Microsoft Windows Security Updates April 2023: What you need to know before installation
It is the second Tuesday of April 2023, and that means that Microsoft has released security updates for Windows and other company products.
Security updates were released for Microsoft Windows, Office, Microsoft Edge and many other company products.
Our overview guides system administrators and home users. It lists the released updates and known issues, includes links to support articles and direct downloads, and provides information about other updates that Microsoft released on the April 2023 Patch Tuesday.
Click here to check out the March 2023 Microsoft Windows Patch Day overview in case you missed it.
Microsoft Windows Security Updates: April 2023
You can download the following Excel spreadsheet. It lists the released security updates of the April 2023 Microsoft Patch Day. Click on the following link to download it: Windows Security Updates April 2023
Executive Summary
- Microsoft released security updates for all supported client and server versions of Windows.
- Security updates were also released for .NET Core, Azure, Microsoft Office, Microsoft Defender for Endpoint, Microsoft Edge, Visual Studio and other company products.
- The following Windows client version have known issues: Windows 10 version 20H2, 21H2 and 22H2, Windows 11 version 21H2 and 22H2
- The following Windows server versions have known issues: Windows Server 2008, Windows Server 2008 R2, Windows Server 2019, Windows Server 2022
Operating System Distribution
- Windows 10 version 21H2 and 22H2: 56 vulnerabilities, 5 critical and 51 important.
- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-28250
- Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2023-28232
- Layer 2 Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2023-28220
- Layer 2 Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2023-28219
- Microsoft Message Queuing Remote Code Execution Vulnerability -- CVE-2023-21554
- Windows 11 and Windows 11 version 22H2: 59 vulnerabilities, 5 critical and 54 important
- same as Windows 10 version 22H2
Windows Server products
- Windows Server 2008 R2 (extended support only): 43 vulnerabilities: 6 critical and 37 important
- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-28250
- Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2023-28232
- DHCP Server Service Remote Code Execution Vulnerability -- CVE-2023-28231
- Layer 2 Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2023-28220
- Layer 2 Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2023-28219
- Microsoft Message Queuing Remote Code Execution Vulnerability -- CVE-2023-21554
- Windows Server 2012 R2: 62 vulnerabilities: 6 critical and 56 important
- Same as Windows Server 2008 R2
- Windows Server 2016: 66 vulnerabilities: 6 critical and 60 important.
- Same as Windows Server 2008 R2
- Windows Server 2019: 69 vulnerabilities: 6 critical and 63 important.
- Same as Windows Server 2008 R2
- Windows Server 2022: 72 vulnerabilities: 6 critical and 66 important.
- Same as Windows Server 2008 R2
Windows Security Updates
Windows 10 version 21H2 and 22H2
- Support Page: KB5025221
Updates and improvements:
- This update addresses security issues for your Windows operating system.
- It includes the optional updates released on March 21 as previews.
Windows 11 Release version
- Support Page: KB5025224
Updates and improvements:
- Implements "the new Windows Local Administrator Password Solution (LAPS) as a Windows inbox feature on Pro, Edu and Enterprise editions. The feature is now integrated natively into Windows, and it allows administrators to manage the password of a local administrator account more efficiently using Active Directory. Additional information about the feature is available on Tech Community.
- Addresses a compatibility issue that is caused by "unsupported use of the registry" according to Microsoft. No additional information was provided.
- The update adds support for the Arab Republic of Egypt's daylight saving time change order for 2023.
- The update addresses an issue that affects kiosk device profiles.
- Includes the March Preview updates for Windows 11 version 21H2 as well.
Windows 11 version 22H2
- Support Page: KB5025239
Updates and improvements:
- Addresses a compatibility issue that is caused by "unsupported use of the registry" according to Microsoft. No additional information was provided.
- Implements "the new Windows Local Administrator Password Solution (LAPS) as a Windows inbox feature on Pro, Edu and Enterprise editions. The feature is now integrated natively into Windows, and it allows administrators to manage the password of a local administrator account more efficiently using Active Directory. Additional information about the feature is available on Tech Community.
Other security updates
Server
2023-04 Security Monthly Quality Rollup for Windows Server 2008 (KB5025271)
2023-04 Security Only Quality Update for Windows Server 2008 (KB5025273)
2023-04 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB5025272)
2023-04 Security Only Quality Update for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5025277)
2023-04 Security Monthly Quality Rollup for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5025279)
2023-04 Security Monthly Quality Rollup for Windows Server 2012 R2 (KB5025285)
2023-04 Security Only Quality Update for Windows Server 2012 R2 (KB5025288)
2023-04 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB5025287)
2023-04 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5025228)
2023-04 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809 (KB5025229)
2023-04 Cumulative Update for Windows 10 (KB5025234)
Known Issues
Windows 10 versions 21H2 and 22H2
- (Old) Custom installations may not receive the new Microsoft Edge web browser, while the old version may be removed.
- Workaround described on the support page.
Windows 11 version 21H2
- (Old) Some Windows devices with third-party user interface customizations may not start up after installing this update or future updates.
- Microsoft recommends uninstalling the third-party UI customization applications before installing this update, or updating them, if updates are available. Check out our support article for additional information on the issue.
- The computer game Red Dead Redemption 2 may not open after installing this update.
- Updating to the latest version of the game resolves the issue.
Windows 11 version 22H2
- (Old) Some Windows devices with third-party user interface customizations may not start up after installing this update or future updates.
- Microsoft recommends uninstalling the third-party UI customization applications before installing this update, or updating them, if updates are available. Check out our support article for additional information on the issue.
- (Old) Provisioning packages may not work as expected. Windows may only be configured partially and the " Out Of Box Experience might not finish or might restart unexpectedly".
- Provisioning the Windows device before upgrading to Windows 11 version 22H2 fixes the issue.
- (Old) Copying large files (multiple gigabytes) may take longer than expected.
- Use the commands robocopy \\someserver\someshare c:\somefolder somefile.img /J or xcopy \\someserver\someshare c:\somefolder /J until fixed.
Security advisories and updates
- ADV 990001 -- Latest Servicing Stack Updates
Non-security updates
2023-04 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 10 Version 22H2, Windows 10 Version 21H2, Windows 10 Version 21H1, and Windows 10 Version 20H2 (KB5025188)
2023-04 Update for Windows 10 Version 21H2 (KB5026037)
2023-04 Update for Windows 11 (KB5026038)
2023-04 Update for Windows 11 Version 22H2 (KB5026039)
Microsoft Office Updates
You find Office update information here.
How to download and install the April 2023 security updates
Security updates are installed automatically on most non-managed Windows devices. Windows checks for updates regularly and will download and install these once it detects them.
Some administrators may want to speed up the process; this is done byy running a manual scan for updates, or by downloading updates manually to install them on Windows devices.
Do the following to run a manual check for updates:
- Select Start, type Windows Update and load the Windows Update item that is displayed.
- Select check for updates to run a manual check for updates.
Direct update downloads
Below are resource pages with direct download links, if you prefer to download the updates to install them manually.
Windows 10 Version 21H2
- KB5025221 -- 2023-04 Cumulative Update for Windows 10 Version 21H2
Windows 10 version 22H2
- KB5025221 -- 2023-04 Cumulative Update for Windows 10 Version 21H2
Windows 11 Release version
- KB5025224 -- 2023-04 Cumulative Update for Windows 11
- KB5025239 -- 2023-04 Cumulative Update for Windows 11 version 22H2
Additional resources
- April 2023 Security Updates release notes
- List of software updates for Microsoft products
- List of the latest Windows Updates and Services Packs
- Security Updates Guide
- Microsoft Update Catalog site
- Our in-depth Windows update guide
- How to install optional updates on Windows 10
- Windows 11 Update History
- Windows 10 Update History
Can someone tell me why did we receive windows server updates for windows 2008 on the month of march and april 2023. And Microsoft clearly said that we shouldn’t receive any updates for windows server 2008 because the support ended in 2020. So what’s going on ?
Same here for our Win 10 LTSC 1809…
KB5025229 is not offered through ‘Windows Updates’ nor through ‘WSUS’.
Im not being offered update KB5025229, I’m on Win 10 LTSC 1809 (17763..4131).
I had not had any problems with previous windows updates being offered to me.
One of these updates is causing a lot of windows BSOD when logging in with azure AD accounts.
Anyone else impacted by this bug ?
The only issue I have noticed so far is the loss of WiFi speed in certain sites using Firefox 112. However it’s quite difficult to relate this situation to the W11 latest update (or at least it would be very weird that it was related in such any way, imho). :S
1. This update is no longer available!
2023-04 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 10 Version 22H2, Windows 10 Version 21H2, Windows 10 Version 21H1, and Windows 10 Version 20H2 (KB5025188)
2. .Net 6.0 and 7.0 updates are not mentioned here. May be I’m missing something here?
https://support.microsoft.com/en-us/topic/-net-7-0-update-april-11-2023-kb5025916-36ff26bc-9528-4b65-8d50-64f979369b11
https://support.microsoft.com/en-us/topic/-net-6-0-update-april-11-2023-kb5025915-043b062a-d974-4753-a281-1ee56e609a7e
@Mohan I did not receive neither the update for .NET 3.5/4.8.1, nor the update for .NET 7.0; however the version of .NET 7.0 is not a LTS update and I am not sure if non LTS .NETs are updated in such this way. Version 6.0 has been updated nice here and it has support until November 12, 2024.
Thanks for these always useful articles.
Thanks for what you are doing. You must be having LOTs of fun changing the pattern of the Direct download link every month. I’ve been trying to automate downloading the zip file directly for last 6 months but you made sure to change the pattern every time, great job!!
Last month you uploaded .xlsx file instead of .zip and this month you changed the case. Wonder what you achieved by doing it. perhaps, more hits to this web page??
@Bateman
Please consider that you get all this info for free. Pretending that Martin purposely sets things to generate more visits to his website isn’t a nice way to thank him for his work.
Itt isn’t free. Ads and the collecting of a user’s data pay for it.
@Anonymous
Collecting user’s data? How?
Thank you very much for the overview/insight that allowed me to fully understand again what I was really doing, when I updated my operating system to Microsoft Windows 10 Pro. version 22H2 o.s. build 19045.2846.
I am just wondering where you get this info? So neat and informative!
The webside that Microsoft provides is just awful
https://msrc.microsoft.com/update-guide/
I guess I will never know
Thanks for the great sum-up!