What is the Windows 10 21H2 update?

This browser is no longer supported.

Nội dung chính Show

Windows 10, version 21H2
In this article
Known issues
Issue details
October 2022
September 2022
August 2022
Is Windows 10 version 21H2 necessary?
Is it safe to install Windows 10 version 21H2?
Should I update Windows 21H1 to 21H2?
Is 21H2 the same as Windows 11?

Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.

Windows 10, version 21H2

Article
10/28/2022
13 minutes to read

Windows 10, version 21H2 is designated for broad deployment. As always, we recommend that you update your devices to the latest version of Windows 10 as soon as possible to ensure that you can take advantage of the latest features and advanced protections from the latest security threats. For more details, see How to get the Windows 10 November 2021 Update.

Known issues

This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

Summary	Originating update	Status	Last updated
Domain join processes may fail with error "0xaac (2732)" This might be encountered when an account was created by a different identity than the one used to join the domain	OS Build 19044.2130 KB5018410 2022-10-11	Confirmed	2022-10-27 16:57 PT
Microsoft OneDrive app might unexpectedly close You might be unable to signout or unlink your OneDrive account and sites or folders from Microsoft Teams and SharePoint.	OS Build 19044.2130 KB5018410 2022-10-11	Resolved KB5020953	2022-10-28 14:00 PT
The September 2022 preview release is listed in Windows Server Update Services Preview updates are generally made available from the Microsoft Update Catalog and Windows Updates.	N/A	Resolved KB5018410	2022-10-11 10:00 PT
Possible issues caused by Daylight Savings Time change in Jordan Jordanian government announced a Daylight Saving Time (DST) change for winter 2022.	N/A	Resolved KB5018482	2022-10-25 14:00 PT
Update might fail to install and you might receive a 0x800f0922 error Security update for Secure Boot DBX might fail to install.	OS Build 19044.1880 KB5012170 2022-08-09	Investigating	2022-10-18 10:04 PT
SSL/TLS handshake might fail We have received reports that some types of SSL and TLS connections might have handshake failures.	OS Build 19044.2130 KB5018410 2022-10-11	Resolved KB5020435	2022-10-17 14:00 PT
Copying files/shortcuts using Group Policy Preferences might not work as expected Files or shortcuts might not copy or copy as zero-byte files when using Group Policy Preferences on client devices.	OS Build 19044.2006 KB5017308 2022-09-13	Resolved KB5018410	2022-10-11 10:00 PT

Issue details

October 2022

Domain join processes may fail with error "0xaac (2732)"

Status	Originating update	History
Confirmed	OS Build 19044.2130 KB5018410 2022-10-11	Last updated: 2022-10-27, 16:57 PT Opened: 2022-10-27, 15:53 PT

Domain join operations might intentionally fail with error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" and text "An account with the same name exists in Active Directory. Re-using the account was blocked by security policy."

This issue originates with the October 2022 security updates ( KB5018410) which introduced some hardening changes enabled by default for domain join. Please see KB5020276 - Netjoin: Domain join hardening changes to understand the new designed behavior.

Affected scenarios include some domain join or re-imaging operations where a computer account was created or pre-staged by a different identity than the identity used to join or re-join the computer to the domain.

Home users of Windows are unlikely to experience this issue.

Next steps: Please see KB5020276 to understand the designed behavior. We have added insights to this KB, and are evaluating whether optimizations can be made in a future Windows Update. This guidance will be updated once those changes have released.

Affected platforms:

Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1
Server: Windows Server 2022; Windows Server, version 20H2; Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2

Microsoft OneDrive app might unexpectedly close

Status	Originating update	History
Resolved KB5020953	OS Build 19044.2130 KB5018410 2022-10-11	Resolved: 2022-10-28, 14:00 PT Opened: 2022-10-27, 11:54 PT

After installing KB5018410 or later updates, OneDrive might unexpectedly close, and you might receive an error when attempting to do the following:

Sign out or unlink your account in the Microsoft OneDrive sync app.
Unlink sites or folders from syncing to your device from Microsoft SharePoint or Microsoft Teams sites.
Uninstalling the OneDrive sync app might fail.

Note: These issues might affect both OneDrive and OneDrive for Business.

Resolution: This issue was resolved in the out-of-band update KB5020953. It is a cumulative update, so you do not need to apply any previous update before installing it. To get the standalone package for KB5020953, search for it in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. Note KB5020953 is not available from Windows Update and will not install automatically.

Affected platforms:

Client: Windows 10, version 22H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2
Server: None

Possible issues caused by Daylight Savings Time change in Jordan

Status	Originating update	History
Resolved KB5018482	N/A	Resolved: 2022-10-25, 14:00 PT Opened: 2022-10-21, 14:34 PT

On October 5, 2022, the Jordanian government made an official announcement ending the winter-time Daylight Saving Time (DST) time zone change. Starting at 12:00 a.m. Friday, October 28, 2022, the official time will not advance by an hour and will permanently shift to the UTC + 3 time zone.

The impact of this change is as follows:

Clocks will not be advanced by an hour at 12:00 a.m. on October 28, 2022 for the Jordan time zone.
The Jordan time zone will permanently shift to the UTC + 3 time zone.

Symptoms if no update is installed and the workaround is not used on devices in the Jordan time zone on October 28, 2022 or later:

Time shown in Windows and apps will not be correct.
Apps and cloud services which use date and time for integral functions, such as Microsoft Teams and Microsoft Outlook, notifications and scheduling of meetings might be 60 minutes off.
Automation using date and time, such as Scheduled tasks, might not run at the expected time.
Timestamp on transactions, files, and logs will be 60 minutes off.
Operations that rely on time-dependent protocols such as Kerberos might cause authentication failures when attempting to logon or access resources.
Windows devices and apps outside of Jordan might also be affected if they are connecting to servers or devices in Jordan or if they are scheduling or attending meetings taking place in Jordan from another location or time zone. Windows devices outside of Jordan should not use the workaround, as it would change their local time on the device.

Workaround: You can mitigate this issue on devices in Jordan by doing either of the following on October 28, 2022, if an update is not available to resolve this issue for your version of Windows:

Select the Windows logo key, type "Date and time", and select Date and time settings. From the Date & time settings page, toggle Adjust for daylight saving time automatically to Off.
Go to Control Panel > Clock and Region > Date and Time > Change time zone and uncheck the option for “Automatically adjust clock for Daylight Saving Time”.

Important: We recommend using ONLY the above workaround to mitigate the issue with time created by the new Daylight Savings Time in Jordan. We do NOT recommend using any other workaround, as they can create inconsistent results and might create serious issues if done incorrectly.

Resolution: This issue was resolved in KB5018482. Note: KB5018482 will not install automatically. To apply this update, you can check for updates and select the optional preview to download and install.

Affected platforms:

Client: Windows 11, version 22H2; Windows 11, version 21H2; Windows 10, version 22H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1
Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2

SSL/TLS handshake might fail

Status	Originating update	History
Resolved KB5020435	OS Build 19044.2130 KB5018410 2022-10-11	Resolved: 2022-10-17, 14:00 PT Opened: 2022-10-11, 19:31 PT

Microsoft has received reports that after installing KB5018410, some types of SSL (Secure Sockets Layer) and TLS (Transport Layer Security) connections might have handshake failures. Note for developers: Affected connections are likely to be sending multiple frames within a single input buffer, specifically one or more complete records with a partial record that is less than 5 bytes all sent in a single buffer. When this issue is encountered, your app will receive SEC_E_ILLEGAL_MESSAGE when the connection fails.

If you are experiencing issues, please use feedback hub to file a report following the below steps:

Launch Feedback Hub by opening the Start menu and typing "Feedback hub", or pressing the Windows key + F
Fill in the "Summarize your feedback" and "Explain in more detail" boxes, then click Next.
Under the "Choose a category" section, ensure the "Problem" button, "Devices and Drivers" category, and "Print" subcategory are all selected. Click Next.
Under the "Find similar feedback" section, select the "Make new bug" radio button and click Next.
Under the "Add more details" section, supply any relevant detail (Note this is not critical to addressing your issue).
Expand the "Recreate my problem" box and press "Start recording". Reproduce the issue on your device.
Press "Stop recording" once finished. Click the "Submit" button.

For additional information, see Send feedback to Microsoft with the Feedback Hub app.

Resolution: This issue was resolved in the out-of-band update KB5020435. It is a cumulative update, so you do not need to apply any previous update before installing it. To get the standalone package for KB5020435, search for it in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog. Note KB5020435 is not available from Windows Update and will not install automatically.

Affected platforms:

Client: Windows 11, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1
Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1

September 2022

The September 2022 preview release is listed in Windows Server Update Services

Status	Originating update	History
Resolved KB5018410	N/A	Resolved: 2022-10-11, 10:00 PT Opened: 2022-09-22, 10:51 PT

IT administrators who utilize Windows Server Update Services (WSUS) might notice that the Windows September 2022 preview update, known as the 'C' release, is listed among the updates available from WSUS. This listing is an error. Preview updates are generally available for manual importing via the Microsoft Update Catalog and Windows Updates.

This issue might also affect the installation of the September 2022 Cumulative Update Preview for .NET Framework, which is also generally available via Windows Update and Microsoft Update Catalog. For more information on .NET Framework September 2022 Cumulative Update Preview updates, see the KB articles listed on the .NET blog for the September 2022 Cumulative Update Preview.

Home users of Windows are unlikely to experience this issue. WSUS is commonly utilized by technology administrators to deploy Microsoft product updates in managed environments.

Workaround: The Windows September 2022 preview release was made available via Microsoft Update Catalog. We recommend IT administrators to use this release channel moving forward.

Please note: In environments where WSUS is configured to auto-approve updates and also auto-decline superseded content, the Windows September 2022 Security update may subsequently be auto-declined and auto-expired from the client view. If this occurs, see the guidance for reinstating declined updates. Then run an update synchronization within Microsoft Endpoint Configuration Manager, or update management environments. Environments configured to only take security updates should not reflect these symptoms.

Resolution: The Windows September 2022 preview releasewas removed from WSUS. We recommend IT administrators use the Microsoft Update Catalog to download and install updates in their environments. As always, we recommend the installation of the latest Windows security updates for all devices (the October 2022 security monthly release, KB5018410, or later).

Affected platforms:

Client: Windows 11, version 21H2; Windows 10, version 21H2; Windows 11, version 21H1; Windows 10, version 20H2; Windows 10, version 1809
Server: Windows Server 2022; Windows Server, version 20H2; Windows Server, version 1809

Copying files/shortcuts using Group Policy Preferences might not work as expected

Status	Originating update	History
Resolved KB5018410	OS Build 19044.2006 KB5017308 2022-09-13	Resolved: 2022-10-11, 10:00 PT Opened: 2022-09-22, 15:23 PT

After installing KB5017308, file copies using Group Policy Preferences might fail or might create empty shortcuts or files using 0 (zero) bytes. Known affected Group Policy Objects are related to files and shortcuts in User Configuration -> Preferences -> Windows Settings in Group Policy Editor.

Workaround: To mitigate this issue, you can do ONE of the following:

Uncheck the "Run in logged-on user's security context (user policy option)". Note: This might not mitigate the issue for items using a wildcard (*).
Within the affected Group Policy, change "Action" from "Replace" to "Update".
If a wildcard (*) is used in the location or destination, deleting the trailing "\" (backslash, without quotes) from the destination might allow the copy to be successful.

Resolution: This issue was resolved in KB5018410. Installation of KB5018410 prevents and resolves this issue but if any workaround was used to mitigate this issue, it will need to be changed back to your original configuration.

Affected platforms:

Client: Windows 11, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1
Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2

August 2022

Update might fail to install and you might receive a 0x800f0922 error

Status	Originating update	History
Investigating	OS Build 19044.1880 KB5012170 2022-08-09	Last updated: 2022-10-18, 10:04 PT Opened: 2022-08-12, 17:08 PT

When attempting to install KB5012170, it might fail to install, and you might receive an error 0x800f0922.

Note: This issue only affects the Security update for Secure Boot DBX ( KB5012170) and does not affect the latest cumulative security updates, monthly rollups, or security only updates released on August 9, 2022.

Workaround: This issue can be mitigated on some devices by updating the UEFI bios to the latest version before attempting to install KB5012170.

Next steps: We are presently investigating and will provide an update in an upcoming release.

Affected platforms:

Client: Windows 11, version 22H2; Windows 11, version 21H2; Windows 10, version 22H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1
Server: Windows Server 2022; Windows Server, version 20H2; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012

Is Windows 10 version 21H2 necessary?

Is it safe to install Windows 10 version 21H2?

Yes, Windows 10 21H2 is totally safe. When this update was released on November 16, it was confirmed and signed as safe, stable, and ready to install on devices that have 20H2, 2004, and 21H1.

Should I update Windows 21H1 to 21H2?

Once your version of Windows 21H1 reaches its "end of service" on December 12, 2022, it will no longer receive security updates. Yes, you will need to upgrade to Windows version 21H2 to continue to receive security updates and keep your system secure, improve performance and stability.

Is 21H2 the same as Windows 11?

Version 21H2 (original release) The original version of Windows 11 (also known as version 21H2 and codenamed "Sun Valley") was released in October 2021. It carries the build number 10.0.22000. The first public preview build was made available to Windows Insiders who opted in to the Dev Channel on June 28, 2021.