KB5037770 for Windows 11 version 21H2

KB5037770 is the latest cumulative update for Windows 11 version 21H2. It was released on 14 May 2024 under the ‘Patch Tuesday’ program.

  • KB5037770 supersedes KB5036894 released on 9 April 2024. KB506894 is Windows 11 build 22000.6899.
  • KB5037770 corresponds to Windows 11 21H2 build 22000.2960.
  • KB5037770 is available for x64 and ARM64 system deployments.
  • KB5037770 resolves the VPN connectivity issues that resulted after deployment of KB5036894.
  • The Servicing Stack Update for KB5037770 is 22000.2958. The SSU is included in the cumulative update. Separate installation of the SSU is not required.
  • Post-deployment of KB5037770, you may experience a new issue. You may be unable to change your profile picture.
  • 41 Security vulnerabilities have been reported by Microsoft in the May security bulletin for Windows 11 21H2.

For installing KB5037770 on Windows 11 version 21H2, you could use any of the following methods:

  • Windows Update
  • WSUS or Windows Server Update Service
  • Windows Update for Business

You could manually install the KB5037770 update. For this, you need to download the offline installer files from the links shared below.

KB5037770 can be downloaded for Windows 11 version 21H2 from the Microsoft Update Catalog website. Alternatively, you could use the direct download links below to download the offline installer file.

The Servicing Stack Update is included in KB5037770. So, you do not need to install it separately.

Once you install KB5037770, the Windows 11 endpoint will need to reboot for the update and changes to take effect.

There are 41 reported vulnerabilities in May 2024 for Windows 11 version 21H2. None of these vulnerabilities have CRITICAL severity. The following impacts have been reported for Windows 11 security vulnerabilities in May 2024:

  • Remote Code Execution – 21 vulnerabilities
  • Elevation of Privileges – 14 vulnerabilities
  • Security Feature Bypass – 2 vulnerabilities
  • Information disclosure – 4 vulnerabilities

A new issue has been reported after installing KB5037770 on Windows 11 version 21H2.

After installing this update, you might be unable to change your user account profile picture.

When attempting to change a profile picture by selecting the button StartSettings> Accounts > Your info, and then selecting Choose a file, you might receive an error message with error code 0x80070520.

Microsoft if working on providing a solution for this new issue.

The following issues have been fixed for Windows 11 version 21H2 in KB5037770:

  • This update addresses a known issue that might cause your VPN connection to fail. This occurs after you install the update dated April 9, 2024, or later.
  • This update addresses an issue in that affects IE mode. It stops responding. This occurs if you press the left arrow key when an empty text box has focus and caret browsing is on.

The following changes are part of the KB5037770 cumulative update for Windows 11 version 21H2:

  • KB5037770 includes the security changes for Windows 11 version 21H2.
  • This update brings Country and Operator Settings Asset (COSA) profiles up to date for certain mobile operators.
  • This update includes quarterly changes to the Windows Kernel Vulnerable Driver Blocklist file, DriverSiPolicy.p7b. It adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
  • This update addresses an issue that affects Active Directory. Bind requests to IPv6 addresses fail. This occurs when the requestor is not joined to a domain.
  • This update addresses an issue that might affect domain controllers (DC). NTLM authentication traffic might increase.
  • This update addresses an issue that affects Group Policy Folder Redirection in a multi-forest deployment. The issue stops you from choosing a group account from the target domain. Because of this, you cannot apply advanced folder redirection settings to that domain. This issue occurs when the target domain has a one-way trust with the domain of the admin user. This issue affects all Enhanced Security Admin Environment (ESAE), Hardened Forests (HF) or Privileged Access Management (PAM) deployments.
  • This update addresses an issue that might affect Virtual Secure Mode (VSM) scenarios. They might fail. These scenarios include VPN, Windows Hello, Credential Guard, and Key Guard.
Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.