Impacted Products:

Please note the following information regarding the security updates:

KB5027225: Applies to: Windows 10 Enterprise 2019 LTSC Windows 10 IoT Enterprise 2019 LTSC Windows 10 IoT Core 2019 LTSC

https://support.microsoft.com/en-us/topic/june-13-2023-kb5027225-os-build-20348-1787-d2b4b682-935f-4afb-8de0-2265ae7d67e9

Improvements

This update addresses an issue that affects servers that have Citrix and Ivanti as a Remote Desktop Services (RDS) server. Signing into them takes a very long time.

This update addresses a resource conflict issue between two or more threads (known as a deadlock). This deadlock affects COM+ applications.

This update addresses an issue that affects the Storage Spaces Direct (S2D) cluster. It might not come online. This occurs after a periodic password rollover. The error code is 1326.

This update addresses a memory leak. It occurs every time you print a rich text document.

This update addresses an issue that might affect the Domain Name System (DNS) suffix search list. When you configure it, the parent domain might be missing.

This update changes the support phone number for Microsoft India for Windows activation.

This update addresses an issue that might cause some systems to stop working. This occurs when you implement firewall logging.

This update addresses an issue that might affect the Local Security Authority Subsystem Service (LSASS). It might close sporadically. The system logs the exception 0xc0000710 in the Application Error event 1000. Because of this, the domain controller restarts unexpectedly. This issue affects read-only DCs (RODC) that also run Microsoft Defender Advanced Threat Protection (ATP).

This update addresses an issue that affects the Windows Kernel. This issue is related to CVE-2023-32019. To learn more, see KB5028407.

Symptom

After installing this update on guest virtual machines (VMs) running Windows Server 2022 on some versions of VMware ESXi, Windows Server 2022 might not start up. Only Windows Server 2022 VMs with Secure Boot enabled are affected by this issue. Affected versions of VMware ESXi are versions vSphere ESXi 7.0.x and below.

Workaround

Please see VMware’s documentation to mitigate this issue.

Microsoft and VMware are investigating this issue and will provide more information when it is available.

 KB5027222: Applies to Windows 10, version 1607, all editions Windows Server 2016, all editions

https://support.microsoft.com/en-us/topic/june-13-2023-kb5027222-os-build-17763-4499-8aa0687f-06aa-4789-ab4e-6bff4897a33e

Improvements

This update addresses an issue that affects the Storage Spaces Direct (S2D) cluster. It might not come online. This occurs after a periodic password rollover. The error code is 1326.

This update addresses an issue that affects the Appx State Repository. When you remove a user profile, the cleanup is incomplete. Because of this, its database grows as time passes. This growth might cause delays when users sign into multi-user environments like FSLogix.

This update addresses an issue that affects the Windows Remote Management (WinRM) client. The client returns an HTTP server error status (500). This error occurs when it runs a transfer job in the Storage Migration Service.

This update addresses an issue that affects signed Windows Defender Application Control (WDAC) policies. They are not applied to the Secure Kernel. This occurs when you enable Secure Boot.

This update addresses an issue that might affect the Local Security Authority Subsystem Service (LSASS). It might close sporadically. The system logs the exception 0xc0000710 in the Application Error event 1000. Because of this, the domain controller restarts unexpectedly. This issue affects read-only DCs (RODC) that also run Microsoft Defender Advanced Threat Protection (ATP).

This update addresses an issue that affects the Windows Kernel. This issue is related to CVE-2023-32019. To learn more, see KB5028407.

Symptom

After installing KB5001342 or later, the Cluster Service might fail to start because a Cluster Network Driver is not found.

After installing updates released January 10, 2023, and later, kiosk device profiles that have auto log on enabled might not sign in automatically. After Autopilot completes provisioning, affected devices will stay on the sign-in screen prompting for credentials.

Workaround

This issue occurs because of an update to the PnP class drivers used by this service.  After about 20 minutes, you should be able to restart your device and not encounter this issue.

For more information about the specific errors, cause, and workaround for this issue, please see KB5003571.

Microsoft is working on a resolution and will provide an update in an upcoming release.

KB5027219: Applies to Windows Server 2012 Windows Embedded 8 Standard

https://support.microsoft.com/en-us/topic/june-13-2023-kb5027219-os-build-14393-5989-e99f2865-6f1a-41e4-9583-c0d00be7468d

Improvements

This security update includes quality improvements. When you install this KB:

This update addresses an issue that might cause a memory leak. The leak might have occurred during prolonged Remote Desktop audio redirection.

This update addresses an issue that affects the Windows Kernel. This issue is related to CVE-2023-32019. To learn more, see KB5028407.

If you installed earlier updates, only the new updates contained in this package will be downloaded and installed on your device. 

For more information about security vulnerabilities, please refer to the new Security Update Guide website and the June 2023 Security Updates.

KB5027271: Windows Server 2012 R2 Windows Embedded 8.1 Industry Enterprise Windows Embedded 8.1 Industry Pro

https://support.microsoft.com/en-us/topic/june-13-2023-kb5027271-monthly-rollup-f01380fe-5eeb-4a5c-9300-f8aea5018a6e

This cumulative security update includes improvements that are part of update KB5026415 (released May 9, 2023). This update also contains miscellaneous security improvements to internal Windows OS functionality. No specific issues are documented for this release.

For more information about the resolved security vulnerabilities, please refer to the Deployments | Security Update Guide and the June 2023 Security Updates.