November 27, 2018—KB4467684 (OS Build 14393.2639)

Applies to: Windows 10, version 1607Windows Server 2016

Improvements and fixes


This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

  • Addresses an issue that causes the GetCalendarInfo function to return an incorrect era name on the first day of the Japanese era. For more information, see KB4469068.
  • Addresses time zone changes for Russian daylight standard time. 
  • Addresses time zone changes for Moroccan daylight standard time.
  • Addresses an issue that allows mouse movements promoted by touch to bypass low-level mouse hooks designed to block mouse input. As a result, unexpected WM_MOUSEMOVE messages appear. 
  • Addresses an issue that may automatically display the software keyboard when you tap on the non-editable area of a Universal Windows Platform (UWP) application. This issue affects devices that have installed the Windows 10 Anniversary Update and have no physical keyboard. 
  • Addresses an issue in File Explorer that sometimes deletes the permissions of a shared parent folder when you delete the shared child folder. To apply this solution, enable the Group Policy “User Configuration\Administrative Templates\Windows Components\Network Sharing\Prevent users from sharing files within their profile”.
  • Addresses an issue that causes File Explorer to stop working during logoff. 
  • Addresses an issue in the Universal CRT that sometimes causes the AMD64-specific implementation of FMOD to return an incorrect result when given very large inputs. FMOD is frequently used to implement the modulo operator in JavaScript and Python implementations that use the Universal C Runtime. 
  • Addresses an issue that blocks ActiveX controls in Internet Explorer on 64-bit systems. This occurs when using Windows Defender Application Control and creating a policy that allows all ActiveX controls to run in Internet Explorer. 
  • Addresses an issue that prevents some applications from running when Windows Defender Application Control (Device Guard) is in audit mode. 
  • Addresses an issue that slows server performance or causes the server to stop responding because of numerous Windows firewall rules. To enable the changes, add a new registry key “DeleteUserAppContainersOnLogoff” (DWORD) on “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy” using Regedit, and set it to 1. 
  • Addresses an issue that causes network connectivity to fail when 802.1x authentication fails. 
  • Addresses an issue with Network Connection Status Indicator (NCSI) gateway MAC address resolution timing, which causes Internet connectivity to fail. 
  • Addresses an issue that fails to clean up some Windows Management Instrumentation (WMI) class registrations correctly when using Hyper-V cmdlets that have root\interop class dependencies. This issue may cause Virtual Machine management tasks (using PowerShell or the UI) to fail. Additionally, Virtual Machines may not be created or modified. For example, running Set-VMFirmware to modify the boot order may fail with the error, “ObjectNotFound.” 
  • Addresses an issue that prevents domain controllers from applying the Group Policy password policy when the minimum password length is configured to be greater than 14 characters.
  • Addresses an issue with Just Enough Administration (JEA). A temporary account with the security identifier (SID) authority of “S-1-5-94-xxx” remains in the server security policy under the Log on as a service user right. As a result, the Local Security Authority (LSA) database grows larger, which may affect the performance of domain controllers.
  • Addresses an issue that writes to a memory call stack with the Stop code “0xA” in Storage Replica environments.
  • Addresses an issue that causes the installation and client activation of Windows Server 2019 and 1809 LTSC Key Management Service (KMS) host keys (CSVLK) to not work as expected. For more information about the original feature, see KB4347075
  • Addresses an issue that causes promotions of non-root domains to fail with the error, “The replication operation encountered a database error.” The issue occurs in Active Directory forests that have optional features like Active Directory recycle enabled.

  • Addresses an issue that may cause Hyper-V servers to stop working with the error, "0x7F (UNEXPECTED_KERNEL_MODE_TRAP)".

 If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

Known issues in this update


Symptom Workaround

After you install the August Preview of Quality Rollup or September 11, 2018 .NET Framework update, instantiation of SqlConnection can throw an exception. For more information about this issue, see the following article in the Microsoft Knowledge Base:

4470809 SqlConnection instantiation exception on .NET 4.6 and later after August-September 2018 .NET Framework updates.

Microsoft is working on a resolution and will provide an update in an upcoming release.

After installing this update, users may not be able to use the Seek Bar in Windows Media Player when playing specific files. This issue does not affect normal playback.

Microsoft is working on a resolution and estimates a solution will be available mid-December 2018.
When features related to end-user-defined characters (EUDC) are used, the entire system may become unresponsive.

Double-click any font file or navigate to the font folders immediately after logging on.

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

How to get this update


Before installing this update

Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU. For more information, see Servicing stack updates.

If you are using Windows Update, the latest SSU (KB4465659) will be offered to you automatically. To get the stand-alone package for the latest SSU, go to the Microsoft Update Catalog

Install this update

To download and install this update, go to Settings > Update & Security > Windows Update and select Check for updates.

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

File information

For a list of the files that are provided in this update, download the file information for cumulative update 4467684