Skip to main content

There’s quite a long list of changes…

 

The full list of changes, improvements and additions included in this update looks like this:

  • New! It adds improvements to the Microsoft Account experience in Settings. For instance, you can manage your Microsoft OneDrive subscription and related storage alerts.
  • New! It enhances search visual treatments on the taskbar to improve discoverability. This is available to a small audience initially and deploys more broadly in the months that follow. Some devices might notice different visual treatments as we gather feedback. To learn more about why you might be seeing these changes, see Search for anything, anywhere.
  • New! It enhances the backup experience when using your Microsoft Account (MSA). Some devices might notice visual treatments for this enhancement. This is available to a small audience initially and deploys more broadly in the months that follow.
  • New! It adds Task Manager to the context menu when you right-click the taskbar. This feature rolls out in the coming weeks.
  • It enables the ms-appinstaller Uniform Resource Identifier (URI) to work for the DesktopAppInstaller.
  • It stops the start of daylight saving time in Jordan at the end of October 2022. The Jordan time zone will permanently shift to the UTC + 3 time zone.
  • It addresses an issue that affects Distributed Component Object Model (DCOM) authentication hardening. It automatically raises the authentication level for all non-anonymous activation requests from DCOM clients to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY. This occurs if the authentication level is below Packet Integrity.
  • It addresses an issue that affects the Windows Search service. Indexing progress is slow when you use the service.
  • It addresses an issue that affects cached credentials for security keys and Fast Identity Online 2.0 (FIDO2) authentications. On hybrid domain-joined devices, the system removes these cached credentials.
  • It addresses an issue that might affect some types of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) connections. These connections might have handshake failures. For developers, the affected connections are likely to send multiple frames followed by a partial frame with a size of less than 5 bytes within a single input buffer. If the connection fails, your app will receive the error, “SEC_E_ILLEGAL_MESSAGE”.
  • It addresses an issue that affects the Microsoft Azure Active Directory (AAD) Application Proxy connector. It cannot retrieve a Kerberos ticket on behalf of the user. The error message is, “The handle specified is invalid (0x80090301).”
  • It addresses an issue that affects certificate mapping. When it fails, lsass.exe might stop working in schannel.dll.
  • It addresses an issue that affects Microsoft Edge when it is in IE Mode. The titles of pop-up windows and tabs are wrong.
  • It addresses an issue that affects Microsoft Edge IE mode. It stops you from opening webpages. This occurs when you enable Windows Defender Application Guard (WDAG) and you do not configure Network Isolation policies.
  • It addresses an issue that affects title bars when you use third-party tools to customize them. The title bars did not render. This update ensures that title bars render; however, we cannot guarantee all text customizations will work as before.
  • It addresses an issue that might cause vertical and horizontal line artifacts to appear on the screen.
  • It addresses an issue that affects input method editors (IME) from Microsoft and third parties. They stop working when you close the IME window. This occurs if the IME uses Windows Text Services Framework (TSF) 1.0.
  • It addresses an issue that might fail to sync the audio when you record game play using the Xbox Game Bar.
  • It updates the Windows kernel vulnerable driver blocklist that is in the DriverSiPolicy.p7b file. This update also ensures that the blocklist is the same across Windows 10 and Windows 11. For more information, see KB5020779.
  • It extends original equipment manufacturer (OEM) control of Hypervisor-protected Code Integrity (HVCI) enforcement for targeted hardware configurations.
  • It addresses an issue that affects File Explorer. It is less dependable when you browse for Microsoft OneDrive folders.
  • It addresses an issue that affects the button style BS_PUSHLIKE. Buttons that have this style are difficult to identify against a dark background.
  • It addresses an issue in that stops the credential UI from displaying in IE mode when you use Microsoft Edge.
  • It addresses an issue that affects Server Manager. It might reset the wrong disk when several disks have the same UniqueId. For more information, see KB5018898.
  • It addresses an issue that affects the CopyFile function. It returns ERROR_INVALID_HANDLE instead of ERROR_FILE_NOT_FOUND when it is called with an invalid source file.
  • It addresses an issue that affects the Start menu. It stops working when you use keyboard commands to move pinned items to a folder at the end of a list.

You can get hold of the KB5018496 update by searching for optional updates on Windows Update, or by manually downloading from the Microsoft Update Catalog.

 

Full article: https://betanews.com/2022/10/27/microsoft-releases-kb5018496-update-to-bring-new-features-and-improvements-to-windows-11-2022-update/

Based on the last few articles that have been posted, I am wondering how many of these “new” features and “fixes” will have some form of vulnerability to it, oh lets not forget, IE will still be there? 

 

I would suggest seeing MS done away with O365 and now rebranded it as M365 they should do a complete rebuild as Microsoft 12 the start of a new millennium.

 

@tmcmullen  thank you for the article. 

 

 


"It adds Task Manager to the context menu when you right-click the taskbar. This feature rolls out in the coming weeks"

This is by far my favourite. A little thing but drove me nuts that they took it out of 11

 


Is that new features or a laundry list of places to being new exploits?  Like others here, a long list like this makes me wonder just how well they tested the security of those additional and changes. Shields up people. 


Based on the last few articles that have been posted, I am wondering how many of these “new” features and “fixes” will have some form of vulnerability to it, oh lets not forget, IE will still be there? 

 

I would suggest seeing MS done away with O365 and now rebranded it as M365 they should do a complete rebuild as Microsoft 12 the start of a new millennium.

 

@tmcmullen  thank you for the article. 

 

 

Oh, +100 for sure. MS really needs full rewrites/rebuilds on so many things. I wonder how much IE is in O365?  :-)


But Major they NEVER release anything without making sure its bullet proof first!!!

😳

 

(I’m still downloading it)


Reply