It"s been just over two weeks since Patch Tuesday when Microsoft released updates for all supported versions of Windows, but new updates are rolling out today. Today"s cumulative updates are for Windows 10 versions 1803, 1709, 1703, and 1607. That makes the only supported version of Windows 10 that"s not getting an update is version 1507 on the Long Term Servicing Channel.
If you"re like most people, then you"re on the Windows 10 April 2018 Update, or version 1803, and you"ll see KB4346783. It brings the build number to 17134.254, and you can manually download it here. Here"s what got fixed:
Addresses an issue in Microsoft Foundation Class applications that may cause applications to flicker.
Addresses an issue where touch and mouse events were handled differently in Windows Presentation Foundation (WPF) applications that have a transparent overlay window.
Addresses a reliability issue in applications that have extensive window nesting.
Addresses an issue in the Universal CRT that sometimes causes the AMD64 FMOD to return an incorrect result when given very large inputs.
Addresses an issue in the Universal CRT that causes the _get_pgmptr() function to return an empty string.
Addresses an issue in the Universal CRT that causes isprint() to return TRUE for a tab when using the C locale.
Addresses an issue where Microsoft Edge or other UWP applications can"t perform client authentication when the private key is stored on a TPM 2.0 device.
Addresses an issue that causes computer certificate enrollment or renewal to fail with an "Access denied" error after installing the April 2018 update. This issue occurs when the registry process has a lower process ID (PID) than all other processes except SYSTEM.
Addresses an issue that, in some cases, failed to clear decrypted data from memory after a CAPI decryption operation was completed.
Addresses an issue that prevented the Device Guard PackageInspector.exe application from including all the files needed for an application to run correctly once the Code Integrity policy was completed.
Addresses an issue where not all network printers are connected after a user signs in. The HKEY_USERS\User\Printers\Connections key shows the correct network printers for the affected user; however, the missing list for network printers from this registry key isn"t populated in any app, including Microsoft Notepad, or in Devices and Printers. Printers may disappear or stop functioning.
Addresses an issue that prevents printing on a 64-bit OS when 32-bit applications impersonate other users (typically by calling LogonUser). This issue occurs after installing monthly updates starting with KB4034681, released in August 2017. To resolve the issue for the affected applications, install this update, and then do one of the following:
Use Microsoft Application Compatibility Toolkit to globally enable the Splwow64Compat App Compat Shim
Use the following registry setting, and then restart the 32-bit application:HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Print Setting: Splwow64Compat
Type: DWORD
Value1: 1
Addresses an issue that causes the Wi-Fi EAP-TTLS (CHAP) authentication to fail if a user saves credential information before authentication.
Addresses an issue that causes devices that have 802.1x Extensible Authentication Protocol (EAP) enabled to randomly stop working with the stop code ”0xD1 DRIVER_IRQL_NOT_LESS_OR_EQUAL”. The issue occurs when the kernel memory pool becomes corrupted. Crashes will generally occur in nwifi.sys.
Addresses an issue that may remove a Dynamic Host Configuration Protocol (DHCP) option from a reservation after changing the DHCP scope settings.
Extends the Key Management Service (KMS) to support the upcoming Windows 10 client Enterprise LTSC and Windows Server editions. For more information, see KB4347075.
If you installed earlier updates, only the new fixes in this package will be downloaded and installed on your device.
There"s also a known issue to be aware of:
Symptom | Workaround |
---|---|
Launching Microsoft Edge using the New Application Guard Windowmay fail; normal Microsoft Edge instances aren"t affected. | If you’ve experienced the issue and already installed KB4343909, uninstall it.
Microsoft is working on a resolution and will provide an update in an upcoming release. |
For those on the Windows 10 Fall Creators Update, or version 1709, you"ll see KB4343893, which brings the build number to 16299.637. You can manually download it here, and it contains the following fixes:
Addresses an issue in Microsoft Foundation Class (MFC) applications that may cause applications to flicker.
Addresses an issue that causes win32kfull.sys to stop working (Stop 3B) when cancelling journal hook operations or disconnecting a remote session.
Addresses an issue that caused users to press Ctrl+Alt+Delete twice to exit assigned access mode when autologon was enabled.
Addresses an issue that prevented the Device Guard PackageInspector.exe application from including all the files needed for an application to run correctly once the Code Integrity policy was completed.
Addresses an issue that prevents users of PIV/CAC smart cards from authenticating to use enterprise resources or prevents Windows Hello for Business from configuring on first logon.
Addresses an issue that causes Microsoft Edge to stop working after setting a DLL rule in AppLocker.
Addresses an issue that, in some cases, failed to clear decrypted data from memory after a CAPI decryption operation was completed.
Addresses an issue that causes the Wi-Fi EAP-TTLS (CHAP) authentication to fail if a user saves credential information before authentication.
Addresses an issue that causes high CPU usage on machines with built-in Sierra broadband modules when switching from WLAN to LAN. The WWanSvc service continually claims additional memory until the machine becomes unresponsive and a black screen appears.
Addresses an issue that prevents a checkpoint created on a Windows Server 2016 cluster from being reapplied. This occurs when VMs are running on a cluster-shared volume (CSV), and the error is “Failed to read from stream. HRESULT = 0xC00CEE3A.”
Addresses an issue where changes to the %HOMESHARE% path aren"t reflected in the folder redirection configuration. As a result, folder redirection for a known folder doesn"t work.
Addresses an issue that requires a password to be input twice if you connect to a locked device using Remote Desktop Connect.
Addresses an issue that causes devices that have 802.1x Extensible Authentication Protocol (EAP) enabled to randomly stop working with the stop code ”0xD1 DRIVER_IRQL_NOT_LESS_OR_EQUAL”. The issue occurs when the kernel memory pool becomes corrupted. Crashes will generally occur in nwifi.sys.
Provides a stability resolution for native Peripheral Component Interconnect Express (PCIe) enumeration and the runtime D3 (RTD3) state.
Addresses an issue that may remove a Dynamic Host Configuration Protocol (DHCP) option from a reservation after changing the DHCP scope settings.
Addresses an issue that may prevent the Start menu from opening after refreshing your PC.
Extends the Key Management Service (KMS) to support the upcoming Windows 10 client Enterprise LTSC and Windows Server editions. For more information, see KB4347075.
This one has two known issues:
Symptom | Workaround |
---|---|
Some non-English platforms may display the following string in English instead of the localized language: ”Reading scheduled jobs from file is not supported in this language mode.” This error appears when you try to read the scheduled jobs you"ve created and Device Guard is enabled | Microsoft is working on a resolution and will provide an update in an upcoming release. |
When Device Guard is enabled, some non-English platforms may display the following strings in English instead of the localized language:
| Microsoft is working on a resolution and will provide an update in an upcoming release. |
Next up is the Windows 10 Creators Update, or version 1703. Users of this version will see KB4343889, bringing the build number to 15063.1292. You can manually download it here, and it contains the following fixes:
Addresses an issue that causes win32kfull.sys to stop working (Stop 3B) when cancelling journal hook operations or disconnecting a remote session.
Addresses an issue in Microsoft Foundation Class (MFC) applications that may cause applications to flicker.
Addresses an issue that displays incorrect changes to folder contents.
Addresses an issue that prevented the Device Guard PackageInspector.exe application from including all the files needed for an application to run correctly once the Code Integrity policy was completed.
Addresses an issue that prevents users of PIV/CAC smart cards from authenticating to use enterprise resources or prevents Windows Hello for Business from configuring on first logon.
Addresses an issue that causes Microsoft Edge to stop working after setting a DLL rule in AppLocker.
Addresses an issue that prevents users from logging on when an Azure Active Directory account domain changes.
Addresses an issue that causes PowerShell scripts to stop working when attempting operations such as Get-Credentials.
Addresses an issue that, in some cases, failed to clear decrypted data from memory after a CAPI decryption operation was completed.
Addresses an issue that causes high CPU usage on machines with built-in Sierra broadband modules when switching from WLAN to LAN. The WWanSvc service continually claims additional memory until the machine becomes unresponsive and a black screen appears.
Addresses an issue that causes the Wi-Fi EAP-TTLS (CHAP) authentication to fail if a user saves credential information before authentication.
Addresses an issue that causes a connection failure when the Remote Desktop Service does not read the bypass list for a proxy that has multiple entries.
There are no known issues with this update.
Finally, those on the Windows 10 Anniversary Update (version 1607) or Windows Server 2016 will see KB4343884, which brings the build number to 14393.2457. You can manually download it here, and it contains the following fixes:
Updates the music metadata service provider used by Windows Media Player.
Addresses an issue from the March 2018 update that prevents the correct lock screen image from appearing when the following GPO policies are enabled:
Computer Configuration\Administrative Templates\Control Panel\Personalization\Force a specific default lock screen and logon image
Computer Configuration\Administrative Templates\Control Panel\Personalization\Prevent changing lock screen and logon image
Addresses an issue that prevents users of PIV/CAC smart cards from authenticating to use enterprise resources or prevents Windows Hello for Business from configuring on first logon.
Addresses an issue that prevented the Device Guard PackageInspector.exe application from including all the files needed for an application to run correctly once the Code Integrity policy was completed.
Addresses an issue that, in some cases, failed to clear decrypted data from memory after a CAPI decryption operation was completed.
Addresses an issue that causes PowerShell scripts to stop working when attempting operations such as Get-Credentials.
Addresses an issue that causes the Wi-Fi EAP-TTLS (CHAP) authentication to fail if a user saves credential information before authentication.
Addresses a Windows Task Scheduler issue that occurs when setting up an event to start on a specific day of the month. Instead of starting on the specific day of the month you selected, the event starts one week ahead of schedule. For example, if you set an event to start on the third Tuesday of August 2018, instead of starting on 08/21/18, the event starts on 08/14/18.
Addresses an issue that prevents Hypervisor from automatically launching on restart when running a nested or non-nested virtualization scenario after enabling Device Guard.
Addresses an issue that causes the event viewer for Microsoft-Windows-Hyper-V-VMMS-Admin to receive excessive Event ID 12660 “Cannot open handle to Hyper-V storage provider” messages. This issue occurs when performing migration testing on a Windows Server 2016 S2D Cluster Platform. As a result, events are deleted after three hours when the event log size reaches 1 MB.
Addresses an issue that causes virtual functions (VF) to be unintentionally removed when a virtual machine (VM) is saved in Hyper-V Manager. This issue occurs when assigning and loading multiple virtual functions to a single VM during live migration on Windows Server 2016. Saving the VM doesn’t result in a normal shutdown of the virtual functions and doesn’t allow the VF driver to have backchannel communication with the physical function (PF).
Addresses an issue that causes an Azure to on-premise failback operation to fail and puts the virtual machine (VM) into an unresponsive state. This issue occurs if the failback is interrupted by an event such as restarting the Virtual Machine Management Service (VMMS) or restarting the host machine. The failback operation then continues to fail even when the VMMS is running.
Addresses an Active Directory Federation Services (AD FS) issue where Multi-Factor Authentication does not work correctly with mobile devices that use custom culture definitions.
Addresses an issue in Windows Hello for Business that causes a significant delay (15 seconds) in new user enrollment. This issue occurs when a hardware security module is used to store an ADFS Registration Authority (RA) certificate.
Addresses an Active Directory Domain Services (AD DS) issue that causes Local Security Authority Subsystem Service (LSASS) to stop working intermittently. This issue occurs when a custom component binds over Transport Layer Security (TLS) to a Domain Controller using Simple Authentication and Security Layer (SASL) EXTERNAL authentication.
Addresses an issue that generates Event ID 2006 and prevents the Windows Performance counter from reading Server Message Block (SMB) performance counters. This issue occurs when Hot-Plug is enabled for CPUs on Windows 2016 virtual machines.
Addresses an issue that causes users to disconnect from a remote session when the Remote Desktop Gateway service stops working.
Addresses an issue that causes svchost.exe to stop working intermittently. This issue occurs when the SessionEnv service is running, which causes a partial load of the user’s configuration during a Remote Desktop session.
Addresses an issue that may cause the server to be restarted because the system nonpaged pool consumes too much memory.
Addresses an issue that may remove a Dynamic Host Configuration Protocol (DHCP) option from a reservation after changing the DHCP scope settings.
Addresses an issue that prevents a drive from being made writable even after BitLocker encryption has completed. This issue occurs when using the FDVDenyWriteAccess policy.
Addresses an issue that occasionally displays a blue screen instead of the lock screen when a device wakes up from sleep.
Extends the Key Management Service (KMS) to support the upcoming Windows 10 client Enterprise LTSC and Windows Server editions. For more information, see KB4347075.
There are no known issues with this update.
As usual, you don"t actually have to install any of these updates manually, as Windows Update will install them automatically.