KB4598229 and KB4598242 affect system and user certificates

Teodor Nechita
by Teodor Nechita
Software Managing Editor
Eager to help those in need, Teodor writes articles daily on subjects regarding Windows, Xbox, and all things tech-related. When not working, you may usually find him either at the gym or taking a... Read more
Affiliate Disclosure
  • Patch Tuesday is finally here, and it brings changes to all versions of Windows 10.
  • This includes cumulative update KB4598229 and KB4598242 for Windows 10 v1903/1909 and Windows 10 v2004/v20H2
  • This update affects user certificates after updates, removing them during the update process.
  • Read more about the changes below, and update your system as soon as possible!

With the arrival of the first Patch Tuesday updates of the year, users already had big expectations for what was to come, especially considering how eventful 2020 was.

Well, the January Patch Tuesday updates weren’t a let-down at all, as it brought many fixes to all major version of Windows 10, from version 1507 to version 20H2.

As always, each cumulative update is different than the other, since each version of Windows is different from one another.

Because of this, it’s only natural that some cumulative updates stand out because of what new features they bring, or what system-breaking bug they fix, and that is definitely the case with KB4598229 and KB4598242.


KB4598229 and KB4598242 may affect user certificates

According to Microsoft’s own changelog:

System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10.

Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated.

This primarily happens when managed devices are updated using outdated bundles or media through an update management tool such as Windows Server Update Services (WSUS) or Microsoft Endpoint Configuration Manager.

This might also happen when using outdated physical media or ISO images that do not have the latest updates integrated.

However, Microsoft wanted it to be noted that devices using Windows Update for Business or that connect directly to Windows Update are not impacted.

They added that all devices connecting to Windows Update should always receive the latest versions of the feature update.

They also provided users with a workaround to this feature suggesting that users simply perform a system rollback to before they applied the update.

They also went ahead and provided users with a detailed guide on how to do so too.


Given the changes, we recommend that anyone running Windows 10 v1903/v1909 should postpone the update of their PC until a fix is found.

If you don’t have much experience with how Patch Tuesday works, we’ve prepared an in-depth article where we will guide you every step of the way with useful information.

Additionally, if you don’t want to wait for Patch Tuesday to become available in your region and want it right away, we have created this amazing article that acts as both a changelog and a source of download links from the Windows Update Catalog.

This article covers:Topics: