A non-security update, including multiple quality improvement

Improvements

• Introduces WebAuthn redirection, which lets users authenticate in apps and on websites without a password when using Remote Desktop. Then, they can use Windows Hello or security devices, such as Fast Identity Online 2.0 (FIDO2) keys

• Improves storage replication that occurs over low bandwidth or congested wide area networks (WAN)

• Addresses an issue that requires users to reinstall an app if the Microsoft Store has not signed that app

• Addresses an issue that stops codecs from being updated from the Microsoft Store

• Addresses an issue that affects cached credentials for security keys and FIDO2 authentications. On hybrid domain-joined devices, the system removes these cached credentials

• Addresses an issue that affects a network’ s static IP. The issue causes the configuration of the static IP to be inconsistent. Because of this, NetworkAdapterConfiguration() fails sporadically

• Addresses an issue that affects rendering in Desktop Window Manager (DWM). This issue might cause the device to stop responding in a virtual machine setting when users use certain video graphics drivers

• Addresses a rare stop error that happens after users change the display mode and more than one display is in use

• Addresses an issue that affects graphics drivers that use d3d9on12.dll

• Addresses an issue that affects URLs generated by JavaScript: URLs. These URLs do not work as expected when users add them to the Favorites menu in IE mode

• Addresses an issue that affects window.open in IE mode

• Addresses an issue that successfully opens a browser window in IE mode to display a PDF file. Later, browsing to another IE mode site within the same window fails

• Addresses an issue that forces the IE mode tabs in a session to reload. Introduces a Group Policy that enables and disables Microsoft HTML Application (MSHTA) files

• Addresses an issue that occurs when the input queue overflows. This might cause an application to stop responding

• Addresses an issue that affects the Microsoft Japanese input method editor (IME). Text reconversion fails when users use some third-party virtual desktops

• Addresses an issue that affects the App-V client service. The service leaks memory when users delete App-V registry nodes

• Addresses an issue that might change the default printer if the printer is a network printer

• Addresses an issue that affects Windows Defender Application Control (WDAC) path rules. This issue stops .msi and PowerShell scripts from running

• Addresses an issue that causes WDAC to log 3091 and 3092 events in audit mode

• Addresses an issue that affects Group Policy Objects. Because of this, the system might stop working

• Addresses an issue that affects Windows Defender Application Control (WDAC). It stops WDAC from logging .NET Dynamic Code trust verification failures

• Addresses an issue that occurs when a WDAC policy fails to load. The system logs that failure as an error, but the system should log the failure as a warning

• Addresses an issue that affects non-Windows devices. It stops these devices from authenticating. This issue occurs when they connect to a Windows-based remote desktop and use a smart card to authenticate

• Addresses an issue that might bypass MSHTML and ActiveX rules for WDAC

• Addresses an issue that affects WDAC policies. These policies will not apply to a system when you enable SecureLaunch

• Addresses an issue that affects the Settings app on server domain controllers (DCs). When you access System > Display, the Settings app stops working

• Addresses an issue that affects the Local Security Authority Subsystem Service (LSASS). LSASS might stop working on a child domain controller (DC). This might occur when you lose the connection to a root DC while you are searching for a name that is in many forests or a security ID (SID)

• Addresses an issue that affects the FindNextFileNameW() function. It might leak memory

• Addresses an issue that affects robocopy. Robocopy fails to set a file to the right modified time when using the /IS option

• Addresses an issue that affects cldflt.sys. A stop error occurs when it is used with Microsoft OneDrive

• Addresses an issue that affects the Get-SmbServerNetworkInterface cmdlet. It only retrieves a subset of the available network interfaces

• Addresses an issue that affects the Get-SmbServerConfiguration cmdlet. It only allows users to run it if you are an administrator

• Addresses an issue that affects the LanmanWorkstation service. When users mount a network drive, the service leaks memory

• Addresses a known issue that affects daylight saving time in Chile. This issue might affect the time and dates used for meetings, apps, tasks, services, transactions, and more

Known issues

• After installing this update, file copies using Group Policy Preferences might fail or might create empty shortcuts or files using 0 (zero) bytes. Known affected Group Policy Objects are related to files and shortcuts in User Configuration > Preferences > Windows Settings in Group Policy Editor