This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:
- Addresses additional issues with updated time zone information.
- Addresses an issue in which some characters were not rendered correctly using the Meiryo font in vertical writing mode.
- Addresses an issue that makes Microsoft Outlook unresponsive during remote sessions if the system stays locked after the removal of a smart card.
- Addresses a reliability issue when restarting some devices with USB Type-C support.
- Addresses an issue in which the memory usage of LSASS continues to grow until it is necessary to restart the system.
- Addresses an issue that may cause dual-signed files to report a failure when they should report success. This occurs when running Windows Defender Application Control in audit mode.
- Addresses an issue that prevents printing on a 64-bit OS when 32-bit applications impersonate other users (typically by calling LogonUser). This issue occurs after installing monthly updates starting with KB4034681, released in August 2017. To resolve the issue for the affected applications, install this update, and then do one of the following:
- Use Microsoft Application Compatibility Toolkit to globally enable the Splwow64Compat App Compat Shim.
- Use the following registry setting, and then restart the 32-bit application: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Print Setting: Splwow64Compat
Type: DWORD
Value1: 1
- Addresses an issue that causes massive pool commit failures (Event ID 2019 and Event ID 2020 in the System Event log from Event Source Srv). This issue occurs when using dedupe and backup on large scale file servers (40 TB+).
- Addresses an issue with DNS Response Rate Limiting that causes a memory leak when enabled with LogOnly mode. 15874519
- Addresses an issue that may cause the expansion process of VM disks that are running with RCT enabled to stop responding and never complete. VMs disks that are not expanded still migrate. However, cancelling the expansion would cause the host to become unmanageable as follows:
- Can’t migrate VMs.
- Can’t expand other disks.
- VMs will be trapped in a stopping or starting state if you try to shut down or start them after the disk expansion has become unresponsive.
- Addresses an issue in which the user may not be able to expand the VHD beyond its original size after shrinking it. You may receive the error, “STATUS_INTERNAL_ERROR.” You would then have to stop the VM to be able to expand the disk beyond its original size.
- Addresses an issue that causes the VM to turn off instead of restarting with or without SLP enabled. This occurs when changing the Smart paging file location for a VM to another drive and then pointing it to an empty folder.
- Addresses an issue in which starting VMs on a host in a Windows Server 2016 Hyper-V cluster may cause another host to receive a Hyper-V host error (0x7E) in vhdmp.sys.
- Addresses a WAP issue related to inactive connections that never end. This leads to system resource leaks (e.g., a memory leak) and to a WAP service that is no longer responsive.
- Addresses an AD FS issue that prevents users from selecting a different login option. This occurs when users choose to log in using Certificate Based Authentication, but it has not been configured. This also occurs if users select Certificate Based Authentication and then try to select another login option. If this happens, users will be redirected to the Certificate Based Authentication page until they close the browser.
- Addresses an issue in which LDAP Modify requests for group membership change. The LDAP_SERVER_PERMISSIVE_MODIFY_OID operator is used, and the membership modification operation is already true (member is already removed or already present). As a result, the SUCCESS status is returned and audit events 4728 and 4729 appear, which indicates that the operation was completed.
- Addresses an issue in AD FS that shows a duplicate Relying Party trust in the AD FS management console when creating or viewing Relying Party Trusts from the console.
- Addresses an issue in ADFS that causes Windows Hello for Business to fail. The issue occurs when there are two claim providers. PIN registration will fail with, "400 Internal Server Error: Unable to obtain device identifier."
- Addresses an issue that causes the Work Folders (SyncShareSvcs) service to get into a circular deadlock condition. The service stops responding to Work Folders operations and starts leaking memory until the system becomes unresponsive.
-
Addresses an issue in which not all network printers are connected after a user logs on. The HKEY_USERS\User\Printers\Connections Key shows the correct network printers for the affected user. However, the list of network printers from this registry key is not populated in any app, including Microsoft Notepad or Devices and Printers. Printers may disappear or become non-functional.
-
Addresses an issue that can cause servers that are configured with Distributed Fair-Shared Scheduling (DFSS) to stop responding or stop working. This occurs because of an issue in the group scheduling logic that may occur when DFSS is used.
If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.
For more information about the resolved security vulnerabilities, please refer to the Security Update Guide.
Windows Update Improvements
Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 Feature Update based on device compatibility and Windows Update for Business deferral policy. This does not apply to long-term servicing editions.