KB5014666: New optional update for Windows 10

Microsoft has released a new “Out of Band” type update for Windows 10 taken over as KB5014666. As its name suggests, it is optional which implies that you have to search for updates yourself to be able to install it.

As Patch Tuesday is just under two weeks away, Microsoft is releasing a new Windows 10 update to bring various improvements to the operating system. Resumed under the name KB5014666, it is working to correct several problems that could be missing, in particular concerning the use of the Wi-Fi access point or the right click on the touchpad. Here are all the changes included in the changelog published by Microsoft regarding this update:

• New! Adds IP address auditing for incoming Windows Remote Management (WinRM) connections in security event 4262 and WinRM event 91. This fixes an issue that fails to log the source IP address and the machine name for a remote PowerShell connection.

• New! Adds the FSCTL_LMR_QUERY_INFO code specific to the Server Message Block (RDR) public File System Control (FSCTL) forwarder.

• New! Introducing the following print and scan features:

  • Support for IPP over USB – Microsoft supported Internet Printing Protocol (IPP) for network printers starting in 2018 with the release of Windows 10, version 1809. We are now extending support for IPP to USB printers.

  • Printing Support Application (PSA) API – Using the PSA framework, printer manufacturers can extend printer functionality and user experience.

  • PIN Protected Printing for IPP and Universal Printing – Standard print dialogs now include a user interface for entering a PIN.

  • eSCL Mopria Scan protocol – Windows now supports the eSCL Mopria Scan protocol. It can be used with Mopria-certified scanners.

• Addresses an issue that affects the Cloud Clipboard service and prevents synchronization between machines after a period of inactivity.

• Fixes an issue that prevents the Pashto language from appearing in the language list.

• Enable Group Policy InternetExplorerModeEnableSavePageAs

• Addresses an issue that affects the area of ​​the touchpad that responds to a right-click (the right-click area). For more information, see Right-Click Area .

• Addresses an issue that affects certain certificate chains for root certification authorities that are members of the Microsoft Root Certification Program. For these certificates, the status of the certificate chain may be “This certificate has been revoked by its certificate authority”.

• Addresses an issue that results in a false negative when you run scripts while Windows Defender Application Control (WDAC) is enabled. This can generate AppLocker events 8029, 8028, or 8037 appearing in the log when they shouldn’t.

• Addresses an issue that prevents the use of Encrypted File System (EFS) files over a Distributed Authoring and Versioning (WebDAV) connection.

• Addresses an issue that causes a domain controller to incorrectly write Key Distribution Center (KDC) event 21 to the System Event Log. This occurs when the KDC successfully processes a Kerberos Public Key Cryptography for Initial Authentication (PKINIT) authentication request with a self-signed certificate for key trust scenarios (Windows Hello for Business and Device Authentication).

• Addresses an issue that causes the Configuration Service Provider (CSP) policy LocalUsersAndGroups to fail when you modify the built-in Administrators group . This problem occurs if the local administrator account is not specified in the member list when you perform a replace operation.

• Addresses an issue where malformed XML inputs may cause an error in DeviceEnroller.exe . This prevents CSPs from being delivered to the device until you reboot the device or fix the XML.

• Addresses an issue that causes Microsoft NTLM authentication to fail using an external trust. This issue occurs when a domain controller that contains Windows Update Services January 11, 2022 or later, the authentication request, is not in a root domain and does not hold the global catalog role. Affected operations may log the following errors:

  • The security database has not been started.

  • The domain was in the wrong state to perform the security operation.

  • 0xc00000dd (STATUS_INVALID_DOMAIN_STATE).

• Addresses an issue that affects devices enrolled in Update Compliance that have installed non-security April 2022 Windows Updates or later. For more information, see Monitor Windows Updates with Update Compliance. Devices that are enrolled in other Windows Diagnostic Data Processor configuration programs or that have combined enrollment with one of these programs and update compliance are not affected.

• Addresses a known issue that may prevent you from using the Wi-Fi hotspot feature. When attempting to use the hotspot feature, the host device may lose connection to the internet after connecting to the a client device.

How to install this update?

Since KB5014666 is an optional update, it will not automatically install on your PC. To be able to download it, you will therefore have to go to Windows 10 Settings > Update and security > Windows Update and click on the search button for the update. After a few moments, it should appear and it will be applied as soon as your PC restarts.