What’s New in Windows 10 Cumulative Update KB4579311

It’s Patch Tuesday, so Microsoft has released new cumulative updates for those Windows 10 versions available, such as the May 2020 Update, or version 2004.

Windows 10 May 2020 Update premiered earlier this year, and the gradual rollout continues to be under way, though most computers have already received it.

The new cumulative update for version 2004 is KB4579311, also it boosts the OS build number to 19041.572. Here is the easiest way to determine if the update is installed or otherwise, so just type winver in the Start menu then apply for that OS build to see what OS build number you’re running.

Since it’s released on Patch Tuesday, this cumulative update is centered on fixing vulnerabilities, which makes total sense as non-security issues could be resolved as part of the other releases throughout the month. So update KB4579311 improves the security when using Microsoft Office products and includes refinements for verifying passwords.

What’s more, additionally, it includes enhancements to enhance security when Windows performs basic operations.

More specifically, Microsoft says it resolved a potential elevation of privilege in win32k, and this alone makes cumulative update KB4579311 a critical patch that users should install. Furthermore, exactly the same update resolves a problem with creating null ports while using UI.

Microsoft says the update also includes Group Policy improvements.

“Addresses a problem with the Group Policy service that might recursively delete critical files in alphabetic order from %systemroot%\systm32. This issue is the place an insurance policy continues to be configured to delete cached profiles. These file deletions might cause stop error “0x5A (CRITICAL_SERVICE_FAILED)” boot failures,” the organization explains.

Not to mention, there’s also improvements for other components in Windows 10:

“Security updates to Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Media, Windows Fundamentals, Windows Authentication, Windows Virtualization, and Windows Kernel,” the software giant notes.

Cumulative update KB4579311 comes with two known issues, one of these concerns the Microsoft IME for Japanese or Chinese languages. This is an old bug that has been around for some time, and Microsoft is yet to release a complete patch to resolve everything.

And then, there’s a new problem that breaks installing third-party drivers. The shown errors are “Windows can’t verify the publisher of the driver software” and “No signature was contained in the subject,” according to the software giant.

“This issue is the place an improperly formatted catalog file is identified during validation by Windows. Starting with this release, Windows will need the validity of DER encoded PKCS#7 content in catalog files. Catalogs files should be signed per section 11.6 of describing DER-encoding for Group of members in X.690,” Microsoft explains.

“If this occurs you should contact the motive force vendor or device manufacturer (OEM) and ask them to have an updated driver to correct the issue.”

The brand new cumulative update can be obtained via Windows Update, the Microsoft Update Catalog, and WSUS.

To install cumulative update KB4579311, additionally you need servicing stack update, or SSU, KB4577266.

“Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating-system before installing the latest cumulative update (LCU). SSUs enhance the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes,” Microsoft recommends.

During the time of writing this article, we’re unaware of any issue experienced throughout the installation, as this has been one of the greatest issues before with cumulative updates. We’ll continue to monitor the reports in this regard and will post follow-up articles should any errors be encountered.