On November 9, 2021, Microsoft released Cumulative Update KB5007205 for Windows Server 2022, an important security update that also delivers several quality improvements.
Notes on the change table:
Addressed issue where certain applications may have unexpected results when rendering certain user interface elements or when drawing within the application. You may experience this issue with applications that use GDI+ and place a zero-width pen object (0) on screens with high resolutions or dots per inch (DPI), or if the application is running use scaling.
Unfortunately for admins, the update also comes with a number of need-to-know issues, one of which is also related to security.
Microsoft notes that after installing KB5007205, administrators may find that Microsoft Defender for Endpoint may not start or run on devices with Windows Server Core installed.
Microsoft Defender for Endpoint is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.
Fortunately, the desktop client, Microsoft Defender for Endpoint on Windows 10, is not affected.
Microsoft says it’s working on a workaround and will provide an update in an upcoming release.
Subscribe to KB5007205’s support page here for updates.
https://mspoweruser.com/new-woe-for-admins-as-kb5007205-breaks-defender-for-endpoint/ New woe to admins as Cumulative Update KB5007205 breaks Endpoint Defender