Emergency Windows 10 updates fix Microsoft Store app issues

Microsoft has released out-of-band (OOB) updates on Thursday evening to address a newly acknowledged issue impacting Microsoft Store apps.

On affected systems, customers might have problems launching or installing Microsoft Store apps, in some cases also seeing 0xC002001B errors.

This known issue affects devices running Windows 10 (versions 21H2, 21H1, and 20H2) where users have installed the KB5011831 optional preview cumulative update or other updates released since April 25th.

"After installing KB5011831 or later updates, you might receive an error code: 0xC002001B when attempting to install from the Microsoft Store," Microsoft explained on the Windows health dashboard.

"Some Microsoft Store apps might also fail to open. Affected Windows devices use a processor (CPU) which supports Control-flow Enforcement Technology (CET), such as such as 11th Gen and later Intel Core Processors or later and certain AMD processors."

Microsoft released the KB5015020 cumulative update to resolve this known issue. This emergency OOB Windows update has to be installed manually after downloading from the Microsoft Update Catalog and cannot be installed automatically via Windows Update.

Admins can import the update into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager.

WSUS instructions are available on the WSUS and the Catalog Site and Configuration Manager instructions on the Import updates from the Microsoft Update Catalog page.

Fix for AD authentication issues on domain controllers

Yesterday, Microsoft also released emergency updates to address Active Directory (AD) authentication issues for some Windows services triggered by the May 2022 Patch Tuesday Windows Updates installed on domain controllers.

Redmond's engineers have been working on a fix for this AD authentication known issue since May 12th, two days after the Patch Tuesday updates were released.

After the AD auth known issue was discovered, CISA had to remove an actively abused Windows LSA spoofing zero-day (CVE-2022-26925) from its catalog of known exploited bugs and warned admins not to install the May 2022 updates on domain controllers.

In November 2021, Microsoft released another series of out-of-band updates to fix an issue causing Windows Server authentication failures related to Kerberos delegation scenarios impacting domain controllers.