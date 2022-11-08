Microsoft released security and non-security updates for all supported client and server versions of the Windows operating system on the November 2022 Patch Tuesday. The updates are available already, and most home Windows devices should receive the updates automatically starting today.

The following guide helps home users and system administrators alike when it comes to updating systems. It includes information on the released updates, links to official Microsoft support pages and manual downloads, a fully updated list of known issues for each client version of Windows, links to all other security updates and non-security updates Microsoft released, and more.,

Tip: check out our overview of the October 2022 Patch Day here.

Microsoft Windows Security Updates: November 2022

The following Excel spreadsheet includes the released security updates for Windows and other company products. Just download it with a click on the following link: security-updates-windows-november-2022

Executive Summary

Windows 10 version 22H2, aka the Windows 10 2022 Update, was released this month.

There won't be a preview update for the month of December 2022.

Microsoft released security updates for all supported client and server versions of Windows.

Microsoft released security updates for other company products, including .NET Framework, Azure, Microsoft Dynamics, Microsoft Office, SysInternals, Visual Studio.

The following client versions of Windows have known issues: Windows 7, Windows 8.1, Windows 10 version 21H2, Windows 11 version 22H2

The following server versions of Windows have known issues: Windows Server 2008, 2008 R2, 2012, 2012 R2, Windows Server 2019

Operating System Distribution

Windows 7 (extended support only) : 21 vulnerabilities: 4 critical and 17 important Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41039 Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41128 Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41118 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41044

: 21 vulnerabilities: 4 critical and 17 important Windows 8.1 : 23 vulnerabilities: 4 critical and 19 important Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41128 Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41118 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41088 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41039

: 23 vulnerabilities: 4 critical and 19 important Windows 10 version 21H1, 21H2 and 22H2: 37 vulnerabilities, 5 critical and 32 important Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41039 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41088 Windows Hyper-V Denial of Service Vulnerability -- CVE-2022-38015 Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41128 Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41118

37 vulnerabilities, 5 critical and 32 important Windows 11 and Windows 11 version 22H2 : 35 vulnerabilities, 5 critical and 30 important same as Windows 10

: 35 vulnerabilities, 5 critical and 30 important

Windows Server products

Windows Server 2008 R2 (extended support only): 24 vulnerabilities: 6 critical and 18 important Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41039 Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability -- CVE-2022-37966 Windows Kerberos Elevation of Privilege Vulnerability -- CVE-2022-37967 Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41128 Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41118 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41044

24 vulnerabilities: 6 critical and 18 important Windows Server 2012 R2 : 26 vulnerabilities: 6 critical and 20 important same as Windows Server 2008 R2.

: 26 vulnerabilities: 6 critical and 20 important Win dows Server 2016 : 34 vulnerabilities: 7 critical and 27 important Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41039 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41088 Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability -- CVE-2022-37966 Windows Hyper-V Denial of Service Vulnerability -- CVE-2022-38015 Windows Kerberos Elevation of Privilege Vulnerability -- CVE-2022-37967 Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41128 Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41118

: 34 vulnerabilities: 7 critical and 27 important Windows Server 2019 : 37 vulnerabilities: 7 critical and 30 important same as Windows Server 2016

: 37 vulnerabilities: 7 critical and 30 important Windows Server 2022: 39 vulnerabilities: 10 critical and 56 important same as Windows Server 2016

39 vulnerabilities: 10 critical and 56 important

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

Monthly Rollup: KB5020000

Security-Only: KB5020013

Updates and improvements:

Daylight saving time for Jordan updated.

Addresses an issue where, after installing the January 11, 2022 or later update, the Forest Trust creation process fails to populate the DNS name suffixes into the trust information attributes.

Addresses a Distributed Component Object Model (DCOM) authentication hardening issue to automatically raise authentication level for all non-anonymous activation requests from DCOM clients. This will occur if the authentication level is less than RPC_C_AUTHN_LEVEL_PKT_INTEGRITY. (Monthly-Security only)

Addresses an issue where Microsoft Azure Active Directory (AAD) Application Proxy Connector cannot retrieve a Kerberos ticket on behalf of the user because of the following general API error: “The handle specified is invalid (0x80090301).” (Monthly-Security only)

Security updates.

Windows 8.1 and Windows Server 2012 R2

Monthly Rollup: KB5020023

Security-only: KB5020010

Updates and improvements:

Daylight saving time for Jordan updated.

Addresses a Distributed Component Object Model (DCOM) authentication hardening issue to automatically raise authentication level for all non-anonymous activation requests from DCOM clients. This will occur if the authentication level is less than RPC_C_AUTHN_LEVEL_PKT_INTEGRITY. (Monthly-Security only)

Addresses an issue where Microsoft Azure Active Directory (AAD) Application Proxy Connector cannot retrieve a Kerberos ticket on behalf of the user because of the following general API error: “The handle specified is invalid (0x80090301).” (Monthly-Security only)

Addresses an issue where, after installing the January 11, 2022 or later update, the Forest Trust creation process fails to populate the DNS name suffixes into the trust information attributes.

Addresses an issue where the Microsoft Visual C++ Redistributable Runtime does not load into the Local Security Authority Server Service (LSASS) when Protected Process Light (PPL) is enabled. (Monthly-Security only)

Security updates

Windows 10 version 21H1m 21H2 and 22H2

Support Page: KB5019959

Updates and improvements:

Security updates

Changes of the preview updates, released under KB5020953

Windows 11 Release version

Support Page: KB5019961

Updates and improvements:

Security updates

Changes of the preview updates, released under KB5018483

Windows 11 version 22H2

Support Page: KB5019980

Updates and improvements:

Addresses an issue in File Explorer, which fails to localize folders.

Security updates.

Changes of the preview update, released under Kb5018496.

Other security updates

KB5019958: Cumulative security update for Internet Explorer: November 8, 2022

2022-11 Cumulative Update for Windows 10 Version 1507 (KB5019970)

2022-11 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5019964)

2022-11 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809 (KB5019966)

2022-11 Cumulative Update for Windows 10 Version 21H1, Windows 10 Version 20H2 (KB5019959)

Server updates

2022-11 Security Only Quality Update for Windows Server 2008 (KB5020005)

2022-11 Security Monthly Quality Rollup for Windows Server 2008 (KB5020019)

2022-11 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB5020009)

.NET Framework

2022-11 Security Only Update for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5020606)

2022-11 Security Only Update for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5020608)

2022-11 Security Only Update for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5020609)

2022-11 Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012 (KB5020610)

2022-11 Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2 (KB5020611)

2022-11 Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008 (KB5020612)

2022-11 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5020618)

2022-11 Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5020620)

2022-11 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5020621)

2022-11 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012 (KB5020628)

2022-11 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2 (KB5020629)

2022-11 Security and Quality Rollup for .NET Framework 4.6.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008 (KB5020630)

2022-11 Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5020678)

2022-11 Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5020679)

2022-11 Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5020680)

2022-11 Security Only Update for .NET Framework 4.6.2 for Windows Server 2008 (KB5020681)

2022-11 Security and Quality Rollup for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5020688)

2022-11 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5020689)

2022-11 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5020690)

2022-11 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.6.2 for Windows Server 2008 (KB5020691)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H1, Windows 10 Version 20H2,Windows 10 Version 1809, and Windows 10 Version 1607 (KB5020613)

2022-11 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607 (KB5020614)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5020615)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11 (KB5020617)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system, version 22H2 for x64 (KB5020619)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11 (KB5020622)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 10 Version 21H1, Windows 10 Version 20H2 (KB5020623)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11 (KB5020624)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809 (KB5020627)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system version 21H2 for x64 (KB5020632)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows Server, version 21H1, Windows 10 Version 21H1, Windows Server, version 20H2, Windows 10 Version 20H2 (KB5020676)

2022-11 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5020685)

2022-11 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 20H2 (KB5020686)

2022-11 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2 (KB5020687)

2022-11 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Microsoft server operating system version 21H2 for x64 (KB5020692)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system, version 22H2 for x64 (KB5020693)

2022-11 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 (KB5020694)

2022-11 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 11 (KB5020695)

2022-11 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H1 (KB5020801)

Known Issues

Windows 7 SP1 and Windows Server 2008 R2

(New) After this update or a later Windows update is installed, domain join operations might be unsuccessful and error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" occurs. Microsoft released guidance on the issue here.

(Old) Updates may show as failed and may be uninstalled because the machine is not on ESU. Expected behaviour.

(Fixed) File copies which use Group Policy Preferences might fail or might create empty shortcuts or files that have 0 (zero) bytes. To mitigate the issue, one of the following needs to be done: Clear the "Run in logged-on user's security context (user policy option)" check box. In the affected Group Policy, change "Action" from "Replace" to "Update". If a wildcard (*) is used in the location or destination, deleting the trailing "\" (backslash, without quotation marks) from the destination might allow the copy to be successful.



Windows 8.1 and Windows Server 2012 R2

(New) After this update or a later Windows update is installed, domain join operations might be unsuccessful and error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" occurs. Microsoft released guidance on the issue here.

(Fixed) File copies which use Group Policy Preferences might fail or might create empty shortcuts or files that have 0 (zero) bytes. To mitigate the issue, one of the following needs to be done: Clear the "Run in logged-on user's security context (user policy option)" check box. In the affected Group Policy, change "Action" from "Replace" to "Update". If a wildcard (*) is used in the location or destination, deleting the trailing "\" (backslash, without quotation marks) from the destination might allow the copy to be successful.



Windows 10 versions 21H1, 21H2 and 22H2

(Fixed) File copies which use Group Policy Preferences might fail or might create empty shortcuts or files that have 0 (zero) bytes. To mitigate the issue, one of the following needs to be done: Clear the "Run in logged-on user's security context (user policy option)" check box. In the affected Group Policy, change "Action" from "Replace" to "Update". If a wildcard (*) is used in the location or destination, deleting the trailing "\" (backslash, without quotation marks) from the destination might allow the copy to be successful.

(New, again) Custom installations may not receive the new Microsoft Edge web browser, while the old version may be removed. Workaround described on the support page.



Windows 11

(New) Provisioning packages may not work as expected. Windows may only be configured partially and the " Out Of Box Experience might not finish or might restart unexpectedly". Provisioning the Windows device before upgrading to Windows 11 version 22H2 fixes the issue.

(New) Copying large files (multiple gigabytes) may take longer than expected. Use the commands robocopy \\someserver\someshare c:\somefolder somefile.img /J or xcopy \\someserver\someshare c:\somefolder /J until fixed.

(Fixed) File copies which use Group Policy Preferences might fail or might create empty shortcuts or files that have 0 (zero) bytes. To mitigate the issue, one of the following needs to be done: Clear the "Run in logged-on user's security context (user policy option)" check box. In the affected Group Policy, change "Action" from "Replace" to "Update". If a wildcard (*) is used in the location or destination, deleting the trailing "\" (backslash, without quotation marks) from the destination might allow the copy to be successful.



Windows 11 version 22H2

(Old) Provisioning packages may not work as expected. Windows may only be configured partially and the " Out Of Box Experience might not finish or might restart unexpectedly". Provisioning the Windows device before upgrading to Windows 11 version 22H2 fixes the issue.

(Old) Copying large files (multiple gigabytes) may take longer than expected. Use the commands robocopy \\someserver\someshare c:\somefolder somefile.img /J or xcopy \\someserver\someshare c:\somefolder /J until fixed.



Security advisories and updates

ADV 990001 -- Latest Servicing Stack Updates

Non-security updates

Microsoft Office Updates

You find Office update information here.

How to download and install the November 2022 security updates Most home systems will receive the updates automatically, thanks to Windows Update. Administrators have options to download updates manually, and to run manual checks for updates to install the updates as early as possible. Note that it is recommended to create a system backup before installing any updates for Windows. A system backup gives you an option to restore a previous version.

