All Windows 11 users should install the KB5029263 update as soon as possible

Microsoft has released a large new cumulative update for Windows 11 in the form of the KB5029263 update.

As this release fixes a series of security issues in the operating system, everyone running Windows 11 22H2 should install it as soon as possible. KB5029263 is a mandatory update so it will be installed automatically -- eventually -- but it is important enough to justify taking manual action to ensure you have it immediately.

See also:

• Microsoft drops support for dozens of Intel processors in latest Windows 11 system requirements update
• Microsoft is disabling TLS 1.0 and TLS 1.1 in Windows 11... and it will break some apps
• Microsoft is finally killing off Cortana in Windows 11 as Windows Copilot heralds an AI future

As is the norm, Microsoft does not detail the security issues that have been addressed in this update, which takes Windows 11 up to build 22621.2134, and the servicing stack to version 22621.2061. The company says that in addition to the security fixes, the KB5029263 update makes brightness settings more accurate. It also fixes problems with widgets, as well as sleep-related audio-visual issues.

Microsoft has also published a handy video to accompany the release of the KB5029263 update which features not only a summary of the changes, but also numerous tips about how to speed up Windows 11.

The full list of non-security related changes is as follows:

• New! This update affects the Handwriting Software Input Panel (SIP), the Handwriting Engine, and the Handwriting Embedded Inking Control. They now support GB18030-2022 conformance level 2. Because of this, they meet the level 3 requirements.
• This update addresses an issue in the Windows Notification Platform. The issue affects how much power your device uses. 
• This update affects the Windows Push Notification Services (WNS). It makes the connection between the client and the WNS server more reliable.
• This update addresses an issue that affects hybrid joined devices. You cannot sign in to them if they are not connected to the internet. This occurs when you use a Windows Hello for Business PIN or biometric credentials. This issue applies to a cloud trust deployment. 
• This update affects Windows Autopilot profiles. The process to download the Windows Autopilot policy is more resilient. This helps when a network connection might not be fully initialized. This update increases the retry attempts when you try to download the Windows Autopilot profile.
• This update addresses an issue that affects Event Forwarding Subscriptions. When you add an Event Channel to the subscription, it forwards events you do not need.
• This update addresses an issue that affects the Windows Management Instrumentation (WMI) repository. This causes an installation error. The issue occurs when a device does not shut down properly.
• This update addresses an issue that affects certain CPUs. There is inconsistent reporting of the L2 cache.
• This update enhances hinting for some of the letters of the Verdana Pro font family.
• This update affects user mode printer drivers. They unload unexpectedly. This occurs when you print from multiple print queues to the same printer driver.
• This update affects text edit controls in XAML and browser controls. You cannot make text edit controls editable again after they become read only. This occurs when you use the new Microsoft Input Method Editor for Japanese, Chinese, and Korean.
• This update makes Narrator announce the “Change product key” label.
• This update addresses an issue that affects the Defender Firewall Profile. It fails to automatically switch from a LAN that is trusted to a public network.
• This update makes Country and Operator Settings Asset (COSA) profiles up to date.
• This update addresses an issue that affects a printing job. An unexpected Internet Printing Protocol (IPP) mode switch can cause the print job to abruptly stop. This occurs when there is an independent hardware vendor (IHV) driver.
• This update addresses an issue that affects certain wireless wide area network (WWAN) devices. After every restart, a dialog reappears. It asks you to switch to embedded SIM (eSIM) even when you choose "No."
• This update addresses a deadlock in Internet Protocol Security (IPsec). When you configure servers with IPsec rules, they stop responding. This issue affects virtual and physical servers.
• This update addresses an issue that affects the MPSSV service. The issues causes your system to restart repeatedly. The stop error code is 0xEF.
• This update affects the Windows Kernel Vulnerable Driver Blocklist, DriverSiPolicy.p7b. It adds drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
• This update addresses an issue that affects Windows Defender Application Control (WDAC). The issue copies unsigned WDAC policies to the Extensible Firmware Interface (EFI) disk partition. This partition is reserved for signed policies.
• This update addresses an issue that affects WDAC. The “Disabled: Script Enforcement” option might create audit events you do not need.
• This update addresses an issue that affects the fastfat file system driver. It stops responding because of a race condition.
• This update addresses an issue that affects I/O over Server Message Block (SMB). It might fail when you use the LZ77+Huffman compression algorithm.

As mentioned above, this mandatory update should be installed automatically, but you can also perform a manual check of Windows Update via the Settings app, or you can download KB5029263 from the Microsoft Update Catalog.

Image credit: vadimrysev / depositphotos