More Windows Patches today

Microsoft so far released five Microsoft updates today. The updates also available in the Windows Update catalogue.

Windows Update

KB4057142

This update patches a large number of issues in Windows 10 build 1607, it upgrades the build number to 14393.2034 and it addresses the unbootable state issue and also patches lots of other issues, which are listed here:

  • Some Microsoft-signed ActiveX controls did not work if Windows Defender Application Control is enabled.
  • Excessive memory use when using smart cards on a Windows Terminal Server system.
  • Virtual TPM self-test is not run.
  • Compatibility with U.2 NVMe device hot-add/removal cases improved.
  • iSCSI Initiator Properties Devices list fails to list some targets.
  • NGUID and EUI64 I formats compatibility for NVMe devices.
  • Fixed error 0xc2 and 7e sync errors when backing up large Resilient File System volumes.
  • UWF file commits add old data to files.
  • Access-based enumeration not working correctly after installing KB4015217
  • Addresses issue where AD FS incorrectly displays the Home Realm Discovery (HRD) page when an identity provider (IDP) is associated with a relying party (RP) in an OAuth Group.
  • Addresses issue where PKeyAuth-based device authentication sometimes fails in Internet Explorer and Microsoft Edge when AD FS returns a context that exceeds the request limits for URL length.
  • Addresses issue in AD FS where MSISConext cookies in request headers can eventually overflow the headers’ size limit. This causes authentication failure with the HTTP status code 400: “Bad Request – Header Too Long.”
  • Addresses issue where AD FS produces an MFA Event 1200 log that doesn’t contain UserID information.
  • Addresses issue where retrieving the Certificate Revocation List (CRL) from the Certification Authority (CA) using the Simple Certificate Enrollment Protocol (SCEP) fails.
  • Enables IT, administrators, to scientifically troubleshoot I/O failures using a comprehensive event log for the resiliency state transition.
  • Transparency for replication health when free disk space is low, Hyper-V Replica Log size is growing to maximum limit and Recovery Point Objectives threshold violations.
  • Addresses issue where, if the Online Certificate Status Protocol (OCSP) renewal date comes after the certificate expiration date, the OCSP-stapled response is used until the renewal date even though the certificate has expired.
  • Addresses issue where backward compatibility for managing Microsoft User Experience Virtualization (UE-V) with group policy is lost. Windows 10 version 1607 group policy isn’t compatible with Windows 10 version 1703 or higher group policy. Because of this bug, the new Windows 10 Administrative Templates (.admx) cannot be deployed to the Group Policy Central Store. This means that some of the new, additional settings for Windows 10 aren’t available.
  • Addresses issue with the App-V package folder access that causes the access control list to be handled incorrectly.
  • Addressed delay when searching for new printers.
  • Fixed issue where users could not change passwords on remote logon screens if the password expired.
  • DISM command sometimes failed to import custom application defaults.
  • Addresses issue originally called out in KB4056890 where calling CoInitializeSecurity with the authentication parameter set to RPC_C_AUTHN_LEVEL_NONE resulted in the error STATUS_BAD_IMPERSONATION_LEVEL.
  • Addresses issue where some customers with AMD devices get into an unbootable state.

KB4057144

KB4057144 is an update for Windows 10 version 1703 which patches the unbootable state issue and addresses the following issues too:

  • PDF printing issue in Microsoft Edge.
  • App-V package folder access issue that affected the access control list.
  • Addresses issue where backward compatibility for managing Microsoft User Experience Virtualization (UE-V) with group policy is lost.
  • Addresses issue where some Microsoft-signed ActiveX controls don’t work when Windows Defender Application Control (Device Guard) is enabled. Specifically, class IDs related to XMLHTTP in msxml6.dll don’t work.
  • “Cannot create a file when that file already exists.” error when changing the Smart Card for Windows server start type from Disabled to Manual or Automatic.
  • Windows Defender Device Guard or Windows Defender Application Control would wrongfully block some applications in Audit only mode.
  • Addresses issue where the virtual TPM self-test isn’t run as part of virtual TPM initialization.
    Addresses issue with NoToastApplicationNotificationOnLockScreen GPO that causes Toast notifications to appear on the lock screen.
  • Addresses issue originally called out in KB4056891 where calling CoInitializeSecurity with the authentication parameter set to RPC_C_AUTHN_LEVEL_NONE resulted in the error STATUS_BAD_IMPERSONATION_LEVEL.
  • Addresses issue where some customers with AMD devices get into an unbootable state
Advertisements

Comments are closed.

Blog at WordPress.com.

Up ↑

%d bloggers like this: