In today’s Patch Tuesday event day, Microsoft has released cumulative updates for all Windows 10 systems that are still supported. For consumers, Windows 10 Version 1909 and later can get cumulative updates. This cumulative update mainly carried out security fixes, including when performing basic operations and using input devices such as a mouse, keyboard, and stylus.
The Windows 10 20H1/20H2 feature update received the KB5001330 cumulative update [Update Log | Manual Download Address] in this month’s Patch Tuesday event. After installation, the version number was upgraded to Build 19041.928/Build 19042.928. The update log is as follows:
- Fixed the problem that the principal in the trusted MIT realm could not obtain the Kerberos service ticket from the Active Directory Domain Controller (DC).
This happens on devices that have installed a Windows update that includes CVE-2020-17049 protection measures and configured PerfromTicketSignature to 1 or higher. These updates were released between November 10, 2020, and December 8, 2020.
If the caller submits a ticket-granting ticket (TGT) without PAC as an evidence ticket without providing the USER_NO_AUTH_DATA_REQUIRED flag, the ticket acquisition will also fail with a “KRB_GENERIC_ERROR” error.
- Fixed a security vulnerability discovered by security researchers
Due to these security vulnerabilities, this update and all future Windows updates will no longer include RemoteFX vGPU functionality. For detailed information about the vulnerability and its elimination, see CVE-2020-1036 and KB4570006.
In Windows Server LTSC version (Windows Server 2016 and Windows Server 2019) and Windows Server SAC version (Windows Server, version 1803 and later), discrete device allocation (DDA) can be used to provide a safe alternative to vGPU.
- Fix escalation vulnerabilities
Fixed a potential privilege escalation vulnerability in the Azure Active Directory web login method that allowed arbitrary browsing from third-party endpoints used for federated authentication. For details, see CVE-2021-27092 and Policy CSP-Authentication.
- Security update
Windows App Platform and Frameworks, Windows Apps, Windows Input and Composition, Windows OfficeSecurity updates for Media, Windows Fundamentals, Windows Cryptography, the Windows AI Platform, Windows Kernel, Windows Virtualization, and Windows Media
Join Our Microsoft Channel On Telegram
If you are still using the Windows 10 Version 1909 feature update, you will get the KB5001337 cumulative update [Update Log | Manual Download Address] in this month’s event, and the version number will be upgraded to Build 18363.1500 after installation. You can download it manually.
The complete update log is as follows:
- Fixed the problem that the principal in the trusted MIT realm could not obtain the Kerberos service ticket from the Active Directory Domain Controller (DC).
This happens on devices that have installed a Windows update that includes CVE-2020-17049 protection measures and configured PerfromTicketSignature to 1 or higher. These updates were released between November 10, 2020 and December 8, 2020.
If the caller submits a ticket-granting ticket (TGT) without PAC as an evidence ticket without providing the USER_NO_AUTH_DATA_REQUIRED flag, the ticket acquisition will also fail with a “KRB_GENERIC_ERROR” error.
- Fixed a security vulnerability discovered by security researchers
Due to these security vulnerabilities, this update and all future Windows updates will no longer include RemoteFX vGPU functionality. For detailed information about the vulnerability and its elimination, see CVE-2020-1036 and KB4570006.
In Windows Server LTSC version (Windows Server 2016 and Windows Server 2019) and Windows Server SAC version (Windows Server, version 1803 and later), discrete device allocation (DDA) can be used to provide a safe alternative to vGPU.
- Fix escalation vulnerabilities
Fixed a potential privilege escalation vulnerability in the Azure Active Directory web login method that allowed arbitrary browsing from third-party endpoints used for federated authentication. For details, see CVE-2021-27092 and Policy CSP-Authentication.
- Security update
Security updates for Windows App Platform and Frameworks, Windows Apps, Windows Input and Composition, Windows Office Media, Windows Fundamentals, Windows Cryptography, the Windows AI Platform, Windows Hybrid Cloud Networking, the Windows Kernel, Windows Virtualization and Windows Media
Fixed a potential privilege escalation vulnerability in the Azure Active Directory web login method that allowed arbitrary browsing from third-party endpoints used for federated authentication. For details, see CVE-2021-27092 and Policy CSP-Authentication.
- Security Update
Security updates for Windows App Platform and Frameworks, Windows Apps, Windows Input and Composition, Windows Office Media, Windows Fundamentals, Windows Cryptography, the Windows AI Platform, Windows Hybrid Cloud Networking, the Windows Kernel, Windows Virtualization and Windows Media
If you like our news and you want to see such news even further, then follow RealMi Central on Telegram, Twitter, Facebook (Page) (Group) & Instagram.