An optional update for Windows 11 (KB5016691 Build 22000.918) has been released

Microsoft released An optional cumulative update for the release version of Windows 11. The update is distributed under the code KB5016691 and changes the system build number to 22000.918.

To install, you need to go to “Windows Update”, check for updates, then open the “Advanced Options” -> “Optional Updates” section and select the update with the code KB5014668. You can also manually install the update, by downloading it from the Microsoft Update Catalog at this link.

Build number: 10.0.22000.918.co_release_svc_prod3.220822-1627.

Changes and fixes

• New! Now IT administrators can remotely add languages ​​and manage language-related features. Moreover, it became possible to manage language scripts in multiple instances of Endpoint Manager.
• New! File compression now occurs regardless of file size if Server Message Block (SMB) Compression is configured.
• New! Enhanced capabilities of Microsoft Defender for Endpoint to detect and intercept ransomware and advanced attacks.
• We fixed an issue where ServerAssignedConfigurations was set to zero in some full configuration scenarios.
• We fixed an issue that affected the Auto HDR feature for GPU drivers that support Cross-Adapter Resource Scanning (CASO).
• We fixed an issue resulting in virtualized App-V Microsoft Office applications not opening or stopping working.
• We fixed an issue where, under certain circumstances, after resetting the device, installation of the Windows Hello for Business certificate could fail.
• Fixed several issues related to printing to USB printers, such as:
  • Fixed a crash in printers after restarting or reinstalling them.
  • Fixed incorrect behavior after switching from Internet Printing Protocol (IPP) Class Driver to Independent Hardware Vendor (IHV) driver.
  • Fixed issues with bi-directional communication that prevented access to device features
• Fixed an issue that affected ProjectionManager.StartProjectingAsync API and did not allow connecting to Miracast Sinks when using certain localizations.
• We fixed an issue that slowed BitLocker performance.
• We fixed an issue that caused Windows 11 SE to not trust some apps from the Microsoft Store.
• We fixed an issue resulting in HyperVisor Code Integrity not being automatically enabled on devices with ARM64 processors.
• We fixed an issue that prevented non-Windows devices from being able to authenticate. This issue occurs when users connect to Windows-based Remote Desktop and use a smart card for authentication.
• We fixed an issue where the Resultant Set of Policy tool (Rsop.msc) stopped working if it processed 1000 or more “File System” security settings.
• We fixed an issue that caused the Take the Test app to remove all policies related to locking the device when the app was closed.
• We fixed an issue that caused the Settings app to stop working on server-side domain controllers (DCs) when accessing the Privacy -> Activity History page.
• We fixed an issue where the Resultant Set of Policy tool (Rsop.msc) stopped working if it processed 1000 or more “File System” security settings.
• We fixed an issue that caused the Take the Test app to remove all policies related to locking the device when the app was closed.
• We fixed an issue that caused the Settings app to stop working on server-side domain controllers (DCs) when accessing the Privacy -> Activity History page.
• We fixed an issue that caused the Local Security Authority Subsystem Service (LSASS) to stop working on Active Directory domain controllers. This issue occurs when LSASS processes concurrent Lightweight Directory Access Protocol (LDAP) requests over Transport Layer Security (TLS) that cannot be decrypted. Error code: 0xc0000409 (STATUS_STACK_BUFFER_OVERRUN).
• We fixed an issue with looking up a non-existent security identifier (SID) within the local domain using a read-only domain controller (RODC). Search unexpectedly returns STATUS_TRUSTED_DOMAIN_FAILURE instead of STATUS_NONE_MAPPED or STATUS_SOME_MAPPED.
• We fixed an issue that could result in token leaks in the Local Security Authority Server Service (LSASS). This issue affects devices that have Windows Updates June 14, 2022 or later installed. The issue occurs when the device is running some form of service for the user (S4U) on a non-Trusted Computing Base (TCB) Windows service that runs as a Network Service.