Flexis May 2024 Patch Recommendation
Patches Microsoft released in May 2024:
Impacted Products:
Microsoft Windows
Microsoft Edge
(HTML-based)
Microsoft Edge
(Chromium-based)
Internet Explorer
Microsoft Office and Microsoft Office Services and Web Apps
Windows Defender
Visual Studio
ASP.NET Core
Chakra Core
Microsoft Dynamics
.NET Framework
.NET Core
Please note the following information regarding the security updates:
Windows 10 Enterprise and Education and Windows 10 Home and Pro lifecycle pages, Windows 10 will reach end of support on October 14, 2025. The current version, 22H2, will be the final version of Windows 10. The following editions will remain in support with monthly security update releases through that date:
Home
Pro
Pro Education
Pro for Workstations
Education
Enterprise
Enterprise multi-session
KB5037782: Windows Server 2022
Improvements
This security update includes quality improvements. When you install this KB:
This update addresses a known issue that might affect domain controllers (DC). NTLM authentication traffic might increase.
This update addresses an issue that affects IE mode. A webpage stops working as expected when there is an open modal dialog.
This update addresses an issue in that affects IE mode. It stops responding. This occurs if you press the left arrow key when an empty text box has focus and caret browsing is on.
This update addresses an issue that affects Wi-Fi Protected Access 3 (WPA3) in the Group Policy editor. HTML preview rendering fails.
This update addresses an issue that affects a server after you remove it from a domain. The Get-LocalGroupMember cmdlet returns an exception. This occurs if the local groups contain domain members.
This update affects next secure record 3 (NSEC3) validation in a recursive resolver. Its limit is now 1,000 computations. One computation is equal to the validation of one label with one iteration. DNS Server Administrators can change the default number of computations. To do this, use the registry setting below.
Name: \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters\MaxComputationForNsec3Validation
Type: DWORD
Default: 1000
Max: 9600
Min: 1
This update addresses an issue that affects a network. An error occurs when credentials expire.
This update addresses an issue that occurs when you use LoadImage() to loada top-down bitmap. If the bitmap has a negative height, the image does not load, and the function returns NULL.
This update includes quarterly changes to the Windows Kernel Vulnerable Driver Blocklist file, DriverSiPolicy.p7b. It adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
This update addresses an issue that affects a workstation that is not in a domain. When you connect from it to a share and use an IPV6 address, you get the error, “ERROR_BAD_NET_NAME.”
This update addresses a known issue that might cause your VPN connection to fail. This occurs after you install the update dated April 9, 2024, or later.
This update addresses an issue that might affect Virtual Secure Mode (VSM) scenarios. They might fail. These scenarios include VPN, Windows Hello, Credential Guard, and Key Guard.
This update addresses an issue that affects Group Policy Folder Redirection in a multi-forest deployment. The issue stops you from choosing a group account from the target domain. Because of this, you cannot apply advanced folder redirection settings to that domain. This issue occurs when the target domain has a one-way trust with the domain of the admin user. This issue affects all Enhanced Security Admin Environment (ESAE), Hardened Forests (HF) or Privileged Access Management (PAM) deployments.
Known issues in this update
Symptom
After installing this update, you might be unable to change your user account profile picture.
When attempting to change a profile picture by selecting the button Start> Settings > Account > Your info and, under Create your picture, clicking on Browse for one, you might receive an error message with error code 0x80070520.
Workaround
Microsoft has not yet released any fix.
KB5037765: Win 10 Ent LTSC 2019 Win 10 IoT Ent LTSC 2019 Windows 10 IoT Core 2019 LTSC Windows Server 2019
Improvements
This security update includes improvements. When you install this KB:
This update affects next secure record 3 (NSEC3) validation in a recursive resolver. Its limit is now 1,000 computations. One computation is equal to the validation of one label with one iteration. DNS Server Administrators can change the default number of computations. To do this, use the registry setting below.
Name: \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters\MaxComputationForNsec3Validation
Type: DWORD
Default: 1000
Max: 9600
Min: 1
This update includes quarterly changes to the Windows Kernel Vulnerable Driver Blocklist file, DriverSiPolicy.p7b. It adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
This update addresses an issue that affects Active Directory. Bind requests to IPv6 addresses fail. This occurs when the requestor is not joined to a domain.
This update addresses a known issue that might affect domain controllers (DC). NTLM authentication traffic might increase.
This update addresses an issue that might affect Virtual Secure Mode (VSM) scenarios. They might fail. These scenarios include VPN, Windows Hello, Credential Guard, and Key Guard.
Known issues in this update
Symptom
Windows servers attempting to install the May 2024 security update (KB5037765), released May 14, 2024, might face issues during the installation process. The installation might fail with an error code 0x800f0982. This issue is more likely to affect devices that do not have en_us language pack support.
Workaround
Microsoft has not yet released any fix.
KB5037763: Windows 10, version 1607, all editions Windows Server 2016, all editions
This security update includes quality improvements. When you install this KB:
This update addresses a known issue that might affect domain controllers (DC). NTLM authentication traffic might increase.
This update affects next secure record 3 (NSEC3) validation in a recursive resolver. Its limit is now 1,000 computations. One computation is equal to the validation of one label with one iteration. DNS Server Administrators can change the default number of computations. To do this, use the registry setting below.
Name: \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters\MaxComputationForNsec3Validation
Type: DWORD
Default: 1000
Max: 9600
Min: 1
This update addresses an issue that might affect Virtual Secure Mode (VSM) scenarios. They might fail. These scenarios include VPN, Windows Hello, Credential Guard, and Key Guard.