Windows 10 Redstone 5

Cumulative Updates for Windows 10 1809 17763.1131 (KB4541331) Mars 17, 2020


The highlights of the KB4541331

• Addresses an issue that causes an error when printing to a document share.
• Addresses an issue that prevents the touch keyboard from being displayed during login when the user is prompted for the password.
• Addresses an issue that causes calendar dates to appear on the wrong day of the week in the time and date area of the notification area when you select the Samoa time zone.
• Improves application and device compatibility with Windows updates.

The long list:

• Addresses an issue that causes an error when printing to a document repository.
• Addresses a drawing issue with the Microsoft Foundation Class (MFC) toolbar that occurs when dragging in a multi-monitor environment.
• Addresses an issue in which the touch keyboard does not appear during login when the user is prompted for the password.
• Addresses an issue that causes new child windows to flicker and appear as white squares on server devices that are configured for strong visual contrast.
• Resolves an issue that displays incorrect folder properties in File Explorer when the path is longer than MAX_PATH.
• Addresses an issue that causes calendar dates to appear on the wrong day of the week in the time and date area of the notification area when you select the Samoa time zone.
• Resolves a problem reading logs with the OpenEventLogA () function.
• Addresses an issue that prevents computers that have activated Credential Guard from joining a domain. The error message is “The server clock is not synchronized with the primary domain controller clock”.
• Addresses an issue that can cause a delay of up to two minutes to log in or unlock a session on machines with Hybrid Azure Active Directory join.
• Addresses an issue where authentication fails when using Azure Active Directory and the user's security identifier (SID) has changed.
• Addresses an issue that could result in domain controllers (DC) having a lowercase and a mixed or fully capitalized DNS service entry (SRV) in the _MSDCS.Register the DNS zone. This occurs when DC computer names contain one or more uppercase letters.

Other bugs fixed

• Addresses an issue that causes authentication to fail in an Azure Active Directory environment and no error is displayed.
• Addresses an issue that causes high CPU usage when getting a session object.
• Addresses high latency in Active Directory Federation Services (AD FS) for globally distributed data centers where SQL may be located in a remote data center.
• Improves performance for all token requests made to AD FS, including OAuth, Security Assertion Markup Language (SAML), WS-Federation, and WS-Trust.
• Addresses an issue with high latency when purchasing OAuth tokens when AD FS front-end server and back-end SQL server are in different data centers.
• Restores the constructed attribute in Active Directory and Active Directory Lightweight Directory Services (AD LDS) for msDS subscriber names.
• Addresses an issue to prevent SAML errors and loss of access to third-party applications for users who do not have Multi-Factor Authentication (MFA) enabled.
• Addresses an issue with the compatibility status of the Windows ecosystem to ensure application and device compatibility for all Windows updates.
• Addresses an issue that prevents the Microsoft User Experience Virtualization (UE-V) settings from roaming to activate the signature files that are used for new messages, forwarded messages, and replies.
• Addresses an issue with high CPU usage on AD FS servers that occurs when the backgroundCacheRefreshEnabled feature is enabled.
• Addresses an issue in which the dump administrator group is created with the wrong SAM account type and group type. This makes the dump administrator group unusable when you move the primary domain controller emulator (PDC).
• Addresses an issue that prevents some computers from going into sleep mode under certain circumstances due to Microsoft Defender Advanced Threat Protection (ATP) Automatic Incident Response (IR).
• Addresses an issue that prevents some computers from successfully running Microsoft Defender ATP Threat & Vulnerability Management.
• Improves support for non-ASCII file paths for Microsoft Defender ATP Auto IR.
• Addresses an issue that may cause stop error 0xEF in some scenarios when upgrading to Windows 10 version 1809.
• support.microsoft

Manual download of the KB4541331

Remember this update are optional (non-security - the real gp update). You can either install them manually or you can opt into installing them via Windows Update. If you don't, these fixes will be bundled into next month's Patch Tuesday update.

 

Just updated to this build and imaged everything.

 

New Out-of-band optional Windows 10 update is only available through Microsoft Update Catalog... Microsoft suggests that you only install this update if you are affected by this issue. See "No need to install it if you don't need it".

March 30, 2020—KB4554354 (Win 10 1809 - OS Build 17763.1132)

Highlights

• Updates an issue that might display the wrong internet connection status for certain VPN users or might prevent some applications from connecting to the internet.

Improvements and fixes

This non-security update includes quality improvements. Key changes include:

• Addresses an issue that might display a limited or no internet connection status in the notification area on devices that use a manual or auto-configured proxy, especially with a virtual private network (VPN). Additionally, this issue might prevent some devices from connecting to the internet using applications that use WinHTTP or WinINet.

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

Manual download of the KB4554354

 

Cumulative Updates for Windows 10 1809 17763.1158 (KB4549949) + KB4549947 as SSU | April 14, 2019

Remember the servicing stack update must be installed first.

1) SSU (Servicing Stack Update) April 14, 2020 KB4549947
windows10.0-kb4549947-x64.msu

2) CU (Cumulative Update) 17763.1158 KB4549949
windows10.0-kb4549949-x64.msu

Known issues with KB4549949

• After installing KB4493509, devices that have some Asian language packs installed may receive the error "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND". Workaround: Uninstall and then reinstall any recently added language packs. If that doesn't help, you should try an in- place upgrade

Fixed issues with KB4549949

• Updates to improve security when Windows performs basic operations.
• Updates to improve security when using Microsoft Office products.
• Updates to save and manage files.
• Addresses an issue that prevents certain applications from installing when published with a GPO.
• Security updates for the Microsoft Scripting Engine, the Windows kernel, the Windows application platform and frameworks, the Microsoft graphics component, Windows Media, the Windows shell, the Windows administration, the Windows cloud infrastructure, the Windows basics, the Windows virtualization, the Windows core network, the Windows storage and file systems, the Windows update stack and the Microsoft JET database engine.

As an additional note.... There is No need to jump on latest and greatest flawed for the moment for those of you who run Home/Pro version
Windows 10 1809 end of support now November 2020 and no more new functions deskmodder.com | April 13, 2020

The last security update for this release will be released on November 10, 2020 instead of May 12, 2020. “We are also temporarily interrupting the Microsoft-initiated feature updates for Home and Pro editions that run with version 1809. The restart of the rollout process for Microsoft-initiated feature updates for devices running Windows 10, version 1809 is slowed down dramatically and closely monitored before the delayed end of the term on November 10, 2020, to allow enough time for a smooth update Process."

 

Cumulative Updates for Windows 10 1809 17763.1192 (KB4550969) April 21, 2020

Highlights

• Updates an issue with pasting mixed content of images and text from Microsoft Word into Internet Explorer.
• Updates an issue that causes a text box that contains multiple lines of text to stop responding in certain scenarios.
• Updates an issue that fails to print content that is outside of the margins of a document.

Improvements and fixes

This non-security update includes quality improvements. Key changes include:

• Addresses an issue that occurs when a third-party application loads hidden tabs into Internet Options.
• Addresses an issue with pasting mixed content of images and text from Microsoft Word into Internet Explorer.
• Addresses an issue that causes a box that contains multiple lines of text to stop responding in certain scenarios.
• Addresses an issue that prevents the first key stroke from being recognized correctly in the DataGridView cell.
• Addresses an issue that causes an application that uses msctf.dll to stop working, and the 0xc0000005 (Access violation) exception appears.
• Addresses an issue that prevents the correct lock screen from appearing when all of the following are true:
• The Group Policy Object (GPO) policy "Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Interactive Logon: Do not require Ctrl+Alt+Del Computer" is disabled.
• The GPO policy “Computer Configuration\Administrative Templates\System\Logon\Turn off app notifications on the lock screen” is enabled.
• The registry key HKLM\SOFTWARE\Policies\Microsoft\Windows\System\DisableLogonBackgroundImage is set to 1.
• Addresses a reliability issue in WDF01000.sys.
• Addresses an issue that causes a KERNEL_SECURITY_CHECK_FAILURE (139) stop error when Windows resumes from Sleep and turns on certain Bluetooth headsets.
• Addresses an issue that causes the Event Viewer Microsoft Management Console (MMC) to stop working when the secondary monitor is above the primary monitor. An out of bounds exception appears.
• Addresses an issue that causes an error in logman.exe. The error is, "A user account is required in order to commit the current Data collector Set properties."
• Addresses an issue that prevents users from setting the REG_EXPAND_SZ keys in some automated scenarios.
• Addresses an issue that causes a memory leak in the LsaIso.exe process when the server is under a heavy authentication load and Credential Guard is enabled.
• Addresses an issue that prevents hash signing using the Microsoft Platform Crypto Provider for TPMs from working correctly. This issue might also affect networking software, such as VPN applications.
• Addresses an issue with merging Windows Defender Application Control policies that sometimes generates a duplicate rule ID error and causes the Merge-CIPolicy PowerShell command to fail.
• Addresses an issue that prevents a user’s PIN from being changed after connecting the device to Microsoft Workplace Join.
• Addresses an issue that prevents applications running in an Azure Active Directory environment from receiving account change notifications. This occurs when using the Web Account Manager (WAM) and the WebAccountMonitor API.
• Addresses an issue that fails to print content that is outside of the margins of a document.
• Addresses an issue that prevents Microsoft Internet Information Services (IIS) management tools, such as IIS Manager, from managing an ASP.NET application that has configured SameSite cookie settings in web.config.
• Addresses an issue that causes high CPU usage on Active Directory (AD) domain controllers when migrating to Windows Server 2019. This increases latency in Microsoft Exchange operations, causes Managed Store contention, and severely impacts index creation in Active Directory and the Global Catalog’s performance.
• Addresses an issue that logs incorrect Internet Protocol (IP) addresses in the audit logs because of missing or old data for active requests coming from "windowstransport/usernamemixed/certificatemixed" endpoints.
• Addresses an issue that causes devices that are provisioned for Windows Hello for Business (WHfB) to fail. Registration occasionally fails, which leads to a delay in WHfB enrollment and, in some instances, creates Conflicting Objects (CNF) in the Active Directory “Registered Device” container.
• Addresses an issue that might cause a deadlock in the Remote Desktop Gateway service.
• Addresses an issue that might cause the Remote Desktop Gateway service to stop working.
• Addresses an issue that causes systems to stop working with a 0x3B stop code when running a binary that is signed by a revoked certificate.
• Addresses an issue that prevents the Notification State registries from being deleted for certain apps even after the user profile is deleted.
• Addresses an issue that causes stop error 0x18 (REFERENCE_BY_POINTER) when Remote Desktop sessions redirect devices that are not input devices.
• Addresses an issue that displays a black screen to Windows Virtual Desktop users when they attempt to sign in.

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

CU (Cumulative Update) 17763.1192 - KB4550969

 

Cumulative Updates for Windows 10 1809 17763.1217 (KB4551853) May 12, 2020

CU (Cumulative Update) 17763.1217 - KB4551853

IMPORTANT We have been evaluating the public health situation and understand the impact this is having on many of our customers. To help ease some of the burdens customers are facing, we are going to delay the scheduled end of service date for the Home, Pro, Pro Education, Pro for Workstations, and IoT Core editions of Windows 10, version 1809 to November 10, 2020. This means devices will receive monthly security updates only from May to November. The final security update for these editions of Windows 10, version 1809 will be released on November 10, 2020 instead of May 12, 2020.

Highlights

• Updates to improve security when using Internet Explorer and Microsoft Edge.
• Updates to improve security when using Microsoft Office products.
• Updates to improve security when using input devices such as a mouse, keyboard, or stylus.
• Updates to improve security when using Microsoft Xbox.
• Updates for verifying usernames and passwords.
• Updates to improve security when Windows performs basic operations.
• Updates for storing and managing files.

Improvements and fixes

• Updates the 2020 start date for daylight saving time (DST) in the Kingdom of Morocco.
• Adds Shell Launcher v2 to improve reliability and usability. Shell launcher v2 allows you to specify a Universal Windows Platform (UWP) app as the replacement shell. For more information, see Use Shell Launcher to create a Windows 10 kiosk.
• Addresses an issue that prevents a call to NCryptGetProperty() from returning the correct pbOutput value when pszProperty is set to "Algorithm Group" and you are using a Trusted Platform Module (TPM) 1.2 device.
• Security updates to Internet Explorer, the Microsoft Scripting Engine, Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Input and Composition, Windows Media, Windows Shell, Microsoft Xbox, Microsoft Edge, Windows Fundamentals, Windows Cryptography, Windows Authentication, Windows Kernel, Windows Linux, Windows Update Stack, Windows Core Networking, Internet Information Services, Windows Network Security and Containers, Windows Active Directory, Windows Storage and Filesystems, and the Microsoft JET Database Engine.

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

Net Framework35-472 May 12, 2020
http://download.windowsupdate.com/d..._dd0744e29f54be0c3891bb6339480a845e947050.msu

Net Framework35-48 May 12, 2020
http://download.windowsupdate.com/d..._3fb9f9a7b72e49707c8c49b4febc171411eca05f.msu

 

Any problems with this update? I haven't updated because I was afraid of data deletion bug just like 1909.

 

Haven't seen much reported for 1809. Worse with 1903/1909

More mess from Redmond HQ.

Intel Microcode Updates Windows 10 1909, 1903, 1809 and below (05/20/2020)
good Morning May 20, 2020
[Update May 20, 2020]: It looks like Microsoft has updated all Intel Microcode updates. For Windows 10 1909 it is now displayed as windows10.0-kb4497165- v4. Changes on the support page don't seem to exist yet.

• The downloads are linked in the KB numbers. Pay attention to the date.
• Windows 10 1809: KB4494174
• support.microsoft.com/kb4494174-intel-microcode-updates

 

Thanks for posting that. This updates my 6700K to CC microcode, from C6 that I had before from an old motherboard BIOS update. In fact I tested this CC microcode months ago and it reduces performance by 1-2%, at this post: http://forum.notebookreview.com/thr...atches-and-more.812424/page-132#post-10988701

I let Windows install this KB today, just to see what microcode it would give me, and yes it's the CC microcode. A little strange that they're forcing the new microcode on everyone now when it wasn't the case before. I'll stay with CC for a while, but I'll probably go back to C6...I'm not really using my PC recently for anything demanding so it doesn't matter for now, but I'll probably revert it back to C6 when I start using it again more heavily. I'm curious as to why Windows have now forced this, will be interesting to hear what is said by Microsoft on the topic.

 

CC ucode is okay. You haven't tried D6, right? You should give it a go! You'll notice that tasks now take 300% more time to complete than your 5 yr Intel CPUs with latest Spectre uCode. In my case, 6700HQ BGA (D6 uCode) was slower than pentium 2020M (21 uCode) LGA. I really want to upgrade from 2020M to 3610QM or 3630QM but I haven't had much luck finding them!
I uninstalled D6 and switched to CC/C6 and noticed performance is much better!

 

You never know with Microsoft. And as usual... Nothing you'll need.

KB 4497165: Another Intel microcode update, another round of AMD stupidity
Posted on May 20th, 2020 at 07:44 woody

These Intel microcode updates, in case you missed the original sturm und drang, are a never-ending series of stopgap changes designed to minimize (but not eliminate) the threat of Meltdown and Spectre infections. While those of you in charge of banks, brokerage houses, and RSA encryption crackers should be concerned about the threat, normal Windows users needn’t worry. In spite of all the press and hoopla, there’s never been a garden-variety Meltdown or Spectre exploit that targets “normal” users.

---------------------------------------------------------------------


https://www.bleepingcomputer.com/ne...crocodes-released-in-forced-kb4497165-update/


I'm quite sure Microsoft with this surprising MC patch only "test the water" before they throw out Win 10 May 2020 update. They use the older Win 10 versions as guinea pig!

 

I feel this is good move since linux mandates both amd and intel microcode to be installed. Even I thought why? But kernel developer said its for best security and people who simply swap hardware and not reinstall OS this method will ensure they're protected.
I don't think you get WHEA errors just by applying uCode after OS boot.
Some 8xxxU gets wrecked by Intel uCode and linux microcode update few days ago, downgrades faulty uCodes back to older uCodes.

 

Ha, amazing! Well I'll go back to C6 if I start using my PC heavily again...that's 1-2% faster than CC.

 

@Mr. Fox

I just noticed this section and turned all this security stuff off. What do you think?

 

Disable everything. Yo still use 3rd part AV software. And I expect you don’t click on everything regarding email/websites. Users computing behavior is still the best security.

 

Yes I use NOD32 and I have an adblocker, that's all I need for security

 

Then you answered your own question

 

wrong place to post this here, Papusan!
KB4497165 is applicable to 1903 & 1909 and NOT to 1809

 

What I meant to say (for Robbo).... The random MC code update from M$ was for the whole range of Win 10 OS's. This was my main message.

The post wasnt meant as a heads up, and not as Cumulative patch update here.

.........................................................................................................................

Cumulative Updates for Windows 10 1809 17763.1282 (KB4561608) + KB4562562 as SSU | June 9, 2020

Remember the servicing stack update must be installed first.

1) SSU (Servicing Stack Update) June 9, 2020 KB4562562

2) CU (Cumulative Update) June 9, 2020 17763.1282 KB4561608


Security Update for Adobe Flash Player: June 9, 2020

Download link KB4561600

 

Is it safe to apply? I skipped last month's update!

 

Give it a couple of days. I can't see problems with it. But the patch for the newer Windows 10 version 2004 and 1909 are breaking down printers.
https://www.windowslatest.com/2020/06/12/windows-10-kb4557957-kb4560960-issues/

 

Will do!

 

Out-of-band updates (todays standard) released to fix printing issues

Cumulative Updates for Windows 10 1809 17763.1294 (KB4567513) | June 16, 2020

Highlights

• Updates an issue that might prevent certain printers from printing, generate print errors, or cause apps and print spoolers to close unexpectedly.

Improvements and fixes

This non-security update includes quality improvements. Key changes include:

• Addresses an issue that might prevent certain printers from printing. The print spooler might generate an error or close unexpectedly when attempting to print, and no output will come from the affected printer. You might also encounter issues with the apps you are attempting to print from, such as receiving an error, or the app might close unexpectedly. This issue might also affect software-based printers, such as when printing to PDF.

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

CU (Cumulative Update) June 6, 2020 17763.1294 - KB4567513

 

I installed the older update and cancelled mid-way when I saw SW based printing to PDF was broken too! Will try out this weekend. Its 2 months since I'm holding out my PCs from updating.

 

Installed the update, re-printed my docs to PDF and it was rendering and printing correctly!

 

Windows is trying to force an upgrade to 1909 but i ain't moving from 1809, i had to stop it by stopping the windows update services. Is there a way to disable this permanently until i decide to upgrade? Apparently Windows doesn't give a **** if i'm on a metered connection...

 

I use wub to disable permanently and I'm using WinToolkit's MSU to CAB converter to install cab files directly w/o enabling windows update services. So no more forced updated and you can manually update the PC on your time and place!

 

Does it block also Windows store apps from updating? and is it a "set and forget"? In that case it would be the perfect tool for me

 

Even MS Office 365 or Click to Run won't update. Literally, windows updates say app updates, drivers/firmware etc won't work and you're in control of everything.
you can use SledgeHammer portable zip file from Majorgeeks. https://www.majorgeeks.com/files/details/wumt_wrapper_script.html

 

hmm i'm only interested in having the basic store apps updated, nothing else from OS. I guess that's not possible since everything is tied nowdays?

 

You should be able to download apps from M$ crap Store without being forced on Win 10 1903/1909. But 1809 is soon EOL. Not sure that you can download updated apps from Store after that timeline.

I prefer lock everything out.... Check the tools http://forum.notebookreview.com/thr...-win-update-bios.831450/page-24#post-11015859

http://forum.notebookreview.com/threads/the-throttlestop-guide.531329/page-1087#post-10980641

 

Thank you, only reason i need them updated is because i actually have some apps that i got to use otherwise they'd be in the recycle bin already.

 

The Store apps cannot be installed or updated if the Windows Update service is not running.

 

Thanks, i found a workaround by just disabling the blocker whenever i need to update them. Still better than being forced to upgrade to a buggy OS release, lol.

 

I was using my laptop yesterday, converting a bunch of music files and I get a notification along the lines of "your HD is nearly full. Since storage sense is off we'll turn it on for you." Gee, thanks Microsoft, I have it turned off for a reason. So I figured I'd go into the GPE and kill storage sense there too, but I don't even have a policy for it. I have storage health, but no sense.
What am I missing here?

 

hi, i post this trick here : http://forum.notebookreview.com/thr...es-index-post-1.779394/page-116#post-11030745

 

July 14, 2020—KB4558998 (OS Build 17763.1339)
http://forum.notebookreview.com/thr...nd-announcements.826887/page-60#post-11032731

 

Has anyone installed the Preview update? Why would MSFT release Preview update for 1809?

 

Because they do it for all versions. The newest on the gp list is Win 10 2004. Released today http://forum.notebookreview.com/threads/windows-10-2004-20h1-20h2.830339/page-29#post-11036762

 

i have, haven't got any issue so far

 

Installed it yesterday and have not seen any issue.

 

the "preview" update is basically the optional non-security update released either on the 3rd or 4th Tuesday, just like in the past

 

August 11, 2020—KB4565349 (OS Build 17763.1397) + KB4566424 as SSU | Aug 11, 2020

Highlights

• Updates to improve security when using Internet Explorer and Microsoft Edge Legacy.
• Updates to improve security when Windows performs basic operations.
• Updates to improve security when using input devices (such as a mouse, keyboard, or pen).
• Updates for verifying usernames and passwords.
• Updates for storing and managing files.

Improvements and fixes

This security update includes quality improvements. Key changes include:

• Addresses an issue in Universal Windows Platform (UWP) apps that allows single sign-on authentication when an app does not have the Enterprise Authentication capability. With the release of CVE-2020-1509, UWP applications might begin prompting the user for credentials.
• Provides the ability for a Windows Embedded Compact 2013 OS instance and applications to operate on top of Windows 10 IoT Core using Windows CE App Container.
• Security updates the Microsoft Scripting Engine, Internet Explorer, Windows Graphics, Windows Input and Composition, Windows Media, Windows Shell, the Windows Wallet Service, Microsoft Edge Legacy, Windows Cloud Infrastructure, Windows Authentication, the Windows AI Platform, Windows Fundamentals, Windows Kernel, Windows Storage and Filesystems, Windows Update Stack, Windows File Server and Clustering, Windows Hybrid Storage Services, Windows App Platform and Frameworks, the Microsoft JET Database Engine, and Windows Remote Desktop.

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.


Remember the servicing stack update must be installed first.

1) SSU (Servicing Stack Update) KB4566424 as SSU | Aug 11, 2020

2) CU (Cumulative Update) 17763.1397 KB4565349 | Aug 11, 2020


August 11, 2020-KB4569750 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1809 and Windows Server 2019

Direct download link.
http://download.windowsupdate.com/c..._fb879f26b463abeea05426b15bbaba635b4ab79d.msu

 

Highlights seems to be same since June 2020. I'll update after 2-3 weeks.

 

Did you update Windows on LTSC?

 

August 20, 2020—KB4571748 (OS Build 17763.1432) Preview

New disgusting long list with improvements and fixes. 1809 is soon 2 years old and still flooded with bugs.

Highlights

• Updates time zone information for the Yukon, Canada.
• Updates an intermittent issue that causes a touchscreen to stop working after several sleep and wake cycles.
• Updates an issue that causes the Settings page to close unexpectedly, which prevents default applications from being set up properly.
• Updates an issue that causes applications to take a long time to open.
• Updates an issue that prevents you from unlocking a device if you typed a space before the username when you first signed in to the device.

Improvements and fixes

This non-security update includes quality improvements. Key changes include:

• Provides the ability to sync the Microsoft Edge IE Mode unidirectional session cookie when an administrator configures the session cookie.
• Addresses an issue that displays a black screen to Windows Virtual Desktop (WVD) users when they attempt to sign in.
• Addresses an issue that, in certain scenarios, causes the GetConsoleWindow function to return an unusable value within a process that started with a CREATE_NO_WINDOW flag.
• Updates time zone information for the Yukon, Canada.
• Addresses an issue with Dynamic Data Exchange (DDE) that causes a memory leak when multiple clients connect to the same server.
• Addresses an intermittent issue that causes a touchscreen to stop working after several sleep and wake cycles.
• Addresses an issue that causes new child windows to flicker and appear as white squares on server devices that are configured for stark visual contrast.
• Addresses an issue with File Explorer’s preview of .msg files when Microsoft Outlook 64-bit is installed.
• Addresses an issue that causes all open Universal Windows Platform (UWP) apps to close unexpectedly. This occurs when their installer calls the Restart Manager to restart File Explorer (explorer.exe).
• Addresses an issue that causes the Settings page to close unexpectedly, which prevents default applications from being set up properly.
• Addresses an issue that causes user profile folder names to get excessively long, which might lead to MAX_PATH issues.
• Addresses an issue with unexpected notifications related to changing default applications settings.
• Addresses an issue that creates random line breaks in PowerShell’s console error output when the output is redirected.
• Addresses an issue that prevents a delegated user from importing a Group Policy object (GPO) even though the user has the required privilege.
• Addresses an issue with Windows Management Instrumentation (WMI) queries that contain case insensitive names that affect the Patch Management solution for a customer.
• Addresses an issue with object performance counters.
• Addresses an issue that causes an error if you open Microsoft OneDrive files on demand when User Experience Virtualization (UE-V) is enabled. To apply this solution, set the following DWORD to 1: “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\UEV\Agent\Configuration\ApplyExplorerCompatFix”
• Addresses an issue that causes applications to take a long time to open.
• Addresses an issue that sometimes prevents AppLocker from running an application whose publisher rule allows it to run.
• Addresses an issue in which AppLocker publisher rules might sometimes prevent applications from loading software modules; this can cause partial application failure.
• Addresses an issue that causes the CryptCATAdminCalcHashFromFileHandle() function to leak memory when it’s called. That memory is not reclaimed until the calling application closes.
• Addresses an issue that might prevent the cluster service from starting and generates the error “2245 (NERR_PasswordTooShort)”. This occurs if you configure the “Minimum Password Length” Group Policy with more than 14 characters. For more information, see KB4557232.
• Addresses an issue that causes the configuration of the “Minimum Password Length” Group Policy with more than 14 characters to have no effect. For more information, see KB4557232.
• Addresses an issue that causes a system to stop working and generates a 7E stop code.
• Addresses an issue that prevents you from unlocking a device if you typed a space before the username when you first signed in to the device.
• Addresses classification failures caused by the wrong User Principal Name (UPN).
• Addresses an issue that causes a stop error on a Hyper-V host when a virtual machine (VM) issues a specific Small Computer Systems Interface (SCSI) command.
• Addresses an issue that might display Processor Frequency as zero (0) for certain processors.
• Addresses an issue with a sleep system call on Glibc-2.31 or later that’s running on a Windows Subsystem for Linux 1 (WSL 1) distribution.
• Addresses an issue that causes delays during shutdown when running the Microsoft Keyboard Filter Service.
• Addresses a transient network disconnection issue that may happen when you enable packet capturing using "netsh start trace capture=yes". This issue might also occur when you install third-party Network Driver Interface Specification (NDIS) filter drivers.
• Addresses an issue in Software Load Balancing scenarios that prevents a connection from being responsive to TCP resets.
• Introduces support for Direct Server Return (DSR) configuration for container load balancers that are created by the Host Networking Service (HNS).
• Adds new functionality to the robocopy command.
• Addresses an issue that fails to log events 4732 and 4733 for Domain-Local group membership changes in certain scenarios. This occurs when you use the “Permissive Modify” control; for example, the Active Directory (AD) PowerShell modules use this control.
• Addresses a Security Assertion Markup Language (SAML) Scoping support issue in the Active Directory Federation Service (AD FS) that is related to entityID and IDPList. For more information, see section 3.4.1.2 of the SAML Core specification.
• Addresses an issue that logs incorrect IPs in the audit logs for Windows Transport requests because of missing or outdated data.
• Addresses an issue that prevents Account activity cmdlets from executing when you specify an identity that is not in a UPN format.
• Addresses an issue with Server Message Block (SMB). This issue incorrectly logs the Microsoft-Windows-SMBClient 31013 event in the Microsoft-Windows-SMBClient/Security event log of an SMB client when an SMB server returns STATUS_USER_SESSION_DELETED. This issue occurs when SMB client users or applications open multiple SMB sessions using the same set of Transmission Control Protocol (TCP) connections on the same SMB Server. This issue most likely occurs on Remote Desktop Servers.
• Addresses an issue with the CsvFs driver that prevents the Win32 API from accessing SQL Server Filestream data. This occurs when you store that data on a Cluster Shared Volume in a SQL Server failover cluster instance on Azure VMs.
• Addresses an issue with the Remote Desktop Session Host (RDSH) that fails to open the Start menu for mandatory profile users.
• Addresses an issue that might cause a stop error (0xC00002E3) at startup. This issue occurs after installing certain Windows Updates that were released on or after April 21, 2020.
• Addresses a runtime error that causes Visual Basic 6.0 (VB6) to stop working when duplicate windows messages are sent to WindowProc().

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

Direct download link.
CU (Cumulative Update) 17763.1432 KB4571748 | Aug 20, 2020


August 20, 2020-KB4571462 Cumulative Update Preview for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809 and Windows Server 2019

Dotnetfx35-48 Preview
http://download.windowsupdate.com/c..._15105280634248306c4ec60bd7269a94e2c66e62.msu

Dotnetfx35-472 Preview
http://download.windowsupdate.com/c..._330e9452537bec8a07458bfc5476fdf62bba6264.msu

 

Windows 10: (Intel Microcode-) Updates (August 31 / Sept. 1, 2020)
Posted on September 2, 2020 by Günter Born

Microsoft has released August 31 and September 1, 2020 one more swing to microcode updates for Windows 10 version 1803-2004 (but are probably old updates). Here is some information about these updates.... KB4494174: Intel microcode updates
Applies to: Windows Server version 1809Windows 10, version 1809, all editions

• KB4494174 “V4” for 1809 on MS Update Catalog

 

Sept 8, 2020—KB4570333 (OS Build 17763.1457) + KB4570332 as SSU

Highlights

• Updates to improve security when using Microsoft Office products.
• Updates to improve security when using input devices such as a mouse, keyboard, or pen.
• Updates to improve security when Windows performs basic operations.
• Updates for storing and managing files.

Improvements and fixes

This security update includes quality improvements. Key changes include:

• Addresses a security vulnerability issue with user proxies and HTTP-based intranet servers. After installing this update, HTTP-based intranet servers cannot leverage a user proxy by default to detect updates. Scans using these servers will fail if the clients do not have a configured system proxy. If you must leverage a user proxy, you must configure the behavior using the Windows Update policy “Allow user proxy to be used as a fallback if detection using system proxy fails.” This change does not affect customers who secure their Windows Server Update Services (WSUS) servers with the Transport Layer Security (TLS) or Secure Sockets Layer (SSL) protocols. For more information, see Ensuring clients stay secure, changes to scans against Windows Server Update Service (WSUS) servers.
• Security updates to Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Input and Composition, Windows Media, Windows Shell, Windows Cloud Infrastructure, Windows Fundamentals, Windows Management, Windows Kernel, Windows Virtualization, Windows Storage and Filesystems, the Microsoft Scripting Engine, and the Microsoft JET Database Engine.

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

Remember the servicing stack update must be installed first.

1) SSU (Servicing Stack Update) KB4570332 as SSU | Sept 8, 2020
2) CU (Cumulative Update) KB4570333 | Sept 8, 2020


September 8, 2020-KB4576483 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1809 and Windows Server 2019

Direct Download link.
http://download.windowsupdate.com/d..._c9221807b795c7c804afcc7555e77a93c779b70f.msu

September 8, 2020-KB4570720 Cumulative Update Preview for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809 and Windows Server 2019

Direct Download link.
http://download.windowsupdate.com/c..._330e9452537bec8a07458bfc5476fdf62bba6264.msu

 

September 16, 2020—KB4577069 (OS Build 17763.1490) Preview

Highlights

• Adds a notification to Internet Explorer 11 that informs users about the end of support for Adobe Flash in December 2020. For more information, see KB4581051.
• Updates an issue to reduce the likelihood of missing fonts.
• Updates an issue that causes applications to close unexpectedly when a user inputs East Asian characters after changing the keyboard layout.
• Updates an issue that causes Microsoft Office applications to close unexpectedly when using a Korean Input Method Editor (IME).

Improvements and fixes

This non-security update includes quality improvements. Key changes include:

• Adds a notification to Internet Explorer 11 that informs users about the end of support for Adobe Flash in December 2020. For more information, see KB4581051.
• Addresses an issue with using Group Policy Preferences to configure the homepage in Internet Explorer.
• Addresses an issue with Microsoft Edge IE Mode that occurs when you enable Configure enhanced hang detection for Internet Explorer mode in Microsoft Edge.
• Addresses an issue that might generate the error ”0x80704006. Hmmmm…can’t reach this page” when using Microsoft Edge Legacy. This issue occurs when you attempt to reach websites on non-standard ports. Any website that uses a port listed in the Fetch Standard specification under bad ports or port blocking might cause this issue.
• Addresses an issue that displays nothing on the screen for 5 minutes or more during the Remote Desktop Protocol (RDP) session.
• Addresses an issue that, in certain scenarios, causes applications to stop working if they are created using Visual Basic for Applications (VBA). The error is, “Class not registered” error.
• Addresses an issue that might display an empty black screen when a device is connecting to a Windows Virtual Desktop (WVD) machine.
• Addresses an issue that causes Cortana to stop working on multiuser devices when you install, uninstall, and reinstall the same update.
• Addresses an issue that causes a stop error when the initialization of the graphics adapter fails.
• Addresses an issue to reduce the likelihood of missing fonts.
• Addresses an issue that displays a black screen momentarily when an application calls the Desktop Window Manager (DWM) Thumbnail API.
• Addresses an issue that fails to recognize the first East Asian language character typed into a Microsoft Foundation Class Library (MFC) DataGrid.
• Addresses an issue that causes File Explorer to close unexpectedly when you use a Ribbon shell extension under specific circumstances.
• Addresses an issue that generates a "No features to install" message when you add a feature, even if you provide administrative credentials.
• Provides the ability to set a Group Policy that displays only the domain and username when you sign in.
• Addresses an issue that affects default application associations during certain upgrade scenarios. This might cause numerous toast notifications to appear when you first sign in after the upgrade.
• Addresses an issue that causes applications to close unexpectedly when a user inputs East Asian characters after changing the keyboard layout.
• Updates 2021 time zone information for Fiji.
• Addresses an issue that affects the Microsoft’s System Centre Operations Manager’s (SCOM) ability to monitor a customer's workload.
• Addresses a performance issue that occurs when PowerShell reads the registry to check if the ScriptBlockLogging registry key is in the registry.
• Addresses an issue with creating HTML reports using tracerpt.
• Addresses an issue that causes an access violation in lsass.exe when a process is started using the runas command in some circumstances.
• Addresses an issue that prevents the content under HKLM\Software\Cryptography from being carried over during Windows feature updates.
• Addresses an issue that prevents you from enabling BitLocker after installing the Server Core App Compatibility Feature on Demand (FOD).
• Addresses an issue that might create duplicate Foreign Security Principal directory objects for Authenticated and Interactive users in the domain partition. As a result, the original directory objects have “CNF” added to their names and are mangled. This issue occurs when you promote a new domain controller using the CriticalReplicationOnly flag.
• Addresses an issue that prevents a call to NCryptGetProperty() from returning the correct pbOutput value when pszProperty is set to "Algorithm Group" and you are using a Trusted Platform Module (TPM) 1.2 device.
• Addresses an issue in which Windows Defender Application Control enforces package family name rules that should be audit only.
• Addresses an issue in which the WinHTTP AutoProxy service does not comply with the value set for the maximum Time To Live (TTL) on the Proxy Auto-Configuration (PAC) file. This prevents the cached file from updating dynamically.
• Addresses an issue that might redirect Software Load Balancing (SLB) traffic to a different host when that traffic goes through a multiplexer. This causes the connection to an application to fail.
• Adds new functionality to the robocopy command.
• Adds Secure Sockets Layer (SSL) certificate authentication over HTTP/2.
• Addresses an issue that prevents Always On VPN (AOVPN) from automatically reconnecting when resuming from Sleep or Hibernate.
• Addresses an issue that causes Microsoft Office applications to close unexpectedly when using a Korean Input Method Editor (IME).
• Adds an Azure Active Directory (AAD) Device Token that is sent to Windows Update (WU) as part of each WU scan. WU can use this token to query for membership in groups that have an AAD Device ID.
• Addresses an issue that fails to log events 5136 for group membership changes in certain scenarios. This occurs when you use the “Permissive Modify” control; for example, the Active Directory (AD) PowerShell modules use this control.
• Addresses an issue that causes a deadlock when Offline Files are enabled. As a result, CscEnpDereferenceEntryInternal holds parent and child locks.
• Addresses an issue that causes deduplication jobs to fail with stop error 0x50 when you call HsmpRecallFreeCachedExtents().
• Removes the HTTP call to www.microsoft.com that the Remote Desktop Client (mstsc.exe) makes at sign out when using a Remote Desktop Gateway.
• Addresses an issue with evaluating the compatibility status of the Windows ecosystem to help ensure application and device compatibility for all updates to Windows.
• Addresses an issue with setting the “Restrict delegation of credentials to remote servers” Group Policy with the “Restrict Credential Delegation” mode on the RDP client. As a result, the Terminal Server service tries to use “Require Remote Credential Guard” mode first and will only use “Require Restricted Admin” if the server does not support “Require Remote Credential Guard".

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device

Direct Download link.
CU (Cumulative Update) KB4577069 | Sept 16, 2020


September 16, 2020-KB4576949 Cumulative Update Preview for .NET Framework 3.5 and 4.7.2 for Windows 10, version 1809 and Windows Server, version 2019

Direct Download link.
http://download.windowsupdate.com/d..._de60691bbce34b4ead9eb4bbbe3d3ba8f437ae90.msu


September 16, 2020-KB4576946 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 10, version 1809 and Windows Server, version 2019

Direct Download link.
http://download.windowsupdate.com/d..._8d287058f0959697ecfc599a9fb54a37a538dc05.msu