Microsoft has now released the new Windows 11 update KB5014668 (Build 22000.778) to all devices running Windows 11. The update KB5014668 brings Search Highlights, support for Transport Layer Security (TLS) 1.3 and new security features.

Search Highlights feature was recently announced by Microsoft for insiders in Dev channel. Search highlights aims to presents “notable and interesting moments like holidays, anniversaries, and other educational moments in time”. For enterprise customers, search highlights will also feature the latest updates from organization and suggest people, files, and more.

The update KB5014668 (Build 22000.778) adds support for Transport Layer Security (TLS) 1.3 in Windows client and server Lightweight Directory Access Protocol (LDAP) implementations. It also brings IP address auditing for incoming Windows Remote Management (WinRM) connections and adds Server Message Block (SMB) redirector (RDR) specific public File System Control (FSCTL) code.

There are many improvements and fixes for Windows 11 issues including fixes for Upgrade failure, Video playing issue in Games, Bluetooth re-connection issue, and many other issues. Here is the full changelog of update KB5014668 in terms of new features, fixes and improvements.

This non-security update includes quality improvements. Key changes include:

  • New! Adds IP address auditing for incoming Windows Remote Management (WinRM) connections in security event 4262 and WinRM event 91. This addresses an issue that fails to log the source IP address and machine name for a remote PowerShell connection.
  • New! Adds Server Message Block (SMB) redirector (RDR) specific public File System Control (FSCTL) code FSCTL_LMR_QUERY_INFO.
  • New! Makes the SMB client and SMB server cipher suite order configurable using PowerShell.
  • New! Introducing search highlightsSearch highlights will present notable and interesting moments of what’s special about each day—like holidays, anniversaries, and other educational moments in time both globally and in your region. To see search highlights, click or tap on the search icon on your taskbar.

    For enterprise customers, search highlights will also feature the latest updates from your organization and suggest people, files, and more.

    Search highlights will roll out to Windows 11 customers over the next several weeks. We are taking a phased and measured approach. Broad availability will occur in the coming months. For group configuration information, see Group configuration: search highlights in Windows.Windows 11 search highlights

  • New! Adds support for Transport Layer Security (TLS) 1.3 in Windows client and server Lightweight Directory Access Protocol (LDAP) implementations.
  • Addresses a race condition issue that might cause an upgrade to Windows 11 (original release) to fail.
  • Addresses an issue that displays Japanese characters incorrectly in PowerShell.
  • Addresses an issue that affects the Cloud Clipboard service and prevents syncing between machines after a period of inactivity.
  • Addresses an issue that fails to hide the Windows Sandbox startup screen after Sandbox starts to run .
  • Addresses an issue that causes a device that has a Japanese system locale to stop working when you disable end-user-defined characters (EUDCs).
  • Enables the InternetExplorerModeEnableSavePageAs Group Policy. For more information, see Microsoft Edge Browser Policy Documentation.
  • Provides the ability to use a network proxy during Universal Print operations.
  • Addresses an issue that might cause playback of consecutive video clips to fail in games that use DirectX 12 (DX12).
  • Addresses an issue that causes certain games to stop working if they use the XAudio API to play sound effects.
  • Addresses an issue that affects some certificates chains to Root Certification Authorities that are members of the Microsoft Root Certification Program. For these certificates, the certificate chain status can be, “This certificate was revoked by its certification authority”.
  • Addresses an issue that prevents the use of Encrypted File System (EFS) files over a Web-based Distributed Authoring and Versioning (WebDAV) connection.
  • Addresses an issue that causes a domain controller to incorrectly write Key Distribution Center (KDC) event 21 in the System event log. This occurs when the KDC successfully processes a Kerberos Public Key Cryptography for Initial Authentication (PKINIT) authentication request with a self-signed certificate for key trust scenarios (Windows Hello for Business and Device Authentication).
  • Addresses an issue that prevents Bluetooth from reconnecting to some audio devices after you restart the devices.
  • Addresses an issue that occurs when the Active Directory Lightweight Directory Service (AD LDS) resets the password for userProxy objects. When you try to reset someone else’s password and you are authenticated using a simple bind, the password reset fails. The error is like, “00000005: SvcErr: DSID-03380C23, problem 5003 (WILL_NOT_PERFORM), data 0”.
  • Addresses an issue that causes Microsoft NTLM authentication using an external trust to fail. This issue occurs when a domain controller that contains the January 11, 2022 or later Windows update services the authentication request, is not in a root domain, and does not hold the Global Catalog role. The affected operations might log the following errors:
    • The security database has not been started.
    • The domain was in the wrong state to perform the security operation.
    • 0xc00000dd (STATUS_INVALID_DOMAIN_STATE).
  • Addresses an issue that causes the LocalUsersAndGroups configuration service provider (CSP) policy to fail when you modify the built-in Administrators group. This issue occurs if the local Administrator account isn’t specified in the membership list when you perform a replace operation.
  • Addresses an issue in which malformed XML inputs might cause an error in DeviceEnroller.exe. This prevents CSPs from being delivered to the device until you restart the device or correct the XML.
  • Addresses an issue that might cause Windows 11 (original release) to stop working when you install an application and there is no network connectivity.
  • Updates the Start menu to display Windows PowerShell when you right-click (Win + X) the Start button after you have uninstalled Windows Terminal.
  • Changes the name of the Your Phone app to Phone Link on the Settings page.
  • Addresses an issue that causes the Microsoft Surface Dial customization settings page to stop working.
  • Addresses a known issue that might prevent you from using the Wi-Fi hotspot feature. When attempting to use the hotspot feature, the host device might lose the connection to the internet after a client device connects.

If you installed earlier updates, only the new updates contained in this package will be downloaded and installed on your device.

Download link:

You can download and manually install Windows 11 update KB5014668 by clicking here. If you need help in understanding how to install these updates manually on your PC, you can refer to our step by step noob-friendly tutorial.