May 8, 2018—KB4103727 (OS Build 16299.431)

Applies to: Windows 10, version 1709

Improvements and fixes


This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

  • Addresses an information disclosure vulnerability in the Windows Kernel. This vulnerability is documented in CVE-2018-8141. It is applicable only for Windows 10 Version 1709 and Windows Server Version 1709 (Server Core).
  • Addresses an issue in Internet Explorer that might cause communication between web workers to fail in certain asynchronous scenarios that involve multiple visits to a web page. 
  • Updates Internet Explorer and Microsoft Edge to respect the video preload flag in certain scenarios. 
  • Addresses an issue on AMD platforms that causes intermittent loss of USB port functionality after resuming from Hibernate (S4). 
  • Increases the user account minimum password length in Group Policy from 14 to 20 characters.
  • Addresses an issue with the April 2018 Windows Servicing update that causes App-V Scripts (User Scripts) to stop working.
  • Addresses an issue that prevents customers from typing Hangul correctly with Microsoft's Korean IME in Microsoft Word Online.
  • Addresses an issue that prevents customers from selecting a Microsoft add-in on a second monitor.
  • Addresses a known issue in KB4093105 that may cause the message “We couldn't download Windows Mixed Reality software” to appear on some Windows 10 Mixed Reality devices.
  • Addresses an issue that may cause an error when connecting to a Remote Desktop server. For more information, see CredSSP updates for CVE-2018-0886.
  • Security updates to Microsoft Edge, Internet Explorer, Microsoft scripting engine, Windows app platform and frameworks, Device Guard, Windows kernel, Microsoft Graphics Component, Windows storage and filesystems, Windows Hyper-V, Windows virtualization and kernel, HTML help, and Windows Server.

If you installed earlier updates, only the new fixes in this package will be downloaded and installed on your device.

For more information about the resolved security vulnerabilities, see the Security Update Guide.

Known issues in this update


Symptom Workaround

When Device Guard is enabled, some non-English platforms may display the following strings in English instead of the localized language:

  • ”Reading scheduled jobs from file is not supported in this language mode.”
  • "Cannot use '&' or '.' operators to invoke a module scope command across language boundaries."
  • "'Script' resource from 'PSDesiredStateConfiguration' module is not supported when Device Guard is enabled. Please use 'Script' resource published by PSDscResources module from PowerShell Gallery."

After evaluation, Microsoft has determined that this is a low probability and a low-risk issue, and we will not provide a solution at this time for Windows 10, version 1709.

If you believe that you are affected by this issue, please contact Microsoft Support.

 

How to get this update


This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the Microsoft Update Catalog website.

Important When installing both the servicing stack update (SSU) (KB4131372) and the latest cumulative update (LCU) from the Microsoft Update Catalog, install the SSU before installing the LCU.

File information

For a list of the files that are provided in this update, download the file information for cumulative update 4103727