Windows 11 build 22000.917 lets IT admins install lanuages remotely

Microsoft is rolling out a new cumulative update for Windows 11 to Windows Insiders in the Release Preview channel, particularly those who haven't opted to begin testing Windows 11 version 22H2. This new cumulative update, labeled as KB5016691, brings the build number of Windows 11 to 22000.917, and as per usual, the focus is mostly on fixes and minor improvements.

The most noteworthy addition with this update is likely the ability for IT admins in corporate environments to install new languages and language features remotely. That means an administrator would be able to set your PC up in a new language, add speech recognition, handwriting recognition, and so on, without input from the end user. There are also improvements to Microsoft Defender for Endpoint that make its ransomware detection more reliable. One other change has to do with SMB (Server Message Block) compression, where files are now compressed regardless of their size.

The full list of changes is extensive, and it includes a lot of smaller and bigger fixes alike. You can check out that list below:

Changes in Windows 11 build 22000.917

New! We gave IT admins the ability to remotely add languages and language-related features. Additionally, they can now manage language scenarios across several endpoint managers.
New! We compressed a file regardless of its size if you have configured Server Message Block (SMB) Compression.
New! We enhanced Microsoft Defender for Endpoint’s ability to identify and intercept ransomware and advanced attacks.
We fixed an issue that causes ServerAssignedConfigurations to be null in a few full configuration scenarios.
We fixed an issue that affects the automatic high dynamic range (Auto HDR) feature for cross-adapter resource scan-out (CASO)-capable GPU drivers.
We fixed a known issue that causes Microsoft Edge to stop responding when you use IE mode. This issue also prevents you from interacting with a dialog.
We fixed an issue that prevents virtualized App-V Microsoft Office applications from opening or causes them to stop working.
We fixed an issue that might cause the deployment of the Windows Hello for Business certificate to fail in certain circumstances after you reset a device.
We fixed multiple issues related to USB printing, such as:
- A printer malfunctions after you restart or reinstall it
- Being in the wrong mode after you switch from an Internet Printing Protocol (IPP) Class Driver to an independent hardware vendor (IHV) driver
- Experiencing bidirectional communication issues that prevent you from accessing device features
We fixed an issue that affects the ProjectionManager.StartProjectingAsync API. This issue stops some locales from connecting to Miracast Sinks.
We fixed an issue that degrades BitLocker performance.
We fixed an issue that prevents Windows 11 SE from trusting some Microsoft Store applications.
We fixed an issue that prevents HyperVisor Code Integrity from being enabled automatically on systems that have Arm64 processors.
We fixed an issue that stops non-Windows devices from authenticating. This issue occurs when they connect to a Windows-based remote desktop and use a smart card to authenticate.
We fixed an issue that causes the Resultant Set of Policy tool (Rsop.msc) to stop working when it processes 1,000 or more “File System” security settings.
We fixed an issue that causes the Take a Test app to remove all policies related to lockdown enforcement when you close the app.
We fixed an issue that causes the Settings app to stop working on server domain controllers (DCs) when accessing the Privacy > Activity history page.
We fixed an issue that might cause certain Bluetooth audio headsets to stop playing after a progress bar adjustment. This issue affects modern systems that support Advanced Audio Distribution Profile (A2DP) offload.
We fixed an issue that prevents devices from receiving an offer from Windows Update for the same extension driver when that extension driver is already installed without the base driver.
We fixed a race condition that causes the Local Security Authority Subsystem Service (LSASS) to stop working on Active Directory domain controllers. This issue occurs when LSASS processes simultaneous Lightweight Directory Access Protocol (LDAP) over Transport Layer Security (TLS) requests that fail to decrypt. The exception code is 0xc0000409 (STATUS_STACK_BUFFER_OVERRUN).
We fixed an issue that affects a lookup for a nonexistent security ID (SID) from the local domain using read-only domain controller (RODC). The lookup unexpectedly returns the STATUS_TRUSTED_DOMAIN_FAILURE error instead of STATUS_NONE_MAPPED or STATUS_SOME_MAPPED.
We fixed an issue that might cause the Local Security Authority Server Service (LSASS) to leak tokens. This issue affects devices that have installed Windows updates dated June 14, 2022 or later. This issue occurs when the device performs a specific form of service for user (S4U) in a non-Trusted Computing Base (TCB) Windows service that runs as Network Service.

As per the usual release cycle for new cumulative updates, this is likely the same (or almost the same) build that will be made available later this month as an optional update for the general public running Windows 11. Or at least, it's very close to that. Then, on the second Tuesday of September, these fixes alongside a few others will be made available to everyone as a mandatory update. You can either wait for that or install the update right now if these fixes are especially important to you.

Source: Microsoft