View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Software
October 7, 2022

New Windows 11 security patch breaks provisioning, Microsoft warns

Microsoft recommends provisioning new machines using Windows 11 21H2 then updating to 22H2 once installed.

By Ryan Morrison

A new Windows 11 update could break provisioning – the ability to configure end-user devices – for those companies applying it to new devices on a network, Microsoft has warned. MSFT recommends that devices are provisioned before the patch is activated manually.

Windows 11's latest update, version 22H2 breaks provision for roll-out in an enterprise environment (Photo: rawf8/Shutterstock)
Windows 11’s latest update, version 22H2 breaks provision for roll-out in an enterprise environment. (Photo by rawf8/Shutterstock)

The patch, version 22H2 of Windows 11, was released on 22 September. As well as patching known vulnerabilities and bugs within the system, it brought with it several new problems including a printing error and the provisioning fault.

The provisioning issue first came to light last week with reports on the Microsoft Q&A platform of roll-outs “failing miserably” on 22H2 that worked on 21H2. The reports suggested the package is being installed but not processed, throwing out a range of errors and triggering restarts.

According to Microsoft, which says it is investigating the problem, “Windows might only be partially configured, and the out-of-box experience might not finish or might restart unexpectedly.” It doesn’t impact provisioning using Windows Autopilot or those used in homes and small offices.

The update was blocked from certain machines running the IPP Class printer driver or the universal print driver due to an issue that causes installed printers to only allow default settings and so are unable to print specific features including colour and double-sided printing. Rather than cause organisations to roll-back the update, Microsoft put a “compatibility hold” on the roll-out of 22H2 for machines with these drivers to “safeguard your upgrade experience”.

Windows 11 update: fixes… and new bugs

There are also reports of remote desktops not connecting, randomly disconnecting or even freezing without warning after the install of 22H2, according to Microsoft. The issue, as well as others reported since the roll-out began, is under active investigation with a potential fix in development for some issues.

Another issue that Microsoft will have to tackle in this update is a problem with performance degradation when copying large files from a remote computer to a system running 22H2. This leaves users facing a 40% drop in throughput when copying files larger than a few gigabytes.

Content from our partners
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK

Despite all these bugs, Microsoft says it is pressing ahead with a new deployment phase for 22H2, making it available to anyone with an eligible device.

There are several new security features released as part of 22H2 including protections against credential theft and account lockout. It also saw the roll-out of a Kernel Mode Hardware Enforced Stack Protection that provides extra security to kernel-level software and blocks out a number of exploits that use code-execution vulnerabilities.

A feature that underpins several key Windows security features, the hypervisor-protected code integrity system will be turned on by default on more computers in future, including any with Intel eighth-generation chipsets and higher, and Windows 11 Enterprise licensed machines will now have Windows Defender Credential Guard on automatically. This protects against pass-the-hash and pass-the-ticket attacks.

For enterprise users, 22H2 also brings other updates including having File Explorer show both the sync status of OneDrive files more clearly and who last edited those files so teams can see more quickly what changes have been made. Microsoft has also updated its voice control and dictation features that allow for more accurate recognition, and Narrator has been more tightly integrated into Microsoft Edge.

Read more: Windows Autopatch could spell the end for Patch Tuesday

Topics in this article : ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU