Microsoft releases July Patch Tuesday updates for Windows 10 version 21H1 and older, here’s what’s new

Laurent Giret

Windows 10 Spotlight Lead Cropped

Microsoft has released today the July ‘Patch Tuesday’ updates for all supported versions of Windows 10, including the freshly-released version 21H1. The same KB5004237 patch is now available to download for Windows 10 versions 21H1, 20H2, and 2004, and this patch includes the previously-released emergency fix for the PrintNightmare vulnerability.

You can find the full list of fixes in the KB5004237 patch below:

  • Addresses an issue that might make printing to certain printers difficult. This issue affects various brands and models, but primarily receipt or label printers that connect using a USB port.
  • Removes support for the PerformTicketSignature setting and permanently enables Enforcement mode for CVE-2020-17049. For more information and steps to enable full protection on domain controller servers, see Managing deployment of Kerberos S4U changes for CVE-2020-17049.
  • Adds Advanced Encryption Standard (AES) encryption protections for CVE-2021-33757. For more information, see KB5004605.
  • Addresses a vulnerability in which Primary Refresh Tokens are not strongly encrypted. This issue might allow the tokens to be reused until the token expires or is renewed. For more information about this issue, see CVE-2021-33779.
  • Security updates to Windows Apps, Windows Management, Windows Fundamentals, Windows Authentication, Windows User Account Control (UAC), Operating System Security, Windows Virtualization, Windows Linux, the Windows Kernel, the Microsoft Scripting Engine, the Windows HTML Platforms, the Windows MSHTML Platform, and Windows Graphics.

If you’re still running older versions of Windows 10, the release notes for this month’s Patch Tuesday updates are also available on Microsoft’s support website. Microsoft started pushing Windows 10 version 21H1 to more PCs earlier this month, and the company is using a machine learning model to automatically update devices that are approaching end of servicing.