Applies ToWindows Server 2022

Release Date:

26/10/2021

Version:

OS Build 20348.320

Improvements and fixes

This non-security update includes quality improvements. Key changes include: 

  • Addresses a regression that might cause stop error 0x38 on some machine configurations that use non-ASCII text in the registry.

  • Addresses an issue with parsing time formats in events when milliseconds are excluded.

  • Addresses an issue in which the use of App-V intermittently causes black screens to appear when signing in on the credentials page.

  • Addresses installation and management issues for Mopria-compliant Internet Printing Protocol (IPP) printers.

  • Addresses a known issue that prevents an internet print server from properly packaging modified printer properties before sending the package to the client.

  • Addresses an issue that prevents Software-Defined Networking (SDN) virtual machines from working when you configure the Generic Routing Encapsulation (GRE) VPN bandwidth limitation.

  • Addresses an issue that prevents you from enabling BitLocker on a thinly provisioned virtual machine (VM). The error is “A device attached to the system is not functioning” and the system logs, “STATUS_UNSUCCESSFUL”.

  • Addresses an issue in Code Integrity that might cause a memory leak.

  • Addresses an issue that causes Windows to go into BitLocker recovery after a servicing update.

  • Enhances Microsoft Defender for Endpoint’s ability to identify and intercept ransomware and advanced attacks.

  • Addresses an Input Method Editor (IME) mode instability in the RemoteApp scenario. You must install this update on the Remote Desktop server and Remote Desktop client.

  • Addresses an issue that turns on the Caps lock key when the RemoteApp window gains input focus.

  • Addresses an issue that might cause items you delete from the desktop to appear on the desktop even though they no longer exist.

  • Addresses an issue in the out-of-box experience (OOBE) that might cause Windows AutoPilot provisioning to fail.

  • Addresses an issue that might cause the File Explorer window to lose focus when you map a network drive.

  • Addresses an issue that sometimes causes the lock screen to appear black if you set up slideshow.

  • Addresses an issue in Safe Mode that prevents users from signing in if Web Sign-in is enabled.

  • Addresses a reliability issue with LogonUI.exe, which affects the rendering of the network status text on the credentials screen.

  • Addresses a memory leak issue in lsass.exe on domain controllers in the forest root domain that occurs when you have multiple forests and multiple domains in each forest. The SID-Name mapping functions leak memory when a request comes from another domain in the forest and crosses forest boundaries.

  • Reduces the Lightweight Directory Access Protocol (LDAP) bind for CPU utilization.

  • Addresses an issue that causes Server Message Block (SMB) Query Directory Requests to fail when the buffer size is large.

  • Addresses an issue with the virtual machine (VM) Load Balancing feature, which ignores a site’s fault domain.

  • Provides the ability in Cluster-Aware Updating (CAU) to start a one-time, self-updating run on the cluster by running Invoke-CauRun directly on any cluster node.

  • Addresses a known issue that might prevent the successful installation of printers using the Internet Printing Protocol (IPP).

  • Addresses a known issue that might ask for administrative credentials every time you attempt to print. This occurs in environments in which the print server and print client are in different times zones.

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

Windows 10 servicing stack update - 20348.314

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates.

Known issues in this update

Symptom

Workaround

After installing this update, when connecting to devices in an untrusted domain using Remote Desktop, connections might fail to authenticate when using smart card authentication. You might receive the prompt, "Your credentials did not work. The credentials that were used to connect to [device name] did not work. Please enter new credentials." and "The login attempt failed" in red.

This issue is addressed in KB5007254.

After installing this update, Windows print clients might encounter the following errors when connecting to a remote printer shared on a Windows print server:

  • 0x000006e4 (RPC_S_CANNOT_SUPPORT)

  • 0x0000007c (ERROR_INVALID_LEVEL)

  • 0x00000709 (ERROR_INVALID_PRINTER_NAME)

Note The printer connection issues described in this issue are specific to print servers and are not commonly observed in devices designed for home use. Printing environments affected by this issue are more commonly found in enterprises and organizations.

This issue is resolved in KB5007254.

After installing this or later updates, Microsoft Defender for Endpoint might fail to start or run on devices with a Windows Server Core installation. 

Note This issue does not affect Microsoft Defender for Endpoint on Windows 10.

This issue is resolved in KB5008223.

How to get this update

Before installing this update

Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.

Install this update

Release Channel

Available

Next Step

Windows Update and Microsoft Update

Yes

Go to Settings Update & Security > Windows Update. In the Optional updates available area, you’ll find the link to download and install the update.

Windows Update for Business

No

None. These changes will be included in the next security update to this channel.

Microsoft Update Catalog

No

To get the standalone package for this update, go to the Microsoft Update Catalog website.

Windows Server Update Services (WSUS)

No

You can import this update into WSUS manually. See the Microsoft Update Catalog for instructions.

If you want to remove the LCU

To remove the LCU after installing the combined SSU and LCU package, use the DISM/Remove-Package command line option with the LCU package name as the argument. You can find the package name by using this command: DISM /online /get-packages.

Running Windows Update Standalone Installer (wusa.exe) with the /uninstall switch on the combined package will not work because the combined package contains the SSU. You cannot remove the SSU from the system after installation.

File Information

For a list of the files that are provided in this update, download the file information for cumulative update 5006745.

For a list of the files that are provided in the servicing stack update, download the file information for the SSU - version 20348.314

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.