Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

July 24, 2018—KB4338822 (OS Build 14393.2395)


View products that this article applies to.

↑ Back to the top


Improvements and fixes

This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

  • Addresses additional issues with updated time zone information.
  • Addresses an issue in which some characters were not rendered correctly using the Meiryo font in vertical writing mode.
  • Addresses an issue that makes Microsoft Outlook unresponsive during remote sessions if the system stays locked after the removal of a smart card.
  • Addresses a reliability issue when restarting some devices with USB Type-C support.
  • Addresses an issue in which the memory usage of LSASS continues to grow until it is necessary to restart the system.
  • Addresses an issue that may cause dual-signed files to report a failure when they should report success. This occurs when running Windows Defender Application Control in audit mode.
  • Addresses an issue that prevents printing on a 64-bit OS when 32-bit applications impersonate other users (typically by calling LogonUser). This issue occurs after installing monthly updates starting with KB4034681, released in August 2017. To resolve the issue for the affected applications, install this update, and then do one of the following:
  • Use Microsoft Application Compatibility Toolkit to globally enable the Splwow64Compat App Compat Shim.
  • Use the following registry setting, and then restart the 32-bit application: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Print Setting: Splwow64Compat

Type: DWORD

Value1: 1

  • Addresses an issue that causes massive pool commit failures (Event ID 2019 and Event ID 2020 in the System Event log from Event Source Srv). This issue occurs when using dedupe and backup on large scale file servers (40 TB+).
  • Addresses an issue with DNS Response Rate Limiting that causes a memory leak when enabled with LogOnly mode. 15874519
  • Addresses an issue that may cause the expansion process of VM disks that are running with RCT enabled to stop responding and never complete. VMs disks that are not expanded still migrate. However, cancelling the expansion would cause the host to become unmanageable as follows:
    • Can’t migrate VMs.
    • Can’t expand other disks.
    • VMs will be trapped in a stopping or starting state if you try to shut down or start them after the disk expansion has become unresponsive.
  • Addresses an issue in which the user may not be able to expand the VHD beyond its original size after shrinking it. You may receive the error, “STATUS_INTERNAL_ERROR.” You would then have to stop the VM to be able to expand the disk beyond its original size.
  • Addresses an issue that causes the VM to turn off instead of restarting with or without SLP enabled. This occurs when changing the Smart paging file location for a VM to another drive and then pointing it to an empty folder.
  • Addresses an issue in which starting VMs on a host in a Windows Server 2016 Hyper-V cluster may cause another host to receive a Hyper-V host error (0x7E) in vhdmp.sys.
  • Addresses a WAP issue related to inactive connections that never end. This leads to system resource leaks (e.g., a memory leak) and to a WAP service that is no longer responsive.
  • Addresses an AD FS issue that prevents users from selecting a different login option. This occurs when users choose to log in using Certificate Based Authentication, but it has not been configured. This also occurs if users select Certificate Based Authentication and then try to select another login option. If this happens, users will be redirected to the Certificate Based Authentication page until they close the browser.
  • Addresses an issue in which LDAP Modify requests for group membership change. The LDAP_SERVER_PERMISSIVE_MODIFY_OID operator is used, and the membership modification operation is already true (member is already removed or already present). As a result, the SUCCESS status is returned and audit events 4728 and 4729 appear, which indicates that the operation was completed.
  • Addresses an issue in AD FS that shows a duplicate Relying Party trust in the AD FS management console when creating or viewing Relying Party Trusts from the console.
  • Addresses an issue in ADFS that causes Windows Hello for Business to fail. The issue occurs when there are two claim providers. PIN registration will fail with, "400 Internal Server Error: Unable to obtain device identifier."
  • Addresses an issue that causes the Work Folders (SyncShareSvcs) service to get into a circular deadlock condition. The service stops responding to Work Folders operations and starts leaking memory until the system becomes unresponsive.
  • Addresses an issue in which not all network printers are connected after a user logs on. The HKEY_USERS\User\Printers\Connections Key shows the correct network printers for the affected user. However, the list of network printers from this registry key is not populated in any app, including Microsoft Notepad or Devices and Printers. Printers may disappear or become non-functional.

  • Addresses an issue that can cause servers that are configured with Distributed Fair-Shared Scheduling (DFSS) to stop responding or stop working. This occurs because of an issue in the group scheduling logic that may occur when DFSS is used.

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

For more information about the resolved security vulnerabilities, please refer to the Security Update Guide.

↑ Back to the top


Known issues in this update

Symptom Workaround

After you install any of the July 2018 .NET Framework Security Updates, a COM component fails to load because of “access denied,” “class not registered,” or “internal failure occurred for unknown reasons” errors. The most common failure signature is the following:

Exception type: System.UnauthorizedAccessException

Message: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

This issue is resolved in KB4346877.

↑ Back to the top


How to get this update

To download and install this update, go to Settings > Update & Security > Windows Update and select Check for updates.

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Prerequisite: The servicing stack update (SSU) (KB4132216) must be installed before installing the latest cumulative update (LCU) (KB4338822). The LCU will not be reported as applicable until the SSU is installed.

File information

For a list of the files that are provided in this update, download the file information for cumulative update 4338822

↑ Back to the top


Keywords: windows 10 version 1607, windows server 2016

↑ Back to the top

Article Info
Article ID : 4338822
Revision : 30
Created on : 3/12/2019
Published on : 3/12/2019
Exists online : False
Views : 612

Minor Releases