Today is the second Tuesday of the month, making it Patch Tuesday. That"s the day that all supported versions of Windows 10 get an update. And despite the fact that a couple of versions of the OS won"t be supported after today, everything except version 1511 gets an update.
If you"re on the Windows 10 October 2018 Update, or version 1809, you"ll get KB4493509, bringing the build number to 17763.437. You can manually download it here, and it contains the following fixes:
Addresses an issue that occurs when you enable per font end-user-defined characters (EUDC). The system will stop working and a blue screen will appear at startup. This is not a common setting in non-Asian regions.
Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations.
Addresses an issue that causes the Group Policy editor to stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 Internet settings.
Addresses an issue that may cause authentication issues for Internet Explorer 11 and other applications that use WININET.DLL. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons.
Security updates to Windows Datacenter Networking, Windows Server, the Microsoft JET Database Engine, Windows Kernel, Windows Input and Composition, Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Storage and Filesystems, Microsoft Graphics Component, Windows Virtualization, Windows MSXML, Windows SQL components, and Microsoft Edge.
There are also a couple of known issues to be aware of:
Symptom | Workaround |
---|---|
After installing this update, Custom URI Schemes for Application Protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer. | Right-click the URL link to open it in a new window or tab. Or Enable Protected Mode in Internet Explorer for local intranet and trusted sites.
You must restart the browser after making these changes. Microsoft is working on a resolution and will provide an update in an upcoming release. |
After installing this update, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension. | To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options: Option 1: Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No Option 2:
Option 3: “HKLM\System\CurrentControlSet\Services\WDSServer\ Providers\WDSTFTP\EnableVariableWindowExtension”. Restart the WDSServer service after disabling the Variable Window Extension. Microsoft is working on a resolution and will provide an update in an upcoming release. |
If you"re still on the Windows 10 April 2018 Update, or version 1803, you"ll get KB4493464, bringing the build number to 17134.706. You can manually download it here, and it contains the following fixes:
Provides protections against Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754) for VIA-based computers. These protections are enabled by default for the Windows Client, but disabled by default for Windows Server. For Windows Client (IT Pro) guidance, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Use these guidance documents to enable or disable these mitigations for VIA-based computers.
Addresses a stop error that occurs when attempting to start the Secure Shell (SSH) client program from Windows Subsystem for Linux (WSL) with agent forwarding enabled using a command line switch (ssh –A) or a configuration setting.
Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations.
Addresses an issue that causes the Group Policy editor to stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 Internet settings.
Addresses an issue that occurs when you enable per font end-user-defined characters (EUDC). The system will stop working and a blue screen will appear at startup. This is not a common setting in non-Asian regions.
Security updates to Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Storage and Filesystems, Windows Server, Windows Graphics, Windows Input and Composition, Windows Kernel, Windows Virtualization, Windows MSXML, and the Microsoft JET Database Engine.
This update contains the same known issues as the one listed above.
If you"re still on the Windows 10 Fall Creators Update, or version 1709, this is the last update for those on Home and Pro SKUs. Version 1709 gets KB4493441, and that brings the build number to 16299.1087. You can manually download it here, and it contains the following fixes:
Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations.
Addresses an issue that causes the Group Policy editor to stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 Internet settings.
Addresses a stop error that occurs when attempting to start the Secure Shell (SSH) client program from Windows Subsystem for Linux (WSL) with agent forwarding enabled using a command line switch (ssh –A) or a configuration setting.
Addresses an issue that occurs when you enable per font end-user-defined characters (EUDC). The system will stop working and a blue screen will appear at startup. This is not a common setting in non-Asian regions.
Security updates to Microsoft Scripting Engine, Windows Input and Composition, Windows Graphics, Microsoft Graphics Component, Windows App Platform and Frameworks, Windows Storage and Filesystems, Windows Server, Windows Datacenter Networking, Windows Server, Windows MSXML, Windows Kernel, Windows Virtualization, and the Microsoft JET Database Engine.
This update only contains the first known issue of the ones listed above, as is the case for the update for version 1703.
For those on the Windows 10 Creators Update, or version 1703, you"ll see KB4493474, bringing the build number to 15063.1747. You can manually download it here, and it contains the following fixes:
Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations.
Addresses an issue that causes the Group Policy editor to stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 Internet settings.
Addresses an issue that occurs when you enable per font end-user-defined characters (EUDC). The system will stop working and a blue screen will appear at startup. This is not a common setting in non-Asian regions.
Security updates to Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Storage and Filesystems, Windows Server, Windows Graphics, Microsoft Graphics Component, Windows Input and Composition. Windows Datacenter Networking, Windows Kernel, Windows MSXML, Windows Server, and the Microsoft JET Database Engine.
Next up is the Windows 10 Anniversary Update, or version 1607, which is seeing its last update for Enterprise and Education SKUs today. Moving forward, it"s just for those on the Long-Term Servicing Channel and Windows Server 2016 customers.
Those on version 1607 will get KB4493470, bringing the build number to 14393.2906. You can manually download it here, and it contains the following fixes:
Addresses an issue to meet GB18030 certificate requirements.
Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations.
Addresses an issue that causes the Group Policy editor to stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 Internet settings.
Addresses an issue that occurs when you enable per font end-user-defined characters (EUDC). The system will stop working and a blue screen will appear at startup. This is not a common setting in non-Asian regions.
Addresses an issue that may cause authentication issues for Internet Explorer 11 and other applications that use WININET.DLL. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons.
Security updates to Microsoft Scripting Engine, Windows Storage and Filesystems, Windows Server, Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Input and Composition, Windows Datacenter Networking, Windows Kernel, Windows MSXML, Windows SQL components, and the Microsoft JET Database Engine.
There are also several known issues:
Symptom | Workaround |
---|---|
For hosts managed by System Center Virtual Machine Manager (SCVMM), SCVMM cannot enumerate and manage logical switches deployed on the host after installing the update. Additionally, if you do not follow the best practices, a stop error may occur in vfpext.sys on the hosts. |
|
After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters. | Set the domain default "Minimum Password Length" policy to less than or equal to 14 characters. Microsoft is working on a resolution and will provide an update in an upcoming release. |
After installing this update, Custom URI Schemes for Application Protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer. | Right-click the URL link to open it in a new window or tab. Or Enable Protected Mode in Internet Explorer for local intranet and trusted sites.
You must restart the browser after making these changes. Microsoft is working on a resolution and will provide an update in an upcoming release. |
After installing this update, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension. | To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options: Option 1: Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No Option 2:
Option 3: “HKLM\System\CurrentControlSet\Services\WDSServer\ Providers\WDSTFTP\EnableVariableWindowExtension”. Restart the WDSServer service after disabling the Variable Window Extension. Microsoft is working on a resolution and will provide an update in an upcoming release. |
Finally, if you"re on the original version of Windows 10, which is still supported in the LTSC, you"ll get KB4493475, and that brings the build number to 10240.18186. You can manually download it here, and it contains the following fixes:
Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations.
Addresses an issue that causes the Group Policy editor to stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 Internet settings.
Addresses an issue with Custom URI Schemes for Application Protocol handlers, which may not start the corresponding application for local intranet and trusted sites on Internet Explorer.
Addresses an issue that causes Internet Explorer to block a sub-resource download when its loaded over the HTTP protocol on a page hosted over the HTTPS protocol.
Addresses an issue to meet GB18030 certificate requirements.
Updates time zone information for Kazakhstan.
Updates time zone information for São Tomé and Príncipe.
Addresses an issue that occurs when you enable per font end-user-defined characters (EUDC). The system will stop working and a blue screen will appear at startup. This is not a common setting in non-Asian regions.
Addresses an issue that prevents the CALDATETIME structure from handling more than four Japanese Eras. For more information, see KB4469068.
Addresses an issue with Microsoft Office Visual Basic for Applications that fails to use the Japanese Era registry settings for dates in the Japanese format. For more information, see KB4469068.
Addresses an issue that prevents users from enabling gan-nen support for the Japanese Era. For more information, see KB4469068.
Addresses an issue that prevents date parsers from converting future and past dates (Gregorian and Japanese) in compound documents (formerly OLE) to a relevant Japanese Era date. For more information, see KB4469068.
Security updates to Microsoft Scripting Engine, Windows Input and Composition, Microsoft Graphics Component, Windows Storage and Filesystems, Windows Server, Windows App Platform and Frameworks, Windows Datacenter Networking, Windows MSXML, Windows Kernel, and the Microsoft JET Database Engine.
There are no known issues with this update.