Microsoft Windows Security Updates January 2023 overview

Martin Brinkmann
Jan 10, 2023
Updated • Feb 14, 2023
Windows Updates
|
20

It is January 10, 2023, and that means it is the first Microsoft Patch Day of the year 2023. It is also the last Patch day for Windows 7 devices that are subscribed to Extended Security Updates, and all Windows 8 devices.

Microsoft released security updates and non-security updates for all client and server versions of the Windows operating system that it supports and other company products.

Our overview provides Windows Home and system administrators with detailed actionable information. It links to all relevant resources, including support pages and direct downloads, information about each of the released patches

Tipcheck out the December 2022 Patch Day overview here.

Microsoft Windows Security Updates: January 2023

Here is a an Excel spreadsheet that lists the security updates that Microsoft released in January 2023. Just click on the link to download it, as an archive, to your device: microsoft-windows-january-2023-updates

Executive Summary

  • Windows 7 and Windows 8.1 support ends today. Microsoft won't release security updates anymore for both operating systems after January 10, 2023.
  • Microsoft released security products for other company products, including Visual Studio Code, .NET Core, Microsoft Office, and Microsoft Exchange Server.
  • The following client versions of Windows have known issues: Windows 7, Windows 8.1, Windows 10 version 1809, Windows 11 version 22H2
  • The following server versions of Windows have known issues: Windows Server 2008, 2008 R2, 2012, 2012 R2, Windows Server 2019

Operating System Distribution

  • Windows 7 (extended support only): 40 vulnerabilities: 8 critical and 35 important
    • Microsoft Cryptographic Services Elevation of Privilege Vulnerability -- CVE-2023-21730
    • Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability -- CVE-2023-21679
    • Microsoft Cryptographic Services Elevation of Privilege Vulnerability -- CVE-2023-21561
    • Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability -- CVE-2023-21556
    • Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability -- CVE-2023-21555
    • Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability -- CVE-2023-21548
    • Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability -- CVE-2023-21543
    • Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability -- CVE-2023-21546
  • Windows 8.1: 48 vulnerabilities: 9 critical and 39 important,
    • All eight security issues listed under Windows 7, plus
    • Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability -- CVE-2023-21535
  • Windows 10 version 21H2 and 22H2: 63 vulnerabilities, 10 critical and 53 important
    • Same as Windows 8.1, plus
    • Microsoft Cryptographic Services Elevation of Privilege Vulnerability -- CVE-2023-21551
  • Windows 11 and Windows 11 version 22H2:  64 vulnerabilities, 10 critical and 54 important
    • Same as Windows 10

Windows Server products

  • Windows Server 2008 R2 (extended support only): 39 vulnerabilities: 8 critical and 31 important
    • Microsoft Cryptographic Services Elevation of Privilege Vulnerability -- CVE-2023-21730
    • Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability -- CVE-2023-21679
    • Microsoft Cryptographic Services Elevation of Privilege Vulnerability -- CVE-2023-21561
    • Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability -- CVE-2023-21556
    • Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability -- CVE-2023-21555
    • Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability -- CVE-2023-21548
    • Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability -- CVE-2023-21543
    • Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability -- CVE-2023-21546
  • Windows Server 2012 R2: 47 vulnerabilities: 9 critical and 38 important
    • All eight security issues listed under Windows Server 2008 R2 , plus
    • Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability -- CVE-2023-21535
  • Windows Server 2016: 50 vulnerabilities: 9 critical and 41 important
    • Same as Windows Server 2012 R2.
  • Windows Server 2019: 56 vulnerabilities: 10 critical and 46 important
    • Same As Windows Server 2012 R2, plus
    • Microsoft Cryptographic Services Elevation of Privilege Vulnerability -- CVE-2023-21551
  • Windows Server 2022:  61 vulnerabilities: 10 critical and 51 important
    • Same as Windows Server 2019.

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

Updates and improvements:

  • Authentication may fail if the "higher 16-bits of the msds-SupportedEncryptionTypes attribute" are set.
  • Resolved the Microsoft Open Database Connectivity (ODBC) SQL Server Driver (sqlsrv32.dll) that could cause connections to fail.

Windows 8.1 and Windows Server 2012 R2

Updates and improvements:

  • Microsoft displays a modal dialog that informs Home users about the end of support. The message does not appear on managed devices that run Windows 8.1 Pro or Enterprise.
  • Authentication may fail if the "higher 16-bits of the msds-SupportedEncryptionTypes attribute" are set.
  • Resolved the Microsoft Open Database Connectivity (ODBC) SQL Server Driver (sqlsrv32.dll) that could cause connections to fail.

Windows 10 version 21H2 and 22H2

Updates and improvements:

  • Resolved the Microsoft Open Database Connectivity (ODBC) SQL Server Driver (sqlsrv32.dll) that could cause connections to fail.
  • Fixed a startup issue that could throw the error 0xc000021a and have a blue screen.
  • Fixed an issue in Local Session Manager that could allow users to perform actions that only administrators can.

Windows 11 Release version 

Updates and improvements:

  • Resolved the Microsoft Open Database Connectivity (ODBC) SQL Server Driver (sqlsrv32.dll) that could cause connections to fail.
  • Fixed a startup issue that could throw the error 0xc000021a and have a blue screen.
  • Fixed an issue in Local Session Manager that could allow users to perform actions that only administrators can.

Windows 11 version 22H2  

Updates and improvements:

  • Resolved the Microsoft Open Database Connectivity (ODBC) SQL Server Driver (sqlsrv32.dll) that could cause connections to fail.
  • Fixed an issue in Local Session Manager that could allow users to perform actions that only administrators can.

Other security updates

2023-01 Cumulative Update for Windows 10 Version 1507 for x64 based Systems (KB5022297)

2023-01 Dynamic Cumulative Update for Windows 11 (KB5022287)

2023-01 Dynamic Cumulative Update for Windows 10 Version 22H2, Windows 10 Version 21H2, and Windows 10 Version 20H2 (KB5022282)

Server updates

2023-01 Security Monthly Quality Rollup for Windows Server 2008 (KB5022340)

2023-01 Security Only Quality Update for Windows Server 2008 (KB5022353)

2023-01 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB5022343)

2023-01 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB5022348)

2023-01 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5022289)

2023-01 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809 (KB5022286)

2023-01 Cumulative Update for Microsoft server operating system, version 22H2 for x64-based Systems (KB5022291)

Known Issues

Windows 7 SP1 and Windows Server 2008 R2

  • (Fixed) Apps which use ODBC connections through sqlsrv32.dll to access databases may not be able to connect.  Check out Microsoft confirms Windows database connection issues for additional information.
  • (Old) After this update or a later Windows update is installed, domain join operations might be unsuccessful and error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" occurs.
    • Microsoft released guidance on the issue here.
  • (Old) Updates may show as failed and may be uninstalled because the machine is not on ESU.
    • Expected behaviour.

Windows 8.1 and Windows Server 2012 R2

  • (Fixed) Apps which use ODBC connections through sqlsrv32.dll to access databases may not be able to connect.  Check out Microsoft confirms Windows database connection issues for additional information.
  • (Old) After this update or a later Windows update is installed, domain join operations might be unsuccessful and error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" occurs.
    • Microsoft released guidance on the issue here.

Windows 10 versions 21H2 and 22H2

  • (Fixed) Apps which use ODBC connections through sqlsrv32.dll to access databases may not be able to connect.  Check out Microsoft confirms Windows database connection issues for additional information.
  • (Old) Custom installations may not receive the new Microsoft Edge web browser, while the old version may be removed.

Windows 11 version 22H2

  • (Fixed) Apps which use ODBC connections through sqlsrv32.dll to access databases may not be able to connect.  Check out Microsoft confirms Windows database connection issues for additional information.
  • (Fixed) After you install this or later updates, you might be unable to reconnect to Direct Access after temporarily losing network connectivity or transitioning between Wi-Fi networks or access points.
  • (Old) Provisioning packages may not work as expected. Windows may only be configured partially and the " Out Of Box Experience might not finish or might restart unexpectedly".
    • Provisioning the Windows device before upgrading to Windows 11 version 22H2 fixes the issue.
  • (Old) Copying large files (multiple gigabytes) may take longer than expected.
    • Use the commands robocopy \\someserver\someshare c:\somefolder somefile.img /J or xcopy \\someserver\someshare c:\somefolder /J until fixed.

Security advisories and updates

Non-security updates

Microsoft Office Updates

You find Office update information here.

How to download and install the January 2023 security updates

Most Home systems are updated automatically thanks to the built-in Windows Update feature. The checks for updates do not happen in real-time, and some administrators may want to download them as soon as they are released to their devices.

This is done using a manual update check. Do the following to run a manual check for updates:

  1. Select Start, type Windows Update and load the Windows Update item that is displayed.
  2. Select check for updates to run a manual check for updates.

Direct update downloads

Below are resource pages with direct download links, if you prefer to download the updates to install them manually.

Windows 7 and Server 2008 R2

  • KB5022338 -- 2023-01 Security Monthly Quality Rollup for Windows 7
  • KB5022339 -- 2023-01 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB5022352 -- 2023-01 Security Monthly Quality Rollup for Windows 8.1
  • KB5022346 -- 2023-01 Security Only Quality Update for Windows 8.1

Windows 10 Version 21H2

  • KB5022282 -- 2023-01 Cumulative Update for Windows 10 Version 21H2

Windows 10 version 22H2

  • KB5022282 -- 2023-01 Cumulative Update for Windows 10 Version 21H2

Windows 11 Release version

  • KB5022287 -- 2023-01 Cumulative Update for Windows 11
Windows 11 version 22H2
  • KB5022303 -- 2023-01 Cumulative Update for Windows 11 version 22H2

Additional resources

Summary
Article Name
Microsoft Windows Security Updates January 2023 overview
Description
Microsoft released security and non-security updates for all supported versions of Windows on the January 2023 Patch Day.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. MM Strauss said on January 12, 2023 at 5:22 am
    Reply

    In your executive report you mentioned – “The following client versions of Windows have known issues: Windows 7, Windows 8.1, Windows 10 version 1809, Windows 11 version 22H2”

    What known issues do we have in Win 10 ver 1809?

    1. Martin Brinkmann said on January 12, 2023 at 7:16 am
      Reply

      It is “After installing KB5001342 or later, the Cluster Service might fail to start because a Cluster Network Driver is not found”.

      See https://support.microsoft.com/en-us/topic/january-10-2023-kb5022286-os-build-17763-3887-48683103-7b22-4f36-aa98-0049c7a6e579

  2. VioletMoon said on January 11, 2023 at 5:12 pm
    Reply

    Reminiscing as I find it nearly impossible to find meaningful information on the site: senseless dribble.

    {Not the current article; I find the links useful–and the comments. Thanks!}

    https://www.ghacks.net/2011/10/03/ghacks-turns-six-today-lets-celebrate/

    And what to celebrate today? RIP gHacks t-shirts should go on sale.

    @Paul(us) Glad you found an upgrade worth the time; in one of your last comments, I thought you had jumped ship. I still find Windows 10 to be a worthy OS; Windows 11 takes some work with tweaks, but stability is there.

  3. Tree said on January 11, 2023 at 5:01 pm
    Reply

    I got this on both of my Windows 7 computers:
    Windows Malicious Software Removal Tool x64 – v5.109 (KB890830)

    Installation date: ?1/?10/?2023 11:13 AM

    Installation status: Successful

    Update type: Important

  4. Paul(us) said on January 11, 2023 at 9:22 am
    Reply

    Thanks for helping me update to Windows 10 pro. 22h2 (os build 19045.2486.

  5. Saibot said on January 11, 2023 at 6:09 am
    Reply

    No updates for .NET Framework this month?

  6. NeonRobot said on January 11, 2023 at 3:58 am
    Reply

    @martin Martin, could you please beam some light on incoming POS updates which are going to continue till oct 2024 by means of dedicated article?

    1. NeonRobot said on January 11, 2023 at 4:00 am
      Reply

      Of course i’m talking about Windows 7.

  7. leaking and leaking and leaking said on January 11, 2023 at 2:12 am
    Reply

    You’ve got to love all of the:

    “Remote Code Execution Vulnerability” fixes…

    How embarrassing, yet nobody seems to care!

    With every version of M$’s chewtoy, come tons of these “Remote” holes. I wonder why.

    Enjoy whatever “protection” you think you have from your black box Operating System.

  8. Alexiy said on January 11, 2023 at 12:21 am
    Reply

    U R Monthly ignore Windows 10 1607 LTSB. KB5022289 Jan.2023 for the OS.

  9. Jed said on January 10, 2023 at 9:52 pm
    Reply

    Here we go again.
    Attempt to install KB5022303 = error 0x800f0922

    Any idea what to do with this?

    1. John G. said on January 11, 2023 at 11:00 am
      Reply

      Try creating a *.bat file with this content and do apply it with admin rights:

      rem * EXECUTE AS ADMIN *
      net stop bits
      net stop wuauserv
      net stop cryptsvc
      net stop msiserver
      rd /q /s %windir%\softwaredistribution.old
      rd /q /s %windir%\system32\catroot2.old
      ren %windir%\system32\catroot2 catroot2.old
      ren %windir%\softwaredistribution softwaredistribution.old
      del “%allusersprofile%\application data\microsoft\network\downloader\qmgr*.dat”
      sc.exe sdset bits D:(A;CI;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;IU)(A;;CCLCSWLOCRRC;;;SU)
      sc.exe sdset wuauserv D:(A;;CCLCSWRPLORC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY)
      cd /d %windir%\system32
      regsvr32.exe /s atl.dll
      regsvr32.exe /s urlmon.dll
      regsvr32.exe /s mshtml.dll
      regsvr32.exe /s jscript.dll
      regsvr32.exe /s vbscript.dll
      regsvr32.exe /s scrrun.dll
      regsvr32.exe /s msxml3.dll
      regsvr32.exe /s msxml6.dll
      regsvr32.exe /s actxprxy.dll
      regsvr32.exe /s softpub.dll
      regsvr32.exe /s wintrust.dll
      regsvr32.exe /s dssenh.dll
      regsvr32.exe /s rsaenh.dll
      regsvr32.exe /s cryptdlg.dll
      regsvr32.exe /s oleaut32.dll
      regsvr32.exe /s ole32.dll
      regsvr32.exe /s shell32.dll
      regsvr32.exe /s wuapi.dll
      regsvr32.exe /s wups.dll
      regsvr32.exe /s wups2.dll
      netsh winsock reset
      net start bits
      net start wuauserv
      net start cryptsvc
      net start msiserver
      rem * RESTART PC *
      pause

      Then restart the computer and please try again to update.
      If this fails, then be caution of third party software like O&O or others than can modify the update system of the Windows (e.g., I had in the past several problems with Explorer Patcher).
      If everything fails, just wait a month and then try a hard update on the fly with the latest ISO file of Windows, using the media creation tool (you can find more info at the internet, it’s easy to do).

  10. Martin said on January 10, 2023 at 9:22 pm
    Reply

    This was once a really decent site. Martin, why are you now allowing them to make a dump out of it. Your “child” is dying, it’s sad to see.

  11. Martin P. said on January 10, 2023 at 9:15 pm
    Reply

    Well that is it. The very last monthly update for Windows 7 has come…

    It’s been much easier updating windows 7 with your monthly overview Martin. Thanks much for your great help, every month, every time for all those years.

    I will soon transfer my activities to a new MacOS platform and most probably won’t experience windows again.

    I won’t complain…

    Cheers!

    1. Anonymous said on January 11, 2023 at 12:12 am
      Reply

      I’m using Windows 7 regardless of what anyone else says. Never got virus, hacked etc on XP after using it several more years after the support was up.

      1. pete said on January 14, 2023 at 12:40 pm
        Reply

        Still using w7pro – hasn’t been an update available for years. W10 gave me heart murmur just looking at it- will have to go somewhere soon eYe imagine….

  12. John G. said on January 10, 2023 at 8:19 pm
    Reply

    One entire month waiting to resolve >60 vulnerabilities in W10/11, absolutely nonsense method of updating these OS, mainly because the critical ones should be updated weekly or even daily due to the high security risks that may cause to all the affected Microsoft’s users. Currently the people are connected almost all day and in one hour of critical bugs or vulnerabilities they can be hacked and get into several problem! Thanks by the way for the good summary and for the article. :]

    1. John G. said on January 11, 2023 at 7:10 pm
      Reply

      I just meant that it’s not good to wait one entire month to receive more than 60 fixes for critical bugs in W10 and in W11. Such an amount of bugs!

    2. Mothy said on January 11, 2023 at 1:20 pm
      Reply

      @John G.

      What you suggest would lead to chaos as there would be a constant scramble to install updates and subsequent troubleshooting as updates break things. That is why a long time ago Microsoft (and many other major software makers) moved to a once a month schedule in order to provide a more predictable and stable roll out of updates which is especially important for businesses/corporations that require high availability/functionality of their systems (servers and desktops).

      Also updates alone do not determine the security of a system and whether or not it can be compromised. There are other more important layers of security that help protect a system, one of the biggest and easiest to implement is a firewall that blocks all incoming connections as the vast majority of vulnerabilities require remote access to the system in order to exploit. So no reason to panic and operate with the mindset that you must install the latest updates immediately in order to be protected. That only gives you a false sense of security.

    3. Anonymous said on January 11, 2023 at 10:09 am
      Reply

      Alright.
      You develop updates of the most used operating system on the planet, ran on an almost infinite combination of hardware parts.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.