July 13, 2021—KB5004249 (OS Build 10240.19003)
Release Date:
7/13/2021
Version:
OS Build 10240.19003
12/8/20
For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. To view other notes and messages, see the Windows 10, version 1507 update history home page.
Highlights
-
Updates to improve security when Windows performs basic operations.
Improvements and fixes
This security update includes quality improvements. Key changes include:
-
Addresses an issue that incorrectly renders some Enhanced Metafile Format (EMF) files. This issue occurs if you build the EMF files using third-party applications with ExtCreatePen() and ExtCreateFontIndirect().
-
Adds Advanced Encryption Standard (AES) encryption protections for CVE-2021-33757. For more information, see KB5004605.
-
Security updates to Windows Apps, Windows Fundamentals, Windows User Account Control (UAC), Operating System Security, the Windows Kernel, the Microsoft Scripting Engine, the Windows HTML Platforms, the Windows MSHTML Platform, and Windows Graphics.
If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.
For more information about the resolved security vulnerabilities, please refer to the new Security Update Guide website.
Windows Update Improvements
Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.
Known issues in this update
|
Symptom |
Workaround |
|
After installing updates released July 13, 2021 on domain controllers (DCs) in your environment, printers, scanners, and multifunction devices that are not compliant with section 3.2.1 of RFC 4556 spec might fail to print when using smart card (PIV) authentication. |
For more information, see KB5005408. |
How to get this update
Before installing this update
Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
If you are using Windows Update, the latest SSU (KB5001399) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the Microsoft Update Catalog.
Install this update
|
Release Channel |
Available |
Next Step |
|
Windows Update and Microsoft Update |
Yes |
None. This update will be downloaded and installed automatically from Windows Update. |
|
Windows Update for Business |
Yes |
None. This update will be downloaded and installed automatically from Windows Update in accordance with configured policies. |
|
Microsoft Update Catalog |
Yes |
To get the standalone package for this update, go to the Microsoft Update Catalog website. |
|
Windows Server Update Services (WSUS) |
Yes |
This update will automatically sync with WSUS if you configure Products and Classifications as follows: Product: Windows 10 Classification: Security Updates |
File information
For a list of the files that are provided in this update, download the file information for cumulative update 5004249.
Need more help?
Want more options?
Explore subscription benefits, browse training courses, learn how to secure your device, and more.
Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.
