KB5004237 for Windows 10 21H1, 20H2, and 2004 update Rolled out

CU KB5004237 Windows 10 21H1, 20H2, and 2004 changelog, direct download links, and ways to install.


July Patch Tuesday updates are just started rolling out. The rollout for Windows 10 2004, 20H2, and 21H1 has arrived increasing the version to 19041.1110, 19042.1110, and 19043.1110 respectively. KB5004237 is the security patch the carries some valuable improvements and bug fixes for the protection of printers.

This update also includes Servicing Stack updates for July 2021. The release is downloadable via auto update furthermore you can install the same through the Microsoft update catalog. Follow the methods from the last.

KB5004237 Windows 10 21H1, 20H2, and 2004 Security Update

Here is the changelog –

Changes and bug fixes

  • This patch addresses an issue that might make printing to certain printers troublesome. The problem creates problems in the devices from various models and brands, but mainly receipt or label printers that connect using a USB port.
  • The rollout removes support for the PerformTicketSignature setting and permanently enables Enforcement mode for CVE-2020-17049. To know details and the method to turn on full protection on domain controller servers, follow – Kerberos S4U changes deployment process for CVE-2020-17049.
  • The security patch adds Advanced Encryption Standard aka AES protection for CVE-2021-33757. For more, go to KB5004605.
  • The patch Tuesday release addresses a vulnerability in which Primary Refresh Tokens are not properly encrypted. This problem might allow the tokens to be reused until the token expires or is renewed. Read more – CVE-2021-33779.
  • This rollout comprises Security updates for 13/07/20221 to Windows Apps, Windows Management, Windows Fundamentals, Windows Authentication, Windows User Account Control (UAC), Operating System Security, Windows Virtualization, Windows Linux, the Windows Kernel, the Microsoft Scripting Engine, the Windows HTML Platforms, the Windows MSHTML Platform, and Windows Graphics.

Known issues

You might not see the correct Furigana characters when using the Microsoft Japanese IME to enter Kanji characters in an app so you need to enter manually.

Important – The affected apps are using the ImmGetCompositionString() function.

You will receive a resolution in an upcoming update
In case you have installed using Windows installation created from custom ISO image or offline media might remove Microsoft Edge Legacy removed but unfortunately, it doesn’t replace with the Chromium version. This occurs when the images are created by slipstreaming this update into the image without having first installed the standalone SSU rolled out earliest 29/03/2021.

Important – If you directly receive updates then the error will no longer occur. This contains devices carrying Windows Update for Business. You should directly receive updates or SSU without any extra steps.

In order to prevent, slipstream the Servicing Stack Update rolled out  29/03/2021 or later into the ISO image or custom offline media before doing the same with the Cumulative Update. Therefore, with the LCU wrapped up with SSU used for Windows 10 20H2 and 2004, you will have to extract the SSU from the combined package. Follow the instructions –

Unpack the cab from the msu following cmd command ( for instance KB5003173): “expand Windows10.0-KB5003173-x64.msu /f:Windows10.0-KB5003173-x64.cab <destination path>” (without quotes)

2. Unpack the SSU from the earlier extracted cab through – expand Windows10.0-KB5003173-x64.cab /f:* <destination path>

3.Now you have already got the SSU cab, in this example, SSU-19041.985-x64.cab. Slipstream this file into your offline image, then the Latest cumulative update.

Alternatively, you can install Microsoft Edge from here or Microsoft Edge for business from here.

How to download KB5004237 and install

Method:-1 Through auto Windows update

  1. Click the start and type – updates.
  2. When a new Settings page appears, click – Check for updates.
  3. Permit the patch to carry out the downloading and when over, click Restart now.

Method:-2 Using Microsoft update catalog

  1. Go to the KB5004237 direct download link – Microsoft update catalog.
  2. Explore the file compatible with your system architecture and click – Download.
  3. A detached window will prompt, click the lone link lying there,
  4. Once downloaded, double click on the MSU file and follow the further instructions.

That’s all!!

Sharing is caring    Share Whatsapp

Topics:  Windows update
About Sunita
Love to play with Windows 11 and 10. Suggestion - Going for Registry change or system files edit then remember to take a backup or create a restore point before Starting.