Cumulative updates for Windows 11/10, April 04, 2025

Microsoft has released monthly cumulative updates for all supported operating systems. The updates primarily focus on fixing discovered bugs and vulnerabilities, but may also include new features. The updates are now available in Windows Update.

Here are the available patches and highlights.

Windows 11

• Windows 11 (version 24H2) - KB5055523 (OS Build 26100.3775). ⬇️ Microsoft Update Catalog.
• Windows 11 (version 23H2) - KB5055528 (OS Build 22631.5189). ⬇️ Microsoft Update Catalog.
• Windows 11 (version 22H2) - KB5055528 (OS Build 22621.5189). ⬇️ Microsoft Update Catalog.

Note: Versions 22H2 and 23H2 share the same base operating system version and have the same set of system files. That's why they receive the same cumulative updates.

Windows 10

• 2022 Update (version 22H2) - KB5055518 (OS Build 19045.5737). ⬇️ Microsoft Update Catalog.
• November 2021 Update (version 21H2) - KB5055518 (OS Build 19044.5737). ⬇️ Microsoft Update Catalog.
• October 2018 Update (version 1809) - KB5055519 (OS Build 17763.7136). ⬇️ Microsoft Update Catalog.
• Anniversary Update (version 1607) - KB5055521 (OS Build 14393.7969). ⬇️ Microsoft Update Catalog.
• Windows 10 (version 1507) - KB5053618 (OS Build 10240.20947). ⬇️ Microsoft Update Catalog.

Note: Versions 21H2 and 22H2 share the same base operating system version and have the same set of system files. That's why they receive the same cumulative updates.

What's new for Windows 11, KB5055523

Improvements

Authentication

This update addresses an issue affecting machine password rotation in the Identity Update Manager certificate/Pre-Bootstrapping Key Initialization path. This issue occurred particularly when Kerberos was used and Credential Guard was enabled, potentially causing user authentication problems. The feature Machine Accounts in Credential Gurad, which is dependent on password rotation via Kerberos, has also been disabled, until a permanent fix is made available.

Daylight Saving Time (DST)

Update for the Aysen region in Chile to support the government DST change order in 2025. For more info about DST changes, see the Daylight Saving Time & Time Zone Blog.

PcaUiArm

This update addresses an issue affecting the PcaUiArmUpdate feature, which results in unexpected behavior in specific scenarios.

Gradual roll-out

Improved Windows Search

• [New] Copilot+ PCs make it easier to find documents, photos, and settings by introducing "Enhanced Windows Search," which is based on semantic models in addition to traditional lexical indexing. Whether you’re searching in File Explorer, the search box on the taskbar, or Settings, simply type what you think to find it on your PC. You no longer need to remember file names, exact words in document content, or the names of settings.
  Currently, setting searches like "change my theme" only work within the Settings app.
  With a Neural Processing Unit (NPU) with over 40 TOPS of performance built into Copilot+ PCs, enhanced search is available even without an internet connection.
  For more information on how semantic search works on Copilot+ PCs, please refer to the documentation here.
  "Enhanced Windows Search" is only available on Copilot+ PCs with Snapdragon processors. Support for AMD and Intel processors with NPU will be available soon.
• [New] On devices labeled as Copilot+ PCs, it’s now easier to search for photos in your cloud storage. You can use natural language queries in the search bar in the upper-right corner of File Explorer to search for photos in the cloud by describing their content, for example, "European castles" or "summer picnics".
  In addition, photos from the cloud will now appear in search results along with images saved on your local computer. You will also find exact matches for your keywords in the text of your cloud files in the results.
  The feature only works with personal OneDrive cloud storage. To try out the improved search, you must be signed in to a Microsoft account and have an active internet connection.
  For detailed information on how semantic search works on Copilot+ PCs, please refer to the documentation here.
  "Improved Windows Search" is only available on Copilot+ PCs with Snapdragon processors. Support for AMD and Intel processors with NPU will be coming soon.

Input

• A new virtual keyboard layout is available in Windows 11, which is designed for Xbox gamepads. The new keyboard layout offers an intuitive interface with vertically arranged buttons for easy typing. For convenience, the buttons on the gamepad are equated to certain keys. For example, X is responsible for Backspace, the menu button is Enter, and Y is the spacebar.
• An emoji icon has appeared in the system tray on the taskbar, with which you can quickly open the "Emoji Panel".
• Improved stability of ctfmon.exe by fixing an issue that caused the system to reboot, which could affect the ability to enter text.
• Fixed an issue where ctfmon.exe could restart when copying data from some applications.

Live Captions

• Copilot+ PC devices with AMD and Intel processors now have the ability to translate subtitles in real time into English from over 44 languages. The feature supports speech translation in video calls, video recordings, and streaming content.
• Copilot+ PC devices with Snapdragon processors now support real-time translation of subtitles into Chinese (simplified). Supported languages: Arabic, Bulgarian, Czech, Danish, German, Greek, English, Spanish, Estonian, Finnish, French, Hindi, Hungarian, Italian, Japanese, Korean, Lithuanian, Norwegian, Dutch, Polish, Portuguese, Romanian, Russian, Slovak, Slovenian and Swedish.

Voice Access

• Voice Access commands can now be spoken in natural language using synonyms, rather than being tied to rigid predefined commands. This change is only available on Copilot+ PCs with Snapdragon processors.
• Voice Access now supports Chinese. You can now use it to navigate, type, and interact with Windows using voice commands in Simplified Chinese (zh-cn) and Traditional Chinese (zn-tw).

Widgets

• Microsoft has started rolling out widget support on the lock screen for Insiders in the European Economic Area (EEA). You can now add, remove, and rearrange widgets like Weather, Sports, Traffic, and more on the lock screen. You can also add any widget that supports the shrink feature. To customize your lock screen widgets, go to Settings > Personalization > Lock screen .

Windows Studio Effects

• A special icon has been added to the system tray that will be displayed when using any application with a camera that supports Studio Effects. Clicking on the icon will open the Studio Effects page in Quick Settings. In addition, hovering over the icon will display a tooltip with the name of the application using the camera.

Installing applications

• Fixed an issue where the MsiCloseHandle API took longer than expected to execute when working with MSI files containing a large number of items.

Authorization

• Fixed an issue where Kerberos authentication would sometimes not work if RC4 was used as encryption.
• Fixed an issue where signing in using cached FIDO credentials might fail if the device is joined to a hybrid domain.
• Fixed an issue where opening some apps after changing your password could result in your account being locked if the corresponding policy is enabled.

Boot menu

• Fixed an issue where a failed update and subsequent rollback would leave broken entries in the boot menu. This fix prevents the issue from happening again, but does not remove any entries that have already been created. You can remove them manually by opening the System Configuration tool ( msconfig) and going to the Boot tab.

Color profiles

• Fixed an issue where Settings > System > Display > Color Management might not display a list of color profiles for the selected monitor.
• Fixed an issue where color profiles might not load correctly after resuming from sleep.

File Explorer

• Fixed an issue where the More Info (...) menu in the toolbar would open in the wrong direction when using screens with certain resolutions.

Overall stability

• Fixed an issue where you might encounter a BSOD with the error PDC_WATCHDOG_TIMEOUT when resuming from sleep mode.

Networking

• Fixed an issue where the description of a virtual network adapter in Network Connections ( ncpa.cpl) displayed extra characters.

Screen orientation

• Fixed an issue where on 2-in-1 devices the screen could unexpectedly change orientation when waking from sleep mode.

Search on the taskbar

• Web search has been updated for users in the European Economic Area (EEA) to better support third-party search engines. The search engine setting is now easier to find, and the All area now displays aggregated results.
• In the European Economic Area (EEA), Microsoft Bing search engine in Search will open search results in your default browser.

Settings

• Fixed an issue for Japanese users where the name displayed at the top of Settings > Accounts was shown in the format "First Name Last Name" instead of the expected "Last Name First Name" format.

Task Manager

• Changed the way Task Manager calculates CPU usage on the Processes, Performance, and Users pages. All pages will now use standard metrics to display CPU usage, which is consistent with industry standards and third-party tools. To maintain backward compatibility, a new optional CPU Usage column is available on the Details tab (hidden by default), displaying the previous CPU value used on the Processes page.

Other

• The "suggested actions" that appeared when copying a phone number or date with Windows 11 are no longer supported.
• The Location History feature has been removed. This was an API used by Cortana to access a device’s 24-hour location history when location tracking was enabled. Once the feature is removed, location data will no longer be stored locally on the device. The corresponding settings have also been removed from the Settings > Privacy & Security > Location page.

Available to all users

Direct 3D Ecosystem

• Fixed an issue where some third-party apps could cause the Settings app to crash on the Graphics page.

Display Kernel

• Fixed an issue affecting playback of high dynamic range (HDR) content on Dolby Vision-enabled displays where users might see regular HDR instead of Dolby Vision because certain content indicators were missing.

Cryptography

• Fixed an issue with Credential Roaming where certificates and keys were not roamed to Active Directory and were not available to client devices.

File systems

• Fixed an issue for users with profiles redirected to a network virtual hard disk (VHD or VHDX) where a certain failure could cause the operating system to crash.

Graphics

• Fixed an issue where some third-party apps could cause the Settings app to crash on the Graphics page.

Local Administrator Password Solution (LAPS)

• Fixed an issue where LAPS settings were not saved after an update.

OOBE

• Fixed an issue where ESP would not start every time a new user logged in, even if configured by policy.

PowerShell

• Addresses an issue that prevents critical PowerShell modules required for device configuration from running under Windows Defender Application Control (WDAC) policies.

Remote Desktop

• Fixed an issue where Remote Desktop Connection would not use UDP. It would always use TCP.

Changes for Windows 10, KB5055518 (OS Build 19045.5737)

• [Daylight Saving Time (DST)] Update for the Aysen region in Chile to support the government DST change order in 2025. For more information about DST changes, see the Daylight Saving Time & Time Zone Blog.

Known issues

Citrix

Symptoms

Devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update. This issue was observed on devices with Citrix Session Recording Agent (SRA) version 2411. The 2411 version of this application was released in December 2024.
 
Affected devices might initially download and apply the January 2025 Windows security update correctly, such as via the Windows Update page in Settings. However, when restarting the device to complete the update installation, an error message with text similar to “Something didn’t go as planned. No need to worry – undoing changes” appears. The device will then revert to the Windows updates previously present on the device. 
 
This issue likely affects a limited number of organizations as version 2411 of the SRA application is a new version. Home users are not expected to be affected by this issue.

Workaround

Citrix has documented this issue, including a workaround, which can be performed prior to installing the January 2025 Windows security update. For details, see Citrix’s documentation.

Microsoft is working with Citrix to address this issue and will update this documentation once a resolution is available. ​​​​​​​

System Guard Runtime Monitor Broker service

Symptoms

The Windows Event Viewer might display an error related to SgrmBroker.exe, on devices that have installed Windows updates released January 14, 2025, or later. This error can be found under Windows Logs > System as Event 7023, with text similar to ‘The System Guard Runtime Monitor Broker service terminated with the following error: %%3489660935’.

This error is only observable if the Windows Event Viewer is monitored closely. It is otherwise silent and does not appear as a dialog box or notification.

SgrmBroker.exe refers to the System Guard Runtime Monitor Broker Service. This service was originally created for Microsoft Defender, but it has not been a part of its operation for a very long time. Although Windows updates released January 14, 2025, conflict with the initialization of this service, no impact to performance or functionality should be observed. There is no change to the security level of a device resulting from this issue. This service has already been disabled in other supported versions of Windows, and SgrmBroker.exe presently serves no purpose.

Note: There is no need to manually start this service or configure it in any way (doing so might trigger errors unnecessarily). Future Windows updates will adjust the components used by this service and SgrmBroker.exe. For this reason, please do not attempt to manually uninstall or remove this service or its components.

Workaround

No specific action is required; however, the service can be safely disabled in order to prevent the error from appearing in Event Viewer. To do so, you can follow these steps:

1. Open a Command Prompt window. This can be accomplished by opening the Start menu and typing 'cmd'. The results will include “Command Prompt” as a System application. Select the arrow to the right of “Command Prompt” and select “Run as administrator.”
2. Once the window is open, carefully enter the following text: sc.exe config sgrmagent start=disabled
3. A message may appear afterwards. Next, enter the following text: reg add HKLM\System\CurrentControlSet\Services\SgrmBroker /v Start /d 4 /t REG_DWORD
4. Close the Command Prompt window.

This will prevent the related error from appearing in the Event Viewer on subsequent device start up. Note that some of these steps might be restricted by group policy set by your organization.

Microsoft is working to address this issue.

Support us

Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options: