KB5006738 Windows 10 21H1, 20H2, 2004 CU Preview Rolled out

New cumulative update KB5006738 for Windows 10 21H1 19043.1320, 20H2 19042.1320, and 2004 19041.1320 changes, bug fixes, direct download link, and the ways to install.

KB5006738 Windows 10 21H1, 20H2, 2004 CU Preview Rolled out

KB5006738 for Windows 10 version 21H1, 20H2, and 2004 has just been rolled out. The update covers and addresses a wide array of issues. In this article, we bring to you all the highlights, features, fixes, and improvements introduced by this particular Windows update.

In case you did install all the previous updated relevant to your Windows version, only the new fixes will be downloaded on your system. Therefore, no redundancy of patches would be there.

KB5006738 for Windows 10 21H1 19043.1320, 20H2 19042.1320, 2004 19041.1320 Changes, bug fixes, and known issues

Here is the changelog –

  1. There is a potential resolution to an issue that has been preventing subtitles from displaying for certain video apps and streaming video sites in some cases.
  2. It addresses a problem preventing Kana input mode users from putting a question mark (?) using the usual Shift-0 key combination.
  3. This rollout also carries update for a problem that sometimes causes black background to appear on the lock screen. This mostly used to happen if the user have set up a slideshow of pictures as their lock screen background.

Changes and bug fixes

  1. KB5006738 attempts to resolve a problem that prevents users from accessing the pre-provisioning page during OOBE. This issue occurs when the user presses the Windows key five times when the Azure Active Directory credentials page appears.
  2. There is an added feature that enables some degree of cross-browser data transfer.
  3. The LCU addresses a problem with Assigned Access kiosks configured with Edge web browser as a kiosk app. These kiosks might sometimes fail to restart Microsoft Edge if users close the browser window.
  4. The team has also worked upon an issue whereby using App-V intermittently causes black screens to appear on the credentials page.
  5. There is a potential resolution to an issue that has been preventing subtitles from displaying for certain video apps and streaming video sites in some cases.
  6. KB5006738 CU improved upon the problem preventing VPN users from connecting to Windows Server 2019 Routing as well as Remote Access service aka RRAS server.
  7. There was an issue where Software-Defined Networking i.e SDN virtual machines would stop working when you configure the Generic Routing Encapsulation VPN bandwidth limitation. This has been addressed in KB5006738.
  8. The update address a reported Primary Refresh Token (PRT) update issue. It would usually occur when VPN users sign in using Windows Hello for Business while the connection is offline. This results in the users receiving unexpected authentication prompts for certain online resources configured for user sign-in frequency in Azure Active Directory-Conditional Access.
  9. The developers have attempted to fix the problem causing Windows to go into BitLocker recovery after a servicing update.
  10. They also address an issue that might stop Kerberos.dll within the LSASS or Local Security Authority Subsystem Service.
  11. KB5006738 optional update fixes a concern in Code Integrity that might cause a memory leak.
  12. KB5006738 also increased Microsoft Defender for Endpoint’s ability to deal with advanced attacks and ransomware.
  13. The team has worked on an issue in the OOBE causing the Windows AutoPilot provisioning to fail.
  14. It addresses a problem preventing Kana input mode users from putting a question mark (?) using the usual Shift-0 key combination.
  15. There is also an update on a problem that sometimes gives rise to the black background to appear for the lock screen. This mostly used to happen if the user have set up a slideshow of pictures as their lock screen background.
  16. The team also attempts to improve a reliability issue with LogonUI.exe, which interrupts the rendering of the network status text on the credentials screen.
  17. KB5006738 non security update addresses a problem causing the Server Message Block Query Directory Requests to fail in case the buffer size appears large.
  18. KB5006738 also examines the virtual machine Load Balancing feature issue whereby a site’s fault domain is ignored.
  19. The developers have also worked upon a known bug preventing the successful installation of printers using the Internet Printing Protocol (IPP).

Known issues

SymptomsWorkaround
A cumulative update was intended to replace Legacy Microsoft Edge with the Chromium version. But it could not perform the same on the devices having Windows installations created from a custom ISO image or offline media. This issue occurred when ISO images or custom offline media were created by slipstreaming this patch into the image without having first installed the SSU delivered on 29/03/ 2021 or later.

Attention – Devices that connect straight to Windows Update to acquire updates are not affected. This comprises devices using Windows update for Business. System connecting to Windows Update should always obtain the most recent SSU and LCU without any further steps.

To refrain from slipstream the SSU rolled out on 29/03/2021 or greater into the ISO image or custom offline media prior to slipstreaming CU. In this concern, with the combined LCU and SSU used for Windows 10 v20H2 and v2004, you will have to unpack the SSU from the combined package. Use the underneath guideline to unpack the using SSU –

1.   Unpack the cab from the msu through this command line (via the package for KB5000842 as an instance): expand Windows10.0-KB5006670-x64.msu /f:Windows10.0-KB5006670-x64.cab <destination path>

2.   Unpack the SSU from the earlier extracted cab via this command line: expand Windows10.0-KB5006670-x64.cab /f:* <destination path>

3.   You will then have the SSU cab, in this example named SSU-19041.1288)-x64.cab. Now, slipstream this file into your offline image first, then the cumulative update.

Subsequent to installing the 21/06/2021 update means KB5003690, some devices cannot receive new updates, for example, the 06/07/2021 (KB5004945) or later. Instead, you encounter PSFX_E_MATCHING_BINARY_MISSING.For more information and a workaround, see KB5005322.
Once you receive this optional patch, when connecting to devices in an untrusted domain using Remote Desktop might be unable to authenticate when using smart card authentication. Rather you might get a message – Your credentials did not work. The credentials that were used to connect to [device name] did not work. Please enter new credentials. Along with The login attempt failed in red.This problem is resolved through Known Issue Rollback (KIR). Keep in mind that it might consume up to 24 hours for the resolution to propagate automatically to non-managed personal devices and non-managed business devices. Rebooting might help the resolution apply to your device quicker. If you are on enterprise-managed devices that have installed an affected update and confronted this problem, it can be fixed by installing and configuring a special Group Policy linked below. Remark – Devices need to be restarted after setting the special Group Policy. For help, kindly read How to use Group Policy to deploy a Known Issue Rollback.

Group Policy installation files: Windows Sever 2022

Windows 10, version 2004, Windows 10, version 20H2 and Windows 10, version 21H1

Attention – Verify that you are using the correct Group Policy for your version of Windows.

Group Policy installation files:

§  Windows Sever 2022

§  Windows 10, version 2004, Windows 10, version 20H2 and Windows 10, version 21H1

Important Verify that you are using the correct Group Policy for your version of Windows.

How to download KB5006738 and install on Windows 10

KB5006738 and all such quality patches are mostly downloaded and installed automatically as per the configured policies. If you think you didn’t get this (or any other relevant) patch, here are a few other ways of installing them. SSU to install before installing this non-security patch – For May 11, 2021 update KB5003173, August 10, 2021, KB5005260.

1] Through Windows Update Settings

Here is how to check for updates and download them manually –

  1. Hit the shortcut keys Windows and I together.
  2. Once the Settings app opens up, click – Windows update.
  3. Lastly, make a click on – Check for updates.
  4. This will initiate a scan to look for the October Security patch. Soon it should start downloading and installing the update automatically. Once done, you will get an alert suggesting a restart.
  5. Click – Restart now when prompted.

2] Via Microsoft update catalog

  1. KB5006738 direct download link is here. The link will take you to the Microsoft update catalog website containing all the relevant files for this update.
  2. Browse through the site to find your patch based on your system architecture (like x86, x64, ARM64). An alternative is that you can simply use the search feature on the web page to easily look up this update
  3. Click on Download once you find the update.
  4. Go to the location that has the downloaded .MSU file.
  5. Right-click on file > Install.
  6. If prompted at all, click Yes.
  7. You can simply follow the remaining on-screen instructions.

That’s all!!

>