Microsoft Security Update Validation Report November 2022
Article ID: CTX474882
Updated On:
Description
Microsoft’s November 2022 security updates have passed Citrix testing (the updates are listed below). The testing is not all-inclusive; all tests are executed against English-only environments and issues may still be found upon implementation. Follow best practices for testing and installing software updates/patches in a development environment before implementing the updates in a production environment.
- Virtual Apps and Desktops 7 1912 CU6 LTSR
- Virtual Apps and Desktops 7 2203 CU1 LTSR
- Virtual Apps and Desktops 7 2209
Where applicable, the above Citrix products were tested with the below updates.
| Product | KB Article |
| Windows 11 v21H2 (Original release) | 5019961 |
| Windows 11 v22H2 (2022 Update) | 5019980 |
| Windows 10 21H1 (May 2021 Update) / 21H2 (November 2021 Update) / 22H2 (2022 Update) | 5019959 |
| Windows Server 2019 | 5019966 |
| Windows Server 2016 | 5019964 |
| Windows Server 2022 | 5019081 |
| Windows Server 2012 R2 | 5020023, 5020010 |
| .NET Framework | 5020801, 5020687, 5020614, 5020686, 5020685, 5020690, 5020679, 5020695, 5020694, 5020622 |
| Office | 5002275, 5002253, 5002217, 5002261, 5002223 |
Note: Patches for Operating Systems (E.g. Windows Vista, Server 2008, Server 2012, Windows 10 v1507 etc) and products (E.g. Office Web Apps, Online Server, SharePoint, Dynamics 365 etc) that are not listed above were not validated.
Known issues
Issue DescriptionAfter applying Microsoft Update KB5019966 , DaaS - VDAs are not registering with Cloud Connectors
Problem Cause
This update addresses security bypass and elevation of privilege vulnerability with Authentication Negotiation by using weak RC4-HMAC negotiation. The update will set AES as the default encryption type for session keys on accounts that are not marked with a default encryption type.
Workaround
Follow the workaround outlined on CTX474888 - DAAS - VDAs not registering with Cloud Connectors after applying Microsoft Update KB5019966
Visit the Microsoft Security Response Center (MSRC) page to view Microsoft security updates.
Environment
Citrix is not responsible for and does not endorse or accept any responsibility for the contents or your use of these third party Web sites. Citrix is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by Citrix of the linked Web site. It is your responsibility to take precautions to ensure that whatever Web site you use is free of viruses or other harmful items.
Issue/Introduction
Microsoft’s November 2022 security updates have passed Citrix testing (the updates are listed below). The testing is not all-inclusive; all tests are executed against English-only environments and issues may still be found upon implementation. Follow best practices for testing and installing software updates/patches in a development environment before implementing the updates in a production environment.
Virtual Apps and Desktops 7 1912 CU6 LTSR
Virtual Apps and Desktops 7 2203 CU1 LTSR
Virtual Apps and Desktops 7 2209
Additional Information
Was this article helpful?
Yes
No
Powered by
