be partially configured, and the Out Of Box Experience might not finish or might restart unexpectedly. Provisioning packages are .PPKG files which are used to help configure new devices for use on business or school networks. Provisioning packages which are applied during initial setup are most likely to be impacted by this issue. For more information on provisioning packages, please see Provisioning packages for Windows.

Note Provisioning Windows devices using Windows Autopilot is not affected by this issue.

Windows devices used by consumers in their home or small offices are not likely to be affected by this issue.

If you can provision the Windows device before upgrading to Windows 11, version 22H2, this will prevent the issue.

We are presently investigating and will provide an update in an upcoming release.

IT admins

Copying large multiple gigabyte (GB) files might take longer than expected to finish on Windows 11, version 22H2. You are more likely to experience this issue copying files to Windows 11, version 22H2 from a network share via Server Message Block (SMB) but local file copy might also be affected.Windows devices used by consumers in their home or small offices are not likely to be affected by this issue.

To mitigate this issue, you can use file copy tools that do not use cache manager (buffered I/O). This can be done by using the built-in command-line tools listed below:

robocopy \\someserver\someshare c:\somefolder somefile.img /J

or

xcopy \\someserver\someshare c:\somefolder /J

We are working on a resolution and will provide an update in an upcoming release.

IT admins

After you install this or later updates, you might be unable to reconnect to Direct Access after temporarily losing network connectivity or transitioning between Wi-Fi networks or access points.

Note This issue should not affect other remote access solutions such as VPN (sometimes called Remote Access Server or RAS) and Always On VPN (AOVPN).

Windows devices used at home by consumers or devices in organizations which are not using Direct Access to remotely access the organization's network resources are not affected.

If you cannot use the resolution below, you can mitigate this issue by restarting your Windows device.

This issue is resolved using Known Issue Rollback (KIR). Please note that it might take up to 24 hours for the resolution to propagate automatically to consumer devices and non-managed business devices. Restarting your Windows device might help the resolution apply to your device faster. For enterprise-managed devices that have installed an affected update and encountered this issue can be resolved by installing and configuring a special Group Policy. The special Group Policy can be found in Computer Configuration -> Administrative Templates -> .

For information on deploying and configuring these special Group Policy, please see How to use Group Policy to deploy a Known Issue Rollback.

Group Policy downloads with Group Policy name:

Important You will need to install and configure the Group Policy for your version of Windows to resolve this issue.

IT admins

After installing this update, apps that use ODBC connections through Microsoft ODBC SQL Server Driver (sqlsrv32.dll) to access databases might not connect. Additionally, you might receive an error in the app, or you might receive an error from the SQL Server. Errors you might receive include the following messages:

  • The EMS System encountered a problem. Message: [Microsoft][ODBC SQL Server Driver] Protocol error in TDS Stream.
  • The EMS System encountered a problem. Message: [Microsoft][ODBC SQL Server Driver] Unknown token received from SQL Server.

To decide whether you are using an affected app, open the app that connects to a database. Open a Command Prompt window, type the following command and then press Enter:

tasklist /m sqlsrv32.dll

If the command lists a task, then the app might be affected.

We are working on a resolution and will provide an update in an upcoming release.

Known issues in this update (21H2)

Applies to

Symptom

Workaround

IT admins

After you install this or later updates, you might be unable to reconnect to Direct Access after temporarily losing network connectivity or transitioning between Wi-Fi networks or access points.

Note This issue should not affect other remote access solutions such as VPN (sometimes called Remote Access Server or RAS) and Always On VPN (AOVPN).

Windows devices used at home by consumers or devices in organizations which are not using Direct Access to remotely access the organization's network resources are not affected.

If you cannot use the resolution below, you can mitigate this issue by restarting your Windows device.

This issue is resolved using Known Issue Rollback (KIR). Please note that it might take up to 24 hours for the resolution to propagate automatically to consumer devices and non-managed business devices. Restarting your Windows device might help the resolution apply to your device faster. For enterprise-managed devices that have installed an affected update and encountered this issue can be resolved by installing and configuring a special Group Policy. The special Group Policy can be found in Computer Configuration -> Administrative Templates -> .

For information on deploying and configuring these special Group Policy, please see How to use Group Policy to deploy a Known Issue Rollback.

Group Policy downloads with Group Policy name:

Important You will need to install and configure the Group Policy for your version of Windows to resolve this issue.

IT admins

After installing this update, apps that use ODBC connections through Microsoft ODBC SQL Server Driver (sqlsrv32.dll) to access databases might not connect. Additionally, you might receive an error in the app, or you might receive an error from the SQL Server. Errors you might receive include the following messages:

  • The EMS System encountered a problem. Message: [Microsoft][ODBC SQL Server Driver] Protocol error in TDS Stream.
  • The EMS System encountered a problem. Message: [Microsoft][ODBC SQL Server Driver] Unknown token received from SQL Server.

To decide whether you are using an affected app, open the app that connects to a database. Open a Command Prompt window, type the following command and then press Enter:

tasklist /m sqlsrv32.dll

If the command lists a task, then the app might be affected.

We are working on a resolution and will provide an update in an upcoming release.

There’s nothing you need to do to get these updates, just make sure Windows Update is on and fetching updates, and they'll be installed automatically. If you need the update package to install offline, just head over to the Microsoft Update Catalog (22H2/21H2) and grab the appropriate file for your computer.

Report a problem with article
An X shaped patch using the Windows 7 and 8 dot 1 default backgrounds on each half
Next Article

Microsoft outs Windows 7 (KB5021291) and Windows 8.1 (KB5021294) December 2022 Patch Tuesday

Five iPhones running iOS 16 with the iOS 162 sign behind them
Previous Article

iOS 16.2 is out with Karaoke mode, Freeform app, encrypted iCloud backups, better AOD, more

Join the conversation!

Login or Sign Up to read and post a comment.

5 Comments - Add comment