MS Patches
Security update – KB5027225
This security update includes quality improvements. When you install this KB:
- This update addresses an issue that affects servers that have Citrix and Ivanti as a Remote Desktop Services (RDS) server. Signing in to them takes a very long time.
- This update addresses a resource conflict issue between two or more threads (known as a deadlock). This deadlock affects COM+ applications.
- This update addresses an issue that affects the Storage Spaces Direct (S2D) cluster. It might not come online. This occurs after a periodic password rollover. The error code is 1326.
- This update addresses a memory leak. It occurs every time you print a rich text document.
- This update addresses an issue that might affect the Domain Name System (DNS) suffix search list. When you configure it, the parent domain might be missing.
- This update changes the support phone number for Microsoft India for Windows activation.
- This update addresses an issue that might cause some systems to stop working. This occurs when you implement firewall logging.
- This update addresses an issue that might affect the Local Security Authority Subsystem Service (LSASS). It might close sporadically. The system logs the exception 0xc0000710 in the Application Error event 1000. Because of this, the domain controller restarts unexpectedly. This issue affects read-only DCs (RODC) that also run Microsoft Defender Advanced Threat Protection (ATP).
- This update addresses an issue that affects the Windows Kernel. This issue is related to CVE-2023-32019. To learn more, see KB5028407.
Azure Stack HCI, version 22H2 servicing stack update – 20349.1780
This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates.
Servicing Stack Updates (SSU): Frequently Asked Questions
1. What is a servicing stack update? Why should servicing stack updates be installed and kept up to date?
Servicing stack updates provide fixes to the servicing stack, the component that installs Windows updates. For more background information on SSU.
2. I'm using the latest version of Windows, do I still need to install SSUs?
Yes, all versions of Windows and Windows Server might need an SSU to address an issue, including the latest version of Windows 10 and Windows Server.
3. When should SSUs be installed?
SSUs should always be installed before any new update for Windows, including the latest cumulative update (LCU), Monthly Rollup, or Security-only update.
4. Where can I find the latest SSU for my version of Windows?
The latest SSU for your device can be found in ADV990001 | Latest Servicing Stack Updates.
Known issues in this update
Microsoft is not currently aware of any issues with this update and we also installed the updates on one of our 2022 domain controller and could not see any issue with AD authentication till now.
We are also conducting assessments from every perspective and will report back to you with our results.
Kerberos tickets details
Current LogonId is 0:0x6bb25b
Cached Tickets: (5) #0> Client: administrator @ WINDOWSTECHNO.LOCAL Server: krbtgt/WINDOWSTECHNO.LOCAL @ WINDOWSTECHNO.LOCAL KerbTicket Encryption Type: AES-256-CTS-HMAC-SHA1-96 Ticket Flags 0x60a10000 -> forwardable forwarded renewable pre_authent name_canonicalize Start Time: 6/14/2023 9:27:23 (local) End Time: 6/14/2023 19:27:23 (local) Renew Time: 6/21/2023 9:27:23 (local) Session Key Type: AES-256-CTS-HMAC-SHA1-96 Cache Flags: 0x2 -> DELEGATION Kdc Called: DC30 #1> Client: administrator @ WINDOWSTECHNO.LOCAL Server: krbtgt/WINDOWSTECHNO.LOCAL @ WINDOWSTECHNO.LOCAL KerbTicket Encryption Type: AES-256-CTS-HMAC-SHA1-96 Ticket Flags 0x40e10000 -> forwardable renewable initial pre_authent name_canonicalize Start Time: 6/14/2023 9:27:23 (local) End Time: 6/14/2023 19:27:23 (local) Renew Time: 6/21/2023 9:27:23 (local) Session Key Type: AES-256-CTS-HMAC-SHA1-96 Cache Flags: 0x1 -> PRIMARY Kdc Called: DC30 #2> Client: administrator @ WINDOWSTECHNO.LOCAL Server: cifs/DC11 @ WINDOWSTECHNO.LOCAL KerbTicket Encryption Type: AES-256-CTS-HMAC-SHA1-96 Ticket Flags 0x40a50000 -> forwardable renewable pre_authent ok_as_delegate name_canonicalize Start Time: 6/14/2023 9:27:23 (local) End Time: 6/14/2023 19:27:23 (local) Renew Time: 6/21/2023 9:27:23 (local) Session Key Type: AES-256-CTS-HMAC-SHA1-96 Cache Flags: 0 Kdc Called: DC30 #3> Client: administrator @ WINDOWSTECHNO.LOCAL Server: cifs/DC20 @ WINDOWSTECHNO.LOCAL KerbTicket Encryption Type: AES-256-CTS-HMAC-SHA1-96 Ticket Flags 0x40a50000 -> forwardable renewable pre_authent ok_as_delegate name_canonicalize Start Time: 6/14/2023 9:27:12 (local) End Time: 6/14/2023 19:27:12 (local) Renew Time: 6/21/2023 9:27:12 (local) Session Key Type: AES-256-CTS-HMAC-SHA1-96 Cache Flags: 0 Kdc Called: DC30 #4> Client: administrator @ WINDOWSTECHNO.LOCAL Server: GC/DC11.Windowstechno.local/Windowstechno.local @ WINDOWSTECHNO.LOCAL KerbTicket Encryption Type: AES-256-CTS-HMAC-SHA1-96 Ticket Flags 0x40a50000 -> forwardable renewable pre_authent ok_as_delegate name_canonicalize Start Time: 6/14/2023 9:22:18 (local) End Time: 6/14/2023 19:22:18 (local) Renew Time: 6/21/2023 9:22:18 (local) Session Key Type: AES-256-CTS-HMAC-SHA1-96 Cache Flags: 0 Kdc Called: DC30
How to get this update
Before installing this update
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU).
Was this article helpful?
YesNo