The Windows November 2023 security updates are now available
Microsoft released security updates for all supported versions of its Windows operating system on the November 2023 Patch Tuesday. Security updates are also available for Windows Server products, Microsoft Edge, Microsoft Office and several other company products.
This overview is for system administrators and interested home users. It provides resources and information about the released updates for Windows. It includes links to resource pages, lists all known issues as confirmed by Microsoft, links to direct downloads of the updates and more.
You may check out the overview for October 2023 here.
Microsoft Windows Security Updates: November 2023
Here is a link to an Excel spreadsheet that lists information about the released security updates on the November 2023 Microsoft Patch Day. Follow this link to download an archive file that contains the spreadsheet: Windows security updates November 2023
Executive Summary
- Windows 11 version 21H2 is no longer supported. Upgrades to Windows 11 version 22H2 are available.
- Microsoft fixed 63 unique vulnerabilities in Microsoft products as well as 15 vulnerabilities in non-Microsoft products on this Patch Tuesday.
- Windows Moment 4 updates are enabled for every Windows 11 installation.
- Windows clients with issues are: Windows 10 version 1809, Windows 10 version 21H2 and 22H2, Windows 11 version 21H2 and 22H2
- Windows Server clients 2008 and 2008 R2 affected by known issues.
Each supported version of Windows and their critical vulnerabilities are listed below.
- Windows 10 version 22H2: 25 vulnerabilities, 2 critical and 23 important.
- Windows HMAC Key Derivation Elevation of Privilege Vulnerability -- CVE-2023-36400
- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-36397
- Windows 11 version 22H2: 29 vulnerabilities, 2 critical and 27 important
- same as Windows 10 version 22H2
- Windows 11 version 23H2: 29 vulnerabilities, 2 critical and 27 important
- same as Windows 10 version 22H2
Windows Server products
- Windows Server 2008 R2 (extended support only): 15 vulnerabilities: 1 critical and 14 important
- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-36397
- Windows Server 2012 R2 (extended support only): 61 vulnerabilities: 11 critical and 50 important
- Not published (yet)
- Windows Server 2016: 23 vulnerabilities: 2 critical and 21 important
- Windows HMAC Key Derivation Elevation of Privilege Vulnerability -- CVE-2023-36400
- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-36397
- Windows Server 2019: 27 vulnerabilities: 12 critical and 66 important
- same as Windows Server 2016
- Windows Server 2022: 30 vulnerabilities: 2 critical and 28 important.
- same as Windows Server 2016
Windows Security Updates
Windows 10 version 22H2
- Support Page: KB5032189
Updates and improvements:
- Fixes an issue when installing KB5031356. The installation of the update would display progress but would not finish.
- Includes all non-security changes of the October 26 Preview update for the operating system.
Windows 11 version 22H2 and 23H2
- Support Page: KB5032190
Updates and improvements:
- This update makes miscellaneous [unspecified] security improvements to internal OS functionality.
- Includes all non-security updates of the October Preview update, including:
- Customization options for Dynamic Lighting OEMs.
- Improves performance of search in the search box.
Security updates
2023-11 Cumulative Security Update for Internet Explorer (KB5032191)
2023-11 Cumulative Update for Windows 10 Version 22H2 and Windows 10 Version 21H2 (KB5032189)
2023-11 Dynamic Cumulative Update for Windows 11 (KB5032192)
2023-11 Cumulative Update for Windows 10 Version 1507 (KB5032199)
Server
2023-11 Security Monthly Quality Rollup for Windows Server 2012 (KB5032247)
2023-11 Security Monthly Quality Rollup for Windows Server 2012 R2 (KB5032249)
2023-11 Security Only Quality Update for Windows Server 2008 (KB5032248)
2023-11 Security Monthly Quality Rollup for Windows Server 2008 (KB5032254)
2023-11 Security Only Quality Update for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5032250)
2023-11 Security Monthly Quality Rollup for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5032252)
2023-11 Cumulative security Hotpatch for Azure Stack HCI, version 21H2 and Windows Server 2022 Datacenter: Azure Edition for x64-based Systems (KB5032304)
2023-11 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5032197)
2023-11 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809 (KB5032196)
2023-11 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5032198)
.NET
2023-11 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 for x64 (KB5031985)
2023-11 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 R2 for x64 (KB5031986)
2023-11 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows Server 2008 R2, and Windows Server 2008 (KB5031987)
2023-11 Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012 for x64 (KB5031992)
2023-11 Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012 R2 for x64 (KB5031994)
2023-11 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5031995)
2023-11 Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012 for x64 (KB5031998)
2023-11 Security and Quality Rollup for .NET Framework 2.0, 3.0 for Windows Server 2008 (KB5031999)
2023-11 Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5032000)
2023-11 Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012 R2 for x64 (KB5032001)
2023-11 Security Only Update for .NET Framework 4.6.2 for Windows Embedded Standard 7, Windows Server 2008 R2, and Windows Server 2008 (KB5032009)
2023-11 Security Only Update for .NET Framework 4.8 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5032010)
2023-11 Security Only Update for .NET Framework 2.0, 3.0 for Windows Server 2008 (KB5032011)
2023-11 Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5032012)
2023-11 Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5032185)
2023-11 Security Only Update for .NET Framework 2.0, 3.0, 4.6.2 for Windows Server 2008 (KB5032186)
2023-11 Security and Quality Rollup for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5032341)
2023-11 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 for x64 (KB5032342)
2023-11 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 for x64 (KB5032343)
2023-11 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.6.2 for Windows Server 2008 (KB5032344)
2023-11 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809 (KB5031984)
2023-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 22H2 and Windows 10 Version 21H2 (KB5031988)
2023-11 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607 (KB5031989)
2023-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5031990)
2023-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11 (KB5031991)
2023-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 for x64 (KB5031993)
2023-11 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 23H2 for x64 (KB5032004)
2023-11 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 10 Version 22H2 and Windows 10 Version 21H2 (KB5032005)
2023-11 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11 (KB5032006)
2023-11 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11 (KB5032007)
2023-11 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 22H2 for x64 (KB5032008)
2023-11 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Microsoft server operating system version 21H2 for x64 (KB5032336)
2023-11 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809 (KB5032337)
2023-11 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2 (KB5032338)
2023-11 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 (KB5032339)
2023-11 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 11 (KB5032340)
Servicing Stack Updates
2023-11 Servicing Stack Update for Windows Server 2012 R2 for x64-based Systems (KB5032308)
2023-11 Servicing Stack Update for Windows Server 2012 for x64-based Systems (KB5032309)
2023-11 Servicing Stack Update for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5032383)
2023-11 Servicing Stack Update for Windows Server 2008 (KB5032384)
2023-11 Servicing Stack Update for Windows 10 Version 1507 (KB5032390)
2023-11 Servicing Stack Update for Windows Server 2016 and Windows 10 Version 1607 (KB5032391)
2023-11 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Microsoft server operating system, version 22H2 for x64 (KB5032478)
Non-Security updates
2023-11 Dynamic Update for Windows 11 (KB5032305)
2023-11 Dynamic Update for Windows 10 Version 21H2 (KB5032906)
2023-11 Dynamic Update for Windows 11 (KB5033288)
Known Issues
Windows 10 version 22H2, Windows 11 version 22H2 and 23H2
Description: Using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the "Require Device Encryption" setting for some devices in your environment.
Workaround: this is a reporting issue only according to Microsoft. Microsoft suggests to set the "Enforce drive encryption type on operating system drives" or the "Enforce drive encryption on fixed drives" policies to not configured as a workaround.
Windows 11 version 22H2 and 23H2
Description: Users who use multiple monitors on their Windows devices may notice that desktop icons move around unexpectedly. They may, for instance, move between monitors.
Workaround: Microsoft "may" have disabled Windows Copilot on multi-monitor devices until a solution is found.
Description: The color font format COLRv1 does not render properly. It is used to display emoji with a 3D-like appearance.
Workaround: none at the time. Microsoft is working on a solution.
Security advisories and updates
- ADV 990001 -- Latest Servicing Stack Updates
Microsoft Office Updates
You find Office update information here.
How to download and install the November 2023 security updates
Updates are pushed to most Windows 11 systems automatically by default via Windows Update. The updates are not pushed in real-time to systems though, and some users may want to speed up the installation of these security updates.
Tip: create a backup before you install updates
This is done in the following way:
- Select Start, type Windows Update and load the Windows Update item that is displayed.
- Select check for updates to run a manual check for updates.
Managed systems receive updates when system administrators allow them to be distributed to managed devices.
Direct update downloads
Below are resource pages with direct download links, if you prefer to download the updates to install them manually.
Windows 10 version 22H2
- KB5032189 -- 2023-11 Cumulative Update for Windows 10 Version 21H2
Windows 11 version 22H2
- -- 2023-11 Cumulative Update for Windows 11 version 22H2
- KB5032190 -- 2023-11 Cumulative Update for Windows 11 version 23H2
Additional resources
- November 2023 Security Updates release notes
- List of software updates for Microsoft products
- List of the latest Windows Updates and Services Packs
- Security Updates Guide
- Microsoft Update Catalog site
- Our in-depth Windows update guide
- How to install optional updates on Windows 10
- Windows 11 Update History
- Windows 10 Update History
Your aware of windows 2012 r2 end of life date meaning Microsoft no longer is actively supporting it 10/10/2023 . This is not being cruel or anything but making sure if you wernt aware please look it up. Server 2012 r2 official support (for doctors HIPAA wont accept 2012r2 after last month etc ).
Now if you dont have legal consequences of getting hacked then version checked…. notice win7 is still getting love in these things sometimes :)
+1 Windows 7 backup and restore!
Every attempt to get the start button functional again after this update made things worse.
Eventually I was able to restore from a system image created with the old windows 7 backup on my windows 10 home pc.
I added gpedit and set windows ‘security’ updates to be delayed for 30 days and created a new backup+system iamge.
I wasn’t aware you could add gpedit to windows home so easy. Was a story ever run here about it?
in admin com prompt run one after the other.
FOR %F IN (“%SystemRoot%\servicing\Packages\Microsoft-Windows-GroupPolicy-ClientTools-Package~*.mum”) DO (DISM /Online /NoRestart /Add-Package:”%F”)
FOR %F IN (“%SystemRoot%\servicing\Packages\Microsoft-Windows-GroupPolicy-ClientExtensions-Package~*.mum”) DO (DISM /Online /NoRestart /Add-Package:”%F”)
My win 10 home pc updated last night. Start menu no longer opens with mouse or key. Neither does action center. LClick on start it turns red for a moment and nothing.
Tried everything. sfc, dism, regedit, powershell.
Restoring from restore via recovery menu point has been running 6 hours now.
Odd though, somehow system restore had been disabled by a group policy even though windows home doesn’t have gpedit.
Actually, I just learned you can add gpedit to home version now with 2 simple commands.
Hello, there aren’t a security only update for Windows Server 2012/R2 for November 2023 ? Is it a mistake or a change from Microsoft with the end support of these two OS version ?
They did release Security Only updates for Windows Server 2008(r2).
@Martin, do you know if Microsoft will release the Security Only updates for Windows Server 2012(r2) in the coming days?
Nice to see Windows 7 updates keep on going.
Next month will be the last Windows 7 will ever get monthly updates from Microsoft. It’s the end after that.
Updates for POS ESU machines, will keep coming till october 2024.
The moral of this story is if you decide to purchase a new Windows computer be prepared the rest of your life installing updates and when you’ve done that, undoing all the damage and removing all the bloatware those updates introduced.
In fact, I’m beginning to think that Microsoft deliberately creates these vulnerabilities just to ensure that users are kept occupied dealing with all this crap.
heheh.. we have told for years they are just updating the information agencies back-ports disguised as some kind of “vulnerability improvement”, no we don’t have any proof, but who knows.. heheh
@ Martin,
How do you get to that menu you have in your screenshot where it reads “Windows Security”? I can’t find it on my Win 11 Pro machine. All I have is what you see in this screenshot:
https://i.postimg.cc/MHH2q4Yg/Screenshot-2023-11-15-085333.png
I’ve tried reaching it via all the submenus, but they don’t seem to be relevant.
You can’t on Windows 11. It is a screenshot from Windows 10 :) You can go to Privacy & Security > Windows Security in Settings. Or, you should find a link to Windows Security in the System Tray area.
OK, thanks Martin, I’ll have al look at that later (have just put the machine back in its box not intending to take it out of there again until December updates :D )
Security aside, I bet 10 bucks that the picture in this blog was created by AI!
Thanks, Martin for helping me to understand the 25 vulnerabilities, 2 critical and 23 important, this month so I understood what I was doing when I upgraded to the Windows 10 professional version 22H2, OS Build 19045,3693.
Are you sure you are not a bot?
Looks like copied text from the article.
This is currently listing all last month, October 2023, info.
Sorry for that, should be fixed now.
The title is still incorrect: Microsoft Windows Security Updates: October 2023