ISSUE 20.13.1 • 2023-03-28 By Susan Bradley March updates are ready. Windows 11 22H2, not so much. It’s time to install the updates for the March rele
[See the full post at: MS-DEFCON 4: Win11 22H2 not ready for prime time]
Susan Bradley Patch Lady
![]() |
There are isolated problems with current patches, but they are well-known and documented on this site. |
SIGN IN | Not a member? | REGISTER | PLUS MEMBERSHIP |
Home » Forums » Newsletter and Homepage topics » MS-DEFCON 4: Win11 22H2 not ready for prime time
ISSUE 20.13.1 • 2023-03-28 By Susan Bradley March updates are ready. Windows 11 22H2, not so much. It’s time to install the updates for the March rele
[See the full post at: MS-DEFCON 4: Win11 22H2 not ready for prime time]
Susan Bradley Patch Lady
With Windows XP, Vista, 7 and 10, I used to ignore the toddler pool, but instead I dove straight into the deep end.
No more. For my Windows 11 machine I’ll trustingly wait for Susan to give the all clear.
I think I’ll stick a Susan Shortcut on my desktop.
March updates for W10 22H2: To work around the “no-restart” issue with KB5023696 (You’re up to date) .. after a brief wait period I clicked on “Pause updates for 7 days”.
Then nothing much happened, but after awhile I was offered a “Resume updates” button, which I clicked on and everything proceeded as normal and the restart button popped up .. as normal. All done!
Special note: Although there are many sources on the Web regarding KB5007651, Microsoft does not seem to have its usual dedicated page. Accordingly, we have not provided a link.
But if you click the Learn more link after “Update for Microsoft Defender Antivirus antimalware platform – KB5007651 (Version 1.0.2302.21002)” at Settings, Windows Update, Update history, Definition updates you get this page:
Windows Security Update
This update provides latest updates for Windows Security platform, which is comprised of the Windows Security app and its underlying service.
To obtain the current version of Windows Security app, please run powershell command below:
Get-AppPackage Microsoft.SecHealthUI
More about Windows Security app here.
Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge
Here’s a slightly bizarre bug. As described in this Tweet by Will Dormann, following a very basic set of steps to edit, crop, and save an image results in — nothing. The saved file is the same as the original. That bug is certainly of concern, and it appears that Microsoft will be fixing it soon.
Same size, but not the same image.
Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge
Update for Microsoft Defender Antivirus antimalware platform – KB4052623 (Version 4.18.2302.7)
This update is now available and appeared yesterday. I don’t know what it does and have not yet installed it. It does, however, appear in the Microsoft Update Catalog.
Update for Microsoft Defender Antivirus antimalware platform – KB4052623 (Version 4.18.2302.7) This update is now available and appeared yesterday. I don’t know what it does and have not yet installed it. It does, however, appear in the Microsoft Update Catalog.
Hi geekdom:
I have a Win 10 Pro v22H2 OS and Windows Update automatically delivered this month’s KB4052623 (the monthly platform update for Microsoft Defender) today at the same time as my daily virus definition update. KB4052623 updated my Microsoft Defender platform from v4.18.2301.6 (rel. 14-Feb-2023) to the latest 4.18.2302.7 (rel. 27-Mar-2023), while my scan engine remains at v1.1.20100.6. Release notes for the monthly Microsoft Defender platform and scan engine updates are available in the MS support article Microsoft Defender Antivirus Security Intelligence and Product Updates.
I re-booted after KB4052623 was installed and this update doesn’t appear to be causing any problems on my Win 10 Pro v22H2 laptop. If I click the Windows Security icon in my system tray (or go to Settings | Update & Security | Windows Security | Open Windows Security) and choose Settings | About I now see:
As far as I know the Local Security Authority (LSA) and persistent restart alerts that Susan mentioned in today’s MS-DEFCON 4: Win11 22H2 Not Ready for Prime Time only affect Win 11 v21H2 and v22H2 users who install KB5007651. According to the 21-Mar-2023 BleepingComputer article Microsoft: Defender Update Behind Windows LSA Protection Warnings:
“This issue affects only ‘Update for Microsoft Defender Antivirus antimalware platform – KB5007651 (Version 1.0.2302.21002).’ All other Windows updates released on March 14, 2023 for affected platforms (KB5023706 and KB5023698), do not cause this issue.”
————-
Dell Inspiron 5584 * 64-bit Win 10 Pro v22H2 build 19045.2728 * Firefox v111.0.1 * Microsoft Defender v4.18.2302.7-1.1.20100.6 * Malwarebytes Premium v4.5.25.256-1.0.1957 * Macrium Reflect Free v8.0.7279
KB4052623 installed while I wasn’t looking. It behaved nicely.
However, I’d rather see Microsoft fix another issue — where Snip and Sketch doesn’t recognize the desktop version of Outlook as a platform that one can send the image to for emailing. I kid you not — we upgraded from Windows 7 to Windows 10 just because we loved the feature enhancements to the snipping tool in Windows 10. I am disappointed with the Snip and Sketch release in Windows 11 and do not feel that it is comparable. I’m hoping that one of these days Microsoft will fix that issue as well.
What feature do you feel is missing from Windows 11 Snipping Tool?
I don’t think anything is missing:
Windows 11 Snipping Tool can share to Outlook desktop contacts (tested).
Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge
Snip an image, mail using desktop Outlook (full blown 365 outlook desktop app)
Share to mail supports the Windows 11 mail, not Outlook mail.
Susan Bradley Patch Lady
Snip an image, mail using desktop Outlook (full blown 365 outlook desktop app)
It works for me.
Most posts in that thread are about Windows 10.
Share to mail supports the Windows 11 mail, not Outlook mail.
NOT TRUE:
(Third time I’ve said this now in this thread. Do I need to swear an oath?)
Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge
There is a workaround using several registry keys. It gets rid of the error, but it’s not recommended by Microsoft on its release health dashboard. I’d prefer to have Microsoft fix the issue rather than deal with a workaround.
Workarounds is what I do, for the past 25+ years. Some I figure out myself, some I find online. In this case there were only two registry DWORDS, and one was already in place, so I only needed to add the second and assign its value. And I get this:
I understand that you prefer not to do this, but for me it’s a regular thing. And for me, Windows 11 22H2 is a very good OS. I have yet to experience any of the quirks upon which you have elaborated.
No warnings above Local Security Authority Protection after you click on Device security then Core isolation?
To whom are you addressing this question?
Did I not use an acceptable salutation or something?
I prefer clarity.
No warnings above Local Security Authority Protection after you click on Device security then Core isolation?
MS-DEFCON 4: Win11 22H2 not ready for prime time
The latest bug was introduced by the update for the Microsoft Defender antivirus/antimalware platform (KB5007651, version 1.0.2302.21002). The bug introduces an error on Windows 11 22H2, stating that “Local Security Authority protection is off. Your device may be vulnerable.”
The only Windows 11 bug you mention under this “22H2” headline also applies to Windows 11 21H2:
“Local Security Authority protection is off.” with persistent restart
Once enabled, your Windows device might persistently notify you that it is vulnerable, and a restart is required.
Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge
In a recent bugfest, exploits abounded in countless cases including Teams applications, Tesla cars, Ubuntu desktops, MacOS, and — as expected — Windows 11 22H2.
How do you know that was version 22H2, or not equally applicable to 22H1?
ALL other sites only report a competition exploit of a flaw in Windows 11:
This site always seems to need a big, bad ogre to fear. It used to be Windows 8, then Windows 10. Now you’ve taken a dislike to 11-22H2 for no apparent good reason. You’ve given three separate not-good-reasons today alone. Yet you see no issues with 11-22H2 on your office computers.
Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge
Not seeing issues other than….
LSA warning in the security section
Unable to use snip and sketch effectively
Right mouse click takes two to three more clicks
Task manager access is better than it was, but still wonky
Now layer in today’s fixing of “usb printers”.
Sometimes it’s the little things. And keep in mind I’m considering everyone and not just me who bought good hardware with lots of resources and my machines are not using anything other than Fences software. Add to that most of the security advantages of Windows 11 won’t come into play until/unless you have the proper licensing. I’m not just writing for the uber geeks of Askwoody like yourself but for the average Windows user. I like boring software, what can I say.
Susan Bradley Patch Lady
Here’s another – pinned apps should stay during the upgrade process from 21H2 to 22H2.
Also unconfirmed report that having a lot of shortcuts in explorer is slowing 11 22H2 down after the March update. Haven’t had a chance to prove/disprove that one.
Susan Bradley Patch Lady
Here’s another – pinned apps should stay during the upgrade process from 21H2 to 22H2.
They disappear on restart, not upgrade.
But only after a bunch of apps have already been pinned by an admin using an Intune OMA-URI custom policy. Clearly an issue for some large organizations (reported two days ago). But really obscure for most users.
Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge
Not seeing issues other than….
LSA warning in the security section
Not specific to 11+22H2
Unable to use snip and sketch effectively
Windows 11 doesn’t have snip and sketch but Snipping Tool works perfectly.
Right mouse click takes two to three more clicks
It’s only one extra click for “Show more options”, but NONE if you use Shift+Right-Click:
Disable “Show more options” context menu in Windows 11
Task manager access is better than it was, but still wonky
What’s wonky? Mine’s fine.
Now layer in today’s fixing of “usb printers”.
Mislabelled? Sounds trivial.
Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge
Now layer in today’s fixing of “usb printers”.
Applies to ALL versions of Windows 11 AND all versions of Windows 10:
Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge
I have been using Win 11 Pro since the first test versions were released to the Insider Dev Channel. Those were in a VM since Microsoft changed the Dev channel to include features that won’t be in future releases. It has been my daily production OS since the day it was officially released. It has been stable and reliable. Are there some irritations with the UI? Aboslutely, yes and I’ve either adjusted my habits or found a work around. But overall it has been just fine for me.
--Joe
Thanks for all your hard work, Susan!! Considering the issues with the March 2023 updates (SSD speeds, computers stuck on “updating” after restarting, and some Wi-Fi adapters not functioning correctly), it seems a little early to lower to DEFCON-4. These issues, while well documented elsewhere (BleepingComputer, etc.), have not been addressed on the main AskWoody website.
I do check the Master Patch List, but March KB5023696 had difficulty installing-stuck at 20% after repeated tries. Had to restart several times, didn’t help, finally shut PC down & then started fresh and finally installed. So not all smooth sailing on Win 10.
Would’ve been nice if you saw other users posts with same issue and addressed it.
it looks like both RTM/21H2 & 22H2 versions of Windows 11 recently got their “preview” updates this Tuesday morning March 28 after 10am pacific local time:
KB5023778 (build 22621.1485)
https://support.microsoft.com/help/5023778
KB5023774 (build 22000.1761)
https://support.microsoft.com/help/5023774
note – these new preview updates seem to resolve some new issues with usb printers
This update addresses an issue that affects USB printers. The system classifies them as multimedia devices even though they are not.
Guinea Pig Update (guinea pig perpetual moment (motion) machine)
Version and build after update: Win11Pro 22H2.22621.1485
Microsoft Update Catalog downloaded and installed:
Installed without error and the system rebooted without error.
This may be slightly off the topic but I am looking to move to a new PC and laptop which give me the option of specifying Windows 10 Pro or Windows 11 Pro. Unfortunately, no version identification is given for either the Win 11 or Win 10. Given the issues with the Win 11 mentioned in this article, should I pursue getting a Win 10 version and then move to Win 11 when Win 11 is more “grownup”? Thanks for your help on this issue.
For most users, Windows 11 will be fine on a new machine. You will have an adjustment period for the UI changes. Some of the changes can be mitigated within Windows. Also, there are third-party apps to change the start menu. Microsoft continues to change Windows 11 by adding back some missing functionality and adding new functionality.
As I said above, I’ve used Win 11 as my production OS since it was first released and have found it to be stable and acceptably performant.
--Joe
These are Susan’s recommendations from the Master Patch List. If you get a PC with Win11 now, it will be v22H2.
I recommend Windows 10 22H2 or 21H2 at this time. I do not recommend deploying Windows 11 22H2 as it’s too soon for production use.
Windows 11 22H2: Not recommended
Windows 11 21H2: If you have a Windows 11 PC, recommended
Windows 10 22H2: Recommended
Windows 10 21H2: Recommended (if a vendor won’t support 22H2)
It is unusual for me to have a problem updating my Win 10 22H2 Home, but yesterday after Susan said to update I started the download. Almost immediately within say 5 minutes it showed You are up to date. That sounded too quick so I reopened Win Update and it showed Downloading 0% complete.
My Ethernet Status was showing downloading at an extremely slow rate, like a few MB per hour. Again after a few minutes Win Upd again showed You are up to date. Reopened Win Upd and still downloading 0% complete. This went on for several hours. I did notice Delivery Optimization had been turned on by the update as I NEVER have that on as I do not want who knows what worldly PC passing stuff to my PC. I turned that off and still no change to horrible download speed (all other stuff on PC downloading quickly).
So I figured it was just MS overwhelmed and would try next day.
Today same thing. Out of desperation I finally decided to risk a Restart in the middle of a download. And, BOOM, everything started working. Downloaded 750 MB quickly and started install. Very weird.
Win Upd also installed a printer driver update. So maybe that had something to do with it.
See #post-2547326 above.
Mine was a slightly different manifestation of the same problem as mine started normally but then went into that false up to date.
Another different manifestation on my other Win 10 22H2 Home was that it started normally but instead of going into an up to date loop it just immediately gave me an errror with a retry button. Again I fixed it with a restart.
So whatever the cause is I feel sorry for people not using AskWoody as those people probably have no idea why their PC won’t update but pretends to be updated.
Hard to be positive it was a result of this update, but too coincidental that Windows Search stopped working. Service could not be started. Stopped immediately. And when I noticed this, there were 933 error 1067’s in Event Manager.
I had no indexes. It was VERY difficult to get working and not 100% what of the things I did worked to get it back and indexed again. I did delete the registry key whith search options which broke Microsoft office instantly, and then re-merging the WinSearch Options key got it to start indexing. But I did a few other things like DISM and SFC (which found something, though did not start the service again) and Troubleshooter for Search.
Some combination worked. And MANY reboots in between.
Just a heads up. In the article I said that after rebooting on the Windows 11 22H2 it’s not fixed. What’s not fixed is the cosmetic bug. LSA security is functional even WITHOUT the registry key. But I still consider this cosmetic bug as a big issue. Why? Because it’s yet another false alert I have to mentally go “oh yeah, that’s a Windows 11 machine that is still impacted, I can ignore this” on every impacted 11. But therein lies the rub, because the security center is no longer accurate I may miss something in the alert section.
Bottom line cosmetic bugs to someone who relies on GUI indicators is still a big problem that needs to be addressed sooner versus later.
Susan Bradley Patch Lady
Windows 11 21H2 too:
“Local Security Authority protection is off.” with persistent restart
Once enabled, your Windows device might persistently notify you that it is vulnerable, and a restart is required.Confirmed 2023-03-21
Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge
I am Win10/Pro, 22H2 on two laptops.
KB5023696 CU for Windows installed, producing a RESTART button on both laptops.
KB5024670 CU for .NET 6.0.15 installed, producing a RESTART button on one laptop and NOT producing a RESTART button on the other one, but it IS installed according to Apps & Features, Control Panel>Programs and Features, and Update History.
producing a RESTART button on one laptop and NOT producing a RESTART button on the other one
Probably one PC was running an app that used .NET files so required a restart to free and updates files while and the other PC didn’t not.
I have the March updates paused until April 13, 2023. When do you think it will be safe to update? The only update Belarc is showing is KB5023706 and I have Avg Free Antivirus installed. I’m getting nervous that they will auto update when the April updates start next week. Thanks for your help.
Edition Windows 11 Pro
Version 22H2
Installed on 10/19/2022
OS build 22621.1702
We only had 1 issue with the March updates and that was a win10 system which was waaay out of date. Lost her HP USB printer but reinstall of printer software fixed that.
Updated 5 windows 11 systems with no issues running eset, the LSA warning on one that uses windows defender but just left the warning for now. Haven’t had any reports of issues with the others that do their own updating. Note none have start all or any of those type programs.
Never Say Never
Success! Took 8 minutes to download and 2 restarts but everything is working including the Brothers printer. Now I can pause updates again. LOL Thank you very much for giving me confidence.
Edition Windows 11 Pro
Version 22H2
Installed on 10/19/2022
OS build 22621.1702
So not all smooth sailing on Win 10.
For most including me (I am using WUmgr) it was smooth sailing.
Update problems are unique to each Windows OS configuration, using 3rd party hacking tools, software running in the background (you should disable A/V app prior to installing updates, unless you don’t trust Microsoft that may add malware to updates)..
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 11, Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.
Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.
Mastodon profile for DefConPatch
Mastodon profile for AskWoody
Home • About • FAQ • Posts & Privacy • Forums • My Account
Register • Free Newsletter • Plus Membership • Gift Certificates • MS-DEFCON Alerts
Copyright ©2004-2023 by AskWoody Tech LLC. All Rights Reserved.