Patch Tuesday No. 7

Windows 10 build 19044.1826 (KB5015807) outs with fixes

Supported versions of Windows 10 receive the seventh maintenance update with a ton of fixes and improvements.

Windows 10 update KB5015807
  • Microsoft releases update KB5015807 as a preview for Windows 10 21H2.
  • The update bumps the version number to build 19044.1826.
  • The update KB5015807 introduces new fixes and improvements.

Microsoft is now making available for download the update KB5015807 for Windows 10 21H2, 21H1, and 20H2 with a bunch of fixes and improvements.

The update KB5015807 bumps the version number to build 19042.1826 (20H2), 19043.1826 (21H1), and 19044.1826 (21H2), and according to the official changes, the update addresses a redirect issue with PowerShell and rolls out the non-security fixes and changes that were previously available with the update preview on June 27. Some of these improvements include new print and scan features, improved WinRM and networking, and fixes problems with the Cloud Clipboard, touchpad, and more.

Update KB5015807 fixes and changes for Windows 10

These are the fixes and improvements coming to the next update of Windows 10:

  • Added IP address auditing for incoming Windows Remote Management (WinRM) connections in security event 4262 and WinRM event 91. Also, fixed an issue that fails to log the source IP address and machine name for a remote PowerShell connection.
  • Added Server Message Block (SMB) redirector (RDR) specific public File System Control (FSCTL) code FSCTL_LMR_QUERY_INFO.
  • Introduced the following Print and Scan features: First, IPP over USB support – Microsoft has supported Internet Print Protocol (IPP) for network printers starting in 2018 with the release of Windows 10, version 1809, and it’s expanding IPP support to USB printers. Second, print support app (PSA) APIs – Printer manufacturers can extend printer functionalities and user experience using the PSA framework. Third, PIN-protected printing for IPP and Universal Print – Standard print dialogs now include a user interface to enter a PIN code. eSCL Mopria Scan protocol – Windows now supports the eSCL Mopria Scan protocol. It can be used with Mopria-certified scanner devices.
  • Fixed an issue that affects the Cloud Clipboard service and prevents syncing between machines after a period of inactivity.
  • Fixed an issue that prevents the Pashto language from appearing in the language list.
  • We enabled the InternetExplorerModeEnableSavePageAs Group Policy. For more information, see Microsoft Edge Browser Policy Documentation.
  • Fixed an issue that affects the touchpad area that responds to a right-click (the right-click zone). For more information, see Right-click zone.
  • Fixed an issue that affects some certificate chains to Root Certification Authorities that are members of the Microsoft Root Certification Program. For these certificates, the certificate chain status can be, “This certificate was revoked by its certification authority”.
  • Fixed an issue that leads to a false negative when you run scripts while Windows Defender Application Control (WDAC) is turned on. This might generate AppLocker events 8029, 8028, or 8037 to appear in the log when they should not.
  • Fixed an issue that prevents the use of Encrypted File System (EFS) files over a Web-based Distributed Authoring and Versioning (WebDAV) connection.
  • Fixed an issue that causes a domain controller to incorrectly write Key Distribution Center (KDC) event 21 in the System event log. This occurs when the KDC successfully processes a Kerberos Public Key Cryptography for Initial Authentication (PKINIT) authentication request with a self-signed certificate for key trust scenarios (Windows Hello for Business and Device Authentication).
  • Fixed an issue that causes the LocalUsersAndGroups configuration service provider (CSP) policy to fail when you modify the built-in Administrators group. This issue occurs if the local Administrator account isn’t specified in the membership list when you perform a replace operation.
  • Fixed an issue in which malformed XML inputs might cause an error in DeviceEnroller.exe. This prevents CSPs from being delivered to the device until you restart the device or correct the XML.
  • Fixed an issue that causes Microsoft NTLM authentication using an external trust to fail. This issue occurs when a domain controller that contains the January 11, 2022, or later Windows update services the authentication request, is not in a root domain and does not hold the Global Catalog role. The affected operations might log the following errors: The security database has not been started. The domain was in the wrong state to perform the security operation. 0xc00000dd (STATUS_INVALID_DOMAIN_STATE).

Older releases of Windows 10

In addition, the company is rolling out the update KB5015811 for version 1809 that bumps the build number to 17763.3165), and it includes the same security fix as version 21H2 and previously available non-security fixes and improvements released on June 23.

Furthermore, Windows 10 1607 received the update KB5015808 that bumps the version to build 14393.5246, and it addresses several problems. Finally, Windows 10 1507 is getting the update KB5015832 which increases the version to build 10240.19360 and fixes a bunch of issues.

Download update KB5015807 for Windows 10

The update is available immediately and it will download and install automatically through the Release Preview Channel. However, you can always force the update from Settings Update & Security > Windows Update, click the Check for updates button, and use the option to install the optional update.