Applies ToAzure Local, version 21H2

Release Date:

8/26/2021

Version:

OS Build 20348.202

Improvements and fixes

This  public preview non-security update includes quality improvements. Key changes include:

  • Addresses a threading issue that might cause the Windows Remote Management (WinRM) service to stop working when it is under a high load. This is a client solution; so, apply this update to the affected computers that communicate with WinRM.    

  • Addresses an issue that causes the Windows Management Instrumentation (WMI) provider host process to stop working. This occurs because of an unhandled access violation that occurs when using the Desired State Configuration (DSC).

  • Addresses an issue that causes the Server Manager cmdlet to return failures. As a result, many SDDC E2E validations fail during the installation of optional features.

  • Addresses an issue that causes the Server Manager application to disappear when you use it to remove Hyper-V features on Windows Server 2022.

  • Addresses an issue that causes file migration between Distributed File System (DFS) paths that are stored on different volumes to fail. This issue occurs when you implement the migration using PowerShell scripts that use the Move-Item command.

  • Addresses an issue that prevents you from writing to a WMI repository after a low memory condition occurs.

  • Addresses an issue with the just-in-time (JIT) behavior of jscript9.dll.

  • Addresses a memory leak that occurs when you use nested classes within VBScript.

  • Addresses an issue that causes 16-bit apps to stop working when you open them if those apps are running on NT Virtual DOS Machine (NTVDM).

  • Addresses an issue that prevents you from typing any words in the username box during the out-of-box experience (OOBE) process. This issue occurs when you use the Chinese Input Method Editor (IME).

  • Addresses an issue with copying and pasting a text box into Office 365 apps. The IME prevents you from inserting text into the text box.

  • Addresses an issue that prevents a touch device from working as a serial mouse in multiple monitor situations.

  • Addresses an issue that might cause the IKEEXT service to stop working intermittently.

  • Addresses an issue that causes Authentication Mechanism Assurance (AMA) to stop working. This issue occurs when you migrate to Windows Server 2016 (or newer versions of Windows) and when using AMA in conjunction with certificates from Windows Hello for Business.

  • Addresses a memory leak issue in PKU2U that causes cluster nodes to run out of memory.

  • Addresses an issue that causes Windows to generate many AppLocker or SmartLocker success events in the AppLocker EXE and DLL event channel.

  • Addresses an issue that causes Windows to stop working when it uses AppLocker to validate a file that has multiple signatures. The error is 0x3B.

  • Addresses an issue that causes Azure Active Directory authentication to fail after signing in on Windows Virtual Desktop machines.

  • Addresses an issue with the Set-RuleOption PowerShell command that fails to provide the option for the Windows Defender Application Control (WDAC) policy to treat files signed with an expired certificate as unsigned.

  • Addresses an issue that prevents Code Integrity rules from working correctly when specifying Package Family Name rules in a Code Integrity policy. This issue occurs because of the incorrect handling of case-sensitive names.

  • Addresses an issue that prevents the ShellHWDetection service from starting on a Privileged Access Workstation (PAW) device and prevents you from managing BitLocker drive encryption.

  • Addresses an issue that includes kernel mode rules for .NET applications in Windows Defender Application Control policies. As a result, the generated policies are significantly larger than necessary.

  • Addresses an issue in Windows Defender Exploit Protection that prevents some Microsoft Office applications from working on machines that have certain processors.

  • Addresses an issue that causes the Input Method Editor (IME) toolbar to appear even when the Remote App is closed.

  • Addresses an issue that displays nothing or shows “Computing Filters” indefinitely when you filter File Explorer search results.

  • Addresses an issue that displays a warning about losing other people's unsaved work when you shut down or restart a device and no other users are signed in to the same device.

  • Addresses an issue that might occur when you configure the policy, "Delete user profiles older than a specified number of days on system restart". If a user has been signed in for longer than the time specified in the policy, the device might unexpectedly delete profiles at startup.

  • Addresses an issue with the Microsoft OneDrive sync setting "Always keep on this device". The setting is unexpectedly reset to "Known folders only" after you install a Windows update.

  • Addresses an issue that might create duplicate built-in local accounts, such as administrator or guest account, during an in-place upgrade. This issue occurs if you previously renamed those accounts. As a result, the Local Users and Groups MMC snap-in (lusrmgr.msc) appears blank with no accounts after the upgrade. This update removes the duplicate accounts from the local Security Account Manager (SAM) database on the affected machines. If the system detected and removed duplicate accounts, it logs a Directory-Services-SAM event, with ID 16986, in the System event log.

  • Increases the default number of entries in the local security authority (LSA) Lookup Cache to improve lookup performance in high lookup volume scenarios.

  • Addresses an issue that might cause transfer validations to fail with the error, "HRESULT E_FAIL has been returned from a call to a COM component". This issue occurs when you use Windows Server 2008, Windows Server 2008 R2, or Windows Server 2012 as sources.

  • Addresses an issue that causes a deadlock when Offline Files are enabled. As a result, CscEnpDereferenceEntryInternal holds parent and child locks.

Known issues in this update

Microsoft is not currently aware of any issues with this update.

How to get this update

The August 26, 2021 public preview update (KB5005104) for Azure Stack HCI, version 21H2 public preview is delivered from the release channels below. To install it on your Azure Stack HCI cluster, see Update Azure Stack HCI clusters.

Install this update

This update is delivered from the release channels below.  

Release Channel

Available

Next Step

Windows Update and Microsoft Update

Yes

Go to Settings Update & Security > Windows Update. In the Optional updates available area, you’ll find the link to download and install the update.

Windows Update for Business

No

None. These changes will be included in the next security update to this channel.

Microsoft Update Catalog

No

To get the standalone package for this update, go to the Microsoft Update Catalog website.

Windows Server Update Services (WSUS)

No

You can import this update into WSUS manually. See the Microsoft Update Catalog for instructions.

File Information

For a list of the files that are provided in this update, download the file information for cumulative update 5005104.

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.