Windows 10 KB5031356 October 2023 Patch Tuesday | 3 Zero Day Vulnerabilities

Let’s check Windows 10 KB5031356 October 2023 Patch Tuesday and 3 Zero Day Vulnerabilities. This latest update package, known as Windows 10 KB5031356, includes Microsoft’s most recent improvements and primarily focuses on addressing known issues, resolving security vulnerabilities, and improving overall system performance.

Additionally, Microsoft has introduced the KB5031354 and KB5031358 updates for Windows 11. For further details on the improvements and bug fixes, you can consult the blog post about the October Patches for Windows 11. Regarding the most recent update, Windows 10 KB5031356 focuses on addressing identified security issues in your Windows operating system.

This update resolves a recognized problem impacting ClickOnce. It addresses the issue where applications deployed via ClickOnce may start prompting for installation, even if these ClickOnce apps are already installed and designated as “trusted.”

This update finalizes the adjustments needed to adhere to GB18030-2022 specifications. It involves removing and remapping characters for Microsoft Wubi input and Microsoft Pinyin U-mode input. Consequently, it’s no longer possible to input character codepoints that are not supported, as all necessary codepoints have been updated accordingly.

Patch My PC

Zero Day Security Vulnerability for October 2023

There are three zero-day vulnerabilities announced by Microsoft with the October patch Tuesday, and they are CVE-2023-36563 Microsoft WordPad Information Disclosure Vulnerability, CVE-2023-41763 Skype for Business Elevation of Privilege Vulnerability and CVE-2023-44487 MITRE: CVE-2023-44487 HTTP/2 Rapid Reset Attack. More details on October 2023 Patch Tuesday CVE Updates.

Windows 10 KB5031356 October 2023 Patch Tuesday | 3 Zero Day Vulnerabilities - Fig.1
Windows 10 KB5031356 October 2023 Patch Tuesday | 3 Zero Day Vulnerabilities – Fig.1
CVE NumberCVE TitlePublicly DisclosedExploitability assessmentExploited
CVE-2023-36563Microsoft WordPad Information Disclosure VulnerabilityYesExploitation DetectedYes
CVE-2023-41763Skype for Business Elevation of Privilege VulnerabilityYesExploitation DetectedYes
CVE-2023-44487HTTP/2 Rapid Reset AttackYesExploitation DetectedNo
Table 1 – Windows 10 KB5031356 October 2023 Patch Tuesday | 3 Zero Day Vulnerabilities

Video Review of October 2023 Patch Tuesday Windows 10

Let’s have a quick Video Review of October 2023 Patch Tuesday Windows 10 KB5030211. October Patch Tuesday Windows 10 October patch KB5031356 is also covered in this video.

Adaptiva
Video Review of October 2023 Patch Tuesday Windows 10

How to Seek Windows Updates?

To improve your device’s security and performance, Windows 10 offers you the flexibility to choose when and how you receive the latest updates. You can easily customize your update preferences and review the available updates by clicking on the “Check for Windows updates” option.

Alternatively, you can seek the latest Windows update by selecting Start > Settings > Windows Update by accessing the update settings.

Microsoft releases security updates on a designated day called “Patch Tuesday,” which falls on the second Tuesday of each month at 10:00 AM PST. To ensure smooth deployment, IT professionals should take their time zones into account when scheduling their deployment plans.

Windows 10 KB5031356 October 2023 Patch Tuesday | 3 Zero Day Vulnerabilities - Fig.2
Windows 10 KB5031356 October 2023 Patch Tuesday | 3 Zero Day Vulnerabilities – Fig.2

Windows 10 New Improvements with October Patches

HTMD community covered all the new features or improvements of the Windows 10 22H2 release in the following blog post – New Features Of Windows 10 22H2 | Issues Fixed. All these features are included in the latest Cumulative Update released on the patch on Tuesday, 11th October 2023.

New Improvements with October PatchesDetails
October LCU adds animations to a few icons on the news and interests taskbar buttonsThese animations occur when a new announcement appears on the news and interests taskbar button and when one hovers over or clicks the icon while the announcement is on the taskbar.
This update brings back an improved search box experience on the taskbarIf your taskbar is set to display top, bottom, regular, or small icons, you’ll notice the appearance of the search box. This search box enables convenient access to apps, files, settings, and various content from both Windows and the web. Additionally, you’ll benefit from the most recent search enhancements, including search highlights. This can be accomplished effortlessly if you wish to revert to your previous search setup.
Table 2 – Windows 10 KB5031356 October 2023 Patch Tuesday | 3 Zero Day Vulnerabilities
Windows 10 KB5031356 October 2023 Patch Tuesday - 3 Zero Day Vulnerabilities Fig. 3
Windows 10 KB5031356 October 2023 Patch Tuesday – 3 Zero Day Vulnerabilities Fig. 3

Issues Fixed with Windows 10 October Patches

Let’s look at the issues fixed with the Windows 10 October patch Tuesday KBs (KB5031356). The following table covers both Windows 10 22H2 and 21H2 fixes.

Fixes with Windows 10 October PatchesDetails
This update completes the work to comply with the GB18030-2022 requirements.It involves the removal and remapping of characters for Microsoft Wubi input and Microsoft Pinyin U-mode input. Consequently, it’s no longer possible to input character codepoints that are not supported, as all necessary codepoints have been updated accordingly.
October patches support daylight saving time (DST) changes in Greenland.The latest cumulative patches support changes in Greenland’s daylight saving time (DST).
October update addresses an issue that affects an Application Virtualization (App-V) environment.Copy operations within it cease to function, and this issue arises following the installation of the April 2023 update.
This update addresses an issue that affects the Simple Certificate Enrollment Protocol (SCEP) certificateThe system currently marks certain SCEP certificate installations as failed, but it should ideally label them as pending.
October patches addresses an issue that affects Microsoft Print to PDF.It currently employs the metadata associated with the name you use for signing in as the author of a printed PDF, but it should utilize the display name instead.
This update resolves a problem impacting the Resultant Set of Policy (RSOP).The Windows LAPS “BackupDirectory” policy setting was not being reported. This occurs when the setting is set to 1, which is “Back up to AAD.”
October update checks on issue that affects some USB printers.Microsoft Defender stops USB printers from printing.
This update addresses an issue that affects device health.Some devices cannot attest to their security health.
This update looks into an issue that affects Windows Defender Application Control (WDAC).The implementation of AppID Tagging policies can significantly extend the time it takes for your device to boot up.
Current update addresses an issue that affects IMEPad.It stops to function when you input end-user-defined characters (EUDC).
October update addresses an issue that affects application compatibility.This is related to Microsoft Defender for Endpoint.
This update checks on issue that affects toast notifications.They might not appear when you use UI Automation tools to read them.
October update addresses an issue that affects the Microsoft Distributed Transaction Coordinator (DTC).There is a handle leak issue, and as a result, the system exhausts its memory resources.
Current update addresses an issue that might cause a user-mode memory leak.This issue may arise when invoking the CopyFile() or MoveFile() functions.
October patches looks into an issue that might make Windows stop responding.This situation may arise when working with Microsoft OneDrive files that have been compressed using NTFS.
This update addresses an issue that affects external binding.It encounters a failure after the installation of Windows updates released in May 2023 or later, resulting in issues impacting LDAP queries and authentication.
Current update addresses an issue that affects Windows Hello for Business.The user interface (UI) becomes unresponsive following the enrollment in biometric authentication.
This update addresses an issue that affects the touch keyboard.Sometimes touch keyboard does not open.
October update improves an issue that affects Microsoft Excel.It becomes unresponsive when attempting to share a file as a PDF in Outlook
Table 3 – Windows 10 KB5031356 October 2023 Patch Tuesday | 3 Zero Day Vulnerabilities

Known Issues – Windows 10 KB5031356 October Patch

Let’s look at the issues fixed with the Windows 10 October patch on Tuesday, KB5031356. The following table covers both Windows 10 22H2 and 21H2 fixes.

Workaround for BitLocker might incorrectly receive a 65000 error: To mitigate this issue in Microsoft Intune, you can set the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies to not configured.

SummaryOriginating updateStatus
KB5031356 security update might fail to installOS Build 19045.3570
KB5031356
Workaround KIR. More details Windows 10, version 22H2 | Microsoft Learn
BitLocker might incorrectly receive a 65000 error in MDMs. “Requires Device Encryption” might incorrectly report.N/AWorkaround provided – working on a resolution.
Apps deployed via ClickOnce might prompt for installation when opened.OS Build 19045.3271
KB5028244
Resolved KB5030300
Devices with a locale set to Croatia might not utilize the expected currencyN/AWorkaround provided – working on a resolution.
Table 4 – Windows 10 KB5031356 October 2023 Patch Tuesday | 3 Zero Day Vulnerabilities

SCCM Windows 10 KB5031356 Deployment

Learn how to Deploy Windows 10 KB5031356 October 2023 Cumulative Updates using SCCM/WSUS. You can deploy Windows 10 October 2023 CU KBs using Intune or SCCM.

You can create a monthly patch package for October 2023 using the following methods. You can also search with Windows 10 LCU for October 2023 KB5031356. The easiest way is to check from the SCCM admin console.

Windows 10 KB5031356 October 2023 Patch Tuesday - 3 Zero Day Vulnerabilities Fig. 4
Windows 10 KB5031356 October 2023 Patch Tuesday – 3 Zero Day Vulnerabilities Fig. 4

NOTE! You can verify the Windows 10 (OS Builds 19044.3570 and 19045.3570) by installing the October 2023 Latest Cumulative Updates.

  • In SCCM Console, Navigate to Software Library\Overview\Software Updates\All Software Updates.
  • You must initiate a WSUS Sync from the All Software Updates node (Right-click on the node and initiate the sync).
  • Search with the following KB5031356 Number.
  • Or you can search with 23-10 Cumulative Update for Windows 10, as shown in the below screenshot.
Name of Windows 10 PatchRelease Date
2023-10 Cumulative Update for Windows 10 Version 22H2 for ARM64-based Systems (KB5031356)10/10/2023 5:00:00 PM
2023-10 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5031356)10/10/2023 5:00:00 PM
2023-10 Cumulative Update for Windows 10 Version 22H2 for x86-based Systems (KB5031356)10/10/2023 5:00:00 PM
2023-10 Cumulative Update for Windows 10 Version 20H2 for x86-based Systems (KB5031356)10/10/2023 5:00:00 PM
2023-10 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5031356)10/10/2023 5:00:00 PM
Table 5 – Windows 10 KB5031356 October 2023 Patch Tuesday | 3 Zero Day Vulnerabilities

Intune Windows 10 KB5031356 Deployment

Let’s now check into the procedures for implementing the October 2023 (LCU) Patch Tuesday update through Intune. With the utilization of Microsoft Intune, you possess the capability to roll out the Cumulative Update (CU) for Windows 10 in October. It’s worth highlighting that the process of deploying patches via Intune varies from that employed by SCCM (Microsoft Configuration Manager).

I don’t think creating a new patch deployment policy to cater to monthly CU deployments is mandatory, but you can use the following method to expedite. The existing patch deployment policy will deliver the patches using WUfB (Windows Update for Business).

Windows 10 KB5031356 October 2023 Patch Tuesday | 3 Zero Day Vulnerabilities – Video 1

You have the option to expedite the Installation of October 2023 quality updates. Create expedited update profiles for Quality updates using the following steps.

  • Login into the Microsoft Intune admin center https://intune.microsoft.com/
  • Navigate Device -> Quality updates for Windows 10 and later.
  • Click on +Create Profile.

The following are the Settings for the Intune quality update profile for the monthly patching process if you want to expedite the deployment of patches. Otherwise, you can use the standard quality updates policy from Intune.

  • Name – Windows 10 October 2023 LCU.
  • Description – Recommend adding a detailed description.
  • Expedite installation of quality updates if the device OS version is less than 11th October 2023 – 2023.10 B Security Updates for Windows 10 and later
  • Number of days to wait before the restart is enforced – 1 Day
Windows 10 KB5031356 October 2023 Patch Tuesday - 3 Zero Day Vulnerabilities Fig. 5
Windows 10 KB5031356 October 2023 Patch Tuesday – 3 Zero Day Vulnerabilities Fig. 5

More Details on Zero Day Out Of Band Patch Deployment Using Intune MEM Expedite Best Option and Intune Reporting Issue: Expedite Windows Security Patch Deployment.

Windows 10 KB5031356 Direct Download Links

To obtain the October 2023 Cumulative Update for Windows 10 (KB5031356), we can download it manually from the Microsoft Update Catalog website. Direct links to download the October 2023 Cumulative Updates for Windows 10 are provided in the tables below.

You can check the Microsoft Update Catalog portal to get the direct download links to the hotfixes for October 2023 LCU. Check this out Microsoft Update Catalog – https://www.catalog.update.microsoft.com/ and Search Keyword 2023-10.

  • Enter the KB article number
  • Click the Search icon
  • Search Keyword 2023-10
Windows 10 KB5031356 October 2023 Patch Tuesday - 3 Zero Day Vulnerabilities Fig. 6
Windows 10 KB5031356 October 2023 Patch Tuesday – 3 Zero Day Vulnerabilities Fig. 6
TitleProductsSizeDirect Download
2023-10 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5031356)Windows 10 22H2767.8 MBDownload
Table 6 – Windows 10 KB5031356 October 2023 Patch Tuesday | 3 Zero Day Vulnerabilities

Automated Patch Management with Windows Autopatch

Autopatch helps streamline updating operations and create new opportunities for IT pros. The Windows Autopatch Release Management provides you with more clarity on the Quality, Feature updates, and install schedules in the Intune portal, Here, you can get more information Windows Autopatch Implementation Setup Guide.

In Intune Portal, Navigate to Devices, Under Windows Autopatch. Select Release Management, which displays the updates and releases scheduled.

Windows 10 KB5031356 October 2023 Patch Tuesday – 3 Zero Day Vulnerabilities – Video 2

Resources

October 10, 2023—KB5031356 (OS Builds 19044.3570 and 19045.3570) – Microsoft Support

Author

Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.