Microsoft releases KB5004237 and KB5004245 to fix dozens of Windows 10 problems

Yesterday was Patch Tuesday, and as such Microsoft released updates to fix a batch of problems with Windows 10.

There are fixes for security issues as well as other niggles, including addressing the PrintNightmare vulnerability. KB5004237 is available for Windows 10 versions 2004, 20H2 and 21H1, while KB5004245 is just for version 1909.

See also:

• Microsoft has its own Linux distro called CBL-Mariner
• Want the Windows 10 Start menu in Windows 11? Tough... Microsoft has removed it
• Microsoft's KB5004945 update to fix PrintNightmare is breaking some printers

While there are no major changes in either of the updates, in all there are fixes for 117 vulnerabilities in Windows. As nine of these are zero-day security flaws, users are advised to get them installed as soon as they can.

For KB5004245, the list of highlights included in the update is not particularly lengthy:

• Updates for verifying usernames and passwords.
• Updates to improve security when Windows performs basic operations. 
• Adds Advanced Encryption Standard (AES) encryption protections for CVE-2021-33757. For more information, see KB5004605.
• Security updates to Windows Apps, Windows Management, Windows Fundamentals, Windows Authentication, Windows User Account Control (UAC), Operating System Security, Windows Virtualization, Windows Linux, the Windows Kernel, the Microsoft Scripting Engine, the Windows HTML Platforms, the Windows MSHTML Platform, and Windows Graphics.

The list of change for KB5004237 is only slightly longer:

• Addresses an issue that might make printing to certain printers difficult. This issue affects various brands and models, but primarily receipt or label printers that connect using a USB port.
• Removes support for the PerformTicketSignature setting and permanently enables Enforcement mode for CVE-2020-17049. For more information and steps to enable full protection on domain controller servers, see Managing deployment of Kerberos S4U changes for CVE-2020-17049.
• Adds Advanced Encryption Standard (AES) encryption protections for CVE-2021-33757. For more information, see KB5004605.
• Addresses a vulnerability in which Primary Refresh Tokens are not strongly encrypted. This issue might allow the tokens to be reused until the token expires or is renewed. For more information about this issue, see CVE-2021-33779.
• Security updates to Windows Apps, Windows Management, Windows Fundamentals, Windows Authentication, Windows User Account Control (UAC), Operating System Security, Windows Virtualization, Windows Linux, the Windows Kernel, the Microsoft Scripting Engine, the Windows HTML Platforms, the Windows MSHTML Platform, and Windows Graphics.

With both updates, there are no known issues apart from the on-going potential for problems when using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters. There is also a risk of the Chromium-based version of Edge not replacing legacy Edge on some custom installations. As both of these issues have been around for months, if not years, they are starting to pale into insignificance.

Time will tell, however, what other problems the updates cause.

Image credit: JeanLucIchard / Shutterstock