July 13, 2021—KB5004237 (OS Builds 19041.1110, 19042.1110, and 19043.1110)
Highlights
Updates for verifying usernames and passwords.
Updates to improve security when Windows performs basic operations.
Updates an issue that might make printing to certain printers difficult. This issue affects various brands and models, but primarily receipt or label printers that connect using a USB port.
Improvements and fixes
Note To view the list of addressed issues, click or tap the OS name to expand the collapsible section.
Windows 10 servicing stack update - 19041.1081, 19042.1081, and 19043.1081
This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates.
Windows 10, version 21H1
This security update includes quality improvements. Key changes include:
This build includes all the improvements from Windows 10, version 2004.
No additional issues were documented for this release.
Windows 10, version 20H2
This security update includes quality improvements. Key changes include:
This build includes all the improvements from Windows 10, version 2004.
No additional issues were documented for this release.
Windows 10, version 2004
Note: This release also contains updates for Microsoft HoloLens (OS Build 19041.1157) released July 13, 2021. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have not updated to this most recent OS Build.
This security update includes quality improvements. Key changes include:
Addresses an issue that might make printing to certain printers difficult. This issue affects various brands and models, but primarily receipt or label printers that connect using a USB port.
Removes support for the PerformTicketSignature setting and permanently enables Enforcement mode for CVE-2020-17049. For more information and steps to enable full protection on domain controller servers, see Managing deployment of Kerberos S4U changes for CVE-2020-17049.
Adds Advanced Encryption Standard (AES) encryption protections for CVE-2021-33757. For more information, see KB5004605.
Addresses a vulnerability in which Primary Refresh Tokens are not strongly encrypted. This issue might allow the tokens to be reused until the token expires or is renewed. For more information about this issue, see CVE-2021-33779.
Security updates to Windows Apps, Windows Management, Windows Fundamentals, Windows Authentication, Windows User Account Control (UAC), Operating System Security, Windows Virtualization, Windows Linux, the Windows Kernel, the Microsoft Scripting Engine, the Windows HTML Platforms, the Windows MSHTML Platform, and Windows Graphics.
If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.
For more information about the resolved security vulnerabilities, please refer to the new Security Update Guide website.
July 13, 2021—KB5004237 (OS Builds 19041.1110, 19042.1110, and 19043.1110)
Microsoft has released KB5004237 for Windows 10 version 2004, Windows Server version 2004, Windows 10 version 20H2, Windows Server version 20H2, and Windows 10 version 21H1.