Introduction

On April 11, 2025, Microsoft released an out-of-band (OOB) update, KB5058919, targeting Windows 11 versions 22H2 and 23H2. This update addresses a specific issue within Active Directory Group Policy, ensuring accurate reporting of audit logon/logoff events.

Background on Out-of-Band Updates

Typically, Microsoft schedules updates on a monthly basis, known as "Patch Tuesday." However, out-of-band updates are released outside this regular schedule to address critical issues that cannot wait for the next planned update. KB5058919 is one such update, underscoring the importance of the issue it resolves.

Details of the Issue

Administrators observed discrepancies in the Local Group Policy Editor and Local Security Policy, where the "Audit logon events" policy incorrectly displayed a setting of "No auditing," despite being enabled and functioning correctly. This misrepresentation posed challenges for IT professionals relying on these tools for accurate policy status.

Technical Details of KB5058919

  • Release Date: April 11, 2025
  • Applicable Versions:
    • Windows 11, versions 23H2 and 22H2
    • Windows Server 2022
    • Windows 10 Enterprise LTSC 2019 and Windows Server 2019
    • Windows 10 LTSB 2016 and Windows Server 2016
    • Azure Stack HCI, version 22H2
  • Key Fix: Corrects the display issue in the Local Group Policy Editor and Local Security Policy, ensuring that the "Audit logon events" policy accurately reflects its enabled status.

Implications and Impact

For enterprise environments, accurate audit logs are essential for security monitoring, compliance, and troubleshooting. The misreporting issue could lead to misunderstandings about the state of security policies, potentially affecting compliance audits and security assessments. By addressing this issue promptly, Microsoft helps maintain the integrity and reliability of security monitoring tools.

Installation Guidance

KB5058919 is available exclusively through the Microsoft Update Catalog and is not distributed via Windows Update or WSUS. Administrators should:

  1. Download the Update: Visit the Microsoft Update Catalog and search for KB5058919.
  2. Select the Appropriate Package: Choose the version corresponding to your Windows 11 edition.
  3. Install the Update: Run the downloaded file on affected systems. A system restart may be required to complete the installation.

Conclusion

The release of KB5058919 highlights Microsoft's commitment to promptly addressing critical issues that impact enterprise environments. Administrators are encouraged to apply this update to ensure accurate reporting within Active Directory Group Policy tools, thereby maintaining effective security monitoring and compliance.

Tags

  • it administration
  • kb5058919
  • os builds 22621
  • os builds 22631
  • out-of-band update
  • security
  • stability
  • system stability
  • windows 11
  • windows update