Windows 10 & 11 May Patch Tuesday [DIRECT DOWNLOAD LINKS]

Check out this month's security patch tollout

Reading time icon 9 min. read


Readers help support Windows Report. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help Windows Report effortlessly and without spending any money. Read more

Key notes

  • In case you didn't know, the May 2023 Patch Tuesday security updates are out.
  • Just to make it easier for you, we have gathered all the download links right here.
  • Get the cumulative update you need right now and keep your device up to date.
PT may

Yes, you guessed it! The third round of the monthly Patch Tuesday updates of 2023 have arrived, and they bring an entire array of changes for both Windows 10 and Windows 11, regardless of whether it is a newer or an older version.

As we announced earlier today, the May 2023 Patch Tuesday updates are expected to fix some of the issues that were still pending, and in the article below we will be looking to see exactly what we get.

We’ve included detailed changelogs for each cumulative update, and we will also be providing you with direct download links from Microsoft’s Windows Update Catalog, so you know that they are secure.

Alternatively, you can always use other methods to get the latest updates, including:

  • The Windows Update menu on your OS
  • The WSUS (Windows Server Update Service)
  • Group Policies set up by your admins if you’re part of a larger network.

Changes included in the May Patch Tuesday Updates

Windows 11

As most of you know by now, Microsoft released its latest operating system, Windows 11, on the 5th of October, 2021.

Five months after the general rollout, the new OS seems to become increasingly stable and far less buggy than we’ve gotten used to.

You might also like to know that the 22H2 version of Windows 11, the operating system’s first major update, has already been declared feature complete.

It will, most likely, come in the first half of the year, so we might just get it until the summer. Of course, there is a possibility that the Redmond tech giant could postpone to the third, or fourth quarter.

Cumulative update name

KB5026368

Improvements and fixes

  • This update addresses a race condition in Windows Local Administrator Password Solution (LAPS). The Local Security Authority Subsystem Service (LSASS) might stop responding. This occurs when the system processes multiple local account operations at the same time. The access violation error code is 0xc0000005.

Known issues

  • After installing this or later updates, Windows devices with some third-party UI customization apps might not start up. These third-party apps might cause errors with explorer.exe that might repeat multiple times in a loop. The known affected third-party UI customization apps are ExplorerPatcher and StartAllBack. These types of apps often use unsupported methods to achieve their customization and as a result can have unintended results on your Windows device.

Windows 10 versions 21H2, 21H1, and 20H2

Windows 10 v21H2 is the latest major version of Windows 10, and as such has the most experimental features on it.

Fortunately, most bugs that were first present when it was first made available have been weeded out, and this version of Windows 10 is far more stable.

Cumulative update name

KB5026361 

Improvements

  • This update addresses a race condition in Windows Local Administrator Password Solution (LAPS). The Local Security Authority Subsystem Service (LSASS) might stop responding. This occurs when the system processes multiple local account operations at the same time. The access violation error code is 0xc0000005.

Known issues

  • Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later.
Note icon NOTE
Devices that connect directly to Windows Update to receive updates are not affected. This includes devices using Windows Update for Business. Any device connecting to Windows Update should always receive the latest versions of the SSU and latest cumulative update (LCU) without any extra steps. 

[DIRECT DOWNLOAD LINK]

Windows 10, version 1809

This version of the OS is outdated and will no longer receive any updates from the tech company. Users that are still running this old version on their devices are strongly advised to choose a more recent one to update to.

If you still want to use Windows 10 and are not willing to upgrade to 11, you don’t have to do so right away. After all, Microsoft announced that the support for Windows 10 will go on until 2025.

Cumulative update name

KB5026362 

Improvements and fixes:

  • This update addresses an issue that affects conhost.exe. It stops responding.  
  • This update affects the Islamic Republic of Iran. The update supports the government’s daylight saving time change order from 2022.
  • The update addresses an issue that affects the Remote Procedure Call Service (RPCSS). A lock order inversion causes a deadlock in it.
  • This update addresses an issue that affects the Key Distribution Center (KDC) service. When the service stops on a local machine, signing in to all local Kerberos fails. The error is STATUS_NETLOGON_NOT_STARTED.
  • This update addresses an issue that affects accounts that run the Set-AdfsCertificate command. The command fails. This occurs when an account does not have read permissions for the related Distributed Key Manager (DKM) container.
  • This update addresses an Active Directory Federation Services (AD FS). You might need to retry authentication multiple times to sign in successfully.
  • This update addresses an issue that affects SMB Direct. Endpoints might not be available on systems that use multi-byte character sets.
  • This update addresses an issue that might affect the Windows Local Administrator Password Solution (LAPS). It might fail. This occurs on versions of Windows Server 2019 that run Server Core. The error is 0x8007007f.
  • This update addresses an issue that affects apps that use DirectX on older Intel graphics drivers. You might receive an error from apphelp.dll.
  • This update addresses a race condition in Windows LAPS. The Local Security Authority Subsystem Service (LSASS) might stop responding. This occurs when the system processes multiple local account operations at the same time. The access violation error code is 0xc0000005.
  • This update addresses an issue that affects the legacy Local Administrator Password Solution (LAPS) and the new Windows LAPS feature. They fail to manage the configured local account password. This occurs when you install the legacy LAPS .msi file after you have installed the April 11, 2023, Windows update on machines that have a legacy LAPS policy. 

Known issues

  • After installing KB5001342 or later, the Cluster Service might fail to start because a Cluster Network Driver is not found.
  • After installing updates released January 10, 2023, and later, kiosk device profiles that have auto log on enabled might not sign in automatically. After Autopilot completes provisioning, affected devices will stay on the sign-in screen prompting for credentials.

Windows 10, version 1607

Windows 10, version 1607 has reached the end of service for all of its available editions. Update to the latest version of Windows 10 in order to keep your system protected.

Cumulative update name

KB5026363 

Improvements and fixes

  • This update affects the Islamic Republic of Iran. The update supports the government’s daylight saving time change order from 2022.
  • This update addresses an issue that affects the Key Distribution Center (KDC) service. When the service stops on a local machine, signing in to all local Kerberos fails. The error is STATUS_NETLOGON_NOT_STARTED.
  • This update addresses an issue that affects Microsoft Edge IE mode. The issue stops you from configuring add-ons.

[DIRECT DOWNLOAD LINK]

Windows 8.1

Although considered obsolete, there are still many users that choose to stick with good old Windows 8.1, for different reasons.

Due to this, Microsoft has continued to provide security updates for this old version of the operating system.

During this Patch Tuesday rollout, the Redmond-based tech giant did not forget about the OS and has released yet another security patch.

Cumulative update name

KB5026415 

Improvements and fixes

  • By order of the Islamic Republic of Iran on September 22, 2022, daylight saving time (DST) will no longer be observed and the republic will remain on Iran Standard Time UTC+03:30.
  • Local Kerberos authentication fails if the local Key Distribution Center (KDC) service is stopped. Additionally, all local Kerberos logons fail with the error STATUS_NETLOGON_NOT_STARTED.
  • After the Windows Monthly Rollup dated on or after November 8, 2022, is installed, Kerberos constrained delegation (KCD) fails with the error message KRB_AP_ERR_MODIFIED on Read/Write Domain Controllers.

[DIRECT DOWNLOAD LINNK]

Windows 7 SP1

Maybe some of you might have forgotten about the veteran on this list, but Microsoft sure hasn’t done so, at least yet.

There are still too many users on this old operating system for the company to simply put it in the back of its head and pay it no attention.

And yes, the May 2022 Patch Tuesday rollout brings another security update for Windows 7 SP1. Let’s see what this is all about.

Cumulative update name

KB5026413 

Changes and improvements

  • By order of the Islamic Republic of Iran on September 22, 2022, daylight saving time (DST) will no longer be observed and the republic will remain on Iran Standard Time UTC+03:30.
  • After the Windows Monthly Rollup dated on or after November 8, 2022, is installed, Kerberos constrained delegation (KCD) fails with the error message KRB_AP_ERR_MODIFIED on Read/Write Domain Controllers.

Known issues

  • After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.

This wraps up our brief overview of this month’s Patch Tuesday updates, and we hope that by reading the changelogs above, you will make a more informed decision regarding whether to update or not.

However, keep in mind that if you choose not to update for too long, you will risk exposing yourself to subsequent malware attacks that usually follow the Patch Tuesday updates, called Exploit Wednesday.

On that note, if you do prefer to wait out until Microsoft fixes the issues detected in this month’s updates, know that you can always choose to delay the Update notification that you get for up to 35 days.

All in all, it is important to remember that the Patch Tuesday updates are released for a reason, so installing them, eventually, is something that you should do.

Have you already downloaded the security updates for your version of the Windows operating system? Let us know in the comments section below.

More about the topics: patch tuesday