Patch Tuesday May Updates for Windows 8.1 (KB5014011) and Windows 7 (KB5014012) are out

Microsoft released the Patch Tuesday Update for Windows 8.1 ( KB5014011 ) and Windows 7 ( KB5014012 ) today, as it is the second Tuesday of the month. Installing them will protect your system from certain vulnerabilities, but both also come with known issues. Here’s what each release contains and their known issues.

Windows 8.1

Improvements

This cumulative security update contains the improvements that are part of update KB5012670 (released April 12, 2022) and new fixes for the following issues:

  • The Key Distribution Center (KDC) code incorrectly returns a KDC_ERR_TGT_REVOKED error message during a domain controller shutdown.
  • After you install the January 2022 Windows Update or a later Windows Update on a Primary Domain Controller Emulator (PDCe), enumerating or changing name suffix routing using the Netdom.exe snap-in or Active Directory Domains and Trusts snap-in may fail and you will receive the following error message: “Insufficient system resources to run the requested service.”
  • The primary domain controller (PDC) for the root domain incorrectly logs warning and error events to the syslog when attempting to scan outbound-only trusts.

Known issues in this update

Symptom Workaround

Some operations, such as renaming, performed on files or folders on a Cluster Shared Volume (CSV) may fail with “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)” error. This happens when you perform an operation on the CSV owner node from a process that does not have administrative rights.

Perform one of the following actions:

Perform the operation from a process with administrator rights.

Perform the operation from a host that does not own the CSV.

Microsoft is working on a solution and will provide an update in a future release.

After installing updates that were released on January 11, 2022 or later updates, applications that use the Microsoft .NET Framework to get or set Active Directory forest trust information may crash, close, or you may receive an error message from the application or Windows. You may also receive an Access Violation Error (0xc0000005).

To resolve this issue manually, apply unscheduled updates for the version. NET Framework used by the application.

Windows 7

Improvements

This cumulative security update contains the improvements that are part of update KB5012626 (released April 12, 2022) and new fixes for the following issues:

  • The Key Distribution Center (KDC) code incorrectly returns a KDC_ERR_TGT_REVOKED error message during a domain controller shutdown.
  • After you install the January 2022 Windows Update or a later Windows Update on a Primary Domain Controller Emulator (PDCe), enumerating or changing name suffix routing using the Netdom.exe snap-in or Active Directory Domains and Trusts snap-in may fail and you will receive the following error message: “Insufficient system resources to run the requested service.”
  • The primary domain controller (PDC) for the root domain incorrectly logs warning and error events to the syslog when attempting to scan outbound-only trusts.

Known issues in this update

Symptom Workaround

After you install this update and restart your device, you may receive the error “Windows updates could not be configured. Revert changes. Do not turn off your computer” and the update may appear as “Error” in the update history.

This is expected under the following circumstances:

  • If you are installing this update on a device with an edition that is not supported for ESU. For a complete list of supported editions, see KB4497181.
  • If you do not have an additional ESU MAK key installed and activated.
  • If you have purchased an ESU key and are experiencing this issue, please ensure that you have applied all prerequisites and that your key is activated. See this blog post for activation information. For prerequisite information, see the “How to get this update” section of this article.

Some operations, such as renaming, performed on files or folders on a Cluster Shared Volume (CSV) may fail with “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)” error. This happens when you perform an operation on the CSV owner node from a process that does not have administrative rights.

Perform one of the following actions:

  • Perform the operation from a process with administrator rights.
  • Perform the operation from a host that does not own the CSV.

Microsoft is working on a solution and will provide an update in a future release.

You can get these updates through Windows Update or download them manually: Windows 8.1 KB5014011 , Windows 7 KB5014012 .