January 23, 2020—KB4534308 (OS Build 17134.1276)

View products that this article applies to.

Release Date:

Jan 23, 2020

Version:

OS Build 17134.1276

Windows 10, version 1803 (the April 2018 Update) Home and Pro editions have reached end of service. For Windows 10 devices that are at, or within several months of reaching end of service, Windows Update will automatically initiate a feature update (with users having the ability to choose a convenient time). This keeps those devices supported and receiving the monthly updates that are critical to device security and ecosystem health.

↑ Back to the top

Highlights

Updates an issue that might prevent a user’s settings from syncing across devices.

↑ Back to the top

Improvements and fixes

This non-security update includes quality improvements. Key changes include:

Addresses an issue with using Web Account Manager to sign in to Office Apps.
Addresses an issue with download notifications that have multiple short-duration tabs and redirects.
Addresses an issue with a memory leak in ctfmon.exe that occurs when you refresh an application that has an editable box.
Addresses an issue with the Windows Out of Box Experience (OOBE) phase of setup for a new device. When you use the Input Method Editor (IME) for Chinese, Japanese, or Korean languages, you might not be able to create a local user account.
Addresses an issue with the multifactor unlock policy of Windows Hello for Business, which fails to show the default option to sign in on Windows 10 devices.
Addresses an issue that prevents computer objects from being added to local groups using the Group Policy Preference “Local Users and Groups”. The Group Policy Editor returns the error message, “The object selected does not match the type of destination source. Select again.”
Addresses an issue that prevents Internet Explorer from opening when Microsoft User Experience Virtualization (UE-V) is being used to roam many favorites.
Improves the reliability of the UE-V AppMonitor.
Addresses an issue that might prevent a user’s settings from syncing across devices.
Addresses an issue that might cause high CPU consumption in Microsoft Defender Advanced Threat Protection when using Microsoft Teams.
Addresses an issue that causes the Local Security Authority Subsystem Service (LSASS) process to stop working when you sign in using an updated user principal name (UPN) (for example, changing UserN@contoso.com to User.Name@contoso.com). The error code is, “0xc0000005 (STATUS_ACCESS_VIOLATION).”
Addresses an issue that causes a connection secured by IP security (IPSec) Internet Key Exchange Version 1 (IKEv1) to consume multiple, short-lived security associations (SA) instead of utilizing one until it expires.
Addresses an issue with AppContainer firewall rules that leak when guest users or mandatory user profile users sign in and sign out from Windows Server.
Addresses an issue that uses an incorrect number of bytes to perform backups across partitions; this causes backups to fail even when there is adequate space.
Addresses an issue with evaluating the compatibility status of the Windows ecosystem to help ensure application and device compatibility for all updates to Windows.
Addresses an issue in which netdom.exe fails to correctly identify trust relationships when an unconstrained delegation is explicitly enabled by adding bitmask 0x800 to the trust object. The bitmask setting is required because of security changes to the default behavior of unconstrained delegations in Windows updates released on or after July 8, 2019. For more information, see KB4490425 and 6.1.6.7.9 trustAttributes.
Addresses an issue that might cause the Application Virtualization (App-V) Streaming Driver (appvstr.sys) to leak memory when you enable Shared Content Store (SCS) mode.
Addresses an issue that corrupts a log file when a storage volume is full and data is still being written to the Extensible Storage Engine Technology (ESENT) database.

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

↑ Back to the top

Known issues in this update

Symptom

Workaround

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

Do one of the following:

Perform the operation from a process that has administrator privilege.
Perform the operation from a node that doesn’t have CSV ownership.

Microsoft is working on a resolution and will provide an update in an upcoming release.

↑ Back to the top

How to get this update

Before installing this update

Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU. For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.

If you are using Windows Update, the latest SSU (KB4523203) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the Microsoft Update Catalog.

Install this update

Release Channel	Available	Next Step
Windows Update or Microsoft Update	Yes	Go to Settings > Update & Security > Windows Update. In the Optional updates available area, you’ll find the link to download and install the update.
Microsoft Update Catalog	Yes	To get the standalone package for this update, go to the Microsoft Update Catalog website.
Windows Server Update Services (WSUS)	No	You can import this update into WSUS manually. See the Microsoft Update Catalog for instructions.