November 27, 2017—KB4051033 (OS Build 14393.1914)

Applies to: Windows 10, version 1607Windows Server 2016

Improvements and fixes


This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

  • Addressed issue where screen tearing and scrambled content appear in applications when a computer is connected to three or more USB 3.0 display devices. This occurs when you change the content on one or more of the connected display devices.

  • Addressed issue where a service fails to start when two or more services are using the same built-in account (such as NetworkService or LocalService). When this issue occurs, the failing service reports the error, "The service did not start due to a logon failure", or, "A specified logon session does not exist. It may already have been terminated.”

  • Addressed issue where scheduled tasks with stored credentials fail to run when Credential Guard is enabled. The task fails and reports event ID 104 with the following message: “Task Scheduler failed to log on ‘\Test’ . Failure occurred in ‘LogonUserExEx’ . User Action: Ensure the credentials for the task are correctly specified. Additional Data: Error Value: 2147943726. 2147943726 : ERROR_LOGON_FAILURE (The user name or password is incorrect)."

  • Addressed issue where, during BitLocker decryption or encryption of a drive, files protected with the Encrypting File System (EFS) may become corrupted.

  • Addressed issue where opening Microsoft Office files from a file server that has Windows Information Protection enabled fails with the error, “Sorry we couldn't open document xxxx”.

  • Addressed issue where a Storage Spaces Direct (S2D) drive that is failing or being removed from a node is incorrectly reported as healthy in admin tools. These tools include Get-Physical Disk, Server Manager, and Failover Cluster Manager.
  • Addressed issue where a repair job could be suspended indefinitely after re-adding a node to an S2D cluster.

  • Addressed issue where an incomplete Storage Spaces repair could lead to faulty metadata causing future repairs to stop working.

  • Addressed a token leak in services.exe that occurs after applying MS16-111/KB3175027. This results in a kernel session object leak that degrades system performance over time. This especially affects Terminal Server implementations, where more user logons typically occur.

  • Addressed issue where the Remote Desktop clipboard redirection policy doesn't take effect if reconnecting to an existing session and the policy has changed between the initial connection and reconnecting to the session.

  • Addressed issue where in a non-English language environment, the OEM OOBE process cannot finish when building a failover cluster. This process fails with the error message, “No integration component with the given name could be found.”

  • Improved performance when querying the file system formats of Direct-Access Storage Devices.

  • Addressed issue associated with the clustering health policy for handling unresponsive clustered drives. By default, drives are retired for unresponsive conditions. The frequency of unresponsive reset remediation is too aggressive.

  • Addressed issue in the Network Flyout where closing the sign-in dialog unexpectedly (e.g., clicking outside the window) prevents further sign-in dialogs from appearing when the user tries to connect to the same network.

  • Improved performance when launching applications that use Virtual Disk Service to manage volumes.

  • Addressed issue that impacted some Epson SIDM (Dot Matrix) and TM (POS) printers, which were failing to print on x86 and x64-based systems. This issue affects KB4048953.

  • Addressed issue that causes the VmCompute process to stop working when you reset the Virtual Machine (VM) after Dynamic Memory (DM) changes its memory footprint. This occurs when Non-Uniform Memory Access (NUMA) spanning is disabled and DM is enabled.

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

For more information about the resolved security vulnerabilities, see the Security Update Guide.

Known issues in this update


Symptom Workaround
After installing this KB, Internet Explorer 11 users who use SQL Server Reporting Services (SSRS) may not be able to scroll through a drop-down menu using the scroll bar.

This issue is resolved in KB4053579.

After installing KB4041688, KB4052231, or KB4048953, the error "CDPUserSvc_XXXX has stopped working" appears. Additionally, Event ID 1000 is logged in the Application event log. It notes that svchost.exe_CDPUserSvc_XXXX has stopped working and the faulting module name is "cdp.dll".

This issue is resolved in KB4053579.

After installing this update, servers where Credential Guard is enabled may experience an unexpected restart with the error, "The system process lsass.exe terminated unexpectedly with status code -1073740791. The system will now shut down and restart."

Event ID 1000 in the application log shows:

"C:\windows\system32\lsass.exe' terminated unexpectedly with status code -1073740791

Faulting application: lsass.exe, Version: 10.0.14393.1770, Time Stamp: 0x59bf2fb2

Faulting module: ntdll.dll, Version: 10.0.14393.1715, Time Stamp: 0x59b0d03e

Exception: 0xc0000409

This issue is resolved in KB4077525.

 

How to get this update


To get the standalone package for this update, go to the Microsoft Update Catalog website.

File information

For a list of the files that are provided in this update, download the file information for cumulative update 4051033.