KB5027293

This update addresses an issue that affects the on-screen keyboard. The issue stops it from opening after you lock the machine.

New! This update adds many new features and improvements to Microsoft Defender for Endpoint. For more information, see Microsoft Defender for Endpoint.

New! With this update, you can now authenticate across Microsoft clouds. This feature also satisfies Conditional Access checks if they are needed.

New! New! This update improves several simplified Chinese fonts and the Microsoft Pinyin Input Method Editor (IME). They now support GB18030-2022. Characters in the Standard Chinese Characters List (GB18030-2022 implementation level 2) are available in Microsoft Yahei (regular, light, and bold), Dengxian (optional font: regular, light, and bold), and Simsun. The Simsun Ext-B font (GB18030-2022 implementation level 3) now supports Unicode CJK Unified Ideographs Extensions E and F.

This update addresses an issue that affects a scheduled monthly task. It might not run on time if the next occurrence happens when daylight savings time occurs.

This update addresses an issue that affects all the registry settings under the Policies paths. They might be deleted. This occurs when you do not rename the local temporary user policy file during Group Policy processing.

This update affects the Desktop Window Manager (DWM). It improves its reliability.

This update addresses an issue that affects .msi files. A minor update is not installed. This occurs when you use the EnterpriseDesktopAppManagement configuration service provider (CSP) to distribute the .msi file.

This update addresses an issue that affects the Spooler service. It stops working. This issue occurs when you print using a certain workspace.

This update addresses an issue that affects a tib.sys driver. It does not load. This occurs when HyperVisor-protected Code Integrity (HVCI) is enabled.

This update addresses an issue that affects NCryptGetProperty(). When you call it with NCRYPT_KEY_TYPE_PROPERTY, the system returns 0x1 instead of 0x20. This occurs when the key is a machine key.

This update addresses an issue that affects HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders. You can now set and maintain the correct default permissions for this directory path. When the permissions are wrong, the Start menu, search, and Azure Active Directory (Azure AD) authentication fail.

This update addresses an issue that affects those who enable the “Smart Card is Required for Interactive Logon” account option. When RC4 is disabled, you cannot authenticate to Remote Desktop Services farms. The error message is, "An authentication error has occurred. The requested encryption type is not supported by the KDC.”

This update addresses an issue that affects HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders. You can now set and maintain the correct default permissions for this directory path. When the permissions are wrong, Start menu, search, and Azure Active Directory (Azure AD) authentication fails.