June 13, 2023—KB5027222 (OS Build 17763.4499)
Highlights
- This update addresses an issue that affects the touch keyboard. The touch keyboard Intermittently fails to open.
- This update addresses security issues for your Windows operating system.
Improvements
This security update includes improvements. When you install this KB:
- This update addresses an issue that affects the Storage Spaces Direct (S2D) cluster. It might not come online. This occurs after a periodic password rollover. The error code is 1326.
- This update addresses an issue that affects the Appx State Repository. When you remove a user profile, the cleanup is incomplete. Because of this, its database grows as time passes. This growth might cause delays when users sign in to multi-user environments like FSLogix.
- This update addresses an issue that affects the Windows Remote Management (WinRM) client. The client returns an HTTP server error status (500). This error occurs when it runs a transfer job in the Storage Migration Service.
- This update addresses an issue that affects signed Windows Defender Application Control (WDAC) policies. They are not applied to the Secure Kernel. This occurs when you enable Secure Boot.
- This update addresses an issue that might affect the Local Security Authority Subsystem Service (LSASS). It might close sporadically. The system logs the exception 0xc0000710 in the Application Error event 1000. Because of this, the domain controller restarts unexpectedly. This issue affects read-only DCs (RODC) that also run Microsoft Defender Advanced Threat Protection (ATP).
- This update addresses an issue that affects the Windows Kernel. This issue is related to CVE-2023-32019. To learn more, see KB5028407.
If you installed earlier updates, only the new updates contained in this package will be downloaded and installed on your device.
For more information about security vulnerabilities, please refer to the new Security Update Guide website and the June 2023 Security Updates.
Windows 10 servicing stack update – 17763.4121
This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates.
How to get this update
KB5027222 can be deployed automatically using one of the following ways:
- Windows Update
- Windows Update for Business
- WSUS or Windows Server Update Service
Before patching KB5027222 manually, ensure that you have already deployed KB5005112 Servicing Stack Update. If KB5005112 is not deployed, you can download the installer file from one of the following links:
- Download KB5005112 from the Microsoft Update Catalog – the size of this update file is 13.8 MB only.
- Download the KB5005112 installer file directly
For manual deployments, you can download the offline installer file for KB5027222. This installer file is available in the MSU extension. You can download it directly from the Microsoft Update Catalog page.
- Download KB5027222 from the Microsoft Update Catalog page. The update file size is 599.2 MB and is available for x64 platforms.
- Download the KB5027222 installer directly
Servicing Stack Update does not cause a server reboot. The cumulative update file is a full update file. It is strongly suggested to implement it on production servers in a phased manner and under the ‘Change management’ schedule.
Install this update
| Release Channel | Available | Next Step |
| Windows Update and Microsoft Update | Yes | None. This update will be downloaded and installed automatically from Windows Update. |
| Windows Update for Business | Yes | None. This update will be downloaded and installed automatically from Windows Update in accordance with configured policies. |
| Microsoft Update Catalog | Yes | To get the standalone package for this update, go to the Microsoft Update Catalog website. |
| Windows Server Update Services (WSUS) | Yes | This update will automatically sync with WSUS if you configure Products and Classifications as follows: Product: Windows 10 Classification: Security Updates |
If you want to remove the LCU
To remove the LCU after installing the combined SSU and LCU package, use the DISM/Remove-Package command line option with the LCU package name as the argument. You can find the package name by using this command: DISM /online /get-packages.
Running Windows Update Standalone Installer (wusa.exe) with the /uninstall switch on the combined package will not work because the combined package contains the SSU. You cannot remove the SSU from the system after installation.
File information
For a list of the files that are provided in this update, download the file information for cumulative update 5027222.
For a list of the files that are provided in the servicing stack update, download the file information for the SSU – version 17763.4121.
