Let’s check Windows 10 KB5031356 October 2023 Patch Tuesday and 3 Zero Day Vulnerabilities. This latest update package, known as Windows 10 KB5031356, includes Microsoft’s most recent improvements and primarily focuses on addressing known issues, resolving security vulnerabilities, and improving overall system performance.
Additionally, Microsoft has introduced the KB5031354 and KB5031358 updates for Windows 11. For further details on the improvements and bug fixes, you can consult the blog post about the October Patches for Windows 11. Regarding the most recent update, Windows 10 KB5031356 focuses on addressing identified security issues in your Windows operating system.
This update resolves a recognized problem impacting ClickOnce. It addresses the issue where applications deployed via ClickOnce may start prompting for installation, even if these ClickOnce apps are already installed and designated as “trusted.”
This update finalizes the adjustments needed to adhere to GB18030-2022 specifications. It involves removing and remapping characters for Microsoft Wubi input and Microsoft Pinyin U-mode input. Consequently, it’s no longer possible to input character codepoints that are not supported, as all necessary codepoints have been updated accordingly.
Zero Day Security Vulnerability for October 2023
There are three zero-day vulnerabilities announced by Microsoft with the October patch Tuesday, and they are CVE-2023-36563 Microsoft WordPad Information Disclosure Vulnerability, CVE-2023-41763 Skype for Business Elevation of Privilege Vulnerability and CVE-2023-44487 MITRE: CVE-2023-44487 HTTP/2 Rapid Reset Attack. More details on October 2023 Patch Tuesday CVE Updates.
| CVE Number | CVE Title | Publicly Disclosed | Exploitability assessment | Exploited |
|---|---|---|---|---|
| CVE-2023-36563 | Microsoft WordPad Information Disclosure Vulnerability | Yes | Exploitation Detected | Yes |
| CVE-2023-41763 | Skype for Business Elevation of Privilege Vulnerability | Yes | Exploitation Detected | Yes |
| CVE-2023-44487 | HTTP/2 Rapid Reset Attack | Yes | Exploitation Detected | No |
Video Review of October 2023 Patch Tuesday Windows 10
Let’s have a quick Video Review of October 2023 Patch Tuesday Windows 10 KB5030211. October Patch Tuesday Windows 10 October patch KB5031356 is also covered in this video.
How to Seek Windows Updates?
To improve your device’s security and performance, Windows 10 offers you the flexibility to choose when and how you receive the latest updates. You can easily customize your update preferences and review the available updates by clicking on the “Check for Windows updates” option.
Alternatively, you can seek the latest Windows update by selecting Start > Settings > Windows Update by accessing the update settings.
Microsoft releases security updates on a designated day called “Patch Tuesday,” which falls on the second Tuesday of each month at 10:00 AM PST. To ensure smooth deployment, IT professionals should take their time zones into account when scheduling their deployment plans.
Windows 10 New Improvements with October Patches
HTMD community covered all the new features or improvements of the Windows 10 22H2 release in the following blog post – New Features Of Windows 10 22H2 | Issues Fixed. All these features are included in the latest Cumulative Update released on the patch on Tuesday, 11th October 2023.
| New Improvements with October Patches | Details |
|---|---|
| October LCU adds animations to a few icons on the news and interests taskbar buttons | These animations occur when a new announcement appears on the news and interests taskbar button and when one hovers over or clicks the icon while the announcement is on the taskbar. |
| This update brings back an improved search box experience on the taskbar | If your taskbar is set to display top, bottom, regular, or small icons, you’ll notice the appearance of the search box. This search box enables convenient access to apps, files, settings, and various content from both Windows and the web. Additionally, you’ll benefit from the most recent search enhancements, including search highlights. This can be accomplished effortlessly if you wish to revert to your previous search setup. |
Issues Fixed with Windows 10 October Patches
Let’s look at the issues fixed with the Windows 10 October patch Tuesday KBs (KB5031356). The following table covers both Windows 10 22H2 and 21H2 fixes.
| Fixes with Windows 10 October Patches | Details |
|---|---|
| This update completes the work to comply with the GB18030-2022 requirements. | It involves the removal and remapping of characters for Microsoft Wubi input and Microsoft Pinyin U-mode input. Consequently, it’s no longer possible to input character codepoints that are not supported, as all necessary codepoints have been updated accordingly. |
| October patches support daylight saving time (DST) changes in Greenland. | The latest cumulative patches support changes in Greenland’s daylight saving time (DST). |
| October update addresses an issue that affects an Application Virtualization (App-V) environment. | Copy operations within it cease to function, and this issue arises following the installation of the April 2023 update. |
| This update addresses an issue that affects the Simple Certificate Enrollment Protocol (SCEP) certificate | The system currently marks certain SCEP certificate installations as failed, but it should ideally label them as pending. |
| October patches addresses an issue that affects Microsoft Print to PDF. | It currently employs the metadata associated with the name you use for signing in as the author of a printed PDF, but it should utilize the display name instead. |
| This update resolves a problem impacting the Resultant Set of Policy (RSOP). | The Windows LAPS “BackupDirectory” policy setting was not being reported. This occurs when the setting is set to 1, which is “Back up to AAD.” |
| October update checks on issue that affects some USB printers. | Microsoft Defender stops USB printers from printing. |
| This update addresses an issue that affects device health. | Some devices cannot attest to their security health. |
| This update looks into an issue that affects Windows Defender Application Control (WDAC). | The implementation of AppID Tagging policies can significantly extend the time it takes for your device to boot up. |
| Current update addresses an issue that affects IMEPad. | It stops to function when you input end-user-defined characters (EUDC). |
| October update addresses an issue that affects application compatibility. | This is related to Microsoft Defender for Endpoint. |
| This update checks on issue that affects toast notifications. | They might not appear when you use UI Automation tools to read them. |
| October update addresses an issue that affects the Microsoft Distributed Transaction Coordinator (DTC). | There is a handle leak issue, and as a result, the system exhausts its memory resources. |
| Current update addresses an issue that might cause a user-mode memory leak. | This issue may arise when invoking the CopyFile() or MoveFile() functions. |
| October patches looks into an issue that might make Windows stop responding. | This situation may arise when working with Microsoft OneDrive files that have been compressed using NTFS. |
| This update addresses an issue that affects external binding. | It encounters a failure after the installation of Windows updates released in May 2023 or later, resulting in issues impacting LDAP queries and authentication. |
| Current update addresses an issue that affects Windows Hello for Business. | The user interface (UI) becomes unresponsive following the enrollment in biometric authentication. |
| This update addresses an issue that affects the touch keyboard. | Sometimes touch keyboard does not open. |
| October update improves an issue that affects Microsoft Excel. | It becomes unresponsive when attempting to share a file as a PDF in Outlook |
Known Issues – Windows 10 KB5031356 October Patch
Let’s look at the issues fixed with the Windows 10 October patch on Tuesday, KB5031356. The following table covers both Windows 10 22H2 and 21H2 fixes.
Workaround for BitLocker might incorrectly receive a 65000 error: To mitigate this issue in Microsoft Intune, you can set the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies to not configured.
| Summary | Originating update | Status |
|---|---|---|
| KB5031356 security update might fail to install | OS Build 19045.3570 KB5031356 | Workaround KIR. More details Windows 10, version 22H2 | Microsoft Learn |
| BitLocker might incorrectly receive a 65000 error in MDMs. “Requires Device Encryption” might incorrectly report. | N/A | Workaround provided – working on a resolution. |
| Apps deployed via ClickOnce might prompt for installation when opened. | OS Build 19045.3271 KB5028244 | Resolved KB5030300 |
| Devices with a locale set to Croatia might not utilize the expected currency | N/A | Workaround provided – working on a resolution. |
SCCM Windows 10 KB5031356 Deployment
Learn how to Deploy Windows 10 KB5031356 October 2023 Cumulative Updates using SCCM/WSUS. You can deploy Windows 10 October 2023 CU KBs using Intune or SCCM.
You can create a monthly patch package for October 2023 using the following methods. You can also search with Windows 10 LCU for October 2023 KB5031356. The easiest way is to check from the SCCM admin console.
NOTE! You can verify the Windows 10 (OS Builds 19044.3570 and 19045.3570) by installing the October 2023 Latest Cumulative Updates.
- In SCCM Console, Navigate to Software Library\Overview\Software Updates\All Software Updates.
- You must initiate a WSUS Sync from the All Software Updates node (Right-click on the node and initiate the sync).
- Search with the following KB5031356 Number.
- Or you can search with 23-10 Cumulative Update for Windows 10, as shown in the below screenshot.
| Name of Windows 10 Patch | Release Date |
|---|---|
| 2023-10 Cumulative Update for Windows 10 Version 22H2 for ARM64-based Systems (KB5031356) | 10/10/2023 5:00:00 PM |
| 2023-10 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5031356) | 10/10/2023 5:00:00 PM |
| 2023-10 Cumulative Update for Windows 10 Version 22H2 for x86-based Systems (KB5031356) | 10/10/2023 5:00:00 PM |
| 2023-10 Cumulative Update for Windows 10 Version 20H2 for x86-based Systems (KB5031356) | 10/10/2023 5:00:00 PM |
| 2023-10 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5031356) | 10/10/2023 5:00:00 PM |
Intune Windows 10 KB5031356 Deployment
Let’s now check into the procedures for implementing the October 2023 (LCU) Patch Tuesday update through Intune. With the utilization of Microsoft Intune, you possess the capability to roll out the Cumulative Update (CU) for Windows 10 in October. It’s worth highlighting that the process of deploying patches via Intune varies from that employed by SCCM (Microsoft Configuration Manager).
I don’t think creating a new patch deployment policy to cater to monthly CU deployments is mandatory, but you can use the following method to expedite. The existing patch deployment policy will deliver the patches using WUfB (Windows Update for Business).
You have the option to expedite the Installation of October 2023 quality updates. Create expedited update profiles for Quality updates using the following steps.
- Login into the Microsoft Intune admin center https://intune.microsoft.com/
- Navigate Device -> Quality updates for Windows 10 and later.
- Click on +Create Profile.
The following are the Settings for the Intune quality update profile for the monthly patching process if you want to expedite the deployment of patches. Otherwise, you can use the standard quality updates policy from Intune.
- Name – Windows 10 October 2023 LCU.
- Description – Recommend adding a detailed description.
- Expedite installation of quality updates if the device OS version is less than 11th October 2023 – 2023.10 B Security Updates for Windows 10 and later
- Number of days to wait before the restart is enforced – 1 Day
More Details on Zero Day Out Of Band Patch Deployment Using Intune MEM Expedite Best Option and Intune Reporting Issue: Expedite Windows Security Patch Deployment.
Windows 10 KB5031356 Direct Download Links
To obtain the October 2023 Cumulative Update for Windows 10 (KB5031356), we can download it manually from the Microsoft Update Catalog website. Direct links to download the October 2023 Cumulative Updates for Windows 10 are provided in the tables below.
You can check the Microsoft Update Catalog portal to get the direct download links to the hotfixes for October 2023 LCU. Check this out Microsoft Update Catalog – https://www.catalog.update.microsoft.com/ and Search Keyword 2023-10.
- Enter the KB article number
- Click the Search icon
- Search Keyword 2023-10
| Title | Products | Size | Direct Download |
|---|---|---|---|
| 2023-10 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5031356) | Windows 10 22H2 | 767.8 MB | Download |
Automated Patch Management with Windows Autopatch
Autopatch helps streamline updating operations and create new opportunities for IT pros. The Windows Autopatch Release Management provides you with more clarity on the Quality, Feature updates, and install schedules in the Intune portal, Here, you can get more information Windows Autopatch Implementation Setup Guide.
In Intune Portal, Navigate to Devices, Under Windows Autopatch. Select Release Management, which displays the updates and releases scheduled.
Resources
October 10, 2023—KB5031356 (OS Builds 19044.3570 and 19045.3570) – Microsoft Support
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.