Applies ToWindows 10, version 22H2, all editions

Release Date:

5/23/2023

Version:

OS Build 19045.3031

3/21/23 REMINDER After March 21, 2023, there are no more optional, non-security preview releases for the supported editions of Windows 10, version 20H2 and Windows 10, version 21H2. Only cumulative monthly security updates (known as the "B" or Update Tuesday release) will continue for these versions. Windows 10, version 22H2 will continue to receive security and optional releases. 

3/21/23 IMPORTANT Starting in April 2023, optional, non-security preview updates will release on the fourth Tuesday of the month. For more information, see Windows monthly updates explained.

11/17/20

For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 22H2, see its update history page.  

Note Follow @WindowsUpdate to find out when new content is published to the Windows release health dashboard.

 Highlights

  • New! This update brings back an improved search box experience on the Windows 10 taskbar. If you have a top, bottom, regular, or small icons taskbar, you will see the search box appear. You can use it to easily access apps, files, settings, and more from Windows and the web. You will also have access to the latest search updates, such as search highlights. If you want to restore your previous search experience, you can do that easily. To do that, use the taskbar context menu or respond to a dialog that appears when you use search.

  • New! This update now displays up to three high priority toast notifications at the same time. This feature affects apps that use Windows OS notifications to send notices for calls, reminders, or alarms. Up to four toast notifications might appear at the same time. This means that there can be three high priority notifications and one normal priority notification.

  • This update addresses an issue that affects access to Tab settings for IE mode sites.

  • This update addresses a multi-function label printer issue. It affects the installation of some of them.

  • This update addresses an issue that affects the touch keyboard. Sometimes, it does not show the correct layout based on the current input scope.

  • This update addresses an issue that sometimes fails to open the touch keyboard.

Improvements

Use EKB KB5015684 to update to Windows 10, version 22H2.

This non-security update includes quality improvements. When you install this KB:

  • This update addresses an issue that affects App Installer. Sometimes, MSIX apps fail to update.

  • This update addresses an issue that affects Server Message Block (SMB). You cannot access the SMB shared folder. The errors are, “Not enough memory resources” or “Insufficient system resources”.

  • This update addresses an issue that affects the Local Security Authority Subsystem Service (LSASS). It stops working. This occurs when you use Azure Virtual Desktop (AVD).

  • The update addresses an issue that affects scheduled tasks. The tasks fail when they use stored local user account credentials. This occurs when you enable Credential Guard. The error message is "2147943726 : ERROR_LOGON_FAILURE (The user name or password is incorrect).”

  • This update addresses an issue that affects the Storage Spaces Direct (S2D) cluster. It might not come online. This occurs after a periodic password rollover. The error code is 1326.

  • This update addresses an issue that affects dot sourcing. It fails files that contain class definition in Windows PowerShell.  

  • This update changes the support phone number for Microsoft India for Windows activation.

  • This update addresses an issue that affects the PublishDfsRoots policy. It does not apply correctly to a targeted client that has mobile device management (MDM). One example of MDM is Microsoft Intune.

  • This update changes the international mobile subscriber identity (IMSI) ranges for certain mobile providers.  

  • This update addresses an issue that affects the Windows Firewall. The firewall drops all connections to the IP address of a captive portal. This occurs when you choose the Captive Portal Addresses option.  

  • This update addresses an issue that affects devices that are joined to Azure Active Directory (Azure AD). The Windows Firewall cannot apply the correct domain and profile for them.

  • This update addresses an issue that affects signed Windows Defender Application Control (WDAC) policies. They are not applied to the Secure Kernel. This occurs when you enable Secure Boot.

  • This update addresses an issue that might affect a large reparse point. You might get a stop error when you use NTFS to access it. This issue occurs after a canceled FSCTL Set operation changes the reparse tag.

  • This update addresses a known issue that might affect some speech recognition apps. They might have sporadic speech recognition, expressive input, and handwriting issues. This occurs when the display language is Chinese or Japanese. The apps might not recognize certain words. They might not receive any input from speech recognition or affected input types. This issue is more likely to occur when the apps use offline speech recognition. For app developers,this issue only affects speech recognition that uses Speech Recognition Grammar Specification (SRGS) in Windows.Media.SpeechRecognition. This issue does not affect other types of speech recognition.

If you installed earlier updates, only the new updates contained in this package will be downloaded and installed on your device.

Windows 10 servicing stack update - 19045.3025

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates.

Known issues in this update

Symptoms

Workaround

Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later.

Note Devices that connect directly to Windows Update to receive updates are not affected. This includes devices using Windows Update for Business. Any device connecting to Windows Update should always receive the latest versions of the SSU and latest cumulative update (LCU) without any extra steps.

To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the SSU:

  1. Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cab <destination path>

  2. Extract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:* <destination path>

  3. You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU.

If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business.

You might have intermittent issues saving, copying, or attaching files using 32-bit apps, which are large address aware and using the CopyFile API. Windows devices are more likely to be affected by this issue when using some commercial or enterprise security software that uses extended file attributes. Microsoft Office apps, such as Microsoft Word or Microsoft Excel are only affected when using 32-bit versions and you might receive the error, "Document not saved."

This issue is unlikely to be experienced by consumers using Windows devices in their home or on non-managed commercial devices. Apps are not affected by this issue if they are 64-bit or 32-bit and NOT large address aware.

This issue is resolved in KB5027215.

How to get this update

Before installing this update

Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.

Prerequisite:

Based on your installation scenario, choose one of the following:

  1. For offline OS image servicing:

    If your image does not have the March 22, 2022 (KB5011543) or later LCU, you must install the special standalone May 10, 2022 SSU (KB5014032) before installing this update.

  2. For Windows Server Update Services (WSUS) deployment or when installing the standalone package from Microsoft Update Catalog: 

    If your devices do not have the May 11, 2021 (KB5003173) or later LCU, you must install the special standalone August 10, 2021 SSU (KB5005260) before installing this update.

Install this update

Release Channel

Available

Next Step

Windows Update or Microsoft Update

Yes

Go to Settings Update & Security > Windows Update. In the Optional updates available area, you’ll find the link to download and install the update.

Windows Update for Business

No

None. These changes will be included in the next security update to this channel.

Microsoft Update Catalog

Yes

To get the standalone package for this update, go to the Microsoft Update Catalog website.

Windows Server Update Services (WSUS)

No

You can import this update into WSUS manually. See the Microsoft Update Catalog for instructions.

If you want to remove the LCU

To remove the LCU after installing the combined SSU and LCU package, use the DISM/Remove-Package command line option with the LCU package name as the argument. You can find the package name by using this command: DISM /online /get-packages.

Running Windows Update Standalone Installer (wusa.exe) with the /uninstall switch on the combined package will not work because the combined package contains the SSU. You cannot remove the SSU from the system after installation.

File information

For a list of the files that are provided in this update, download the file information for cumulative update 5026435.  

For a list of the files that are provided in the servicing stack update, download the file information for the SSU - version 19045.3025

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.