Microsoft has released KB5027231 for Windows 11 22H2 and KB5027223 for Windows 11 original release (21H2). These are both security updates but also include new non-security improvements and fixes. KB5027231 (Windows 11 22H2) is the “Moment 3” update for Windows 11, which includes updates from last month’s optional update KB5026446, and combined, these both include significant fixes and improvements for the operating system, including a fix to a known issue. However, it does not include any new OS features. If you did not install the optional update, installing this month’s Patch Tuesday update will include all the new features and improvements. KB5027223 (Windows 11 21H2) also addresses similar issues and security vulnerabilities as KB5027231. However, there are a few differences which we have discussed below. Both of these are security updates and together, they address a total of 86 vulnerabilities. You can learn more about these security vulnerability fixes on Microsoft’s MSRC vulnerability guide. In the Vulnerability Guide, set the filter to “Update Tuesday (2nd Tuesday of the month)” and then select “June 2023” in the “Vulnerabilities” tab.
Release Summary: KB5027231, KB5027223
The table below gives a brief summary of these updates and the updated OS builds:
KB5027231 Changelog
This update includes all the features and improvements that were introduced in KB5026446 which was released on 24th May 2023, and then some. We have compiled and listed all of the new features and improvements in KB5027231 here for you.
Fixes and Improvements in KB5027231
The following list of fixes and improvements have been implemented with this release:
[New] Issues with 32-bit applications are now addressed. You can find more information in our separate guide on Windows 11 known issues. [New] This update addresses a compatibility issue. The issue occurs because of unsupported use of the registry. [New] This update addresses an issue that affects the Windows Kernel. This issue is related to CVE-2023-32019. This update provides the full amount of storage capacity of all your Microsoft OneDrive subscriptions. It also displays the total storage on the Accounts page in the Settings app. This update adds Bluetooth Low Energy (LE) Audio provided that your computers support it. This update improves audio fidelity and battery life when you pair your computer with Bluetooth LE Audio earbuds and headphones. This update addresses an issue that affects the Narrator. It now announces text attributes correctly for words, such as “misspelled,” “deletion change,” and “comment.” This update addresses an issue that affects access to Tab settings for IE mode sites. This update addresses a multi-function label printer installation issue. This update addresses an issue that affects audio playback. It fails on devices that have certain processors. This update addresses an issue that affects the touch keyboard. It shows the wrong layout for the French-Canadian language. This update addresses an issue that affects the touch keyboard. Sometimes, it does not show the correct layout based on the current input scope. This update addresses an issue that affects the Chinese and Japanese Input Method Editor (IME). When you search within the Emoji Panel (Windows key + period (.) ), the search might fail for some of you. This update addresses an issue that affects searchindexer.exe. It stops working after you sign out. This issue occurs after you upgrade your machine to Windows 11 Azure Virtual Desktop (AVD) and sign in to that machine. This update addresses an issue that affects Server Message Block (SMB). You cannot access the SMB shared folder. The errors are, “Not enough memory resources” or “Insufficient system resources.” The update addresses an issue that sends unexpected password expiration notices to users. This occurs when you set up an account to use “Smart Card is Required for Interactive Logon” and set “Enable rolling of expiring NTLM secrets.” This update addresses an issue that affects the Local Security Authority Subsystem Service (LSASS). It stops working. This occurs when you use Azure Virtual Desktop (AVD). This update addresses an issue that affects the Storage Spaces Direct (S2D) cluster. It might not come online. This occurs after a periodic password rollover. The error code is 1326. This update addresses an issue that affects dot sourcing. It fails files that contain class definitions in Windows PowerShell. This update addresses an issue that affects the use of the Event Viewer. The issue limits the number of event sources that users who are not administrators can access. This update addresses an Event Viewer issue. It affects the rendering of a forwarded event log. This update addresses a memory leak. It occurs every time you print a rich text document. This update addresses an issue that affects a computer when it renders a halftone bitmap. The computer stops working. This update addresses an issue that affects devices that have multiple, discreet GPUs. You cannot choose high-performance GPUs from the default graphics settings page. This update addresses an issue that stops your device from working when it resumes from Modern Standby. The error is 0x13A KERNEL_MODE_HEAP_CORRUPTION. This update addresses an issue that affects applications that perform certain actions in a callback. The applications might stop working. These actions include closing a Window (WM_CLOSE). This update changes the support phone number for Microsoft India for Windows activation. This update changes the international mobile subscriber identity (IMSI) ranges for certain mobile providers. This update addresses an issue that affects the Windows Firewall. The firewall drops all connections to the IP address of a captive portal. This occurs when you choose the Captive Portal Addresses option. This update addresses an issue that affects devices that are joined to Azure Active Directory (Azure AD). The Windows Firewall cannot apply the correct domain and profile for them. This update addresses an issue that affects Windows Defender Application Control (WDAC). It might create audit events that you do not need. This occurs when you choose the Disabled: Script Enforcement option. This update addresses an issue that affects the Chinese and Japanese Handwriting Panel. It does not show text prediction candidates or stop responding. This occurs when you select a word from the candidate list of the Handwriting Panel. This update addresses an issue that affects the runas command. It stops working. The device behaves as if you did not sign in to your account. This update addresses an issue that might affect a large reparse point. You might get a stop error when you use NTFS to access it. This issue occurs after a canceled FSCTL Set operation changes the reparse tag. This update addresses a known issue that might affect some speech recognition apps. They might have sporadic speech recognition, expressive input, and handwriting issues. This occurs when the display language is Chinese or Japanese. The apps might not recognize certain words. They might not receive any input from speech recognition or affected input types. This issue is more likely to occur when the apps use offline speech recognition. For app developers, this issue only affects speech recognition that uses Speech Recognition Grammar Specification (SRGS) in Windows.Media.SpeechRecognition. This issue does not affect other types of speech recognition.
These are all of the features, improvements, and fixes that KB5027231 offers for Windows 11 22H2. To read more in-depth about these, refer to this Microsoft announcement. Moreover, there are also some known issues with this update. You can read all about the open (and fixed) known issues in our separate post: Windows 11 Known Issues
KB5027223 Changelog
Fixes and improvements in KB5027223
KB5027223, which applies to Windows 11 version 21H2, does not include any significant features. However, This update includes all the improvements that were introduced in KB5026436 which was released on 23rd May 2023 and was a Type D update, and then some more. We have listed the cumulative changes below:
[New] Issues with 32-bit applications are now addressed. You can find more information in our separate guide on Windows 11 known issues. [New] This update addresses a compatibility issue. The issue occurs because of unsupported use of the registry. [New] This update addresses an issue that affects the Windows Kernel. This issue is related to CVE-2023-32019. This update addresses an issue that affects the Narrator. It now announces text attributes correctly for words, such as “misspelled,” “deletion change,” and “comment.” This update addresses an issue that affects access to Tab settings for IE mode sites. This update addresses a multi-function label printer installation issue. This update addresses a multi-function label printer issue. It affects the installation of some of them. This update addresses an issue that affects audio playback. It fails on devices that have certain processors. This update improves the user experience (UX) and interactions for the search box on the taskbar. This update addresses an issue that affects searchindexer.exe. It stops working after you sign out. This issue occurs after you upgrade your machine to Windows 11 Azure Virtual Desktop (AVD) and sign in to that machine. This update addresses an issue that affects Server Message Block (SMB). You cannot access the SMB shared folder. The errors are, “Not enough memory resources” or “Insufficient system resources”. The update addresses an issue that sends unexpected password expiration notices to users. This occurs when you set up an account to use “Smart Card is Required for Interactive Logon” and set “Enable rolling of expiring NTLM secrets.” This update addresses an issue that affects the Local Security Authority Subsystem Service (LSASS). It stops working. This occurs when you use Azure Virtual Desktop (AVD). The update addresses an issue that affects scheduled tasks. The tasks fail when they use stored local user account credentials. This occurs when you enable Credential Guard. The error message is “2147943726 : ERROR_LOGON_FAILURE (The user name or password is incorrect).” This update addresses an issue that affects the Storage Spaces Direct (S2D) cluster. It might not come online. This occurs after a periodic password rollover. The error code is 1326. This update addresses an issue that affects dot sourcing. It fails files that contain class definitions in Windows PowerShell. This update addresses an issue that affects the use of Event Viewer. The issue limits the number of event sources that users who are not administrators can access. This update addresses an issue that affects applications that perform certain actions in a callback. The applications might stop working. These actions include closing a Window (WM_CLOSE). This update changes the support phone number for Microsoft India for Windows activation. This update changes the international mobile subscriber identity (IMSI) ranges for certain mobile providers. This update addresses an issue that affects the Windows Firewall. The firewall drops all connections to the IP address of a captive portal. This occurs when you choose the Captive Portal Addresses option. This update addresses an issue that affects devices that are joined to Azure Active Directory (Azure AD). The Windows Firewall cannot apply the correct domain and profile for them. This update addresses an issue that might affect a large reparse point. You might get a stop error when you use NTFS to access it. This issue occurs after a canceled FSCTL Set operation changes the reparse tag.
That said, there are also some known issues with this release. You can read all about the open (and fixed) known issues in our separate post: Windows 11 Known Issues After considering both the improvements as well as the known issues in these updates, if you still feel like upgrading to this build, continue reading to learn how.
Download and Install KB5027231 & KB5027223
You can install these updates on a Windows 11 PC through Windows Update as well as a standalone installer. Download and install Windows 11, or check if your system meets the minimum hardware requirements for Windows 11.
Download KB5027231 Offline Installers
To download the KB5027231 MSU offline installer for Windows 11 22H2, click on the respective link below: Download Windows 11 KB5027231 for x64-based systems [288.6 MB] Download Windows 11 KB5027231 for ARM-based systems [400.9 MB]
Download KB5027223 Offline Installers
To download the KB5027223 MSU offline installer for Windows 11 21H2, click on the respective link below: Download Windows 11 KB5027223 for x64-based systems [338.6 MB] Download Windows 11 KB5027223 for ARM-based systems [459.9 MB] To install the update, simply run the downloaded MSU file and Windows will automatically install the update. You can also extract the CAB file from the MSU file and install it. To download any other updates related to any of the above, please check the Microsoft Catalog.
Windows Update
Perform the following steps to download and install the Patch Tuesday update on your Windows 11 computer: Once the computer restarts, the update will be successfully installed. To confirm this, check the updated build number by typing in winver in the Run Command box. You will now see one of the following updates downloading and installing automatically, depending on your Windows 11 version:
Rollback/Remove Windows 11 Cumulative Update
If you do not wish to keep the installed update for some reason, you can always roll back to the previous build of the OS. However, this can only be performed within the next 10 days after installing the new update. To roll back after 10 days, you will need to apply this trick.
Cleanup After Installing Windows Update
If you want to save space after installing Windows updates, you can run the following commands one after the other in Command Prompt with administrative privileges:
Block KB5027231 or KB5027223 from Installing
Since these are mandatory updates, they will download and install themselves on the schedule. If you want to block them from installing, temporarily or permanently, you can follow the steps below: If you want to unhide or show hidden updates, run the tool again and select “Show hidden updates” instead of “Hide updates.” The rest of the process is the same. This automatically hides the update from Windows Update and it will not be installed during the next update process.
Windows 11 KB5027231 and KB5027223 Hands On
We have installed KB5027231 through Windows Update on one of our VMs and gained some insight that we’d like to share with our readers. To begin, installing KB5027231 was not as easy as it should be. The entire process took nearly 25 minutes. When the update began to download on the Windows Update Settings page, it got stuck at 3%. It remained there for nearly 5 minutes, after which we had to restart the system. After the reboot, it was still at 3%. However, after a minute or two, it changed to 7% downloaded and then remained there for another 3-4 minutes. At this point, we considered troubleshooting Windows Update, but before we did, the downloaded percentage jumped directly to 70% and then continued to 100% slowly. Since we had already installed last month’s optional cumulative non-security update, KB5027231 should have been a tiny package. However, it took longer than expected. Additionally, as we monitored the storage capacity on the computer, the KB5027231 took up nearly 1.3 GB of storage space before it was installed. After restarting the computer and with the update installed, it took a total of 1.7 GB! The installation process was a lot quicker than the downloading process. When we dug in, we found that nearly 1.77 GB of space was being taken up by the older copy of Windows files, as you can see in the image below. This was nearly the exact size of storage capacity that the new Windows update took, which means that the update replaced older files and moved them. Note: Removing these files would mean that you can no longer back up to the older Windows build. Moreover, as reported in this forum, some of the features that should be enabled by default in the Moment 3 update are not there, such as the option to show seconds in the system tray clock, the “Live kernel memory dump” option is missing, and the Print Screen button is not enabled by default. We found that to enable these, you must also install the “Windows Configuration Update” released on 24th May 2023. This update enables some cool new features in the Windows 11 operating system. To install the Windows Configuration Update, use these steps: Once the computer restarts, you will find that all of the “Moment 3” features have been enabled. You will then see “Windows configuration update” (amongst others) installing.