Windows 10: Update KB4346783, KB4343893, KB4343889, KB4343884 (08/30/2018)

[German]Microsoft has released the updates KB4346783, KB4343893, KB4343889 and KB4343884 for various Windows 10 builds as of August 30, 2018. Here is an overview.


Advertising

A list of released updates for Windows 10 can be obtained from Microsoft’s Update history page.

Update KB4346783 for Windows 10 Version 1803

Cumulative Update KB4346783 for Windows 10 Version 1803 raises the build number to 17134.254. This is a maintenance update that addresses the following issues.

  • Addresses an issue in Microsoft Foundation Class applications that may cause applications to flicker.
  • Addresses an issue where touch and mouse events were handled differently in Windows Presentation Foundation (WPF) applications that have a transparent overlay window.
  • Addresses a reliability issue in applications that have extensive window nesting.
  • Addresses an issue in the Universal CRT that sometimes causes the AMD64 FMOD to return an incorrect result when given very large inputs.
  • Addresses an issue in the Universal CRT that causes the _get_pgmptr() function to return an empty string.
  • Addresses an issue in the Universal CRT that causes isprint() to return TRUE for a tab when using the C locale.
  • Addresses an issue where Microsoft Edge or other UWP applications can’t perform client authentication when the private key is stored on a TPM 2.0 device.
  • Addresses an issue that causes computer certificate enrollment or renewal to fail with an “Access denied” error after installing the April 2018 update. This issue occurs when the registry process has a lower process ID (PID) than all other processes except SYSTEM.
  • Addresses an issue that, in some cases, failed to clear decrypted data from memory after a CAPI decryption operation was completed.
  • Addresses an issue that prevented the Device Guard PackageInspector.exe application from including all the files needed for an application to run correctly once the Code Integrity policy was completed.
  • Addresses an issue where not all network printers are connected after a user signs in. The HKEY_USERS\User\Printers\Connections key shows the correct network printers for the affected user; however, the missing list for network printers from this registry key isn’t populated in any app, including Microsoft Notepad, or in Devices and Printers. Printers may disappear or stop functioning.
  • Addresses an issue that prevents printing on a 64-bit OS when 32-bit applications impersonate other users (typically by calling LogonUser). This issue occurs after installing monthly updates starting with KB4034681, released in August 2017. To resolve the issue for the affected applications, install this update, and then do one of the following:
    • Use Microsoft Application Compatibility Toolkit to globally enable the Splwow64Compat App Compat Shim
    • Use the following registry setting, and then restart the 32-bit application:
      HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Print
      Setting: Splwow64Compat, Type: DWORD Value1: 1
  • Addresses an issue that causes the Wi-Fi EAP-TTLS (CHAP) authentication to fail if a user saves credential information before authentication.
  • Addresses an issue that causes devices that have 802.1x Extensible Authentication Protocol (EAP) enabled to randomly stop working with the stop code ”0xD1 DRIVER_IRQL_NOT_LESS_OR_EQUAL”. The issue occurs when the kernel memory pool becomes corrupted. Crashes will generally occur in nwifi.sys.
  • Addresses an issue that may remove a Dynamic Host Configuration Protocol (DHCP) option from a reservation after changing the DHCP scope settings.
  • Extends the Key Management Service (KMS) to support the upcoming Windows 10 client Enterprise LTSC and Windows Server editions. For more information, see KB4347075.

Unfortunately, this update does not fix the problem that the Edge browser fixes an error in the Application Guard (see my blog post Windows 10 V1709/1803: Issues (also August). Microsoft proposes to uninstall the KB4343909 update and then install the KB4346783 update as a workaround. The update is automatically distributed via Windows Update (if necessary, check for updates in Settings under Update & Security – Windows Update). It can also be downloaded for manual installation from Microsoft Update Catalog.

Update KB4346793 foür Windows 10 Version 1709

Cumulative Update KB4343893 for Windows 10 Version 1709 raises the build number to 16299.637. This is a maintenance update that addresses similar issues to the update described in the previous section.

This cumulative update has the same known issues as the corresponding August 14, 2018 update (see). Some non-English platforms can display the following string in English instead of the localized language: “Reading scheduled jobs from file is not supported in this language mode.” This error is displayed when Device Guard is enabled and you are trying to read the scheduled jobs you have created. In addition, there are other known issues with Device Guard activated (e.g. no & or . operator etc., see kb article) Microsoft is working on solving the problems.


Advertising

The update is automatically distributed via Windows Update (if necessary, check for updates in Settings under Update& Security – Windows Update). It can also be downloaded for manual installation from Microsoft Update Catalog.

Update KB4343889 for Windows 10 Version 1703

Cumulative Update KB4343889 for Windows 10 Version 1703raises the build number to 15063.1292. This is a maintenance update that addresses almost identical issues to the update described in the previous section (see kb article). Additional an issue that causes win32kfull.sys to stop working (Stop 3B) when cancelling journal hook operations or disconnecting a remote session has been addressed.

Microsoft is currently not aware of any problems with the update. The update is automatically distributed via Windows Update (if necessary, check for updates in Settings under Update and Security – Windows Update). It can also be downloaded for manual installation from Microsoft Update Catalog.

Windows update improvements

Microsoft has released an update directly to the Windows Update Client to increase reliability. Each device with Windows 10, which is configured for automatic updates via Windows Update, receives the function update (to V1803). Windows 10 Enterprise and Pro Edition also receive the feature update (to V1803) based on device compatibility and the update delay (Defer) set in Windows Update for Business Deferral Policy. This does not apply to LTSC versions.

Update KB4343884 for Windows 10 Version 1607

Cumulative Update KB4343884 for Windows 10 Version 1607 (only available for Enterprise and Education and Windows Server 2016) raises the build number to 14393.2457. This is a maintenance update that addresses this issues.

  • Updates the music metadata service provider used by Windows Media Player.

Addresses an issue from the March 2018 update that prevents the correct lock screen image from appearing when the following GPO policies are enabled:

  • Computer Configuration\Administrative Templates\Control Panel\Personalization\Force a specific default lock screen and logon image
  • Computer Configuration\Administrative Templates\Control Panel\Personalization\Prevent changing lock screen and logon image
  • Addresses an issue that prevents users of PIV/CAC smart cards from authenticating to use enterprise resources or prevents Windows Hello for Business from configuring on first logon.
  • Addresses an issue that prevented the Device Guard PackageInspector.exe application from including all the files needed for an application to run correctly once the Code Integrity policy was completed.
  • Addresses an issue that, in some cases, failed to clear decrypted data from memory after a CAPI decryption operation was completed.
  • Addresses an issue that causes PowerShell scripts to stop working when attempting operations such as Get-Credentials.
  • Addresses an issue that causes the Wi-Fi EAP-TTLS (CHAP) authentication to fail if a user saves credential information before authentication.
  • Addresses a Windows Task Scheduler issue that occurs when setting up an event to start on a specific day of the month. Instead of starting on the specific day of the month you selected, the event starts one week ahead of schedule. For example, if you set an event to start on the third Tuesday of August 2018, instead of starting on 08/21/18, the event starts on 08/14/18.
  • Addresses an issue that prevents Hypervisor from automatically launching on restart when running a nested or non-nested virtualization scenario after enabling Device Guard.
  • Addresses an issue that causes the event viewer for Microsoft-Windows-Hyper-V-VMMS-Admin to receive excessive Event ID 12660 “Cannot open handle to Hyper-V storage provider” messages. This issue occurs when performing migration testing on a Windows Server 2016 S2D Cluster Platform. As a result, events are deleted after three hours when the event log size reaches 1 MB.
  • Addresses an issue that causes virtual functions (VF) to be unintentionally removed when a virtual machine (VM) is saved in Hyper-V Manager. This issue occurs when assigning and loading multiple virtual functions to a single VM during live migration on Windows Server 2016. Saving the VM doesn’t result in a normal shutdown of the virtual functions and doesn’t allow the VF driver to have backchannel communication with the physical function (PF).
  • Addresses an issue that causes an Azure to on-premise failback operation to fail and puts the virtual machine (VM) into an unresponsive state. This issue occurs if the failback is interrupted by an event such as restarting the Virtual Machine Management Service (VMMS) or restarting the host machine. The failback operation then continues to fail even when the VMMS is running.
  • Addresses an Active Directory Federation Services (AD FS) issue where Multi-Factor Authentication does not work correctly with mobile devices that use custom culture definitions.
  • Addresses an issue in Windows Hello for Business that causes a significant delay (15 seconds) in new user enrollment. This issue occurs when a hardware security module is used to store an ADFS Registration Authority (RA) certificate.
  • Addresses an Active Directory Domain Services (AD DS) issue that causes Local Security Authority Subsystem Service (LSASS) to stop working intermittently. This issue occurs when a custom component binds over Transport Layer Security (TLS) to a Domain Controller using Simple Authentication and Security Layer (SASL) EXTERNAL authentication.
  • Addresses an issue that generates Event ID 2006 and prevents the Windows Performance counter from reading Server Message Block (SMB) performance counters. This issue occurs when Hot-Plug is enabled for CPUs on Windows 2016 virtual machines.
  • Addresses an issue that causes users to disconnect from a remote session when the Remote Desktop Gateway service stops working.
  • Addresses an issue that causes svchost.exe to stop working intermittently. This issue occurs when the SessionEnv service is running, which causes a partial load of the user’s configuration during a Remote Desktop session.
  • Addresses an issue that may cause the server to be restarted because the system nonpaged pool consumes too much memory.
  • Addresses an issue that may remove a Dynamic Host Configuration Protocol (DHCP) option from a reservation after changing the DHCP scope settings.
  • Addresses an issue that prevents a drive from being made writable even after BitLocker encryption has completed. This issue occurs when using the FDVDenyWriteAccess policy.
  • Addresses an issue that occasionally displays a blue screen instead of the lock screen when a device wakes up from sleep.
  • Extends the Key Management Service (KMS) to support the upcoming Windows 10 client Enterprise LTSC and Windows Server editions. For more information, see KB4347075.

Microsoft is currently not aware of any problems with the update. The update is automatically distributed via Windows Update (if necessary, check for updates in Settings under Update and Security – Windows Update). It can also be downloaded for manual installation from Microsoft Update Catalog.

Please note that the Servicing Stack Update (SSU) (KB4132216) must be installed before installing the KB4343884 update. Without this SSU, the cumulative update is not offered.

Windows update improvements

Microsoft has released an update directly to the Windows Update Client to increase reliability. Each device with Windows 10, which is configured for automatic updates via Windows Update, receives the function update (to V1803). Windows 10 Enterprise and Pro Edition also receive the feature update (to V1803) based on device compatibility and the update delay (Defer) set in Windows Update for Business Deferral Policy. This does not apply to LTSC versions.

Similar articles:
Security update for Adobe Acrobat/Reader
Microsoft Office Patchday (August 7, 2018)
Windows 10 Updates KB4295110/KB4023057 (08/09/2018)
Microsoft Security Update Summary August 14, 2018
Patchday Windows 10-Updates (August 14, 2018)
Patchday: Updates for Windows 7/8.1/Server (August 14, 2018)
Patchday Microsoft Office Updates (August 14, 2018)
Microsoft Patchday: Other Updates (August 14, 2018)
Windows 10 V1709/1803: Issues (also August Patchday)
Windows 7/8.1 Preview Rollup Updates KB4343894, KB4343891 (August 30, 2018)


Advertising


This entry was posted in Update, Windows and tagged , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *