During the festive season, Windows 11 21H2 is obtaining 13/12/2022 Patch Tuesday security update to address the concerns of remote networks. This patch also works on a problem that could affect DPAPI aka Data Protection Application Programming Interface decryption. KB5021234 is the knowledge base number of the release and it increases the version to Windows 11 22000.1335.
Complete name of this LCU is – 2022-12 Cumulative Update for Windows 11 Version 21H2 for x64-based Systems (KB5021234) where x64 is variable and it can also be ARM64. Let’s see what is new in December 2022 release for v21H2
KB5021234 Windows 11 22000.1335 changes, bug fixes
Here is the changelog –
Bug fixes and changes
- This update addresses an issue that affects remote networks. This issue stops you from reconnecting to them using DirectAccess.
- This update addresses an issue that might affect Data Protection Application Programming Interface (DPAPI) decryption. The decryption of a certificate private key might fail. Because of this, virtual private network (VPN) and other 802.1 certificate-based authentication might fail. This issue might occur when you encrypt the DPAPI master key with a wrong value.
|IT admins||Direct Access might not be connected subsequent to installing this or further patches. Due to this problem, network connectivity or transitioning between Wi-Fi networks or access points might temporarily lose.|
Important: This trouble should not influence other remote access solutions for example VPN (sometimes called Remote Access Server or RAS) and Always On VPN (AOVPN).
Customers who don’t use Direct access on Windows at home or in organizations are not affected.
|Simply reboot the PC to mitigate this issue moreover follow the steps to fully resolve –|
You can rectify this problem using Known Issue Rollback also known as KIR. Keep in mind that the process might spend up to 24 hours for the resolution for propagating automatically to consumer devices and non-managed business devices. As the proviso, rebooting the Windows device might help the resolution apply faster. Users who run enterprise-managed devices and installed the update triggering this issue can resolve it by installing and configuring a special Group Policy. The special Group Policy is located under found in Computer Configuration => Administrative Templates => Group Policy name listed below –
Group Policy downloads with Group Policy name:
KB5018485 220927_043049 Known Issue Rollback – Download for Windows Server 2022 –
KB5018482 220927_043047 Known Issue Rollback – Download for Windows 10, version 22H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2 –
Important You will need to install and configure the Group Policy for your version of Windows to resolve this issue.
|IT admins||Once you installed this patch, applications that use Open Database Connectivity through Microsoft ODBC SQL Server Driver aka sqlsrv32.dll to access databases might not connect. Moreover, you might face an error in the app or SQL Server. The error messages are –|
To determine whether you are using an affected application, unfold the app that connects to a database. access a Command Prompt and run the following syntax –
If the result lists a task, then the application might be part of the issue.
|We are working on a resolution and will provide an update in an upcoming release.|
How to download KB5021234 and install on Windows 11 21H2
Let’s clear that due to the festive season, you will not get any optional updates further this month. Now make sure that the most recent SSU 22000.1270 is installed and then follow the steps –
1] Using Windows Auto-update
- Press – Win+I.
- Click – Windows update.
- Select – Check for updates.
- Hold on for some time until KB5021234 is fully downloaded and the system asks you to install it. When you meet with a popup, click on Restart now.
2] Through manual method from Microsoft update catalog
- Click on KB5021255 direct download link.
- Find the architecture file on the website with the same of your computer.
- Click – Download.
- A segregate page prompts displaying a link to the standalone file of the update; click on it.
- Double-click on the .MSU file on your computer and select Yes on the verification pop-up.