February 13, 2018—KB4074590 (OS Build 14393.2068)

Applies to: Windows 10, version 1607Windows Server 2016

Improvements and fixes


This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

  • Addresses issue with fragment identifier contained in links opened using the Enterprise Mode Site List to redirect from Microsoft Edge to Internet Explorer.

  • Addresses issue with rendering graphics elements with Internet Explorer.

  • Addresses a script-related issue that caused Internet Explorer to stop working in some cases.

  • Addresses issue in Internet Explorer where pressing the Delete key inserted a new line in input boxes in an application.

  • Addresses issue where some users may have experienced issues logging into some websites when using third-party account credentials in Microsoft Edge.

  • Addresses issue with browser Compatibility View settings that occured during updates.

  • Updates time zone information.

  • Updates Microsoft HoloLens CPU Microcode to address vulnerability CVE-2017-5715 - Branch target injection. Installing this KB for HoloLens applies all relevant OS and Microcode updates. See Advisory 180002 for more details.

  • Addresses issue where telemetry data couldn't be uploaded using UTC because of networking environments that prevent access to the necessary CRL servers.

  • Addresses issue where MMC application snap-ins—such as Services, Local Policy Admin, and Printer Management—fail to run when Windows Defender Application Control (Device Guard) is turned on. The error is "Object doesn't support this property or method."

  • Addresses issue where a failover in MPIO while throttling input and output requests may cause all available paths to fail.

  • Addresses issue where the application pool CPU throttles when running IIS.

  • Addresses issue where, after installing KB4057142 or KB4056890 on an SMB server, accessing files in directory junction points or volume mount points hosted on the server may fail. The error is “ERROR_INVALID_REPARSE_DATA”. For example, this symptom may be observed:

  • Editing some group policies using GPMC or AGPM 4.0 may fail with the error "The data present in the reparse point buffer is invalid. (Exception from HRESULT: 0x80071128)".

  • Security updates to Microsoft Edge, Internet Explorer, Adobe Flash Player, Microsoft Windows Search Component, Windows Kernel, Device Guard, Common Log File System Driver, and Windows storage and file systems.

Note This update isn't available with express installation files for Windows Server 2016.

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

For more information about the resolved security vulnerabilities, see the Security Update Guide.

Known issues in this update


Symptom Workaround
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.

This issue is resolved in KB4088787.

After installing this update, servers where Credential Guard is enabled may experience an unexpected restart with the error "The system process lsass.exe terminated unexpectedly with status code -1073740791. The system will now shut down and restart."

Event ID 1000 in the application log shows:

'C:\windows\system32\lsass.exe' terminated unexpectedly with status code -1073740791

Faulting application: lsass.exe, Version: 10.0.14393.1770, Time Stamp: 0x59bf2fb2

Faulting module: ntdll.dll, Version: 10.0.14393.1715, Time Stamp: 0x59b0d03e

Exception: 0xc0000409

This issue is resolved in KB4077525.

After installing this update, applications may not be able to reserve or bind to ports that previously worked.

To resolve this issue, use the following workaround.

Check if the port you want to bind to or reserve is already reserved on the container host. For example, you can use netsh as follows:   

netsh interface ipv4 show excludedportrange protocol=tcp

 
If the port is not reserved, you may use it. If it is reserved, choose a different port.

How to get this update


This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the Microsoft Update Catalog website.

File information

For a list of the files that are provided in this update, download the file information for cumulative update 4074590.