Microsoft releases Win10 21H2 Build 19044.1806 to RPC

Microsoft has released a new preview version of Windows 10 21H2 Build 19044.1806 with the KB5014666 update patch, which fixes several bugs.

This update includes the following improvements:

• “New” adds IP address auditing for incoming Windows Remote Management (WinRM) connections in security event 4262 and WinRM event 91. Fixed an issue where the source IP address and computer name of remote PowerShell connections could not be logged.

• “New” Added the Server Message Block (SMB) Redirector (RDR) specific Common File System Control (FSCTL) code FSCTL_LMR_QUERY_INFO.

• What’s New describes the following print and scan features:

• IPP over USB support – Starting in 2018, with the release of Windows 10 version 1809, Microsoft has supported the Internet Printing Protocol (IPP) for network printers. IPP support is now being extended to USB printers.

• Printing Support Application (PSA) API – Using the PSA framework, printer manufacturers can extend printer functionality and user experience.

• PIN Protected Printing for IPP and Universal Printing – The standard print dialog now includes a user interface for entering a PIN code.

• eSCL Mopria Scanning Protocol – Windows now supports the eSCL Mopria Scanning Protocol. It can be used with Mopria-certified scanner devices.

• Fixed an issue that affected the cloud clipboard service and prevented syncing between devices after a period of inactivity.

• Fixed an issue preventing Pashto from appearing in the language list.

• The InternetExplorerModeEnableSavePageAs group policy is enabled.

• Fixed an issue affecting the touchpad area (right-click area) that responds to a right-click.

• Fixed an issue affecting some certificate chains for root certification authorities that are members of the Microsoft Root Certification Program. For these certificates, the certificate chain status can be “This certificate has been revoked by its certificate authority”.

• Fixed an issue that caused false positives when running a script with Windows Defender Application Control (WDAC) turned on. This may generate AppLocker events 8029, 8028, or 8037, which should not appear in the log.

• Fixed an issue that prevented Encrypting File System (EFS) files from being used over a Web-based Distributed Authoring and Versioning (WebDAV) connection.

• Fixed an issue that caused Domain Controllers to incorrectly write Key Distribution Center (KDC) Event 21 in the System Event Log. This happens when the KDC successfully processes Kerberos public key encryption for Initial Authentication (PKINIT) authentication requests using self-signed certificates for key trust schemes (Windows Hello for Business and Device Authentication).

• Fixed an issue that caused the LocalUsersAndGroups Configuration Service Provider (CSP) policy to fail when modifying the built-in administrator group. This issue occurs if the local administrator account is not specified in the member list when the replace operation is performed.

• Fixed an issue where malformed XML input could cause DeviceEnroller.exe to fail. This prevents the CSP from being delivered to the device until the device is rebooted or the XML is corrected.

• Fixed an issue that caused Microsoft NTLM authentication using external trusts to fail. This issue occurs when a domain controller that contains Windows Update on January 11, 2022, or later is servicing authentication requests, is not in the root domain, and does not have a global catalog role. Affected operations may log the following errors:

• The security database has not been started.

• The domain is in an error state to perform a safe operation.

• 0xc00000dd (STATUS_INVALID_DOMAIN_STATE).

Just type “winver” into the Windows search box on the taskbar to see what version of Windows 10 you’re running. “Version 21H2” should be written instead.

Source / Via