Check out KB5015807 for Windows 10: All you need to know

You surely heard about all of the security updates that the Redmond-based tech colossus has released during this month’s Patch Tuesday rollout.

All of the versions of the Windows operating system that are still eligible for these security software downloads have received the latest improvements.

For Windows 10 users, KB5015811 is available for version 1809, and KB5015807 is available for Windows 10 versions 20H2, 21H1, and 21H2.

We’re going to take a closer look at this cumulative update and determine what are the most notable changes with this patch.

What does KB5015807 bring to Windows 10?

Similar to the Windows 11 update, both the above-mentioned updates address a problem with PowerShell as well as fix various security issues.

Needless to say, besides all the fixes and tweaks, these updates also bring a lot of improvements to the already popular OS.

The only difference between KB5015807 and KB5014666, which was released at the end of June, is the fix for the PowerShell issue.

Here’s what’s new

• Addresses an issue that redirects the PowerShell command output so that transcript logs do not contain any content. Transcript logs might contain decrypted passwords if you turn PowerShell logging on. Consequently, the transcript logs lose the decrypted passwords.
• Adds IP address auditing for incoming Windows Remote Management (WinRM) connections in security event 4262 and WinRM event 91. This addresses an issue that fails to log the source IP address and machine name for a remote PowerShell connection.
• Adds Server Message Block (SMB) redirector (RDR) specific public File System Control (FSCTL) code FSCTL_LMR_QUERY_INFO.
• Addresses an issue that affects the Cloud Clipboard service and prevents syncing between machines after a period of inactivity.
• Addresses an issue that prevents the Pashto language from appearing in the language list.
• Enables the InternetExplorerModeEnableSavePageAs Group Policy. For more information, see Microsoft Edge Browser Policy Documentation.
• Addresses an issue that affects the touchpad area that responds to a right-click (the right-click zone). For more information, see Right-click zone. 
• Addresses an issue that affects some certificates chains to Root Certification Authorities that are members of the Microsoft Root Certification Program. For these certificates, the certificate chain status can be, “This certificate was revoked by its certification authority”.
• Addresses an issue that leads to a false negative when you run scripts while Windows Defender Application Control (WDAC) is turned on. This might generate AppLocker events 8029, 8028, or 8037 to appear in the log when they should not.
• Addresses an issue that prevents the use of Encrypted File System (EFS) files over a Web-based Distributed Authoring and Versioning (WebDAV) connection.
• Addresses an issue that causes a domain controller to incorrectly write Key Distribution Center (KDC) event 21 in the System event log. This occurs when the KDC successfully processes a Kerberos Public Key Cryptography for Initial Authentication (PKINIT) authentication request with a self-signed certificate for key trust scenarios (Windows Hello for Business and Device Authentication).
• Addresses an issue that causes the LocalUsersAndGroups configuration service provider (CSP) policy to fail when you modify the built-in Administrators group. This issue occurs if the local Administrator account isn’t specified in the membership list when you perform a replace operation.
• Addresses an issue in which malformed XML inputs might cause an error in DeviceEnroller.exe. This prevents CSPs from being delivered to the device until you restart the device or correct the XML.
• Addresses an issue that causes Microsoft NTLM authentication using an external trust to fail. This issue occurs when a domain controller that contains the January 11, 2022 or later Windows update services the authentication request, is not in a root domain, and does not hold the Global Catalog role. The affected operations might log the following errors:The security database has not been started.
• The domain was in the wrong state to perform the security operation.
• 0xc00000dd (STATUS_INVALID_DOMAIN_STATE).
• Addresses a known issue that might prevent you from using the Wi-Fi hotspot feature. When attempting to use the hotspot feature, the host device might lose the connection to the internet after a client device connects.
• Addresses a known issue that might prevent the Snip & Sketch app from capturing a screenshot or from opening using the keyboard shortcut (Windows logo key+Shift+S). This issue occurs after installing the February 8, 2022 and later updates.

These are the changes coming to Windows 10 users via KB5015811 and KB5015807. You can install these updates from your Windows Updates tool, or through the Microsoft Update Catalog.

To learn about the latest updates, be sure to read our Your Windows 10 safety net: KB5034122 – Why it’s crucial for all users article.

Have you noticed any other issues after installing these updates? Share your experience with us in the comments section below.