Microsoft has released a fresh cumulative non-security update for users sticking to one of the older Windows 10 versions. KB5016690 (build number 17763.3346) is now available for download on systems running Windows 10 2019 LTSC and Server 2019. Home and Pro users will not receive this update because Microsoft stopped supporting Windows 10 version 1809 in May 2021.
The main highlight of KB5016690 is a fix for the bug causing an 0x1E error when users try to shut down or restart their systems. Here is the rest of the changelog containing more technical improvements and fixes:
- New! Enhances Microsoft Defender for Endpoint’s ability to identify and intercept ransomware and advanced attacks.
- Addresses an issue that causes ServerAssignedConfigurations to be null in a few full configuration scenarios.
- Addresses an issue that might generate error 0x1E when you shut down or restart a device.
- Addresses an issue that prevents virtualized App-V Microsoft Office applications from opening or causes them to stop working.
- Addresses an issue that leads to a false negative when you run scripts while Windows Defender Application Control (WDAC) is turned on. This might cause AppLocker events 8029, 8028, or 8037 to appear in the log when they should not.
- Addresses an issue that causes the Resultant Set of Policy tool (Rsop.msc) to stop working when it processes 1,000 or more “File System” security settings.
- Addresses an issue that causes the Settings app to stop working on server domain controllers (DCs) when accessing the Privacy > Activity history page.
- Addresses a race condition that causes the Local Security Authority Subsystem Service (LSASS) to stop working on Active Directory domain controllers. This issue occurs when LSASS processes simultaneous Lightweight Directory Access Protocol (LDAP) over Transport Layer Security (TLS) requests that fail to decrypt. The exception code is 0xc0000409 (STATUS_STACK_BUFFER_OVERRUN).
- Addresses an issue that affects a lookup for a nonexistent security ID (SID) from the local domain using read-only domain controller (RODC). The lookup unexpectedly returns the STATUS_TRUSTED_DOMAIN_FAILURE error instead of STATUS_NONE_MAPPED or STATUS_SOME_MAPPED.
- Addresses an issue that prevents a private virtual LAN (PVLAN) from providing tenant and virtual machine (VM) isolation.
- Addresses an issue that delays a client’s acquisition of the Internet Protocol version 6 (IPv6) address for extended periods in an IPv6 environment.
- Addresses an issue that might cause Remote Desktop Session licensing to display a 60-minute disconnection warning after reconnecting.
- Addresses an issue that causes a RODC to unexpectedly restart. In the event log, you’ll find the following:
Event 1074 with the message, “The system process "C:\Windows\system32\lsass.exe" terminated unexpectedly with status code -1073740286. The system will now shut down and restart.”
Event 1015 with the message, “A critical system process, C:\Windows\system32\lsass.exe, failed with status code c0000602. The machine must now be restarted.”
Event 1000 with the message, “Faulting application name: lsass.exe, Faulting module name: ESENT.dll, Exception code: 0xc0000602.”
Addresses an issue that might cause cldflt.sys to reference invalid memory in race conditions.
Users can download KB5016690 from Windows Update (in the optional updates section) or the Microsoft Update Catalog.
It is worth noting that Windows 10 2019 LTSC Editions and Server 2019 will soon stop receiving non-security optional updates (C-releases). Starting September 20, 2022, only cumulative security updates (B-releases) or "Patch Tuesday" will be available.