June 2022 cumulative update is now available for all Windows 10 users under the name “KB5014699”. Since this is a security patch, you must upgrade your system to this update. This is available via all channels namely Windows Update, WSUS, and Update Catalog.
Installing this cumulative update will increase the OS Build of 21H2, 21H1, and 20H2 to 19044.1766, 19043.1766, and 19042.1766 respectively.
KB5014699 Changelog
- Improves the security of Windows Components and Microsoft Services.
- Works upon an elevation of privilege (EOP) vulnerability under CVE-2022-30154 for the Microsoft File Server Shadow Copy Agent Service. For this to happen, you must install 14th Jun 2022, or later Windows update on both the application server and the file server. Only then, your system becomes protected and functional.
Note:
- The application server runs the Volume Shadow Copy Service (VSS) aware application that stores data on the remote Server Message Block 3.0 (or higher) shares on a file server.
- The file server hosts the file shares.
In case you don’t install the update on both machine roles, backup operations carried out by applications, which previously worked, might fail. When this occurs, the Microsoft File Server Shadow Copy Agent Service will log FileShareShadowCopyAgent event 1013 on the file server.
Known Issues on KB5014699
- PSFX_E_MATCHING_BINARY_MISSING Error: To overcome this error in Windows 11/10, try this workaround i.e. KB5005322.
- The Snip & Sketch application might fail to capture a screenshot after installing this cumulative update on your PC. Several users reported facing errors when they were trying to start Snip & Sketch using the shortcut Windows key + Shift + S. As of now, there is no permanent resolution to this problem. So, wait till Microsoft provides a fix to this issue in its upcoming updates.
How to get this security patch
Before you install this cumulative update on your computer, make sure to note down the following key points –
Make sure to first install the June 14, 2022 update on all your intermediate or application servers that pass authentication certificates from authenticated clients to the domain controller (DC). After this, you may download and install the latest cumulative update on your computer.
Alternatively, you may also pre-populate CertificateMappingMethods to 0x1F as documented in the Registry key information section of KB5014754 on all DCs. Delete the CertificateMappingMethods registry setting only after the June 14, 2022 update has been installed on all intermediate or application servers and all DCs.
Note: It is not required of you to restart your PC when you are either adding, modifying or removing the registry setting related to CertificateMappingMethods.
Prerequisites to download June 2022 Security Update
The recent SSU for Windows 10 20H2, 21H1, and 21H2 are 19042.1737, 19043.1737, and 19044.1737. Ensure installing the recent servicing stack update on your computer, otherwise, the update process may fail or get stuck at some percentage of downloading the updates.
- For offline OS image servicing
If you had not upgraded your system to March 22, 2022 (KB5011543) cumulative update, you need to first install the special standalone May 10, 2022, SSU i.e. KB5014032.
- When opting to update Windows manually via Update Catalog or through WSUS
Your device must have been upgraded to May 11, 2021 (KB5003173) or later LCU for the KB5014699 update to run smoothly. If not, go and install the special standalone August 10, 2021 SSU (KB5005260) before installing this update.
Download and Install KB5014699
To download and install this patch update on your Windows 10 21H2, 21H1, or 20H2 PCs, follow either of the below channels –
- Windows Update: Go to
Settings (Win + I) > Windows Update, and hit Check for updates. The system will check for any pending updates and download/install them automatically on your computer. - Update Catalog: Alternatively, you may also install KB5014699 by manually visiting the Update Catalog site by Microsoft and downloading the recent standalone package. After the download completes, double-click on the downloaded setup (.msu file format) to upgrade your OS Build.
- WSUS: The updates will download and install automatically if you have configured the Product to “Windows 10, version 1903 and later” and classification to Security Updates.
