Lucene search

K
mskb
MicrosoftKB5005575
HistorySep 14, 2021 - 12:00 a.m.

September 14, 2021—KB5005575 (OS Build 20348.230)

2021-09-1400:00:00
Microsoft
support.microsoft.com
35

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.967 High

EPSS

Percentile

99.6%

September 14, 2021—KB5005575 (OS Build 20348.230)

Improvements and fixes

This security update includes quality improvements. Key changes include:

  • Addresses an issue that causes Windows to generate many AppLocker or SmartLocker success events in the AppLocker EXE and DLL event channel.
  • Addresses an issue that prevents the ShellHWDetection service from starting on a Privileged Access Workstation (PAW) device and prevents you from managing BitLocker drive encryption.
  • Addresses an issue that causes PowerShell to create an infinite number of child directories. This issue occurs when you use the PowerShell Move-Item command to move a directory to one of its children. As a result, the volume fills up and the system stops responding.
    If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the Security Update Guide.

Windows 10 servicing stack update - 20348.220

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates.

Known issues in this update

Symptom Workaround
After installing this update, devices which attempt to connect to a network printer for the first time might fail to download and install the necessary printer drivers. Devices which had connected to and installed the printer prior to the installation of KB5005575 are unaffected and operations to that printer will succeed as usual.This issue has been observed in devices which access printers via a print server using HTTP connections. When a client connects to the server to install the printer, a directory mismatch occurs, which causes the installer files to generate incorrectly. As a result, the drivers may not download.NoteThe printer connection methods described in this issue are not commonly used by devices designed for home use. Printing environments affected by this issue are more commonly found in enterprises and organizations. This issue was resolved in KB5005619.
After installing this or a later update, installation of printers using Internet Printing Protocol (IPP) might not complete successfully. Devices which had connected to and installed the printer prior to the installation of KB5005575 are unaffected and print operations to that printer will succeed as usual.NoteIPP is not commonly used by devices designed for home use. The printing environments affected by this issue are more commonly found in enterprises and organizations. This issue is resolved in KB5006745.
You might receive a prompt for administrative credentials every time you attempt to print in environments in which the print server and print client are in different times zones.Note The affected environments described in this issue are not commonly used by devices designed for home use. The printing environments affected by this issue are more commonly found in enterprises and organizations. This issue is resolved in KB5006745.
Universal Windows Platform (UWP) apps might not open on devices that have undergone a Windows device reset. This includes operations that were initiated using Mobile Device Management (MDM), such as Reset this PC, Push-button reset, and Autopilot Reset. UWP apps you downloaded from the Microsoft Store are not affected. Only a limited set of apps are affected, including:
  • App packages with framework dependencies
  • Apps that are provisioned for the device, not per user account.
    The affected apps will fail to open without error messages or other observable symptoms. They must be re-installed to restore functionality.| This issue is addressed in KB5015879 for all releases starting September 14, 2021 and later.

How to get this update

Before installing this updateMicrosoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.Install this update****Release Channel Available Next Step
Windows Update and Microsoft Update Yes None. This update will be downloaded and installed automatically from Windows Update.
Windows Update for Business Yes None. This update will be downloaded and installed automatically from Windows Update in accordance with configured policies.
Microsoft Update Catalog Yes To get the standalone package for this update, go to the Microsoft Update Catalog website.
Windows Server Update Services (WSUS) Yes This update will automatically sync with WSUS if you configure Products and Classifications as follows:Product: Microsoft Server operating system-21H2Classification: Security Updates

If you want to remove the LCUTo remove the LCU after installing the combined SSU and LCU package, use the DISM/Remove-Package command line option with the LCU package name as the argument. You can find the package name by using this command:DISM /online /get-packages.Running Windows Update Standalone Installer (wusa.exe) with the**/uninstall **switch on the combined package will not work because the combined package contains the SSU. You cannot remove the SSU from the system after installation.

File InformationFor a list of the files that are provided in this update, download the file information for cumulative update 5005575.For a list of the files that are provided in the servicing stack update, download the file information for the SSU - version 20348.220.

How to protect your server from attacks?

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.967 High

EPSS

Percentile

99.6%

Related for KB5005575