We"re just getting into the new year, but it"s already the second Tuesday of January, which means it"s time for Microsoft"s Patch Tuesday updates. All supported versions of Windows 10 - which excludes version 1511 - are getting cumulative updates today, bringing a host of fixes after a small break for the holidays.
Starting with the latest release, the Windows 10 October 2018 Update, or version 1809, users will get KB4480116, bringing the build number up to 17763.253. You can manually download the update here, and it includes the following fixes:
- Addresses a security vulnerability in session isolation that affects PowerShell remote endpoints. By default, PowerShell remoting only works with administrator accounts, but can be configured to work with non-administrator accounts. Starting with this release, you cannot configure PowerShell remote endpoints to work with non-administrator accounts. When attempting to use a non-administrator account, the following error will appear:
- “New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered. For more information, see the about_Remote_Troubleshooting Help topic.”
- Addresses an issue in which using esentutl /p to repair a corrupt Extensible Storage Engine (ESE) database results in a mostly empty database. The ESE database is corrupted and cannot be mounted.
- Security updates to Microsoft Edge, Internet Explorer, Windows App Platform and Frameworks, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, Microsoft JET Database Engine, Windows Linux, Windows Virtualization, and the Microsoft Scripting Engine.
There"s a single known issue in this update, but it should be fixed later this month:
Symptom | Workaround |
---|---|
After installing this update, third-party applications may have difficulty authenticating hotspots | Microsoft is working on a resolution and estimates a solution will be available late January. |
For users on the Windows 10 April 2018 Update, or version 1803, the update will be KB4480966, and change the build number to 17134.523. The update can be manually downloaded here, and it includes these fixes:
- Addresses a security vulnerability in session isolation that affects PowerShell remote endpoints. By default, PowerShell remoting only works with administrator accounts, but can be configured to work with non-administrator accounts. Starting with this release, you cannot configure PowerShell remote endpoints to work with non-administrator accounts. When attempting to use a non-administrator account, the following error will appear:
- “New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered. For more information, see the about_Remote_Troubleshooting Help topic.”
- Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows Kernel, Windows Storage and Filesystems, Windows Virtualization, Windows Linux, Windows MSXML, and the Microsoft JET Database Engine .
There are some known issues with this update, however. Here"s what you need to be aware of:
Symptom | Workaround |
---|---|
After you install the August Preview of Quality Rollup or September 11, 2018 .NET Framework update, instantiation of SqlConnection can throw an exception. For more information about this issue, see the following article in the Microsoft Knowledge Base: 4470809 SqlConnection instantiation exception on .NET 4.6 and later after August-September 2018 .NET Framework updates. | Microsoft is working on a resolution and will provide an update in an upcoming release. |
After installing this update, some users cannot pin a web link on the Start menu or the taskbar. | Microsoft is working on a resolution and will provide an update in an upcoming release. |
After installing KB4467682, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters. | Set the domain default "Minimum Password Length" policy to less than or equal to 14 characters. Microsoft is working on a resolution and will provide an update in an upcoming release. |
After installing this update, third-party applications may have difficulty authenticating hotspots. | Microsoft is working on a resolution and estimates a solution will be available mid-January. |
Going further back to the Windows 10 Fall Creators Update, or version 1709, users will be getting KB4480978, which is build 16299.904. It can be found on the Microsoft Update website here, and it includes the fixes below:
- Addresses a security vulnerability in session isolation that affects PowerShell remote endpoints. By default, PowerShell remoting only works with administrator accounts, but can be configured to work with non-administrator accounts. Starting with this release, you cannot configure PowerShell remote endpoints to work with non-administrator accounts. When attempting to use a non-administrator account, the following error will appear:
“New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered. For more information, see the about_Remote_Troubleshooting Help topic.”- Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Virtualization, Windows Linux, and the Microsoft JET Database Engine.
This update also has a couple of known issues you should be aware of:
Symptom | Workaround |
---|---|
After you install the August Preview of Quality Rollup or September 11, 2018 .NET Framework update, instantiation of SqlConnection can throw an exception. For more information about this issue, see the following article in the Microsoft Knowledge Base: 4470809 SqlConnection instantiation exception on .NET 4.6 and later after August-September 2018 .NET Framework updates. | Microsoft is working on a resolution and will provide an update in an upcoming release. |
After installing this update, third-party applications may have difficulty authenticating hotspots. | Microsoft is working on a resolution and estimates a solution will be available mid-January. |
The original Windows 10 Creators Update, version 1703, is no longer supported for the Home and Pro editions of Windows 10, but Enterprise and Education SKUs are still getting updates. Windows 10 Mobile is also receiving updates in this branch. This month"s release is KB4480973, and it moves the build number up to 15063.1563. You can download it manually here to get these fixes:
- Addresses a security vulnerability in session isolation that affects PowerShell remote endpoints. By default, PowerShell remoting only works with administrator accounts, but can be configured to work with non-administrator accounts. Starting with this release, you cannot configure PowerShell remote endpoints to work with non-administrator accounts. When attempting to use a non-administrator account, the following error will appear:
“New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered. For more information, see the about_Remote_Troubleshooting Help topic.”- Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows Authentication, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Virtualization, Windows Linux, and Microsoft JET Database Engine.
This update also includes the same issues as the update for version 1709 mentioned above.
With consumer SKUs left behind beyond this point, the Windows 10 Anniversary Update, or version 1607, is still getting updates for Enterprise and Education users. It"s also part of the Long-Term Servicing Channel. Windows Server 2016 is in this category as well. These users will see KB4480961 and build number 14393.2724. It can be downloaded manually from here, and it includes these fixes:
- Addresses a security vulnerability in session isolation that affects PowerShell remote endpoints. By default, PowerShell remoting only works with administrator accounts, but can be configured to work with non-administrator accounts. Starting with this release, you cannot configure PowerShell remote endpoints to work with non-administrator accounts. When attempting to use a non-administrator account, the following error will appear:
“New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered. For more information, see the about_Remote_Troubleshooting Help topic.”- Security updates to Internet Explorer, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows Kernel, Windows Hyper-V, Windows MSXML, and the Microsoft JET Database Engine.
There"s a long list of known issues in this update, however. Here"s everything you need to look out for:
Symptom | Workaround |
---|---|
After you install the August Preview of Quality Rollup or September 11, 2018 .NET Framework update, instantiation of SqlConnection can throw an exception. For more information about this issue, see the following article in the Microsoft Knowledge Base: 4470809 SqlConnection instantiation exception on .NET 4.6 and later after August-September 2018 .NET Framework updates. | Microsoft is working on a resolution and will provide an update in an upcoming release. |
System Center Virtual Machine Manager (SCVMM) managed workloads are noticing infrastructure management issues after VMM refresh as the Windows Management Instrumentation (WMI) class around network port is being unregistered on Hyper-V hosts. | Run mofcomp for the scvmmswitchportsettings.mof, VMMDHCPSvr.mof, and other relevant SCVMM MOF Files. Please upgrade thru the SCVMM 2016 Update Rollup 6 (UR6) to expedite the Host Refresh activities after running mofcomp command. |
After installing this update on Windows Server 2016, instant search in Microsoft Outlook clients fail with the error, "Outlook cannot perform the search". | To alleviate the symptoms, run sfc /scannow as described in step 3 of Use the System File Checker tool to repair missing or corrupted system files. Then restart Microsoft Outlook. Microsoft is working on a resolution and will provide an update in an upcoming release. |
After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters. | Set the domain default "Minimum Password Length" policy to less than or equal to 14 characters. Microsoft is working on a resolution and will provide an update in an upcoming release. |
After installing KB4467691, Windows may fail to startup on certain Lenovo laptops that have less than 8 GB of RAM. | Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart. If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled. Microsoft is working with Lenovo and will provide an update in an upcoming release. |
After installing this update, third-party applications may have difficulty authenticating hotspots. | Microsoft is working on a resolution and estimates a solution will be available mid-January. |
Lastly, the original release of Windows 10, version 1507, which is only supported in the Long-Term Servicing Channel, is getting updates as well. KB4480962 brings the build number up to 10240.18094, and it can be downloaded from here. Here"s what it fixes:
- Addresses a security vulnerability in session isolation that affects PowerShell remote endpoints. By default, PowerShell remoting only works with administrator accounts, but can be configured to work with non-administrator accounts. Starting with this release, you cannot configure PowerShell remote endpoints to work with non-administrator accounts. When attempting to use a non-administrator account, the following error will appear:
“New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered. For more information, see the about_Remote_Troubleshooting Help topic.”- Security updates to Internet Explorer, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, and the Microsoft JET Database Engine.
This release has a single known issue, which is found in all of today"s updates:
Symptom | Workaround |
---|---|
After installing this update, third-party applications may have difficulty authenticating hotspots. | Microsoft is working on a resolution and estimates a solution will be available early February. |
Of course, these updates are made available through Windows Update, so you shouldn"t need to download them manually.