Earlier this week, Microsoft released a round of cumulative updates, which arrived just six days after Patch Tuesday. Here we are just four days later, and four different versions of Windows 10 are once again getting new updates.
You might recall that this week's updates and the Patch Tuesday updates didn't really include a lot of improvements. They were mostly just security fixes. If you were wondering where the long changelogs were, they're here now.
If you're on the Windows 10 April 2018 Update, or version 1803, you'll get KB4458469, which brings the build number to 17134.319. You can manually download it here, and it contains the following fixes:
Addresses an issue that causes the prompt “You'll need a new app to open" to appear. This occurs when reloading a website on a non-standard port by pressing Enter .
Addresses an issue that causes downloads to fail because Mark of the Web (MOTW) isn't supported at the download location.
Addresses an issue that prevents the DefaultSearchProvider policy from working when the FirstRunPage policy is in use.
Addresses issue that causes the address bar to lose focus when a new tab is opened and the Allow web content on New Tab page policy is off.
Addresses an issue that prevents the Microsoft Edge Configure Password Manager policy from suppressing the Save password prompt when the policy is disabled.
Addresses an issue that causes downloads to WebDAV locations to fail.
Addresses an issue with the file previewer for .html, .mht, and email (MIME) attachments in Microsoft Outlook.
Addresses an issue that causes Internet Explorer security and certificate dialogs to display prompts in the background instead of the foreground in certain circumstances.
Addresses an issue that may cause the system to become unresponsive when applications call the EnableEUDC API.
Addresses an issue in multi-monitor scenarios that causes a spell checker context menu to appear on the wrong monitor. This issue occurs when the customer right-clicks a misspelled word in Internet Explorer.
Addresses an issue that occurs when entering Japanese characters in a remote desktop session (mstsc.exe).
Addresses an issue that occurs when using low-level mouse hooks with high integrity-level processes.
Addresses an issue that prevents custom keyboard layouts from working correctly.
Makes the visibility policy for the Settings Page available under User Configuration. The GPO is at the following path: User Configuration/Administrative Template/Control Panel/Settings Page Visibility
Addresses an issue that prevents some Bluetooth devices from pairing with Windows.
Addresses an issue in the Universal CRT that returns the expected output or a null character when calling _getch().
Addresses an issue in the Universal CRT that returns unexpected characters when calling the _findfirst() or _findnext() functions.
Addresses an issue in the Universal CRT that prevents some functions from accepting narrow input or producing proper output with certain ANSI Code Pages. This issue affects setargv.obj when using wildcard parsing and calls to get the current module name for debug windows. The issue also affects the following functions:
_chdir()
_exec()
_fullpath()
_loaddll
_popen()
_system()
_spawn() (and variants)
Addresses an issue with evaluating the compatibility status of the Windows ecosystem to help ensure application and device compatibility for all updates to Windows.
Addresses an issue with the diagnostic pipeline for devices enrolled in Windows Analytics when the CommercialID registry key, "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection" is present.
Addresses an issue that prevents the App-V client’s scheduled task from syncing if the Device Guard lockdown policy is enabled.
Addresses an issue that may cause the Local Security Authority Subsystem Service (LSASS) process to stop working when attempting to process a malformed security identifier (SID).
Addresses an issue that causes a delay in unlocking or signing in to a computer that was moved to a different network. For example, a delay occurs when moving from a corporate LAN or WLAN to a home LAN where domain controllers can't be reached.
Addresses an issue on some laptops that prevents sign-out from completing. The issue occurs when a customer signs out and immediately closes the laptop. As a result, when the laptop is reopened, the device must be restarted.
Addresses an issue that occurs when enabling BitLocker from a local administrator account.
Addresses an issue on devices with fingerprint sensors that were upgraded from Windows 10, version 1709. After the upgrade, users can't use the fingerprint sensor to log in.
Addresses an issue that causes some systems to take as much as 60 seconds longer to start. This occurs on systems that don't have a smart card reader installed.
Addresses an issue that prevents customers from logging in to a Windows 10S device with a PIN after upgrading to Windows 10, version 1803. Customers see the error “Your PIN is no longer available due to a change to the security settings on this device.”
Addresses an issue that causes a Direct Access connection to fail when the client authentication certificate is stored in the TPM device.
Addresses an issue that causes the system to log negative events for drivers that are valid and should be trusted. The issue occurs when running Windows Defender Application Control (Device Guard) in audit mode.
Addresses an issue that causes a third-party VPN provider's user interface to stop working after dynamically unloading Cryptui.dll.
Addresses an issue that causes logging on to a Remote Desktop Session Host Server to occasionally stop responding.
Addresses an issue that causes printing to an open or existing file to fail without displaying an error. This issue occurs when using Microsoft Print to PDF or XPS Document Writer.
Addresses an issue where a daily, repetitive task starts unexpectedly when the task is first created or starts when the task is updated.
Addresses an issue that prevents running subsequent actions when you create multiple actions in a task using Task Scheduler and the task is scheduled under the Stop the existing instance rule.
Addresses an issue with a task that has a repetition setting. The task fails to be scheduled and doesn't start after disabling and re-enabling the task. The Next Run Time in Task Scheduler displays the correct time, but the task doesn't start at that time.
Addresses an issue that prevents the debugging of minimized UWP applications.
Addresses an issue with Visual Studio UWP Deployments that displays the error "The operation could not be completed because an unexpected host ID was encountered".
Addresses an issue that ignores the MM_DONT_ZERO_ALLOCATION flag. This issue leads to degraded performance, and, occasionally, error 0x139 appears.
Addresses an issue that causes NTLTEST, DCLOCATOR, or joining an Active Directory and SAMBA domain to fail when using the NetBIOS domain name. The error is “An Active Directory domain Controller (AD DC) for the domain %domain% could not be contacted”.
Addresses an issue that occurs when using encrypted email. If the customer selects Cancel when first asked for a PIN, multiple PIN prompts appear before the prompt finally goes away.
Addresses an issue that prevents the Microsoft Help Viewer from rendering HTML content inside a Windows Help .chm file when the .chm file is stored on a network location.
Addresses an issue in which the lock screen shows a solid color instead of an image specified by a policy before a customer signs in for the first time.
Addresses an issue that causes Microsoft Edge to stop working when printing a PDF in a size 0 window.
Addresses an issue that causes Microsoft Edge to stop working and to close associated webpage tabs. This occurs when certain PDF documents have timing issues when loading.
Addresses an issue with a scheduled task that has an indefinite duration. The task starts immediately after it is created instead of starting at the time specified in the Triggers tab.
Addresses an issue where GetSystemTime() may sometimes return an invalid value after using SetSystemTime() immediately before.
Addresses an issue that occurs when using the “X509HintsNeeded” group policy to prepopulate the Username hint field. The Username hintfield is unexpectedly empty when unlocking a machine after a successful logon. Username hint caching is expected to only work for lock and unlock scenarios and is not designed for logoff and logon scenarios.
Addresses an issue that fails to maintain the tile layout after upgrading to Windows 10, version 1803 from Windows 10, versions 1703 and 1607.
Addresses an issue that returns temporary values for the new Japanese Calendar Era.
Addresses an issue in which Background Apps settings the user configured are lost when the device restarts because of incorrect registry ACLs.
Addresses an issue that prevents Microsoft Centennial apps and some OS apps from displaying toast notifications.
Addresses an issue in which all Guest Virtual Machines running Unicast dual NIC NLB fail to respond to NLB requests after the Virtual Machines restart.
There are no known issues with this update.
Those on the Windows 10 Fall Creators Update, or version 1709, will get KB4457136, which brings the build number to 16299.697. You can manually download it here, and it contains the following fixes:
Addresses an issue with the file previewer for .html, .mht, and email (MIME) attachments in Microsoft Outlook.
Addresses an issue that causes Internet Explorer security and certificate dialogs to display prompts in the background instead of the foreground in certain circumstances.
Addresses an issue that causes downloads to WebDAV locations to fail.
Addresses an issue that causes downloads to fail because Mark of the Web (MOTW) was not supported at the download location.
Addresses an issue that prevents Microsoft Narrator from accessing the contents of Windows Security dialogs displayed by a low integrity level process.
Addresses an issue that, in some cases, prevents installing encrypted .appx packages.
Addresses an issue that may cause the system to become unresponsive when applications call the EnableEUDC API.
Addresses an issue that occurs when entering Japanese characters in a remote desktop session (mstsc.exe).
Addresses an issue with evaluating the compatibility status of the Windows ecosystem to help ensure application and device compatibility for all updates to Windows.
Addresses an issue with the diagnostic pipeline for devices enrolled in Windows Analytics when the CommercialID registry key, "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection" is present.
Addresses an issue that prevents the App-V client’s scheduled task from synching if the Device Guard lockdown policy is enabled.
Addresses an issue that causes login to fail when using a smart card to log in to a Remote Desktop Server. The error is “STATUS_LOGON_FAILURE”.
Addresses an issue that causes a delay in unlocking or signing in to a computer that was moved to a different network. For example, a delay occurs when moving from a corporate LAN or WLAN to a home LAN where domain controllers aren't reachable.
Addresses an issue that occurs when using encrypted email. If the customer selects Cancel when first asked for a PIN, multiple PIN prompts appear before the prompt finally goes away.
Addresses an issue that causes a Direct Access connection to fail when the client authentication certificate is stored in the TPM device.
Addresses an issue on some laptops that prevents sign-out from completing. The issue occurs when a customer signs out and immediately closes the laptop. As a result, when the laptop is reopened, the device must be restarted.
Addresses an issue that causes the system to log negative events for drivers that are valid and should be trusted. The issue occurs when running Windows Defender Application Control (Device Guard) in audit mode.
Addresses an issue that may cause the Local Security Authority Subsystem Service (LSASS) process to stop working when attempting to process a malformed security identifier (SID).
Addresses an issue that causes logging on to a Remote Desktop Session Host Server to occasionally stop responding.
Addresses an issue that causes printing to an open or existing file to fail without displaying an error. This issue occurs when using Microsoft Print to PDF or XPS Document Writer.
Addresses an issue with scheduled tasks that don't start at the time that they are configured to start on a specific day of the week.
Addresses an issue with a scheduled task that has an indefinite duration. The task starts immediately after it's created instead of starting at the time specified in the Triggers tab.
Addresses an issue that prevents the running of subsequent actions in a task. This issue occurs when you create multiple actions in a task using Task Scheduler and the task is scheduled under the Stop the existing instance rule.
Addresses an issue with a task that has a repetition setting. The task fails to be scheduled and doesn't start after disabling and re-enabling the task. The Next Run Time in Task Scheduler displays the correct time, but the task doesn't start at that time.
Addresses an issue that may cause Service Control Manager (SCM) and Netlogon to stop working when one or more services are configured to run with domain credentials (service accounts).
Addresses an issue where a daily, repetitive task starts unexpectedly when the task is first created or starts when the task is updated.
Addresses an issue in which GetSystemTime() may sometimes return an invalid value after using SetSystemTime() immediately before.
Addresses an issue that occurs when using the “X509HintsNeeded” group policy to prepopulate the Username hint field. The Username hintfield is unexpectedly empty when unlocking a machine after a successful logon. Username hint caching is expected to only work for lock and unlock scenarios and is not designed for logoff and logon scenarios.
Addresses an issue that fails to maintain the tile layout after upgrading to Windows 10, version 1709 from Windows 10, versions 1703 and 1607.
Addresses an issue in which all Guest Virtual Machines running Unicast dual NIC NLB fail to respond to NLB requests after the Virtual Machines restart.
If your PC is still on the Windows 10 Creators Update, or version 1703, you'll see KB4457141, and that brings the build number to 15063.1358. You can manually download it here, and it contains the following fixes:
Addresses an issue that causes Internet Explorer security and certificate dialogs to display prompts in the background instead of the foreground in certain circumstances.
Addresses an issue that may cause the system to become unresponsive when applications call the EnableEUDC API.
Addresses an issue in which the “EnterpriseAssignedAccess” policy on mobile devices cannot configure some Settings pages, including Language, Region, Keyboard, and Airplane Mode.
Addresses an issue with the diagnostic pipeline for devices enrolled in Windows Analytics when the CommercialID registry key, "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection" is present.
Addresses an issue that prevents the App-V client’s scheduled task from synching if the Device Guard lockdown policy is enabled.
Addresses an issue that occurs when using encrypted email. If the customer selects Cancel when first prompted for a PIN, multiple PIN prompts appear before the prompt finally goes away.
Addresses an issue that causes logon to fail when using a smart card to log in to a Remote Desktop Server. The error is “STATUS_LOGON_FAILURE”.
Addresses an issue that causes a Direct Access connection to fail when the client authentication certificate is stored in the TPM device.
Addresses an issue that causes a third-party VPN provider's user interface to stop working after dynamically unloading Cryptui.dll.
Addresses an issue that causes the system to log negative events for drivers that are valid and should be trusted. The issue occurs when running Windows Defender Application Control (Device Guard) in audit mode.
Addresses an issue that may cause the Local Security Authority Subsystem Service (LSASS) process to stop working when attempting to process a malformed security identifier (SID).
Addresses an issue that causes logging on to a Remote Desktop Session Host Server to occasionally stop responding.
Addresses an issue that may cause Service Control Manager (SCM) and Netlogon to stop working when one or more services are configured to run with domain credentials (service accounts).
Addresses an issue that causes the OS to stop responding during startup under certain circumstances.
Addresses an issue that occurs when using the “X509HintsNeeded” group policy to prepopulate the Username hint field. The Username hintfield is unexpectedly empty when unlocking a machine after a successful logon. Username hint caching is expected to only work for lock and unlock scenarios and is not designed for logoff and logon scenarios.
Addresses an issue with evaluating the compatibility status of the Windows ecosystem to help ensure application and device compatibility for all updates to Windows.
Addresses an issue in which all Guest Virtual Machines running Unicast dual NIC NLB fail to respond to NLB requests after the Virtual Machines restart.
Finally, those on the Windows 10 Anniversary Update, or version 1607, will get KB4457127, and that will bring the build number to 14393.2517. You can manually download it here, and it contains the following fixes:
Addresses an issue that causes Internet Explorer security and certificate dialogs to display prompts in the background instead of the foreground in certain circumstances.
Makes the visibility Group Policy for the Settings Page available under User Configuration and Computer Configuration. The GPOs are at the following paths:
User Configuration/Administrative Template/Control Panel/Settings Page Visibility
Computer Configuration/Administrative Template/Control Panel/Settings Page Visibility
Addresses an issue with showing the correct changes to folder contents on some Network Attached Storage (NAS) configurations.
Addresses an issue with the diagnostic pipeline for devices enrolled in Windows Analytics when the CommercialID registry key, "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection" is present.
Addresses an issue that prevents the App-V client’s scheduled task from syncing if the Device Guard lockdown policy is enabled.
Addresses an issue that causes login to fail when using a smart card to log in to a Remote Desktop Server. The error is “STATUS_LOGON_FAILURE”.
Addresses an issue that sometimes causes event log entries to appear corrupted for the following:
Microsoft-Windows-Kerberos-Key-Distribution-Center source.
Event IDs 4933, 4928, and 4937.
Addresses an issue that occurs when using encrypted email. If the customer selects Cancel when first prompted for a PIN, multiple PIN prompts appear before the prompt finally goes away.
Addresses an issue that causes a Direct Access connection to fail when the client authentication certificate is stored in the TPM device.
Addresses an issue that causes the system to log negative events for drivers that are valid and should be trusted. The issue occurs when running Windows Defender Application Control (Device Guard) in audit mode.
Addresses an issue that causes a Remote Desktop Session Host server to occasionally stop responding during login.
Addresses an issue that may cause the Local Security Authority Subsystem Service (LSASS) process to stop working when attempting to process a malformed security identifier (SID).
Addresses an issue that causes printing to an open or existing file to fail without displaying an error message. This issue occurs when using Microsoft Print to PDF or XPS Document Writer.
Addresses an issue that may cause a DNS server to return an error to a query when handling a large recursive response that requires truncation.
Addresses an issue that prevents running subsequent actions when you create multiple actions in a task using Task Scheduler and the task is scheduled under the Stop the existing instance rule.
Addresses an issue with a task that has a repetition setting. The task isn't scheduled and doesn't start after disabling and re-enabling the it. The Next Run Time in Task Scheduler shows the correct time, but the task doesn't start at that time.
Addresses an issue with a scheduled task that has an indefinite duration. The task starts immediately after it's created instead of at the time set on the Triggers tab.
Addresses an issue where a daily, repetitive task starts unexpectedly when the task is first created or starts when the task is updated.
Addresses an issue that occurs when a guest Service Host (svchost) stops working in Windows Server 2016. The Hyper-V time synchronization service (vmictimesync) in the guest may stop working, and a time sync issue may occur. The guest would then be vulnerable to time drift because of inaccurate hardware or incorrect Network Time Protocol (NTP) samples.
Addresses an issue that prevents the lastLogonTimestamp attribute of new Active Directory users from updating. This issue occurs when performing LDAP simple binds against a Windows Server 2016 domain controller.
Addresses an Active Directory Certificate Services (AD CS) issue that causes certificate enrollment requests from some enterprise routers to the MSCEP/NDES server to fail. The requests fail with the error "The Network Device Enrollment Service cannot convert encoded portions of the client's http message (or request body for POSTPKIOperation), or the converted message (or request body for POSTPKIOperation) is larger than 64K (%1). %2".
Addresses an Active Directory Domain Services (AD DS) Privileged Access Management issue that may cause a user to retain association with the configured shadow principal beyond the configured Time to Live (TTL). This issue occurs when a DC is promoted while the TTL is valid.
Addresses an issue where a DirSync client never finishes syncing when using a search filter that contains a linked attribute. For example, “memberOf=CN=Group1, OU=Accounts, DC=Contoso,DC=Com”.
Addresses an issue that causes Windows Server Backup to fail when backing up two volumes together in one location on NetApp.
Addresses an issue where Windows Server Backup fails to restore backups for Microsoft Exchange 2016.
Addresses an issue where creating a Client Access Point may take a long time when a firewall blocks access to child domain controllers.
Addresses memory leaks in the Cluster Health Service.
Addresses an issue that may cause an error when you attempt to access an NFS share.
Addresses an issue where opening Explorer view on a SharePoint server site using TMG proxy fails. This issue occurs when the server requires SSL and TLS client certificate authentication and sends trusted CA issuer lists.
Addresses an issue that may cause a system to stop working when you mount an NFS drive using the command line with the option -u -p. This issue occurs if the length of the password is different from the length of the domain name.
Addresses an issue that may cause setup to fail during OEM-OOBE implementation if French or Spanish language setting is selected on the Hyper-V host.
Addresses an issue that displays the report date as "Unknown" in the Remote Desktop License Manager.
Addresses an issue with evaluating the compatibility status of the Windows ecosystem to help ensure application and device compatibility for all updates to Windows.
Addresses an issue in which all Guest Virtual Machines running Unicast dual NIC NLB fail to respond to NLB requests after the Virtual Machines restart.
You'll notice that some of the manual download links don't bring you directly to the updates as they would normally, and instead they bring you to the Update Catalog homepage. You can either search for the KB download, or we'll update this article when Microsoft updates its pages with a proper link.
21 Comments - Add comment