This is May- Tuesday Microsoft Security updates

report created by : Hazem Mohamed | 15-May-2023

Microsoft announcement regarding Windows clients: IMPORTANT Starting in April 2023, optional, non-security preview updates will release on the fourth Tuesday of the month. For more

Kindly check the information gathered about May security updates :

Clients

Windows 10 version 21H2 and 22H2

2023-05 Cumulative Update for Windows 10 Version 22H2, Windows 10 Version 21H2, and Windows 10 Version 20H2 (KB5026361)

• Support Page: KB5026361 

Updates and improvements:

• This update addresses a race condition in Windows Local Administrator Password Solution (LAPS). The Local Security Authority Subsystem Service (LSASS) might stop responding.
• The update includes content of the preview update, released on April 25, 2023. Notable are a new option to configure application group rules and the ability to sync language and region settings when the Microsoft account display language or regional format are changed.

Windows 11 Release version 

• Support Page: KB5026368

Updates and improvements:

• This update addresses a race condition in Windows Local Administrator Password Solution (LAPS). The Local Security Authority Subsystem Service (LSASS) might stop responding.
• Also includes the preview updates released on April 25.

Windows 11 version 22H2  

• Support Page: KB5026372 

Updates and improvements:

• Adds a new toggle to Settings > Windows Update to get Windows updates early.
• This update addresses a race condition in Windows Local Administrator Password Solution (LAPS). The Local Security Authority Subsystem Service (LSASS) might stop responding.
• This update affects the Kernel-mode Hardware-enforced Stack Protection security feature. The update adds more drivers to the database of drivers that are not compatible with it.
• Includes the non-security updates released on April 25 as a preview. Same new features as in Windows 10’s preview update.

Other security updates

2023-05 Cumulative Security Update for Internet Explorer (KB5026366)

2023-05 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB5026382)

Servers:

Windows Server 2016:

KB5023788 (Servicing stack update)

 Before installing Security updates:

Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security updates.

the latest SSU (KB5023788) as mentioned …

KB5026363 (Monthly security update Windows Server 2016):

Highlights:

• This update addresses security issues for your Windows operating system.

Improvements:

This security update includes quality improvements. When you install this KB:

 This update affects the Islamic Republic of Iran. The update supports the government’s daylight saving time change order from 2022.

• This update addresses an issue that affects the Key Distribution Center (KDC) service. When the service stops on a local machine, signing in to all local Kerberos fails. The error is STATUS_NETLOGON_NOT_STARTED.
• This update addresses an issue that affects Microsoft Edge IE mode. The issue stops you from configuring add-ons.

If you installed earlier updates, only the new updates contained in this package will be downloaded and installed on your device.

For more information about security vulnerabilities, please refer to the new Security Update Guide website and the May 2023 Security Updates.

Known issues in this update :

Microsoft is not currently aware of any issues with this update.

(more…)