Everything you need to know about the latest Windows 11 updates - from bug fixes to brand-new features
Two new cumulative updates are on the way and will be installed automatically on Windows 10 and Windows 11 machines
Microsoft has been busy in the past few days with a series of announcements and patches, including new features for the Windows Subsystem for Android and critical security updates.
We’ve listed some of the top features included in the new Windows 11 updates, including details of the latest vulnerabilities affecting devices that haven’t yet been updated.
File sharing with Android
Windows Insiders can now share files directly from their user folder to the Windows Subsystem for Android.
Windows Subsystem for Android allows users to run Android apps directly on their device, provided they are downloaded directly through the Amazon Appstore.
Beat cyber criminals at their own game
A guide to winning the vulnerability race and protection your organization
DOWNLOAD FOR FREE
Much like Windows Subsystem for Linux, it negates the need for manual virtualization and allows developers to debug Android APK files directly on their PC.
Apps must request file viewing and editing permission through a system dialog each time they are connected to a compatible device, and this can be revoked at any point. System folders and hidden folders are excluded from file sharing.
Microsoft also stated that potential threats from an app will be scanned and blocked via the user’s antivirus software, regardless of whether the app was installed through the Amazon Appstore or
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
A full release date for the feature has yet to be announced, but is expected in the near future.
Microsoft also stated that potential threats from an app will be scanned and blocked via the user’s antivirus software, regardless of whether the app was installed through the Amazon Appstore or another platform.
A full release date for the feature has yet to be announced, but is expected in the near future.
June 2023 Patch Tuesday fixes
This month, Microsoft’s Patch Tuesday security release included a total of 94 patches, inclusive of 14 Chromium flaws and five GitHub vulnerabilities.
Six critical vulnerabilities were included in this list, including three Windows Pragmatic General Multicast (PGM) vulnerabilities carrying near-maximum severity scores of 9.8 on the CVSS v3.1 scale.
The high severity scores were assigned because exploiting them could have led to remote code execution (RCE) via the Windows messaging queue.
The PGM vulnerabilities were tracked as CVE-2023-29363, CVE-2023-32014, and CVE-2023-32015 respectively.
Microsoft also patched a SharePoint vulnerability that could have allowed a threat actor to obtain administrator powers through privilege execution, tracked as CVE-2023-29357.
Unlike every Patch Tuesday for the past year, this month’s contained no zero-day vulnerabilities.
“This is the third month in a row where Patch Tuesday features at least one critical RCE in Windows PGM, and June adds three to the pile,” said Adam Barnett, lead software engineer at Rapid7.
“Microsoft hasn’t detected exploitation or disclosure for any of these, and considers exploitation less likely, but a trio of critical RCEs with CVSS 3.1 base score of 9.8 will deservedly attract a degree of attention.”
While Microsoft has not identified any of the vulnerabilities as having been exploited in the wild, there are some that have been highlighted as “exploitation more likely”, underlining the need to patch them as soon as possible.
Moment 3
Windows has also dropped a fresh cumulative update for Windows 11 22H2 (KB5027231), which had been known under the codename ‘Moment 3’ prior to release.
IDC MarketScape: Worldwide unified endpoint management services
2022 vendor assessment
A significant feature of the update is a fix for 32-bit apps that use the CopyFile API and support the large address aware memory usage option. The error affected file copying and attachment in commercial and enterprise environments.
The update also comes with a number of quality-of-life improvements, including support for Bluetooth low energy (LE) audio and a new section in the settings menu for USB-4 and Thunderbolt devices connected to a device.
Microsoft rolled out accessibility improvements within the release, including a fix that allows the narrator tool to correctly describe file attributes.
Even more features in a cumulative update
In addition to KB5027231, Microsoft also rolled out another update named KB5027223 for Windows 10 21H2.
In addition to all of the patches from Moment 3, KB5027223 includes a number of other improvements such as general improvements for the taskbar search box.
The update fixes an error that prevented users from accessing the Server Message Block (SMB) shared folder, one that prevented the Local Security Authority Subsystem Service (LSASS) from working, and an audio issue affecting certain CPUs.
It also addresses a Windows kernel vulnerability that could have allowed attackers to view heaped memory from secure processes.
Rory Bathgate is Features and Multimedia Editor at ITPro, overseeing all in-depth content and case studies. He can also be found co-hosting the ITPro Podcast with Jane McCallion, swapping a keyboard for a microphone to discuss the latest learnings with thought leaders from across the tech sector.
In his free time, Rory enjoys photography, video editing, and good science fiction. After graduating from the University of Kent with a BA in English and American Literature, Rory undertook an MA in Eighteenth-Century Studies at King’s College London. He joined ITPro in 2022 as a graduate, following four years in student journalism. You can contact Rory at rory.bathgate@futurenet.com or on LinkedIn.