Cumulative Updates for Windows 10, February 25, 2020

Microsoft is releasing updates for a number of supported Windows 10 versions. They don't add new features to the OS, instead they improve its reliability and performance.

Here are the updates and the changes their introduce.

Windows 10, version 1809, KB4537818 (OS Build 17763.1075)

• Addresses an issue that prevents the speech platform application from opening for several minutes in a high noise environment.
• Improves the accuracy of Windows Hello face authentication.
• Improves Urlmon resiliency when receiving incorrect Content-Length for a PeerDist response.
• Addresses an issue that might prevent ActiveX content from loading.
• Addresses an issue that might cause Microsoft browsers to bypass proxy servers.
• Improves the battery performance during Modern Standby mode.
• Addresses an issue that causes the power dependency coordinator (PDC) driver to unnecessarily drain the battery in certain scenarios.
• Addresses an issue that prevents a user from upgrading or uninstalling some Universal Windows Platforms (UWP) apps in certain scenarios.
• Addresses an issue that causes attempts to take a screenshot of a window using the PrintWindow API to fail.
• Addresses an issue that adds an unwanted keyboard layout as the default after an upgrade or migration even if you have already removed it.
• Addresses an issue that fails to return search results in the Start menu Search box for users that have no local profile.
• Addresses an issue that causes the installation process to stop when installing Windows on a VMware guest machine that has a USB 3.0 hub attached.
• Addresses an issue in which re-running PowerShell workflows might fail with compilation errors for long sessions.
• Improves Event Forwarding scalability to ensure thread safety and increase resources.
• Addresses an issue in the Windows activation troubleshooter that prevents users from reactivating their copy of Windows using the product key stored in their Managed Service Account (MSA).
• Addresses an issue that generates an “unknown username or bad password” error when attempting to sign in. This occurs in an environment that has a Windows Server 2003 domain controller (DC) and a Windows Server 2016 or later DC.
• Addresses an issue with sign in scripts that fail to run when a user signs in or signs out.
• Addresses an issue that continues to collect IsTouchCapable and GetSystemSku data when they should no longer be collected.
• Addresses an issue that might cause Direct Access servers to use a large amount of non-paged pool memory (pooltag: NDnd).
• Addresses an issue in which the WinHTTP AutoProxy service does not comply with the value set for the maximum Time To Live (TTL) on the Proxy Auto-Configuration (PAC) file. This prevents the cached file from updating dynamically.
• Addresses an issue that prevents some applications from printing to network printers.
• Addresses an issue that causes the wrong printer name to be selected when you click the Print button in the SQL reporting service.
• Addresses an issue that might cause a printer to be a hidden device in Device Manager after a restart.
• Addresses an issue that prevents the Background Intelligent Transfer Service (BITS) from downloading files; the error is “0x80190191.”
• Addresses an issue that causes the Windows firewall to drop network traffic from Modern apps, such as Microsoft Edge, when you connect to a corporate network using a virtual private network (VPN).
• Addresses an issue that causes Host Networking Service (HNS) PortMapping policies to leak when the container host is reinstated after a restart.
• Addresses an issue that causes some systems to stop responding when operating embedded MultiMediaCard (eMMC) storage devices.
• Addresses an issue that occurs when you try to sign in to Windows during recovery mode. The error, "No administrator accounts are available on this machine", appears.
• Addresses an issue that prevents you from removing some local users from local built-in groups. For example, you cannot remove "Guest" from the "Guests" local group.
• Addresses an issue that causes the Local Security Authority Subsystem Service (LSASS) to stop working and triggers a restart of the system. This issue occurs when invalid restart data is sent with a non-critical paged search control.
• Addresses an Open Database Connectivity (ODBC) issue that causes an infinite loop in the retry logic when there are several lost connections in the connection pool.
• Addresses an issue that causes queries against large keys on Ntds.dit to fail with the error, “MAPI_E_NOT_ENOUGH_RESOURCES.” This issue might cause users to see limited meeting room availability because the Exchange Messaging Application Programming Interface (MAPI) cannot allocate additional memory for the meeting requests.
• Addresses an issue that intermittently generates Online Certificate Status Protocol (OSCP) Responder audit events (5125) to indicate that a request was submitted to the OCSP Responder Service. However, there is no reference to the serial number or the domain name (DN) of the issuer of the request.
• Addresses an issue that prevents Server Message Block (SMB) Multichannel from working within a cluster network that has IPv6 Local-Link addresses.
• Addresses an issue that might cause Storage Migration Service inventory operations on a Windows Server 2003 source computer to fail in clustered environments.
• Addresses an issue in which canceling a deduplication (dedup) job to rebuild hotspots prevents other deduplication PowerShell commands from responding.
• Addresses an issue that causes window ordering to fail after displaying tooltips in the RemoteApp window.
• Addresses an issue in which the Remote Desktop (RD) Licensing Diagnoser shows an incorrect version of the Remote Desktop Session Host (RDSH) and the Remote Desktop Licensing Server (RDLS).
• Addresses an issue with certificate validation that causes Internet Explorer mode in Microsoft Edge to fail.

Windows 10, version 1803, KB4537795 (OS Build 17134.1345)

• Improves the accuracy of Windows Hello face authentication.
• Improves Urlmon resiliency when receiving incorrect Content-Length for a PeerDist response.
• Addresses an issue that might prevent ActiveX content from loading.
• Addresses an issue that might cause Microsoft browsers to bypass proxy servers.
• Addresses an issue that adds an unwanted keyboard layout as the default after an upgrade or migration even if you have already removed it.
• Addresses an issue that causes an error if you open Microsoft OneDrive files on demand when User Experience Virtualization (UE-V) is enabled. To apply this solution, set the following DWORD to 1: “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\UEV\Agent\Configuration\ApplyExplorerCompatFix.”
• Addresses an issue that generates an “unknown username or bad password” error when attempting to sign in. This occurs in an environment that has a Windows Server 2003 domain controller (DC) and a Windows Server 2016 or later DC.
• Addresses an issue with sign in scripts that fail to run when a user signs in or signs out.
• Addresses an issue that continues to collect IsTouchCapable and GetSystemSku data when they should no longer be collected.
• Provides live response capability that gives Security Operations (SecOps) immediate access to compromised machines using the Microsoft Defender Advanced Threat Protection (ATP) console (Microsoft Defender Security Center).
• Improves the accuracy of detection in Microsoft Defender ATP Threat & Vulnerability Management.
• Addresses an issue that might cause Direct Access servers to use a large amount of non-paged pool memory (pooltag: NDnd).
• Addresses an issue in which the WinHTTP AutoProxy service does not comply with the value set for the maximum Time To Live (TTL) on the Proxy Auto-Configuration (PAC) file. This prevents the cached file from updating dynamically.
• Addresses an issue that prevents some applications from printing to network printers.
• Addresses an issue that prevents the Background Intelligent Transfer Service (BITS) from downloading files; the error is “0x80190191.”
• Addresses an issue that causes the Windows firewall to drop network traffic from Modern apps, such as Microsoft Edge, when you connect to a corporate network using a virtual private network (VPN).
• Addresses an issue that intermittently generates Online Certificate Status Protocol (OSCP) Responder audit events (5125) to indicate that a request was submitted to the OCSP Responder Service. However, there is no reference to the serial number or the domain name (DN) of the issuer of the request.
• Addresses an issue that causes queries against large keys on Ntds.dit to fail with the error, “MAPI_E_NOT_ENOUGH_RESOURCES.” This issue might cause users to see limited meeting room availability because the Exchange Messaging Application Programming Interface (MAPI) cannot allocate additional memory for the meeting requests.
• Addresses an issue that corrupts a log file when a storage volume is full and data is still being written to the Extensible Storage Engine Technology (ESENT) database.
• Addresses an issue with certificate validation that causes Internet Explorer mode in Microsoft Edge to fail.

Windows 10, version 1709, KB4537816 (OS Build 16299.1717)

• Addresses an issue that might prevent ActiveX content from loading.
• Addresses an issue that might cause Microsoft browsers to bypass proxy servers.
• Addresses an issue that generates an “unknown username or bad password” error when attempting to sign in. This occurs in an environment that has a Windows Server 2003 domain controller (DC) and a Windows Server 2016 or later DC.
• Provides live response capability that gives Security Operations (SecOps) immediate access to compromised machines using the Microsoft Defender Advanced Threat Protection (ATP) console (Microsoft Defender Security Center).
• Improves the accuracy of detection in Microsoft Defender ATP Threat & Vulnerability Management.
• Addresses an issue that might cause Direct Access servers to use a large amount of non-paged pool memory (pooltag: NDnd).
• Addresses an issue in which the WinHTTP AutoProxy service does not comply with the value set for the maximum Time To Live (TTL) on the Proxy Auto-Configuration (PAC) file. This prevents the cached file from updating dynamically.
• Addresses an issue that prevents some applications from printing to network printers.
• Addresses an issue with certificate validation that causes Internet Explorer mode in Microsoft Edge to fail.

Windows 10, version 1607, KB4537806 (OS Build 14393.3542)

• Addresses an issue that might cause Microsoft browsers to bypass proxy servers.
• Addresses an issue that propagates shared folder permissions incorrectly to parent folders after an administrator makes changes on the host system to shared subfolders that are not in the Users directory.
• Addresses an issue in which re-running PowerShell workflows might fail with compilation errors for long sessions.
• Improves Event Forwarding scalability to ensure thread safety and increase resources.
• Addresses an issue that generates an “unknown username or bad password” error when attempting to sign in. This occurs in an environment that has a Windows Server 2003 domain controller (DC) and a Windows Server 2016 or later DC.
• Addresses an issue that causes Transport Layer Security (TLS) sessions to fail with the error, "The request was aborted: Could not create SSL/TLS secure Channel."
• Addresses an issue that prevents some applications from printing to network printers.
• Addresses an issue that prevents the Network Policy Server (NPS) accounting feature from functioning. This occurs when NPS is configured to use SQL for accounting with the new OLE (compound document) database driver (MSOLEDBSQL.dll) after switching to TLS 1.2.
• Addresses an issue that causes Security Assertion Markup Language (SAML) errors and loss of access to third-party apps for users who do not have multi-factor authentication (MFA) enabled.
• Addresses an issue that intermittently generates Online Certificate Status Protocol (OSCP) Responder audit events (5125) to indicate that a request was submitted to the OCSP Responder Service. However, there is no reference to the serial number or the domain name (DN) of the issuer of the request.
• Addresses an issue with the spell checker in RemoteApp. This issue prevents the spell checker from using the locale language the user selects when there is a mismatch between the locale setting and the keyboard layout of the local or client machine. For example, the issue occurs if using a Dutch locale language with the United States-International keyboard layout; the spell checker incorrectly uses the English language instead of the locale language (Dutch) configured in the OS.
• Addresses an issue with certificate validation that causes Internet Explorer mode in Microsoft Edge to fail.

Check out the Windows Update History web site to see prerequisites for the packages, and read about known issues (if any).

How to install the updates

To download these updates, open Settings - > Update &recovery and click on the Check for Updates button on the right.

Alternatively, you can get it from the Windows Update online catalog.

Helpful links

• Find Which Windows 10 Edition You Have Installed
• How to find the Windows 10 version you are running
• How to find the Windows 10 build number you are running
• How to install CAB and MSU updates in Windows 10

Support us

Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options: