Windows 11 KB5030217 KB5030219 September Patches

Microsoft has released the patches for September 2023. The Windows 11 KB5030217 KB5030219 LCUs were released to fix known security and performance issues. Windows 10 KB5030211 September patch was also released. Microsoft has announced Windows 11 21H2 end of service, and this is going EoL in October.

The September patch release adds a new policy called “Enable optional updates.” Administrators can use it to configure the monthly, optional cumulative updates for commercial devices. You can also use this policy for the gradual Controlled Feature Rollouts (CFR).

This month is two zero-day vulnerabilities, CVE-2023-36802 Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability and CVE-2023-36761 Microsoft Word Information Disclosure Vulnerability.

This Windows 11 KB5030217 KB5030219 September Patch update addresses an issue that affects the Resultant Set of Policy (RSOP). The Windows LAPS “BackupDirectory” policy setting was not being reported. This occurs when the setting is set to 1, which is “Back up to AAD.”

Patch My PC
[sibwp_form id=2]

The September Patch Tuesday Windows 11 patches fixed an issue that affects those who use Windows Update for Business. After you are asked to change your password at sign in, the change operation fails. Then you cannot sign in. The error code is 0xc000006d.

Zero Day Security Vulnerability for August 2023

There is two zero-day vulnerabilities announced by Microsoft with the September patch Tuesday, and that are CVE-2023-36761 related to Office Word and CVE-2023-36802 related to Microsoft Streaming Service.

Release dateLast UpdatedCVE NumberCVE TitlePublicly DisclosedExploitability assessmentExploitedMitigationsImpactMax SeverityTag
Sep 12, 2023Sep 12, 2023CVE-2023-36761Microsoft Word Information Disclosure VulnerabilityYesExploitation DetectedYesInformation DisclosureImportantOffice Word
Sep 12, 2023Sep 12, 2023CVE-2023-36802Microsoft Streaming Service Proxy Elevation of Privilege VulnerabilityNoExploitation DetectedYesElevation of PrivilegeImportantMicrosoft Streaming Service
Table 1 – Windows 10 KB5030211 September Patch Tuesday 2023 | Zero-Day Vulnerabilities

Video Review of September 2023 Patch Tuesday Windows 11

Let’s have a quick Video Review of September 2023 Patch Tuesday Windows 10 KB5030211. September Patch Tuesday Windows 11 September patches KB5030217 and KB5030219 are also covered in this video.

September 2023 Patch Tuesday Report. Let’s quickly discuss Windows 11 KB5030217 KB5030219 September patches. Windows 10 patches KB5030211. These are the latest cumulative update security patches for the month of September 2023. We have also discussed 2 Zero-Day Vulnerabilities in this video.

Adaptiva
Video Review of September 2023 Patch Tuesday Windows 11

How to Seek Windows Updates?

Windows 11 allows you to choose when and how to receive the latest updates to ensure your device runs efficiently and securely. To manage your update preferences and view available updates, select “Check for Windows updates.”

  • Alternatively, you can seek the latest Windows update by selecting Start > Settings > Windows Update by accessing the update settings.

Microsoft releases security updates on “Patch Tuesday,” the second Tuesday of each month at 10:00 AM PST. IT professionals should plan their deployment schedules according to their time zone(s).

Windows 11 KB5030217 KB5030219 September Patches Fig.1
Windows 11 KB5030217 KB5030219 September Patches Fig.1

Windows 11 22H2 KB September Patch New Features

The following table gives a quick overview of New Features introduced with the Windows 11 22H2 September Patch Tuesday update KB5030217 KB5030219.

List of Windows 11 Improvements with September Patches

Most of the improvements are coming only to Windows 11. The HTMD community has covered all the new features or improvements of the Windows 11 release in the following table. Here are the improvements for Windows 11 latest versions.

Windows 11 KB5030217 KB5030219 September Patches Fig.2
Windows 11 KB5030217 KB5030219 September Patches Fig.2
New Improvements September patch Tuesday Details
September patch Tuesday update improves how Windows detects your location. Windows location helps to give you better weather, news, and traffic information.
September LCU supports daylight saving time (DST) changes in Israel.DST changes are common for this season.
Table 3 – Windows 11 KB5030217 KB5030219 New Feature Released with September Patches

Issues Fixed with Windows 11 September Patches

Let’s look at the issues fixed with the Windows 11 September patch Tuesday KBs (KB5030217 KB5030219). The following table covers both Windows 11 22H2 and 21H2 fixes. The following are the fixes that are added with September’s Latest Cumulative Update (LCU).

Fixes with Windows 11 September PatchesDetails
This September update addresses an issue that affects the Group Policy Service. It will not wait for 30 seconds, which is the default wait time, for the network to be available. Because of this, policies are not correctly processed.
This update adds a new API for D3D12 Independent Devices. You can use it to create multiple D3D12 devices on the same adapter.
This September update addresses an issue that affects a WS_EX_LAYERED window.The window might render with the wrong dimensions or at the wrong position. This occurs when you scale the display screen.
This update addresses an issue that causes high CPU use.This occurs when you enable the “fBlockNonDomain” policy.
This update addresses an issue that affects print jobs that are sent to a virtual print queue.They fail without an error.
This update addresses an issue that affects disk partitions. The system might stop working.This occurs after you delete a disk partition and add the space from the deleted partition to an existing BitLocker partition.
This Windows 11 KB5030217 KB5030219 September Patch update addresses an issue that affects the Resultant Set of Policy (RSOP).The Windows LAPS “BackupDirectory” policy setting was not being reported. This occurs when the setting is set to 1, which is “Back up to AAD.”
The September update addresses an issue that affects those who use Windows Update for Business.After you are asked to change your password at sign in, the change operation fails. Then you cannot sign in. The error code is 0xc000006d.
Issues Fixed with Windows 11 KB5030217 KB5030219 September Patches

Known Issues from September Windows 11 Patches KB5030217 KB5030219

Let’s look at the issues fixed with the Windows 11 September patch Tuesday KBs (KB5030217 KB5030219). The following table covers both Windows 11 22H2 and 21H2 fixes.

SummaryOriginating updateStatus
“UNSUPPORTED_PROCESSOR” error message on a blue screen after installing updates released on August 22, 2023 and then restarting their device. This update might automatically uninstall to allow Windows to start up as expected.OS Build 22000.2360Issue Description
Third-party UI customization apps might prevent the Start menu from openingOS Build 22621.30000 KB5028254Resolved External
Issues Fixed with Windows 11 September Patches

SCCM Windows 11 KB Deployment

Learn how to Deploy Windows 11 KB5030217 KB5030219 September 2023 Cumulative Updates using SCCM/WSUS. You can deploy Windows 11 September 2023 CU KBs using SCCM.

You can create a monthly patch package for September 2023 using the following methods. You can also search with Windows 11 LCU for September 2023 KB5030217 KB5030219. The easiest way is to check from the SCCM admin console.

NOTE! You can verify the Windows 11 (OS Builds 22000.241622621.2283) by installing the September 2023 Latest Cumulative Updates.

  • In SCCM Console, Navigate to Software Library\Overview\Software Updates\All Software Updates.
  • You must initiate a WSUS Sync from the All Software Updates node (Right-click on the node and initiate the sync).
  • Search with the following KB Number.
  • Or you can search with 23-09 Cumulative Update for Windows 11, as shown in the below screenshot.
Name of Windows 11 patches for September 2023Release Date
2023-09 Cumulative Update for Windows 11 Version 22H2 for ARM64-based Systems (KB5030219)09/12/2023 5:00:00 PM
2023-09 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems (KB5030219)09/12/2023 5:00:00 PM
2023-09 Cumulative Update for Windows 11 for ARM64-based Systems (KB5030217)09/12/2023 5:00:00 PM
2023-09 Cumulative Update for Windows 11 for x64-based Systems (KB5030217)09/12/2023 5:00:00 PM
Table 4 – Windows 11 KB5030217 KB5030219 September Patches
Windows 11 KB5028182 KB5028185 July Patches Fig. 11.1
Windows 11 KB5030217 KB5030219 September Patches

Intune Windows 11 KB5030217 KB5030219 Deployment

Using Intune, let’s check how to deploy the September 2023 Patch Tuesday (LCU) Deployment. You can deploy Windows 11 September CU using Microsoft Intune. The patch deployment process in Microsoft Intune is different from that of SCCM.

I don’t think creating a new patch deployment policy to cater to monthly CU deployments is mandatory, but you can use the following method to expedite. The existing patch deployment policy will deliver the patches using WUfB (Windows Update for Business).

You have the option to expedite the Installation of September 2023 quality updates. Create expedited update profiles for Quality updates using the following steps. Learn more about Intune patching from the video below.

Intune Windows 11 KB5030217 KB5030219 September Patches Deployment Video 2
  • Sign in to the Microsoft Intune admin center https://intune.microsoft.com/
  • Navigate Device -> Windows 10 quality Updates.
  • Click on +Create Profile.

The following are the Settings for the Intune quality update profile for the monthly patching process if you want to expedite the deployment of patches. Otherwise, you can use the standard quality updates policy from Intune.

  • Name – Windows 11 September 2023 LCU
  • Description – Recommend adding a detailed description
  • Expedite installation of quality updates if the device OS version is less than 12th September 2023 – 2023.09 B SecurityUpdate for Windows 10 and later
  • Number of days to wait before the restart is enforced – 1 Day

More Details on Zero Day Out Of Band Patch Deployment Using Intune MEM Expedite Best Option and Intune Reporting Issue: Expedite Windows Security Patch Deployment.

Windows 11 KB5030217 KB5030219 September Patches 1
Intune Deployment Windows 11 KB5030217 KB5030219

Windows 11 KB5030217 KB5030219 Direct Download Links

Let’s manually download the 2023 September Cumulative Update for Windows 11 KB5030217 KB5030219 from the Microsoft Update Catalog website. The following tables provide the direct links to download the September 2023 Cumulative Updates for Windows 11.

You can check the Microsoft Update Catalog portal to get the Windows 11 LCUs direct download links for September 2023 LCU. Check out the Microsoft Update Catalog, https://www.catalog.update.microsoft.com/

Search for updates from the Windows Update Catalog – To download the latest cumulative update (LCU) for your operating system that you want to apply manually.

  • Enter the KB article number
  • Click the Search icon
  • Search Keyword 2023-09
Windows 11 KB5027223 KB5027231 June Patches Fig.5
Windows 11 KB5030217 KB5030219 September Patches – Download Update
TitleProductsSizeDirect Download
2023-09 Cumulative Update for Windows 11 for x64-based Systems (KB5030217)Windows 11 21H2348.6 MBDownload
2023-09 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems (KB5030219)Windows 11 22H2400.6 MBDownload
Table 5 – Windows 11 KB5030217 KB5030219 September Patches – Download Update

Automated Patch Management with Windows Autopatch

Autopatch helps streamline updating operations and create new opportunities for IT pros. The Windows Autopatch Release Management provides you with more clarity on the Quality, Feature updates, and install schedules in the Intune portal, Here, you can get more information Windows Autopatch Implementation Setup Guide.

In Intune Portal, Navigate to Devices, Under Windows Autopatch. Select Release Management, which displays the updates and releases scheduled.

Automated Patch Management with Windows Autopatch – Windows 11 Patching Automation – Video 3

Author

About Author – JiteshMicrosoft MVP, has over six years of working experience in the IT Industry. He writes and shares his experiences related to Microsoft device management technologies and IT Infrastructure management. His primary focus is Windows 10/11 Deployment solution with Configuration Manager, Microsoft Deployment Toolkit (MDT), and Microsoft Intune.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.