KB5021255 Cumulative updates for Windows 11 version 22H2

This content has been archived. But, the content is true and relevant to the underlying technology products or infrastructure services.

KB5021255 is December month’s cumulative update for Windows 11 version 22H2. The update was released on 13th December 2022 as part of the ‘December Patch Tuesday’.

Salient points about KB5021255 for Windows 11 22H2

KB5021255 has now been superseded by KB5022303. KB5022303 has been released on 10th January for Windows 11 22H2 version.

KB5021255 is a cumulative update that supersedes November month’s cumulative update KB5019980. KB5019980 was immediately followed by a preview update KB5020044 that was released on 29th November 2022.

So, KB5021255 contains all the changes that are part of the KB5020044 preview update. If you have not deployed KB5020044 yet, you can skip it and go straight to KB5021255.

In terms of builds, KB5021255 corresponds to Windows 11 build 22621.963. KB5020044 corresponds to build 22621.900 and KB5019980 works on 22621.819.

Servicing Stack Update 22000.898 corresponds to KB5021255. It is included in the KB5021255 and therefore no separate installation of the SSU or Servicing Stack Update is needed.

Installing KB5021255 is easy as you could choose one of the following automated approaches:

  • Windows Update
  • Windows Update for Business
  • WSUS or Windows Server Update Services

Or, if you prefer to install using a manual process, you can always download the offline installer file from the Microsoft Update Catalog page for KB5021255.

For your ready reference, the direct download links for the security update KB5021255 are shared below:

Post-deployment issues after installing KB5021255 on Windows 11 systems

The following issues have been acknowledged as post-deployment issues for KB5021255:

Using provisioning packages on Windows 11, version 22H2 (also called Windows 11 2022 Update) might not work as expected. Windows might only be partially configured, and the Out Of Box Experience might not finish or might restart unexpectedly. Provisioning packages are .PPKG files which are used to help configure new devices for use on business or school networks. Provisioning packages which are applied during initial setup are most likely to be impacted by this issue. For more information on provisioning packages, please see Provisioning packages for Windows.

Copying large multiple gigabyte (GB) files might take longer than expected to finish on Windows 11, version 22H2. You are more likely to experience this issue copying files to Windows 11, version 22H2 from a network share via Server Message Block (SMB) but local file copy might also be affected.Windows devices used by consumers in their home or small offices are not likely to be affected by this issue. – For this issue, Microsoft recommends using robocopy or xcopy in the interim while it works on providing a permanent fix to the issue.

After installing this update, apps that use ODBC connections through Microsoft ODBC SQL Server Driver (sqlsrv32.dll) to access databases might not connect. Additionally, you might receive an error in the app, or you might receive an error from the SQL Server. Errors you might receive include the following messages:

  • The EMS System encountered a problem. Message: [Microsoft][ODBC SQL Server Driver] Protocol error in TDS Stream.
  • The EMS System encountered a problem. Message: [Microsoft][ODBC SQL Server Driver] Unknown token received from SQL Server.

For all these three post-deployment issues, Microsoft is working on fixes for a permanent solution.

KB5021255 Changelog

KB5021255 has brought about the following issue fixes or improvements:

  • This update addresses a known issue that might affect Task Manager. It might display certain elements in the user interface (UI) in unexpected colors. Some parts of the UI might not be readable. This issue might occur if you have “Choose your mode” set to “Custom” in the Personalization > Colors section of Settings.
  • This update addresses an issue that might affect Data Protection Application Programming Interface (DPAPI) decryption. The decryption of a certificate private key might fail. Because of this, virtual private network (VPN) and other 802.1 certificate-based authentication might fail. This issue might occur when you encrypt the DPAPI master key with a wrong value.
  • This update addresses a known issue that affects Direct Access. The issue might stop you from reconnecting to it after temporarily losing network connectivity. The issue might also occur when you switch between Wi-Fi networks or access points.
Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.