Windows Security Updates January 2023 Summary

January 2023 Security updates are now available for all versions of Windows 11, 10, 8.1, and 7. If you were waiting for this day, we suggest locating your own Windows version and upgrading to the next OS Build. As Microsoft has stated before, this will be the last patch day for Windows 7 devices that were subscribed to Extended Security Updates and all Windows 8 devices. 

If you are still using the older version of Windows like 7, 8, or 8.1, we suggest upgrading to the newer versions. As usual, the company has uploaded the security updates in the Microsoft Update catalog. All you need is to visit this site and pick an update matching your system architecture. 

January 2023 Security updates for Windows PC

This is the first patch day of this year and brings some quality improvements to the existing OS Builds. Microsoft has also rolled out some new servicing stack updates, .NET Frameworks, and Office Products. Have a look at the below sections, locate your operating system, and update accordingly. 

1] Windows 11, version 22h2

• OS Build: 22621.1105
• Release Note: KB5022303
• SSU: 22621.898

Key Highlights:

• Improves the security of the whole operating system.
• Several users have complained about local users having the ability to modify system properties even though they were denied administrative rights. Microsoft has worked on and resolved this issue. As a result of this, there are no issues affecting the Local Session Manager (LSM) on your Windows PC.
• KB5022303 also works on a persisting error affecting apps that were using Microsoft Open Database Connectivity (ODBC) SQL Server Driver (sqlsrv32.dll) to connect to databases. From now onward, you will not encounter any error message in the app, and the connection will continue as it used to on prior Build versions. 

Direct Download Page for different architectures: Microsoft Update Catalog

2] Windows 11, version 21h2

• OS Build: 22000.1455
• Release Note: KB5022287
• SSU: 22000.1270 

Key Highlights:

• Improves the security of the whole operating system.
• Resolves an error code 0xc000021a that often occurs with a Blue Screen while working on Windows. 
• Addresses an issue that was affecting the Local Session Manager (LSM). The issue was letting non-admin users perform actions that only an administrator can do. 
• Fixes a known issue that affects apps that use Microsoft Open Database Connectivity (ODBC) SQL Server Driver (sqlsrv32.dll) to connect to databases. Try accessing the application and you will not find the connection failure error messages or some random error messages from the SQL server. 
• No additional issues were documented for this release.

Direct Download Page for different architectures: Microsoft Update Catalog

3] Windows 10 versions 22h2, 21h2, and 20h2

• Release Note: KB5022282
• Respective OS Build numbers: 19045.2486, 19044.2486, and 19042.2486
• Servicing Stack update: 19045.2300, 19044.2300, and 19042.2300

Note: Windows 10 version 21h1 reached its end-of-service statement last month i.e. Dec 13th, 2022. If you are on this version, upgrade to either version 21h2 or 22h2 (the latest version). 

Key Highlights:

• Brings Security updates for all Windows components and Microsoft Services. 
• Resolves a known issue on Windows 10 that was preventing startup services from starting and thus causing an error code 0xc000021a.
• KB5022282 addresses an issue that was known to affect the Local Session Manager (LSM). Because of this bug, local users were able to perform actions that only an administrator can do.
• Fixes a known issue that affects apps that use Microsoft Open Database Connectivity (ODBC) SQL Server Driver (sqlsrv32.dll) to connect to databases. Try accessing the application and you will not find the connection failure error messages or some random error messages from the SQL server. 
• No additional issues were documented for this release.

Direct Download Page for different architectures: Microsoft Update Catalog

4] Windows 10, version 1809

• Release Note: KB5022286
• OS Build: 17763.3887
• Servicing Stack update: 17763.3641

Key Highlights:

• Brings Security updates to all your Windows components and Microsoft Services. 
• Microsoft releases a new feature on this version of Windows 10. With this feature enabled, you may use the Quick Assist application on all your client devices. 
• Addresses a known error – “There was an error resetting the AD password… // 0x80070005”. This error was the direct result of an issue affecting cluster name objects (CNO) or virtual computer objects (VCO). From now onward, you will not see the Password resetting failure on your Windows 10, version 1809. 
• Resolves an issue affecting Microsoft Defender for Endpoint. This bug causes Automated investigation to block live response investigations. 
• This update addresses a known issue affecting applications that use Microsoft Open Database Connectivity (ODBC) SQL Server Driver (sqlsrv32.dll) to connect to databases. Previously, it was causing the connection to fail or generate an error in the app (received from the SQL Server).
• This patch works on and resolves an issue affecting authentication. Previously, it was failing when you use the higher 16 bits of the MSDS-SupportedEncryptionTypes attribute. The problem was known to occur if you don’t set the encryption types or you disable the RC4 encryption type on the domain.

Known Issue on it:

• After installing KB5001342, the Cluster Service failed to start because a Cluster Network Driver is not found. This bug might appear after this patch update as well.

Direct Download Page for different architectures: Microsoft Update Catalog

5] Windows 10, version 1607

• Release Note: KB5022289
• OS Build: 14393.5648
• Servicing Stack update: KB5017396

Windows 10, 1607 KB5021235 Complete Changelog

Key Highlights:

• With this update, you may now use the Quick Assist application on all your client devices. 
• Resolves an issue that affects the 16 Bits MSDS-SupportedEncryptionTypes attribute authentication. This problem occurs when you do not set the encryption types or you disable the RC4 encryption type on the domain.
• Addresses an issue that affects cluster name objects (CNO) or virtual computer objects (VCO). When this occurs, you often see an error message – “There was an error resetting the AD password… // 0x80070005”. 
• After you install this patch update, this will address an issue that affects apps using Microsoft Open Database Connectivity (ODBC) SQL Server Driver (sqlsrv32.dll) to connect to databases. Earlier, users complained of getting some error messages in the app or sometimes from the SQL Server itself. 

How do I enable or disable HTML application files inside GPE?

The KB5022289 update also introduces a new Group Policy for enabling or disabling HTML Application (HTA) files. If you enable this policy, it stops you from running HTA files. However, when you disable or do not configure this policy, you can run the HTA file. 

To configure this Group Policy, follow these steps – 

• Launch Local Group Policy Editor first. 
• When this opens up, navigate to the below path –

Select Computer Configuration > Administrative Templates > Windows Components > Internet Explorer

• Head over to the right pane, and double-click on Turn on DisableHTMLApplication.
• On its properties window, select Enabled, and hit Apply > OK. 

Known Issues on it

Microsoft has not documented any known issue associated with this security patch to Windows 10 1607.

Direct Download Page for different architectures: Microsoft Update Catalog

6] Windows 10 1507 (Initial version)

• OS Build: 10240.19685
• Release Note: KB5022297
• Servicing Stack update: KB5014024

Key Changes:

• Improves the security of the whole operating system.
• Addresses a known issue affecting apps that use Microsoft Open Database Connectivity (ODBC) SQL Server Driver (sqlsrv32.dll) to connect to databases. Previously, it was causing the connection to fail on some error messages. 

Note: Microsoft is not currently aware of any issues with this update.

Direct Download Page for different architectures: Microsoft Update Catalog

7] Windows 8.1 and Windows Server 2012 R2

• Monthly Rollup: KB5022352
• Security-only: KB5022346
• Required Servicing Stack Update: KB5018922

Key Changes:

Starting with this release, users will see a modal dialog box stating the end of support for Windows 8.1. January 2023 was the last patch update for both its Monthly as well as Security updates. If you are using Windows 8.1 Enterprise or Pro version, you will not see the reminder. 

• When you use the 16 Bits MSDS-SupportedEncryptionTypes Attribute, it causes the authentication to fail on some error message. This happens when the encryption types are not set or if the RC4 Encryption type is disabled on the domain. With Jan 2023 update, Microsoft resolves this problem on Windows 8.1. 
• Addresses a known issue that affects apps using Microsoft Open Database Connectivity (ODBC) SQL Server Driver (sqlsrv32.dll) to connect to databases. 

Direct Download Links to KB5022352 & KB5022346

8] Windows 7 SP1 and Windows Server 2008 R2

• Monthly Rollup: KB5022338
• Security-Only: KB5022339
• Must install SSU: KB5017397

Key Changes:

• Addresses a known issue that affects apps using Microsoft Open Database Connectivity (ODBC) SQL Server Driver (sqlsrv32.dll) to connect to databases. 
• When you use the 16 Bits MSDS-SupportedEncryptionTypes Attribute, it causes the authentication to fail on some error message. This happens when the encryption types are not set or if the RC4 Encryption type is disabled on the domain. With Jan 2023 update, Microsoft resolves this problem on Windows 8.1. 

Direct Download Links to KB5022338 & KB5022339

How to Download and Install January 2023 Security updates

To download and upgrade your respective operating system to January 2023 Update via Windows Update, do the following –

• Launch Settings (Win + I) first.
• Go to Windows Update, and hit Check for updates.

The system will connect to Microsoft servers online and download/install the pending updates on your computer.

Microsoft Windows Server Security updates

If you would like to upgrade your Windows Server, locate and click on your own Server among the below list. Search for the respective Server, and when found, click the Download button. Proceeding this way, you may easily upgrade your Windows Server.

• KB5022291 – Jan 2023, Cumulative Update for Windows Server 2022.
• KB5022286 – Jan 2023, Cumulative Update for Windows Server version 1809 and Windows Server 2019.
• KB5022289 – Jan 2023, Cumulative Update for Windows Server 2016.
• KB5022343 – Jan 2023, Security-only Update for Windows Server 2012.
• KB5022348 – Jan 2023, Monthly Rollup for Windows Server 2012.
• KB5022353 – Jan 2023, Security-only Update for Windows Server 2008 SP2.
• KB5022340 – Jan 2023, Monthly Rollup for Windows Server 2008 SP2.

How do I install Windows Server Quality updates?

If you would like to upgrade your Windows server, look for your server in the above section. Once you find your Server in the above list, click on the hyperlink. You will be redirected to the Rollup page. Scroll down to the “How to Get this update” section, and click on the Microsoft update catalog link. 

Search again for your server update, and when found, hit the Download button. On the subsequent page, click the top link, and the setup file starts downloading for your Windows Server. After the download completes, you may proceed with its installation. 

Servicing Stack Updates

With the latest change in Servicing Stack update, you don’t need to separately download and install the SSU update on your Windows 10, versions 1809, and later. For Windows 10, version 1607 or earlier versions, the servicing stacks are provided below –

• Windows 10, version 1607 – KB5017396
• Windows 7, SP1 Security Only Update & Monthly Rollup – KB5017397

Microsoft Office updates

• For updates on Office 2016 or Office 2013, visit this site.

.NET Framework Updates

We will update this section later on with updates coming for December 2022. As of now, only November 2022 .NET Frameworks are available only. 

Direct Download Jan 2023 Security updates

If you want to manually download and install the recent Windows or Windows Server updates, reach out to your version, and download the latest cumulative update, quality rollup, or monthly rollup. 

• KB5022303 – Jan 2023 Cumulative update for Windows 11, version 22h2
• KB5022287 – Jan 2023 Cumulative update for Windows 11, version 21h2
• KB5022282 – Jan 2023 Cumulative update for Windows 10, versions 22h2 & 21h2
• KB5022352 – Jan 2023 Security Monthly Quality Rollup update for Windows 8.1 & Windows Server 2012 R2
• KB5022346 – Jan 2023 Security Only Quality rollup for Windows 8.1, and Windows Server 2012 R2
• KB5022338 – Jan 2023 Security Monthly Quality Rollup update for Windows 8.1 & Windows Server 2008 R2
• KB5022339 – Jan 2023 Security Only Quality rollup for Windows 7, and Windows Server 2008 R2

Click on the KB number, provided above, to visit the Microsoft update Catalog page. Download the update matching your system architecture. 

That’s it.