Windows 11 et les MAJs KB5026368, KB5026372, quoi de neuf ?

Microsoft a publié à l’occasion du Patch Tuesday du mois de mai 2023 deux mises à jour cumulatives Windows 11, KB5026368 et KB5026372. Elles colmatent plusieurs failles de sécurité dont certains sont critiques.

Ces deux mises à jour visent les PCs sous Windows 11 et Windows 11 22H2. Dans les deux cas nous avons la résolution de quatre problèmes de sécurité critiques. Ils touchent aux protocole SSTP (Secure Socket Tunneling Protocol) de Windows (CVE-2023-24903), Windows OLE (CVE-2023-29325), Windows Pragmatic General Multicast ( CVE-2023-24943) et le protocole LDAP (Lightweight Directory Access Protocol) ( CVE-2023-28283)..

De manière plus générale Windows 11 est victime de 20 vulnérabilités contre 19 pour Windows 11 22H2.

Windows 11 et KB5026368 / KB5026372.

La mise à jour KB5026368 vise Windows 11. Elle corrige un problème avec le service LSASS (Local Security Authority Subsystem Service) qui peut cesser de répondre. Cela se produit lorsque le système traite plusieurs opérations de compte local en même temps. Le code d’erreur de violation d’accès est 0xc0000005. Nous avons également un correctif pour le mode IE de Microsoft Edge ( Les fenêtres contextuelles s’ouvrent en arrière-plan plutôt qu’au premier plan). La firme ajoute que

Cette mise à jour affecte les utilisateurs Xbox Elite qui disposent de la manette Xbox Adaptive Controller. Elle applique les préférences de remappage de contrôleur sur le bureau. Nous avons également une modification des icônes d’application pour certains fournisseurs de services mobiles.  A tout ceci s’ajoute une modification des paramètres du pare-feu afin de pouvoir configurer des règles de groupe d’applications et de nombreux autres correctifs. Vous trouverez tous les détails en fin d’article.

Concernant KB5026372 pour Windows 11 22H2, elle ajoute une nouvelle option dans Paramètres > Windows Update afin d’obtenir rapidement les mises à jour Windows. Microsoft corrige un souci avec LAPS (Local Administrator Password Solution). Le service LSASS (Local Security Authority Subsystem Service) peut cesser de répondre. A cela s’ajoute

• la possibilité de synchroniser les paramètres de langue et de région lorsque vous modifiez la langue d’affichage ou le format régional de votre compte Microsoft.
• La résolution deux problèmes qui affecte le mode IE de Microsoft Edge. Les fenêtres contextuelles s’ouvrent en arrière-plan plutôt qu’au premier plan. Le Gestionnaire de fenêtres à onglets cesse de répondre.
• Elle modifie les icônes d’application pour certains fournisseurs de services mobiles et résout un problème qui affecte la méthode d’entrée chinoise.
• Nous avons également un correctif pour les actualités et les centres d’intérêt (souci d’affichage dans la barre des tâches et l’Explorateur de fichiers peut cesser de répondre).

Il y a beaucoup d’autres correctifs dont les détails sont disponibles en fin d’article.

Windows 11 et KB5026368, note de version

Highlights

• This update addresses an issue that affects Microsoft Edge IE mode. Pop-up windows open in the background instead of in the foreground.
• This update affects Xbox Elite users who have the Xbox Adaptive Controller. This update applies your controller remapping preferences on the desktop.
• This update changes the app icons for certain mobile providers.

Improvements

This non-security update includes quality improvements. When you install this KB:

• New! This update changes firewall settings. You can now configure application group rules.
• This update affects the Islamic Republic of Iran. The update supports the government’s daylight saving time change order from 2022.
• This update addresses an issue that affects the Local Security Authority Subsystem Service (LSASS) process. It might stop responding. Because of this, the machine restarts. The error is 0xc0000005 (STATUS_ACCESS_VIOLATION).
• This update addresses an issue that affects Edge IE mode. The Tab Window Manager stops responding.
• This update addresses an issue that affects the Windows Remote Management (WinRM) client. The client returns an HTTP server error status (500). This error occurs when it runs a transfer job in the Storage Migration Service.
• This update addresses a rare issue that might cause an input destination to be null. This issue might occur when you attempt to convert a physical point to a logical point during hit testing. Because of this, the computer raises a stop error.
• This update addresses an issue that affects protected content. When you minimize a window that has protected content, the content displays when it should not. This occurs when you are using Taskbar Thumbnail Live Preview.
• This update addresses an issue that affects provisioning packages. They fail to apply in certain circumstances when elevation is required.
• This update addresses an issue that affects mobile device management (MDM) customers. The issue stops you from printing. This occurs because of an exception.
• This update addresses an issue that affects signed Windows Defender Application Control (WDAC) policies. They are not applied to the Secure Kernel. This occurs when you enable Secure Boot.
• This update addresses an issue that affects the Windows Defender Application Control. The policy that blocks software using a hash rule might not stop the software from running.
• This update addresses an issue that occurs when you use a PIN to sign in to Windows Hello for Business. Signing in to Remote Desktop Services might fail. The error message is, “The request is not supported”.
• This update makes improvements to the performance of the search box.
• This update addresses an issue that affects Administrator Account Lockout policies. GPResult and Resultant Set of Policy did not report them.
• This update addresses an issue that affects Active Directory Users & Computers. It stops responding. This occurs when you use TaskPad view to enable or disable many objects at the same time.
• This update addresses an issue that affects the Unified Write Filter (UWF). When you turn it off by using a call to Windows Management Instrumentation (WMI), your device might stop responding.
• This update addresses an issue that affects the Resilient File System (ReFS). A stop error prevents the OS from starting up correctly.
• This update addresses an issue that affects MySQL commands. The commands fail on Windows Xenon containers.
• This update addresses an issue that affects SMB Direct. Endpoints might not be available on systems that use multi-byte character sets
• This update addresses an issue that affects apps that use DirectX on older Intel graphics drivers. You might receive an error from apphelp.dll.
• This update addresses an issue that affects the legacy Local Administrator Password Solution (LAPS) and the new Windows LAPS feature. They fail to manage the configured local account password. This occurs when you install the legacy LAPS .msi file after you have installed the April 11, 2023, Windows update on machines that have a legacy LAPS policy.

KB5026372 pour Windows 11 22H2, note de version

Highlights

• New! This update adds the ability to sync language and region settings when you change your Microsoft account display language or regional format. Windows will save those settings to your account if you have turned on Language preferences sync in your Windows backup settings.
• This update addresses an issue that affects Microsoft Edge IE mode. Pop-up windows open in the background instead of in the foreground.
• This update addresses an issue that affects Edge IE mode. The Tab Window Manager stops responding.
• This update changes the app icons for certain mobile providers.
• This update addresses an issue that affects the Chinese input method. You cannot see all of the first suggested item.
• This update affects Xbox Elite users who have the Xbox Adaptive Controller. This update applies your controller remapping preferences on the desktop.
• This update addresses an issue that might affect news and interests. It might flicker on the taskbar and File Explorer might stop responding.

Improvements

Important: Use EKB KB5015684 to update to Windows 10, version 22H2.

• This non-security update includes quality improvements. When you install this KB:
• New! This update changes firewall settings. You can now configure application group rules.
• This update affects the Islamic Republic of Iran. The update supports the government’s daylight saving time change order from 2022.
• The update addresses an issue that sends unexpected password expiration notices to users. This occurs when you set up an account to use “Smart Card is Required for Interactive Logon” and set “Enable rolling of expiring NTLM secrets”.
• This update addresses an issue that affects the Local Security Authority Subsystem Service (LSASS) process. It might stop responding. Because of this, the machine restarts. The error is 0xc0000005 (STATUS_ACCESS_VIOLATION).
• This update addresses an issue that affects protected content. When you minimize a window that has protected content, the content displays when it should not. This occurs when you are using Taskbar Thumbnail Live Preview.
• This update addresses an issue that affects provisioning packages. They fail to apply in certain circumstances when elevation is required.
• This update addresses an issue that affects mobile device management (MDM) customers. The issue stops you from printing. This occurs because of an exception.
• This update addresses an issue that affects the Windows Defender Application Control. The policy that blocks software using a hash rule might not stop the software from running.
• This update addresses an issue that occurs when you use a PIN to sign in to Windows Hello for Business. Signing in to Remote Desktop Services might fail. The error message is, “The request is not supported”.
• This update addresses an issue that might affect the keyboard layout when you sign in to a console session. The layout might be reset to the system default. This occurs when you lock your machine or have more than one keyboard layout in Settings.
• This update addresses an issue that affects Microsoft Edge WebView2. This issue might cause an infinite loop when you try to restart its process.
• This update addresses an issue that affects Administrator Account Lockout policies. GPResult and Resultant Set of Policy did not report them.
• This update addresses an issue that affects Active Directory Users & Computers. It stops responding. This occurs when you use TaskPad view to enable or disable many objects at the same time.
• This update addresses an issue that affects the Unified Write Filter (UWF). When you turn it off by using a call to Windows Management Instrumentation (WMI), your device might stop responding.
• This update addresses an issue that affects the Resilient File System (ReFS). A stop error prevents the OS from starting up correctly.
• This update addresses an issue that affects MySQL commands. The commands fail on Windows Xenon containers.
• This update addresses an issue that affects SMB Direct. Endpoints might not be available on systems that use multi-byte character sets.
• This update addresses an issue that affects apps that use DirectX on older Intel graphics drivers. You might receive an error from apphelp.dll.
• This update addresses an issue that affects the legacy Local Administrator Password Solution (LAPS) and the new Windows LAPS feature. They fail to manage the configured local account password. This occurs when you install the legacy LAPS .msi file after you have installed the April 11, 2023, Windows update on machines that have a legacy LAPS policy.

Le téléchargement et l’installation sont assurés par le service Windows Update. Il est aussi possible de les récupérer manuellement pour une installation hors ligne. Voici les liens directs :

• KB5026368 pour Windows 11,
• KB5026372 pour Windows 11 22H2.