Windows 10 KB5014699 Windows 11 KB5014697 FIX June 2022 Patch Tuesday HTMD Blog

Microsoft released Windows 10 KB5014699 and Windows 11 KB5014697. Today is another patch Tuesday a bit late though. The IE mode issue with Windows 10 and 11 is also fixed with this June CU. The machine certificate authentication failures on domain controllers are fixed with June CU.

The vulnerability only affects Azure AD-joined autopilot devices that are also used for conditional access for compliance, and only impacts Autopilot pre-registered devices that are enabled for either self-deploying mode or pre-provisioning mode, either of which utilizes TPM-based device authentication instead of user-based credentials/MFA.

Microsoft fixed many critical issues with Windows 10 and 11 June Cumulative Update patch. One of the fixes that are critical for Autopilot enrollments? The users were able to bypass the forced enrollment by disconnecting from the internet when they sign in to AAD.

Windows 10 and 11 file copying will be faster with this June 2022 cumulative update. The Silent Bitlocker encryption issue is also fixed with this hotfix for both Windows 11 and 10. One way trust issues while adding resources to Windows 10 is also fixed. Error message -> The object selected doesn’t match the type of destination source.

Windows spotlight on the desktop brings the world to your desktop with new background pictures. This is the new feature coming to Windows 11 with June 2022 CU. With this feature, new pictures will automatically appear as your desktop background (similar to the lock screen).

Known Issues with June Patches

Let’s check the known Issues with June Patches on Windows 11, Windows 10, and Server operating systems. One of the known issues is only applicable to ARM-based devices. More details Two Known Issues With June Patches For Windows 10 And 11.

Internet connectivity issues when you enable Mobile Hotspot. There is a fix in place as a preview release (KB5014666).

The second issue applies only to Windows ARM devices. So if you don’t have ARM-based Windows devices, you don’t need to worry at all about this bug!

Azure Active Directory (AAD) and Microsoft 365 services might be unable to sign in. This is already resolved or fixed with the Out-of-Band patch.

PowerShell Desired State Configuration resources might fail to apply successfully – Fixed with July 2022 patches.

Microsoft File Server Shadow Copy Agent Service

Addresses an elevation of privilege (EOP) vulnerability under CVE-2022-30154 for the Microsoft File Server Shadow Copy Agent Service. To become protected and functional, you must install the June 14, 2022, or later Windows update on both the application server and the file server.

The application server runs the Volume Shadow Copy Service (VSS)-the aware application that stores data on the remote Server Message Block 3.0 (or higher) shares on a file server. The file server hosts the file shares.

If you don’t install the update on both machine roles, backup operations carried out by applications, which previously worked, might fail. For such failure scenarios, the Microsoft File Server Shadow Copy Agent Service will log FileShareShadowCopyAgent event 1013 on the file server. For more information, see KB5015527.

1 Zero-Day Vulnerability with June 2022

There is one zero-day and many Critical vulnerabilities announced with June 2022 patch Tuesday. Other critical vulnerabilities are related to VSS, Hyper-V, LDAP, and NFS.

Zero-Day is fixed with the latest updates -> Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability – CVE-2022-30190.

Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability – CVE-2022-30189
Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability – CVE-2022-30154
Windows Hyper-V Remote Code Execution Vulnerability – CVE-2022-30163
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability – CVE-2022-30139
Windows Network File System Remote Code Execution Vulnerability – CVE-2022-30136

Before Installing KB5014699

For machine certificate authentication considerations that affect Network Policy Server (NPS) and other scenarios, do one of the following:

Install this June 14, 2022 update on all intermediate or application servers that pass authentication certificates from authenticated clients to the domain controller (DC) first. Then install this update on all DC role computers.

Pre-populate CertificateMappingMethods to 0x1F as documented in the Registry key information section of KB5014754 on all DCs. Delete the CertificateMappingMethods registry setting only after the June 14, 2022 update has been installed on all intermediate or application servers and all DCs.

Deploy Windows 10 KB5014699 June LCU using SCCM and WSUS

You can deploy Windows 10 June 2022 CU KB5014699 using Intune or SCCM. You can create a monthly patch package for June 2022 using the following methods. You can also search with Windows 11 LCU for June 2022 KB5014699.

The easiest way is to check from the SCCM admin console. You can verify the Windows 10 versions (19042.1766, 19043.1766, and 19044.1766) after installing June 2022 LCU.

Navigate to \Software Library\Overview\Software Updates\All Software Updates.
You will need to initiate a WSUS Sync from the All Software Updates node (Right-click on the node and initiate the sync).
Search with KB5014699.
Or you can search with 22-06 Cumulative Update for Windows 10 as shown in the below screenshot.

Windows 10 KB5014699 Windows 11 KB5014697 FIX June 2022 Patch Tuesday 4

Title Of the June 2022 Cumulative Update	KB Article
2022-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11 for x64 (KB5013889)	5013889
2022-06 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5014699)	5014699
2022-06 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809 (KB5014805)	5014805
2022-06 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB5014702)	5014702
2022-06 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5014702)	5014702
2022-06 Cumulative Update for Windows 11 for x64-based Systems (KB5014697)	5014697
2022-06 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5014678)	5014678
2022-06 Cumulative Update for Windows 10 Version 20H2 for x86-based Systems (KB5014699)	5014699
2022-06 Cumulative Update for Windows 10 Version 21H1 for ARM64-based Systems (KB5014699)	5014699
2022-06 Cumulative Update for Windows 11 for ARM64-based Systems (KB5014697)	5014697
2022-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H1 (KB5013887)	5013887
2022-06 Cumulative Update for Windows 10 Version 21H1 for x86-based Systems (KB5014699)	5014699
2022-06 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5014699)	5014699
2022-06 Cumulative Update for Windows 10 Version 20H2 for ARM64-based Systems (KB5014699)	5014699
2022-06 Cumulative Update for Windows Server, version 20H2 for x64-based Systems (KB5014699)	5014699
2022-06 Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5014699)	5014699
2022-06 Cumulative Update for Windows Server, version 20H2 for ARM64-based Systems (KB5014699)	5014699
2022-06 Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems (KB5014699)	5014699
2022-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 20H2 for x64 (KB5013887)	5013887
2022-06 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607 (KB5014630)	5014630
2022-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 (KB5013887)	5013887
2022-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11 for ARM64 (KB5013889)	5013889
Windows Malicious Software Removal Tool x64 – v5.102 (KB890830)	890830
2022-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 for ARM64 (KB5013890)	5013890
2022-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H1 for x64 (KB5013887)	5013887
2022-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 20H2 for ARM64 (KB5013887)	5013887
2022-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 for x64 (KB5013890)	5013890
2022-06 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809 for x64 (KB5014805)	5014805
2022-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 20H2 for ARM64 (KB5013887)	5013887
Windows Malicious Software Removal Tool – v5.102 (KB890830)	890830
2022-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 20H2 (KB5013887)	5013887
2022-06 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809 for ARM64 (KB5014805)	5014805
2022-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 20H2 for x64 (KB5013887)	5013887
2022-06 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607 for x64 (KB5014630)	5014630
2022-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H1 for ARM64 (KB5013887)	5013887
2022-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 for x64 (KB5013887)	5013887
2022-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 for ARM64 (KB5013887)	5013887
2022-06 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5014699)	5014699

Deploy Windows 10 KB5014699 June LCU using SCCM and WSUS

June 2022 Latest Cumulative Update Patch Deployment using MEM Intune

Let’s check how to deploy June 2022 Cumulative Update (LCU) Patch Deployment using Intune. Intune June 2022 Cumulative Update Patch Deployment is an automated process for Windows 10 and Windows 11 devices.

You don’t have to create any new Software update ring policies in Intune every month. The existing patch deployment policy will deliver the patches using WUfB (Windows Update for Business).

You have an option to expedite the Installation of June 2022 quality updates if the device OS version is less than 2022.06. Create expedited update profiles for Quality updates using the following steps.

Open https://endpoint.microsoft.com/
Navigate Device -> Windows 10 quality Updates (preview).
Click on + Create Profile.

The following are the Settings for Intune quality update profile.

Name – June 2022 LCU for Windows 10 KB KB5014699 and Windows 11 KB5014697
Description—
Expedite installation of quality updates if device OS version less than 06/14/2022 – 2022.06 B Security Updates for Windows 10 and later
Number of days to wait before the restart is enforced – 1 Day

More Details on Zero Day Out Of Band Patch Deployment Using Intune MEM Expedite Best Option and Intune Reporting Issue: Expedite Windows Security Patch Deployment.

The only dedicated quality update control currently available other than the existing update rings policy for Windows 10 and later is the ability to expedite quality updates for devices that fall behind a specified patch level.

Windows 10 KB5014699 Windows 11 KB5014697 FIX June 2022 Patch Tuesday 2

Windows 11 June 2022 Cumulative Update KB5014697

Let’s check Windows 11 June 2022 Cumulative Update KB5014697 deployment options. Like Windows 10, you can deploy Windows 11 patches (LCUs) using SCCM and Intune.

Windows 11 patching is also important for the organization. Microsoft has released the latest Cumulative Update, KB5014697, for June 2022. Windows 11 will change its build number to 22000.739 after the cumulative update KB5014697.

2022-06 Cumulative Update for Windows 11 for x64-based Systems (KB5014697)
Article ID:5014697
Date revised: Tuesday, June 14, 2022
Maximum Severity Rating: Critical

Direct Download Links of June 2022 Cumulative Updates

Let’s manually download the 2022 June Cumulative Update for Windows 10 (KB5014699), Windows 11 (KB5014697), and Server 2022 (KB5014678) from the Microsoft Update Catalog website.

The following tables contain the direct links to download the June 2022 Cumulative Updates for Windows 10, Windows 11, and Windows Server operating systems.

Title	Products	Size	Direct Download
2022-06 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5014699)	Windows 10, version 1903 and later	677.5 MB	Download
2022-06 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5014699)	Windows 10, version 1903 and later	677.5 MB	Download
2022-06 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5014699)	Windows 10, version 1903 and later	677.5 MB	Download
2022-06 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5014678)	Windows Server version 21H2	244.1 MB	Download
2022-06 Cumulative Update for Windows 11 for x64-based Systems (KB5014697)	Windows 11	274.4 MB	Download

Direct Download Links of June 2022 Cumulative Updates

You can check the Microsoft Update Catalog portal to get the direct download links to the hotfixes for June 2022 LCU. Check this out Microsoft Update Catalog – https://www.catalog.update.microsoft.com/

Windows 10 KB5014699 Windows 11 KB5014697 FIX June 2022 Patch Tuesday 1

Windows 11 Improvements Fixes with June CU KB5014697

The following is the list of fixes and improvements documented only for Windows 11 operating systems with June 2022 Cumulative Update KB5014697.

FIXED an issue that fails to maintain the display brightness after you change the display mode.
FIXED an issue that causes Widgets to appear on the wrong monitor when you hover over the Widgets icon on the taskbar.

Adds animation to the Widgets icon when you click or tap the icon and the taskbar is aligned on the left.

FIXED an issue that affects the rendering of the default Widgets icon on a taskbar that is aligned in the center.
FIXED an issue that causes blurry app icons in Search results when the display’s dots per inch (dpi) scaling is greater than 100%.
FIXED an issue that fails to automatically give the search box input focus when you select the Start menu and start typing.

FIXED an issue that fails to make the options Run as administrator and Open file location available for certain results when you search from the taskbar.

FIXED an issue that causes the Input (TextInputHost.exe) app to stop working.
FIXED an issue in searchindexer.exe that affects the search for shapes in Microsoft Visio.

Windows 10 Fixes with June 2022 Cumulative Update KB5014699

Most of the items in this list are applicable for both Windows 10 (KB5014699) and Windows 11 (KB5014697) because Windows 11 uses the same code base as Windows 10. I don’t think Microsoft documented any improvements in particular for Win 10.

Fixed an issue that prevents Microsoft Excel or Microsoft Outlook from opening.
FIXED affects the IE mode window frame.
FIXED an issue that prevents internet shortcuts from updating.
FIXED an issue that causes an Input Method Editor (IME) to discard a character if you enter the character while the IME is converting previous text.
FIXED an issue that causes file copying to be slower.

FIXED a known issue that affects certain GPUs and might cause apps to close unexpectedly or cause intermittent issues that affect some apps that use Direct3D 9.

FIXED an issue that might run an AnyCPU application as a 32-bit process.
FIXED an issue that prevents Azure Desired State Configuration (DSC) scenarios that have multiple partial configurations from working as expected.

FIXED an issue that affects remote procedure calls (RPC) to the Win32_User or Win32_Group WMI class. The domain member that runs the RPC contacts the primary domain controller (PDC). When multiple RPCs occur simultaneously on many domain members, this might overwhelm the PDC.

Windows 10 Fixes with June 2022 Cumulative Update KB

FIXED an issue that occurs when you apply multiple WDAC policies. Doing that might prevent scripts from running when the policies allow scripts to run.

FIXED an issue that affects the behavior and shape orientation of a mouse cursor for Microsoft Defender Application Guard (MDAG), Microsoft Office, and Microsoft Edge. This issue occurs when you turn on a virtual graphics processing unit (GPU).

FIXED an issue that might cause a system to stop responding when a user signs out if Microsoft OneDrive is in use.

FIXED a known issue that might prevent recovery discs (CD or DVD) from starting if you created them using the Backup and Restore (Windows 7) app in Control Panel. This issue occurs after installing Windows updates released on January 11, 2022, or later.

FIXED a known issue that affects certain GPUs and might cause apps to close unexpectedly or cause intermittent issues that affect some apps that use Direct3D 9. You might also receive an error in the Event Log in Windows Logs/Applications, and the faulting module is d3d9on12.dll and the exception code is 0xc0000094.

FIXED an issue that prevents the file system control code (FSCTL_SET_INTEGRITY_INFORMATION_EX) from handling its input parameter correctly.

Resources

The Twitter user WZorNET provides very useful links and information for LCUs.

Windows 11 21H2 https://support.microsoft.com/help/5014697 – Version 22000.739
Windows 10 20H2|21H1|21H2 https://support.microsoft.com/help/5014699 – 19042.1766, 19043.1766, and 19044.1766
Server 2022 21H2 https://support.microsoft.com/help/5014678 – Version 20348.768

Author

Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.