This occurs when the requestor is not joined to a domain. This update addresses an issue that affects Active Directory. The actions occur at restart instead of at the end of the grace period. This update addresses an issue that affects Windows Local Administrator Password Solution (LAPS) Post Authentication Actions (PAA). The change fails to apply to RemoteApps in some scenarios. This update addresses an issue that occurs when you change the keyboard language. This occurs if a user has multiple sessions on the host. It might connect to a wrong instance of a user's session. This update addresses an issue that affects a remote desktop client. In certain cases, they persist on client devices after you close them. This update addresses an issue that affects RemoteApp windows.
You can now opt for this change. For more details, see KB5036210. It adds a renewed signing certificate to the Secure Boot DB variable. This update affects Unified Extensible Firmware Interface (UEFI) Secure Boot systems. It adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks. This update includes quarterly changes to the Windows Kernel Vulnerable Driver Blocklist file, DriverSiPolicy.p7b. Because of this, TPM-based scenarios stopped working. On certain devices, they did not initialize correctly.
This update addresses an issue that affects Trusted Platform Modules (TPM). This occurs when you run the “netsh mbn show readyinfo *” command. It stops you from automatically configuring APN profiles for cellular enabled devices. This update addresses an issue that affects Access Point Name (APN) profiles. This occurs when you use the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node. A mobile device management (MDM) service, such as Microsoft Intune, might not get the right data. This update addresses a known issue that affects BitLocker data-only encryption. This occurs in certain scenarios with mobile device management (MDM) providers, such as Microsoft Intune. This update addresses an issue that stops WMI from working. Windows uses this format to display emoji with a 3D-like appearance. The update addresses a known issue that affects the color font format for COLRv1. On a certain architecture, the issue might affect how text renders for third-party applications. This update addresses an issue that affects the OpenType font driver. This update makes Windows more reliable during power transitions. The issue causes CurrentTimeZone to change to the wrong value. This update addresses an issue that affects Windows Management Instrumentation (WMI). This update addresses an issue that affects Wi-Fi Protected Access 3 (WPA3) in the Group Policy editor. This update addresses an issue that affects certain types of 7-Zip files. This non-security update includes quality improvements. It stops the audio from routing through the PC when you answer the call on your PC. This update addresses an issue that affects a Bluetooth phone call. This update addresses an issue that affects Bluetooth Low Energy (LE) Audio earbuds. This update addresses an issue that affects the File Explorer Gallery. This is intermittent and occurs after you install a print support app. This update addresses an issue that causes your device to stop responding. This update addresses an issue to make video calls more reliable. This update addresses an issue that stops search from working on the Start menu for some users. Note Follow find out when new content is published to the Windows release health dashboard.
For an overview of Windows 11, version 23H2, see its update history page. For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types.