- Jun 26, 2021
- October 10, 2023
- 03:02 PM
Microsoft has released the KB5031356 cumulative update for Windows 10 21H2 and Windows 10 22H2, with twenty-five fixes for various issues.
KB5031356 is a mandatory Windows 10 cumulative update containing the October 2023 Patch Tuesday security updates.
Windows users can install this update by going into Settings, clicking on Windows Update, and manually performing a 'Check for Updates.'
As this is an mandatory update, it will automatically be installed after checking for updates. However, you will be able to schedule when your computer is restarted to finish the installation.
After installing this update, Windows 10 21H2 will be updated to build 19044.3570 and Windows 10 22H2 will be updated to 19045.3570.
Windows 10 users can also manually download and install the KB5031356 preview update from the Microsoft Update Catalog.
What's new in Windows 10 KB5031356With this update, Microsoft has fixed twenty-five issues in Windows 10 and provided mitigations for a new distributed denial of service attack technique.
The highlighted fixes in the KB5031356 update are:
- New! This update brings back an improved search box experience on the taskbar. If you have a top, bottom, regular, or small icons taskbar, you will see the search box appear. You can use it to easily access apps, files, settings, and more from Windows and the web. You will also have access to the latest search updates, such as search highlights. If you want to restore your previous search experience, you can do that easily. Use the taskbar shortcut menu or respond to a dialog that appears when you use search.
- New! This update adds animations to a few icons on the news and interests taskbar button. These animations occur when:
- A new announcement appears on the news and interests taskbar button.
- You hover over or click the icon while the announcement is on the taskbar.
- This update addresses an issue that affects Microsoft Excel. It stops responding when you try to share a file as a PDF in Outlook.
- This update addresses an issue that affects the touch keyboard. Sometimes it does not open.
Tracked as CVE-2023-44487, this attack method abuses HTTP/2's stream cancellation feature to continuously send and cancel requests, overwhelming the target server/application and imposing a DoS state.
After installing this update, you can set the limit of the RST_STREAMS per minute using the new registry keys in this update, as described below:
|Registry key||Default value||Valid value range||Registry key function|
|Http2MaxClientResetsPerMinute||400||0–65535||Sets the allowed number of resets (RST_STREAMS) per minute for a connection. When you reach this limit, a GOAWAY message is sent to client for the connection.|
|Http2MaxClientResetsGoaway||1||0-1||Disables or enables the GOAWAY message to send when you reach the limit. If you set this to 0, the connection ends as soon as you reach the limit.|
You can find a complete list of fixes in last month's KB5030300 preview update bulletin.