Security updates for Azure Local
This article lists the various security updates that are available in Azure Local.
February OS security update (KB5051980) for Azure Local
This article describes the OS security update for Azure Local that was released on February 11, 2025 and applies to OS build 25398.1425.
Improvements
This security update includes quality improvements. Below is a summary of the key issues that this update addresses when you install this KB. If there are new features, it lists them as well. The bold text within the brackets indicates the item or area of the change.
[Cluster stability] Fixed: Many machines within the same system suddenly shut down. The network is less available, and latency rises.
[Task Manager] Fixed: The CPU index number might be wrong when you set process affinity. This occurs on servers that have two or more non-uniform memory access (NUMA) nodes.
[GB18030-2022] This update adds support for this amendment.
[Memory leak] Fixed: Leaks occur when predictive input ideas show.
[Windows Kernel Vulnerable Driver Blocklist file (DriverSiPolicy.p7b)] This update adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
[Virtual machine (VM) storage pool] Fixed: Some operations that rely on a storage pool stop working. This occurs because the virtual machine (VM)can't reclaim disk space to do task such as load balancing.
[USB cameras] Fixed: Your device does not recognize the camera is on. This issue occurs after you install the January 2025 security update.
Digital/Analog converter (DAC) Fixed: You might experience issues with USB audio devices. This is more likely when you use a DAC audio driver based on USB 1.0. USB audio devices might stop working, which stops playback.
For more information about security vulnerabilities, see the Security Update Guide and the February 2025 Security Updates.
Known issues
The following is a known issue with this update.
Symptom
Following the installation of the October 2024 security update, some customers report that the OpenSSH (Open Secure Shell) service fails to start, preventing SSH connections. The service fails with no detailed logging, and manual intervention is required to run the sshd.exe process.
This issue is affecting enterprise, IOT, and education customers, with a limited number of devices impacted. Microsoft is investigating whether consumer customers using Home or Pro editions of Windows are also affected.
Workaround
You can temporarily resolve this issue by updating permissions (ACLs) on the affected directories. Follow these steps:
Open PowerShell as an administrator.
Update the permissions for C:\ProgramData\ssh and C:\ProgramData\ssh\logs to allow full control for System and the Administrators group, while allowing read access for Authenticated Users. You can restrict read access to specific users or groups by modifying the permissions string if needed.
Use the following commands to update the permissions:
$directoryPath = "C:\ProgramData\ssh" $acl = Get-Acl -Path $directoryPath $sddlString = "O:BAD:PAI(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)(A;OICI;0x1200a9;;;AU)" $securityDescriptor = New-Object System.Security.AccessControl.RawSecurityDescriptor $sddlString $acl.SetSecurityDescriptorSddlForm($securityDescriptor.GetSddlForm("All")) Set-Acl -Path $directoryPath -AclObject $aclRepeat the above steps for C:\ProgramData\ssh\logs.
Microsoft is actively investigating the issue and will provide a resolution in an upcoming Windows update. Further communications will be provided when a resolution or addition is available.
To install
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
To install the LCU on your Azure Local instance, see Update Azure Stack Local instances.
File list
For a list of the files that are provided in this update, download the file information for Cumulative update KB 5051980.
January OS security update (KB5049984) for Azure Local
This article describes the OS security update for Azure Local that was released on January 14, 2025 and applies to OS build 25398.1369.
Improvements
This security update includes quality improvements. Here is a summary of the key issues that this update addresses when you install this KB. If there are new features, it lists them as well. The bold text within the brackets indicates the item or area of the change.
[Virtual machine (VM) Fixed]: A Windows guest machine fails to start up. This occurs when you turn on nested virtualization on a host that supports Advanced Vector Extensions 10 (AVX10).
[Windows Kernel Vulnerable Driver Blocklist file (DriverSiPolicy.p7b)]: This update adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
[Win32_NetworkAdapter and Win32_NetworkAdapterConfiguration Fixed]: You can't retrieve LAN over USB details on a certain platform. This occurs when you install two drivers on a device, and one of them has a different class ID. If you still have this issue after you install this update, run the commands below with administrative rights.
pnputil /remove-device <Instance ID>pnputil /scan-device
For more information about security vulnerabilities, see the Security Update Guide and the January 2025 Security Updates.
Known issues
Microsoft is not currently aware of any issues with this update.
To install this update
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
To install the LCU on your Azure Local instance, see Update Azure Stack Local instances.
File list
For a list of the files that are provided in this update, download the file information for Cumulative update KB5049984.
December OS security update (KB5048653) for Azure Local
This section describes the OS security update for Azure Local that was released on December 17, 2024 and applies to OS build 25398.1308.
Improvements
This security update includes quality improvements. Below is a summary of the key issues that this update addresses when you install this KB. If there are new features, it lists them as well. The bold text within the brackets indicates the item or area of the change.
- [Motherboard replacement] Fixed: Windows does not activate after you replace a motherboard.
For more information about security vulnerabilities, see the Security Update Guide and the December 2024 Security Updates.
Known issues
Microsoft is not currently aware of any issues with this update.
To install this update
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
To install the LCU on your Azure Local instance, see Update Azure Stack Local instances.
File list
For a list of the files that are provided in this update, download the file information for Cumulative update KB 5048653.
November OS security update (KB) for Azure Local
This section describes the OS security update for Azure Local that was released on November 12, 2024 and applies to OS build 25398.1251.
Improvements
This security update includes quality improvements. Below is a summary of the key issues that this update addresses when you install this KB. If there are new features, it lists them as well. The bold text within the brackets indicates the item or area of the change.
[FrameShutdownDelay] Fixed: The browser ignores its value in the HKLM\SOFTWARE\Microsoft\Internet Explorer\Main registry key.
[vmswitch] Fixed: A VMswitch triggers a stop error. This occurs when you use Load Balancing and Failover (LBFO) teaming with two virtual switches on a virtual machine (VM). In this case, one virtual switch uses single root Input/Output Virtualization (SR-IOV).
[Collector sets] Fixed: They don't close properly when an exception occurs during startup or while the set is active. Because of this, the command to stop a collector set stops responding.
[Windows Kernel Vulnerable Driver Blocklist file (DriverSiPolicy.p7b)] This update adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
[Windows Backup] Fixed: Backup sometimes fails. This occurs when a device has an Extensible Firmware Interface (EFI) system partition (ESP).
For more information about security vulnerabilities, see the Security Update Guide and the November 2024 Security Updates.
Known issues
Microsoft is not currently aware of any issues with this update.
To install this update
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
To install the LCU on your Azure Local instance, see Update Azure Stack Local instances.
File list
For a list of the files that are provided in this update, download the file information for Cumulative update KB 5046618.
October OS security update (KB 5044288) for Azure Local
This section describes the OS security update for Azure Local that was released on October 8, 2024 and applies to OS build 25398.1189.
Improvements
This security update includes quality improvements. The following key issues and new features are present in this update:
Microsoft Defender for Endpoint: Work Folders files fail to sync when Defender for Endpoint is on.
Input Method Editor (IME) When a combo box has input focus, a memory leak might occur when you close that window.
AppLocker The rule collection enforcement mode is not overwritten when rules merge with a collection that has no rules. This occurs when the enforcement mode is set to “Not Configured”.
Remote Desktop Gateway Service The service stops responding. This occurs when a service uses remote procedure calls (RPC) over HTTP. Because of this, the clients that are using the service disconnect.
For more information about security vulnerabilities, see the Security Update Guide and the October 2024 Security Updates.
Known issues
Microsoft is not currently aware of any issues with this update.
To install this update
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
To install the LCU on your Azure Local instance, see Update Azure Local instances.
File list
For a list of the files that are provided in this update, download the file information for Cumulative update 5044288.
September OS security update (KB 5043055) for Azure Local
This section describes the OS security update for Azure Local that was released on September 10, 2024 and applies to OS build 25398.1128.
Improvements
This security update includes quality improvements. The following key issues and new features are present in this update:
Windows Installer When repairing an application, the User Account Control (UAC) doesn't prompt for your credentials. After you install this update, the UAC will then prompt for them. Because of this, you must update your automation scripts. Application owners must add the Shield icon. It indicates that the process requires full administrator access. To turn off the UAC prompt, set the
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer\DisableLUAInRepairregistry value to1.The changes in this update might affect automatic Windows Installer repairs - see Application Resiliency: Unlock the Hidden Features of Windows Installer.
BitLocker You might not be able to decrypt a BitLocker data drive. This occurs when you move that drive from a newer version of Windows to an older version.
Unified Write Filter (UWF) Windows Management Instrumentation (WMI) API calls to shut down or restart a system results in an
access deniedexception.Azure Virtual Desktop A deadlock stops you from signing in to sessions.
For more information about security vulnerabilities, see the Security Update Guide and the September 2024 Security Updates.
Known issues
Microsoft is not currently aware of any issues with this update.
To install this update
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
To install the LCU on your Azure Local instance, see Update Azure Local instances.
File list
For a list of the files that are provided in this update, download the file information for Cumulative update 5043055.
August 2024 OS security update (KB 5041573) for Azure Local
This section describes the OS security update for Azure Local that was released on August 13, 2024 and applies to OS build 25398.1085.
Improvements
This security update includes quality improvements. The following key issues and features are present in this update:
Stability of clusters on Windows Server 2022. Machines in the same cluster shutdown when you don't expect them to. This leads to high latency and network availability issues.
Bootloader. A race condition might stop a computer from starting. This occurs when you configure the bootloader to start many operating systems.
Autopilot. Using Autopilot to provision a Surface Laptop SE device fails.
Windows Defender Application Control (WDAC). A memory leak occurs that might exhaust system memory as time goes by. This issue occurs when you provision a device.
Protected Process Light (PPL) protections. You can bypass them.
Windows Kernel Vulnerable Driver Blocklist file (DriverSiPolicy.p7b). This update adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
NetJoinLegacyAccountReuse. This update removes this registry key. For more information, see KB 5020276 Net join: Domain join hardening changes.
BitLocker (known issue). A BitLocker recovery screen shows when you start up your device. This occurs after you install the July 9, 2024, update. This issue is more likely to occur if device encryption is on. Go to Settings > Privacy & Security > Device encryption. To unlock your drive, Windows might ask you to enter the recovery key from your Microsoft account.
Lock screen. This update addresses CVE-2024-38143. As a result, the Use my windows user account check box isn't available on the lock screen to connect to Wi-Fi.
Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI). This update applies SBAT to systems that run Windows and stops vulnerable Linux EFI (shim bootloaders) from running. This update doesn't apply to systems that dual-boot Windows and Linux. After the update is applied, older Linux ISO images might not boot. If this occurs, work with your Linux vendor to get an updated ISO image.
Domain Name System (DNS). This update hardens DNS server security to address CVE-2024-37968. If the configurations of your domains aren't up to date, you might get the SERVFAIL error or a time-out.
For more information about security vulnerabilities, see the Security Update Guide and the August 2024 Security Updates.
Known issues
Microsoft isn't currently aware of any issues with this update.
To install this update
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
To install the LCU on your Azure Local instance, see Update Azure Local instances.
File list
For a list of the files that are provided in this update, download the file information for Cumulative update 5041573.
July 2024 OS security update (KB 5040438) for Azure Local
This section describes the OS security update for Azure Local that was released on July 16, 2024 and applies to OS build 25398.1009.
Improvements
This security update includes quality improvements. The following key issues and features are present in this update:
BitLocker. This update adds PCR 4 to PCR 7 and 11 for the default Secure Boot validation profile. For more information, see CVE-2024-38058.
Absent apps and features. Some apps and features are absent after you upgrade to Windows 11.
BCryptSignHash API known issue. Because of this issue, the API returns
STATUS_INVALID_PARAMETER. This occurs when callers use NULL padding input parameters for RSA signatures. This issue is more likely to occur when Customer-Managed Keys (CMKs) are in use, like on an Azure Synapse dedicated SQL pool.Input Method Editor (IME). The candidate list fails to show or shows it in the wrong position.
Windows Presentation Foundation (WPF). A malformed Human Interface Device (HID) descriptor causes WPF to stop responding.
Handwriting panels and touch keyboards. They don't appear when you use the tablet pen.
HKLM\Software\Microsoft\Windows\DWM ForceDisableModeChangeAnimation (REG_DWORD). This is a new registry key. When you set its value to
1(or a non-zero number), it turns off the display mode change animation. If the value is0or the key doesn't exist, the animation is set to on.Remote Desktop MultiPoint Server. A race condition causes the service to stop responding.
Windows Local Administrator Password Solution (LAPS). Post Authentication Actions (PAA) don't occur at the end of the grace period. Instead, they occur at restart.
For more information about security vulnerabilities, see the Security Update Guide and the July 2024 Security Updates.
Known issues
BitLocker recovery key issue
After you apply the July security updates, devices enabled with Secure Boot and BitLocker protection might enter BitLocker recovery mode. This might happen after one or two reboots.
To install this update
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
To install the LCU on your Azure Local instance, see Update Azure Local instances.
File list
For a list of the files that are provided in this update, download the file information for Cumulative update 5040438.
June 2024 OS security update (KB 5039236) for Azure Local
This section describes the OS security update for Azure Local that was released on June 19, 2024 and applies to OS build 25398.950.
Improvements
This security update includes quality improvements. When you install this KB:
This update affects Server Message Block (SMB) over Quick UDP Internet Connections (QUIC). It turns on the SMB over QUIC client certificate authentication feature. Administrators can use it to restrict which clients can access SMB over QUIC servers. For more information, see Configure SMB over QUIC client access control in Windows Server.
This update affects the version of curl.exe that is in Windows. The version number is now 8.7.1.
This update addresses an issue that affects lsass.exe. It stops responding. This occurs after you install the April 2024 security updates on Windows servers.
This update addresses an issue that affects Microsoft Edge. The UI is wrong for the Internet Options Data Settings.
This update affects the Antimalware Scan Interface (AMSI) AmsiUtil class. It helps to detect the bypass of the AMSI scan. This update also addresses some long-term issues that expose your device to threats.
This update addresses an issue that affects Storage Spaces Direct (S2D) and Remote Direct Memory Access (RDMA). When you use them with SMBdirect in your networks, the networks fail. You also lose the ability to manage clusters.
This update addresses an issue that affects dsamain.exe. It stops responding. This occurs when the Knowledge Consistency Checker (KCC) runs evaluations.
This update addresses an issue that affects lsass.exe. It leaks memory. This occurs during a Local Security Authority (Domain Policy) Remote Protocol (LSARPC) call.
For more information about security vulnerabilities, see the Security Update Guide and the June 2024 Security Updates.
Known issues
Microsoft isn't currently aware of any issues with this update.
To install this update
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
To install the LCU on your Azure Local instance, see Update Azure Local instances.
File list
For a list of the files that are provided in this update, download the file information for Cumulative update 5039236.
May 2024 OS security update (KB 5037781) for Azure Local
This section describes the OS security update for Azure Local that was released on May 14, 2024 and applies to OS build 25398.887.
Improvements
This security update includes quality improvements. When you install this KB:
This update affects Windows Defender Application Control (WDAC). The update addresses an issue that might cause some applications to fail when you apply WDAC Application ID policies.
This update addresses an issue that affects IE mode. A web page may stop working as expected when there's an open modal dialog.
This update addresses an issue that affects IE mode. It stops responding. This occurs if you press the left arrow key when an empty text box has focus and caret browsing is on.
This update addresses an issue that affects Wi-Fi Protected Access 3 (WPA3) in the Group Policy editor. HTML preview rendering fails.
This update addresses an issue that affects Packet Monitor (pktmon). It's less reliable.
This update addresses an issue that affects a machine after you remove it from a domain. The
Get-LocalGroupMembercmdlet returns an exception. This occurs if the local groups contain domain members.This update affects next secure record 3 (NSEC3) validation in a recursive resolver. Its limit is now 1,000 computations. One computation is equal to the validation of one label with one iteration. DNS Server Administrators can change the default number of computations. To do this, use the registry setting below:
- Name:
\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters\MaxComputationForNsec3Validation - Type: DWORD
- Default: 1000
- Max: 9600
- Min: 1
- Name:
This update addresses an issue that might affect the cursor when you type in Japanese. The cursor might move to an unexpected place.
This update addresses an issue that affects the cursor. Its movement lags in some screen capture scenarios. This is especially true when you're using the remote desktop protocol (RDP).
This update includes quarterly changes to the Windows Kernel Vulnerable Driver Blocklist file,
DriverSiPolicy.p7b. It adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.This update addresses an issue that affects Trusted Platform Modules (TPM). On certain devices, they don't initialize correctly. Because of this, TPM-based scenarios stop working.
This update addresses an issue that affects Active Directory. Bind requests to IPv6 addresses fail. This occurs when the requestor isn't joined to a domain.
This update addresses an issue that might affect Virtual Secure Mode (VSM) scenarios. They might fail. These scenarios include VPN, Windows Hello, Credential Guard, and Key Guard.
This update addresses an issue that might affect domain controllers. NTLM authentication traffic might increase.
This update addresses a known issue that might cause your VPN connection to fail. This occurs after you install the update dated April 9, 2024 or later.
For more information about security vulnerabilities, see the Security Update Guide and the May 2024 Security Updates.
Known issues
Microsoft isn't currently aware of any issues with this update.
To install this update
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
To install the LCU on your Azure Local instance, see Update Azure Local instances.
File list
For a list of the files that are provided in this update, download the file information for Cumulative update 5037781.
April 2024 OS security update (KB 5036910) for Azure Local
This section describes the OS security update for Azure Local that was released on April 16, 2024 and applies to OS build 25398.830.
Improvements
This security update includes quality improvements. When you install this KB:
This update supports daylight saving time (DST) changes in Palestinian Authority. To learn more, see Interim guidance for DST changes announced by Palestinian Authority for 2024, 2025.
This update supports DST changes in Kazakhstan. To learn more, see Interim guidance for Kazakhstan time zone changes 2024.
This update supports DST changes in Samoa. To learn more, see Interim guidance for Samoa DST changes 2021.
This update addresses an issue that affects a network resource. You can't access it from a Remote Desktop session. This occurs when you turn on the Remote Credential Guard feature and the client is Windows 11, version 22H2 or higher.
This update addresses an issue that affects Microsoft Edge IE mode. When you open many tabs, it stops responding.
This update addresses an issue that affects DNS servers. They receive Event 4016 for a timeout of the Lightweight Directory Access Protocol (LDAP). This occurs when they perform DNS registrations. Name registrations fail with Active Directory Domain Services (AD DS). The issue remains until you restart the DNS service.
This update addresses an issue that affects workload virtual machines (VM). They lose their connection to the network in production environments.
This update addresses an issue that occurs when you deploy Failover Cluster Network Controllers. Node thumbprints don't refresh while certificates rotate on Software Defined Networking (SDN) hosts. This causes service disruptions. Once you install this or future updates, you must make a call to
Set-NetworkControllerOnFailoverCluster -RefreshNodeCertificateThumbprints $trueafter you rotate host certificates.This update addresses an issue that occurs when you use
LoadImage()to load a top-down bitmap. If the bitmap has a negative height, the image doesn't load and the function returns NULL.This update addresses an issue that affects the Group Policy service. It fails after you use LGPO.exe to apply an audit policy to the system.
This update addresses an issue that affects the display of a smart card icon. It doesn't appear when you sign in. This occurs when there are multiple certificates on the smart card.
This update addresses an issue that causes your device to shut down after 60 seconds. This occurs when you use a smart card to authenticate on a remote system.
This update addresses an issue that affects Secure Launch. It doesn't run on some processors.
This update addresses an issue that occurs when you run an application as an Administrator. When you use a PIN to sign in, the application won't run.
For more information about security vulnerabilities, see the Security Update Guide and the April 2024 Security Updates.
Known issues
Microsoft isn't currently aware of any issues with this update.
To install this update
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
To install the LCU on your Azure Stack HCI cluster, see Update Azure Stack HCI clusters.
File list
For a list of the files that are provided in this update, download the file information for Cumulative update 5036910.
March 2024 OS security update (KB 5035856) for Azure Local
This section describes the OS security update for Azure Local that was released on March 20, 2024 and applies to OS build 25398.763.
Improvements
This security update includes quality improvements. When you install this KB:
This update addresses an issue that affects Windows Defender Application Control (WDAC). It prevents a stop error that occurs when you apply more than 32 policies.
This update addresses an issue that makes the troubleshooting process fail. This occurs when you use the Get Help app.
For more information about security vulnerabilities, see the Security Update Guide and the March 2024 Security Updates.
Known issues
Microsoft isn't currently aware of any issues with this update.
To install this update
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
To install the LCU on your Azure Stack HCI cluster, see Update Azure Stack HCI clusters.
File list
For a list of the files that are provided in this update, download the file information for cumulative update 5035856.
February 2024 OS security update (KB 5034769) for Azure Local
This section describes the OS security update for Azure Local that was released on February 13, 2024 and applies to OS build 25398.709.
Improvements
This security update includes quality improvements. When you install this KB:
This update affects software defined networking (SDN). You can now deploy SDN on Windows failover clustering. Service Fabric SDN deployment remains in support.
This update addresses a handle leak in Windows Management Instrumentation (WMI) provider traces. Because of this, WMI commands fail at a random stage when you deploy a cluster.
This update addresses an issue that affects remote direct memory access (RDMA) performance counters. They don't return networking data on VMs in the right way.
This update addresses an issue that affects fontdrvhost.exe. It stops responding when you use Compact Font Format version 2 (CFF2) fonts.
This update addresses an issue that affects clusters. It stops you from registering a cluster using Network ATC. This occurs after you set the proxy to use Network ATC. The issue also stops a preset proxy configuration from clearing.
This update addresses a memory leak in TextInputHost.exe. The leak might cause text input to stop working on devices that haven't restarted for many days.
This update addresses an issue that affects touchscreens. They don't work properly when you use more than one monitor.
This update includes quarterly changes to the Windows Kernel Vulnerable Driver Blocklist file, DriverSiPolicy.p7b. It adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
This update affects Unified Extensible Firmware Interface (UEFI) Secure Boot systems. It adds a renewed signing certificate to the Secure Boot DB variable. You can now opt for this change. For more information, see KB5036210.
This update addresses an issue that occurs after you run a Push-button reset. You can't set up Windows Hello facial recognition. This affects devices that have Windows Enhanced Sign-in Security (ESS) turned on.
This update addresses an issue that affects the download of device metadata. Downloads from the Windows Metadata and Internet Services (WMIS) over HTTPS are now more secure.
This update addresses an issue that affects the Local Security Authority Subsystem Service (LSASS). It might stop working. This occurs when you access the Active Directory database.
This update addresses an issue that affects the Certificate Authority snap-in. You can't select the "Delta CRL" option. This stops you from using the GUI to publish Delta CRLs.
For more information about security vulnerabilities, see the Security Update Guide and the February 2024 Security Updates.
To return to the Azure Stack HCI documentation site.
Known issues
Microsoft isn't currently aware of any issues with this update.
To install this update
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
To install the LCU on your Azure Stack HCI cluster, see Update Azure Stack HCI via PowerShell.
File list
For a list of the files that are provided in this update, download the file information for cumulative update 5034769.
January 2024 OS security update (KB 5034130) for Azure Local
This section describes the security update for Azure Local that was released on January 9, 2024 and applies to OS build 25398.643.
Improvements
This security update includes quality improvements. When you install this KB:
This update addresses an issue that affects the Trusted Sites Zone sign in policy. You can't manage it using mobile device management (MDM).
This update addresses an issue that affects the ActiveX scroll bar. It doesn't work in IE mode.
This update addresses an issue that causes your device to shut down after 60 seconds. This occurs when you use a smart card to authenticate on a remote system.
This update addresses an issue that affects the display of a smart card icon. The icon doesn't appear when you sign in. This occurs when there are multiple certificates on the smart card.
This update addresses an issue that affects the Key Distribution Service (KDS). It doesn't start in the time required if LDAP referrals are needed.
For more information about security vulnerabilities, see the Security Update Guide and the January 2024 Security Updates.
Known issues
Microsoft isn't currently aware of any issues with this update.
To install this update
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
To install the LCU on your Azure Stack HCI cluster, see Update Azure Stack HCI via PowerShell.
File list
For a list of the files that are provided in this update, download the file information for cumulative update 5034130.
December 2023 OS security update (KB 5033383) for Azure Local
This section describes the security update for Azure Local that was released on December 12, 2023 and applies to OS build 25398.584.
Improvements
This security update includes quality improvements. When you install this KB:
This update changes the English name of the former Republic of Turkey. The new, official name is the Republic of Türkiye.
This update supports the currency change in Croatia from the Kuna to the Euro.
This update affects the Netherlands time zone. It adds the recent artificial landmass outside of Rotterdam to the shape files.
For more information about security vulnerabilities, see the Security Update Guide and the December 2023 Security Updates.
Known issues
Microsoft isn't currently aware of any issues with this update.
To install this update
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
File list
For a list of the files that are provided in this update, download the file information for cumulative update 5033383.
November 2023 OS security update (KB 5032202) for Azure Local
This security update for Azure Local was released on November 14, 2023 and applies to OS build 25398.531.
Improvements
This security update includes quality improvements. When you install this KB:
This update supports daylight saving time (DST) changes in Syria. To learn more, see Interim guidance for Syria DST changes 2022.
This update changes the spelling of Ukraine's capital from Kiev to Kyiv.
This update addresses an issue that affects an Application Virtualization (App-V) environment. Copy operations within it stop working. This occurs after you install the April 2023 update.
This update addresses an issue that blocks external connections. This occurs when you set up a Kubernetes load balanced service and turn on session affinity.
This update includes quarterly changes to the Windows Kernel Vulnerable Driver Blocklist file, DriverSiPolicy.p7b. It adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
This update addresses an issue that affects Windows LAPS. Its PasswordExpirationProtectionEnabled policy fails to turn on the setting.
This update addresses an issue that affects a COM+ component. It might stop responding. This occurs because of a deadlock during COM+ Just-in-Time (JIT) activation. However, this part of this update is off by default for this version of Windows. If you have this issue, you must contact Microsoft support to turn it on.
For more information about security vulnerabilities, see the Security Update Guide and the November 2023 Security Updates.
Known issues
Microsoft isn't currently aware of any issues with this update.
Install the update
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
To install the LCU on your Azure Stack HCI cluster, see Update Azure Stack HCI via PowerShell.
File list
For a list of the files that are provided in this update, download the file information for cumulative update 5032202.
Next steps
- Install updates via PowerShell for Azure Local.
- Install updates via Azure Update Manager in Azure portal for Azure Local.