Windows 10: A guide to the updates

The launch of a major Windows 10 update isn’t the end of a process — it’s really just the beginning. As soon as one of Microsoft’s feature updates (such as Windows 10 version 21H2) is released, the company quickly gets to work on improving it by fixing bugs, releasing security patches, and occasionally adding new features.

In this story we summarize what you need to know about each update released to the public for the most recent versions of Windows 10 — versions 21H2, 21H1, 20H2, and 2004. (Microsoft releases updates for those four versions together.) For each build, we’ve included the date of its initial release and a link to Microsoft’s announcement about it. The most recent updates appear first.

If you’re still using an earlier version of Windows 10 or of Windows, see the Microsoft support site for info about updates to Windows 10 1909, 1903, 1809, 1803, 1709, 1703, 1607, 1511, the initial version of Windows 10 released in July 2015, Windows 8.1, and Windows 7.

And if you’re looking for information about Insider Program previews for upcoming feature releases of Windows 10, see “Windows 10 Insider Previews: A guide to the builds.”

Table of Contents

Updates to Windows 10 versions 20H2, 21H1, and 21H2

KB5015807 (OS Builds 19042.1826, 19043.1826, and 19044.1826)

Date: July 12, 2022

This build addresses an issue that redirects the PowerShell command output so that transcript logs do not contain any output of the command. That means the decrypted password is lost. The build also includes improvements made in the KB5014666 update.

This build has three known issues, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5015807.)

KB5014666 (OS Builds 19042.1806, 19043.1806, and 19044.1806) Preview

Release Date: June 28, 2022

This build adds IP address auditing for incoming Windows Remote Management (WinRM) connections in security event 4262 and WinRM event 91. This addresses an issue that fails to log the source IP address and machine name for a remote PowerShell connection. The build also includes several new Print and Scan features.

The build also fixes a number of bugs, including one that prevented the Snip & Sketch app from capturing a screenshot or from opening using the keyboard shortcut (Windows logo key + Shift + S).

(Get more info about KB5014666 Preview.)

KB5016139 (OS Builds 19042.1767, 19043.1767, and 19044.1767)

Release date: June 20, 2022

This out-of-band build, which is only available for Windows devices that use Arm processors, fixes a bug that prevented Windows Arm-based devices from signing in using Azure Active Directory (AAD). Apps and services that use AAD to sign in, such as VPN connections, Microsoft Teams, and Microsoft Outlook, might also be affected.

This build has four known issues, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. In another, Windows devices might be unable use the Wi-Fi hotspot feature. When attempting to use the hotspot feature, the host device might lose the connection to the internet after a client device connects.

(Get more info about KB5016139.)

KB5014699 (OS Builds 19042.1766, 19043.1766, and 19044.1766)

Release date: June 14, 2022

This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5014699.)

KB5014023 (OS Builds 19042.1741, 19043.1741, and 19044.1741) Preview

Release date: June 2, 2022

This build fixes several bugs, including one that prevented Excel or Outlook from opening, one that slowed down file copying, and one that prevented internet shortcuts from updating.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info KB5014023 Preview.)

KB5015020 (OS Build 19042.1708)

Release date: May 19, 2022

This out-of-band build fixes two bugs: one that could cause authentication failures for some services on a server or client after you install the May 10, 2022 update on domain controllers, and another that could prevent the installation of Microsoft Store apps when you enable Control-flow Enforcement.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5015020.)

KB5013942 (OS Builds 19042.1706, 19043.1706, and 19044.1706)

Release date: May 10, 2022

This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the May 2022 Security Updates notes.

(Get more info about KB5013942).

KB5011831 (OS Builds 19042.1682, 19043.1682, and 19044.1682) Preview

Release date: April 25, 2022

This build fixes a wide variety of bugs, including one that caused a remote desktop session to close or a reconnection to stop responding while waiting on the accessibility shortcut handler (sethc.exe), another that that displayed a black screen for some users when they sign in or sign out, and another that prevented you from changing a password that has expired when you sign in to a Windows device.

(Get more info about KB5011831 Preview.)

KB5012599 (OS Builds 19042.1645, 19043.1645, and 19044.1645)

Release date: April 12, 2022

This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the April 2022 Security Updates notes.

(Get more info about KB5012599.)

KB5011543 (OS Builds 19042.1620, 19043.1620, and 19044.1620) Preview

Release date: March 22, 2022

This build introduces Search highlights, which display notable moments about each day, including holidays, anniversaries, and other events globally and in your region. To see more details at a glance, hover or click on the illustration in the search box.

There are also a variety of small new features, including a new policy that expands an app’s top three notifications by default in the Action Center for apps that send Windows notifications. It displays multiple notifications that you can interact with simultaneously.

In addition, there are a wide variety of bug fixes, including for a bug that stopped Microsoft Outlook’s offline search from returning recent emails, and another that prevented the User Account Control (UAC) dialog from correctly showing the application that is requesting elevated privileges.

(Get more info about KB5011543 Preview.)

KB5011487 (OS Builds 19042.1586, 19043.1586, and 19044.1586)

Release date: March 8, 2022

This build fixes a bug that occurs when you attempt to reset a Windows device and its apps have folders that contain reparse data, such as Microsoft OneDrive or OneDrive for Business. When you select Remove everything, files that have been downloaded or synced locally from Microsoft OneDrive might not be deleted.

It also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the March 2022 Security Updates notes.

(Get more info about KB5011487.)

KB5010415 (OS Builds 19042.1566, 19043.1566, and 19044.1566) Preview

Release date: February 15, 2022

The build lets you share cookies between Microsoft Edge Internet Explorer mode and Microsoft Edge, and adds support for hot adding and the removal of non-volatile memory (NVMe) namespaces.

It also fixes a wide variety of bugs, including one that affected the Windows search service and occurred when you queried using the proximity operator, and one that caused the Remote Desktop Service (RDS) server to become unstable when the number of signed in users exceeds 100. This prevented you from accessing published applications using RDS on Windows Server 2019.

(Get more info about KB5010415 Preview.)

KB5010342 (OS Builds 19042.1526, 19043.1526, and 19044.1526)

Release date: February 8, 2022

The build fixes a bug that causes a Lightweight Directory Access Protocol (LDAP) modify operation to fail if the operation contains the SamAccountName and UserAccountControl attribute. It also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the February 2022 Security Updates notes.

(Get more info about KB5010342.)

KB5009596 (OS Builds 19042.1503, 19043.1503, and 19044.1503) Preview

Release date: January 25, 2022

The build fixes a variety of bugs, including one that stops printing or prints the wrong output when you print using USB on Windows 10 version 2004 or later, and another that causes functioning Bluetooth devices to stop working when you attempt to connect to a non-functioning Bluetooth device. It also adds a reminder to Internet Explorer 11 that notifies you about its upcoming retirement.

(Get more info about KB5009596.)

KB5010793 (OS Builds 19042.1469, 19043.1469, and 19044.1469)

Release date: January 17, 2022

This out-of-band build fixes several bugs, including one that caused IP Security (IPSEC) connections that contain a Vendor ID to fail. VPN connections using Layer 2 Tunneling Protocol (L2TP) or IP security Internet Key Exchange (IPSEC IKE) could have also been affected. It also fixed a bug that could cause Windows Servers to restart unexpectedly after installing the January 11, 2022 update on domain controllers (DCs).

(Get more info about KB5010793.)

KB5009543 (OS Builds 19042.1466, 19043.1466, and 19044.1466)

Release date: January 11, 2022

The build fixes a bug in the Japanese Input Method Editors (IME) and includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the January 2022 Security Update notes.

(Get more info about KB5009543.)

Updates to Windows 10 versions 2004, 20H2, 21H1, and 21H2

KB5008212 (OS Builds 19041.1415, 19042.1415, 19043.1415, and 19044.1415)

Release date: December 14, 2021

The build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the December 2021 Security Update notes.

(Get more info about KB5008212.)

KB5007253 (OS Builds 19041.1387, 19042.1387, 19043.1387, and 19044.1387) Preview

Release date: November 22, 2021

This optional update can be downloaded from the Microsoft Update Catalog or by going to Settings > Update & Security > Windows Update > Optional updates available.

The build fixes a variety of bugs, including one that caused the 32-bit version of Microsoft Excel to stop working on certain devices when you exported to PDF, and another that caused the Settings page to unexpectedly close after you uninstalled a font.

There are several known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5007253 Preview.)

Windows 10 November 2021 Update (version 21H2)

Release date: November 16, 2021

Version 21H2, called the Windows 10 November 2021 Update, is the second feature update to Windows 10 released in 2021. Here’s a quick summary of what’s new:

Wi-Fi security has been enhanced with WPA3 H2E standards support.
GPU compute support has been added in the Windows Subsystem for Linux (WSL) and Azure IoT Edge for Linux on Windows (EFLOW) deployments for machine learning and other compute-intensive workflows.

There are also a number of features designed for IT and business:

Windows Hello for Business has a new deployment method called cloud trust that simplifies passwordless deployments.
For increased security, there have been changes to the Universal Windows Platform (UWP) VPN APIs, which includes the ability to implement common web-based authentication schemes and to reuse existing protocols.
Apps can now be provisioned from Azure Virtual Desktop. This allows those apps to run just like local apps, including the ability to copy and paste between remote and local apps.
The release closes the gap between Group Policy and mobile device management (MDM) settings. The device configuration settings catalog has been updated to list more than 1,400 settings previously not available for configuration via MDM. The new MDM policies include administrative template (ADMX) policies, such as App Compat, Event Forwarding, Servicing, and Task Scheduler.
An upgrade to Windows 10 Enterprise includes Universal Print, which now supports print jobs of up to 1GB or a series of print jobs from an individual user that add up to 1GB within any 15-minute period.
Universal Print integrates with OneDrive for web and Excel for web. This allows users of any browser or device connected to the internet to print documents hosted in OneDrive for web to a printer in their organization without installing printer drivers on their devices.

Microsoft has also announced that starting with this release, Windows 10 will get feature updates only once a year.

Updates to Windows 10 versions 2004, 20H2, and 21H1

KB5007186 (OS Builds 19041.1348, 19042.1348, and 19043.1348)

Release date: November 9, 2021

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. The build also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the November 2021 Security Update notes.

(Get more info about KB5007186.)

KB5006738 (OS Builds 19041.1320, 19042.1320, and 19043.1320)

Release date: October 26, 2021

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. It also fixes a wide variety of bugs, including one that prevented subtitles from displaying for some video apps and streaming video sites, and another that sometimes caused lock screen backgrounds to appear black if they were set up to have a slideshow of pictures as the lock screen background.

(Get more info about KB5006738.)

KB5006670 (OS Builds 19041.1288, 19042.1288, and 19043.1288)

Release date: October 12, 2021

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. It also fixes a bug that prevented some applications, such as Microsoft Office and Adobe Reader, from opening or caused them to stop responding.

The build also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the October 2021 Security Update notes.

There are two known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5006670.)

KB5005611 (OS Builds 19041.1266, 19042.1266, and 19043.1266) Preview

Release date: September 30, 2021

This build fixes a small number of bugs, including one in which applications such as Microsoft Outlook suddenly stopped working during normal use, and another that caused blurry News and Interests icons with certain screen resolutions.

(Get more info about KB5005611.)

KB5005565 (OS Builds 19041.1237, 19042.1237, and 19043.1237)

Release date: September 14, 2021

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. It also fixes a bug that caused PowerShell to create an infinite number of child directories. The issue occurred when you used the PowerShell Move-Item command to move a directory to one of its children. As a result, the volume filled up and the system stopped responding.

The build also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide.

There are two known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5005565.)

KB5005101 (OS Builds 19041.1202, 19042.1202, and 19043.1202)

Release date: September 1, 2021

This build fixes a wide variety of bugs, including one that reset syncing for Microsoft OneDrive to “Known folders only” after you installed a Windows update, and another in which flickering and residual line artifacts appeared when resizing images.

The build also includes more than 1,400 new mobile device management (MDM) policies. With them, you can configure policies that Group Policies also support. These new MDM policies include administrative template (ADMX) policies, such as App Compat, Event Forwarding, Servicing, and Task Scheduler. Starting in September 2021, you can use the Microsoft Endpoint Manager (MEM) Settings Catalog to configure these new MDM policies.

There are several known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5005101.)

KB5005033 (OS Builds 19041.1165, 19042.1165, and 19043.1165)

Release date: August 10, 2021

This build changes the default privilege requirement for installing drivers when using Point and Print. After installing this update, you must have administrative privileges to install drivers. See KB5005652, Point and Print Default Behavior Change, and CVE-2021-34481 for more information. The build also makes quality improvements to the servicing stack, which is the component that installs Windows updates.

The build also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide.

(Get more info about KB5005033.)

KB5004296 (OS Builds 19041.1151, 19042.1151, and 19043.1151)

Release date: July 29, 2021

This build fixes a wide variety of bugs, including one that caused the File Explorer window to lose focus when mapping a network drive, another that failed to detect internet connectivity when connected to a VPN, and another that caused System Integrity to leak memory.

There are several known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5004296.)

KB5004237 (OS Builds 19041.1110, 19042.1110, and 19043.1110)

Release date: July 13, 2021

This build fixes several bugs, including one that made it difficult to print to a variety of printers, primarily USB receipt or label printers. It also removes support for the PerformTicketSignature setting and permanently enables Enforcement mode for CVE-2020-17049.

It also has a variety of security updates for Windows Apps, Windows Management, Windows Fundamentals, Windows Authentication, Windows User Account Control (UAC), Operating System Security, Windows Virtualization, Windows Linux, the Windows Kernel, the Microsoft Scripting Engine, the Windows HTML Platforms, the Windows MSHTML Platform, and Windows Graphics.

For more details, see Microsoft’s Security Update Guide.

(Get more info about KB5004237.)

KB5004945 (OS Builds 19041.1083, 19042.1083, and 19043.1083)

Release date: July 6, 2021

This build closes a remote code execution exploit in the Windows Print Spooler service, known as “PrintNightmare,” as documented in CVE-2021-34527.

(Get more info about KB5004945.)

KB5004760 (OS Builds 19041.1082, 19042.1082, and 19043.1082)

Release date: June 29, 2021

This out-of-band build fixes a bug that may prevent you from opening PDFs using Internet Explorer 11 or apps that use the 64-bit version of the WebBrowser control.

Among the build’s known issues are one in which when using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the characters manually.

(Get more info about KB5004760.)

KB5003690 (OS Builds 19041.1081, 19042.1081, and 19043.1081)

Release date: June 21, 2021

This build addresses about three dozen bugs, including one in which signing in using a PIN fails, and another that might cause a VPN to fail after renewing a user auto-enrolled certificate. It also removes Adobe Flash from your PC and makes improvements to the servicing stack, the component that installs Windows updates.

(Get more info about KB5003690.)

KB5004476 (OS Builds 19041.1055, 19042.1055, and 19043.1055)

Release date: June 11, 2021

This out-of-band build fixes a bug that might redirect you to the Microsoft Store page for Gaming Services when you try to install or start an Xbox Game Pass game on your Windows 10 device. Additionally, you might receive error 0x80073D26 or 0x8007139F. For more information, see KB5004327.

In addition, the build makes improvements to the servicing stack, the component that installs Windows updates.

(Get more info about KB5004476.)

KB5003637 (OS Builds 19041.1052, 19042.1052, and 19043.1052)

Release date: June 8, 2021

This build includes improvements to the servicing stack, which is the component that installs Windows updates. It also includes changes for verifying user names and passwords and for storing and managing files.

It also has a variety of security updates to the Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Input and Composition, Windows Management, Windows Cloud Infrastructure, Windows Authentication, Windows Fundamentals, Windows Virtualization, Windows Kernel, Windows HTML Platform, and Windows Storage and Filesystems.

For more details, see Microsoft’s Security Update Guide.

There are several known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10. Devices using Windows Update for Business or that connect directly to Windows Update are not impacted.

(Get more info about KB5003637.)

KB5003214 (OS Builds 19041.1023, 19042.1023, and 19043.1023) Preview

Release date: May 25, 2021

This build adds the Open on hover option (which is checked by default) to the News and interests menu. To access it, right-click a blank space on the Windows taskbar and open the News and interests menu.

In addition, it makes quality improvements to the servicing stack, which is the component that installs Windows updates. It also includes a wide variety of small bug fixes, including one that displayed items on the desktop after they have been deleted from the desktop, and another that caused configuration problems with devices that were configured using mobile device management (MDM) RestrictedGroups, LocalUsersAndGroups, or UserRights policies.

(Get more info about KB5003214 Preview.)

Windows 10 May 2021 Update (version 21H1)

Release date: May 18, 2021

Version 21H1, called the Windows 10 May 2021 Update, is the most recent update to Windows 10. This is a relatively minor update, but it does have a few new features.

Here’s a quick summary of what’s new in 21H1:

Windows Hello multicamera support: If you have an external Windows Hello camera for your PC, you can set the external camera as your default camera. (Windows Hello is used for signing into PCs.) Why should this change matter to you? If you have an external camera, you probably bought it because it’s superior to the built-in, internal one on your computer. So with this change, you’ll be able to use the more accurate camera for logging into your PC.
Improved Windows Defender Application Guard performance: Windows Defender Application Guard lets administrators configure applications to run in an isolated, virtualized container for improved security. With this change, documents will open more quickly. It can currently take up to a minute to open an Office document in it.
Better Windows Management Instrumentation (WMI) Group Policy Service support: Microsoft has made it easier for administrators to change settings to support remote work.

Updates to Windows 10 versions 2004 and 20H2 prior to the 21H1 release

KB5003173 (OS Builds 19041.985 and 19042.985)

Release date: May 11, 2021

This build includes a variety of security updates for Windows App Platform and Frameworks, the Windows Kernel, Windows Media, the Microsoft Scripting Engine, and the Windows Silicon Platform. For more details, see Microsoft’s Security Update Guide. It also updates security for Bluetooth drivers and Windows OLE (compound documents).

(Get more info about KB5003173.)

KB5001391 (OS Builds 19041.964 and 19042.964) Preview

Release date: April 28, 2021

This update gives you quick access to an integrated feed of dynamic content, such as news, weather, sports, and more, that updates throughout the day, via the Windows taskbar. You can personalize the feed to match your interests. For more details, see Microsoft’s “Personalized content at a glance: Introducing news and interests on the Windows 10 taskbar.”

There are several known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10. In addition, devices with Windows installations created from custom offline media or custom ISO images might have the legacy version of Microsoft Edge removed by the update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5001391 Preview.)

KB5001330 (OS Builds 19041.928 and 19042.928)

Release date: April 13, 2021

This update includes a wide variety of security updates, for Windows App Platform and Frameworks, Windows Apps, Windows Input and Composition, Windows Office Media, Windows Fundamentals, Windows Cryptography, the Windows AI Platform, Windows Kernel, Windows Virtualization, and Windows Media. For details, see Microsoft’s Security Update Guide website.

There are several other security issues addressed, including fixing a potential elevation of privilege vulnerability in the way Azure Active Directory web sign-in allows arbitrary browsing from the third-party endpoints used for federated authentication.

In this build, Microsoft also removed the Microsoft Edge legacy browser and replaced it with the new Chromium-based Edge.

(Get more info about KB5001330.)

KB5000842 (OS Builds 19041.906 and 19042.906) Preview

Release date: March 29, 2021

This update fixes a variety of minor bugs, including one that made high dynamic range (HDR) screens appear much darker than expected, and another that caused video playback to be out of sync in duplicate mode with multiple monitors.

There are several known issues in this build, including one in which System and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10. Devices using Windows Update for Business or that connect directly to Windows Update are not impacted.

(Get more info about KB5000842 Preview.)

KB5001649 (OS Builds 19041.870 and 19042.870)

Release date: March 18, 2021

This out-of-band update fixes a single bug in which graphical content could not be printed.

There is one known issue in this update, in which system and user certificates may be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10.

(Get more info about KB5001649.)

KB5001567 (OS Builds 19041.868 and 19042.868)

Date: March 15, 2021

This out-of-band update fixes a single bug, which caused a blue screen when you attempted to print to certain printers using some apps.

There is one known issue in this update, in which system and user certificates may be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10.

(Get more info about KB5001567.)

KB5000802 (OS Builds 19041.867 and 19042.867)

Release date: March 9, 2021

This update includes a wide variety of security updates for the Windows Shell, Windows Fundamentals, Windows Management, Windows Apps, Windows User Account Control (UAC), Windows Virtualization, the Windows Kernel, the Microsoft Graphics Component, Internet Explorer, Microsoft Edge Legacy, and Windows Media. For details, see the Microsoft Security Update Guide.

There are three known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809.

(Get more info about KB5000802.)

KB4601382 (OS Builds 19041.844 and 19042.844) Preview

Release date: February 24, 2021

This update fixes a variety of minor bugs, including one that caused video playback to flicker when rendering on certain low-latency capable monitors, and another that sometimes prevented the input of strings into the Input Method Editor (IME).

(Get more info about KB4601382.)

KB4601319 (OS Builds 19041.804 and 19042.804)

Release date: February 9, 2021

This update fixes a bug and includes a variety of security updates. The bug fixed could damage the file system of some devices and prevent them from starting up after running chkdsk /f.

Security updates are provided for Windows App Platform and Frameworks, Windows Apps, Windows Input and Composition, Windows Cloud Infrastructure, Windows Management, Windows Authentication, Windows Fundamentals, Windows Cryptography, Windows Virtualization, Windows Core Networking, and Windows Hybrid Cloud Networking. For details, see the Microsoft Security Update Guide.

There are three known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809.

(Get more info about KB4601319.)

KB4598242 (OS Builds 19041.746 and 19042.746)

Release date: January 12, 2021

This build fixes a variety of security vulnerabilities, including one with HTTPS-based intranet servers, and a security bypass vulnerability in the way the Printer Remote Procedure Call (RPC) binding handles authentication for the remote Winspool interface.

There are also security updates to Windows App Platform and Frameworks, Windows Media, Windows Fundamentals, Windows Kernel, Windows Cryptography, Windows Virtualization, Windows Peripherals, and Windows Hybrid Storage Services. For details see the Microsoft Security Update Guide.

There are two known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10, version 1809.

(Get more info about KB4598242.)

KB4592438 (OS Builds 19041.685 and 19042.685)

Release date: December 8, 2020

This update fixes a security vulnerability by preventing applications that run as a SYSTEM account from printing to “FILE:” ports. It also has security updates for the legacy version of Microsoft Edge, the Microsoft Graphics Component, Windows Media, Windows Fundamentals, and Windows Virtualization. For details see the Microsoft Security Update Guide.

(Get more info about KB4592438.)

KB4586853 (OS Builds 19041.662 and 19042.662) Preview

Release date: November 30, 2020

This build fixes a wide variety of bugs, including one that caused Narrator to stop responding after you unlock a device if the app was in use before you locked the device, and another that made makes the touch keyboard unstable in the Mail app.

There are two known issues in this update, one in which system and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10, and another in which users of the Microsoft Input Method Editor (IME) for Japanese or Chinese languages might experience issues when attempting various tasks.

(Get more info about KB4586853.)

KB4594440 (OS Builds 19041.631 and 19042.631)

Release date: November 19, 2020

This minor build fixes issues with Kerberos authentication related to the PerformTicketSignature registry subkey value in CVE-2020-17049, which was a part of the November 10, 2020 Windows update.

There are two known issues in this update, one in which system and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10, and another in which users of the Microsoft Input Method Editor (IME) for Japanese or Chinese languages might experience issues when attempting various tasks.

(Get more info about KB4594440.)

KB4586781 (OS Builds 19041.630 and 19042.630)

Release date: November 10, 2020

This build updates the 2020 DST start date for the Fiji Islands to December 20, 2020 and includes security updates to the Microsoft Scripting Engine, Windows Input and Composition, Microsoft Graphics Component, the Windows Wallet Service, Windows Fundamentals, and the Windows Kernel. For details see the release notes for November 2020 Security Updates.

There are two known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10, and another in which users of the Microsoft Input Method Editor (IME) for Japanese or Chinese languages might experience issues when attempting various tasks.

(Get more info about KB4586781.)

KB4580364 (OS Builds 19041.610 and 19042.610)

Release date: October 29, 2020

This update makes it easier to connect to others in Skype, using Meet Now from the taskbar. In addition, there are a wide variety of bug fixes, including for one that displayed the incorrect CPU frequency for certain processors, another that displayed nothing on the screen for five minutes or more during a Remote Desktop Protocol (RDP) session, and another that caused the Docker pull operation to fail due to a Code Integrity (CI) Policy that blocks the import of a Windows container image.

(Get more info about KB4580364.)

Windows 10 October 2020 Update (version 20H2)

Release date: October 20, 2020

Version 20H2, called the Windows 10 October 2020 Update, is the most recent update to Windows 10. This is a relatively minor update but does have a few new features.

Here’s a quick summary of what’s new in 20H2:

The new Chromium-based version of the Microsoft Edge browser is now built directly into Windows 10.
The System page of Control Panel has been removed. Those settings have been moved to the Settings app.
The Start menu’s tiled background will match your choice of Windows themes. So the tiled background will be light if you’re using the Windows 10 light theme and dark if you’re using the Windows 10 dark theme.
When you use Alt-Tab, Edge will now display each tab in your browser in a different Alt-Tab window. Previously, when you used Alt-Tab, Edge would get only a single window. You can change this new behavior by going to Settings > System > Multitasking.
When you pin a site to the taskbar in Edge, you can click or mouse over its icon to see all your browser tabs that are open for that website.
When you detach a keyboard on a 2-in-1 device, the device will automatically switch to the tablet-based interface. Previously, you were asked whether you wanted to switch. You can change that setting by going to Settings > System > Tablet.
The Your Phone app gets a variety of new features for some Samsung devices. When using one of the devices, you can interact with the Android apps on your phone from the Your Phone app on Windows 10.

What IT needs to know: Windows 10 version 20H2 also has a variety of small changes of note for sysadmins and those in IT.

IT professionals who administer multiple mobile devices get a new Modern Device Management (MDM) “Local Users and Groups” settings policy that mirrors options available for devices that are managed through Group Policy.
Windows Autopilot, used to set up and configure devices in enterprises, has gained a variety of small enhancement, including better deployment of HoloLens devices, the addition of co-management policies, enhancements to Autopilot deployment reporting, and the ability to reuse Configuration Manager task sequences to configure devices.
Microsoft Defender Application Guard now supports Office. This allows untrusted Office documents from outside an enterprise to launch in an isolated container to stop potentially malicious content from compromising computers or exploiting personal information found on them.
Latest Cumulative Updates (LCUs) and Servicing Stack Updates (SSUs) have been combined into a single cumulative monthly update, available via Microsoft Catalog or Windows Server Update Services.
Biometric sign-on has been made more secure. Windows Hello now has support for virtualization-based security for certain fingerprint and face sensors, which protects, isolates, and secures a user’s biometric authentication data.

For more details, see Microsoft’s “What’s new for IT pros in Windows 10, version 20H2.”