Fourth Patch Tuesday

Windows 10 update KB5012599 outs for versions 21H2, 21H1, 20H2

The April 2022 update for Windows 10 brings new features and a slew of fixes and improvements.

Windows 10 KB5012599
  • Microsoft releases update KB5012599 for Windows 10 21H2, 21H1, and 20H2.
  • The update bumps the version number to build 19044.1645.
  • The update KB5012599 prepares Windows 10 for the new search highlights feature.
  • This release also ships with many security fixes and improvements.

As part of the maintenance update for April 2022, Microsoft is now rolling out the update KB5012599 for devices running Windows 10 21H2, 21H1, and 20H2 with several fixes and improvements.

The update KB5012599 bumps the version number to build 19042.1645 (20H2), 19043.1645 (21H1), and 19044.1645 (21H2), and according to the official changes, it fixes a Denial of Service (DoS) vulnerability.

The update also rolls out fixes and improvements that the company made available with the March 22 update preview KB5011543, which introduces an updated version of the Windows Search experience that highlights moments in time. Furthermore, this release also ships with a new option for changing the color of toast notifications, it adds a new policy to improve notification management and brings several new fixes.

In addition, Microsoft is also releasing updates for older versions of Windows 10, including versions 1909, 1809, 1607, and 1507.

The version 20H2 release will reach the end of support on May 10, 2022, as a result, Microsoft will stop offering updates for this particular version in May. If you are still on version 20H2, it’s recommended to upgrade to Windows 10 21H2.

Update KB5012599 changes for April 2022

Here’s the complete list of fixes and improvements rolling out with the update KB5012599:

Search highlights

This update prepares the OS for the new search highlights features coming to the Windows Search experience in the coming months.

Microsoft explains that the search box in the Start menu and the Search icon in the Taskbar will periodically update with content, including fun illustrations, that help you discover more, be connected, and stay productive. The new feature will also show notable moments, such as holidays, anniversaries, and other educational moments in time both globally and in your region.

Search highlights
Search highlights (Source: Microsoft)

Furthermore, search highlights will offer “additional content in search home related to today’s moment and daily content like word of the day, Microsoft Rewards offers trending searches, and more.”

On the left pane, you will also find a list of your recently launched apps, files, settings, and websites to help you get back to what you were doing in the past. In addition, if you use a work or school account, you will also be able to use Microsoft Search in the organization.

Notification system

In this release, Windows 10 21H2 is getting a new option to change the color of toast buttons to identify success and critical scenarios more easily for apps that send notifications using the system notifications.

Also, you will find a  new policy that expands an app’s top three notifications by default in the Action Center for apps that send notifications using the system notifications on Windows 10. This feature displays multiple notifications that you can interact with simultaneously.

Fixes and improvements

These are the fixes and improvements that Windows 10 is getting with the update KB5011543:

  • Addresses an issue that causes a Denial of Service vulnerability on Cluster Shared Volumes (CSV).
  • Fixed an issue that causes searchindexer.exe to stop responding during a dismount operation in the Remote Desktop setup environment.
  • Fixed an issue that affects searchindexer.exe and prevents Microsoft Outlook’s offline search from returning recent emails.
  • Fixed an issue that might deactivate Windows when you change the National Language Support (NLS) version from 6.3 to 6.2.
  • Fixed an issue in which modern browsers fail to correctly render HTML that is generated by gpresult/h.
  • Fixed an issue that causes an “Access denied” exception for a file during a PowerShell test for AppLocker.
  • Fixed an issue that might cause the Group Policy Service to stop processing telemetry information for Group Policy Registry Preferences.
  • Fixed an issue that might prevent a DNS Server query resolution policy from working as expected when you specify a fully qualified domain name (FQDN) and subnet conditions.
  • Fixed a heap leak in PacRequestorEnforcement that degrades the performance of a domain controller.
  • Fixed an issue that affects the Key Distribution Center (KDC) Proxy. The KDC Proxy cannot properly obtain Kerberos tickets for signing in to Key Trust Windows Hello for Business.
  • We added support for Microsoft Account (MSA) Pass-through scenarios in Azure Active Directory (AAD) Web Account Manager (WAM).
  • Fixed an issue that logs Event ID 37 during certain password change scenarios, including failover cluster name object (CNO) or virtual computer object (VCO) password changes.
  • Fixed an issue that might unintentionally add a Trusted Platform Module (TPM) protector when you use the Silent BitLocker enablement policy.
  • Fixed an issue that prevents the User Account Control (UAC) dialog from correctly showing the application that is requesting elevated privileges.
  • Fixed an issue that causes the Move-ADObject command to fail when you move computer accounts across domains. The error message is, “Multiple values were specified for an attribute that can have only one value”.
  • Fixed an issue that prevents Event 4739 from displaying the new values of certain attributes after a policy change.
  • Fixed an issue that prevents Android device users from signing in to some Microsoft applications, such as Microsoft Outlook or Microsoft Teams. This issue occurs after rolling over token signing and decrypting certificates, resetting a user’s password, or when an administrator has revoked refresh tokens.
  • Fixed an issue that might cause domain joining to fail in environments that use disjoint DNS hostnames.
  • Fixed an issue that prevents the Back button of the credentials window, where you sign in, from being visible in high contrast black mode.
  • Fixed an issue that prevents you from accessing Server Message Block (SMB) shares using an IP Address when SMB hardening is enabled.
  • Fixed an issue that occurs when the Best Practices Analyzer (BPA) values for SMB have not been updated for more recent platforms.
  • Fixed an issue that causes stop error 0x1E in the SMB Server (srv2.sys).
  • Fixed an issue that causes a mismatch between NetBIOS and DNS Active Directory domain names when you create a cluster.
  • Fixed an issue that causes the Network File System (NFS) redirector to stop working (error 0x50) when you convert a text file to a PDF.

Update for older versions of Windows 10

In addition, Microsoft is also making available updates for older versions of Windows 10. For example, version 1909 received the update KB5012591 that increases the version number to build 18363.2212 and fixes a security vulnerability.

Windows 10 version 1809 gets the update KB5012647 that brings the version number to build 17763.2803 and delivers a few fixes.

Also, Windows 10 version 1607 received the update KB5012596  (build 14393.5066) addresses several problems with this release. Finally, Windows 10 version 1507 received the update KB5012653 that bumps the version number to build 10240.19265 and delivers some miscellaneous security improvements.

Download update KB5012599 for Windows 10

The update is available immediately and it will download and install automatically through the Release Preview Channel. However, you can always force the update from Settings Update & Security > Windows Update, click the Check for updates button, and use the option to install the optional update. Alternatively, you can download the update KB5012599 directly from the Microsoft Update Catalog website.