We are at the end of the month, and as part of patch Tuesday, Microsoft has released a new cumulative update (KB5023778) for Windows 11 v22H2 users addressing several bugs and issues. This is an optional update and includes various bug fixes related to specific applications and protocols, such as Active Directory Users & Computers, Group Policy Management Console, and WinRM client, among others.
One significant improvement is the addition of new features and enhancements to Microsoft Defender for Endpoint. Additionally, the update addresses some of the issues affecting the Fast Identity Online 2.0 (FIDO2) PIN credential icon and complexity policy settings for PINs. The Microsoft Defender for Endpoint has been updated with new features and improvements.
The update also includes support for the daylight saving time change order for 2023. Furthermore, it addresses a known issue that affected kiosk device profiles with automatic logon, preventing them from working correctly.
As for the new features, after installing this update, you will see Microsoft accounts notifications in the Start menu and the search box on the taskbar will be lighter when you set Windows to custom color more. i.e., Windows to dark and app mode to light from the personalization page in the settings app.
All in all, this is a very busy update with several new features and bug fixes. Being an optional update, you have to install the update manually. For that, go to the Windows Update page in the Settings app and click the Download & Install button. Alternatively, download KB5023778 offline installer from the provided link and install it like any other software.
Download KB5023778 Offline Installer
The KB5023778 update is available as an offline installer via the Microsoft Update Catalog website.
Go to this webpage, find your Windows 11 version, and click the “Download” button next. Another window or tab will open. Click the available link, and the offline installer will be downloaded to your computer. After downloading, double-click on the installer and follow the wizard to install KB5023778. Remember that the update will only install if it is supported. Also, it might download additional updates or dependencies if required.
- New! This update adds many new features and improvements to Microsoft Defender for Endpoint. For more information, see Microsoft Defender for Endpoint.
- This update addresses an issue that affects complexity policy settings for PINs. They are ignored.
- This update addresses an issue that affects the Fast Identity Online 2.0 (FIDO2) PIN credential icon. It does not appear on the credentials screen of an external monitor. This occurs when that monitor is attached to a closed laptop.
- This update addresses an issue that affects a Clustered Shared Volume (CSV). The CSV fails to come online. This occurs if you enable BitLocker and local CSV managed protectors, and the system recently rotated the BitLocker keys.
- This update addresses an issue that affects Active Directory Users & Computers. It stops responding. This occurs when you use TaskPad view to enable or disable many objects at the same time.
- The update addresses an issue that affects the Remote Procedure Call Service (rpcss.exe). The issue might cause a race condition between the Distributed Component Object Model (DCOM) and the Microsoft Remote Procedure Call (RPC) endpoint mapper.
- This update addresses an issue that affects Microsoft PowerPoint. It stops responding on the Azure Virtual Desktop. This occurs while you are using Think-Cell Features.
- This update addresses an issue that affects Windows Search. Windows Search fails inside of Windows container images.
- This update affects the Group Policy Editor. It adds Transport Layer Security (TLS) 1.3 to the list of protocols that you can set.
- This update affects the Arab Republic of Egypt. The update supports the government’s daylight saving time change order for 2023.
- This update affects jscript9Legacy.dll. It adds ITracker and ITrackingService to stop MHTML from not responding.
- This update addresses an issue that affects the Microsoft HTML Application Host (HTA). This issue blocks code execution that uses Microsoft HTA. This occurs when you turn on Windows Defender Application Control (WDAC) User Mode Code Integrity (UMCI) enforced mode.
- This update affects the Group Policy Management Console. It addresses a scripting error in the Group Policy Preferences window.
- This update addresses an issue that affects the Windows Remote Management (WinRM) client. The client returns an HTTP server error status (500). This error occurs when it runs a transfer job in the Storage Migration Service.
- This update addresses an issue that affects Desired State Configuration. It loses its previously configured options. This occurs if metaconfig.mof is missing.
- This update addresses an issue that affects the Dynamic Host Configuration Protocol (DHCP) option 119 – Domain Search Option. The issue stops you from using a connection-specific DNS Suffix Search List.
- This update addresses a rare issue that might cause an input destination to be null. This issue might occur when you attempt to convert a physical point to a logical point during hit testing. Because of this, the computer raises a stop error.
- This update addresses an issue that affects the Simple Certificate Enrollment Protocol (SCEP) certificate. The system reports some SCEP certificate installations as failed. Instead, the system should report them as pending.
- This update addresses an issue that affects the new Windows Runtime (WinRT) API. This issue stops an application from querying for location information using MBIM2.0+.
- This update addresses a known issue that affects kiosk device profiles. If you have enabled automatic logon, it might not work. After Autopilot completes provisioning, these devices stay on the credential screen. This issue occurs after you install updates dated January 10, 2023, and later.
That is it.