Windows 11 KB5032190 KB5032192 2023 November Patches LCUs were released to fix known security and performance issues. Windows 10 KB5032189 November patch was also released. Microsoft has announced that the October 2023 security update marks the final release for 21H2, and the operating system will no longer receive monthly security and preview updates.
There are 3 zero-day vulnerabilities announced by Microsoft with the November patch Tuesday, and they are CVE-2023-36025 Windows SmartScreen Security Feature Bypass Vulnerability, CVE-2023-36033 Windows DWM Core Library Elevation of Privilege Vulnerability and CVE-2023-36036 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability.
The November 2023 updates for Windows 11 solve a problem with the Device Management (DM) client, making the sync session for the enrollment status page (ESP) faster. It also addresses an issue with the Firewall configuration service provider (CSP), ensuring that a device can sync properly.
The November update for Windows 11 enhances your operating system’s security and makes improvements. Specifically, it makes the search box experience work better and faster. There are 58 Flows fixed and published by Microsoft as part of Nov 2023 patch Tuesday.
Windows 11 23H2 and 22H2 | Windows 11 21H2 |
---|---|
KB5032190 | KB5032192 |
Zero Day Security Vulnerability for November 2023
There are three zero-day vulnerabilities announced by Microsoft with the November patch Tuesday, and they are CVE-2023-36025 Windows SmartScreen Security Feature Bypass Vulnerability, CVE-2023-36033 Windows DWM Core Library Elevation of Privilege Vulnerability and CVE-2023-36036 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability.
CVE Number | CVE Title | Publicly Disclosed | Exploitability assessment | Exploited |
---|---|---|---|---|
CVE-2023-36025 | Windows SmartScreen Security Feature Bypass Vulnerability | No | Exploitation Detected | Yes |
CVE-2023-36033 | Windows DWM Core Library Elevation of Privilege Vulnerability | Yes | Exploitation Detected | Yes |
CVE-2023-36036 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | No | Exploitation Detected | Yes |
Video Review of November 2023 Patch Tuesday Windows 11
Let’s have a quick Video Review of November 2023 Patch Tuesday Windows 10 KB5032189. November Patch Tuesday Windows 11 November patches KB5032190 and KB5032192 are also covered in this video.
November 2023 Patch Tuesday Report. Let’s quickly discuss Windows 11 KB5032190 KB5032192 November patches. Windows 10 patches KB5032189. These are the latest cumulative update security patches for November 2023. We have also discussed 3 Zero-Day Vulnerabilities in this video.
How to Seek Windows Updates?
Windows 11 allows you to choose when and how to receive the latest updates to ensure your device runs efficiently and securely. To manage your update preferences and view available updates, select “Check for Windows updates.”
- Alternatively, you can seek the latest Windows update by selecting Start > Settings > Windows Update by accessing the update settings.
Microsoft releases security updates on “Patch Tuesday,” the second Tuesday of each month at 10:00 AM PST. IT professionals should plan their deployment schedules according to their time zone(s).
Windows 11 22H2 KB5032190 November Patch New Features
The following table gives a quick overview of New Features introduced with the Windows 11 22H2 November Patch Tuesday update KB5032190. All these moment 4 features are enabled with KB5032190.
This update adds a preview of centralized AI assistance called Copilot in Windows. This makes Windows 11 the first PC platform to add centralized AI assistance to help you get things done. This first preview focuses on the integrated UI.
Copilot in Windows preview
Start menu
Taskbar, system tray, and notifications
File Explorer
Windows Share
Backup and restore
Emoji
Windows Spotlight
Narrator
Voice Access
Security
Graphics and Windows Mixed Reality
Settings and Bluetooth
Windows 365 Switch
Input
New Features November Patch Tuesday KB5032190 | Details |
---|---|
Preview of centralized AI assistance, called Copilot in Windows | Windows 11 is the first PC platform to add centralized AI assistance to help you get things done. This first preview focuses on the integrated UI. |
Richer Preview for Recommended Files | Richer preview when you hover over files under Recommended on the Start menu. Thumbnails will be available for select files, providing a more informative preview. Right-clicking cloud file recommendations allows for quick file sharing. |
A new ranking of the most recently used files in the Recommended section of the Start menu | Considers factors such as the last usage timestamp, file extension, and more. Files may not appear strictly in reverse chronological order. |
Enhanced Volume Mixer in Quick Settings | Allows customization of audio for each app separately. Swap audio devices whenever you want. The new keyboard shortcut (WIN + CTRL + V) gets you to the volume mixer fast. |
Introduces “never combined” mode for taskbar buttons. | Allows separate viewing of application windows and their labels on the taskbar. To find this feature, go to Settings > Personalization > Taskbar > Taskbar behaviours. Set Combine taskbar buttons and hide labels to Never. Separate setting for multiple monitors. |
Desktop Labels and Sliding Animations | Desktop labels now appear when moving between desktops in Task View (WIN + CTRL + left or right arrows). New sliding animations for desktop changes using various input methods |
Hide Time and Date in System Tray | Provides the option to hide the time and date in the system tray. To Turn this ON, right-click the system tray clock and choose Adjust date and time. |
Bell Icon for Notifications in System Tray | When new notifications appear, the icon will have a fill color based on your system’s accent color. The icon has no fill colour when no notifications are present, and the clock is visible. Number of notifications is not shown. |
The “View Notification” Button for Urgent Notices | Adds a “view notification” button for urgent or important notifications during do not disturb mode. Activated when using an app in full screen. |
Toast Interaction and Banner Suggestions | Windows detects interaction with app toasts and suggests Turning off the banner for less distraction. Toasts remain in the notification center even if banners are turned off. |
End Task Option from Taskbar Right-Click | Users can now right-click an app on the taskbar and end the task. This update adds a new setting in Settings > System > For developers to turn on this capability. |
Adds the option to start diagnosing network problems directly from the system tray | Right-click on the network icon to access this feature. |
Introduces a modernized File Explorer Home powered by WinUI. | Recommended files are displayed as a carousel. The carousel appears when signed in to Windows using an Azure AD account. Option to show pinned folders instead by selecting the ellipses and accessing Folder Options. Privacy settings include a checkbox to toggle the display of the recommended section. |
Enhanced Address Bar in File Explorer | The Newly designed address bar recognizes local and cloud folders. Shows file status and OneDrive sync status for Microsoft OneDrive users. Contains a quota flyout box for additional information. |
File Explorer has a new details pane (ALT + Shift + P). | Provides contextual information about selected files, including thumbnails, sharing status, emails, and more. Accessible through the View menu and the Details pane button in the command bar. |
Introduces Gallery in File Explorer for easy access to the photo collection. | The content in Gallery is the same as what you see in the All Photos view in the Photos app. Recently taken photos appear at the top. |
Adds native support for reading additional archive file formats using the libarchive open-source project | Supported formats include .tar, .tar.gz, .tar.bz2, .tar.zst, .tar.xz, .tgz, .tbz2, .tzst, .txz, .rar, and .7z. Password-encrypted files are not supported. |
Tear Off and Merge Tabs in File Explorer | Users can now tear off and merge tabs with an existing File Explorer window. |
Performance Improvement | Improves the performance of the calculating phase when sending a large number of files simultaneously to the recycle bin in File Explorer. |
Enables direct emailing of files using Outlook within the Windows share window. | Select the Outlook icon in the “Share using” section of the Windows share window. |
Windows share window now has a search box. | Users now search for contacts across Outlook for file sharing. Displays 8-10 suggested contacts for quick sharing, including emailing files to yourself. |
Nearby Sharing | Replaces the dropdown menu in the Windows share window with a button to enable nearby sharing. |
Faster Sharing with Wi-Fi Direct | Sharing files from one PC to another is faster when you use Wi-Fi Direct. |
Introduces the Windows Backup app | Use it to quickly get your current PC backed up and ready to move to a new PC. |
Preservation of Microsoft Store Apps | Microsoft Store apps from your previous PC are pinned in their original locations on the taskbar and the Start menu. |
Settings from your previous device will be restored to your new PC | Facilitating a swift transition and helping you get back into your workflow as quickly as possible. This update does not support all settings and app types for Windows Backup. Backing up a Work or School account is not supported. |
Support for Unicode Emoji 15 in Windows. | Users can see, search for, and insert new emoji from the emoji panel. Press the Windows logo key + . (period) to open the emoji panel. |
Windows now presents emoji with a 3D-like appearance. | This feature is visible only in apps that support the updated color font format (COLRv1) |
Improves the Windows Spotlight experience with new features. | Users can preview images in full screen using the “Learn more” button. Provides a minimized Windows Spotlight experience. |
Adds new natural voices for the Narrator using modern, on-device text-to-speech. | Works without an internet connection once downloaded. Includes voices for Chinese, Japanese, Korean, Portuguese, Spanish (Spain, Mexico), English (United Kingdom, India), French, and German. |
Narrator receives updates to its Outlook support. | Users receive a notification after the download is complete. Currently, Outlook support for Narrator is available only for U.S. English. |
In Microsoft Excel, Narrator offers a more succinct and efficient reading experience. | Prioritizes announcements based on the user’s need to skim a workbook. Customizable with keyboard shortcuts. This new experience is available from the Microsoft Store. |
Enhances how well the Narrator reads Traditional Chinese characters and words when using the Input Method Editor’s (IME) candidate window. | Available for the Taiwan language pack, not the Hong Kong language pack. |
Adds commands to correct words that Voice Access fails to recognize. | Use “correct [text]” to correct specific text and “correct that” to correct the last dictated text. The Correction window displays a list of words labelled with numbers. Say “click [number]” to select a word or “spell that” to dictate the correct spelling with suggestions. |
Enables Voice Access to work right when starting the PC. | Turn on Voice Access from the accessibility flyout box on the Lock screen. Set it to start automatically in Settings > Accessibility > Speech. Use Voice Access for sign-in and accessing elements on the Lock screen. |
Voice Access for Apps with Application Guard | Extends Voice Access functionality to apps running with Microsoft Defender Application Guard turned on. |
Introduces passkeys as a secure replacement for passwords when signing in to websites or applications that support them. | Users can create passkeys using Windows Hello (face, fingerprint, or PIN) or use their phone or tablet for sign-in. |
Allows users to view and delete passkeys saved for favourite apps and websites in Windows Settings | Accessible through Settings > Accounts > Passkeys. Provides a passkey list for easy management. |
Adds Enhanced Phishing Protection in Microsoft Defender SmartScreen | It helps protect school and work passwords from phishing and unsafe use on websites and in apps. Activated through warning options in Windows Security settings. |
Enterprise customers can set the EnablePasswordlessExperience policy. | Hides passwords for specific Windows authentication scenarios, including device sign-in and in-session authentication (web browser password managers, “Run as” admin, UAC) |
Users can recover passwords using a Windows Hello for Business PIN reset or by signing in on the web. | Provides a self-service password recovery option without requiring assistance from the IT helpdesk. |
Turn on Auto Color Management (ACM) on your Standard Dynamic Range (SDR) display. | Ensures accurate and consistent colors on all Windows apps, even if they are not color-managed. Accessible through Settings > Display > Advanced display. Turn on “Automatically manage color for apps” for the SDR display. |
Introduces a new Settings home page with interactive cards representing devices and account-related settings. | In this release, there are up to seven cards available on the Settings home page – Recommended settings, Cloud storage, Account recovery, Personalization, Microsoft 365, Xbox, and Bluetooth Devices. This experience is only available on Windows 11 Home and Pro editions. |
Introduces Dev Drive, a new form of storage volume for developers. | Designed for hosting source code, working folders, and package caches. Built on Resilient File System (ReFS) technology. |
Dynamic Lighting | Adds Dynamic Lighting, providing control over lighting devices implementing the open HID LampArray standard. |
Introduces Adaptive Dimming for PCs with presence sensors supporting attention detection. | Allows the screen to dim when the user looks away and undim when they look back. Accessible in Settings > Privacy & security > Presence sensing. |
Adds two new energy recommendations in Settings > System > Power & battery. | One turns on dark mode, and the other adjusts the refresh rate. |
Stop Windows from communicating with your mobile devices. | Go to Settings > Bluetooth & devices > Phone Link. |
Join Bluetooth Personal Area Networks. | This option is for paired devices, like phones, that share an internet connection over Bluetooth. Go to Settings > Bluetooth & devices > Devices. |
Adds a new cellular toggle for easier control over using cellular when Wi-Fi is available but poor. | Accessible in Settings > Network & Internet > Cellular. |
More options on the Data Usage page. | Support daily and weekly data limits. Also, the page shows how far the data limit has been exceeded. |
Allows users to quickly access Settings to uninstall an app from a context menu. | Allows users to quickly access Settings to uninstall an app from a context menu. |
Settings Design Improvements | Enhances the design of various Settings pages for better consistency and user experience. |
Changes the design of a few lists to be more consistent with other Settings pages. | The lists are for Settings > Apps > Startup Apps and Settings > Apps > Advanced App Settings > App Execution Alias. The new design also makes it easier to view more information about the apps you have. |
Advanced properties for network adapters and internet properties from Settings. | Go to Settings > Network & internet > Advanced network settings. |
Allows users to view Wi-Fi passwords for known networks in Settings. | Accessible in Settings > Network & Internet > Wi-Fi > “Manage known networks.” |
Improved Time Zone Change Experience | Improves the experience when changing time zones, considering scenarios where location data might not be accurate. |
Task Manager Design Update | Updates the design of Task Manager dialogs and its Settings page to match the overall Windows 11 design principles |
Camera Streaming Issues Detection | Windows now detects camera streaming issues and notifies the user if the camera does not start or its shutter is closed. |
Lock Screen Network Flyout Box Design | Aligns the network flyout box on the Lock screen with Windows 11 design principles. |
Firewall Notification Dialog Design | Changes the design of firewall notification dialogs for Windows Security to match the look of Windows 11. |
Bluetooth Low Energy (LE) Audio Support | Expands Bluetooth Low Energy (LE) Audio support to more PC platforms. |
System Components Settings Page | Adds a dedicated page for System Components in Settings > System > System Components |
Windows 365 Switch | Introduces Windows 365 Switch, allowing users to sign in to and connect their Windows 365 Cloud PC to their local desktop |
Digital Handwriting (Inking) | Starts the roll-out of digital handwriting (inking) in some edit boxes for Windows Ink. Improves recognition technology for more accurate results. |
Search Highlight Gleam with Bing.com Integration | This update affects the search highlight gleam in the search box. Selecting the gleam opens a Bing.com page for the daily search highlight. Initially available to a small audience, with broader deployment in the following months. |
List of Windows 11 Improvements with November Patches
Most of the improvements are coming only to Windows 11. The HTMD community has covered all the new features or improvements of the Windows 11 release in the following table. Here are the improvements for Windows 11 latest versions.
New Improvements November Patch Tuesday | Details |
---|---|
Adds new customization options for Dynamic Lighting OEMs | Users now customize OS images for new PCs. This includes setting up Dynamic Lighting defaults. |
Name Change for Turkey | Officially changed the English name of the former Republic of Turkey to the Republic of Türkiye. |
Croatia Currency Change Support | Supports the currency change in Croatia from the Kuna to the Euro. |
Syria DST Changes | Supports daylight saving time (DST) changes in Syria. |
Country and Operator Settings Asset (COSA) Update | Updates COSA profiles for certain mobile operators to ensure accuracy. |
Search Box Performance Improvement | Improves the performance of the search box experience. |
Windows Kernel Vulnerable Driver Blocklist Update | Includes quarterly changes to the Windows Kernel Vulnerable Driver Blocklist file, DriverSiPolicy.p7b, adding drivers at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks. |
Issues Fixed with Windows 11 November Patches
Let’s look at the issues fixed with the Windows 11 November patch Tuesday KBs (KB5032190 KB5032192). The following table covers both Windows 11 23H2 and 22H2 fixes. The following are the fixes added with November’s Latest Cumulative Update (LCU).
Fixes with Windows 11 November Patches | Details |
---|---|
Fixes an issue where third-party wallpaper apps may not function correctly when Copilot in Windows (in preview) is open. | The problem includes displaying default wallpapers instead of custom ones. |
Memory Leak Fixes | Addresses memory leaks in ctfmon.exe and TextInputHost.exe. |
Fixes an issue that affects fontdrvhost.exe | It stops responding when you use Compact Font Format version 2 (CFF2) fonts. |
Fixes an issue with Dynamic Lighting | The default provider is not applied as expected. This occurs when you set it up using Unattend files. |
Fixes v4 Print Driver Error | Resolves an error occurring when printing using v4 print drivers. |
Fixes Cellular Settings issue | Fixes an issue where the name of the mobile operator in cellular settings is incorrect. |
Fixes Kubernetes Load Balanced Service Issue | Resolves an issue blocking external connections when setting up a Kubernetes load-balanced service with session affinity turned on. |
Fixes Firewall Configuration Service Provider (CSP) issue | Fixes a CSP issue preventing a device from syncing in a Firewall configuration. |
Fixes an issue that affects devices on which you have defined Windows Information Protection (WIP) policies and set up a proxy. | Windows Information Protection (WIP) and Proxy Stop Error Address a stop error occurring on devices with defined WIP policies and set up proxy when using Microsoft Defender Application Guard. |
Fixes Windows Hello Facial Recognition Issue | Resolves an issue preventing the setup of Windows Hello facial recognition after running a Push-button reset on devices with Windows Enhanced Sign-in Security (ESS) turned on. |
Fixes PowerShell Version Issue | Addresses a problem affecting PowerShell versions greater than 7.3.1, where scripts may be blocked in Constrained Language Mode when a WDAC policy is turned on. |
Fixes Taskbar Setting Issue | Resolves an issue preventing the “Automatically Hide the Taskbar” setting using the SHAppBarMessage() API. |
Fixes Robocopy /efsraw Switch Issue | Addresses an issue with robocopy where the /efsraw switch prevents proper data copying. |
Fixes Device Management (DM) Client Sync Session Issue | Resolves an issue in the Device Management (DM) client where the sync session takes longer than expected for the enrollment status page (ESP). |
Fixes Dev Drive volumes issue | Resolved an issue that affects Dev Drive volumes. They only appear as Resilient File Systems (ReFS) in environments that IT manages. |
Fixes Outlook Printing Issue | Addresses a problem where Outlook stops responding when printing to an Internet Printing Protocol (IPP) printer with slow response time. |
Fixes Windows Firewall Profile Detection issue | Resolves an issue where the Windows Firewall Profile incorrectly detects a public domain on a domain-authenticated network. |
Known Issues from November Windows 11 Patches KB5032190 KB5032192
Let’s look at the issues fixed with the Windows 11 November patch Tuesday KBs (KB5032190 KB5032192). The following table covers both Windows 11 23H2 and 22H2 fixes.
Workaround for BitLocker might incorrectly receive a 65000 error: To mitigate this issue in Microsoft Intune, you can set the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies to not configured.
Summary | Originating update | Status |
---|---|---|
BitLocker might incorrectly receive a 65000 error in MDMs. “Requires Device Encryption” might incorrectly report. | N/A | Workaround provided – working on a resolution. |
Compatibility issues with Intel Smart Sound Technology drivers and Windows 11 | N/A | Mitigated External- Vendor to update the drivers |
SCCM Windows 11 KB5032190 KB5032192 Deployment
Learn how to Deploy Windows 11 KB5032190 KB5032192 November 2023 Cumulative Updates using SCCM/WSUS. You can deploy Windows 11 November 2023 CU KBs using SCCM.
You can create a monthly patch package for November 2023 using the following methods. You can also search with Windows 11 LCU for November 2023 KB5032190 KB5032192. The easiest way is to check from the SCCM admin console.
NOTE! You can verify the Windows 11 (OS Builds 22621.2715 and 22631.2715) by installing the November 2023 Latest Cumulative Updates.
- In SCCM Console, Navigate to Software Library\Overview\Software Updates\All Software Updates.
- You must initiate a WSUS Sync from the All Software Updates node (Right-click on the node and initiate the sync).
- Search with the following KB5032190 KB5032192 Number.
- Or you can search with 23-11 Cumulative Update for Windows 11, as shown in the below screenshot.
Name of Windows 11 patches for November 2023 | Release Date |
---|---|
2023-11 Cumulative Update for Windows 11 Version 22H2 for ARM64-based Systems (KB5032190) | 14/11/2023 5:00:00 PM |
2023-11 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems (KB5032190) | 14/11/2023 5:00:00 PM |
2023-11 Cumulative Update for Windows 11 for ARM64-based Systems (KB5032192) | 14/11/2023 5:00:00 PM |
2023-11 Cumulative Update for Windows 11 for x64-based Systems (KB5032192) | 14/11/2023 5:00:00 PM |
- How to Create Deploy New Software Update Patch Package Using SCCM | ConfigMgr
- SCCM ADR Automatic Deployment Rule Creation Process
Intune Windows 11 KB5032190 KB5032192 Deployment
Using Intune, let’s check how to deploy the November 2023 Patch Tuesday (LCU) Deployment. You can deploy Windows 11 November CU using Microsoft Intune. The patch deployment process in Microsoft Intune is different from that of SCCM.
I don’t think creating a new patch deployment policy to cater to monthly CU deployments is mandatory, but you can use the following method to expedite. The existing patch deployment policy will deliver the patches using WUfB (Windows Update for Business).
You have the option to expedite the Installation of November 2023 quality updates. Create expedited update profiles for Quality updates using the following steps. Learn more about Intune patching from the video below.
- Sign in to the Microsoft Intune admin center https://intune.microsoft.com/
- Navigate Device -> Quality updates for Windows 10 and later.
- Click on +Create Profile.
The following are the Settings for the Intune quality update profile for the monthly patching process if you want to expedite the deployment of patches. Otherwise, you can use the standard quality updates policy from Intune.
- Name – Windows 11 November 2023 LCU
- Description – Recommend adding a detailed description
- Expedite installation of quality updates if the device OS version is less than 14th November 2023 – 2023.10 B SecurityUpdate for Windows 10 and later
- Number of days to wait before the restart is enforced – 1 Day
More Details on Zero Day Out Of Band Patch Deployment Using Intune MEM Expedite Best Option and Intune Reporting Issue: Expedite Windows Security Patch Deployment.
Windows 11 KB5032190 KB5032192 Direct Download Links
Let’s manually download the 2023 November Cumulative Update for Windows 11 KB5032190 KB5032192 from the Microsoft Update Catalog website. The following tables provide the direct links to download the November 2023 Cumulative Updates for Windows 11.
You can check the Microsoft Update Catalog portal to get the Windows 11 LCUs direct download links for November 2023 LCU. Check out the Microsoft Update Catalog, https://www.catalog.update.microsoft.com/
Search for updates from the Windows Update Catalog – To download the latest cumulative update (LCU) for your operating system that you want to apply manually.
- Enter the KB article number
- Click the Search icon
- Search Keyword 2023-11
Title | Products | Size | Direct Download |
---|---|---|---|
2023-11 Cumulative Update for Windows 11 for x64-based Systems (KB5032190) | Windows 11 23H2 | 350.5 MB | Download |
2023-11 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems (KB5032192) | Windows 11 22H2 | 605.1 MB | Download |
Automated Patch Management with Windows Autopatch
Autopatch helps streamline updating operations and create new opportunities for IT pros. The Windows Autopatch Release Management clarifies the Quality, Feature updates, and install schedules in the Intune portal; here, you can get more information on the Windows Autopatch Implementation Setup Guide.
In Intune Portal, Navigate to Devices Under Windows Autopatch. Select Release Management, which displays the updates and releases scheduled.
Resources
November 14, 2023—KB5032190 (OS Builds 22621.2715 and 22631.2715) – Microsoft Support
We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click here – HTMD WhatsApp.
Author
About the Author – Vidya is a computer enthusiast. She is here to share quick tips and tricks with Windows 11 or Windows 10 users. She loves writing on Windows 11 and related technologies. She is also keen to find solutions and write about day-to-day tech problems.