KB5055519: This update addresses security issues for your Windows operating system

Summary
This cumulative update contains security and quality improvements. The following is a summary of the key issues that this update addresses. The bold text within the brackets indicates the item or area of the change we are documenting.

Highlights

• This update addresses security issues for your Windows operating system.
  If you installed earlier updates, only the new updates contained in this package will be downloaded and installed on your device.
  For more information about security vulnerabilities, please refer to the new Security Update Guide website and the April 2025 Security Updates.

Improvements

• [Daylight Saving Time (DST)] Update for the Aysen region in Chile to support the government DST change order in 2025. For more information about DST changes, see the Daylight Saving Time & Time Zone Blog.

Known issues in this update
Citrix

Symptoms
Devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update. This issue was observed on devices with Citrix Session Recording Agent (SRA) version 2411. The 2411 version of this application was released in December 2024.
Affected devices might initially download and apply the January 2025 Windows security update correctly, such as via the Windows Update page in Settings. However, when restarting the device to complete the update installation, an error message with text similar to “Something didn’t go as planned. No need to worry – undoing changes” appears. The device will then revert to the Windows updates previously present on the device.
This issue likely affects a limited number of organizations as version 2411 of the SRA application is a new version. Home users are not expected to be affected by this issue.
Workaround
Citrix has documented this issue, including a workaround, which can be performed prior to installing the January 2025 Windows security update. For details, see Citrix’s documentation.
Microsoft is working with Citrix to address this issue and will update this documentation once a resolution is available.

Active Directory Group Policy: Events in local policy
Symptoms
Audit Logon/Logoff events in the local policy of the Active Directory Group Policy might not show as enabled on the device even if they are enabled and working as expected. This can be observed in the Local Group Policy Editor or Local Security Policy, where local audit policies show the "Audit logon events" policy with Security Setting of "No auditing".

This issue might only manifest as a reporting inconsistency. It’s possible that logon events are correctly being audited on the device. However, the “Audit logon events” policy will reflect that this is not the case. Home users are unlikely to be affected by this issue, as logon auditing is generally only necessary in enterprise environments.

Workaround
Adjustments to the Windows registry will prevent this issue.

1. Open the Windows registry editor and navigate to the following key:
   HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Audit\\SystemPolicy\\LogonLogoff\\AccessRights
2. Right-click AccessRights > Permissions, select Advanced. Then, change owner to Administrators, check Replace owner on subcontainers and objects, select Apply and OK.
3. In the Permissions window, select Administrators, check Full Control under “Allow”, select Apply and OK.
4. Modify the GUID key to the following value: {0CCE924B-69AE-11D9-BED3-505054503030}
5. Enable the subcategory with the correct GUID using the following command (open a Run dialog, then type the following command and press Enter):
   auditpol /set /subcategory:{0CCE924B-69AE-11D9-BED3-505054503030} /success:enable /failure:enabl
6. Reverse the permission changes: Right-click AccessRights > Permissions, select Advanced. Then, change owner to "NT SERVICE\\TrustedInstaller”, check Replace owner on subcontainers and objects, select Apply and OK.
7. In the Permissions window, select Administrators, check Read under “Allow”, select Apply and OK.

Next Steps
Microsoft is working on a resolution and will provide more information when it is available.