KB5016693: Windows Server 2022 update improves TPM, BitLocker, Defender, and more

Earlier today Microsoft released a cumulative update, referred to as "C" release, for the Windows Server 2022 OS in the form of build 20348.946 ( KB5016693). The new update brings improvements to Microsoft Defender for Endpoint, file compression, and storage replica. There are also fixes in TPM and BitLocker, among others.

You can find the full list of changes below:

  • New! Enhances Microsoft Defender for Endpoint’s ability to identify and intercept ransomware and advanced attacks.
  • New! Compresses a file regardless of its size if you have configured Server Message Block (SMB) Compression.
  • New! Improves storage replication that occurs over low bandwidth or congested wide area networks (WAN).
  • Addresses an issue that prevents the Startup Task API from working as expected for certain apps.
  • Addresses an issue that causes Kerberos authentication to fail. The error is 0xc000009a (STATUS_INSUFFICIENT_RESOURCES “Insufficient system resources exist to complete the API”). This occurs when a client uses the Remote Desktop Protocol (RDP) to connect to a device that has enabled Remote Credential Guard.
  • Addresses an issue that causes ServerAssignedConfigurations to be null in a few full configuration scenarios.
  • Addresses an issue that prevents a private virtual LAN (PVLAN) from providing tenant and virtual machine (VM) isolation.
  • Addresses an issue that delays a client’s acquisition of the Internet Protocol version 6 (IPv6) address for extended periods in an IPv6 environment.
  • Addresses a known issue that causes Microsoft Edge to stop responding when you use IE mode. This issue also prevents you from interacting with a dialog.
  • Addresses an issue that might generate error 0x1E when you shut down or restart a device.
  • Addresses an issue that affects the installation of Microsoft Store apps when you have enabled Control-flow Enforcement.
  • Addresses an issue that prevents virtualized App-V Microsoft Office applications from opening or causes them to stop working.
  • Addresses an issue that might cause the deployment of the Windows Hello for Business certificate to fail in certain circumstances after you reset a device.
  • Addresses an issue that degrades BitLocker performance.
  • Addresses an issue that might prevent Windows from taking ownership of a Trusted Platform Module (TPM) device.
  • Addresses an issue that might cause a Windows device that is using BitLocker to stop working.
  • Addresses an issue that causes the Resultant Set of Policy tool (Rsop.msc) to stop working when it processes 1,000 or more “File System” security settings.
  • Addresses an issue that might cause Remote Desktop Session licensing to display a 60-minute disconnection warning after reconnecting.
  • Addresses an issue that causes the Settings app to stop working on server domain controllers (DCs) when accessing the Privacy > Activity history page.
  • Addresses an issue that prevents devices from receiving an offer from Windows Update for the same extension driver when that extension driver is already installed without the base driver.
  • Addresses a race condition that causes the Local Security Authority Subsystem Service (LSASS) to stop working on Active Directory domain controllers. This issue occurs when LSASS processes simultaneous Lightweight Directory Access Protocol (LDAP) over Transport Layer Security (TLS) requests that fail to decrypt. The exception code is 0xc0000409 (STATUS_STACK_BUFFER_OVERRUN).
  • Addresses an issue that affects a lookup for a nonexistent security ID (SID) from the local domain using read-only domain controller (RODC). The lookup unexpectedly returns the STATUS_TRUSTED_DOMAIN_FAILURE error instead of STATUS_NONE_MAPPED or STATUS_SOME_MAPPED.
  • Addresses an issue that affects input and output in the Storport driver and might cause your system to stop responding.

You can find the official support article here.

Report a problem with article
Next Article

WhatsApp on Windows ditches Electron in favor of UWP, now works standalone

Previous Article

Microsoft Excel to get @mentions to tag team members and assign tasks