IMPORTANT Starting in July 2020, we will resume non-security releases for Windows 10 and Windows Server, version 1809 and later. There is no change to the cumulative monthly security updates (also referred to as the "B" release or Update Tuesday release). For more information, see the blog post Resuming optional Windows 10 and Windows Server non-security monthly updates.
IMPORTANT Starting in July 2020, all Windows Updates will disable the RemoteFX vGPU feature because of a security vulnerability. For more information about the vulnerability, see CVE-2020-1036 and KB4570006. After you install this update, attempts to start virtual machines (VM) that have RemoteFX vGPU enabled will fail, and messages such as the following will appear:
- “The virtual machine cannot be started because all the RemoteFX-capable GPUs are disabled in Hyper-V Manager.”
- “The virtual machine cannot be started because the server has insufficient GPU resources.”
If you re-enable RemoteFX vGPU, a message similar to the following will appear:
- "We no longer support the RemoteFX 3D video adapter. If you are still using this adapter, you may become vulnerable to security risk. Learn more (https://go.microsoft.com/fwlink/?linkid=2131976)”
IMPORTANT We have been evaluating the public health situation and understand the impact this is having on many of our customers. To help ease some of the burdens customers are facing, we are going to delay the scheduled end of service date for the Home, Pro, Pro Education, Pro for Workstations, and IoT Core editions of Windows 10, version 1809 to November 10, 2020. This means devices will receive monthly security updates only from May to November. The final security update for these editions of Windows 10, version 1809 will be released on November 10, 2020 instead of May 12, 2020.
- Updates an issue that might cause the Magnifier to stop working in Microsoft Excel in certain scenarios. As a result, Microsoft Excel might also stop working.
Improvements and fixes
This non-security update includes quality improvements. Key changes include:
- Addresses an issue in Microsoft Edge IE mode that occurs when you open multiple documents from a SharePoint site.
- Addresses an issue in Microsoft Edge IE mode that occurs when you browse using anchor links.
- Addresses an issue that might cause the Magnifier to stop working in Microsoft Excel in certain scenarios. As a result, Microsoft Excel might also stop working.
- Addresses an issue that might cause apps that use the custom text wrapping function to stop working in certain scenarios.
- Addresses an issue that prevents you from opening documents in SharePoint in certain scenarios.
- Addresses a reliability issue in dxgkrnl.sys that might cause stop error 0x50 PAGE_FAULT_IN_NONPAGED_AREA.
- Addresses an issue that might increase the number of handles when using Microsoft Outlook.
- Addresses an issue that causes an application to flicker or stop responding when sharing the application using Microsoft Teams.
- Addresses an issue that incorrectly calculates long path addresses that have Unicode characters outside of the current system.
- Addresses an issue that prevents Windows 8.1 apps from projecting to a secondary display when those apps use the StartProjectingAsync API.
- Addresses an issue that prevents Event Viewer from saving a full set of filtered events when you filter by the date.
- Addresses an issue that continues to display the previous username hint in the smart card sign in box after a different user has used the machine with domain credentials.
- Addresses an issue that causes lsass.exe to stop working on a terminal server when you enable Remote Credential Guard. The exception code is 0xc0000374.
- Addresses an issue that prevents Microsoft Defender Advanced Threat Protection (ATP) from applying file exclusions in some cases, which leads to application compatibility issues.
- Addresses an issue that causes automatic investigations to fail in Microsoft Defender ATP.
- Improves Microsoft Defender ATP's ability to identify malicious code injection activities.
- Addresses an issue that causes the network controller (NC) host agent to incorrectly report that a virtual machine (VM) has moved.
- Addresses an issue that might cause a deadlock in the Wired AutoConfig (dot3svc) service.
- Addresses an issue that might prevent applications from running as expected on Active Directory Federation Services 2019 (AD FS 2019) clients. This occurs when applications use an iFrame during non-interactive authentication requests and receive X-Frame-Options set to DENY.
- Addresses an issue that incorrectly reports Lightweight Directory Access Protocol (LDAP) sessions as unsecure sessions in Event ID 2889. This occurs when the LDAP session is authenticated and sealed with a Simple Authentication and Security Layer (SASL) method.
- Updates the message users receive that tells them to check their phone for notifications from the Microsoft Authenticator application. This message only appears when authentication is done using the AD FS Azure Multi-Factor Authentication (MFA) adapter.
- Updates dcpromo.exe to remove the "Network access: Restrict clients allowed to make remote calls to SAM" policy on member servers when they are promoted to domain controllers. This allows clients to make Security Accounts Manager (SAM) connections to these domain controllers.
- Addresses an issue that might cause Windows 10 devices that enable Credential Guard to fail authentication requests when they use the machine certificate.
- Addresses an issue that might cause stop error 7E in nfssvr.sys on servers running the Network File System (NFS) service.
- Addresses an issue that discards the Remote Desktop Gateway Secure Sockets Layer (SSL) Bridging settings and resets them to the default.
- Addresses an issue that prevents you from updating the port number for HTTPS or the User Datagram Protocol (UDP) settings in the Remote Desktop Gateway Manager.
- Addresses an issue that occurs when a standalone Remote Desktop Session Host (RDSH) server allows multiple sessions per user. After disconnecting from a session, if you attempt to reconnect to the original session, the server creates a new session instead.
- Addresses an issue that causes the Windows Management Instrumentation (WMI) Provider Host (WmiPrvSE.exe) to leak registry key handles when querying Win32_RDCentralPublishedDeploymentSettings.
- Addresses an issue that logs a Distributed Component Object Model (DCOM) error in the System event log when the Distributed File System (DFS) Replication service is started.
- Addresses an issue that might cause the Microsoft Remote Assistance process (msra.exe) to stop working when a user is receiving assistance during a computer session. The error is 0xc0000005 or 0xc0000409.
- Addresses an issue that causes Server Message Block (SMB) to incorrectly use the original, cached non-Continuous Available handle to a file, which becomes invalid after a network error or storage failover. As a result, applications fail with errors such as STATUS_UNEXPECTED_NETWORK_ERROR.
- Addresses an issue in SMB that causes Windows Server 2019 to stop working when using 100 GB network interface cards (NIC). This only applies to Storage Spaces Direct (S2D) and SMB Daemon (SMBD) scenarios.
If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.
Windows Update Improvements
Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.
Known issues in this update
|After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."|| |
Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows:
Microsoft is working on a resolution and will provide an update in an upcoming release.
|After installing KB4550969 or later, when using Microsoft Edge Legacy, you might receive the error,”0x80704006. Hmmmm…can’t reach this page” when attempting to reach websites on non-standard ports. Any website that uses a port listed in the Fetch Standard specification under bad ports or port blocking might cause this issue.|| |
To mitigate this issue, you can do one of the following:
Note The new, Chromium-based Microsoft Edge will also fail to connect to websites on non-standard ports by default. This is an expected behavior. However, you can allow sites on the affected non-standard port by using the parameter --explicitly-allowed-ports=####, where #### is the port you require. For example, when you need to access a website on port 6667, type c:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe--explicitly-allowed-ports=6667
We are working on a resolution and will provide an update in an upcoming release.
How to get this update
Before installing this update
Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU. For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
Install this update
|Release Channel||Available||Next Step|
|Windows Update or Microsoft Update||Yes||Go to Settings > Update & Security > Windows Update. In the Optional updates available area, you’ll find the link to download and install the update.|
|Microsoft Update Catalog||Yes||To get the standalone package for this update, go to the Microsoft Update Catalog website.|
|Windows Server Update Services (WSUS)||No|| |
You can import this update into WSUS manually. See the Microsoft Update Catalog for instructions.
For a list of the files that are provided in this update, download the file information for cumulative update 4559003.
Note Some files erroneously have “Not applicable” in the “File version” column of the CSV file. This might lead to false positives or false negatives when using some third-party scan detection tools to validate the build.