This non-security update includes improvements and fixes that were a part of KB4056895 (released January 8, 2018) and also includes these new quality improvements as a preview of the next Monthly Rollup update:
-
Addresses issue where every smart card logon to a Windows Terminal Server/Remote Desktop Server may result in a handle leak in the certprop service. Token leaks result in session leaks on computers that have installed MS16-111/KB3175024 and superseding fixes.
-
Addresses issue where servers running AppLocker stop working.
-
Addresses issue where an unexpected system restart occurs because of exception code 0xc0000005 (Access Violation) in LSASS.exe, where the faulting module is cryptnet.dll.
-
Addresses issue where, if the Online Certificate Status Protocol (OCSP) renewal date comes after the certificate expiration date, the OCSP-stapled response is used until the renewal date even though the certificate has expired.
-
Addresses multiple symptoms that occur during power transitions including a stop error 0x9F (0000009F) when a device tries to enter sleep mode or restart. USB PnP devices may also be unusable after waking from sleep.
-
Addresses issue where the iSCSI Initiator Properties Devices list doesn't display certain targets.
-
Addresses issue where Event ID 1511 appears when you start a task that is created in Task Scheduler.
-
Addresses issue where a race condition in memory management may lead to Error 0x50 or 0x149 when trimming sparse files.
-
Addresses issue where AD FS incorrectly processed the wct parameter in a ws-federation request as a local time instead of a UTC value. This affects customers that federate AD FS with other third-party identity providers. Authentication failed because incorrect wct values implied bad or old requests.
- Addresses issue where attempts to view the previous versions of a file on a file share fail. This occurs after a disk that hosts file shares goes offline and comes back online.
-
Addresses the following issues with the WinRM service:
- A threading issue that may cause the WinRM service to crash under load. This is a client-side solution, so you must apply it to the affected computers(s) and the computers that communicate with the WinRM service.
- A system performance issue that may cause logon to stop responding with the message, "Please wait for the Remote Desktop Configuration". This was caused by a deadlock in the WinRM service.
-
Addresses issue originally called out in KB4056895 where calling CoInitializeSecurity with the authentication parameter set to RPC_C_AUTHN_LEVEL_NONE resulted in the error STATUS_BAD_IMPERSONATION_LEVEL.
For more information about the resolved security vulnerabilities, see the Security Update Guide.