Windows 10

Microsoft has released the KB5031356 cumulative update for Windows 10 21H2 and Windows 10 22H2, with twenty-five fixes for various issues.

KB5031356 is a mandatory Windows 10 cumulative update containing the October 2023 Patch Tuesday security updates.

Windows users can install this update by going into Settings, clicking on Windows Update, and manually performing a 'Check for Updates.'

As this is an mandatory update, it will automatically be installed after checking for updates. However, you will be able to schedule when your computer is restarted to finish the installation.

Windows 10 KB5031356 cumulative update preview
Windows 10 KB5031356 cumulative update preview
Source: BleepingComputer

After installing this update, Windows 10 21H2 will be updated to build 19044.3570 and Windows 10 22H2 will be updated to 19045.3570.

Windows 10 users can also manually download and install the KB5031356 preview update from the Microsoft Update Catalog.

What's new in Windows 10 KB5031356

With this update, Microsoft has fixed twenty-five issues in Windows 10 and provided mitigations for a new distributed denial of service attack technique.

The highlighted fixes in the KB5031356 update are:

  • New! This update brings back an improved search box experience on the taskbar. If you have a top, bottom, regular, or small icons taskbar, you will see the search box appear. You can use it to easily access apps, files, settings, and more from Windows and the web. You will also have access to the latest search updates, such as search highlights. If you want to restore your previous search experience, you can do that easily. Use the taskbar shortcut menu or respond to a dialog that appears when you use search.

  • New! This update adds animations to a few icons on the news and interests taskbar button. These animations occur when:

    • A new announcement appears on the news and interests taskbar button.

    • You hover over or click the icon while the announcement is on the taskbar.

  • This update addresses an issue that affects Microsoft Excel. It stops responding when you try to share a file as a PDF in Outlook.

  • This update addresses an issue that affects the touch keyboard. Sometimes it does not open.

In addition to the operating system changes and fixed, Microsoft has also shared steps that can be used to mitigate a new zero-day DDoS attack technique called HTTP/2 Rapid Reset.

Tracked as CVE-2023-44487, this attack method abuses HTTP/2's stream cancellation feature to continuously send and cancel requests, overwhelming the target server/application and imposing a DoS state.

After installing this update, you can set the limit of the RST_STREAMS per minute using the new registry keys in this update, as described below:

Registry key

Default value

Valid value range

Registry key function

Http2MaxClientResetsPerMinute

400

0–65535

Sets the allowed number of resets (RST_STREAMS) per minute for a connection. When you reach this limit, a GOAWAY message is sent to client for the connection.

Http2MaxClientResetsGoaway

1

0-1

Disables or enables the GOAWAY message to send when you reach the limit. If you set this to 0, the connection ends as soon as you reach the limit.

Only those Windows 10 users who have exposed their device on the Internet or made a web server accessible to others need to configure these settings.

You can find a complete list of fixes in last month's KB5030300 preview update bulletin.

Related Articles:

Windows 10 KB5037768 update released with new features and 20 fixes

Windows 11 KB5037771 update released with 30 fixes, changes

Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs

Windows 10 KB5036892 update released with 23 new fixes, changes

Windows 10 KB5035941 update released with lock screen widgets