February 25, 2020—KB4537818 (OS Build 17763.1075)

Applies to: Windows 10, version 1809, all editionsWindows Server version 1809Windows Server 2019, all editions

Highlights


  • Updates an issue that prevents the speech application from opening for several minutes in a high noise environment. 
  • Improves the accuracy of Windows Hello face authentication. 
  • Updates an issue that might prevent ActiveX content from loading. 
  • Improves the battery performance during Modern Standby mode. 
  • Updates an issue that prevents you from taking a screenshot of a window.
  • Updates an issue that adds an unwanted keyboard layout as the default after an upgrade even if you have already removed it. 
  • Updates an issue that prevents users from reactivating their copy of Windows using the product key stored in their Managed Service Account (MSA).
  • Updates an issue that prevents some applications from printing to network printers. 

Improvements and fixes


This non-security update includes quality improvements. Key changes include:

  • Addresses an issue that prevents the speech platform application from opening for several minutes in a high noise environment. 
  • Improves the accuracy of Windows Hello face authentication. 
  • Improves Urlmon resiliency when receiving incorrect Content-Length for a PeerDist response. 
  • Addresses an issue that might prevent ActiveX content from loading. 
  • Addresses an issue that might cause Microsoft browsers to bypass proxy servers. 
  • Improves the battery performance during Modern Standby mode. 
  • Addresses an issue that causes the power dependency coordinator (PDC) driver to unnecessarily drain the battery in certain scenarios. 
  • Addresses an issue that prevents a user from upgrading or uninstalling some Universal Windows Platforms (UWP) apps in certain scenarios. 
  • Addresses an issue that causes attempts to take a screenshot of a window using the PrintWindow API to fail. 
  • Addresses an issue that adds an unwanted keyboard layout as the default after an upgrade or migration even if you have already removed it. 
  • Addresses an issue that fails to return search results in the Start menu Search box for users that have no local profile. 
  • Addresses an issue that causes the installation process to stop when installing Windows on a VMware guest machine that has a USB 3.0 hub attached. 
  • Addresses an issue in which re-running PowerShell workflows might fail with compilation errors for long sessions. 
  • Improves Event Forwarding scalability to ensure thread safety and increase resources. 
  • Addresses an issue in the Windows activation troubleshooter that prevents users from reactivating their copy of Windows using the product key stored in their Managed Service Account (MSA). 
  • Addresses an issue that generates an “unknown username or bad password” error when attempting to sign in. This occurs in an environment that has a Windows Server 2003 domain controller (DC) and a Windows Server 2016 or later DC. 
  • Addresses an issue with sign in scripts that fail to run when a user signs in or signs out. 
  • Addresses an issue that continues to collect IsTouchCapable and GetSystemSku data when they should no longer be collected. 
  • Provides live response capability that gives Security Operations (SecOps) immediate access to compromised machines using the Microsoft Defender Advanced Threat Protection (ATP) console (Microsoft Defender Security Center). 
  • Improves the accuracy of detection in Microsoft Defender ATP Threat & Vulnerability Management. 
  • Improves application compatibility with Microsoft Defender ATP. 
  • Addresses an issue that might cause Direct Access servers to use a large amount of non-paged pool memory (pooltag: NDnd). 
  • Addresses an issue that prevents some applications from printing to network printers. 
  • Addresses an issue that causes the wrong printer name to be selected when you click the Print button in the SQL reporting service.  
  • Addresses an issue that might cause a printer to be a hidden device in Device Manager after a restart. 
  • Addresses an issue that prevents the Background Intelligent Transfer Service (BITS) from downloading files; the error is “0x80190191.” 
  • Addresses an issue that causes the Windows firewall to drop network traffic from Modern apps, such as Microsoft Edge, when you connect to a corporate network using a virtual private network (VPN). 
  • Addresses an issue that causes Host Networking Service (HNS) PortMapping policies to leak when the container host is reinstated after a restart. 
  • Addresses an issue that causes some systems to stop responding when operating embedded MultiMediaCard (eMMC) storage devices. 
  • Addresses an issue that occurs when you try to sign in to Windows during recovery mode. The error, "No administrator accounts are available on this machine", appears. 
  • Addresses an issue that prevents you from removing some local users from local built-in groups. For example, you cannot remove "Guest" from the "Guests" local group. 
  • Addresses an issue that causes the Local Security Authority Subsystem Service (LSASS) to stop working and triggers a restart of the system. This issue occurs when invalid restart data is sent with a non-critical paged search control. 
  • Addresses an Open Database Connectivity (ODBC) issue that causes an infinite loop in the retry logic when there are several lost connections in the connection pool. 
  • Addresses an issue that causes queries against large keys on Ntds.dit to fail with the error, “MAPI_E_NOT_ENOUGH_RESOURCES.” This issue might cause users to see limited meeting room availability because the Exchange Messaging Application Programming Interface (MAPI) cannot allocate additional memory for the meeting requests. 
  • Addresses an issue that intermittently generates Online Certificate Status Protocol (OSCP) Responder audit events (5125) to indicate that a request was submitted to the OCSP Responder Service. However, there is no reference to the serial number or the domain name (DN) of the issuer of the request. 
  • Addresses an issue that prevents Server Message Block (SMB) Multichannel from working within a cluster network that has IPv6 Local-Link addresses. 
  • Addresses an issue that might cause Storage Migration Service inventory operations on a Windows Server 2003 source computer to fail in clustered environments.
  • Addresses an issue in which canceling a deduplication (dedup) job to rebuild hotspots prevents other deduplication PowerShell commands from responding. 
  • Addresses an issue that causes window ordering to fail after displaying tooltips in the RemoteApp window. 
  • Addresses an issue in which the Remote Desktop (RD) Licensing Diagnoser shows an incorrect version of the Remote Desktop Session Host (RDSH) and the Remote Desktop Licensing Server (RDLS).
  • Addresses an issue with certificate validation that causes Internet Explorer mode in Microsoft Edge to fail.
  • Addresses an issue related to a high performance power scheme.

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

Known issues in this update


Symptom Workaround
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

After investigation, we have found that this issue does not affect this version of Windows.

After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."
  1. Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10.
  2. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10.

Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows:

  1. Go to the Settings app > Recovery.
  2. Select Get Started under the Reset this PC recovery option.
  3. Select Keep my Files.

Microsoft is working on a resolution and will provide an update in an upcoming release.

Devices using a manual or auto-configured proxy, especially with a virtual private network (VPN), might show limited or no internet connection status in the Network Connectivity Status Indicator (NCSI) in the notification area. This might happen when connected to or disconnected from a VPN or after changing the state between the two. Devices with this issue might also have issues reaching the internet using applications that use WinHTTP or WinInet. Examples of apps that might be affected on devices in this state include, but are not limited to, Microsoft Teams, Microsoft Office, Microsoft Office 365, Microsoft Outlook, Internet Explorer 11, and some versions of Microsoft Edge.

This issue is resolved in KB4554354.

Because of a bug, some customers who purchase a Windows 10 Pro Education device, may receive a genuine edition of Windows 10 Education.

Windows 10 editions for education customers, Windows 10 Pro Education builds on the commercial version of Windows 10 Pro, and Windows 10 Education builds on Windows 10 Enterprise. This bug is not expected to introduce any negative experiences for customers.

More information: Compare Windows 10 editions

A resolution for this issue will be released in a future servicing update that will prevent customers from entering this state.

How to get this update


Before installing this update

Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU. For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.

If you are using Windows Update, the latest SSU (KB4523204) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the Microsoft Update Catalog.

Install this update

Release Channel Available Next Step
Windows Update or Microsoft Update Yes Go to Settings > Update & Security > Windows Update. In the Optional updates available area, you’ll find the link to download and install the update.
Microsoft Update Catalog Yes To get the standalone package for this update, go to the Microsoft Update Catalog website.
Windows Server Update Services (WSUS) No

You can import this update into WSUS manually. See the Microsoft Update Catalog for instructions.

 

File information

For a list of the files that are provided in this update, download the file information for cumulative update 4537818

Note Some files erroneously have “Not applicable” in the “File version” column of the CSV file. This might lead to false positives or false negatives when using some third-party scan detection tools to validate the build.