As usual, there are two different updates, a monthly rollup and a security-only update that only includes security fixes. While the monthly rollup can be acquired from Windows Update, the security-only update must be installed manually.
Windows 8.1 update
Windows 8.1 KB5020023 (Monthly Rollup) and KB5020010 (Security-only update) Addressed the following points.
1 Windows 8.1 update2 Windows 7 SP12.1 Download Windows 7 Cumulative updates
After installing today’s update Users will see a reminder dialog box End of Support (EOS) for Windows 8.1 in January 2023.
Updates the daylight-saving time (DST) for Jordan to prevent moving the clock back 1 hour on October 28, 2022. Additionally, changes the display name of Jordan standard time from “(UTC+02:00) Amman” to “(UTC+03:00) Amman”.Addresses an issue where, after installing the January 11, 2022 or later update, the Forest Trust creation process fails to populate the DNS name suffixes into the trust information attributes.Addresses security vulnerabilities in the Kerberos and Netlogon protocols as outlined in CVE-2022-38023, CVE-2022-37966, and CVE-2022-37967. For deployment guidance, see the following articles:KB5020805: How to manage the Kerberos protocol changes related to CVE-2022-37967KB5021130: How to manage the Netlogon protocol changes related to CVE-2022-38023KB5021131: How to manage the Kerberos protocol changes related to CVE-2022-37966
In addition windows 8 Monthly Rollup KB5020023
Addresses a Distributed Component Object Model (DCOM) authentication hardening issue to automatically raise authentication level for all non-anonymous activation requests from DCOM clients. This will occur if the authentication level is less than RPC_C_AUTHN_LEVEL_PKT_INTEGRITY.Addresses an issue where Microsoft Azure Active Directory (AAD) Application Proxy Connector cannot retrieve a Kerberos ticket on behalf of the user because of the following general API error: “The handle specified is invalid (0x80090301).”Addresses an issue where the Microsoft Visual C++ Redistributable Runtime does not load into the Local Security Authority Server Service (LSASS) when Protected Process Light (PPL) is enabled.
Also, you can download the standalone package for this update, from the Microsoft Update Catalog website.
Windows 7 SP1
KB5020000 Monthly Rollup and KB5020013 Security-only update for windows 7 service pack 1 also include similar changes as for windows 8.1.
Updates the daylight-saving time (DST) for Jordan to prevent moving the clock back 1 hour on October 28, 2022. Additionally, changes the display name of Jordan standard time from “(UTC+02:00) Amman” to “(UTC+03:00) Amman”.Addresses an issue where, after installing the January 11, 2022 or later update, the Forest Trust creation process fails to populate the DNS name suffixes into the trust information attributes.Addresses security vulnerabilities in the Kerberos and Netlogon protocols as outlined in CVE-2022-38023, CVE-2022-37966, and CVE-2022-37967. For deployment guidance, see the following articles:KB5020805: How to manage the Kerberos protocol changes related to CVE-2022-37967KB5021130: How to manage the Netlogon protocol changes related to CVE-2022-38023KB5021131: How to manage the Kerberos protocol changes related to CVE-2022-37966
In addition windows 7 Monthly Rollup KB5020000
Addresses a Distributed Component Object Model (DCOM) authentication hardening issue to automatically raise authentication level for all non-anonymous activation requests from DCOM clients. This will occur if the authentication level is less than RPC_C_AUTHN_LEVEL_PKT_INTEGRITY.Addresses an issue where Microsoft Azure Active Directory (AAD) Application Proxy Connector cannot retrieve a Kerberos ticket on behalf of the user because of the following general API error: “The handle specified is invalid (0x80090301).
Known issue After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History. The company says this issue expected in the following circumstances:
If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.If you do not have an ESU MAK add-on key installed and activated.
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. Microsoft noted another known issue – After this update or a later Windows update is installed, domain join operations might be unsuccessful and error “0xaac (2732): NERR_AccountReuseBlockedByPolicy” occurs. Important Note: Windows 7 reached end of life With Update (KB4598279, KB4598289) Windows 7 reached the end of life. that means Devices still running Windows 7 will no longer receive any security updates and patches from Microsoft. And the company recommends upgrade Windows 11 for the latest security features and protection against malicious software
Download Windows 7 Cumulative updates
This update will be downloaded and installed automatically via Windows Update on all compatible devices running Windows 7 SP1, Windows Server 2008 SP1 and connected to the Microsoft server. To check and install updates manually
Also, you can get the standalone package for this update, go to the Microsoft Update Catalog website. Also read:
Free VPN and Paid VPN, what is the real difference between them?Laptop freezes randomly after Install Windows 10? Try these solutionsHow to Fix Printer Problems in Windows 10,Fix Data Error Cyclic Redundancy Check in Windows 10
