Windows 10 1909 Preview Updates September 21, 2021

Windows[German]Small addendum from this week, as Microsoft has released two preview updates (KB500562, KB5005625) for Windows 10 (Enterprise/Education and Server variants of 1809 and 1909) as of Sept. 21, 2021. The preview updates are optional and are intended to fix various issues. Here is an overview of this update.


Advertising

The update information can be found in the Windows 10 update history page. It should be noted that these updates are so-called preview or preview updates. These are optional and must be manually triggered for download and installation by default. 

It should be noted that Windows 10 versions 1809 and 1909 in the Home and Premium variants have fallen out of support. Therefore, the preview updates now only apply to the Enterprise, Education and Server versions of the aforementioned SKUs. For Windows 7, Windows 8.1, older Windows 10 versions and the respective server counterparts, the preview updates have been suspended in the meantime.

Update KB5005624 foür Windows 10 Version 1909

Cumulative (Preview) Update KB5005624 raises the build to 18363.1830 and is available for Windows 10 Enterprise version 2019, Windows 10 Education version 1909 and Windows 10 IoT Enterprise version 1909. The update includes a number of bug fixes, but no new operating system features and no security fixes. Here's the list of changes:

  • Addresses an issue that causes the system time to be incorrect by one hour after a daylight saving time (DST) change.
  • Provides administrators the option to reset the zoom to the default for HTML dialogs in Microsoft Edge Internet Explorer mode.
  • Addresses an issue with Enterprise Mode Site List redirection from Internet Explorer 11 to Microsoft Edge. In certain circumstances, the redirection opens a site in multiple tabs in Microsoft Edge.
  • Addresses an issue that fails to keep the NumLock state after a Fast Startup restart.
  • Addresses an issue with resizing images that might cause flickering and residual line artifacts.
  • Addresses an issue that always reports the update build revision (UBR) as zero (0) on a device during enrollment to mobile device management (MDM) service.
  • Removes the limitation of 25 maximum Traffic Selectors in the Windows native Internet Key Exchange (IKE) client and server.
  • Addresses an issue that causes a memory leak in lsass.exe when the pTokenPrivileges buffer is not released.
  • Addresses an issue with a non-paged pool (NPP) leak from the UxSF pool tag. This leak occurs when lsass.exe stops processing asynchronous Security Support Provider Interface (SSPI) calls.
  • Addresses an issue that prevents the xhunter1.sys driver from loading. As a result, some games cannot run when you enable Hypervisor-Protected Code Integrity (HVCI).
  • Addresses an issue that causes Windows to stop working if you deploy a Code Integrity policy without user mode rules.
  • Improves the performance of MsSense.exe in environments with User Datagram Protocol (UDP) applications that require high amounts of bandwidth.
  • Addresses an input method editor (IME) mode instability in the RemoteApp scenario. You must install this update on the Remote Desktop server and Remote Desktop client.
  • Addresses an issue that causes blurry News and interests icons when you use certain screen resolutions.
  • Addresses a paged pool memory leak of the registry keys for the Virtual Desktop ID that occurs in explorer.exe.
  • Addresses an issue that causes LogonUI.exe to stop working because Direct Manipulation fails to start.
  • Addresses an issue that causes apps to lose focus when the taskbar is not at the bottom of the screen.
  • Addresses an issue that causes News and interests to appear in the context menu even when you have disabled it on a device.
  • Addresses an issue that causes the LsaLookupSids() function to fail. This occurs when there are security identifiers (SID) for users that no longer exist in a group that contains cross-domain trusted users.
  • Implements a Group Policy for the registry key below:
    Key: HKLM\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint
    Value: RestrictDriverInstallationToAdministrators

The update is optional and is only offered when the user explicitly checks for updates in the settings page. The update can also be downloaded and installed from the Microsoft Update Catalog. It is not available in WSUS or Windows Update for Business. The current SSU is already included in the cumulative update package. Notes on known issues (none are listed yet) and specifics on the required SSU can be found in support articleKB5005624.

In addition, Microsoft has made direct improvements to the update client for Windows 10 to improve its reliability. Further details can be found in the support article in case of doubt. It also explains how to uninstall the LCU with the SSU

Update KB5005625 for Windows 10 1809 (LTSC branch)

Cumulative (Preview) Update KB5005625 belongs to the Windows 10 branch 1809, which is out of support in May 2021. Microsoft writes that the update is ready for Windows 10 Enterprise 2019 LTSC, Windows 10 IoT Enterprise 2019 LTSC, Windows 10 IoT Core 2019 LTSC, and Windows Server 2019, however, and lifts the build to 17763.2210. The update includes a number of bug fixes, but no new operating system features and no security fixes. Here's the list of changes:

  • Addresses an issue that causes the system time to be incorrect by one hour after a daylight saving time (DST) change. 
  • Addresses an issue with Enterprise Mode Site List redirection from Internet Explorer 11 to Microsoft Edge. In certain circumstances, the redirection opens a site in multiple tabs in Microsoft Edge.
  • Addresses an issue that causes the Kubernetes cluster worker node to stop working, which affects the pods in K8s clusters.
  • Removes the limitation of 25 maximum Traffic Selectors in the Windows native Internet Key Exchange (IKE) client and server.
  • Addresses an issue with a non-paged pool (NPP) leak from the UxSF pool tag. This leak occurs when lsass.exe stops processing asynchronous Security Support Provider Interface (SSPI) calls.
  • Addresses an issue that prevents the xhunter1.sys driver from loading. As a result, some games cannot run when you enable Hypervisor-Protected Code Integrity (HVCI).
  • Improves the performance of MsSense.exe in environments with User Datagram Protocol (UDP) applications that require high amounts of bandwidth.
  • Addresses an input method editor (IME) mode instability in the RemoteApp scenario. You must install this update on the Remote Desktop server and Remote Desktop client.
  • Addresses a paged pool memory leak of the registry keys for the Virtual Desktop ID that occurs in explorer.exe.
  • Addresses an issue that causes the configuration for multiple artifact DB support across datacenters to fail for Security Assertion Markup Language (SAML) artifacts.
  • Addresses an issue that causes the LsaLookupSids() function to fail. This occurs when there are security identifiers (SID) for users that no longer exist in a group that contains cross-domain trusted users.
  • Addresses an issue that might create duplicate built-in local accounts, such as administrator or guest account, during an in-place upgrade. This issue occurs if you previously renamed those accounts. As a result, the Local Users and Groups MMC snap-in (lusrmgr.msc) appears blank with no accounts after the upgrade. This update removes the duplicate accounts from the local Security Account Manager (SAM) database on the affected machines. If the system detected and removed duplicate accounts, it logs a Directory-Services-SAM event, with ID 16986, in the System event log.
  • Addresses an issue that fails to apply the post_logout_redirect_uri= parameter when you use an External Claims Provider.
  • Addresses an issue that occurs when third-party software uses custom LanmanServer File System Controls (FSCTL). As a result, Windows performance might degrade and the LanmanServer service fails to start.
  • Implements a Group Policy for the registry key:
    Key: HKLM\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint Value: RestrictDriverInstallationToAdministrators

The update is optional and is only offered when the user explicitly checks for updates in the settings page. The update can also be downloaded and installed from the Microsoft Update Catalog. It is not available in WSUS or Windows Update for Business. The current SSU is already included in the cumulative update package. Notes on known issues and specifics with the required SSU can be found in support article KB5005625.

Microsoft has also made direct improvements to the update client for Windows 10 to improve its reliability.

Similar articles
Microsoft Office Patchday (September 7, 2021)
Microsoft Security Update Summary (September 14, 2021)
Patchday: Windows 10-Updates (September 14, 2021)
Patchday: Windows 8.1/Server 2012 Updates (September 14, 2021)
Patchday: Updates for Windows 7/Server 2008 R2 (September 14, 2021)
Patchday Microsoft Office Updates (September 14, 2021)
Patchday Sept. 2021 Review: New PrintNightmare fix, new issues, new desaster?
Patch day recap Sept. 2021: Update on MSHTML vulnerability CVE-2021-40444


Cookies helps to fund this blog: Cookie settings
Advertising


This entry was posted in Update, Windows and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published.