| Autopilot Self-Deploying mode and Autopilot White Glove | Firmware TPM devices, which are only provided by Intel, AMD, or Qualcomm, do not include all needed certificates at boot time and must be able to retrieve them from the manufacturer on first use. Devices with discrete TPM chips(including ones from any other manufacturer) come with these certificates preinstalled. Make sure that these URLs are accessible for each firmware TPM provider so that certificates can be successfully requested:
+
Intel- https://ekop.intel.com/ekcertservice
+
Qualcomm- https://ekcert.spserv.microsoft.com/EKCertificate/GetEKCertificate/v1
+
AMD- https://ftpm.amd.com/pki/aia
## Licensing requirements
diff --git a/windows/release-information/resolved-issues-windows-10-1507.yml b/windows/release-information/resolved-issues-windows-10-1507.yml
index 1b60cb6d84..4b08bb66bc 100644
--- a/windows/release-information/resolved-issues-windows-10-1507.yml
+++ b/windows/release-information/resolved-issues-windows-10-1507.yml
@@ -32,7 +32,7 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 10240.18334
September 23, 2019
KB4522009 | Resolved
KB4524153 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 10240.18334
September 23, 2019
KB4522009 | Resolved
KB4520011 | October 08, 2019
10:00 AM PT |
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | OS Build 10240.18305
August 13, 2019
KB4512497 | Resolved
KB4517276 | August 17, 2019
02:00 PM PT |
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | OS Build 10240.18244
June 11, 2019
KB4503291 | Resolved External
| August 09, 2019
07:03 PM PT |
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.
See details > | OS Build 10240.18244
June 11, 2019
KB4503291 | Resolved
KB4507458 | July 09, 2019
10:00 AM PT |
@@ -55,7 +55,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524153.
Back to top | OS Build 10240.18334
September 23, 2019
KB4522009 | Resolved
KB4524153 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520011.
Back to top | OS Build 10240.18334
September 23, 2019
KB4522009 | Resolved
KB4520011 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
"
diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml
index f6d0389a8b..e716f09b5f 100644
--- a/windows/release-information/resolved-issues-windows-10-1607.yml
+++ b/windows/release-information/resolved-issues-windows-10-1607.yml
@@ -32,7 +32,7 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 14393.3206
September 23, 2019
KB4522010 | Resolved
KB4524152 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 14393.3206
September 23, 2019
KB4522010 | Resolved
KB4519998 | October 08, 2019
10:00 AM PT |
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 14393.3204
September 10, 2019
KB4516044 | Resolved
| September 17, 2019
04:47 PM PT |
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.
See details > | OS Build 14393.3053
June 18, 2019
KB4503294 | Resolved
KB4516044 | September 10, 2019
10:00 AM PT |
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 14393.3115
July 16, 2019
KB4507459 | Resolved
KB4512517 | August 13, 2019
10:00 AM PT |
@@ -71,7 +71,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524152.
Back to top | OS Build 14393.3206
September 23, 2019
KB4522010 | Resolved
KB4524152 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4519998.
Back to top | OS Build 14393.3206
September 23, 2019
KB4522010 | Resolved
KB4519998 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
| IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: After investigation, we have found that this issue does not affect this version of Windows.
Back to top | OS Build 14393.3204
September 10, 2019
KB4516044 | Resolved
| Resolved:
September 17, 2019
04:47 PM PT
Opened:
September 13, 2019
05:25 PM PT |
"
diff --git a/windows/release-information/resolved-issues-windows-10-1703.yml b/windows/release-information/resolved-issues-windows-10-1703.yml
index 4478c0a447..3417779bd7 100644
--- a/windows/release-information/resolved-issues-windows-10-1703.yml
+++ b/windows/release-information/resolved-issues-windows-10-1703.yml
@@ -32,7 +32,7 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 15063.2046
September 23, 2019
KB4522011 | Resolved
KB4524151 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 15063.2046
September 23, 2019
KB4522011 | Resolved
KB4520010 | October 08, 2019
10:00 AM PT |
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 15063.2045
September 10, 2019
KB4516068 | Resolved
| September 17, 2019
04:47 PM PT |
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 15063.1955
July 16, 2019
KB4507467 | Resolved
KB4512507 | August 13, 2019
10:00 AM PT |
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | OS Build 15063.1988
August 13, 2019
KB4512507 | Resolved
KB4512474 | August 17, 2019
02:00 PM PT |
@@ -62,7 +62,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524151.
Back to top | OS Build 15063.2046
September 23, 2019
KB4522011 | Resolved
KB4524151 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520010.
Back to top | OS Build 15063.2046
September 23, 2019
KB4522011 | Resolved
KB4520010 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
| IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: After investigation, we have found that this issue does not affect this version of Windows.
Back to top | OS Build 15063.2045
September 10, 2019
KB4516068 | Resolved
| Resolved:
September 17, 2019
04:47 PM PT
Opened:
September 13, 2019
05:25 PM PT |
"
diff --git a/windows/release-information/resolved-issues-windows-10-1709.yml b/windows/release-information/resolved-issues-windows-10-1709.yml
index f74e209cd0..edf606e491 100644
--- a/windows/release-information/resolved-issues-windows-10-1709.yml
+++ b/windows/release-information/resolved-issues-windows-10-1709.yml
@@ -32,7 +32,7 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 16299.1392
September 23, 2019
KB4522012 | Resolved
KB4524150 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 16299.1392
September 23, 2019
KB4522012 | Resolved
KB4520004 | October 08, 2019
10:00 AM PT |
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 16299.1387
September 10, 2019
KB4516066 | Resolved
| September 19, 2019
04:08 PM PT |
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 16299.1296
July 16, 2019
KB4507465 | Resolved
KB4512516 | August 13, 2019
10:00 AM PT |
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | OS Build 16299.1217
June 11, 2019
KB4503284 | Resolved
KB4512494 | August 16, 2019
02:00 PM PT |
@@ -64,7 +64,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524150.
Back to top | OS Build 16299.1392
September 23, 2019
KB4522012 | Resolved
KB4524150 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520004.
Back to top | OS Build 16299.1392
September 23, 2019
KB4522012 | Resolved
KB4520004 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
| IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: Due to security related changes in KB4516066, this issue may occur when Touch Keyboard and Handwriting Panel Service is not configured to its default startup type of Manual. To resolve the issue, perform the following steps: - Select the Start button and type Services.
- Locate Touch Keyboard and Handwriting Panel Service and double click on it or long press and select Properties.
- Locate Startup type: and change it to Manual
- Select Ok
- The TabletInputService service is now in the default configuration and IME should work as expected.
Back to top | OS Build 16299.1387
September 10, 2019
KB4516066 | Resolved
| Resolved:
September 19, 2019
04:08 PM PT
Opened:
September 13, 2019
05:25 PM PT |
"
diff --git a/windows/release-information/resolved-issues-windows-10-1803.yml b/windows/release-information/resolved-issues-windows-10-1803.yml
index a1829db162..88242a7ce0 100644
--- a/windows/release-information/resolved-issues-windows-10-1803.yml
+++ b/windows/release-information/resolved-issues-windows-10-1803.yml
@@ -32,7 +32,7 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 17134.1009
September 23, 2019
KB4522014 | Resolved
KB4524149 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 17134.1009
September 23, 2019
KB4522014 | Resolved
KB4520008 | October 08, 2019
10:00 AM PT |
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 17134.1006
September 10, 2019
KB4516058 | Resolved
| September 19, 2019
04:08 PM PT |
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 17134.915
July 16, 2019
KB4507466 | Resolved
KB4512501 | August 13, 2019
10:00 AM PT |
Notification issue: \"Your device is missing important security and quality fixes.\"
Some users may have incorrectly received the notification \"Your device is missing important security and quality fixes.\"
See details > | N/A
| Resolved
| September 03, 2019
12:32 PM PT |
@@ -65,7 +65,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524149.
Back to top | OS Build 17134.1009
September 23, 2019
KB4522014 | Resolved
KB4524149 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520008.
Back to top | OS Build 17134.1009
September 23, 2019
KB4522014 | Resolved
KB4520008 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
| IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: Due to security related changes in KB4516058, this issue may occur when Touch Keyboard and Handwriting Panel Service is not configured to its default startup type of Manual. To resolve the issue, perform the following steps: - Select the Start button and type Services.
- Locate Touch Keyboard and Handwriting Panel Service and double click on it or long press and select Properties.
- Locate Startup type: and change it to Manual
- Select Ok
- The TabletInputService service is now in the default configuration and IME should work as expected.
Back to top | OS Build 17134.1006
September 10, 2019
KB4516058 | Resolved
| Resolved:
September 19, 2019
04:08 PM PT
Opened:
September 13, 2019
05:25 PM PT |
| Notification issue: \"Your device is missing important security and quality fixes.\" Some users may have incorrectly received the notification \"Your device is missing important security and quality fixes\" in the Windows Update dialog and a red \"!\" in the task tray on the Windows Update tray icon. This notification is intended for devices that are 90 days or more out of date, but some users with installed updates released in June or July also saw this notification.
Affected platforms: - Client: Windows 10, version 1803
- Server: Windows Server, version 1803
Resolution: This issue was resolved on the server side on August 30, 2019. Only devices that are out of date by 90 days or more should now see the notification. No action is required by the user to resolve this issue. If you are still seeing the \"Your device is missing important security and quality fixes\" notification, we recommend selecting Check for Updates in the Windows Update dialog. For instructions, see Update Windows 10. Microsoft always recommends trying to keep your devices up to date, as the monthly updates contain important security fixes.
Back to top | N/A
| Resolved
| Resolved:
September 03, 2019
12:32 PM PT
Opened:
September 03, 2019
12:32 PM PT |
diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
index 141d598e3f..f51a44421a 100644
--- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
+++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
@@ -32,7 +32,7 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 17763.740
September 23, 2019
KB4522015 | Resolved
KB4524148 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 17763.740
September 23, 2019
KB4522015 | Resolved
KB4519338 | October 08, 2019
10:00 AM PT |
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.
See details > | OS Build 17763.55
October 09, 2018
KB4464330 | Resolved
KB4516077 | September 24, 2019
10:00 AM PT |
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 17763.737
September 10, 2019
KB4512578 | Resolved
| September 19, 2019
04:08 PM PT |
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 17763.652
July 22, 2019
KB4505658 | Resolved
KB4511553 | August 13, 2019
10:00 AM PT |
@@ -72,7 +72,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524148.
Back to top | OS Build 17763.740
September 23, 2019
KB4522015 | Resolved
KB4524148 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4519338.
Back to top | OS Build 17763.740
September 23, 2019
KB4522015 | Resolved
KB4519338 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
| IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: Due to security related changes in KB4512578, this issue may occur when Touch Keyboard and Handwriting Panel Service is not configured to its default startup type of Manual. To resolve the issue, perform the following steps: - Select the Start button and type Services.
- Locate Touch Keyboard and Handwriting Panel Service and double click on it or long press and select Properties.
- Locate Startup type: and change it to Manual
- Select Ok
- The TabletInputService service is now in the default configuration and IME should work as expected.
Back to top | OS Build 17763.737
September 10, 2019
KB4512578 | Resolved
| Resolved:
September 19, 2019
04:08 PM PT
Opened:
September 13, 2019
05:25 PM PT |
"
diff --git a/windows/release-information/resolved-issues-windows-10-1903.yml b/windows/release-information/resolved-issues-windows-10-1903.yml
index 110be2f42f..b8113225b2 100644
--- a/windows/release-information/resolved-issues-windows-10-1903.yml
+++ b/windows/release-information/resolved-issues-windows-10-1903.yml
@@ -32,7 +32,7 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 18362.357
September 23, 2019
KB4522016 | Resolved
KB4524147 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 18362.357
September 23, 2019
KB4522016 | Resolved
KB4517389 | October 08, 2019
10:00 AM PT |
Audio in games is quiet or different than expected
Microsoft has received reports that audio in certain games is quieter or different than expected.
See details > | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
KB4517211 | September 26, 2019
02:00 PM PT |
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
| September 19, 2019
04:08 PM PT |
Some users report issues related to the Start menu and Windows Desktop Search
Microsoft has received reports that a small number of users are having issues related to the Start menu and Windows Desktop Search.
See details > | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
| September 19, 2019
04:58 PM PT |
@@ -70,7 +70,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524147.
Back to top | OS Build 18362.357
September 23, 2019
KB4522016 | Resolved
KB4524147 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517389.
Back to top | OS Build 18362.357
September 23, 2019
KB4522016 | Resolved
KB4517389 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
| Audio in games is quiet or different than expected Microsoft has received reports that audio in certain games is quieter or different than expected. At the request of some of our audio partners, we implemented a compatibility change that enabled certain games to query support and render multi-channel audio. Due to customer feedback, we are reverting this change as some games and some devices are not rendering multi-channel audio as expected. This may result in games sounding different than customers are used to and may have missing channels.
Affected platforms: - Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4517211.
Back to top | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
KB4517211 | Resolved:
September 26, 2019
02:00 PM PT
Opened:
September 13, 2019
05:25 PM PT |
| IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: Due to security related changes in KB4515384, this issue may occur when Touch Keyboard and Handwriting Panel Service is not configured to its default startup type of Manual. To resolve the issue, perform the following steps: - Select the Start button and type Services.
- Locate Touch Keyboard and Handwriting Panel Service and double click on it or long press and select Properties.
- Locate Startup type: and change it to Manual
- Select Ok
- The TabletInputService service is now in the default configuration and IME should work as expected.
Back to top | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
| Resolved:
September 19, 2019
04:08 PM PT
Opened:
September 13, 2019
05:25 PM PT |
| Some users report issues related to the Start menu and Windows Desktop Search Microsoft has received reports that a small number of users are having issues related to the Start menu and Windows Desktop Search.
Affected platforms: - Client: Windows 10, version 1903
Resolution: At this time, Microsoft has not found a Search or Start issue significantly impacting users originating from KB4515384. We will continue monitoring to ensure users have a high-quality experience when interacting with these areas. If you are currently having issues, we recommend you to take a moment to report it in via the Feedback Hub (Windows + F) then try the Windows 10 Troubleshoot settings (found in Settings). If you are having an issue with search, see Fix problems in Windows Search.
Back to top | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
| Resolved:
September 19, 2019
04:58 PM PT
Opened:
September 11, 2019
05:18 PM PT |
diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
index bd24de9f18..06de4933bb 100644
--- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -32,7 +32,7 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | September 24, 2019
KB4516048 | Resolved
KB4524157 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | September 24, 2019
KB4516048 | Resolved
KB4519976 | October 08, 2019
10:00 AM PT |
You may receive an error when opening or using the Toshiba Qosmio AV Center
Toshiba Qosmio AV Center may error when opening and you may also receive an error in Event Log related to cryptnet.dll.
See details > | August 13, 2019
KB4512506 | Resolved
KB4516048 | September 24, 2019
10:00 AM PT |
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Windows updates that are SHA-2 signed are not available with Symantec or Norton antivirus program installed
See details > | August 13, 2019
KB4512506 | Resolved External
| August 27, 2019
02:29 PM PT |
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | June 11, 2019
KB4503292 | Resolved
KB4512514 | August 17, 2019
02:00 PM PT |
@@ -66,7 +66,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524157. If you are using Security Only updates, see KB4524135 for resolving KB for your platform.
Back to top | September 24, 2019
KB4516048 | Resolved
KB4524157 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4519976. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.
Back to top | September 24, 2019
KB4516048 | Resolved
KB4519976 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
You may receive an error when opening or using the Toshiba Qosmio AV CenterAfter installing KB4512506, you may receive an error when opening or using the Toshiba Qosmio AV Center. You may also receive an error in Event Log related to cryptnet.dll.
Affected platforms: Resolution: This issue was resolved in KB4516048.
Back to top | August 13, 2019
KB4512506 | Resolved
KB4516048 | Resolved:
September 24, 2019
10:00 AM PT
Opened:
September 10, 2019
09:48 AM PT |
"
diff --git a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml
index eb55d204f7..b397d4c0c7 100644
--- a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml
+++ b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml
@@ -32,7 +32,7 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | September 24, 2019
KB4516041 | Resolved
KB4524156 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | September 24, 2019
KB4516041 | Resolved
KB4520005 | October 08, 2019
10:00 AM PT |
Windows RT 8.1 devices may have issues opening Internet Explorer 11
On Windows RT 8.1 devices, Internet Explorer 11 may not open and you may receive an error.
See details > | September 10, 2019
KB4516067 | Resolved
KB4516041 | September 24, 2019
10:00 AM PT |
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | June 11, 2019
KB4503276 | Resolved
KB4512478 | August 17, 2019
02:00 PM PT |
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | August 13, 2019
KB4512488 | Resolved
KB4517298 | August 16, 2019
02:00 PM PT |
@@ -66,7 +66,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524156. If you are using Security Only updates, see KB4524135 for resolving KB for your platform.
Back to top | September 24, 2019
KB4516041 | Resolved
KB4524156 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520005. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.
Back to top | September 24, 2019
KB4516041 | Resolved
KB4520005 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
| Windows RT 8.1 devices may have issues opening Internet Explorer 11 On Windows 8.1 RT devices, Internet Explorer 11 may not open and you may receive the error, \"C:\\Program Files\\Internet Explorer\\iexplore.exe: A certificate was explicitly revoked by its issuer.\"
Affected platforms: Resolution: This issue was resolved in KB4516041.
Back to top | September 10, 2019
KB4516067 | Resolved
KB4516041 | Resolved:
September 24, 2019
10:00 AM PT
Opened:
September 13, 2019
05:25 PM PT |
"
diff --git a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
index 4e48865271..1549fb60e3 100644
--- a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
+++ b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
@@ -32,7 +32,7 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | September 24, 2019
KB4516030 | Resolved
KB4524135 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | September 24, 2019
KB4516030 | Resolved
KB4520002 | October 08, 2019
10:00 AM PT |
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | June 11, 2019
KB4503273 | Resolved
KB4512499 | August 17, 2019
02:00 PM PT |
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | August 13, 2019
KB4512476 | Resolved
KB4517301 | August 16, 2019
02:00 PM PT |
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | June 11, 2019
KB4503273 | Resolved External
| August 09, 2019
07:03 PM PT |
@@ -57,7 +57,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524135.
Back to top | September 24, 2019
KB4516030 | Resolved
KB4524135 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520002. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.
Back to top | September 24, 2019
KB4516030 | Resolved
KB4520002 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
"
diff --git a/windows/release-information/resolved-issues-windows-server-2012.yml b/windows/release-information/resolved-issues-windows-server-2012.yml
index aa3359846f..71e4d56153 100644
--- a/windows/release-information/resolved-issues-windows-server-2012.yml
+++ b/windows/release-information/resolved-issues-windows-server-2012.yml
@@ -32,7 +32,7 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | September 24, 2019
KB4516069 | Resolved
KB4524154 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | September 24, 2019
KB4516069 | Resolved
KB4520007 | October 08, 2019
10:00 AM PT |
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | June 11, 2019
KB4503285 | Resolved
KB4512512 | August 17, 2019
02:00 PM PT |
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | August 13, 2019
KB4512518 | Resolved
KB4517302 | August 16, 2019
02:00 PM PT |
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | June 11, 2019
KB4503285 | Resolved External
| August 09, 2019
07:03 PM PT |
@@ -62,7 +62,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524154. If you are using Security Only updates, see KB4524135 for resolving KB for your platform.
Back to top | September 24, 2019
KB4516069 | Resolved
KB4524154 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520007. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.
Back to top | September 24, 2019
KB4516069 | Resolved
KB4520007 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
"
diff --git a/windows/release-information/status-windows-10-1507.yml b/windows/release-information/status-windows-10-1507.yml
index ea9de65f95..ca4bc3e9f8 100644
--- a/windows/release-information/status-windows-10-1507.yml
+++ b/windows/release-information/status-windows-10-1507.yml
@@ -60,7 +60,7 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 10240.18334
September 23, 2019
KB4522009 | Resolved
KB4524153 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 10240.18334
September 23, 2019
KB4522009 | Resolved
KB4520011 | October 08, 2019
10:00 AM PT |
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details > | OS Build 10240.18094
January 08, 2019
KB4480962 | Mitigated
| April 25, 2019
02:00 PM PT |
"
@@ -77,7 +77,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524153.
Back to top | OS Build 10240.18334
September 23, 2019
KB4522009 | Resolved
KB4524153 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520011.
Back to top | OS Build 10240.18334
September 23, 2019
KB4522009 | Resolved
KB4520011 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
"
diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
index 58db7bec3f..8ae7ab2eb4 100644
--- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
+++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
@@ -60,10 +60,9 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 14393.3206
September 23, 2019
KB4522010 | Resolved
KB4524152 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 14393.3206
September 23, 2019
KB4522010 | Resolved
KB4519998 | October 08, 2019
10:00 AM PT |
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 14393.3204
September 10, 2019
KB4516044 | Resolved
| September 17, 2019
04:47 PM PT |
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.
See details > | OS Build 14393.3053
June 18, 2019
KB4503294 | Resolved
KB4516044 | September 10, 2019
10:00 AM PT |
- Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 14393.3115
July 16, 2019
KB4507459 | Resolved
KB4512517 | August 13, 2019
10:00 AM PT |
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details > | OS Build 14393.2724
January 08, 2019
KB4480961 | Mitigated
| April 25, 2019
02:00 PM PT |
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.
See details > | OS Build 14393.2608
November 13, 2018
KB4467691 | Mitigated
| February 19, 2019
10:00 AM PT |
Cluster service may fail if the minimum password length is set to greater than 14
The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.
See details > | OS Build 14393.2639
November 27, 2018
KB4467684 | Mitigated
| April 25, 2019
02:00 PM PT |
@@ -82,7 +81,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524152.
Back to top | OS Build 14393.3206
September 23, 2019
KB4522010 | Resolved
KB4524152 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4519998.
Back to top | OS Build 14393.3206
September 23, 2019
KB4522010 | Resolved
KB4519998 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
| IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: After investigation, we have found that this issue does not affect this version of Windows.
Back to top | OS Build 14393.3204
September 10, 2019
KB4516044 | Resolved
| Resolved:
September 17, 2019
04:47 PM PT
Opened:
September 13, 2019
05:25 PM PT |
"
@@ -96,16 +95,6 @@ sections:
"
-- title: July 2019
-- items:
- - type: markdown
- text: "
- | Details | Originating update | Status | History |
- Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507459. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512517 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.
Back to top | OS Build 14393.3115
July 16, 2019
KB4507459 | Resolved
KB4512517 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
-
- "
-
- title: January 2019
- items:
- type: markdown
diff --git a/windows/release-information/status-windows-10-1703.yml b/windows/release-information/status-windows-10-1703.yml
index a402fad971..9f123d8aeb 100644
--- a/windows/release-information/status-windows-10-1703.yml
+++ b/windows/release-information/status-windows-10-1703.yml
@@ -64,9 +64,8 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 15063.2046
September 23, 2019
KB4522011 | Resolved
KB4524151 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 15063.2046
September 23, 2019
KB4522011 | Resolved
KB4520010 | October 08, 2019
10:00 AM PT |
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 15063.2045
September 10, 2019
KB4516068 | Resolved
| September 17, 2019
04:47 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 15063.1955
July 16, 2019
KB4507467 | Resolved
KB4512507 | August 13, 2019
10:00 AM PT |
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details > | OS Build 15063.1563
January 08, 2019
KB4480973 | Mitigated
| April 25, 2019
02:00 PM PT |
"
@@ -83,21 +82,11 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524151.
Back to top | OS Build 15063.2046
September 23, 2019
KB4522011 | Resolved
KB4524151 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520010.
Back to top | OS Build 15063.2046
September 23, 2019
KB4522011 | Resolved
KB4520010 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
| IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: After investigation, we have found that this issue does not affect this version of Windows.
Back to top | OS Build 15063.2045
September 10, 2019
KB4516068 | Resolved
| Resolved:
September 17, 2019
04:47 PM PT
Opened:
September 13, 2019
05:25 PM PT |
"
-- title: July 2019
-- items:
- - type: markdown
- text: "
- | Details | Originating update | Status | History |
- Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507467. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512507 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.
Back to top | OS Build 15063.1955
July 16, 2019
KB4507467 | Resolved
KB4512507 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
-
- "
-
- title: January 2019
- items:
- type: markdown
diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml
index 2dd29ea31f..5c261a20d3 100644
--- a/windows/release-information/status-windows-10-1709.yml
+++ b/windows/release-information/status-windows-10-1709.yml
@@ -60,9 +60,8 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 16299.1392
September 23, 2019
KB4522012 | Resolved
KB4524150 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 16299.1392
September 23, 2019
KB4522012 | Resolved
KB4520004 | October 08, 2019
10:00 AM PT |
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 16299.1387
September 10, 2019
KB4516066 | Resolved
| September 19, 2019
04:08 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 16299.1296
July 16, 2019
KB4507465 | Resolved
KB4512516 | August 13, 2019
10:00 AM PT |
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details > | OS Build 16299.904
January 08, 2019
KB4480978 | Mitigated
| April 25, 2019
02:00 PM PT |
"
@@ -79,21 +78,11 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524150.
Back to top | OS Build 16299.1392
September 23, 2019
KB4522012 | Resolved
KB4524150 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520004.
Back to top | OS Build 16299.1392
September 23, 2019
KB4522012 | Resolved
KB4520004 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
| IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: Due to security related changes in KB4516066, this issue may occur when Touch Keyboard and Handwriting Panel Service is not configured to its default startup type of Manual. To resolve the issue, perform the following steps: - Select the Start button and type Services.
- Locate Touch Keyboard and Handwriting Panel Service and double click on it or long press and select Properties.
- Locate Startup type: and change it to Manual
- Select Ok
- The TabletInputService service is now in the default configuration and IME should work as expected.
Back to top | OS Build 16299.1387
September 10, 2019
KB4516066 | Resolved
| Resolved:
September 19, 2019
04:08 PM PT
Opened:
September 13, 2019
05:25 PM PT |
"
-- title: July 2019
-- items:
- - type: markdown
- text: "
- | Details | Originating update | Status | History |
- Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507465. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512516 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.
Back to top | OS Build 16299.1296
July 16, 2019
KB4507465 | Resolved
KB4512516 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
-
- "
-
- title: January 2019
- items:
- type: markdown
diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml
index a69dcf3047..20747f2e00 100644
--- a/windows/release-information/status-windows-10-1803.yml
+++ b/windows/release-information/status-windows-10-1803.yml
@@ -64,10 +64,9 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 17134.1009
September 23, 2019
KB4522014 | Resolved
KB4524149 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 17134.1009
September 23, 2019
KB4522014 | Resolved
KB4520008 | October 08, 2019
10:00 AM PT |
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 17134.1006
September 10, 2019
KB4516058 | Resolved
| September 19, 2019
04:08 PM PT |
Windows Mixed Reality Portal users may intermittently receive a 15-5 error code
You may receive a 15-5 error code in Windows Mixed Reality Portal and your headset may not respond to \"wake up\" from sleep.
See details > | OS Build 17134.950
August 13, 2019
KB4512501 | Mitigated
| September 11, 2019
05:32 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 17134.915
July 16, 2019
KB4507466 | Resolved
KB4512501 | August 13, 2019
10:00 AM PT |
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.
See details > | OS Build 17134.829
June 11, 2019
KB4503286 | Mitigated
| June 14, 2019
04:41 PM PT |
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details > | OS Build 17134.523
January 08, 2019
KB4480966 | Mitigated
| April 25, 2019
02:00 PM PT |
@@ -85,22 +84,12 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524149.
Back to top | OS Build 17134.1009
September 23, 2019
KB4522014 | Resolved
KB4524149 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520008.
Back to top | OS Build 17134.1009
September 23, 2019
KB4522014 | Resolved
KB4520008 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
| IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: Due to security related changes in KB4516058, this issue may occur when Touch Keyboard and Handwriting Panel Service is not configured to its default startup type of Manual. To resolve the issue, perform the following steps: - Select the Start button and type Services.
- Locate Touch Keyboard and Handwriting Panel Service and double click on it or long press and select Properties.
- Locate Startup type: and change it to Manual
- Select Ok
- The TabletInputService service is now in the default configuration and IME should work as expected.
Back to top | OS Build 17134.1006
September 10, 2019
KB4516058 | Resolved
| Resolved:
September 19, 2019
04:08 PM PT
Opened:
September 13, 2019
05:25 PM PT |
Windows Mixed Reality Portal users may intermittently receive a 15-5 error codeAfter installing KB4512501, Windows Mixed Reality Portal users may intermittently receive a 15-5 error code. In some cases, Windows Mixed Reality Portal may report that the headset is sleeping and pressing “Wake up” may appear to produce no action.
Affected platforms: - Client: Windows 10, version 1809; Windows 10, version 1803
Workaround: To mitigate the issue, use the following steps: - Close the Windows Mixed Reality Portal, if it is running.
- Open Task Manager by selecting the Start button and typing Task Manager.
- In Task Manager under the Processes tab, right click or long press on “Windows Explorer” and select restart.
- You can now open the Windows Mixed Reality Portal.
Next steps: We are working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 17134.950
August 13, 2019
KB4512501 | Mitigated
| Last updated:
September 11, 2019
05:32 PM PT
Opened:
September 11, 2019
05:32 PM PT |
"
-- title: July 2019
-- items:
- - type: markdown
- text: "
- | Details | Originating update | Status | History |
- Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507466. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512501 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.
Back to top | OS Build 17134.915
July 16, 2019
KB4507466 | Resolved
KB4512501 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
-
- "
-
- title: June 2019
- items:
- type: markdown
diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
index 1cb92449c8..62622b2f60 100644
--- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
+++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
@@ -64,11 +64,10 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 17763.740
September 23, 2019
KB4522015 | Resolved
KB4524148 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 17763.740
September 23, 2019
KB4522015 | Resolved
KB4519338 | October 08, 2019
10:00 AM PT |
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.
See details > | OS Build 17763.55
October 09, 2018
KB4464330 | Resolved
KB4516077 | September 24, 2019
10:00 AM PT |
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 17763.737
September 10, 2019
KB4512578 | Resolved
| September 19, 2019
04:08 PM PT |
Windows Mixed Reality Portal users may intermittently receive a 15-5 error code
You may receive a 15-5 error code in Windows Mixed Reality Portal and your headset may not respond to \"wake up\" from sleep.
See details > | OS Build 17763.678
August 13, 2019
KB4511553 | Mitigated
| September 11, 2019
05:32 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 17763.652
July 22, 2019
KB4505658 | Resolved
KB4511553 | August 13, 2019
10:00 AM PT |
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.
See details > | OS Build 17763.557
June 11, 2019
KB4503327 | Mitigated
| June 14, 2019
04:41 PM PT |
Devices with some Asian language packs installed may receive an error
After installing the KB4493509 devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_F
See details > | OS Build 17763.437
April 09, 2019
KB4493509 | Mitigated
| May 03, 2019
10:59 AM PT |
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details > | OS Build 17763.253
January 08, 2019
KB4480116 | Mitigated
| April 09, 2019
10:00 AM PT |
@@ -87,7 +86,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524148.
Back to top | OS Build 17763.740
September 23, 2019
KB4522015 | Resolved
KB4524148 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4519338.
Back to top | OS Build 17763.740
September 23, 2019
KB4522015 | Resolved
KB4519338 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
| IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: Due to security related changes in KB4512578, this issue may occur when Touch Keyboard and Handwriting Panel Service is not configured to its default startup type of Manual. To resolve the issue, perform the following steps: - Select the Start button and type Services.
- Locate Touch Keyboard and Handwriting Panel Service and double click on it or long press and select Properties.
- Locate Startup type: and change it to Manual
- Select Ok
- The TabletInputService service is now in the default configuration and IME should work as expected.
Back to top | OS Build 17763.737
September 10, 2019
KB4512578 | Resolved
| Resolved:
September 19, 2019
04:08 PM PT
Opened:
September 13, 2019
05:25 PM PT |
Windows Mixed Reality Portal users may intermittently receive a 15-5 error codeAfter installing KB4511553, Windows Mixed Reality Portal users may intermittently receive a 15-5 error code. In some cases, Windows Mixed Reality Portal may report that the headset is sleeping and pressing “Wake up” may appear to produce no action.
Affected platforms: - Client: Windows 10, version 1809; Windows 10, version 1803
Workaround: To mitigate the issue, use the following steps: - Close the Windows Mixed Reality Portal, if it is running.
- Open Task Manager by selecting the Start button and typing Task Manager.
- In Task Manager under the Processes tab, right click or long press on “Windows Explorer” and select restart.
- You can now open the Windows Mixed Reality Portal.
Next steps: We are working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 17763.678
August 13, 2019
KB4511553 | Mitigated
| Last updated:
September 11, 2019
05:32 PM PT
Opened:
September 11, 2019
05:32 PM PT |
@@ -102,16 +101,6 @@ sections:
"
-- title: July 2019
-- items:
- - type: markdown
- text: "
- | Details | Originating update | Status | History |
- Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4505658. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4511553 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.
Back to top | OS Build 17763.652
July 22, 2019
KB4505658 | Resolved
KB4511553 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
-
- "
-
- title: June 2019
- items:
- type: markdown
diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml
index 661f11987d..fab48103a1 100644
--- a/windows/release-information/status-windows-10-1903.yml
+++ b/windows/release-information/status-windows-10-1903.yml
@@ -64,15 +64,13 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 18362.357
September 23, 2019
KB4522016 | Resolved
KB4524147 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | OS Build 18362.357
September 23, 2019
KB4522016 | Resolved
KB4517389 | October 08, 2019
10:00 AM PT |
Audio in games is quiet or different than expected
Microsoft has received reports that audio in certain games is quieter or different than expected.
See details > | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
KB4517211 | September 26, 2019
02:00 PM PT |
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
| September 19, 2019
04:08 PM PT |
Some users report issues related to the Start menu and Windows Desktop Search
Microsoft has received reports that a small number of users are having issues related to the Start menu and Windows Desktop Search.
See details > | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
| September 19, 2019
04:58 PM PT |
Safeguard on certain devices with some Intel and Broadcom Wi-Fi adapters
Microsoft and NEC have found incompatibility issues with some devices with Intel Centrino 6205/6235 and Broadcom 802.11ac Wi-Fi cards when running Windows 10, version 1903.
See details > | N/A
| Mitigated
| September 13, 2019
05:25 PM PT |
Screenshots and Snips have an unnatural orange tint
Users have reported an orange tint on Screenshots and Snips with the Lenovo Vantage app installed
See details > | OS Build 18362.356
September 10, 2019
KB4516115 | Resolved External
| September 11, 2019
08:54 PM PT |
Windows Desktop Search may not return any results and may have high CPU usage
Windows Desktop Search may not return any results and SearchUI.exe may have high CPU usage after installing KB4512941.
See details > | OS Build 18362.329
August 30, 2019
KB4512941 | Resolved
KB4515384 | September 10, 2019
10:00 AM PT |
- Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 18362.145
May 29, 2019
KB4497935 | Resolved
KB4512941 | August 30, 2019
10:00 AM PT |
- Issues updating when certain versions of Intel storage drivers are installed
Certain versions of Intel Rapid Storage Technology (Intel RST) drivers may cause updating to Windows 10, version 1903 to fail.
See details > | OS Build 18362.145
May 29, 2019
KB4497935 | Resolved
KB4512941 | August 30, 2019
10:00 AM PT |
Updates may fail to install and you may receive Error 0x80073701
Installation of updates may fail and you may receive an error, \"Updates Failed, There were problems installing some updates, but we'll try again later\" and \"Error 0x80073701.\"
See details > | OS Build 18362.145
May 29, 2019
KB4497935 | Investigating
| August 16, 2019
04:28 PM PT |
Intermittent loss of Wi-Fi connectivity
Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver.
See details > | OS Build 18362.116
May 21, 2019
KB4505057 | Mitigated External
| August 01, 2019
08:44 PM PT |
Gamma ramps, color profiles, and night light settings do not apply in some cases
Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.
See details > | OS Build 18362.116
May 21, 2019
KB4505057 | Mitigated
| August 01, 2019
06:27 PM PT |
@@ -95,7 +93,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524147.
Back to top | OS Build 18362.357
September 23, 2019
KB4522016 | Resolved
KB4524147 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517389.
Back to top | OS Build 18362.357
September 23, 2019
KB4522016 | Resolved
KB4517389 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
| Audio in games is quiet or different than expected Microsoft has received reports that audio in certain games is quieter or different than expected. At the request of some of our audio partners, we implemented a compatibility change that enabled certain games to query support and render multi-channel audio. Due to customer feedback, we are reverting this change as some games and some devices are not rendering multi-channel audio as expected. This may result in games sounding different than customers are used to and may have missing channels.
Affected platforms: - Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4517211.
Back to top | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
KB4517211 | Resolved:
September 26, 2019
02:00 PM PT
Opened:
September 13, 2019
05:25 PM PT |
| IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: Due to security related changes in KB4515384, this issue may occur when Touch Keyboard and Handwriting Panel Service is not configured to its default startup type of Manual. To resolve the issue, perform the following steps: - Select the Start button and type Services.
- Locate Touch Keyboard and Handwriting Panel Service and double click on it or long press and select Properties.
- Locate Startup type: and change it to Manual
- Select Ok
- The TabletInputService service is now in the default configuration and IME should work as expected.
Back to top | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
| Resolved:
September 19, 2019
04:08 PM PT
Opened:
September 13, 2019
05:25 PM PT |
| Some users report issues related to the Start menu and Windows Desktop Search Microsoft has received reports that a small number of users are having issues related to the Start menu and Windows Desktop Search.
Affected platforms: - Client: Windows 10, version 1903
Resolution: At this time, Microsoft has not found a Search or Start issue significantly impacting users originating from KB4515384. We will continue monitoring to ensure users have a high-quality experience when interacting with these areas. If you are currently having issues, we recommend you to take a moment to report it in via the Feedback Hub (Windows + F) then try the Windows 10 Troubleshoot settings (found in Settings). If you are having an issue with search, see Fix problems in Windows Search.
Back to top | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
| Resolved:
September 19, 2019
04:58 PM PT
Opened:
September 11, 2019
05:18 PM PT |
@@ -119,9 +117,6 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4497935. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512941 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.
Back to top | OS Build 18362.145
May 29, 2019
KB4497935 | Resolved
KB4512941 | Resolved:
August 30, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
- | Issues updating when certain versions of Intel storage drivers are installed Intel and Microsoft have found incompatibility issues with certain versions of the Intel Rapid Storage Technology (Intel RST) drivers and the Windows 10 May 2019 Update (Windows 10, version 1903).
To safeguard your update experience, we have applied a compatibility hold on devices with Intel RST drivers, versions 15.1.0.1002 through version 15.5.2.1053 installed from installing or being offered Windows 10, version 1903 or Windows Server, version 1903, until the driver has been updated.
Versions 15.5.2.1054 or later are compatible, and a device that has these drivers installed can install the Windows 10 May 2019 Update. For affected devices, the recommended version is 15.9.8.1050.
Affected platforms: - Client: Windows 10, version 1903
- Server: Windows Server, version 1903
Resolution: This issue was resolved in KB4512941 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.
Back to top | OS Build 18362.145
May 29, 2019
KB4497935 | Resolved
KB4512941 | Resolved:
August 30, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
| The dGPU may occasionally disappear from device manager on Surface Book 2 with dGPU Microsoft has identified a compatibility issue on some Surface Book 2 devices configured with Nvidia discrete graphics processing unit (dGPU). After updating to Windows 10, version 1903 (May 2019 Feature Update), some apps or games that needs to perform graphics intensive operations may close or fail to open.
To safeguard your update experience, we have applied a compatibility hold on Surface Book 2 devices with Nvidia dGPUs from being offered Windows 10, version 1903, until this issue is resolved.
Affected platforms: - Client: Windows 10, version 1903
Workaround: To mitigate the issue if you are already on Windows 10, version 1903, you can restart the device or select the Scan for hardware changes button in the Action menu or on the toolbar in Device Manager.
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.
Next steps: We are working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 18362.145
May 29, 2019
KB4497935 | Investigating
| Last updated:
July 16, 2019
09:04 AM PT
Opened:
July 12, 2019
04:20 PM PT |
"
diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
index 1f1610c028..3d71ca817a 100644
--- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -60,7 +60,7 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | September 24, 2019
KB4516048 | Resolved
KB4524157 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | September 24, 2019
KB4516048 | Resolved
KB4519976 | October 08, 2019
10:00 AM PT |
You may receive an error when opening or using the Toshiba Qosmio AV Center
Toshiba Qosmio AV Center may error when opening and you may also receive an error in Event Log related to cryptnet.dll.
See details > | August 13, 2019
KB4512506 | Resolved
KB4516048 | September 24, 2019
10:00 AM PT |
IA64 and x64 devices may fail to start after installing updates
After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.
See details > | August 13, 2019
KB4512506 | Mitigated
| August 17, 2019
12:59 PM PT |
@@ -78,7 +78,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524157. If you are using Security Only updates, see KB4524135 for resolving KB for your platform.
Back to top | September 24, 2019
KB4516048 | Resolved
KB4524157 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4519976. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.
Back to top | September 24, 2019
KB4516048 | Resolved
KB4519976 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
You may receive an error when opening or using the Toshiba Qosmio AV CenterAfter installing KB4512506, you may receive an error when opening or using the Toshiba Qosmio AV Center. You may also receive an error in Event Log related to cryptnet.dll.
Affected platforms: Resolution: This issue was resolved in KB4516048.
Back to top | August 13, 2019
KB4512506 | Resolved
KB4516048 | Resolved:
September 24, 2019
10:00 AM PT
Opened:
September 10, 2019
09:48 AM PT |
"
diff --git a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml
index d974923d48..a95d9775c6 100644
--- a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml
+++ b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml
@@ -60,7 +60,7 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | September 24, 2019
KB4516041 | Resolved
KB4524156 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | September 24, 2019
KB4516041 | Resolved
KB4520005 | October 08, 2019
10:00 AM PT |
Windows RT 8.1 devices may have issues opening Internet Explorer 11
On Windows RT 8.1 devices, Internet Explorer 11 may not open and you may receive an error.
See details > | September 10, 2019
KB4516067 | Resolved
KB4516041 | September 24, 2019
10:00 AM PT |
Japanese IME doesn't show the new Japanese Era name as a text input option
If previous dictionary updates are installed, the Japanese input method editor (IME) doesn't show the new Japanese Era name as a text input option.
See details > | April 25, 2019
KB4493443 | Mitigated
| May 15, 2019
05:53 PM PT |
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.
See details > | January 08, 2019
KB4480963 | Mitigated
| April 25, 2019
02:00 PM PT |
@@ -79,7 +79,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524156. If you are using Security Only updates, see KB4524135 for resolving KB for your platform.
Back to top | September 24, 2019
KB4516041 | Resolved
KB4524156 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520005. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.
Back to top | September 24, 2019
KB4516041 | Resolved
KB4520005 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
| Windows RT 8.1 devices may have issues opening Internet Explorer 11 On Windows 8.1 RT devices, Internet Explorer 11 may not open and you may receive the error, \"C:\\Program Files\\Internet Explorer\\iexplore.exe: A certificate was explicitly revoked by its issuer.\"
Affected platforms: Resolution: This issue was resolved in KB4516041.
Back to top | September 10, 2019
KB4516067 | Resolved
KB4516041 | Resolved:
September 24, 2019
10:00 AM PT
Opened:
September 13, 2019
05:25 PM PT |
"
diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml
index 0eee091e73..fda671a495 100644
--- a/windows/release-information/status-windows-server-2008-sp2.yml
+++ b/windows/release-information/status-windows-server-2008-sp2.yml
@@ -60,7 +60,7 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | September 24, 2019
KB4516030 | Resolved
KB4524135 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | September 24, 2019
KB4516030 | Resolved
KB4520002 | October 08, 2019
10:00 AM PT |
Issues manually installing updates by double-clicking the .msu file
You may encounter issues manually installing updates by double-clicking the .msu file and may receive an error.
See details > | September 10, 2019
KB4474419 | Mitigated
KB4474419 | September 24, 2019
08:17 AM PT |
"
@@ -77,7 +77,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524135.
Back to top | September 24, 2019
KB4516030 | Resolved
KB4524135 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520002. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.
Back to top | September 24, 2019
KB4516030 | Resolved
KB4520002 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
Issues manually installing updates by double-clicking the .msu fileAfter installing the SHA-2 update ( KB4474419) released on September 10, 2019, you may encounter issues manually installing updates by double-clicking on the .msu file and may receive the error, \"Installer encountered an error: 0x80073afc. The resource loader failed to find MUI file.\"
Affected platforms: - Server: Windows Server 2008 SP2
Workaround: Open a command prompt and use the following command (replacing <msu location> with the actual location and filename of the update): wusa.exe <msu location> /quiet
Resolution: This issue is resolved in KB4474419 released September 23, 2019. Currently, this version is only available from the Microsoft Update Catalog. To resolve this issue, you will need to manually download the package and use the workaround above to install it.
Next steps: We estimate a solution will be available in mid-October on Windows Update and Windows Server Update Services (WSUS).
Back to top | September 10, 2019
KB4474419 | Mitigated
KB4474419 | Last updated:
September 24, 2019
08:17 AM PT
Opened:
September 20, 2019
04:57 PM PT |
"
diff --git a/windows/release-information/status-windows-server-2012.yml b/windows/release-information/status-windows-server-2012.yml
index f22c434757..f472c2357e 100644
--- a/windows/release-information/status-windows-server-2012.yml
+++ b/windows/release-information/status-windows-server-2012.yml
@@ -60,7 +60,7 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | September 24, 2019
KB4516069 | Resolved
KB4524154 | October 03, 2019
10:00 AM PT |
+ Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing.
See details > | September 24, 2019
KB4516069 | Resolved
KB4520007 | October 08, 2019
10:00 AM PT |
Japanese IME doesn't show the new Japanese Era name as a text input option
If previous dictionary updates are installed, the Japanese input method editor (IME) doesn't show the new Japanese Era name as a text input option.
See details > | April 25, 2019
KB4493462 | Mitigated
| May 15, 2019
05:53 PM PT |
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.
See details > | January 08, 2019
KB4480975 | Mitigated
| April 25, 2019
02:00 PM PT |
@@ -78,7 +78,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Intermittent issues when printing The print spooler service may intermittently have issues completing a print job and may result in a print job being canceled or failing. Some apps may close or error when the print spooler fails and you may receive a remote procedure call error (RPC error) from some printing utility or printing apps.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4524154. If you are using Security Only updates, see KB4524135 for resolving KB for your platform.
Back to top | September 24, 2019
KB4516069 | Resolved
KB4524154 | Resolved:
October 03, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
+ | Intermittent issues when printing Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms: - Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
- The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520007. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.
Back to top | September 24, 2019
KB4516069 | Resolved
KB4520007 | Resolved:
October 08, 2019
10:00 AM PT
Opened:
September 30, 2019
06:26 PM PT |
"
diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml
index 2d377d5542..5041d4ac98 100644
--- a/windows/release-information/windows-message-center.yml
+++ b/windows/release-information/windows-message-center.yml
@@ -50,6 +50,7 @@ sections:
text: "
| Message | Date |
+ Take Action: October 2019 security update available for all supported versions of Windows
The October 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1903 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate. | October 08, 2019
08:00 AM PT |
Take action: Security update available for all supported versions of Windows
On October 3, 2019, Microsoft expanded delivery of the out-of-band Internet Explorer scripting engine security vulnerability (CVE-2019-1367) update released on September 23, 2019 to Windows Update and Windows Server Update Services (WSUS). This is now a required security update for all supported versions of Windows as it includes the Internet Explorer scripting engine vulnerability mitigation and corrects a recent printing issue some users have experienced. All customers using Windows Update or WSUS will be offered this update automatically. We recommend that you install this update as soon as a possible, then restart your PC to fully apply the mitigations and help secure your devices. As with all cumulative updates, this update supersedes any preceding update. Note: This update does not replace the standard October 2019 monthly security update release, which is scheduled for October 8, 2019. | October 03, 2019
08:00 AM PT |
September 2019 Windows 10, version 1903 \"D\" optional release is available
The September 2019 optional monthly “D” release for Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release. | September 26, 2019
02:00 PM PT |
Status update: September 2019 Windows \"C\" optional release available
The September 2019 optional monthly “C” release for all supported versions of Windows is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release. | September 24, 2019
08:10 AM PT |
diff --git a/windows/security/identity-protection/hello-for-business/hello-features.md b/windows/security/identity-protection/hello-for-business/hello-features.md
index 83a4dc444e..950be3148c 100644
--- a/windows/security/identity-protection/hello-for-business/hello-features.md
+++ b/windows/security/identity-protection/hello-for-business/hello-features.md
@@ -25,12 +25,238 @@ ms.date: 05/05/2018
Consider these additional features you can use after your organization deploys Windows Hello for Business.
-- [Conditional Access](hello-feature-conditional-access.md)
-- [Dual Enrollment](hello-feature-dual-enrollment.md)
-- [Dynamic lock](hello-feature-dynamic-lock.md)
-- [Multifactor Unlock](feature-multifactor-unlock.md)
-- [PIN Reset](hello-feature-pin-reset.md)
-- [Remote Desktop](hello-feature-remote-desktop.md)
+## Conditional access
+
+**Requirements:**
+* Azure Active Directory
+* Hybrid Windows Hello for Business deployment
+
+
+In a mobile-first, cloud-first world, Azure Active Directory enables single sign-on to devices, applications, and services from anywhere. With the proliferation of devices (including BYOD), work off corporate networks, and 3rd party SaaS applications, IT professionals are faced with two opposing goals:+
+* Empower the end users to be productive wherever and whenever
+* Protect the corporate assets at any time
+
+To improve productivity, Azure Active Directory provides your users with a broad range of options to access your corporate assets. With application access management, Azure Active Directory enables you to ensure that only the right people can access your applications. What if you want to have more control over how the right people are accessing your resources under certain conditions? What if you even have conditions under which you want to block access to certain applications even for the right people? For example, it might be OK for you if the right people are accessing certain applications from a trusted network; however, you might not want them to access these applications from a network you don't trust. You can address these questions using conditional access.
+
+Read [Conditional access in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/active-directory-conditional-access-azure-portal) to learn more about Conditional Access. Afterwards, read [Getting started with conditional access in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/active-directory-conditional-access-azure-portal-get-started) to start deploying Conditional access.
+
+## Dynamic lock
+
+**Requirements:**
+* Windows 10, version 1703
+
+Dynamic lock enables you to configure Windows 10 devices to automatically lock when Bluetooth paired device signal falls below the maximum Received Signal Strength Indicator (RSSI) value. You configure the dynamic lock policy using Group Policy. You can locate the policy setting at **Computer Configuration\Administrative Templates\Windows Components\Windows Hello for Business**. The name of the policy is **Configure dynamic lock factors**.
+
+The Group Policy Editor, when the policy is enabled, creates a default signal rule policy with the following value:
+
+> [!IMPORTANT]
+>Microsoft recommends using the default values for this policy settings. Measurements are relative based on the varying conditions of each environment. Therefore, the same values may produce different results. Test policy settings in each environment prior to broadly deploying the setting.
+
+```
+
+
+
+```
+
+For this policy setting, the **type** and **scenario** attribute values are static and cannot change. The **classofDevice** attribute defaults Phones and uses the values from the following table
+
+|Description|Value|
+|:-------------|:-------:|
+|Miscellaneous|0|
+|Computer|256|
+|Phone|512|
+|LAN/Network Access Point|768|
+|Audio/Video|1024|
+|Peripheral|1280|
+|Imaging|1536|
+|Wearable|1792|
+|Toy|2048|
+|Health|2304|
+|Uncategorized|7936|
+
+The **rssiMin** attribute value signal indicates the strength needed for the device to be considered "in-range". The default value of **-10** enables a user to move about an average size office or cubicle without triggering Windows to lock the device. The **rssiMaxDelta** has a default value of **-10**, which instruct Windows 10 to lock the device once the signal strength weakens by more than measurement of 10.
+
+RSSI measurements are relative and lower as the bluetooth signals between the two paired devices reduces. Therefore a measurement of 0 is stronger than -10, which is stronger than -60, which is an indicator the devices are moving further apart from each other.
+
+## PIN reset
+
+**Applies to:**
+- Windows 10, version 1709 or later
+
+
+### Hybrid Deployments
+
+**Requirements:**
+- Azure Active Directory
+- Hybrid Windows Hello for Business deployment
+- Azure AD registered, Azure AD joined, and Hybrid Azure AD joined
+- Windows 10, version 1709 or later, **Enterprise Edition**
+
+The Microsoft PIN reset services enables you to help users who have forgotten their PIN. Using Group Policy, Microsoft Intune or a compatible MDM, you can configure Windows 10 devices to securely use the Microsoft PIN reset service that enables users to reset their forgotten PIN through settings or above the lock screen without requiring re-enrollment.
+
+>[!IMPORTANT]
+> The Microsoft PIN Reset service only works with Windows 10, version 1709 or later **Enterprise Edition**. The feature does not work with the **Pro** edition.
+
+#### Onboarding the Microsoft PIN reset service to your Intune tenant
+
+Before you can remotely reset PINs, you must on-board the Microsoft PIN reset service to your Azure Active Directory tenant, and configure devices you manage.
+
+#### Connect Azure Active Directory with the PIN reset service
+
+1. Visit [Microsoft PIN Reset Service Integration website](https://login.windows.net/common/oauth2/authorize?response_type=code&client_id=b8456c59-1230-44c7-a4a2-99b085333e84&resource=https%3A%2F%2Fgraph.windows.net&redirect_uri=https%3A%2F%2Fcred.microsoft.com&state=e9191523-6c2f-4f1d-a4f9-c36f26f89df0&prompt=admin_consent), and sign in using the tenant administrator account you use to manage your Azure Active Directory tenant.
+2. After you log in, click **Accept** to give consent for the PIN reset service to access your account.
+
+3. In the Azure portal, you can verify that the Microsoft PIN reset service is integrated from the **Enterprise applications**, **All applications** blade.
+
+
+#### Configure Windows devices to use PIN reset using Group Policy
+You configure Windows 10 to use the Microsoft PIN Reset service using the computer configuration portion of a Group Policy object.
+
+1. Using the Group Policy Management Console (GPMC), scope a domain-based Group Policy to computer accounts in Active Directory.
+2. Edit the Group Policy object from step 1.
+3. Enable the **Use PIN Recovery** policy setting located under **Computer Configuration->Administrative Templates->Windows Components->Windows Hello for Business**.
+4. Close the Group Policy Management Editor to save the Group Policy object. Close the GPMC.
+
+#### Configure Windows devices to use PIN reset using Microsoft Intune
+To configure PIN reset on Windows devices you manage, use an [Intune Windows 10 custom device policy](https://docs.microsoft.com/intune/custom-settings-windows-10) to enable the feature. Configure the policy using the following Windows policy configuration service provider (CSP):
+
+##### Create a PIN Reset Device configuration profile using Microsoft Intune
+
+1. Sign-in to [Azure Portal](https://portal.azure.com) using a tenant administrator account.
+2. You need your tenant ID to complete the following task. You can discovery your tenant ID viewing the **Properties** of your Azure Active Directory from the Azure Portal. You can also use the following command in a command Window on any Azure AD joined or hybrid Azure AD joined computer.
+ ```
+ dsregcmd /status | findstr -snip "tenantid"
+ ```
+3. Navigate to the Microsoft Intune blade. Click **Device configuration**. Click **Profiles**. Click **Create profile**.
+4. Type **Use PIN Recovery** in the **Name** field. Select **Windows 10 and later** from the **Platform** list. Select **Custom** from the **Profile type** list.
+5. In the **Custom OMA-URI Settings** blade, Click **Add**.
+6. In the **Add Row** blade, type **PIN Reset Settings** in the **Name** field. In the **OMA-URI** field, type **./Device/Vendor/MSFT/PassportForWork/*tenant ID*/Policies/EnablePinRecovery** where *tenant ID* is your Azure Active Directory tenant ID from step 2.
+7. Select **Boolean** from the **Data type** list and select **True** from the **Value** list.
+8. Click **OK** to save the row configuration. Click **OK** to close the Custom OMA-URI Settings blade. Click **Create to save the profile.
+
+##### Assign the PIN Reset Device configuration profile using Microsoft Intune
+1. Sign-in to [Azure Portal](https://portal.azure.com) using a tenant administrator account.
+2. Navigate to the Microsoft Intune blade. Click **Device configuration**. Click **Profiles**. From the list of device configuration profiles, click the profile that contains the PIN reset configuration.
+3. In the device configuration profile, click **Assignments**.
+4. Use the **Include** and/or **Exclude** tabs to target the device configuration profile to select groups.
+
+### On-premises Deployments
+
+**Requirements**
+* Active Directory
+* On-premises Windows Hello for Business deployment
+* Reset from settings - Windows 10, version 1703, Professional
+* Reset above Lock - Windows 10, version 1709, Professional
+
+On-premises deployments provide users with the ability to reset forgotten PINs either through the settings page or from above the user's lock screen. Users must know or be provided their password for authentication, must perform a second factor of authentication, and then re-provision Windows Hello for Business.
+
+>[!IMPORTANT]
+>Users must have corporate network connectivity to domain controllers and the federation service to reset their PINs.
+
+#### Reset PIN from Settings
+1. Sign-in to Windows 10, version 1703 or later using an alternate credential.
+2. Open **Settings**, click **Accounts**, click **Sign-in options**.
+3. Under **PIN**, click **I forgot my PIN** and follow the instructions.
+
+#### Reset PIN above the Lock Screen
+ 1. On Windows 10, version 1709, click **I forgot my PIN** from the Windows Sign-in
+ 2. Enter your password and press enter.
+ 3. Follow the instructions provided by the provisioning process
+ 4. When finished, unlock your desktop using your newly created PIN.
+
+>[!NOTE]
+> Visit the [Windows Hello for Business Videos](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-videos.md) page and watch the [Windows Hello for Business forgotten PIN user experience](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-videos#windows-hello-for-business-forgotten-pin-user-experience) video.
+
+## Dual Enrollment
+
+**Requirements**
+* Hybrid and On-premises Windows Hello for Business deployments
+* Enterprise Joined or Hybrid Azure joined devices
+* Windows 10, version 1709
+
+> [!NOTE]
+> This feature was previously known as **Privileged Credential** but was renamed to **Dual Enrollment** to prevent any confusion with the **Privileged Access Workstation** feature.
+
+> [!IMPORTANT]
+> Dual enrollment does not replace or provide the same security as Privileged Access Workstations feature. Microsoft encourages enterprises to use the Privileged Access Workstations for their privileged credential users. Enterprises can consider Windows Hello for Business dual enrollment in situations where the Privileged Access feature cannot be used. Read [Privileged Access Workstations](https://docs.microsoft.com/windows-server/identity/securing-privileged-access/privileged-access-workstations) for more information.
+
+Dual enrollment enables administrators to perform elevated, administrative functions by enrolling both their non-privileged and privileged credentials on their device.
+
+By design, Windows 10 does not enumerate all Windows Hello for Business users from within a user's session. Using the computer Group Policy setting, **Allow enumeration of emulated smart card for all users**, you can configure a device to enumerate all enrolled Windows Hello for Business credentials on selected devices.
+
+With this setting, administrative users can sign-in to Windows 10, version 1709 using their non-privileged Windows Hello for Business credentials for normal work flow such as email, but can launch Microsoft Management Consoles (MMCs), Remote Desktop Services clients, and other applications by selecting **Run as different user** or **Run as administrator**, selecting the privileged user account, and providing their PIN. Administrators can also take advantage of this feature with command line applications by using **runas.exe** combined with the **/smartcard** argument. This enables administrators to perform their day-to-day operations without needing to sign-in and out, or use fast user switching when alternating between privileged and non-privileged workloads.
+
+> [!IMPORTANT]
+> You must configure a Windows 10 computer for Windows Hello for Business dual enrollment before either user (privileged or non-privileged) provisions Windows Hello for Business. Dual enrollment is a special setting that is configured on the Windows Hello container during creation.
+
+### Configure Windows Hello for Business Dual Enroll
+In this task you will
+- Configure Active Directory to support Domain Administrator enrollment
+- Configure Dual Enrollment using Group Policy
+
+#### Configure Active Directory to support Domain Administrator enrollment
+The designed Windows for Business configuration has you give the **Key Admins** (or **KeyCredential Admins** when using domain controllers prior to Windows Server 2016) group read and write permissions to the msDS-KeyCredentialsLink attribute. You provided these permissions at root of the domain and use object inheritance to ensure the permissions apply to all users in the domain regardless of their location within the domain hierarchy.
+
+Active Directory Domain Services uses AdminSDHolder to secure privileged users and groups from unintentional modification by comparing and replacing the security on privileged users and groups to match those defined on the AdminSDHolder object on an hourly cycle. For Windows Hello for Business, your domain administrator account may receive the permissions but will they will disappear from the user object unless you give the AdminSDHolder read and write permissions to the msDS-KeyCredential attribute.
+
+Sign-in to a domain controller or management workstation with access equivalent to _domain administrator_.
+
+1. Type the following command to add the **allow** read and write property permissions for msDS-KeyCredentialLink attribute for the **Key Admins** (or **KeyCredential Admins**) group on the AdminSDHolder object.
+```dsacls "CN=AdminSDHolder,CN=System,DC=domain,DC=com" /g "[domainName\keyAdminGroup]":RPWP;msDS-KeyCredentialLink```
+where **DC=domain,DC=com** is the LDAP path of your Active Directory domain and **domainName\keyAdminGroup]** is the NetBIOS name of your domain and the name of the group you use to give access to keys based on your deployment. For example:
+```dsacls "CN=AdminSDHolder,CN=System,DC=corp,DC=mstepdemo,DC=net" /g "mstepdemo\Key Admins":RPWP;msDS-KeyCredentialLink```
+2. To trigger security descriptor propagation, open **ldp.exe**.
+3. Click **Connection** and select **Connect...** Next to **Server**, type the name of the domain controller that holds the PDC role for the domain. Next to **Port**, type **389** and click **OK**.
+4. Click **Connection** and select **Bind...** Click **OK** to bind as the currently signed-in user.
+5. Click **Browser** and select **Modify**. Leave the **DN** text box blank. Next to **Attribute**, type **RunProtectAdminGroupsTask**. Next to **Values**, type **1**. Click **Enter** to add this to the **Entry List**.
+6. Click **Run** to start the task.
+7. Close LDP.
+
+#### Configuring Dual Enrollment using Group Policy
+You configure Windows 10 to support dual enrollment using the computer configuration portion of a Group Policy object.
+
+1. Using the Group Policy Management Console (GPMC), create a new domain-based Group Policy object and link it to an organizational Unit that contains Active Directory computer objects used by privileged users.
+2. Edit the Group Policy object from step 1.
+3. Enable the **Allow enumeration of emulated smart cards for all users** policy setting located under **Computer Configuration->Administrative Templates->Windows Components->Windows Hello for Business**.
+4. Close the Group Policy Management Editor to save the Group Policy object. Close the GPMC.
+5. Restart computers targeted by this Group Policy object.
+
+The computer is ready for dual enrollment. Sign-in as the privileged user first and enroll for Windows Hello for Business. Once completed, sign-out and sign-in as the non-privileged user and enroll for Windows Hello for Business. You can now use your privileged credential to perform privileged tasks without using your password and without needing to switch users.
+
+## Remote Desktop with Biometrics
+
+> [!Warning]
+> Some information relates to pre-released product that may change before it is commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+
+**Requirements**
+- Hybrid and On-premises Windows Hello for Business deployments
+- Azure AD joined, Hybrid Azure AD joined, and Enterprise joined devices
+- Certificate trust deployments
+- Biometric enrollments
+- Windows 10, version 1809
+
+Users using earlier versions of Windows 10 could remote desktop to using Windows Hello for Business but were limited to the using their PIN as their authentication gesture. Windows 10, version 1809 introduces the ability for users to authenticate to a remote desktop session using their Windows Hello for Business biometric gesture. The feature is on by default, so your users can take advantage of it as soon as they upgrade to Windows 10, version 1809.
+
+> [!IMPORTANT]
+> The remote desktop with biometrics feature only works with certificate trust deployments. The feature takes advantage of the redirected smart card capabilities of the remote desktop protocol. Microsoft continues to investigate supporting this feature for key trust deployments.
+
+### How does it work
+It start with creating cryptographic keys. Windows generates and stores cryptographic keys using a software component called a key storage provider (KSP). Software-based keys are created and stored using the Microsoft Software Key Storage Provider. Smart card keys are created and stored using the Microsoft Smart Card Key Storage Provider. Keys created and protected by Windows Hello for Business are created and stored using the Microsoft Passport Key Storage Provider.
+
+A certificate on a smart card starts with creating an asymmetric key pair using the Microsoft Smart Card KSP. Windows requests a certificate based on the key pair from your enterprises issuing certificate authority, which returns a certificate that is stored in the user's Personal certificate store. The private key remains on the smart card and the public key is stored with the certificate. Metadata on the certificate (and the key) store the key storage provider used to create the key (remember the certificate contains the public key).
+
+This same concept applies to Windows Hello for Business. Except, the keys are created using the Microsoft Passport KSP and the user's private key remains protected by the device's security module (TPM) and the user's gesture (PIN/biometric). The certificate APIs hide this complexity. When an application uses a certificate, the certificate APIs locate the keys using the saved key storage provider. The key storage providers directs the certificate APIs on which provider they use to find the private key associated with the certificate. This is how Windows knows you have a smart card certificate without the smart card inserted (and prompts you to insert the smart card).
+
+Windows Hello for Business emulates a smart card for application compatibility. Versions of Windows 10 prior to version 1809, would redirect private key access for Windows Hello for Business certificate to use its emulated smart card using the Microsoft Smart Card KSP, which would enable the user to provide their PIN. Windows 10, version 1809 no longer redirects private key access for Windows Hello for Business certificates to the Microsoft Smart Card KSP-- it continues using the Microsoft Passport KSP. The Microsoft Passport KSP enabled Windows 10 to prompt the user for their biometric gesture or PIN.
+
+### Compatibility
+Users appreciate convenience of biometrics and administrators value the security however, you may experience compatibility issues with your applications and Windows Hello for Business certificates. You can relax knowing a Group Policy setting and a [MDM URI](https://docs.microsoft.com/windows/client-management/mdm/passportforwork-csp) exist to help you revert to the previous behavior for those users who need it.
+
+
+
+> [!IMPORTANT]
+> The remote desktop with biometric feature does not work with [Dual Enrollment](#dual-enrollment) feature or scenarios where the user provides alternative credentials. Microsoft continues to investigate supporting the feature.
+
## Related topics
diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md
index d1c11a2a8c..060bf7e60a 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md
@@ -44,7 +44,7 @@ If you upgraded your Active Directory schema to the Windows Server 2016 schema a
A fundamental prerequisite of all cloud and hybrid Windows Hello for Business deployments is device registration. A user cannot provision Windows Hello for Business unless the device from which they are trying to provision has registered with Azure Active Directory. For more information about device registration, read [Introduction to device management in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/devices/overview).
You can use the **dsregcmd.exe** command to determine if your device is registered to Azure Active Directory.
-
+
### CRL Distribution Point (CDP)
@@ -122,7 +122,7 @@ You need to host your new certificate revocation list of a web server so Azure A
5. Select **CDP** under **Default Web Site** in the navigation pane. Double-click **Configuration Editor**.
6. In the **Section** list, navigate to **system.webServer/security/requestFiltering**.
- In the list of named value-pairs in the content pane, configure **allowDoubleEscapting** to **True**. Click **Apply** in the actions pane.
+ In the list of named value-pairs in the content pane, configure **allowDoubleEscaping** to **True**. Click **Apply** in the actions pane.
7. Close **Internet Information Services (IIS) Manager**.
@@ -264,7 +264,7 @@ Steps you will perform include:
1. Sign-in a domain controller using administrative credentials.
2. Open the **Run** dialog box. Type **certlm.msc** to open the **Certificate Manager** for the local computer.
3. In the navigation pane, expand **Personal**. Click **Certificates**. In the details pane, double-click the existing domain controller certificate includes **KDC Authentication** in the list of **Intended Purposes**.
-4. Click the **Certification Path** tab. In the **Certifcation path** view, select the top most node and click **View Certificate**.
+4. Click the **Certification Path** tab. In the **Certification path** view, select the top most node and click **View Certificate**.
5. In the new **Certificate** dialog box, click the **Details** tab. Click **Copy to File**.
diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md
index 433457239a..cf2079e8e5 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md
@@ -205,7 +205,7 @@ When you're using AD FS, you need to enable the following WS-Trust endpoints:
`/adfs/services/trust/13/certificatemixed`
> [!WARNING]
-> Both **adfs/services/trust/2005/windowstransport** or **adfs/services/trust/13/windowstransport** should be enabled as intranet facing endpoints only and must NOT be exposed as extranet facing endpoints through the Web Application Proxy. To learn more on how to disable WS-Trust WIndows endpoints, see [Disable WS-Trust Windows endpoints on the proxy](https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/best-practices-securing-ad-fs#disable-ws-trust-windows-endpoints-on-the-proxy-ie-from-extranet). You can see what endpoints are enabled through the AD FS management console under **Service** > **Endpoints**.
+> Both **adfs/services/trust/2005/windowstransport** and **adfs/services/trust/13/windowstransport** should be enabled as intranet facing endpoints only and must NOT be exposed as extranet facing endpoints through the Web Application Proxy. To learn more on how to disable WS-Trust Windows endpoints, see [Disable WS-Trust Windows endpoints on the proxy](https://docs.microsoft.com/windows-server/identity/ad-fs/deployment/best-practices-securing-ad-fs#disable-ws-trust-windows-endpoints-on-the-proxy-ie-from-extranet). You can see what endpoints are enabled through the AD FS management console under **Service** > **Endpoints**.
> [!NOTE]
>If you don’t have AD FS as your on-premises federation service, follow the instructions from your vendor to make sure they support WS-Trust 1.3 or 2005 endpoints and that these are published through the Metadata Exchange file (MEX).
diff --git a/windows/security/identity-protection/hello-for-business/hello-planning-guide.md b/windows/security/identity-protection/hello-for-business/hello-planning-guide.md
index 081ef80a5d..73d306bba1 100644
--- a/windows/security/identity-protection/hello-for-business/hello-planning-guide.md
+++ b/windows/security/identity-protection/hello-for-business/hello-planning-guide.md
@@ -79,7 +79,7 @@ The key trust type does not require issuing authentication certificates to end u
The certificate trust type issues authentication certificates to end users. Users authenticate using a certificate requested using a hardware-bound key created during the built-in provisioning experience. Unlike key trust, certificate trust does not require Windows Server 2016 domain controllers (but still requires [Windows Server 2016 Active Directory schema](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs#directories)). Users can use their certificate to authenticate to any Windows Server 2008 R2, or later, domain controller.
> [!NOTE]
-> RDP does not support authentication with Windows Hello for business key trust deployments. RDP is only supported with certificate trust deployments at this tim
+> RDP does not support authentication with Windows Hello for Business key trust deployments. RDP is only supported with certificate trust deployments at this time.
#### Device registration
@@ -91,6 +91,9 @@ The built-in Windows Hello for Business provisioning experience creates a hardwa
#### Multifactor authentication
+> [!IMPORTANT]
+> As of July 1, 2019, Microsoft will no longer offer MFA Server for new deployments. New customers who require multi-factor authentication for their users should use cloud-based Azure Multi-Factor Authentication. Existing customers who have activated MFA Server prior to July 1, 2019 will be able to download the latest version, future updates and generate activation credentials as usual. See [Getting started with the Azure Multi-Factor Authentication Server](https://docs.microsoft.com/azure/active-directory/authentication/howto-mfaserver-deploy) for more details.
+
The goal of Windows Hello for Business is to move organizations away from passwords by providing them a strong credential that provides easy two-factor authentication. The built-in provisioning experience accepts the user’s weak credentials (username and password) as the first factor authentication; however, the user must provide a second factor of authentication before Windows provisions a strong credential.
Cloud only and hybrid deployments provide many choices for multi-factor authentication. On-premises deployments must use a multi-factor authentication that provides an AD FS multi-factor adapter to be used in conjunction with the on-premises Windows Server 2016 AD FS server role. Organizations can use the on-premises Azure Multi-factor Authentication server, or choose from several third parties (Read [Microsoft and third-party additional authentication methods](https://docs.microsoft.com/windows-server/identity/ad-fs/operations/configure-additional-authentication-methods-for-ad-fs#microsoft-and-third-party-additional-authentication-methods) for more information).
diff --git a/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction.md
index 311f6803b0..c630ee1d51 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction.md
@@ -36,9 +36,9 @@ Attack surface reduction rules target behaviors that malware and malicious apps
* Obfuscated or otherwise suspicious scripts
* Behaviors that apps don't usually initiate during normal day-to-day work
-You can use [audit mode](audit-windows-defender.md) to evaluate how attack surface reduction rules would impact your organization if they were enabled. It's best to run all rules in audit mode first so you can understand their impact on your line-of-business applications. Many line-of-business applications are written with limited security concerns, and they may perform tasks similar to malware. By monitoring audit data and [adding exclusions](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction#exclude-files-and-folders-from-asr-rules) for necessary applications, you can deploy attack surface reduction rules without impacting productivity.
+You can use [audit mode](audit-windows-defender.md) to evaluate how attack surface reduction rules would impact your organization if they were enabled. It's best to run all rules in audit mode first so you can understand their impact on your line-of-business applications. Many line-of-business applications are written with limited security concerns, and they may perform tasks similar to malware. By monitoring audit data and [adding exclusions](enable-attack-surface-reduction.md#exclude-files-and-folders-from-asr-rules) for necessary applications, you can deploy attack surface reduction rules without impacting productivity.
-Triggered rules display a notification on the device. You can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your company details and contact information. The notification also displays in the Microsoft Defender Security Center and in the Microsoft 365 securty center.
+Triggered rules display a notification on the device. You can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your company details and contact information. The notification also displays in the Microsoft Defender Security Center and in the Microsoft 365 security center.
For information about configuring attack surface reduction rules, see [Enable attack surface reduction rules](enable-attack-surface-reduction.md).
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md b/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md
index fac075a33c..4eafbbefa8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md
@@ -53,7 +53,7 @@ The goal is to remediate the issues in the security recommendations list to impr
See how you can [improve your security configuration](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios#improve-your-security-configuration), for details.
>[!IMPORTANT]
->To boost your vulnerability assessment detection rates, you can download the following set of optional security updates and deploy them in your network:
+>To boost your vulnerability assessment detection rates, download the following mandatory security updates and deploy them in your network:
>- 19H1 customers | [KB 4512941](https://support.microsoft.com/help/4512941/windows-10-update-kb4512941)
>- RS5 customers | [KB 4516077](https://support.microsoft.com/help/4516077/windows-10-update-kb4516077)
>- RS4 customers | [KB 4516045](https://support.microsoft.com/help/4516045/windows-10-update-kb4516045)
@@ -62,8 +62,6 @@ See how you can [improve your security configuration](https://docs.microsoft.com
>To download the security updates:
>1. Go to [Microsoft Update Catalog](http://www.catalog.update.microsoft.com/home.aspx).
>2. Key-in the security update KB number that you need to download, then click **Search**.
->
->Downloading the above-mentioned security updates will be mandatory starting Patch Tuesday, October 8, 2019.
## Related topics
- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
index e4f3194e93..57782a8e2b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
@@ -37,6 +37,7 @@ Microsoft Defender Advanced Threat Protection requires one of the following Micr
- Windows 10 Enterprise E5
- Windows 10 Education E5
- Microsoft 365 E5 (M365 E5) which includes Windows 10 Enterprise E5
+- Microsoft 365 E3 (M365 E3) with Identity and Threat Protection package
For more information on the array of features in Windows 10 editions, see [Compare Windows 10 editions](https://www.microsoft.com/windowsforbusiness/compare).
diff --git a/windows/security/threat-protection/microsoft-defender-atp/powerbi-reports.md b/windows/security/threat-protection/microsoft-defender-atp/powerbi-reports.md
index 7a1c0650f9..9a9fa6e53c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/powerbi-reports.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/powerbi-reports.md
@@ -141,7 +141,7 @@ You can create a custom dashboard in Power BI Desktop to create visualizations t
-4. Create a new directory `Microsoft Power BI Desktop\Custom Connectors` under the user's Documents folder.
+4. Create a new directory `[Documents]\Power BI Desktop\Custom Connectors`.
5. Copy WDATPDataConnector.mez from the zip to the directory you just created.
@@ -150,6 +150,9 @@ You can create a custom dashboard in Power BI Desktop to create visualizations t
7. Click **File** > **Options and settings** > **Custom data connectors**.
8. Select **New table and matrix visuals** and **Custom data connectors** and click **OK**.
+
+ > [!NOTE]
+ > If you plan on using Custom Connectors or connectors that you or a third party has developed, you must select *(Not Recommended) Allow any extension to load without warning* under **Power BI Desktop** > **File** > **Options and settings** > **Options** > **Security** > **Data Extensions**".
>[!NOTE]
>If you are using Power BI Desktop July 2017 version (or later), you won't need to select **New table and matrix visuals**. You'll only need to select **Custom data connectors**.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
index d63d1f4ea5..f7512247e0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
@@ -29,21 +29,19 @@ Ensure that your machines:
>[!NOTE]
>Threat & Vulnerability Management can also scan machines that run on Windows 7 and Windows Server 2019 operating systems and detects vulnerabilities addressed in patch Tuesday.
-- Have the following mandatory updates installed:
-- (1) RS3 customers | [KB4493441](https://support.microsoft.com/help/4493441/windows-10-update-kb4493441)
-- (2) RS4 customers | [KB4493464](https://support.microsoft.com/help/4493464)
+- Have the following mandatory updates installed and deployed in your network to boost your vulnerability assessment detection rates:
+
+> Release | Security update KB number and link
+> :---|:---
+> RS3 customers | [KB4493441](https://support.microsoft.com/help/4493441/windows-10-update-kb4493441) and [KB 4516071](https://support.microsoft.com/help/4516071/windows-10-update-kb4516071)
+> RS4 customers| [KB4493464](https://support.microsoft.com/help/4493464) and [KB 4516045](https://support.microsoft.com/help/4516045/windows-10-update-kb4516045)
+> RS5 customers | [KB 4516077](https://support.microsoft.com/help/4516077/windows-10-update-kb4516077)
+> 19H1 customers | [KB 4512941](https://support.microsoft.com/help/4512941/windows-10-update-kb4512941)
+
- Are onboarded to Microsoft Intune and System Center Configuration Manager (SCCM). If you are use SCCM, update your console to the latest May version 1905
- Have at least one security recommendation that can be viewed in the machine page
- Are tagged or marked as co-managed
->[!IMPORTANT]
->To boost your vulnerability assessment detection rates, you can download the following set of optional security updates and deploy them in your network:
->- 19H1 customers | [KB 4512941](https://support.microsoft.com/help/4512941/windows-10-update-kb4512941)
->- RS5 customers | [KB 4516077](https://support.microsoft.com/help/4516077/windows-10-update-kb4516077)
->- RS4 customers | [KB 4516045](https://support.microsoft.com/help/4516045/windows-10-update-kb4516045)
->- RS3 customers | [KB 4516071](https://support.microsoft.com/help/4516071/windows-10-update-kb4516071)
->Downloading and deploying the above-mentioned security updates will be mandatory starting Patch Tuesday, October 8, 2019.
-
## Reduce your threat and vulnerability exposure
Threat & Vulnerability Management introduces a new exposure score metric, which visually represents how exposed your machines are to imminent threats.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
index bb9f499cd3..e2615c2319 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
@@ -26,12 +26,11 @@ Threat & Vulnerability Management leverages the same signals in Microsoft Defend
The **Weaknesses** page lists down the vulnerabilities found in the infected software running in your organization, their severity, Common Vulnerability Scoring System (CVSS) rating, its prevalence in your organization, corresponding breach, and threat insights.
>[!IMPORTANT]
->To boost your vulnerability assessment detection rates, you can download the following set of optional security updates and deploy them in your network:
+>To boost your vulnerability assessment detection rates, download the following mandatory security updates and deploy them in your network:
>- 19H1 customers | [KB 4512941](https://support.microsoft.com/help/4512941/windows-10-update-kb4512941)
>- RS5 customers | [KB 4516077](https://support.microsoft.com/help/4516077/windows-10-update-kb4516077)
>- RS4 customers | [KB 4516045](https://support.microsoft.com/help/4516045/windows-10-update-kb4516045)
>- RS3 customers | [KB 4516071](https://support.microsoft.com/help/4516071/windows-10-update-kb4516071)
-> Downloading the above-mentioned security updates will be mandatory starting Patch Tuesday, October 8, 2019.
## Navigate through your organization's weaknesses page
You can see the list of vulnerabilities in four ways:
diff --git a/windows/security/threat-protection/security-compliance-toolkit-10.md b/windows/security/threat-protection/security-compliance-toolkit-10.md
index 8ce51363fd..f9421d02f6 100644
--- a/windows/security/threat-protection/security-compliance-toolkit-10.md
+++ b/windows/security/threat-protection/security-compliance-toolkit-10.md
@@ -31,9 +31,7 @@ The Security Compliance Toolkit consists of:
- Windows 10 Version 1809 (October 2018 Update)
- Windows 10 Version 1803 (April 2018 Update)
- Windows 10 Version 1709 (Fall Creators Update)
- - Windows 10 Version 1703 (Creators Update)
- Windows 10 Version 1607 (Anniversary Update)
- - Windows 10 Version 1511 (November Update)
- Windows 10 Version 1507
- Windows Server security baselines
@@ -42,7 +40,7 @@ The Security Compliance Toolkit consists of:
- Windows Server 2012 R2
- Microsoft Office security baseline
- - Office 2016
+ - Office365 ProPlus (Sept 2019)
- Tools
- Policy Analyzer tool
diff --git a/windows/security/threat-protection/security-policy-settings/account-policies.md b/windows/security/threat-protection/security-policy-settings/account-policies.md
index 3c9a703853..f740ced849 100644
--- a/windows/security/threat-protection/security-policy-settings/account-policies.md
+++ b/windows/security/threat-protection/security-policy-settings/account-policies.md
@@ -25,7 +25,8 @@ ms.date: 04/19/2017
An overview of account policies in Windows and provides links to policy descriptions.
All account policies settings applied by using Group Policy are applied at the domain level. Default values are present in the built-in default domain controller policy for Password Policy settings, Account Lockout Policy settings, and Kerberos Policy settings. The domain account policy becomes the default local account policy of any device that is a member of the domain. If these policies are set at any level below the domain level in Active Directory Domain Services (AD DS), they affect only local accounts on member servers.
-> **Note:** Each domain can have only one account policy. The account policy must be defined in the default domain policy or in a new policy that is linked to the root of the domain and given precedence over the default domain policy, which is enforced by the domain controllers in the domain. These domain-wide account policy settings (Password Policy, Account Lockout Policy, and Kerberos Policy) are enforced by the domain controllers in the domain; therefore, domain controllers always retrieve the values of these account policy settings from the default domain policy Group Policy Object (GPO).
+> [!NOTE]
+> Each domain can have only one account policy. The account policy must be defined in the default domain policy or in a new policy that is linked to the root of the domain and given precedence over the default domain policy, which is enforced by the domain controllers in the domain. These domain-wide account policy settings (Password Policy, Account Lockout Policy, and Kerberos Policy) are enforced by the domain controllers in the domain; therefore, domain controllers always retrieve the values of these account policy settings from the default domain policy Group Policy Object (GPO).
The only exception is when another account policy is defined for an organizational unit (OU). The account policy settings for the OU affect the local policy on any computers that are contained in the OU. For example, if an OU policy defines a maximum password age that differs from the domain-level account policy, the OU policy will be applied and enforced only when users log on to the local computer. The default local computer policies apply only to computers that are in a workgroup or in a domain where neither an OU account policy nor a domain policy applies.
diff --git a/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md b/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md
index 090bb9f3bf..82dc9c1898 100644
--- a/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md
+++ b/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md
@@ -84,6 +84,9 @@ Settings are applied in the following order through a Group Policy Object (GPO),
When a local setting is greyed out, it indicates that a GPO currently controls that setting.
+> [!NOTE]
+> More information about configuring the policy can be found [here](https://docs.microsoft.com/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings).
+
## Security considerations
This section describes how an attacker might exploit a feature or its configuration, how to implement the countermeasure, and the possible negative consequences of countermeasure implementation.
diff --git a/windows/security/threat-protection/windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md
index ee825e3d08..10cc42c9f3 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md
@@ -107,6 +107,9 @@ The procedures in this article first describe how to set the order, and then how
6. Click **OK**. This will set the order of file shares when that source is referenced in the **Define the order of sources...** group policy setting.
+> [!NOTE]
+> For Windows 10, versions 1703 up to and including 1809, the policy path is **Windows Components > Windows Defender Antivirus > Signature Updates**
+> For Windows 10, version 1903, the policy path is **Windows Components > Windows Defender Antivirus > Security Intelligence Updates**
**Use Configuration Manager to manage the update location:**
diff --git a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
index 0a78bbd6af..8324650680 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
@@ -149,7 +149,7 @@ In this case, Tamper Protection status changes, and this feature is no longer ap
### Will there be an alert about Tamper Protection status changing in the Microsoft Defender Advanced Threat Protection portal?
-Yes. The alert is shown in [https://microsoft.securitycenter.com](https://microsoft.securitycenter.com) under **Alerts**.
+Yes. The alert is shown in [https://securitycenter.microsoft.com](https://microsoft.securitycenter.com) under **Alerts**.
In addition, your security operations team can use hunting queries, such as the following:
diff --git a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md
index 960e256e35..717e08d7d4 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md
@@ -43,6 +43,10 @@ The following matrix illustrates the states that Windows Defender AV will enter
| Windows Server 2016 | Windows Defender AV | No | Active mode |
(1) On Windows Server 2016, Windows Defender AV will not enter passive or disabled mode if you have also installed a third-party antivirus product. If you install a third-party antivirus product, you should [uninstall Windows Defender AV on Windows Server 2016](windows-defender-antivirus-on-windows-server-2016.md) to prevent problems caused by having multiple antivirus products installed on a machine.
+If you are Using Windows Server, version 1803 and Windows 2019, you can enable passive mode by setting this registry key:
+- Path: HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection
+- Name: ForceDefenderPassiveMode
+- Value: 1
See the [Windows Defender Antivirus on Windows Server 2016](windows-defender-antivirus-on-windows-server-2016.md#install-or-uninstall-windows-defender-av-on-windows-server-2016) topic for key differences and management options for Windows Server installations.
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md
index 7f4112593f..eef2cc16e8 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md
@@ -90,7 +90,8 @@ AppLocker rules can be created on domain controllers.
AppLocker is included with enterprise-level editions of Windows. You can author AppLocker rules for a single computer or for a group of computers. For a single computer, you can author the rules by using the Local Security Policy editor (secpol.msc). For a group of computers, you can author the rules within a Group Policy Object by using the Group Policy Management Console (GPMC).
-> **Note:** The GPMC is available in client computers running Windows only by installing the Remote Server Administration Tools. On computer running Windows Server, you must install the Group Policy Management feature.
+> [!NOTE]
+> The GPMC is available in client computers running Windows only by installing the Remote Server Administration Tools. On computer running Windows Server, you must install the Group Policy Management feature.
### Using AppLocker on Server Core
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md
index f68602c282..4bf66b9c31 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md
@@ -27,7 +27,8 @@ This topic for IT professionals describes the steps to create a standard set of
AppLocker includes default rules for each rule collection. These rules are intended to help ensure that the files that are required for Windows to operate properly are allowed to run.
->**Important:** You can use the default rules as a template when creating your own rules to allow files within the Windows folders to run. However, these rules are only meant to function as a starter policy when you are first testing AppLocker rules. The default rules can be modified in the same way as other AppLocker rule types.
+> [!IMPORTANT]
+> You can use the default rules as a template when creating your own rules to allow files within the Windows folders to run. However, these rules are only meant to function as a starter policy when you are first testing AppLocker rules. The default rules can be modified in the same way as other AppLocker rule types.
You can perform this task by using the Group Policy Management Console for an AppLocker policy in a Group Policy Object (GPO) or by using the Local Security Policy snap-in for an AppLocker policy on a local computer or in a security template. For information how to use these MMC snap-ins to administer AppLocker, see [Administer AppLocker](administer-applocker.md#bkmk-using-snapins).
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md
index 3a9dee486d..4b12248403 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md
@@ -30,7 +30,8 @@ This topic for IT professionals describes concepts and lists procedures to help
Packaged apps, also known as Universal Windows apps, are based on a model that ensures all the files within an app package share the same identity. With classic Windows apps, each file within the app could have a unique identity.
With packaged apps, it is possible to control the entire app by using a single AppLocker rule.
->**Note:** AppLocker supports only publisher rules for packaged apps. All packaged apps must be signed by the software publisher because Windows does not support unsigned packaged apps.
+> [!NOTE]
+> AppLocker supports only publisher rules for packaged apps. All packaged apps must be signed by the software publisher because Windows does not support unsigned packaged apps.
Typically, an app consists of multiple components: the installer that is used to install the app, and one or more exes, dlls, or scripts. With classic Windows apps, not all these components always share common attributes such as the software’s publisher name, product name, and product version. Therefore, AppLocker controls each of these components separately through different rule collections, such as exe, dll, script, and Windows Installer rules. In contrast, all the components of a packaged app share the same publisher name, package name, and package version attributes. Therefore, you can control an entire app with a single rule.
@@ -53,9 +54,10 @@ For more info about packaged apps, see [Packaged apps and packaged app installer
You can use two methods to create an inventory of packaged apps on a computer: the AppLocker console or the **Get-AppxPackage** Windows PowerShell cmdlet.
->**Note:** Not all packaged apps are listed in AppLocker’s application inventory wizard. Certain app packages are framework packages that are leveraged by other apps. By themselves, these packages cannot do anything, but blocking such packages can inadvertently cause failure for apps that you want to allow. Instead, you can create Allow or Deny rules for the packaged apps that use these framework packages. The AppLocker user interface deliberately filters out all the packages that are registered as framework packages. For info about how to create an inventory list, see [Create list of apps deployed to each business group](create-list-of-applications-deployed-to-each-business-group.md).
+> [!NOTE]
+> Not all packaged apps are listed in AppLocker’s application inventory wizard. Certain app packages are framework packages that are leveraged by other apps. By themselves, these packages cannot do anything, but blocking such packages can inadvertently cause failure for apps that you want to allow. Instead, you can create Allow or Deny rules for the packaged apps that use these framework packages. The AppLocker user interface deliberately filters out all the packages that are registered as framework packages. For info about how to create an inventory list, see [Create list of apps deployed to each business group](create-list-of-applications-deployed-to-each-business-group.md).
-For info about how to use the **Get-AppxPackage** Windows PowerShell cmdlet, see the [AppLocker PowerShell Command Reference](https://technet.microsoft.com/library/hh847210.aspx).
+For info about how to use the **Get-AppxPackage** Windows PowerShell cmdlet, see the [AppLocker PowerShell Command Reference](https://docs.microsoft.com/powershell/module/applocker/).
For info about creating rules for Packaged apps, see [Create a rule for packaged apps](create-a-rule-for-packaged-apps.md).
@@ -74,7 +76,7 @@ Just as there are differences in managing each rule collection, you need to mana
1. Gather information about which Packaged apps are running in your environment. For information about how to do this, see [Create list of apps deployed to each business group](create-list-of-applications-deployed-to-each-business-group.md).
-2. Create AppLocker rules for specific packaged apps based on your policy strategies. For more information, see [Create a rule for packaged apps](create-a-rule-for-packaged-apps.md) and [Packaged Apps Default Rules in AppLocker](https://technet.microsoft.com/library/ee460941(WS.10).aspx).
+2. Create AppLocker rules for specific packaged apps based on your policy strategies. For more information, see [Create a rule for packaged apps](create-a-rule-for-packaged-apps.md) and [Understanding AppLocker default rules](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules).
3. Continue to update the AppLocker policies as new package apps are introduced into your environment. To do this, see [Add rules for packaged apps to existing AppLocker rule-set](add-rules-for-packaged-apps-to-existing-applocker-rule-set.md).
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md
index d2d2d98598..02228d1867 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md
@@ -27,7 +27,8 @@ This topic for IT professional describes the set of rules that can be used to en
AppLocker includes default rules for each rule collection. These rules are intended to help ensure that the files that are required for Windows to operate properly are allowed in an AppLocker rule collection.
->**Important:** You can use the default rules as a template when creating your own rules. However, these rules are only meant to function as a starter policy when you are first testing AppLocker rules so that the system files in the Windows folders will be allowed to run.
+> [!IMPORTANT]
+> You can use the default rules as a template when creating your own rules. However, these rules are only meant to function as a starter policy when you are first testing AppLocker rules so that the system files in the Windows folders will be allowed to run.
If you require additional app security, you might need to modify the rules created from the built-in default rule collection. For example, the default rule to allow all users to run .exe files in the Windows folder is based on a path condition that allows all files within the Windows folder to run.
The Windows folder contains a Temp subfolder to which the Users group is given the following permissions:
diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
index d192ac21a9..97eea2439c 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
@@ -80,6 +80,9 @@ When merging, the policy type and ID of the leftmost/first policy specified is u
### Deploying policies
+> [!NOTE]
+> You cannot use the "Deploy Windows Defender Application Control" group policy setting to deploy multiple CI policies. You will have to copy the `*.cip` files, both the baseline and the supplemental ones, to C:\Windows\System32\CodeIntegrity\CiPolicies\Active\.
+
In order to deploy policies using the new multiple policy format you will need to:
1. Ensure policies are copied to the right location
diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
index 8aae066fd4..b8e2098917 100644
--- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
@@ -88,7 +88,7 @@ Microsoft recommends that you block the following Microsoft-signed applications
- msxml6.dll
- jscript9.dll
-Pick the correct version of each .dll for the Windows release you plan to support, and remove the other versions.
+Pick the correct version of each .dll for the Windows release you plan to support, and remove the other versions. Ensure that you also uncomment them in the signing scenarios section.
```xml
@@ -888,9 +888,11 @@ Pick the correct version of each .dll for the Windows release you plan to suppor
+
diff --git a/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md b/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md
index a4d7f249b4..57292a294e 100644
--- a/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md
+++ b/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md
@@ -89,6 +89,9 @@ First, create the WMI filter and configure it to look for a specified version (o
10. Click **Save** to save your completed filter.
+> [!NOTE]
+> If you're using multiple queries in the same WMI filter, these queries must all return **TRUE** for the filter requirements to be met and for the GPO to be applied.
+
## To link a WMI filter to a GPO
After you have created a filter with the correct query, link the filter to the GPO. Filters can be reused with many GPOs simultaneously; you do not have to create a new one for each GPO if an existing one meets your needs.
|