July 24, 2018—KB4340917 (OS Build 17134.191)

Applies to: Windows 10, version 1803

Improvements and fixes


This update includes quality improvements. No new operating system features are being introduced in this update. Important changes include the following:

  • Addresses an issue that causes devices within Active Directory or Hybrid AADJ++ domains to unexpectedly unenroll from Microsoft Intune or third-party MDM services after installing provisioning package updates (PPKG). This issue occurs on devices that are subject to the Auto MDM Enrollment with AAD Token Group Policy. If you ran the script Disable-AutoEnrollMDMCSE.PS1 as a workaround for this issue, run Enable-AutoEnrollMDMCSE.PS1 from a PowerShell window in Administrator mode after installing this update.

  • Addresses additional issues that affect updated time zone information. 
  • Improves the ability of the Universal CRT Ctype family of functions to handle EOF as valid input. 
  • Addresses an issue that affects registration in the "Push to Install" service.
  • Addresses an issue that affects Roaming User Profiles in which the AppData\Local and AppData\Locallow folders are incorrectly synchronized at user logon and logoff. For more information, see KB 4340390
  • Addresses issues that is related to peripherals that use Quality of Service (QoS) parameters for Bluetooth connections. 
  • Addresses an issue that causes SQL Server memory usage to grow over time when you encrypt data by using a symmetric key that has a certificate, and then you run queries that open and close the symmetric key in a recursive loop. 
  • Addresses an issue in which using an invalid password in a wireless PEAP environment that has SSO enabled submits two authentication requests that use the invalid password. The excess authentication request may cause premature account lockouts in environments that have low account lockout thresholds. To enable the changes, start Registry Editor, add the registry key DisableAuthRetry on HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\PPP\EAP\26, and set the DWORD value to 1
  • Addresses an issue that prevents OpenType fonts from printing in Win32 applications. 
  • Addresses an issue in DNS Response Rate Limiting that causes a memory leak when enabled with LogOnly mode. 
  • Addresses an issue in a RemoteApp session that may cause a black screen when maximizing an app window on a secondary monitor.
  • Addresses an issue in IME that causes unexpected finalization of strings during Japanese input in applications such as Microsoft Outlook.

If you installed earlier updates, only the new fixes in this package will be downloaded and installed on your device.

Known issues in this update


Symptom Workaround

After you install any of the July 2018 .NET Framework Security Updates, a COM component fails to load because of “access denied,” “class not registered,” or “internal failure occurred for unknown reasons” errors. The most common failure signature is the following:

Exception type: System.UnauthorizedAccessException

Message: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

This issue is resolved in KB 4343909.

After you install this update, Windows no longer recognizes the Personal Information exchange (PFX) certificate that’s used for authenticating to a Wi-Fi or VPN connection. Therefore, Microsoft Intune takes a long time to deliver user profiles because it doesn’t recognize that the required certificate is on the device. This issue is resolved in KB 4464218.

 

How to get this update


To download and install this update, go to Settings > Update & Security > Windows Update and select Check for updates.

To get the standalone package for this update, go to the Microsoft Update Catalog website.

File information

For a list of the files that are provided in this update, download the file information for cumulative update 4340917.