Windows 10 KB5013942 Windows 11 KB5013943 Fix Hybrid AAD Join Autopilot Timeout Issue May Patch Tuesday

Let’s check updates on Windows 10 KB5013942 Windows 11 KB5013943 Fix Hybrid AAD Join Autopilot Timeout Issue coming out with May Patch Tuesday. Microsoft announced 3 zero-day vulnerabilities, and one requires attention on Domain Controllers.

Windows 10 Version 20H2 is out of support from 10th May 2022 onwards. Windows 10 20H2 PCs running the Home, Pro, Pro Education, and Pro for Workstations editions will no longer receive monthly security and quality updates.

NOTE! – May 9, 2023, is the end of support date for Windows 10H2 Enterprise and Education versions of Windows 10 20H2.

Patch My PC

As per Microsoft, Windows 10 KB5013942 (19042.1706, 19043.1706, and 19044.1706) is updated and contains miscellaneous security improvements to internal OS functionality. They have highlighted improvements and fixes related to OneDrive and Password change prevention issues. More details are in the below section of this post.

I’ve highlighted the most important improvements and fixes with the May 10, 2022 Patch Tuesday release for Windows 11 KB5013943 (OS Build 22000.675) below. Other enhancements with May 2022 has explained in the bottom section of this post.

Known Issue with Domain Controller Servers After Installing May 2022 Cumulative Patches

An issue has been found related to how the mapping of certificates to machine accounts is being handled by the domain controller. This issue only affects the installation of May 10, 2022, updates installed on servers used as domain controllers.

NOTE! – I do recommend stop deploying May 2022 Cumulative patches to the domain controller servers. More Details https://docs.microsoft.com/en-us/windows/release-health/status-windows-11-21h2#you-might-see-authentication-failures-on-the-server-or-client-for-services

As per Microsoft, After installing updates released on May 10, 2022, on your domain controllers, you might see authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP).

Known Issue with Domain Controller Servers After Installing May 2022 Cumulative Patch
Known Issue with Domain Controller Servers After Installing May 2022 Cumulative Patch

Applications Might fail to open after May CU KB5012643 Update

.NET Framework 3.5 apps might have issues after installing KB5012643 on Windows 11 devices. The applications Might fail to open after the May CU KB5012643 Update.

As per Microsoft, Affected apps are using certain optional components in .NET Framework 3.5, such as Windows Communication Foundation (WCF) and Windows Workflow (WWF) components. More details are available on the link shared in the above section of the post.

I have a blog post that explains how to fix Application launch issues after KB5012643 installation on Windows 11 devices. More DetailsApplications Fail To Open On Windows 11 After KB5012643 Update.

Windows 11 Improvements and Fixes Related to Azure AD Join and MDM

Let’s quickly check Windows 11 Improvements and Fixes Related to Azure AD Join and MDM. The latest Cumulative Update for Windows 11 KB5013943 changes the timeout for Azure Active Directory (Azure AD) registration from 60 minutes to 90 minutes.

This is for hybrid Azure AD-joined Autopilot scenarios. This also addresses a race condition that causes an exception at timeout.

This LCU fixes an issue in which mobile device management (MDM) policies were not allowed on Windows Enterprise editions upgraded to Enterprise using Azure AD-joined subscription entitlement.

New Known Issues with Snip & Sketch app on Windows 10

Let’s check a New Known Issue with Snip & Sketch app on Windows 10. Microsoft reported a known issue with May 2022 patch Tuesday that the Snip & Sketch app might fail to capture a screenshot.

This might fail to open using the keyboard shortcut (Windows key+shift+S). This issue occurs after installing KB5010342 (February 8, 2022) and later updates.

Zero-Day Vulnerabilities with May 2022

The Zero-Day Vulnerability CVE-2022-26925 is announced with May 2022 patch Tuesday. The domain controllers should be patched with the highest priority in terms of applying the security patches. This fix or workaround to this Domain Controller issue is available now.

An unauthenticated attacker could call a method on the LSARPC interface and coerce the domain controller to authenticate to the attacker using NTLM. This security update detects anonymous connection attempts in LSARPC and disallows them.

The other two zero-day vulnerabilities are CVE-2022-22713 Windows Hyper-V Denial of Service Vulnerability and Insight Software: CVE-2022-29972 Magnitude Simba Amazon Redshift ODBC Driver.

Windows 10 KB5013942 Windows 11 KB5013943 Fix Hybrid AAD Join Autopilot Timeout Issue May Patch
Windows 10 KB5013942 Windows 11 KB5013943 Fix Hybrid AAD Join Autopilot Timeout Issue May Patch 1

Deploy Windows 10 KB5013942 using SCCM and WSUS

You can deploy Windows 10 May 2022 CU KB5013942 using Intune or SCCM. You can create a monthly patch package for April 2022 using the following methods. You can also search with Windows 11 LCU for May 2022 KB5013943.

The easiest way is to check from the SCCM admin console. You can verify the Windows 10 versions (19042.1706, 19043.1706, and 19044.1706) after installing May 2022 LCU.

  • Navigate to \Software Library\Overview\Software Updates\All Software Updates.
  • You will need to initiate a WSUS Sync from the All Software Updates node (Right-click on the node and initiate the sync).
  • Search with KB5013942 and KB5013943.
  • Or you can search with 22-05 Cumulative Update for Windows 10 as shown in the below screenshot.
Title May 2022 Cumulative Update Patches available in SCCM/WSUSKB Article
2022-05 Cumulative Update for Windows Server, version 20H2 for x64-based SystemsKB5013942
2022-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 20H2KB5013624
2022-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 20H2 for x64KB5013624
2022-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H1 for x64KB5013624
2022-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11 for ARM64KB5013628
2022-05 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809 for x64KB5013868
2022-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H1 for ARM64KB5013624
2022-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 20H2 for x64KB5013624
2022-05 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607 for x64KB5013625
2022-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 20H2 for ARM64KB5013624
2022-05 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607KB5013625
2022-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2KB5013624
2022-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1909 for x64KB5013627
2022-05 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809 for ARM64KB5013868
2022-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1909 for ARM64KB5013627
2022-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 for x64KB5013624
2022-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11 for x64KB5013628
2022-05 Cumulative Update for .NET Framework 3.5, 4.7.2, and 4.8 for Windows 10 Version 1809KB5013868
2022-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 20H2 for ARM64KB5013624
2022-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1909KB5013627
2022-05 Cumulative Update for Windows 10 Version 1909 for ARM64-based SystemsKB5013945
2022-05 Cumulative Update for Windows 10 Version 21H1 for ARM64-based SystemsKB5013942
2022-05 Cumulative Update for Windows 10 Version 20H2 for x64-based SystemsKB5013942
2022-05 Cumulative Update for Windows 10 Version 20H2 for x86-based SystemsKB5013942
2022-05 Cumulative Update for Windows 10 Version 21H1 for x64-based SystemsKB5013942
2022-05 Cumulative Update for Windows 10 Version 21H1 for x86-based SystemsKB5013942
2022-05 Cumulative Update for Windows 10 Version 20H2 for ARM64-based SystemsKB5013942
2022-05 Cumulative Update for Windows Server, version 20H2 for ARM64-based SystemsKB5013942
2022-05 Cumulative Update for Windows 10 Version 1607 for x86-based SystemsKB5013952
2022-05 Cumulative Update for Windows 10 Version 1909 for x86-based SystemsKB5013945
2022-05 Cumulative Update for Windows 10 Version 21H2 for ARM64-based SystemsKB5013942
2022-05 Cumulative Update for Windows 10 Version 21H2 for x64-based SystemsKB5013942
2022-05 Cumulative Update for Microsoft server operating system version 21H2 for x64-based SystemsKB5013944
2022-05 Cumulative Update for Windows 10 Version 1607 for x64-based SystemsKB5013952
2022-05 Cumulative Update for Windows 11 for ARM64-based SystemsKB5013943
2022-05 Cumulative Update for Windows 10 Version 21H2 for x86-based SystemsKB5013942
2022-05 Cumulative Update for Windows 11 for x64-based SystemsKB5013943
2022-05 Cumulative Update for Windows 10 Version 1909 for x64-based SystemsKB5013945
2022-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 for ARM64KB5013624
2022-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H1KB5013624
Windows 10 KB5013942 Windows 11 KB5013943 Fix Hybrid AAD Join Autopilot Timeout Issue May Patch 5
Windows 10 KB5013942 Windows 11 KB5013943 Fix Hybrid AAD Join Autopilot Timeout Issue May Patch 7
Windows 10 KB5013942 Windows 11 KB5013943 Fix Hybrid AAD Join Autopilot Timeout Issue May Patch 7

Description: Install this update to resolve issues in Windows. See the associated Microsoft Knowledge Base article for more information for a complete listing of the issues included in this update. After you install this item, you may have to restart your computer.

May 2022 Cumulative Update Patch Deployment using Intune

Let’s check how to deploy May 2022 Cumulative Update (LCU) Patch Deployment using Intune. Intune May 2022 Cumulative Update Patch Deployment is an automated process for Windows 10 and Windows 11 devices.

You don’t have to create any new Software update ring policies in Intune every month. The existing patch deployment policy will deliver the patches using WUfB (Windows Update for Business).

Read More – Software Update Patching Options With Intune Setup Guide (anoopcnair.com)

You have an option to expedite the Installation of May 2022 quality updates if the device OS version is less than the 2022.05. Create expedite update profiles for Quality updates using the following steps.

  • Open https://endpoint.microsoft.com/
  • Navigate Device -> Windows 10 quality Updates (preview).
  • Click on + Create Profile.

The following are the Settings for Intune quality update profile.

  • Name – May 2022 LCU for Windows KB5013943
  • Description
  • Expedite installation of quality updates if device OS version less than 05/10/2022 – 2022.05 B Security Updates for Windows 10 and later
  • Number of days to wait before the restart is enforced – 1 Day

More Details on Zero Day Out Of Band Patch Deployment Using Intune MEM Expedite Best Option and Intune Reporting Issue: Expedite Windows Security Patch Deployment.

Windows 10 KB5013942 Windows 11 KB5013943 Fix Hybrid AAD Join Autopilot Timeout Issue May Patch 2
Windows 10 KB5013942 Windows 11 KB5013943 Fix Hybrid AAD Join Autopilot Timeout Issue May Patch 2

Windows 11 May 2022 Cumulative Update KB5013943

Let’s check Windows 11 May 2022 Cumulative Update KB5013943 deployment options. Like Windows 10, you can deploy Windows 11 patches (LCUs) using SCCM and Intune.

Windows 11 patching is also important for the organization. Microsoft has released the latest Cumulative Update, KB5013943, for May 2022. Windows 11 will change its build number to 22000.675 after the cumulative update KB5013943.

  • 2022-05 Cumulative Update for Windows 11 for x64-based Systems (KB5013943)
  • Article ID: 5012592
  • Date revised: Tuesday, May 10, 2022
  • Maximum Severity Rating: Critical

Direct Download Links of April Cumulative Updates

Let’s manually download the 2022 May Cumulative update for Windows 10, Windows 11, and Server 2022 from the Microsoft Update Catalog website.

The following tables contain the direct links to download the April 2022 Cumulative Updates for Windows 10, Windows 11, and Windows Server operating systems.

TitleProductsSizeDirect Download
2022-05 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5013942)Windows 10, version 1903 and later666.5 MBDownload
2022-05 Cumulative Update for Windows 10 Version 21H1 for x86-based Systems (KB5013942)Windows 10, version 1903 and later314.2 MBDownload
2022-05 Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5013942)Windows 10, version 1903 and later312.4 MBDownload
2022-05 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5013942)Windows 10, version 1903 and later666.5 MBDownload
2022-05 Cumulative Update for Windows 11 for x64-based Systems (KB5013943)Windows 11263.1 MBDownload
Windows 10 KB5013942 Windows 11 KB5013943 Fix Hybrid AAD Join Autopilot Timeout Issue May Patch

You can check the Microsoft Update Catalog portal to get the direct download links to the hotfixes. Check this out Microsoft Update Catalog – https://www.catalog.update.microsoft.com/

Windows 10 KB5013942 Windows 11 KB5013943 Fix Hybrid AAD Join Autopilot Timeout Issue May Patch 4
Windows 10 KB5013942 Windows 11 KB5013943 Fix Hybrid AAD Join Autopilot Timeout Issue May Patch 4

Windows 11 Improvements Fixes with LCU KB5013943

Let’s check the Windows 11 Improvements and Fixes with May 2022 LCU KB5013943.

  • Adds improvements for servicing the Secure Boot component of Windows.
  • Addresses an issue that causes the AppX Deployment Service (AppXSvc) to stop working after installing certain MSIX apps.
  • FIX an issue with the race condition that occurs early in the startup process that might cause a stop error.
  • Improves the Autopilot client to process updated Trusted Platform Module (TPM) capabilities that support self-deployment and pre-provisioning scenarios.

Addresses an issue that causes Kerberos authentication to fail, and the error is “0xc0030009 (RPC_NT_NULL_REF_POINTER)”. This occurs when a client machine attempts to use the Remote Desktop Protocol (RDP) to connect to another machine while Remote Credential Guard is enabled.

  • FIX certain Point of Sale terminals experience occasional OS startup delays during the restart of up to 40 minutes.
  • FIX a memory leak issue that affects Windows systems that use 24 hours each day of the week.
  • FIX an issue that affects the Dynamic Host Configuration Protocol (DHCP) option 119 (Domain Search Option) by preventing the use of the connection-specific DNS Suffix Search List.
  • FIX an issue that affects the Title attribute in Microsoft Ege IE mode.

It fixes the issue when you use Netdom.exe or the Active Directory Domains and Trusts snap-in to list or modify name suffixes routing. These procedures might fail. The error message is, “Insufficient system resources exist to complete the requested service.” After installing the January 2022 security update on the primary domain controller emulator (PDCe), this issue occurs.

  • Fix video subtitles to be partially cut off.
  • Fix incorrectly aligns video subtitles.
  • Fix Windows to go into BitLocker recovery after a servicing update.
  • Fix prevents retrieval of the Endorsement Key (EK) certificate from the TPM device.
  • Fix fails to copy a Group Policy’s security portion to a machine.
  • Fix the Microsoft RDP Client Control instantiation, version 11 and higher, inside a Microsoft Foundation Class (MFC) dialog.
  • Displays the temperature on top of the weather icon on the taskbar if your taskbar is aligned on the left.

Addresses an issue that prevents you from using the minimize, maximize, and close buttons on a maximized app window. This issue occurs because the Notification Center keeps the input focus.

Addresses an issue that causes the primary domain controller (PDC) of the root domain to generate warning and error events in the System log. This issue occurs when the PDC incorrectly tries to scan outgoing-only trusts.

  • FIX map a network drive to a Server Message Block version 1 (SMBv1) share. After restarting the OS, you cannot access that network drive.
  • FIX an SMB multichannel connection and might generate a 13A or C2 error.
  • FIX damages a pool when a Client-Side Caching (CSC) cleanup method fails to delete a created resource.

FIX the server to lock up because the nonpaged pool grows and uses up all memory. After a restart, the same issue occurs again when you try to repair the damage. Reduces the overhead of resource contention in high input/output operations per second (IOPS) scenarios with many threads contending on a single file.

Windows 10 Fixes and Improvements with May 2022 Cumulative Update KB5013942

Let’s quickly check Windows 10 Fixes and Improvements with May 2022 Cumulative Update KB5013942.

  • FIX Internet Explorer to stop working when you copy and paste text using an Input Method Editor (IME).
  • When they sign in or sign out, FIX displays a black screen for some users.
  • FIX the Microsoft OneDrive file to lose focus after renaming it and press the Enter key.
  • The FIX news and interest panel appears when you haven’t clicked, tapped, or moused over it.
  • FIX Issues prevent you from changing a password that has expired when you sign in to a Windows device.

Resources

The Twitter user WZorNET provides very useful links and information for LCUs.

Author

Anoop is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.

2 thoughts on “Windows 10 KB5013942 Windows 11 KB5013943 Fix Hybrid AAD Join Autopilot Timeout Issue May Patch Tuesday”

  1. Just wanted to ask/confirm the end of support dates you mention in this article in the 2nd paragraph from the top:

    Windows 10 Version 20H2 is out of support from 10th May 2022 onwards. Windows 10 20H2 PCs running the Home, Pro, Pro Education, and Pro for Workstations editions will no longer receive monthly security and quality updates.

    Checking MS lifecycle page shows May 9, 2023 (not 2022) as the end of support…
    https://docs.microsoft.com/en-us/lifecycle/products/windows-10-enterprise-and-education

    Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.