September 26, 2019—KB4517211 (OS Build 18362.387)

Kehtib: Windows 10, version 1903Windows Server version 1903

Highlights


  • Updates an issue that causes vertical fonts to be larger when printing to a PostScript printer.
  • Updates an issue that may cause you to disconnect from a virtual private network (VPN) on cellular networks.
  • Updates an issue that may cause audio playback and recording to fail when connecting to a remote virtual machine.
  • Updates an issue that may prevent older systems from upgrading to the latest operating systems because a display driver error on older versions.
  • Updates an issue that may cause the screen color to turn white on laptops that have built-in, high-dynamic-range (HDR) screens. 
  • Updates an issue that causes audio in certain games to be quieter or different than expected. 
  • Updates an issue with the Windows Mixed Reality Portal that might report that your headset is sleeping and it might not wake up.

Improvements and fixes


This non-security update includes quality improvements. Key changes include:

  • Addresses an issue that causes vertical fonts to be larger when printing to a PostScript printer. 
  • Addresses an issue that causes printing from 32-bit applications to fail with an “Access is denied” error when you select Run as different user for the application. 
  • Addresses an issue that may give write access to a removable USB disk when a user switches from a privileged user to an unprivileged user. 
  • Addresses an issue that causes the lsass.exe service to stop working, which causes the system to shut down. This occurs when migrating Data Protection API (DPAPI) credentials using dpapimig.exe with the -domain option. 
  • Addresses an issue that gives a Windows Hello for Business user two certificates for authentication during certificate renewal instead of one certificate. 
  • Addresses an issue that prevents a web browser from connecting securely to Windows Server. This occurs when using a client authentication certificate, such as a SHA512-based certificate, and the web browser does not support a signature algorithm that matches the certificate. 
  • Addresses an issue that may cause authentication to fail for certificate-based authentication when the certificate authentication includes a cname as part of the pre-authentication request. 
  • Addresses an issue that prevents a Microsoft App-V application from opening and displays a network failure error. This issue occurs under certain circumstances, such as when a system's battery is low or there is an unexpected power failure. 
  • Addresses an issue that causes a query request of the Win32_LogonSession class for the StartTime to display the value of the epoch (for example, 1-1-1601 1:00:00) instead of the actual logon time. This occurs when a user who isn’t an administrator creates the query request. 
  • Addresses an issue that causes File Explorer to show a regular file icon for files marked with FILE_ATTRIBUTE_OFFLINE instead of the expected placeholder icon. 
  • Addresses an issue with intermittent virtual private network (VPN) disconnections on cellular networks. 
  • Addresses an issue that may cause audio playback and recording to fail when connecting to a remote virtual machine. 
  • Addresses an issue with MSCTF.dll that causes an application to stop working. 
  • Addresses an issue with the input and display of special characters that occurs when an app uses imm32.dll
  • Addresses an issue with resizing Windows Presentation Foundation (WPF) applications; they may not respond to being resized using the mouse until you release the mouse button. 
  • Addresses an issue that may prevent older systems from upgrading to the latest operating systems because of an error in the display driver of older versions. 
  • Addresses an issue that may cause the screen color to turn white on laptops that have built-in, high-dynamic-range (HDR) screens. 
  • Addresses an issue with converting an application from 32-bit to 64-bit architecture. 
  • Addresses an issue that prevents you from running the Active Directory Diagnostics Data Collector Set from the Performance Monitor for Domain Controllers. This causes the Data Collector Set name to appear empty. Running the Active Directory Diagnostics Data Collector Set returns the error, “The system cannot find the file specified.” Event ID 1023 is logged with the source as Perflib and the following messages:
    • “Windows cannot load the extensible counter DLL “C:\Windows\system32\ntdsperf.dll.”
    • “The specified module could not be found.” 
  • Addresses an issue that causes audio in certain games to be quieter or different than expected.
  • Addresses an issue that prevents Microsoft App-V from handling a parameter of the CreateProcess API properly, which prevents the virtual process from opening.
  • Addresses an issue in which the maximum central processing unit (CPU) performance is not enabled when you select the High Performance power plan.
  • Provides a way to configure the read buffer size. This allows you to address an issue with slow upload times when uploading a file to a Universal Naming Convention (UNC) share using the Internet Information Services (IIS) Web Distributed Authoring and Versioning (WebDAV) feature.
  • Addresses an issue that causes a device to stop working when opening files from a network drive that has client-side caching enabled. This issue may occur when the device has certain third-party antivirus products installed and the drive is backed by a server that is not a Microsoft Server Message Block (SMB) server. The error code is, “0x27 RDR_FILE_SYSTEM.”
  • Facilitates the configuration of devices that are managed by mobile device management (MDM) settings, which are created by ADMX ingestion. You can update a previously ingested ADMX file with a newer version, and you are not required to delete the previous ADMX file. This solution applies to all applications that use ADMX ingestion.
  • Addresses an issue that may cause a Hyper-V virtual machine and a Hyper-V host to lose network connectivity because of an inconsistency in the media access control (MAC) address learning process. As a result, the Hyper-V virtual switch drops packets.
  • Addresses an issue with the Windows Mixed Reality Portal that might intermittently generate a “15-5” error. In some cases, Windows Mixed Reality Portal might report that the headset is sleeping and selecting the Wake up button might appear to produce no response.

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

Known issues in this update


Symptom Workaround
Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.

Due to security related changes in this update, this issue may occur when the Touch Keyboard and Handwriting Panel Service is not configured to its default startup type of Manual. To resolve the issue, perform the following steps:

  1. Select the Start button and type “services”.
  2. Open the Services app and locate Touch Keyboard and Handwriting Panel Service.
  3. Double-click Touch Keyboard and Handwriting Panel Service and select Properties.
  4. Locate Startup type: and change it to Manual.
  5. Select OK.

The TabletInputService service is now in the default configuration and IME should work as expected.

The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or generate errors when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.

This issue is resolved in KB4524147.

When setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.

Note This issue does not affect using a Microsoft Account during OOBE.

This issue is resolved in KB4530684.

 

How to get this update


Before installing this update

Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU. For more information, see Servicing stack updates.

If you are using Windows Update, the latest SSU (KB4520390) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the Microsoft Update Catalog.

Install this update

Release Channel Available Next Step
Windows Update or Microsoft Update Yes Go to Settings > Update & Security > Windows Update and select Check for updates.
Microsoft Update Catalog Yes To get the standalone package for this update, go to the Microsoft Update Catalog website.
Windows Server Update Services (WSUS) Yes

This update will automatically synchronize with WSUS if you configure Products and Classifications as follows:

Product: Windows 10, version 1903 and later

Classification: Updates

 

File information

For a list of the files that are provided in this update, download the file information for cumulative update 4517211