Microsoft releases new cumulative updates for several Windows 10 versions (change log)

Microsoft today released new cumulative updates for several supported versions of Windows 10. These updates improve application and device compatibility with Windows updates. This update also fixes an issue that causes an error when printing to a document share. You can download these updates for Windows 10 version 1809, Windows 10 version 1803, Windows 10 version 1709 and Windows 10 version 1607. You can find the full change log below.

Windows 10, version 1809 – KB4541331 (OS Build 17763.1131):

This non-security update includes quality improvements. Key changes include:

• Addresses an issue that causes an error when printing to a document repository.
• Addresses a drawing issue with the Microsoft Foundation Class (MFC) toolbar that occurs when dragging in a multi-monitor environment.
• Addresses an issue that prevents the touch keyboard from appearing during sign in when the user is prompted for the password.
• Addresses an issue that causes new child windows to flicker and appear as white squares on server devices that are configured for stark visual contrast.
• Addresses an issue that displays incorrect folder properties in File Explorer when the path is longer than MAX_PATH.
• Addresses an issue that causes calendar dates to appear on the wrong day of the week in the clock and date region of the notification area when you select the Samoa time zone.
• Addresses an issue with reading logs using the OpenEventLogA() function.
• Addresses an issue that prevents machines that have enabled Credential Guard from joining a domain. The error message is “The server’s clock is not synchronized with the primary domain controller’s clock.”
• Addresses an issue that might cause a delay of up to two minutes when signing in or unlocking a session on Hybrid Azure Active Directory-joined machines.
• Addresses an issue that causes authentication to fail when using Azure Active Directory and the user’s security identifier (SID) has changed.
• Addresses an issue that might cause domain controllers (DC) to register a lowercase and a mixed or all uppercase Domain Name System (DNS) service (SRV) record in the _MSDCS.<forest root domain> DNS zone. This occurs when DC computer names contain one or more uppercase characters.
• Addresses an issue that causes authentication in an Azure Active Directory environment to fail and no error appears.
• Addresses an issue that causes high CPU utilization when retrieving a session object.
• Addresses high latency in Active Directory Federation Services (AD FS) response times for globally distributed datacenters in which SQL might be on a remote datacenter.
• Improves the performance for all token requests coming to AD FS, including OAuth, Security Assertion Markup Language (SAML), WS-Federation, and WS-Trust.
• Addresses a high latency issue in acquiring OAuth tokens when AD FS front-end servers and back-end SQL servers are in different datacenters.
• Restores the constructed attribute in Active Directory and Active Directory Lightweight Directory Services (AD LDS) for msDS-parentdistname.
• Addresses an issue to prevent SAML errors and the loss of access to third-party apps for users who do not have multi-factor authentication (MFA) enabled.
• Addresses an issue with evaluating the compatibility status of the Windows ecosystem to help ensure application and device compatibility for all updates to Windows.
• Addresses an issue that prevents Microsoft User Experience Virtualization (UE-V) settings from roaming to enable the signature files that are used for new messages, forwarded messages, and replies.
• Addresses an issue with high CPU usage on AD FS servers that occurs when the backgroundCacheRefreshEnabled feature is enabled.
• Addresses an issue that creates the Storage Replica administrator group with the incorrect SAM-Account-Type and Group-Type. This makes the Storage Replica administrator group unusable when moving the primary domain controller (PDC) emulator.
• Addresses an issue that prevents some machines from automatically going into Sleep mode under certain circumstances because of Microsoft Defender Advanced Threat Protection (ATP) Auto Incident Response (IR).
• Addresses an issue that prevents some machines from running Microsoft Defender ATP Threat & Vulnerability Management successfully.
• Improves support for non-ASCII file paths for Microsoft Defender ATP Auto IR.
• Addresses an issue that, in some scenarios, causes stop error 0xEF while upgrading to Windows 10, version 1809.

Windows 10, version 1803 – KB4541333 (OS Build 17134.1399):

This non-security update includes quality improvements. Key changes include:

• Addresses an issue that causes an error when printing to a document repository.
• Addresses an issue that causes a KERNEL_SECURITY_CHECK_FAILURE (139) stop error when Windows resumes from Sleep and turns on certain Bluetooth headsets.
• Addresses an issue that might cause a delay of up to two minutes when signing in or unlocking a session on Hybrid Azure Active Directory-joined machines.
• Addresses an issue that causes authentication in an Azure Active Directory environment to fail and no error appears.
• Addresses an issue that prevents machines that have enabled Credential Guard from joining a domain. The error message is “The server’s clock is not synchronized with the primary domain controller’s clock.”
• Addresses an issue with evaluating the compatibility status of the Windows ecosystem to help ensure application and device compatibility for all updates to Windows.
• Addresses an issue that prevents Microsoft User Experience Virtualization (UE-V) settings from roaming to enable the signature files that are used for new messages, forwarded messages, and replies.
• Addresses an issue that prevents some machines from automatically going into Sleep mode under certain circumstances because of Microsoft Defender Advanced Threat Protection (ATP) Auto Incident Response (IR).
• Addresses an issue that prevents some machines from running Microsoft Defender ATP Threat & Vulnerability Management successfully.
• Improves support for non-ASCII file paths for Microsoft Defender ATP Auto IR.

Windows 10, version 1607 – KB4541330 (OS Build 16299.1775):

• Addresses an issue that causes File Explorer to close unexpectedly when using roaming profiles between different versions of Windows 10.
• Addresses an issue that might cause a delay of up to two minutes when signing in or unlocking a session on Hybrid Azure Active Directory-joined machines.
• Addresses an issue that prevents machines that have enabled Credential Guard from joining a domain. The error message is “The server’s clock is not synchronized with the primary domain controller’s clock.”
• Addresses an issue with evaluating the compatibility status of the Windows ecosystem to help ensure application and device compatibility for all updates to Windows.
• Addresses an issue that prevents Microsoft User Experience Virtualization (UE-V) settings from roaming to enable the signature files that are used for new messages, forwarded messages, and replies.
• Addresses an issue that prevents some machines from running Microsoft Defender ATP Threat & Vulnerability Management successfully.

Windows 10, version 1607 – KB4541329 (OS Build 14393.3595):

• Addresses an issue that might cause domain controllers (DC) to register a lowercase and a mixed or all uppercase Domain Name System (DNS) service (SRV) record in the _MSDCS.<forest root domain> DNS zone. This occurs when DC computer names contain one or more uppercase characters.
• Addresses an issue that prevents machines that have enabled Credential Guard from joining a domain. The error message is “The server’s clock is not synchronized with the primary domain controller’s clock.”
• Addresses an issue with running an application in RemoteApp that might cause the application window to flicker and DWM.exe might stop working on the session host.
• Addresses an issue with evaluating the compatibility status of the Windows ecosystem to help ensure application and device compatibility for all updates to Windows.
• Addresses an issue that prevents Microsoft User Experience Virtualization (UE-V) settings from roaming to enable the signature files that are used for new messages, forwarded messages, and replies.
• Addresses an issue with high CPU usage on Active Directory Federation Services (AD FS) servers that occurs when the backgroundCacheRefreshEnabled feature is enabled.