Windows 11 build 22000.917 se déploie grâce à KB5016691, quoi de neuf ?

Microsoft vient de publier une nouvelle Preview de Windows 11. Elle s’adresse aux PCs inscrits sur le canal Release Preview du programme Windows Insider. Son installation passe par le téléchargement de la mise à jour KB5016691. Elle est désormais proposée par le service Windows Update.

Son installation permet à Windows 11 d’évoluer en version 22000.917. Le focus n’est pas les nouveautés mais les corrections de bugs. Nous retrouvons certaines améliorations récemment proposées pour Windows 10 sur le même canal de distribution. Par exemple Microsoft indique que des améliorations sont apportées à la capacité de détection et d’interception des Ransomwares de Microsoft Defender for Endpoint. En parallèle les administrateurs peuvent ajouter à distance des langues et des fonctionnalités liées à la langue.

Normalement nous avons la résolution d’un bug problématique d’impression. Il concerne les imprimantes USB. De nombreux utilisateurs rencontrent des difficultés pour utiliser leurs imprimantes après l’avoir réinstallée ou redémarrée.

Redmond ajoute avoir résolu deux problèmes LSASS très importants. Le géant explique

Nous avons corrigé une condition de concurrence qui empêchait le service LSASS (Local Security Authority Subsystem Service) de fonctionner sur les contrôleurs de domaine Active Directory. Ce problème se produit lorsque LSASS traite simultanément des demandes LDAP (Lightweight Directory Access Protocol) sur TLS (Transport Layer Security) qui échouent à déchiffrer. Le code d’erreur est 0xc0000409 (STATUS_STACK_BUFFER_OVERRUN).

Nous avons aussi résolu un problème qui pouvait entraîner la fuite de jetons dans le service LSASS (Local Security Authority Server Service). Ce problème affecte les appareils qui ont installé des mises à jour Windows datées du 14 juin 2022 ou ultérieures. Ce problème se produit lorsque le périphérique exécute une forme spécifique de service pour l’utilisateur (S4U) dans un service Windows TCB (Non-Trusted Computing Base) qui s’exécute en tant que service réseau.

Pour le moment tout ce contenu n’est disponible que pour les utilisateurs du programme Windows Inside. La plupart des correctifs seront cependant proposés au travers d’une prochaine mise à jour cumulative Windows 11.

Windows 11 build 22000.917, note de version

his non-security update includes quality improvements. Key changes include: 

  • New! We gave IT admins the ability to remotely add languages and language-related features. Additionally, they can now manage language scenarios across several endpoint managers.
  • New! We compressed a file regardless of its size if you have configured Server Message Block (SMB) Compression.
  • New! We enhanced Microsoft Defender for Endpoint’s ability to identify and intercept ransomware and advanced attacks.
  • We fixed an issue that causes ServerAssignedConfigurations to be null in a few full configuration scenarios.
  • We fixed an issue that affects the automatic high dynamic range (Auto HDR) feature for cross-adapter resource scan-out (CASO)-capable GPU drivers.
  • We fixed a known issue that causes Microsoft Edge to stop responding when you use IE mode. This issue also prevents you from interacting with a dialog. 
  • We fixed an issue that prevents virtualized App-V Microsoft Office applications from opening or causes them to stop working.
  • We fixed an issue that might cause the deployment of the Windows Hello for Business certificate to fail in certain circumstances after you reset a device.
  • We fixed multiple issues related to USB printing, such as:
  • A printer malfunctions after you restart or reinstall it
  • Being in the wrong mode after you switch from an Internet Printing Protocol (IPP) Class Driver to an independent hardware vendor (IHV) driver
  • Experiencing bidirectional communication issues that prevent you from accessing device features
  • We fixed an issue that affects the ProjectionManager.StartProjectingAsync API. This issue stops some locales from connecting to Miracast Sinks.
  • We fixed an issue that degrades BitLocker performance.
  • We fixed an issue that prevents Windows 11 SE from trusting some Microsoft Store applications.
  • We fixed an issue that prevents HyperVisor Code Integrity from being enabled automatically on systems that have Arm64 processors.
  • We fixed an issue that stops non-Windows devices from authenticating. This issue occurs when they connect to a Windows-based remote desktop and use a smart card to authenticate.
  • We fixed an issue that causes the Resultant Set of Policy tool (Rsop.msc) to stop working when it processes 1,000 or more “File System” security settings.
  • We fixed an issue that causes the Take a Test app to remove all policies related to lockdown enforcement when you close the app.
  • We fixed an issue that causes the Settings app to stop working on server domain controllers (DCs) when accessing the Privacy > Activity history page.
  • We fixed an issue that might cause certain Bluetooth audio headsets to stop playing after a progress bar adjustment. This issue affects modern systems that support Advanced Audio Distribution Profile (A2DP) offload.
  • We fixed an issue that prevents devices from receiving an offer from Windows Update for the same extension driver when that extension driver is already installed without the base driver.
  • We fixed a race condition that causes the Local Security Authority Subsystem Service (LSASS) to stop working on Active Directory domain controllers. This issue occurs when LSASS processes simultaneous Lightweight Directory Access Protocol (LDAP) over Transport Layer Security (TLS) requests that fail to decrypt. The exception code is 0xc0000409 (STATUS_STACK_BUFFER_OVERRUN).
  • We fixed an issue that affects a lookup for a nonexistent security ID (SID) from the local domain using read-only domain controller (RODC). The lookup unexpectedly returns the STATUS_TRUSTED_DOMAIN_FAILURE error instead of STATUS_NONE_MAPPED or STATUS_SOME_MAPPED.
  • We fixed an issue that might cause the Local Security Authority Server Service (LSASS) to leak tokens. This issue affects devices that have installed Windows updates dated June 14, 2022 or later. This issue occurs when the device performs a specific form of service for user (S4U) in a non-Trusted Computing Base (TCB) Windows service that runs as Network Service.

Leave a Reply

Your email address will not be published. Required fields are marked *