This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:
- Addressed issue where, after installing KB3164035, users cannot print enhanced metafiles (EMF) or documents containing bitmaps rendered out of bounds using the BitMapSection(DIBSection) function.
- Addressed issue where users may fail to access the Internet using a non-Microsoft proxy device after enabling Credential guard. The failure happens when NTLMv2 is used and the server does not send target information (TargetNameFields is 0) inside the NTLM CHALLENGE MESSAGE.
- Addressed issue where some Windows clients with Windows Information Protection (WIP) enabled cannot access their secured documents, such as protected documents or mail files. This may occur when the client connects to the enterprise network both directly and remotely (such as with a VPN connection).
- Addressed issue where Internet Explorer crashes when the Microsoft Active Accessibility application is running in the background.
- Addressed issue where adding a <select> element to the body of a JavaScript application crashes the application when users click the select box.
-
Addressed an issue where certutil.exe could no longer generate an EPF file when attempting to recover a key for a version 1 style certificate.
-
Addressed an issue where the network interface description name of a network adapter is not updated in Hyper-V after a device driver update. Management of a NIC Team or vSwitch within Hyper-V Administrator or System Center Virtual Machine Manager may be affected.
-
Addressed issue where the Privacy Separator feature of a Wireless Access Point does not block communication between wireless devices on local subnets.
- Addressed issue that was causing devices to crash when hot plugging USB 3.0 Network Adapters
- Addressed an issue where users on Windows 7 SP1 clients connecting to a Windows Server 2016 based domain controller cannot run applications such as Internet Explorer for a period of approximately 10 minutes after logging on. This issue occurs after upgrading the enterprise domain controllers to Windows Server 2016.
- Addressed an issue where Cluster health service fails to report fault event to MAS HM component.
- Addressed an issue that was not allowing users to customize the Application list in their Start menu using the Remove All Programs list from the Start menu setting.
- Updated iDNA table to support resolving latest Unicode emoji characters from Punycode.
- Addressed issue where after installing KB4019472, the end-user-defined characters (EUDCs) is not displayed.
- Addressed additional issues with updated time zone information, storage file system, Windows Update logs, USB, Start menu and taskbar and Windows Shell.
- Security updates to Microsoft Uniscribe, Windows kernel, Windows kernel-mode drivers, Microsoft Graphics Component, Internet Explorer, Windows Shell, Microsoft Windows PDF, Device Guard and Microsoft Edge. For more information about the security vulnerabilities resolved, please refer to the Security Update Guide.