From 0834144994707835913e6184d37caaaa2efe9933 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Mon, 15 Jul 2019 18:27:52 -0700 Subject: [PATCH 01/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md --- ...ponents-to-microsoft-services-using-MDM.md | 159 +++++++++--------- 1 file changed, 78 insertions(+), 81 deletions(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md index 843d0975aa..3ac0f19c82 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md @@ -40,83 +40,84 @@ The following table lists management options for each setting. For Windows 10, the following MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). -| Setting | MDM Policy | Description | -| --- | --- | --- | -| 1. Automatic Root Certificates Update | There is intentionally no MDM available for Automatic Root Certificate Update. | This MDM does not exist since it would prevent the operation and management of MDM management of devices. -| 2. Cortana and Search | [Experience/AllowCortana](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowcortana) | Choose whether to let Cortana install and run on the device. **Set to 0 (zero)** -| | [Search/AllowSearchToUseLocation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-search#search-allowsearchtouselocation) | Choose whether Cortana and Search can provide location-aware search results. **Set to 0 (zero)** -| 3. Date & Time | [Settings/AllowDateTime](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-settings#settings-allowdatetime)| Allows the user to change date and time settings. **Set to 0 (zero)** -| 4. Device metadata retrieval | [DeviceInstallation/PreventDeviceMetadataFromNetwork](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventdevicemetadatafromnetwork) | Choose whether to prevent Windows from retrieving device metadata from the Internet. **Set to Enabled** -| 5. Find My Device | [Experience/AllowFindMyDevice](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowfindmydevice)| This policy turns on Find My Device. **Set to 0 (zero)** -| 6. Font streaming | [System/AllowFontProviders](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowfontproviders) | Setting that determines whether Windows is allowed to download fonts and font catalog data from an online font provider. **Set to 0 (zero)** -| 7. Insider Preview builds | [System/AllowBuildPreview](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowbuildpreview) | This policy setting determines whether users can access the Insider build controls in the Advanced Options for Windows Update. **Set to 0 (zero)** -| 8. Internet Explorer | The following Microsoft Internet Explorer MDM policies are available in the [Internet Explorer CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer) | -| | [InternetExplorer/AllowSuggestedSites](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-allowsuggestedsites) | Recommends websites based on the user’s browsing activity. **Set to Disabled** -| | [InternetExplorer/PreventManagingSmartScreenFilter]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-preventmanagingsmartscreenfilter) | Prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing," or is known to host malware. **Set to Enabled** -| | [InternetExplorer/DisableFlipAheadFeature]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disableflipaheadfeature) | Determines whether a user can swipe across a screen or click Forward to go to the next pre-loaded page of a website. **Set to Enabled** -| | [InternetExplorer/DisableHomePageChange]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablehomepagechange) | Determines whether users can change the default Home Page or not. **Set to Enabled** -| | [InternetExplorer/DisableFirstRunWizard]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablefirstrunwizard) | Prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Windows. **Set to Enabled** -| 9. Live Tiles | [Notifications/DisallowTileNotification](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-notifications)| This policy setting turns off tile notifications. If you enable this policy setting applications and system features will not be able to update their tiles and tile badges in the Start screen. **Set to Enabled** -| 10. Mail synchronization | [Accounts/AllowMicrosoftAccountConnection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountconnection) | Specifies whether the user is allowed to use an MSA account for non-email related connection authentication and services. **Set to 0 (zero)** -| 11. Microsoft Account | [Accounts/AllowMicrosoftAccountSignInAssistant](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountsigninassistant) | Disable the Microsoft Account Sign-In Assistant. **Set to 0 (zero)** -| 12. Microsoft Edge | | The following Microsoft Edge MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). For a complete list of the Microsoft Edge policies, see [Available policies for Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/available-policies). -| | [Browser/AllowAutoFill](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowautofill) | Choose whether employees can use autofill on websites. **Set to 0 (zero)** -| | [Browser/AllowDoNotTrack](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowdonottrack) | Choose whether employees can send Do Not Track headers. **Set to 0 (zero)** -| | [Browser/AllowMicrosoftCompatbilityList](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowmicrosoftcompatibilitylist) | Specify the Microsoft compatibility list in Microsoft Edge. **Set to 0 (zero)** -| | [Browser/AllowPasswordManager](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowpasswordmanager) | Choose whether employees can save passwords locally on their devices. **Set to 0 (zero)** -| | [Browser/AllowSearchSuggestionsinAddressBar](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsearchsuggestionsinaddressbar) | Choose whether the Address Bar shows search suggestions. **Set to 0 (zero)** -| | [Browser/AllowSmartScreen](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Choose whether SmartScreen is turned on or off. **Set to 0 (zero)** -| 13. Network Connection Status Indicator | [Connectivity/DisallowNetworkConnectivityActiveTests](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) | Note: After you apply this policy you must restart the device for the policy setting to take effect. **Set to 1 (one)** -| 14. Offline maps | [AllowOfflineMapsDownloadOverMeteredConnection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps)|Allows the download and update of map data over metered connections.
**Set to 0 (zero)** -| | [EnableOfflineMapsAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate)|Disables the automatic download and update of map data. **Set to 0 (zero)** -| 15. OneDrive | [DisableOneDriveFileSync](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync)| Allows IT Admins to prevent apps and features from working with files on OneDrive. **Set to 1 (one)** -| 15.1 Injest the ADMX | To get the latest OneDrive ADMX file you need an up-to-date Windows 10 client. | The ADMX files are located under the following path: %LocalAppData%\Microsoft\OneDrive\ there's a folder with the current OneDrive build (e.g. "18.162.0812.0001"). -| 15.2 Prevent Network Traffic before User SignIn | PreventNetworkTrafficPreUserSignIn | The OMA-URI value is: ./Device/Vendor/MSFT/Policy/Config/OneDriveNGSC\~Policy\~OneDriveNGSC/PreventNetworkTrafficPreUserSignIn -| 16. Preinstalled apps | N/A | N/A -| 17. Privacy settings | | Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. -| 17.1 General | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) | This policy setting controls the ability to send inking and typing data to Microsoft. **Set to 0 (zero)** -| 17.2 Location | [System/AllowLocation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowlocation) | Specifies whether to allow app access to the Location service. **Set to 0 (zero)** -| 17.3 Camera | [Camera/AllowCamera](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-camera#camera-allowcamera) | Disables or enables the camera. **Set to 0 (zero)** -| 17.4 Microphone | [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone) | Specifies whether Windows apps can access the microphone. **Set to 2 (two)** -| 17.5 Notifications | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | Specifies whether Windows apps can access notifications. **Set to 2 (two)** -| | [Settings/AllowOnlineTips]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | Enables or disables the retrieval of online tips and help for the Settings app. **Set to Disabled** -| 17.6 Speech, Inking, & Typing | [Privacy/AllowInputPersonalization](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-allowinputpersonalization) | This policy specifies whether users on the device have the option to enable online speech recognition. **Set to 0 (zero)** -| | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)| This policy setting controls the ability to send inking and typing data to Microsoft **Set to 0 (zero)** -| 17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | Specifies whether Windows apps can access account information. **Set to 2 (two)** -| 17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | Specifies whether Windows apps can access contacts. **Set to 2 (two)** -| 17.9 Calendar | [Privacy/LetAppsAccessCalendar](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscalendar) | Specifies whether Windows apps can access the calendar. **Set to 2 (two)** -| 17.10 Call history | [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory) | Specifies whether Windows apps can access account information. **Set to 2 (two)** -| 17.11 Email | [Privacy/LetAppsAccessEmail](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessemail) | Specifies whether Windows apps can access email. **Set to 2 (two)** -| 17.12 Messaging | [Privacy/LetAppsAccessMessaging](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmessaging) | Specifies whether Windows apps can read or send messages (text or MMS). **Set to 2 (two)** -| 17.13 Phone calls | [Privacy/LetAppsAccessPhone](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone) | Specifies whether Windows apps can make phone calls. **Set to 2 (two)** -| 17.14 Radios | [Privacy/LetAppsAccessRadios](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessradios) | Specifies whether Windows apps have access to control radios. **Set to 2 (two)** -| 17.15 Other devices | [Privacy/LetAppsSyncWithDevices](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappssyncwithdevices) | Specifies whether Windows apps can sync with devices. **Set to 2 (two)** -| | [Privacy/LetAppsAccessTrustedDevices](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstrusteddevices) | Specifies whether Windows apps can access trusted devices. **Set to 2 (two)** -| 17.16 Feedback & diagnostics | [System/AllowTelemetry](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | Allow the device to send diagnostic and usage telemetry data, such as Watson. **Set to 0 (zero)** -| | [Experience/DoNotShowFeedbackNotifications](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-donotshowfeedbacknotifications)| Prevents devices from showing feedback questions from Microsoft. **Set to 1 (one)** -| 17.17 Background apps | [Privacy/LetAppsRunInBackground](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsruninbackground) | Specifies whether Windows apps can run in the background. **Set to 2 (two)** -| 17.18 Motion | [Privacy/LetAppsAccessMotion](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmotion) | Specifies whether Windows apps can access motion data. **Set to 2 (two)** -| 17.19 Tasks | [Privacy/LetAppsAccessTasks](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstasks) | Turn off the ability to choose which apps have access to tasks. **Set to 2 (two)** -| 17.20 App Diagnostics | [Privacy/LetAppsGetDiagnosticInfo](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsgetdiagnosticinfo) | Force allow, force deny or give user control of apps that can get diagnostic information about other running apps. **Set to 2 (two)** -| 18. Software Protection Platform | [Licensing/DisallowKMSClientOnlineAVSValidation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-licensing#licensing-disallowkmsclientonlineavsvalidation) | Opt out of sending KMS client activation data to Microsoft automatically. **Set to 1 (one)** -| 19. Storage Health | [Storage/AllowDiskHealthModelUpdates](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-storage#storage-allowdiskhealthmodelupdates) | Allows disk health model updates. **Set to 0 (zero)** -| 20. Sync your settings | [Experience/AllowSyncMySettings](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowsyncmysettings) | Control whether your settings are synchronized. **Set to 0 (zero)** -| 21. Teredo | No MDM needed | Teredo is **Off by default**. Delivery Optimization (DO) can turn on Teredo, but DO itself is turned Off via MDM. -| 22. Wi-Fi Sense | No MDM needed | Wi-Fi Sense is no longer available from Windows 10 version 1803 and newer. -| 23. Windows Defender | [Defender/AllowCloudProtection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-allowcloudprotection) | Disconnect from the Microsoft Antimalware Protection Service. **Set to 0 (zero)** -| | [Defender/SubmitSamplesConsent](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-submitsamplesconsent) | Stop sending file samples back to Microsoft. **Set to 2 (two)** -| 23.1 Windows Defender Smartscreen | [Browser/AllowSmartScreen](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Disable Windows Defender Smartscreen. **Set to 0 (zero)** -| 23.2 Windows Defender Smartscreen EnableAppInstallControl | [SmartScreen/EnableAppInstallControl](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-smartscreen#smartscreen-enableappinstallcontrol) | Controls whether users are allowed to install apps from places other than the Microsoft Store. **Set to 0 (zero)** -| 23.3 Windows Defender Potentially Unwanted Applications(PUA) Protection | [Defender/PUAProtection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-puaprotection) | Specifies the level of detection for potentially unwanted applications (PUAs). **Set to 1 (one)** -| 24. Windows Spotlight | [Experience/AllowWindowsSpotlight](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowwindowsspotlight) | Disable Windows Spotlight. **Set to 0 (zero)** -| 25. Microsoft Store | [ApplicationManagement/DisableStoreOriginatedApps](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-disablestoreoriginatedapps)| Boolean value that disables the launch of all apps from Microsoft Store that came pre-installed or were downloaded. **Set to 1 (one)** -| | [ApplicationManagement/AllowAppStoreAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-allowappstoreautoupdate)| Specifies whether automatic update of apps from Microsoft Store are allowed. **Set to 0 (zero)** -| 25.1 Apps for websites | [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers) | This policy setting determines whether Windows supports web-to-app linking with app URI handlers. **Set to 0 (zero)** -| 26. Windows Update Delivery Optimization | | The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). -| | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Lets you choose where Delivery Optimization gets or sends updates and apps. **Set to 100 (one hundred)** -| 27. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. **Set to 5 (five)** -| 27.1 Windows Update Allow Update Service | [Update/AllowUpdateService](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowupdateservice) | Specifies whether the device could use Microsoft Update, Windows Server Update Services (WSUS), or Microsoft Store. **Set to 0 (zero)** -| 27.2 Windows Update Service URL| [Update/UpdateServiceUrl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-updateserviceurl) | Allows the device to check for updates from a WSUS server instead of Microsoft Update. **Set to String** with this Value: +> [!div class="mx-tdBreakAll"] +> | Setting | MDM Policy | Description | +> | --- | --- | --- | +> | 1. Automatic Root Certificates Update | There is intentionally no MDM available for Automatic Root Certificate Update. | This MDM does not exist since it would prevent the operation and management of MDM management of devices.| +> | 2. Cortana and Search | [Experience/AllowCortana](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowcortana) | Choose whether to let Cortana install and run on the device. **Set to 0 (zero)**| +> | | [Search/AllowSearchToUseLocation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-search#search-allowsearchtouselocation) | Choose whether Cortana and Search can provide location-aware search results. **Set to 0 (zero)**| +> | 3. Date & Time | [Settings/AllowDateTime](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-settings#settings-allowdatetime)| Allows the user to change date and time settings. **Set to 0 (zero)**| +> | 4. Device metadata retrieval | [DeviceInstallation/PreventDeviceMetadataFromNetwork](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventdevicemetadatafromnetwork) | Choose whether to prevent Windows from retrieving device metadata from the Internet. **Set to Enabled**| +> | 5. Find My Device | [Experience/AllowFindMyDevice](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowfindmydevice)| This policy turns on Find My Device. **Set to 0 (zero)** | +> | 6. Font streaming | [System/AllowFontProviders](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowfontproviders) | Setting that determines whether Windows is allowed to download fonts and font catalog data from an online font provider. **Set to 0 (zero)** | +> | 7. Insider Preview builds | [System/AllowBuildPreview](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowbuildpreview) | This policy setting determines whether users can access the Insider build controls in the Advanced Options for Windows Update. **Set to 0 (zero)**| +> | 8. Internet Explorer | The following Microsoft Internet Explorer MDM policies are available in the [Internet Explorer CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer) | | +> | | [InternetExplorer/AllowSuggestedSites](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-allowsuggestedsites) | Recommends websites based on the user’s browsing activity. **Set to Disabled**| +> | | [InternetExplorer/PreventManagingSmartScreenFilter]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-preventmanagingsmartscreenfilter) | Prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing," or is known to host malware. **Set to Enabled**| +> | | [InternetExplorer/DisableFlipAheadFeature]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disableflipaheadfeature) | Determines whether a user can swipe across a screen or click Forward to go to the next pre-loaded page of a website. **Set to Enabled**| +> | | [InternetExplorer/DisableHomePageChange]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablehomepagechange) | Determines whether users can change the default Home Page or not. **Set to Enabled**| +> | | [InternetExplorer/DisableFirstRunWizard]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablefirstrunwizard) | Prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Windows. **Set to Enabled**| +> | 9. Live Tiles | [Notifications/DisallowTileNotification](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-notifications)| This policy setting turns off tile notifications. If you enable this policy setting applications and system features will not be able to update their tiles and tile badges in the Start screen. **Set to Enabled**| +> | 10. Mail synchronization | [Accounts/AllowMicrosoftAccountConnection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountconnection) | Specifies whether the user is allowed to use an MSA account for non-email related connection authentication and services. **Set to 0 (zero)** | +> | 11. Microsoft Account | [Accounts/AllowMicrosoftAccountSignInAssistant](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountsigninassistant) | Disable the Microsoft Account Sign-In Assistant. **Set to 0 (zero)** | +> | 12. Microsoft Edge | | The following Microsoft Edge MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). For a complete list of the Microsoft Edge policies, see [Available policies for Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/available-policies). | +> | | [Browser/AllowAutoFill](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowautofill) | Choose whether employees can use autofill on websites. **Set to 0 (zero)** | +> | | [Browser/AllowDoNotTrack](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowdonottrack) | Choose whether employees can send Do Not Track headers. **Set to 0 (zero)** | +> | | [Browser/AllowMicrosoftCompatbilityList](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowmicrosoftcompatibilitylist) | Specify the Microsoft compatibility list in Microsoft Edge. **Set to 0 (zero)** | +> | | [Browser/AllowPasswordManager](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowpasswordmanager) | Choose whether employees can save passwords locally on their devices. **Set to 0 (zero)** | +> | | [Browser/AllowSearchSuggestionsinAddressBar](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsearchsuggestionsinaddressbar) | Choose whether the Address Bar shows search suggestions. **Set to 0 (zero)** | +> | | [Browser/AllowSmartScreen](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Choose whether SmartScreen is turned on or off. **Set to 0 (zero)** | +> | 13. Network Connection Status Indicator | [Connectivity/DisallowNetworkConnectivityActiveTests](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) | Note: After you apply this policy you must restart the device for the policy setting to take effect. **Set to 1 (one)** | +> | 14. Offline maps | [AllowOfflineMapsDownloadOverMeteredConnection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps)|Allows the download and update of map data over metered connections.
**Set to 0 (zero)** | +> | | [EnableOfflineMapsAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate)|Disables the automatic download and update of map data. **Set to 0 (zero)** | +> | 15. OneDrive | [DisableOneDriveFileSync](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync)| Allows IT Admins to prevent apps and features from working with files on OneDrive. **Set to 1 (one)** | +> | 15.1 Injest the ADMX | To get the latest OneDrive ADMX file you need an up-to-date Windows 10 client. | The ADMX files are located under the following path: %LocalAppData%\Microsoft\OneDrive\ there's a folder with the current OneDrive build (e.g. "18.162.0812.0001"). | +> | 15.2 Prevent Network Traffic before User SignIn | PreventNetworkTrafficPreUserSignIn | The OMA-URI value is: ./Device/Vendor/MSFT/Policy/Config/OneDriveNGSC\~Policy\~OneDriveNGSC/PreventNetworkTrafficPreUserSignIn| +> | 16. Preinstalled apps | N/A | N/A | +> | 17. Privacy settings | | Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. | +> | 17.1 General | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) | This policy setting controls the ability to send inking and typing data to Microsoft. **Set to 0 (zero)**| +> | 17.2 Location | [System/AllowLocation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowlocation) | Specifies whether to allow app access to the Location service. **Set to 0 (zero)**| +> | 17.3 Camera | [Camera/AllowCamera](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-camera#camera-allowcamera) | Disables or enables the camera. **Set to 0 (zero)**| +> | 17.4 Microphone | [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone) | Specifies whether Windows apps can access the microphone. **Set to 2 (two)** | +> | 17.5 Notifications | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | Specifies whether Windows apps can access notifications. **Set to 2 (two)**| +> | | [Settings/AllowOnlineTips]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | Enables or disables the retrieval of online tips and help for the Settings app. **Set to Disabled**| +> | 17.6 Speech, Inking, & Typing | [Privacy/AllowInputPersonalization](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-allowinputpersonalization) | This policy specifies whether users on the device have the option to enable online speech recognition. **Set to 0 (zero)** | +> | | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)| This policy setting controls the ability to send inking and typing data to Microsoft **Set to 0 (zero)** | +> | 17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | Specifies whether Windows apps can access account information. **Set to 2 (two)** | +> | 17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | Specifies whether Windows apps can access contacts. **Set to 2 (two)** | +> | 17.9 Calendar | [Privacy/LetAppsAccessCalendar](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscalendar) | Specifies whether Windows apps can access the calendar. **Set to 2 (two)** | +> | 17.10 Call history | [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory) | Specifies whether Windows apps can access account information. **Set to 2 (two)** | +> | 17.11 Email | [Privacy/LetAppsAccessEmail](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessemail) | Specifies whether Windows apps can access email. **Set to 2 (two)** | +> | 17.12 Messaging | [Privacy/LetAppsAccessMessaging](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmessaging) | Specifies whether Windows apps can read or send messages (text or MMS). **Set to 2 (two)** | +> | 17.13 Phone calls | [Privacy/LetAppsAccessPhone](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone) | Specifies whether Windows apps can make phone calls. **Set to 2 (two)** | +> | 17.14 Radios | [Privacy/LetAppsAccessRadios](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessradios) | Specifies whether Windows apps have access to control radios. **Set to 2 (two)** | +> | 17.15 Other devices | [Privacy/LetAppsSyncWithDevices](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappssyncwithdevices) | Specifies whether Windows apps can sync with devices. **Set to 2 (two)** | +> | | [Privacy/LetAppsAccessTrustedDevices](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstrusteddevices) | Specifies whether Windows apps can access trusted devices. **Set to 2 (two)** | +> | 17.16 Feedback & diagnostics | [System/AllowTelemetry](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | Allow the device to send diagnostic and usage telemetry data, such as Watson. **Set to 0 (zero)** | +> | | [Experience/DoNotShowFeedbackNotifications](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-donotshowfeedbacknotifications)| Prevents devices from showing feedback questions from Microsoft. **Set to 1 (one)** | +> | 17.17 Background apps | [Privacy/LetAppsRunInBackground](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsruninbackground) | Specifies whether Windows apps can run in the background. **Set to 2 (two)** | +> | 17.18 Motion | [Privacy/LetAppsAccessMotion](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmotion) | Specifies whether Windows apps can access motion data. **Set to 2 (two)** | +> | 17.19 Tasks | [Privacy/LetAppsAccessTasks](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstasks) | Turn off the ability to choose which apps have access to tasks. **Set to 2 (two)** | +> | 17.20 App Diagnostics | [Privacy/LetAppsGetDiagnosticInfo](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsgetdiagnosticinfo) | Force allow, force deny or give user control of apps that can get diagnostic information about other running apps. **Set to 2 (two)** | +> | 18. Software Protection Platform | [Licensing/DisallowKMSClientOnlineAVSValidation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-licensing#licensing-disallowkmsclientonlineavsvalidation) | Opt out of sending KMS client activation data to Microsoft automatically. **Set to 1 (one)** | +> | 19. Storage Health | [Storage/AllowDiskHealthModelUpdates](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-storage#storage-allowdiskhealthmodelupdates) | Allows disk health model updates. **Set to 0 (zero)** | +> | 20. Sync your settings | [Experience/AllowSyncMySettings](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowsyncmysettings) | Control whether your settings are synchronized. **Set to 0 (zero)** | +> | 21. Teredo | No MDM needed | Teredo is **Off by default**. Delivery Optimization (DO) can turn on Teredo, but DO itself is turned Off via MDM. | +> | 22. Wi-Fi Sense | No MDM needed | Wi-Fi Sense is no longer available from Windows 10 version 1803 and newer. | +> | 23. Windows Defender | [Defender/AllowCloudProtection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-allowcloudprotection) | Disconnect from the Microsoft Antimalware Protection Service. **Set to 0 (zero)** | +> | | [Defender/SubmitSamplesConsent](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-submitsamplesconsent) | Stop sending file samples back to Microsoft. **Set to 2 (two)** | +> | 23.1 Windows Defender Smartscreen | [Browser/AllowSmartScreen](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Disable Windows Defender Smartscreen. **Set to 0 (zero)** | +> | 23.2 Windows Defender Smartscreen EnableAppInstallControl | [SmartScreen/EnableAppInstallControl](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-smartscreen#smartscreen-enableappinstallcontrol) | Controls whether users are allowed to install apps from places other than the Microsoft Store. **Set to 0 (zero)** | +> | 23.3 Windows Defender Potentially Unwanted Applications(PUA) Protection | [Defender/PUAProtection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-puaprotection) | Specifies the level of detection for potentially unwanted applications (PUAs). **Set to 1 (one)** | +> | 24. Windows Spotlight | [Experience/AllowWindowsSpotlight](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowwindowsspotlight) | Disable Windows Spotlight. **Set to 0 (zero)** | +> | 25. Microsoft Store | [ApplicationManagement/DisableStoreOriginatedApps](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-disablestoreoriginatedapps)| Boolean value that disables the launch of all apps from Microsoft Store that came pre-installed or were downloaded. **Set to 1 (one)** | +> | | [ApplicationManagement/AllowAppStoreAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-allowappstoreautoupdate)| Specifies whether automatic update of apps from Microsoft Store are allowed. **Set to 0 (zero)** | +> | 25.1 Apps for websites | [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers) | This policy setting determines whether Windows supports web-to-app linking with app URI handlers. **Set to 0 (zero)** | +> | 26. Windows Update Delivery Optimization | | The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). | +> | | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Lets you choose where Delivery Optimization gets or sends updates and apps. **Set to 100 (one hundred)** | +> | 27. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. **Set to 5 (five)**| +> | 27.1 Windows Update Allow Update Service | [Update/AllowUpdateService](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowupdateservice) | Specifies whether the device could use Microsoft Update, Windows Server Update Services (WSUS), or Microsoft Store. **Set to 0 (zero)**| +> | 27.2 Windows Update Service URL| [Update/UpdateServiceUrl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-updateserviceurl) | Allows the device to check for updates from a WSUS server instead of Microsoft Update. **Set to String** with this Value:| $CmdID$ @@ -132,7 +133,6 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt - ### Allowed traffic ("Whitelisted traffic") for Microsoft InTune / MDM configurations |**Allowed traffic endpoints** | @@ -148,6 +148,3 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt |*microsoft.com/pkiops/crl/**| |activation-v2.sls.microsoft.com/*| |ocsp.digicert.com/*| - - - From cfc02ec4c52c92b32b03a39e1b93416b82e815f8 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Mon, 15 Jul 2019 18:52:07 -0700 Subject: [PATCH 02/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md --- ...erating-system-components-to-microsoft-services-using-MDM.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md index 3ac0f19c82..11dd710c4c 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md @@ -40,7 +40,7 @@ The following table lists management options for each setting. For Windows 10, the following MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). -> [!div class="mx-tdBreakAll"] +> [!div class="mx-tdCol3BreakAll"] > | Setting | MDM Policy | Description | > | --- | --- | --- | > | 1. Automatic Root Certificates Update | There is intentionally no MDM available for Automatic Root Certificate Update. | This MDM does not exist since it would prevent the operation and management of MDM management of devices.| From c97f7b838af9ec915d9d414ef96e6e6e087354c4 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Mon, 15 Jul 2019 18:57:28 -0700 Subject: [PATCH 03/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md --- ...ting-system-components-to-microsoft-services-using-MDM.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md index 11dd710c4c..be109f6f04 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md @@ -117,8 +117,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt > | | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Lets you choose where Delivery Optimization gets or sends updates and apps. **Set to 100 (one hundred)** | > | 27. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. **Set to 5 (five)**| > | 27.1 Windows Update Allow Update Service | [Update/AllowUpdateService](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowupdateservice) | Specifies whether the device could use Microsoft Update, Windows Server Update Services (WSUS), or Microsoft Store. **Set to 0 (zero)**| -> | 27.2 Windows Update Service URL| [Update/UpdateServiceUrl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-updateserviceurl) | Allows the device to check for updates from a WSUS server instead of Microsoft Update. **Set to String** with this Value:| - +> | 27.2 Windows Update Service URL| [Update/UpdateServiceUrl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-updateserviceurl) | Allows the device to check for updates from a WSUS server instead of Microsoft Update. **Set to String** with this Value: $CmdID$ @@ -132,6 +131,8 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt http://abcd-srv:8530 +| + ### Allowed traffic ("Whitelisted traffic") for Microsoft InTune / MDM configurations From 359fd53d1c2f78562d8650a378b3591d12e5f3c5 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Thu, 18 Jul 2019 16:46:52 -0700 Subject: [PATCH 04/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md --- ...ting-system-components-to-microsoft-services-using-MDM.md | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md index be109f6f04..0a98e36716 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md @@ -40,7 +40,6 @@ The following table lists management options for each setting. For Windows 10, the following MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). -> [!div class="mx-tdCol3BreakAll"] > | Setting | MDM Policy | Description | > | --- | --- | --- | > | 1. Automatic Root Certificates Update | There is intentionally no MDM available for Automatic Root Certificate Update. | This MDM does not exist since it would prevent the operation and management of MDM management of devices.| @@ -117,7 +116,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt > | | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Lets you choose where Delivery Optimization gets or sends updates and apps. **Set to 100 (one hundred)** | > | 27. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. **Set to 5 (five)**| > | 27.1 Windows Update Allow Update Service | [Update/AllowUpdateService](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowupdateservice) | Specifies whether the device could use Microsoft Update, Windows Server Update Services (WSUS), or Microsoft Store. **Set to 0 (zero)**| -> | 27.2 Windows Update Service URL| [Update/UpdateServiceUrl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-updateserviceurl) | Allows the device to check for updates from a WSUS server instead of Microsoft Update. **Set to String** with this Value: +> | 27.2 Windows Update Service URL| [Update/UpdateServiceUrl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-updateserviceurl) | Allows the device to check for updates from a WSUS server instead of Microsoft Update. **Set to String** with this Value:| $CmdID$ @@ -131,8 +130,6 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt http://abcd-srv:8530 -| - ### Allowed traffic ("Whitelisted traffic") for Microsoft InTune / MDM configurations From 7b0c9dbee1ed84c6b2078022323b8dca69e05298 Mon Sep 17 00:00:00 2001 From: DocsPreview <49669258+DocsPreview@users.noreply.github.com> Date: Fri, 19 Jul 2019 10:56:45 -0700 Subject: [PATCH 05/54] New announcement added july (#729) (#730) * New Announcement added * Fixed date --- windows/release-information/windows-message-center.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index 31946a06a8..f2219f04cd 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -50,6 +50,7 @@ sections: text: " + From f3cdf6366bac7dcce7ad302562e4dd92416ec5e7 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Fri, 19 Jul 2019 20:46:57 -0700 Subject: [PATCH 06/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md --- ...erating-system-components-to-microsoft-services-using-MDM.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md index 0a98e36716..f02e88097b 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md @@ -70,7 +70,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt > | 14. Offline maps | [AllowOfflineMapsDownloadOverMeteredConnection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps)|Allows the download and update of map data over metered connections.
**Set to 0 (zero)** | > | | [EnableOfflineMapsAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate)|Disables the automatic download and update of map data. **Set to 0 (zero)** | > | 15. OneDrive | [DisableOneDriveFileSync](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync)| Allows IT Admins to prevent apps and features from working with files on OneDrive. **Set to 1 (one)** | -> | 15.1 Injest the ADMX | To get the latest OneDrive ADMX file you need an up-to-date Windows 10 client. | The ADMX files are located under the following path: %LocalAppData%\Microsoft\OneDrive\ there's a folder with the current OneDrive build (e.g. "18.162.0812.0001"). | +> | 15.1 Ingest the ADMX | To get the latest OneDrive ADMX file you need an up-to-date Windows 10 client. | The ADMX files are located under the following path: %LocalAppData%\Microsoft\OneDrive\ there's a folder with the current OneDrive build (e.g. "18.162.0812.0001"). There is a folder named "adm" which contains the admx and adml policy definition files. | > | 15.2 Prevent Network Traffic before User SignIn | PreventNetworkTrafficPreUserSignIn | The OMA-URI value is: ./Device/Vendor/MSFT/Policy/Config/OneDriveNGSC\~Policy\~OneDriveNGSC/PreventNetworkTrafficPreUserSignIn| > | 16. Preinstalled apps | N/A | N/A | > | 17. Privacy settings | | Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. | From de8640615423883f95523a724689513de9bb6ab7 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Fri, 19 Jul 2019 21:18:37 -0700 Subject: [PATCH 07/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md --- ...ystem-components-to-microsoft-services-using-MDM.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md index f02e88097b..b022cf4bcd 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md @@ -40,6 +40,16 @@ The following table lists management options for each setting. For Windows 10, the following MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). +1. **Automatic Root Certificates Update** + 1. **MDM Policy:** There is intentionally no MDM available for Automatic Root Certificate Update. + 1. **Description:** This MDM does not exist since it would prevent the operation and management of MDM management of devices. + +1. **Cortana and Search** + 1. **MDM Policy:** [Experience/AllowCortana](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowcortana) + 1. **Description:** Choose whether to let Cortana install and run on the device. **Set to 0 (zero)** +1. (fin) + + > | Setting | MDM Policy | Description | > | --- | --- | --- | > | 1. Automatic Root Certificates Update | There is intentionally no MDM available for Automatic Root Certificate Update. | This MDM does not exist since it would prevent the operation and management of MDM management of devices.| From 7fdb83ede0f67c5cce850fc36ad1108ec1363c15 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 23 Jul 2019 16:48:23 -0700 Subject: [PATCH 08/54] Updated with note and TVM references --- .../microsoft-defender-atp/overview-secure-score.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md b/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md index cb57adc063..e0b8251596 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md +++ b/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md @@ -21,6 +21,9 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) +>[!NOTE] +> Secure score is now part of Threat & Vulnerability Management as Configuration score. The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. + The Secure score dashboard expands your visibility into the overall security posture of your organization. From this dashboard, you'll be able to quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to further reduce the attack surface in your organization - all in one place. From there you can take action based on the recommended configuration baselines. >[!IMPORTANT] @@ -77,5 +80,14 @@ Within the tile, you can click on each control to see the recommended optimizati Clicking the link under the **Misconfigured machines** column opens up the **Machines list** with filters applied to show only the list of machines where the recommendation is applicable. You can export the list in Excel to create a target collection and apply relevant policies using a management solution of your choice. ## Related topic +- [Configuration score](configuration-score.md) +- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) +- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md) +- [Exposure score](tvm-exposure-score.md) +- [Security recommendations](tvm-security-recommendation.md) +- [Remediation](tvm-remediation.md) +- [Software inventory](tvm-software-inventory.md) +- [Weaknesses](tvm-weaknesses.md) +- [Scenarios](threat-and-vuln-mgt-scenarios.md) - [Threat analytics](threat-analytics.md) From a1569acf31b26ed933fb97b249aad436423bbe05 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 23 Jul 2019 16:50:25 -0700 Subject: [PATCH 09/54] Update overview-secure-score.md --- .../microsoft-defender-atp/overview-secure-score.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md b/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md index e0b8251596..a2c2292416 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md +++ b/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md @@ -22,7 +22,7 @@ ms.topic: conceptual - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) >[!NOTE] -> Secure score is now part of Threat & Vulnerability Management as Configuration score. The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. +> Secure score is now part of Threat & Vulnerability Management as [Configuration score](configuration-score.md). The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. The Secure score dashboard expands your visibility into the overall security posture of your organization. From this dashboard, you'll be able to quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to further reduce the attack surface in your organization - all in one place. From there you can take action based on the recommended configuration baselines. From 27bfacfb3d0006566030586bbde53162b36185eb Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 23 Jul 2019 16:51:24 -0700 Subject: [PATCH 10/54] Update overview-secure-score.md --- .../microsoft-defender-atp/overview-secure-score.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md b/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md index a2c2292416..9fdae040ab 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md +++ b/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md @@ -40,7 +40,7 @@ The **Secure score dashboard** displays a snapshot of: ![Secure score dashboard](images/new-secure-score-dashboard.png) ## Microsoft secure score -The Microsoft secure score tile is reflective of the sum of all the Windows Defender security controls that are configured according to the recommended baseline and Office 365 controls. It allows you to drill down into each portal for further analysis. You can also improve this score by taking the steps in configuring each of the security controls in the optimal settings. +The Microsoft secure score tile is reflective of the sum of all the Microsoft Defender security controls that are configured according to the recommended baseline and Office 365 controls. It allows you to drill down into each portal for further analysis. You can also improve this score by taking the steps in configuring each of the security controls in the optimal settings. ![Image of Microsoft secure score tile](images/mss.png) From 03fbb33d7dac0bd8461642562713b50187a7a963 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 23 Jul 2019 16:56:07 -0700 Subject: [PATCH 11/54] Updated links --- .../microsoft-defender-atp/overview-secure-score.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md b/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md index 9fdae040ab..bdce0881eb 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md +++ b/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md @@ -22,7 +22,7 @@ ms.topic: conceptual - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) >[!NOTE] -> Secure score is now part of Threat & Vulnerability Management as [Configuration score](configuration-score.md). The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. +> Secure score is now part of [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) as [Configuration score](configuration-score.md). The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. The Secure score dashboard expands your visibility into the overall security posture of your organization. From this dashboard, you'll be able to quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to further reduce the attack surface in your organization - all in one place. From there you can take action based on the recommended configuration baselines. @@ -44,7 +44,7 @@ The Microsoft secure score tile is reflective of the sum of all the Microsoft De ![Image of Microsoft secure score tile](images/mss.png) -Each Windows Defender security control contributes 100 points to the score. The total number is reflective of the score potential and calculated by multiplying the number of supported security controls (Microsoft Defender security controls pillars) by the maximum points that each pillar contributes (maximum of 100 points for each pillar). +Each Windows Defender security control contributes 100 points to the score. The total number is reflective of the score potential and calculated by multiplying the number of supported security controls (Windows Defender security controls pillars) by the maximum points that each pillar contributes (maximum of 100 points for each pillar). The Office 365 Secure Score looks at your settings and activities and compares them to a baseline established by Microsoft. For more information, see [Introducing the Office 365 Secure Score](https://support.office.com/en-us/article/introducing-the-office-365-secure-score-c9e7160f-2c34-4bd0-a548-5ddcc862eaef#howtoaccess). From 1e162aee1fe13af8d9f764589b9c77a718bb7f6a Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 23 Jul 2019 16:59:19 -0700 Subject: [PATCH 12/54] Update overview-secure-score.md --- .../microsoft-defender-atp/overview-secure-score.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md b/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md index bdce0881eb..1d466fca97 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md +++ b/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md @@ -22,7 +22,7 @@ ms.topic: conceptual - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) >[!NOTE] -> Secure score is now part of [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) as [Configuration score](configuration-score.md). The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. +> Secure score is now part of [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) as [Configuration score](configuration-score.md). The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. The Secure score dashboard expands your visibility into the overall security posture of your organization. From this dashboard, you'll be able to quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to further reduce the attack surface in your organization - all in one place. From there you can take action based on the recommended configuration baselines. @@ -80,10 +80,10 @@ Within the tile, you can click on each control to see the recommended optimizati Clicking the link under the **Misconfigured machines** column opens up the **Machines list** with filters applied to show only the list of machines where the recommendation is applicable. You can export the list in Excel to create a target collection and apply relevant policies using a management solution of your choice. ## Related topic -- [Configuration score](configuration-score.md) -- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) +- [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) - [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md) - [Exposure score](tvm-exposure-score.md) +- [Configuration score](configuration-score.md) - [Security recommendations](tvm-security-recommendation.md) - [Remediation](tvm-remediation.md) - [Software inventory](tvm-software-inventory.md) From 0b994d8e69c7887de408bab57592d677fa67c9e3 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 23 Jul 2019 17:08:42 -0700 Subject: [PATCH 13/54] Updated TVM topics and added SecureScore note --- windows/security/threat-protection/index.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md index 8ef02bab91..da60a14421 100644 --- a/windows/security/threat-protection/index.md +++ b/windows/security/threat-protection/index.md @@ -39,9 +39,15 @@ ms.localizationpriority: medium **[Threat & Vulnerability Management](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md)**
This built-in capability uses a game-changing risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations. + - [Risk-based Threat & Vulnerability Management](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md) - [What's in the dashboard and what it means for my organization](microsoft-defender-atp/tvm-dashboard-insights.md) +- [Exposure score](microsoft-defender-atp/tvm-exposure-score.md) - [Configuration score](microsoft-defender-atp/configuration-score.md) +- [Security recommendations](microsoft-defender-atp/tvm-security-recommendation.md) +- [Remediation](microsoft-defender-atp/tvm-remediation.md) +- [Software inventory](microsoft-defender-atp/tvm-software-inventory.md) +- [Weaknesses](microsoft-defender-atp/tvm-weaknesses.md) - [Scenarios](microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md) @@ -97,6 +103,9 @@ In conjunction with being able to quickly respond to advanced attacks, Microsoft **[Secure score](microsoft-defender-atp/overview-secure-score.md)**
+>[!NOTE] +> Secure score is now part of [Threat & Vulnerability Management](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md) as [Configuration score](microsoft-defender-atp/configuration-score.md). The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. + Microsoft Defender ATP includes a secure score to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security of your organization. - [Asset inventory](microsoft-defender-atp/secure-score-dashboard.md) - [Recommended improvement actions](microsoft-defender-atp/secure-score-dashboard.md) From c2a8a3798fa7bb205b9b61b4f4edd4780e3083e3 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 23 Jul 2019 17:23:47 -0700 Subject: [PATCH 14/54] Added deprecation note and TVM topic links --- .../secure-score-dashboard.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md b/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md index ad43e002b8..b98230426d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md +++ b/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md @@ -20,6 +20,9 @@ ms.topic: article **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) +>[!NOTE] +> Secure score is now part of [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) as [Configuration score](configuration-score.md). The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. + Each security control lists recommendations that you can take to increase the security posture of your organization. ### Endpoint detection and response (EDR) optimization @@ -281,6 +284,16 @@ For more information, see [Manage Windows Defender Credential Guard](https://doc ## Related topics - [Overview of Secure score](overview-secure-score.md) +- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) +- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md) +- [Exposure score](tvm-exposure-score.md) +- [Configuration score](configuration-score.md) +- [Security recommendations](tvm-security-recommendation.md) +- [Remediation](tvm-remediation.md) +- [Software inventory](tvm-software-inventory.md) +- [Weaknesses](tvm-weaknesses.md) +- [Scenarios](threat-and-vuln-mgt-scenarios.md) + From 948b07f7107860c36fb4a8adb6be5073571ba7d4 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Tue, 23 Jul 2019 18:57:02 -0700 Subject: [PATCH 15/54] add new issues (#745) (#746) --- .../resolved-issues-windows-10-1607.yml | 14 ++------------ ...ues-windows-10-1809-and-windows-server-2019.yml | 2 -- ...tus-windows-10-1607-and-windows-server-2016.yml | 6 ++---- .../release-information/status-windows-10-1703.yml | 2 -- .../release-information/status-windows-10-1709.yml | 2 -- .../release-information/status-windows-10-1803.yml | 2 -- ...tus-windows-10-1809-and-windows-server-2019.yml | 6 ------ .../release-information/status-windows-10-1903.yml | 1 - ...us-windows-7-and-windows-server-2008-r2-sp1.yml | 12 ------------ ...atus-windows-8.1-and-windows-server-2012-r2.yml | 12 ------------ .../status-windows-server-2008-sp2.yml | 10 ---------- .../status-windows-server-2012.yml | 14 -------------- .../release-information/windows-message-center.yml | 2 +- 13 files changed, 5 insertions(+), 80 deletions(-) diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml index f7a7113111..f39eb6c19d 100644 --- a/windows/release-information/resolved-issues-windows-10-1607.yml +++ b/windows/release-information/resolved-issues-windows-10-1607.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: "
MessageDate
Plan for change: Microsoft Silverlight will reach end of support on 12 October 2021
After this date, Silverlight will not receive any future quality or security updates. Microsoft will continue to ship updates to the Silverlight 5 Developer Runtime for supported browsers and versions (Internet Explorer 10 and Internet Explorer 11); however, please note that support for Internet Explorer 10 will end on 31 January 2020. See the Silverlight end of support FAQ for more details.
July 19, 2019
10:00 AM PT
Evolving Windows 10 servicing and quality
Find out how we plan to further optimize the delivery of the next Windows 10 feature update for devices running Windows 10, version 1903. If you're a commercial customer, please see the Windows IT Pro Blog for more details on how to plan for this new update option in your environment.
July 01, 2019
02:00 PM PT
Windows 10, version 1903 starting to roll out to devices running Windows 10, version 1803 and earlier
We are now beginning to build and train the machine learning (ML) based rollout process to update devices running Windows 10, version 1803 (the April 2018 Update) and earlier versions of Windows 10, to ensure we can continue to service these devices and provide the latest updates, security updates, and improvements.
June 18, 2019
02:00 PM PT
Windows 10, version 1903 available by selecting “Check for updates”
Windows 10, version 1903 is now available for any user who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.
June 06, 2019
06:00 PM PT
+ @@ -54,8 +55,6 @@ sections: - -
SummaryOriginating updateStatusDate resolved
SCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Resolved
KB4507459		July 16, 2019
10:00 AM PT
Some applications may fail to run as expected on clients of AD FS 2016
Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016)

See details >		OS Build 14393.2941

April 25, 2019
KB4493473		Resolved
KB4507459		July 16, 2019
10:00 AM PT
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000.

See details >		OS Build 14393.2969

May 14, 2019
KB4494440		Resolved
KB4507460		July 09, 2019
10:00 AM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 14393.2999

May 23, 2019
KB4499177		Resolved
KB4509475		June 27, 2019
02:00 PM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >		OS Build 14393.2791

February 12, 2019
KB4487026		Resolved
KB4487006		February 19, 2019
02:00 PM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >		OS Build 14393.2724

January 08, 2019
KB4480961		Resolved
KB4487026		February 12, 2019
10:00 AM PT
Instant search in Microsoft Outlook fails on Windows Server 2016
Instant search in Microsoft Outlook clients fail with the error, \"Outlook cannot perform the search\" on Windows Server 2016.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Resolved
KB4487026		February 12, 2019
10:00 AM PT
SqlConnection instantiation exception on .NET 4.6 and later
Instantiation of SqlConnection can throw an exception after certain updates have been installed.

See details >		OS Build 14393.2457

August 30, 2018
KB4343884		Resolved
KB4480977		January 17, 2019
02:00 PM PT
Unable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.

See details >		OS Build 14393.2724

January 08, 2019
KB4480961		Resolved
KB4480977		January 17, 2019
02:00 PM PT
" @@ -132,7 +131,6 @@ sections:
MSXML6 may cause applications to stop responding
After installing KB4480961, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.

Affected platforms:
Resolution: This issue was resolved in KB4493470.

Back to topOS Build 14393.2724

January 08, 2019
KB4480961Resolved
KB4493470Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
First character of the Japanese era name not recognized as an abbreviation
After installing KB4480977, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
Resolution: This issue is resolved in KB4487006.

Back to topOS Build 14393.2759

January 17, 2019
KB4480977Resolved
KB4487006Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 17, 2019
02:00 PM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, “Unrecognized Database Format”.

Affected platforms:
Resolution: This issue is resolved in KB4487026.

Back to topOS Build 14393.2724

January 08, 2019
KB4480961Resolved
KB4487026Resolved:
February 12, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT -
Unable to access hotspots with third-party applications
After installing KB4480961, third-party applications may have difficulty authenticating hotspots.

Affected platforms:
Resolution: This issue is resolved in KB4480977.

Back to topOS Build 14393.2724

January 08, 2019
KB4480961Resolved
KB4480977Resolved:
January 17, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT " @@ -141,15 +139,7 @@ sections: - type: markdown text: " +
DetailsOriginating updateStatusHistory
SCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host after installing KB4467684.

Additionally, if you do not follow the best practices, a stop error may occur in vfpext.sys on the hosts.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Resolution: This issue was resolved in KB4507459.

Back to top		OS Build 14393.2639

November 27, 2018
KB4467684		Resolved
KB4507459		Resolved:
July 16, 2019
10:00 AM PT

Opened:
November 27, 2018
10:00 AM PT
Instant search in Microsoft Outlook fails on Windows Server 2016
After installing KB4467684 on Windows Server 2016, instant search in Microsoft Outlook clients fail with the error, \"Outlook cannot perform the search\".

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Resolution: This issue is resolved in KB4487026.

Back to top		OS Build 14393.2639

November 27, 2018
KB4467684		Resolved
KB4487026		Resolved:
February 12, 2019
10:00 AM PT

Opened:
November 27, 2018
10:00 AM PT
" - -- title: August 2018 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
SqlConnection instantiation exception on .NET 4.6 and later
After you install the August Preview of Quality Rollup or September 11, 2018 .NET Framework update, instantiation of SqlConnection can throw an exception.

For more information about this issue, see the following article in the Microsoft Knowledge Base: 4470809, SqlConnection instantiation exception on .NET 4.6 and later after August-September 2018 .NET Framework updates.

Affected platforms:
  • Client: Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue is resolved in KB4480977.

Back to top		OS Build 14393.2457

August 30, 2018
KB4343884		Resolved
KB4480977		Resolved:
January 17, 2019
02:00 PM PT

Opened:
August 30, 2018
05:00 PM PT
- " diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml index c3b5e984d1..50ed0c88b7 100644 --- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml @@ -62,7 +62,6 @@ sections:
Webpages become unresponsive in Microsoft Edge
Microsoft Edge users report difficulty browsing and loading webpages.

See details >OS Build 17763.253

January 08, 2019
KB4480116Resolved
KB4487044February 12, 2019
10:00 AM PT
Issues with lock screen and Microsoft Edge tabs for certain AMD Radeon video cards
Upgrade block: Devices utilizing AMD Radeon HD2000 or HD4000 series video cards may experience issues with the lock screen and Microsoft Edge tabs.

See details >OS Build 17763.134

November 13, 2018
KB4467708Resolved
KB4487044February 12, 2019
10:00 AM PT
Trend Micro OfficeScan and Worry-Free Business Security AV software not compatible
Upgrade block: Microsoft and Trend Micro identified a compatibility issue with the Trend Micro business endpoint security solutions OfficeScan and Worry-Free Business Security.

See details >OS Build 17763.134

November 13, 2018
KB4467708Resolved
February 01, 2019
09:00 AM PT -
Unable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.

See details >OS Build 17763.253

January 08, 2019
KB4480116Resolved
KB4476976January 22, 2019
02:00 PM PT " @@ -142,7 +141,6 @@ sections:
MSXML6 may cause applications to stop responding
After installing KB4480116, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
 
The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings. 

Affected platforms:
Resolution: This issue was resolved in KB4493509

Back to topOS Build 17763.253

January 08, 2019
KB4480116Resolved
KB4493509Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Global DNS outage affects Windows Update customers
Windows Update customers were affected by a network infrastructure event on January 29, 2019 (21:00 UTC), caused by an external DNS service provider's global outage. A software update to the external provider's DNS servers resulted in the distribution of corrupted DNS records that affected connectivity to the Windows Update service. The DNS records were restored by January 30, 2019 (00:10 UTC), and the majority of local Internet Service Providers (ISP) have refreshed their DNS servers and customer services have been restored. 
 
Affected platforms:
While this was not an issue with Microsoft's services, we take any service disruption for our customers seriously. We will work with partners to better understand this so we can provide higher quality service in the future even across diverse global network providers. 
 
If you are still unable to connect to Windows Update services due to this problem, please contact your local ISP or network administrator. You can also refer to our new KB4493784 for more information to determine if your network is affected, and to provide your local ISP or network administrator with additional information to assist you. 

Back to topN/A

Resolved
Resolved:
March 08, 2019
11:15 AM PT

Opened:
January 29, 2019
02:00 PM PT
Webpages become unresponsive in Microsoft Edge
After installing KB4480116, some Microsoft Edge users report that they:
Browsing fails or the web page may become unresponsive.

Affected platforms:
Resolution: This issue is resolved in KB4487020

Back to topOS Build 17763.253

January 08, 2019
KB4480116Resolved
KB4487044Resolved:
February 12, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT -
Unable to access hotspots with third-party applications
After installing KB4480116, third-party applications may have difficulty authenticating hotspots. 

Affected platforms:
Resolution: This issue is resolved in KB4476976

Back to topOS Build 17763.253

January 08, 2019
KB4480116Resolved
KB4476976Resolved:
January 22, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT " diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml index 02443f7e42..004468483a 100644 --- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml +++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml @@ -62,13 +62,12 @@ sections: - + -
SummaryOriginating updateStatusLast updated
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Mitigated
July 10, 2019
07:09 PM PT
Cluster service may fail if the minimum password length is set to greater than 14
The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
April 25, 2019
02:00 PM PT
SCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
April 25, 2019
02:00 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 14393.2724

January 08, 2019
KB4480961		Mitigated
April 25, 2019
02:00 PM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

See details >		OS Build 14393.2608

November 13, 2018
KB4467691		Mitigated
February 19, 2019
10:00 AM PT
SCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Resolved
KB4507459		July 16, 2019
10:00 AM PT
Some applications may fail to run as expected on clients of AD FS 2016
Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016)

See details >		OS Build 14393.2941

April 25, 2019
KB4493473		Resolved
KB4507459		July 16, 2019
10:00 AM PT
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000.

See details >		OS Build 14393.2969

May 14, 2019
KB4494440		Resolved
KB4507460		July 09, 2019
10:00 AM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 14393.2999

May 23, 2019
KB4499177		Resolved
KB4509475		June 27, 2019
02:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4503294		June 18, 2019
02:00 PM PT
" @@ -95,7 +94,6 @@ sections: -
DetailsOriginating updateStatusHistory
Some applications may fail to run as expected on clients of AD FS 2016
Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016) after installation of KB4493473 on the server. Applications that may exhibit this behavior use an IFRAME during non-interactive authentication requests and receive X-Frame Options set to DENY.

Affected platforms:
  • Server: Windows Server 2016
Resolution: This issue was resolved in KB4507459.

Back to top		OS Build 14393.2941

April 25, 2019
KB4493473		Resolved
KB4507459		Resolved:
July 16, 2019
10:00 AM PT

Opened:
June 04, 2019
05:55 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4499177. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509475.

Back to top		OS Build 14393.2999

May 23, 2019
KB4499177		Resolved
KB4509475		Resolved:
June 27, 2019
02:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503294.

Back to top		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4503294		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
" @@ -123,7 +121,7 @@ sections: text: " - +
DetailsOriginating updateStatusHistory
Cluster service may fail if the minimum password length is set to greater than 14
After installing KB4467684, the cluster service may fail to start with the error \"2245 (NERR_PasswordTooShort)\" if the Group Policy \"Minimum Password Length\" is configured with greater than 14 characters.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Workaround: Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.

Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
Last updated:
April 25, 2019
02:00 PM PT

Opened:
November 27, 2018
10:00 AM PT
SCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host after installing KB4467684.

Additionally, if you do not follow the best practices, a stop error may occur in vfpext.sys on the hosts.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Workaround:
Run mofcomp on the following mof files on the affected host:
  • Scvmmswitchportsettings.mof
  • VMMDHCPSvr.mof
Follow the best practices while patching to avoid a stop error in vfpext.sys in an SDN v2 environment (NC managed hosts).

Back to top		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
Last updated:
April 25, 2019
02:00 PM PT

Opened:
November 27, 2018
10:00 AM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
After installing KB4467691, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Workaround: Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.

If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.

Next steps: Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.

Back to top		OS Build 14393.2608

November 13, 2018
KB4467691		Mitigated
Last updated:
February 19, 2019
10:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
SCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host after installing KB4467684.

Additionally, if you do not follow the best practices, a stop error may occur in vfpext.sys on the hosts.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Resolution: This issue was resolved in KB4507459.

Back to top		OS Build 14393.2639

November 27, 2018
KB4467684		Resolved
KB4507459		Resolved:
July 16, 2019
10:00 AM PT

Opened:
November 27, 2018
10:00 AM PT
" diff --git a/windows/release-information/status-windows-10-1703.yml b/windows/release-information/status-windows-10-1703.yml index 7bc0807985..a45bf5b15b 100644 --- a/windows/release-information/status-windows-10-1703.yml +++ b/windows/release-information/status-windows-10-1703.yml @@ -63,7 +63,6 @@ sections:
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >OS Build 15063.1563

January 08, 2019
KB4480973Mitigated
April 25, 2019
02:00 PM PT
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000.

See details >OS Build 15063.1805

May 14, 2019
KB4499181Resolved
KB4507450July 09, 2019
10:00 AM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >OS Build 15063.1839

May 28, 2019
KB4499162Resolved
KB4509476June 26, 2019
04:00 PM PT -
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >OS Build 15063.1868

June 11, 2019
KB4503279Resolved
KB4503289June 18, 2019
02:00 PM PT " @@ -80,7 +79,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4499162. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509476.

Back to top		OS Build 15063.1839

May 28, 2019
KB4499162		Resolved
KB4509476		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503289.

Back to top		OS Build 15063.1868

June 11, 2019
KB4503279		Resolved
KB4503289		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
" diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml index 181bfbf128..301dd17335 100644 --- a/windows/release-information/status-windows-10-1709.yml +++ b/windows/release-information/status-windows-10-1709.yml @@ -63,7 +63,6 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 16299.1217

June 11, 2019
KB4503284Mitigated
July 10, 2019
07:09 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >OS Build 16299.904

January 08, 2019
KB4480978Mitigated
April 25, 2019
02:00 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >OS Build 16299.1182

May 28, 2019
KB4499147Resolved
KB4509477June 26, 2019
04:00 PM PT -
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >OS Build 16299.1217

June 11, 2019
KB4503284Resolved
KB4503281June 18, 2019
02:00 PM PT " @@ -89,7 +88,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4499147. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509477.

Back to top		OS Build 16299.1182

May 28, 2019
KB4499147		Resolved
KB4509477		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503281.

Back to top		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved
KB4503281		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
" diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml index 1f39a3eeff..e9e62c1dce 100644 --- a/windows/release-information/status-windows-10-1803.yml +++ b/windows/release-information/status-windows-10-1803.yml @@ -64,7 +64,6 @@ sections:
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.

See details >OS Build 17134.829

June 11, 2019
KB4503286Mitigated
June 14, 2019
04:41 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >OS Build 17134.523

January 08, 2019
KB4480966Mitigated
April 25, 2019
02:00 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >OS Build 17134.799

May 21, 2019
KB4499183Resolved
KB4509478June 26, 2019
04:00 PM PT -
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >OS Build 17134.829

June 11, 2019
KB4503286Resolved
KB4503288June 18, 2019
02:00 PM PT " @@ -91,7 +90,6 @@ sections: -
DetailsOriginating updateStatusHistory
Startup to a black screen after installing updates
We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.


Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803
  • Server: Windows Server 2019
Workaround: To mitigate this issue, press Ctrl+Alt+Delete, then select the Power button in the lower right corner of the screen and select Restart. Your device should now restart normally.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Mitigated
Last updated:
June 14, 2019
04:41 PM PT

Opened:
June 14, 2019
04:41 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4499183. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509478.

Back to top		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4509478		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503288.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Resolved
KB4503288		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
" diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml index ef9a99126b..5613d45790 100644 --- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml @@ -70,9 +70,6 @@ sections:
Devices with some Asian language packs installed may receive an error
After installing the KB4493509 devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_F

See details >OS Build 17763.437

April 09, 2019
KB4493509Mitigated
May 03, 2019
10:59 AM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >OS Build 17763.253

January 08, 2019
KB4480116Mitigated
April 09, 2019
10:00 AM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >OS Build 17763.529

May 21, 2019
KB4497934Resolved
KB4509479June 26, 2019
04:00 PM PT -
Devices with Realtek Bluetooth radios drivers may not pair or connect as expected
Devices with some Realtek Bluetooth radios drivers, in some circumstances, may have issues pairing or connecting to devices.

See details >OS Build 17763.503

May 14, 2019
KB4494441Resolved
KB4501371June 18, 2019
02:00 PM PT -
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >OS Build 17763.557

June 11, 2019
KB4503327Resolved
KB4501371June 18, 2019
02:00 PM PT -
Printing from Microsoft Edge or other UWP apps may result in the error 0x80070007
Attempting to print from Microsoft Edge or other Universal Windows Platform (UWP) apps, you may receive an error.

See details >OS Build 17763.379

March 12, 2019
KB4489899Resolved
KB4501371June 18, 2019
02:00 PM PT " @@ -99,8 +96,6 @@ sections: - -
DetailsOriginating updateStatusHistory
Startup to a black screen after installing updates
We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.


Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803
  • Server: Windows Server 2019
Workaround: To mitigate this issue, press Ctrl+Alt+Delete, then select the Power button in the lower right corner of the screen and select Restart. Your device should now restart normally.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Mitigated
Last updated:
June 14, 2019
04:41 PM PT

Opened:
June 14, 2019
04:41 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4497934. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509479.

Back to top		OS Build 17763.529

May 21, 2019
KB4497934		Resolved
KB4509479		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Devices with Realtek Bluetooth radios drivers may not pair or connect as expected
In some circumstances, devices with Realtek Bluetooth radios may have issues pairing or connecting to Bluetooth devices due to a driver issue.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server 2019
Resolution: This issue was resolved in KB4501371.

Back to top		OS Build 17763.503

May 14, 2019
KB4494441		Resolved
KB4501371		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 14, 2019
05:45 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4501371.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Resolved
KB4501371		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
" @@ -110,7 +105,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Devices with some Asian language packs installed may receive an error
After installing the April 2019 Cumulative Update (KB4493509), devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\"

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
Workaround:
  1. Uninstall and reinstall any recently added language packs. For instructions, see \"Manage the input and display language settings in Windows 10\".
  2. Click Check for Updates and install the April 2019 Cumulative Update. For instructions, see \"Update Windows 10\".
Note: If reinstalling the language pack does not mitigate the issue, reset your PC as follows:
  1. Go to Settings app -> Recovery.
  2. Click on Get Started under \"Reset this PC\" recovery option.
  3. Select \"Keep my Files\".
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17763.437

April 09, 2019
KB4493509		Mitigated
Last updated:
May 03, 2019
10:59 AM PT

Opened:
May 02, 2019
04:36 PM PT
Printing from Microsoft Edge or other UWP apps may result in the error 0x80070007
When attempting to print from Microsoft Edge or other Universal Windows Platform (UWP) applications you may receive the error, \"Your printer has experienced an unexpected configuration problem. 0x80070007e.\"
 
Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4501371

Back to top		OS Build 17763.379

March 12, 2019
KB4489899		Resolved
KB4501371		Resolved:
June 18, 2019
02:00 PM PT

Opened:
May 02, 2019
04:47 PM PT
" diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml index 88fff57f7a..29dfcd9330 100644 --- a/windows/release-information/status-windows-10-1903.yml +++ b/windows/release-information/status-windows-10-1903.yml @@ -23,7 +23,6 @@ sections:
Current status as of July 16, 2019:
We are initiating the Windows 10 May 2019 Update for customers with devices that are at or nearing end of service and have not yet updated their device. Keeping these devices both supported and receiving monthly updates is critical to device security and ecosystem health. Based on the large number of devices running the April 2018 Update, that will reach the end of 18 months of service on November 12, 2019, we are starting the update process now for Home and Pro editions to help ensure adequate time for a smooth update process.

Our update rollout process takes into consideration the scale and complexity of the Windows 10 ecosystem, with the many hardware, software, and app configuration options users have, to provide a seamless update experience for all users. We closely monitor update feedback to allow us to prioritize those devices likely to have a good update experience and quickly put safeguards on other devices while we address known issues. Windows 10 Home and Pro edition users will have the ability to pause the update for up to 35 days so they can choose a convenient time.

The Windows 10 May 2019 Update is available for any user who manually selects “Check for updates” via Windows Update on a device that does not have a safeguard hold for issues already detected. If you are not offered the update, please check below for any known issues that may affect your device.

We recommend commercial customers running earlier versions of Windows 10 begin targeted deployments of Windows 10, version 1903 to validate that the apps, devices, and infrastructure used by their organizations work as expected with the new release and features.

Note Follow @WindowsUpdate to find out when new content is published to the release information dashboard.
-
" diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml index bd47291e52..23ba82cf44 100644 --- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml @@ -62,8 +62,6 @@ sections: - -
SummaryOriginating updateStatusLast updated
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503292		Mitigated
July 10, 2019
02:59 PM PT
System may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.

See details >		April 09, 2019
KB4493472		Mitigated
April 25, 2019
02:00 PM PT
IE11 may stop working when loading or interacting with Power BI reports
Power BI reports that contain line charts with markers may cause Internet Explorer 11 to stop working.

See details >		May 14, 2019
KB4499164		Resolved
KB4503277		June 20, 2019
02:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		June 11, 2019
KB4503292		Resolved
KB4503277		June 20, 2019
02:00 PM PT
" @@ -83,16 +81,6 @@ sections: " -- title: June 2019 -- items: - - type: markdown - text: " - - - -
DetailsOriginating updateStatusHistory
IE11 may stop working when loading or interacting with Power BI reports
Internet Explorer 11 may stop working when loading or interacting with Power BI reports that have line charts with markers. This issue may also occur when viewing other content that contains Scalable Vector Graphics (SVG) markers.


Affected platforms:
  • Client: Windows 7 SP1; Windows 8.1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2

Resolution: This issue was resolved in Preview Rollup KB4503277. If you are using the Internet Explorer cumulative updates, this issue was resolved in KB4508646.

Back to top		May 14, 2019
KB4499164		Resolved
KB4503277		Resolved:
June 20, 2019
02:00 PM PT

Opened:
June 07, 2019
02:57 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503277. If you are using Security Only updates, see KB4508640 for resolving KB for your platform.

Back to top		June 11, 2019
KB4503292		Resolved
KB4503277		Resolved:
June 20, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
- " - - title: April 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml index 70d40a6d5e..883499827b 100644 --- a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml @@ -64,8 +64,6 @@ sections:
Japanese IME doesn't show the new Japanese Era name as a text input option
If previous dictionary updates are installed, the Japanese input method editor (IME) doesn't show the new Japanese Era name as a text input option.

See details >April 25, 2019
KB4493443Mitigated
May 15, 2019
05:53 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.

See details >January 08, 2019
KB4480963Mitigated
April 25, 2019
02:00 PM PT
System may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.

See details >April 09, 2019
KB4493446Mitigated
April 18, 2019
05:00 PM PT -
IE11 may stop working when loading or interacting with Power BI reports
Power BI reports that contain line charts with markers may cause Internet Explorer 11 to stop working.

See details >May 14, 2019
KB4499151Resolved
KB4503283June 20, 2019
02:00 PM PT -
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >June 11, 2019
KB4503276Resolved
KB4503283June 20, 2019
02:00 PM PT " @@ -85,16 +83,6 @@ sections: " -- title: June 2019 -- items: - - type: markdown - text: " - - - -
DetailsOriginating updateStatusHistory
IE11 may stop working when loading or interacting with Power BI reports
Internet Explorer 11 may stop working when loading or interacting with Power BI reports that have line charts with markers. This issue may also occur when viewing other content that contains Scalable Vector Graphics (SVG) markers.


Affected platforms:
  • Client: Windows 7 SP1; Windows 8.1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2

Resolution: This issue was resolved in Preview Rollup KB4503283. If you are using the Internet Explorer cumulative updates, this issue was resolved in KB4508646.

Back to top		May 14, 2019
KB4499151		Resolved
KB4503283		Resolved:
June 20, 2019
02:00 PM PT

Opened:
June 07, 2019
02:57 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503283. If you are using Security Only updates, see KB4508640 for resolving KB for your platform.

Back to top		June 11, 2019
KB4503276		Resolved
KB4503283		Resolved:
June 20, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
- " - - title: May 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml index c8ea355938..f3d9d5d69b 100644 --- a/windows/release-information/status-windows-server-2008-sp2.yml +++ b/windows/release-information/status-windows-server-2008-sp2.yml @@ -61,7 +61,6 @@ sections: text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

-
SummaryOriginating updateStatusLast updated
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503273		Mitigated
July 10, 2019
02:59 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		June 11, 2019
KB4503273		Resolved
KB4503271		June 20, 2019
02:00 PM PT
" @@ -80,12 +79,3 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503273 on a WDS server.

Affected platforms:
Workaround:
To mitigate this issue on an SCCM server, set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.

Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  2. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to topJune 11, 2019
KB4503273Mitigated
Last updated:
July 10, 2019
02:59 PM PT

Opened:
July 10, 2019
02:51 PM PT " - -- title: June 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503271. If you are using Security Only updates, see KB4508640 for resolving KB for your platform.

Back to top		June 11, 2019
KB4503273		Resolved
KB4503271		Resolved:
June 20, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
- " diff --git a/windows/release-information/status-windows-server-2012.yml b/windows/release-information/status-windows-server-2012.yml index ee7242d18a..55b84c6427 100644 --- a/windows/release-information/status-windows-server-2012.yml +++ b/windows/release-information/status-windows-server-2012.yml @@ -63,9 +63,6 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >June 11, 2019
KB4503285Mitigated
July 10, 2019
07:09 PM PT
Japanese IME doesn't show the new Japanese Era name as a text input option
If previous dictionary updates are installed, the Japanese input method editor (IME) doesn't show the new Japanese Era name as a text input option.

See details >April 25, 2019
KB4493462Mitigated
May 15, 2019
05:53 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.

See details >January 08, 2019
KB4480975Mitigated
April 25, 2019
02:00 PM PT -
Some devices and generation 2 Hyper-V VMs may have issues installing updates
Some devices and generation 2 Hyper-V virtual machines (VMs) may have issues installing some updates when Secure Boot is enabled.

See details >June 11, 2019
KB4503285Resolved
KB4503295June 21, 2019
02:00 PM PT -
IE11 may stop working when loading or interacting with Power BI reports
Power BI reports that contain line charts with markers may cause Internet Explorer 11 to stop working.

See details >May 14, 2019
KB4499171Resolved
KB4503295June 21, 2019
02:00 PM PT -
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >June 11, 2019
KB4503285Resolved
KB4503295June 20, 2019
02:00 PM PT " @@ -85,17 +82,6 @@ sections: " -- title: June 2019 -- items: - - type: markdown - text: " - - - - -
DetailsOriginating updateStatusHistory
Some devices and generation 2 Hyper-V VMs may have issues installing updates
Some devices and generation 2 Hyper-V virtual machines (VMs) may have issues installing KB4503285 or later updates when Secure Boot is enabled.

Affected platforms:
  • Server: Windows Server 2012
Resolution: This issue was resolved in KB4503295. If your device is using Security Only updates, this issue was resolved in KB4508776.

Back to top		June 11, 2019
KB4503285		Resolved
KB4503295		Resolved:
June 21, 2019
02:00 PM PT

Opened:
June 19, 2019
04:57 PM PT
IE11 may stop working when loading or interacting with Power BI reports
Internet Explorer 11 may stop working when loading or interacting with Power BI reports that have line charts with markers. This issue may also occur when viewing other content that contains Scalable Vector Graphics (SVG) markers.


Affected platforms:
  • Client: Windows 7 SP1; Windows 8.1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2

Resolution: This issue was resolved in Preview Rollup KB4503295. If you are using the Internet Explorer cumulative updates, this issue was resolved in KB4508646.

Back to top		May 14, 2019
KB4499171		Resolved
KB4503295		Resolved:
June 21, 2019
02:00 PM PT

Opened:
June 07, 2019
02:57 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503295. If you are using Security Only updates, see KB4508640 for resolving KB for your platform.

Back to top		June 11, 2019
KB4503285		Resolved
KB4503295		Resolved:
June 20, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
- " - - title: May 2019 - items: - type: markdown diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index f2219f04cd..8c72153bd3 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -50,7 +50,7 @@ sections: text: " - + From f902255611965926c78816ae5f71afcc47a826ef Mon Sep 17 00:00:00 2001 From: Katya Goldenshlach Date: Wed, 24 Jul 2019 13:41:32 +0300 Subject: [PATCH 16/54] Added proxy investigation details --- .../configure-proxy-internet.md | 50 ++++++++++++++++++ .../images/atp-proxy-investigation-ah.png | Bin 0 -> 128106 bytes .../images/atp-proxy-investigation-event.png | Bin 0 -> 43730 bytes .../images/atp-proxy-investigation.png | Bin 0 -> 52996 bytes 4 files changed, 50 insertions(+) create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/atp-proxy-investigation-ah.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/atp-proxy-investigation-event.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/atp-proxy-investigation.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md index b9ff87202a..763ecfb2dd 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md @@ -175,6 +175,56 @@ However, if the connectivity check results indicate a failure, an HTTP error is > The Connectivity Analyzer tool is not compatible with ASR rule [Block process creations originating from PSExec and WMI commands](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard#attack-surface-reduction-rules). You will need to temporarily disable this rule to run the connectivity tool. > When the TelemetryProxyServer is set, in Registry or via Group Policy, Microsoft Defender ATP will fall back to direct if it can't access the defined proxy. +## Conduct investigations with Microsoft Defender ATP behind a proxy +Microsoft Defender ATP supports network connection monitoring from different levels of the operating system network stack. A challenging case is when the network uses a forward proxy as a gateway to the internet. +The proxy acts as if it was the target endpoint. In these cases, simple network connection monitors will audit the connections with the proxy which is correct but has lower investigation value. Microsoft Defender ATP supports advanced HTTP level sensor. +By enabling this sensor, Microsoft Defender ATP will expose a new type of events that surfaces the real target domain names.

+ +**Investigation Impact** +In machine's timeline the IP address will keep representing the proxy, while the real target address shows up. +![Image of network events on machine's timeline](images/atp-proxy-investigation.png)
+ +Additional events triggered by the Network Protection layer are now available to surface the real domain names even behind a proxy.
+Event's information: +![Image of single network event](images/atp-proxy-investigation-event.png)
+ +Advanced Hunting
+All new connection events are available for you to hunt on through advanced hunting as well. Since these events are connection events, you can find them under the NetworkCommunicationEvents table under the ‘ConnecionSuccess’ action type.
+Using this simple query will show you all the relevant events: + +``` +NetworkCommunicationEvents +| where ActionType == "ConnectionSuccess" +| take 10 +``` +![Image of advanced hunting query](images/atp-proxy-investigation-ah.png) + +You can also filter out the events that are related to connection to the proxy itself. Use the following query to filter out the connections to the proxy: +``` +NetworkCommunicationEvents +| where ActionType == "ConnectionSuccess" and RemoteIP != "ProxyIP" +| take 10 +``` + +**How to enable the advanced network connection sensor** +Monitoring network connection behind forward proxy is possible due to additional Network Events that originate from Network Protection. To see them in machine’s timeline you need to turn Network Protection on at least in audit mode.

+ +Network protection is a feature in Windows Defender Exploit Guard that protects employees using any app from accessing phishing scams, exploit-hosting sites, and malicious content on the Internet. This includes preventing third-party browsers from connecting to dangerous sites. Its behavior can be controlled by the following options: Block and Audit.
+If you turn this policy on in "Block" mode, users/apps will be blocked from connecting to dangerous domains. You will be able to see this activity in Windows Defender Security Center.
+ +If you turn this policy on in "Audit" mode, users/apps will not be blocked from connecting to dangerous domains. However, you will still see this activity in Microsoft Defender Security Center.
+ +If you turn this policy off, users/apps will not be blocked from connecting to dangerous domains. You will not see any network activity in Microsoft Defender Security Center.
+ +If you do not configure this policy, network blocking will be disabled by default.

+ +> [!NOTE] +> In order to enable Monitoring network connection behind forward proxy and see the domains you will need to enable network protection at least in audit mode. + +Additional documentation: +- [Applying network protection with GP – policy CSP](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-enablenetworkprotection) +- [Windows Defender Exploit Guard Documentation](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet) + ## Related topics - [Onboard Windows 10 machines](configure-endpoints.md) - [Troubleshoot Microsoft Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/atp-proxy-investigation-ah.png b/windows/security/threat-protection/microsoft-defender-atp/images/atp-proxy-investigation-ah.png new file mode 100644 index 0000000000000000000000000000000000000000..890817a70b17372e1b36ccc3ecbaad0d2f08fd6d GIT binary patch literal 128106 zcmX`Sby!pX|2}RbAfO_kl1fPk3c~1A>1K2&Dc#LBB?Sbe8>HEQQIdmA>F$QnJz&&` z!QhLp_viO}T-UB$=lpT5=Xu8cxbOS%IAQ9la%3dWNp9S@L8c)8Uh~F{Tj@7$+%&v@ z>-x?KcbEC~-%U47Ihh;qe!9);i#yiRD$+M@R78_re7<{qP3$bM?{?z`dCR}w%?_s` ziyJqt@)h1oYkQk)6Nu`JJ3QveOf{c;fX!5L&xFq|rwYx}va8Kacs>zzvFGBcSYci(1p|yTbKm$6m>w(Z+pBIYrMfBeM|aA>J|Uf-c0=} zD;2}5lo7`a5hd+a)A}66OinB9w{Tewc=t1)r*`$P_`)Y|H;ta$0=`D}yili-k)~De z|Bxupv{MvbXsK;E>rMJEB9xw3%Wb9hg`H7^bJGB!zZ8Xm;ZL8amddOT76vipcy@6> zIjQC%Pqm8<^hPftpE=#zNN4^)e6zxcR&tK&|DHj1{fwV4jdtulMs7SZpc0Jy9yh$F zy)gB21Mz(1=bf&h!K=SVP9&eAlU0awe|KCWM!1pzyk%Bs8 zzj~SQU;TJU&NiAn4;>qP=uHAv(hn!^FxWgde-kKm%e-@aOCwj?7eNP^%O&$#6t{VIykF<;dPMWoT_%V_ zt|n^+Btbv-PSm!~nki>cN0Vz1KmQSwSjDDk<}7|dZRcXW(CccM5^;Ii<@WG$H!Pzt z6yonclf*DDf4a1sW@8*7ULPv8q@?DET3pQlh*z5}!pFUT&6?#KJg6_w?RJ_Q?Xe_h zr`$Z2yCb4D!A3^>$@k6Wr_a~nQXvhuXf>Ldi$pwQx%HN~y$bv(ogONyGN_>lHFm*? z&iky5%=;3SC*b&%-{Oo&@L@;U%wCwCE@UfpRno6-IIG@sst|6B)0!x~>Y^0{9W~&p z7tJS}P8XZ+h(DG9?`&luJMmI!*Kz|4PcM?nqTUxa| z4kG$Pg6lanE8^v&YZJ1W!Nbt^Vx>o{AqCE9sPP zZt`_djvjc|xS9Vq)0vNkHiX)%=C=Oq@3mIvuQ(eP_xW5OpFD}}O+YCiZ_KIJ2siZX z98>Ua94&0*)uWE?MK(NRFH81ZB8>dnt7)(?_Ta~3tR9T3VBl%04Thm9;v&6UgwM^d zLDu)He7CHA8w)PKNB73X^s1v@GsnC|Ga_>jWdT_Hs0WvoLr-lF?H=o@vj%)?^X-JY zvm=Fmb!v(^&ng{e#kL=WcA-l(zw4c;%VqO#y!)BA3(1^^q`n(HzA+Iw!uG;U$aDUL zLx75Pe|M3{eks)FOdLL1^8>F|3%_hFx$OY}jG`rsy!=Xbk7IfqF_5bg)n+Q^osw@2 zhGrhM?ORqdU4z0uX0*JNAZQ1WM=kj%dale|;p*#K52p`ZhRcS&yol-ubuU`J{kHCaKgh$Adt>FDW5@N|?k(q43veCmGTG|flpBt>o~ zGamXM$_0NV=2nf$Q-LawE<||+N`RlF?+~qWjwvp1R@?o?ivk)?!_vmb(7&%LXBq?? z2Dbd?f7BEg0*u6Qr$hw;#)8#Nj=p8&acNs@jP?Ep`#psW2s7Jdsu5av`rO6kvq)=N z6vTkigS{0iNBe<4l{an51W?SC<0Hcu&6o~eiHj4wn#LXO>dy!~2DOwLkpNjA_!D4= z#*`+|x##B-w^Qhc6x?)}b@$=f#onGXTU?h_)xLLnt9QzO>Q8Mth((3HnnF9i*>!7)1e z?^6QGP_{ZPVFyU>v?u<1?evW4zYn+4 zPK?AYuZRli8hxi1iwhYMw$EoF7ceN<^5jMqhIDdP?HRM#@J{xUkEq7vYQ7lXC~0+4#}-(cLBi- zB?Bz@s7!elm_zK3!bT^oyb{LtWziuuZi{ zWae;H#_Ru*rx(SkMa#w;%n9VDVHpExlPHChbQ){)kP(!=p%n-TC#Bw{ylyuq*mf9w9K64(1@RN9xe+G(6-GWQ%0HFH>egsdJXXS1|O|dnZ|3y>7e9EEk<@1kPaD(mGE_tN?lz=}Zds8Vd+1(lL3grJjjq}z%-x7avm}0l z;xw}$)n`eC+*eRc;^hJTxdflhOqrPXL7}6=@N~@o?O131<8E(q2y_lH@|hiy{+v_IqI8XGmeNz>S#LQ z;jys~R(^h>ut5cGc7b6Qi$`xDYxa}V)69WWN1kHHg%{= zMQzvB+}vDU;=sa8FlCU^_H%d@D=r6Sp=f#aMTfB4R|PpW0aq43!-ccaB$n?OVMyC^JdWAC$d$Ao!3rG!&O&@ivUrmHu zu0z(M`b+#VhVud30Eg+LRbI%Mo$2{=%Dqu7wVml|494^dKR7rjeljcjTA##~>BfVK zhg-X71S90aMb(G<)*5z9*VIz_7hPpigpk8cy)3t9DZL`cVi$WY?}C7F>}pnkcK&OO8~wXuqGyMl$H>yaTcQ!Dqv?I%+iGDrvUc^<+R68mn+XA;m3cXx zE<5nM7(sEy?7;BIQlLSYq6JC5wev#@6if2CVTr8AO$BY{ zSGA%+8#R>w2x-`+9~hq+TeJ`bXoZG?K-`7(bIPtXSubnOJ4aHw3h3d_^d`>ZbV<_QLM|h5cuL0 z?KQ7*nRU^XHG7?OM+()FiiN9s66m#r=UqPLGFSf~w@5Mgr{fy=gL-gxG4V4&qj6m< zD`+SjF%E;e{zR5QiSD6aM>)E`W| zIg57(fyBjb^(`;HVES_DmUT|2GV&^@S>cvizd*Foa@Bx@sMoI1???YqNqI|Y?Hqn7 zg4cCDC}HnP=FW`<>C26wTx&nAiP_}W#ZCISG=S6TXw77MUj8~i zifRz`+p=P~>g+{Bs+~82AK@Yao{d8(=Udy6Rfry~aj)4*x1$&*9SlhVC^ zA)N>2R@A`Yb}wo={S*x~&mvO<=ql84)(b~QBq^4E)}1y3Po6&iX1Ih+lQ=+jH8G}5 z?}s@#q}A6?muf#ww5;R=ZYP~lu35cPh+}@j6@B9+WZ@f8=S4FOa&HDjm{Dg7yiXbT z$qaeg#@mePonpM&XJiy{m)|ggZ}uwYNd@|Ur+!<<=y08REjXMrCo9Z}PQZ^o@yY)o zC|^`s_8{?NWtThim#+)O$mx1t_7U)9S0Vt9DAz2)w)M#_y65bx2PJgEY9u|KTHiB= z=X-bG_cT3I zJ-bGJcK8Hjj|lRI_-paB)8(2|O?7n)N7CC-SDgh|h~Ij+_rNu3`K)KmPW^(oOdHMo zBJO`UixG63Jq17x0cw(jckgc-x@oafR(?&U<~6wpg`9?}Yg%lleGTb94s=a@9!FKp zTnOG-b70KyKO&5X@}|vYqc|jrs~inNF9nik&M{W+Oy3?3LVOE$<^}WN7aa(vX^D%r zw$cd)HF1fe0(u~%spzUFt?3Ha-8Im+iE>2YSI8nHkE?Yd>-~Lko*~g*#np;v7a`n9 z8NGLjlK3DD+30%8YwFm9P!Jz3y>$6IsH@X{xs~6Zg<4xR%{rRKD0m!ZF62%);uj*X z#U-J2OltM~HIzR%^^I_e;y?9ELJ@Cjlbw3(lj%rBJelim(v&1qaEkvf;lMGn5v_VFPm|-2P>vNcee#E<_~E3w)}DyUatR|@<6T!SU3gF@w0S4% z93My_aes4RM;Q3&wla&wkt}+Y%hptf5UNlt>2tVCp(g5y8_i`*pK@RQ5z=E_Gmahx z0;+NyyDJ*H{3M0Vdw9{+ghHp8vkF76ChS_D2fz{E+N7d8@4He7B`Ryk)khtI{4is+ z?@YuGHwMH9&%$PCc@T~mwSnoAQsXVti8b)n^ePJ6@vRtHxs~MP(6Gfd1NPJ$u`b9w z?F5`$9+V_f`1|Z&XD1F4$hL-V;z+AJK^p}-jLEJG%(VihZ;SJH*V-EleKEUq#cBSP zjvr}sKo`^1RW($;9rIcf5I~K=sIKA1#O!ZO^`2>@JX&8K|A=Dw`99=#IWND8%y4IC za%`fU!i_r?39V*t>r#Xf$J2Hx>`{->n}vK_9_Ge3yow*#==u?mo&7@L)6+tk$Gs_& z?aXGcLYtwT7uh#yz3*5FKmVTbpOGhdzcpz|K5YMDwsC(>O&s^ctJL~sZwmkVVkl$C z#0L{f8=la@Hj2U#d@<07rfq-eV%5&6`L5BC!j0?)XKw_eS?UbKCD%3hYz*$-b%@V_ z)z+TW%sBcjM*`|L;wVIK_>3hsXezzS5{Ggnz+oU^93va=*=V1kgdpyZT;cZB~XwO)`(#^pdnGeL&TYY*nh{TaWcnxG7}p2fl&!#2BO|hmIt|6bKl(=z5`hDLqEi zn9h)*z8JXVag5(R46+G(042L7dd_Dm=a(msPb4M14gvx8mkTP0GGzAUh!+_Wo7x_& zvU9c92V%^e#bqn7O9(+1`Mo^+Kd0e&2Ob#tphKePJXa2ELg96*r{|7#@U$T#ubHj} z#68?!GplQ}haTUBNt~?|Z?F64zEi~4k}X-+ADFEyiC0fslsv=>--`V-xJupsYT|L@ zg9a8B#y&o-uL3WKnF7i4w120BtZ3}cS8@;Xx+xnJ4DN}XeG$x;SMs=6n?1> zuW7PBVR{4GThGYIP!rn^8vOQ~>(~80v)fXO`lt(4W|#cqJJ-9^ds%Bl5Mn=_d16|- z%5FUhac_^I=(k61Cn6gRiFnflPQRrXOA1#nQjU;Ayr*M|3jhz{bXN{SGF*$@n?Y;E zg#r*~gXPddLFeVG&QWv5Oz;9>WWrR!t#5S%Fwr-u0dRnzf9HCPq+$wcHs)&=U%e@X zI<_zN6zm}E@lhu#GwxHrOR;G{$kc12!89CT&B>t{QQfp#bKGEPh$)zWZ0+K+PS=WS z?Y9N^ASWrdxiO}7t-tX#J=PAewCYmFwYi3r&@HR$V@jS|yV-NXy|mVl z(s6yGD6N9V1Z9th_XuDB%J-AhME%cjGZF$GJ?yB9<_ru%D0t%#IHl3{8@6#W`uab) z#3O#~ow}(oYQdDC`NG$hXdif9Knb!`Ly!bvF4dIh4`b3ijm4ptm1#2=wv%!6ETm24 z+N8@qV+PPcuJRHax^`Bw7M92-5PsCKO8ESEF&*tZ8b(#(tUY|0`0!i0=S;Tf3s~q;e53V0ReBB5ToAY zvniuhPV+gOh*4se=VhuUSH*D?gzk78>Ye2>uj&;3P|Ne;;@a>{sa&VI)=6hwehODh zE5@jIJ~L&?bNFHa<}0|lOm*%O%kFem-9-yFKbW3RuEYb_%Py+z)~|L|4ki6sdZOX> z44qtr-FxFn;feoS3m)J<(=R-s`4fk-RW54Nl}Y_v%tNRwYF*o0mA(gh+o!ri!|!m5 zN%+}Vst!9JrL5r-RSWiz@mKFO-j=oOH;SwkT{*YqzDH4OVjex7RZ7F0d)VYcF{1RP^HF)V9(;Y74+& zEwE`_4qRfyeIeM==JQN)pwia=>N#xJqKWGpNnCfBPw=1yr_PwzbI=Ad2X^!1^s(2{ zE2$A!>WDP38^8ZR8b!wdOyVqe)YgEsXENQ&=DaKNB)2Z$O^U%i;^~r)#Pr^;V4PmA z+nmlhQnA_+B+tm{fS~)YqILgQ6{@@AQj=$*`5~0lEx(9ZNNYIB^wpSGC9Lyn(>uQ;oY(_l7?I zxf8|k7-d{U1zx|ww$ey@v&dE$-!zkYx)b=H%^FS7e=Lp*NAl|`MJ-3Q^QSasaRqf* zh$Q^5<|me6i&M1bZ%wg(nH5IqEpP2AVsY)Mr5N#@Tgk5;1X-Ab*2P8B(8=_Av>yo5 zrz>-3DXh55uW5GKf0W4!FQ5#v;ECzXe;5H1%00XFnVX~{ow8@$_BP++EQXKt^tl~( zY;9wEaxThF` zhj@uTcaiq+NJ}Dd0$;JTFIkx;cy@!TqaVSa~IX$FFQhNyPXM-}X-*WIqNS!JoFp zOzPi-zJ$3)Xk2(ox2jT9lMERCGFJADpr;J@-;~p@5Pg9>)l6bUtrqmFnBJdLKaVCS z2$owNb)SZAglpVaV`b3_pyq1gIFltxJ~*lqOwVMNRu&Owg0#Pp?hPU~!_vJR=fMmx zs6P1d;mOhZ4ck6CM*aUQs-`|wT`W<^5S6I-*^n0&j2^gIUiykLE@JX|f9~By{zViZ ztQ>~AC&w);`RO6BTKY)sJLKmZ>8d+t?w3Kz#0QVAMq2Jvc#-3k?rOs_8NTQTh~Z%} z_hIB9wCnU2&tOQwPp~?Ay=nsj-yuIA)HA{=%sZu68xzY}66c1H>*mcM1KftuV8Sbu&D>1AXY zrwUZuE_D&>PO8(9SlxX3ZRiah+58W=@cbAvAp_3n_z330rR?yiuJ_2AHbC{=F>Q4T zaS7uC`lWc?ZYsqnElwfU!iUu9d)jm>m5w|EzrEo!L7$;|W(NH`T(AC{8=9A{^|RMv z=H%M;u^B12u2z4;p08nllUAc{e@en~F@Ft6chwt|WGJkZev3_-m8yq7r|+jZ;LOr$ z$-Rrp!+&%W&$Y2=kkj1s-?YF!tsQ>Pwy~v@=i25i(o4-5n0ppeCwr+kTq-#}#Q*b^ z4sc%GmRq+sNt;c*6)kI1TjKidxylpG`pRW!dhQYjZvu(UXcy4@t@Rh~Bu}MW{j2xb zhaIG*&`S%jkYOiq48E*_h_3Zy9TtaP$g5ijeI#wm(`sh1zu(Q7@|rBlieFVA^Vkh8 zGCWwZE;ZuJEt$IahAokVPxV<^MdI(}k>Hn2ukM8VySh4hd}3LrqVm|hOA;C~oRX)e zRG++V)ofIdeMF& zDD#4l>dP4U!jaEUqt=nPImiBx_JA$>a;j7Q&dU37k7pJYXqWJ_VyPIXCK@bTkd!K* zVEgK&Et*s{!6UNFAH_N06f47lQE8mTQo+Ik;~B1x+ah~vaMjV&W-o4SdY7AZ6$o(E zkl|Q>!m*4lF(o3f_;Km0ItQJE)eoM0RR)q`Fa=TV%?cTN7F{0L-%ATq)5bz;?l|6| zt46~eM#cP*Z*iRYA*5kQZUIJp@kDL#sGO!tuZz3s!{azhFYaCnKfK%lUG?X#f{-Q^$KKMl zVwgIP(y>xKec${RDTy+{*2V z*=bZ&wa@C`U6nqVG!j@77}UP zUlr)XM1`P(L8PAB$yGksiyaf|-9I_TDwycU0JvzS-+q5cWJh|OaDsLQV%oDG9T4Ig z?d81K?@(4Ub9vBk`>=*FxyqqK33J>xH(KWpIZVYHDK$cz*8d>m91Nd(^-hhJFLs8} z_ifg+PV4Go^%_+ywFNYcC7oJQ0plW|sF?)p+!)g1*mpFFVGCk^Ae&}lFj9MB0iDS& z1**N)cnjPi)saNlpWD&OZJo~m0HqKYV9S>83L$DXypTG2jDl&TDYw+lnl_fqj$))N zPE>U;H-t`XN|$~F4kK~luQX?kEx zc;}4&@SQdCP;N`pfSWp$xpQK6zDAK1Kj=BU>bO<&U;uTPGI<=e?6kdMjIP_v&PQ|6 zCe4c%TDOE9d-NHa8kBvc`r++8v@3h)>0TlVb|1>Dj^<^UnHec}zd}ybZi5{7&-MwR zO?)=~Omsr5rpVF~l+E$>WG*S&EkSpT!RarkN-OkU^y@jq%AD>=<8LsAvPaP0X)#eQ zY1`Yit)E?Y8|*uVTp!;BJE{ym#Li5PR=Pt7vkpY-4zyD<)lU7?br*XFO}RLbZHcdc zUv{n?1u!(CEmNjK9MDkcw>;8w(%1kUUbOeNeZ~fjbA+m_o2PX{RR&6!RMuc}*REfk z-^q3)GXhcm(?pDab1}2;HDP8t#4CeE&co*@$Dwb?LycRwKHH@qU6wvMRpWS>xYopO z>SqRiSnO!@yBdrc+Lq!$C+VY{(Xmscp)*8BchR~DC1t#r|FK#gk8~%^(4OGYRfM~f z;oW=PQCA70dZ6{=BpnM35kS1*bfw$;(5mrGWj*3DvZ+mn*VEa(XSxk=?qoFtTbnYRw`;5sfy?%M@w6LGnvEGjkGep%cbd|T?o8+cIfsR;3(1=uZ*;99F z&)&Hpsf&e$)Q&_tUvoJEM$}Ur1zu)W@)U0>aM{f?FT>7WwjO|Z;cB}(4hD^7E<gZScJCPPMwZd#UUoG62Ci|v?s#0j#Z^z&J^YaxQLN+ydyOo&xzlW9NHX=*Fw zg}1D&0p+GA06d^CCY9jR&Td(v2}Z-(Pokv*evUq#gOWAH_23zoRhVYMu*+}rmRJu% zT}K8C0|Vqtyhu;;KX6!axs*4S_`2gW_veq4si~<%R?-E3E{tT8+diINIjZK^$+Y~% zMmO*IT)^B8yBDfqd9sq3;78Pgw4IL`5^$^8nV(GFJ!DMBZ&XBfm^Pl|uQ|L`5*{UyL*;0B+BP8jk*Ce?SN}m2aKGWJ}YYrwYjXvsY3!=Xro_)Jg0IBsTqwxotQ(w06IWHoXC$< zd^em%N5Z8iPPQXtWars5n$O7&6Ga(mnEG50V8&_2lG$`v&y0y4rs2j;&x^0e)bA(0 zFJO+?tGPQflA(I|ZEn@AR^)B9?cbr_dF=5_@#i zajm7BLV{wkc^|XraV5Zu_qQB=|( zs$~eEmoCxN7SE`6H^Qa&4)?j|7(w>lD``1#K6)qM`Hs%1$I3`$1qkE@U-|r}r0VWC zBNfm$7Q1Jz3b?~R9ci#HZ_+FP+l$$%EP2&aN|tUh>Hz(+;`W}r^WrmBWzyH&%-MR{ z`9drfT0^!L`|Wu@G`Uzao9DTQwke;yukAbCX9`L3M^@d;-=23C>lKM~80kV~6v)_n za`!bkiw~k)4>;p=pcVp2KxE-;KzK*y zeoHCz_oRT1)a%!tkt?8lvnbAZ;esMPcq-YEA1Q%YlD;V0{VgRdFSio;{70~=#;QM6 z56r@3CXT0QH~W@c`Z%0L*hW`4dyC$4nS(Gfu|%BETU4PJT(N-KIj06-w*I&!fk}>Lxa9yyfaO^sW}}# z#J!{IwM0-T9s`{;JQ~JoWL(stH6=4iTz{d17v+Tw!+&pF7z0}@$1uRqTLPNeAk_*< z%A@?oAtRefjuR@*rrG614>hs|+dt4BE5*)-pI*wlJaGnMzhqmthRH5!sLDZ}Kkugj zYOR0a8I7Oi*ZKNGOCkj5yJXU=>ypaA<^EuOg?)?MlgyJPLmN1>tB!nfGA3Umluk@+ ze&$+G@-f}jX_&qi@X)(0U`Op#tebEITusntR1gn8HFMv2Fy2ZL8dMDtpyozS_M z8?+0j+1dg$MRmEV9+Dn7f0+Rn>#Ng=EPxoO62p>lM>q zCkj7~=}h2EDUT}7!OJY-!>UmJ8|{(^*hLQHXvg=CDk1ePY5P4|`|`gb z{GnzWUca*@D}9!Cjn`MjJ$ww&Ups17J?^ZQ{a&2s;>1G7=brwMpex$FWdxr-NErIw zgCLQPra2OpxEKkPSzPwC%U3ur7eyVs=ZD|D*K-$e%R+#7LSwDbz?n^;0Rn}8cj;&`O z#Ts^LM!z(KE5nO6&ZS<8CLSI!t%%7$#AN$F@gK z;ww@GNc@!Ead5Z)CWoZ`<|da^m!d~>do0+dci+u2Su~DAhiK%?UGGJq-8<=*I`N*M3vuDenVzgydsBrAKCQLX;`%I}?%K2mVyhodI1`Cj1%DlS}n`33rR@Zbm;jvTWk*LD$}w zJ!(6!sg3WXb`35^*fDk8t%3OxeI)(Ns=vov`AkX3B+9RFS^5Rk0{%4q!vClI8q@R( z-N*)*Taaiul2SIsS&ma*wKZZjcIl-U-}W)Znp@QK$h-MDB1ZF5Q;&MAM)%aSJ1x;8 zx6E_Fe>KE3xdf@z#gl-{=9ga-DKDHk<=2XHiRUSRf?5iNicpJ~@GlYUE#9d!^;WYn z?#Z}Oy#}!-6m_|70ux?G%E3~;LXU>|`=5cBgT+IqJsHJZPEQq-`z)HZIq7J7I?V7d zdt+=YSVRSNI@f#9=(l0dJ}FWXdwpUemvg03Wg`s>l9edwVh)qZF1cbcc_c&jNYuTk zqRfdqrMqxgl?N+Z?68A2DiAh{Y#SDDl6_O5bw7J5z>tn!DMnT#gS3I@h!>xq;mp12 zj*E_svNn3+%_@-E8_nWMU{;_Zp-7NEW=$~+rz>Fr;k?GkVx z-`(Uh4(dZ!eBLb)Rsly9yQY|xNa_dw)C|6GcHLJhi}b)je{Hkz3m1tcEDHTpEl5`u z%<9kkD3`DvYOzKlp}UY?2#FjUo0#4GOZU6U&bsAqQ|Z36E)~#qkdzO$1)DoQ-F+=b zDQm)G5``1)!=W8I@J;cYs~%5xx;A+OXn?kz13!YMhRn?Vpc`$m1qpspyH4xfbhI8? zZwZ_=Nz(15Qe%O4SD{BmSeBkMch;k^1u4N8PTvn`4gw7PAuZ1|ltTMv;_BK~@wYmP zRSLF%sJT%)(ut-ceE5_Tx6+T*Y1$bthdH!!k#qu3Fp+-y`AZE>=f(UFsO`iS|Cn@G zS@(7G&XamJ3XjN;dcK<}m*kH4;O%6$FB38Jw4Tv8)=s%k=Xm41+tWP7qw=X=?=cXm zl5h3qJl~<6x#lMQDu_-R0<=PTK_?Ffa$fMC9Sswf`?CQ8fpT+mM-y`R1A6$jE)?51fN_pzGXV7PTwL!8j%amQVK)J` zKG}8I;_w-pJTW)X6OC_aXpmQOu9m?6)ct?{2g;zFk>JT$ykF?JJu^G`6! z^poE2_!sj1NaX|pKWf;S8Y0Zcm}gRt9mIy~%5IDF7AB;vkDDx6%}>+X z?J&^F`_5u#@RYBObB&p&ETnPmbd$oXcF1|R-#hB&x^^8>hePdsJ-WN-x@ts)u=1)P zk1^77aX7OeF{VG0%581O1a&r8Lod5yd}!irvpk$YB#1R@joJ}waQr(Rg6=4u>dt;m z1mH!FdTz9S!u*-FUibGJza8I>FjMiP)onyJrt<_VU6KYw7yaxwdq+(WR?_ zS(JP=WH@>bw|A-HH%uUIhSm2ZXl;s3kE16uX!{)us~tuvRk}59v)`j0Fqti{m8Kf~ zG_$aERt(^tQtwYRM_1q?CK#uUDKr4J>3R+JxTuVC{5j?9CHv z`eB<{*W7=l39$N)$jDN?3bU(A0#*c?#^^U-!PnB#(q$3b;G}z(QB_)jqfFa_i$oLk z8K2>Rt_UdPgK7#gIL|xGX`rkZVc*0Cw zS)p8AuaIp6Vj%y+g7#8Fk>g$cv)Kp)HTSHb_2nYYa8~Vsx zF~mUA#v2HJKEsI;$@0&+oQd6Cqeu@7fX8UmZTplfTFm!g@6pnlxSuZa*cW0xLP{aw z?mlx2EbDWcb@86lDr1~3$0mfDey=9u_4nL$c7q^!jp+`_;qwUB<6+I-&>u4=wY@$| zz+rZZY98-3+~4+HU>VO;BNqH)nUqcrZSFQWCj7SpS@^~ zD07@@DApUr(yzEuCCVO6`>`f*S@I!&iu^DcCzAPJpYtsM?z$&eHTB)*b;G64#I>>Q zTWx?7ixw5h>vtqQ%ass3Ne*0F)(WJYhg`zTDD{FpYEYJBIsO)?7*;FqVjhB*`mHOq6k{ zsAuhNsc!aVq5+#mFS}xdiD9+Had#WElXY=Mj?sL?3*D`UMxwd%3((0T*;sC zUk=|JQ`KqL9P>sQNvI`j^S~{O-iA5YFIUH`q7Rpqzv@~3PPbKYNU3s|X{47{o2;x) z_|-ldbr&(-*a)5?Ev9g^ovc_>w|zyo>C&AIK3kMm!kY6AAkHh+bsc9=hZ|uuG$j|i z{8gsNM4z5YG*X*X+dEiv}!=lwg>aw(2bt>+wC9RPMp&G)j3_ubBQ z>*p9Ce1Eig-E>RH-C`sspHo-w=we%-j5qCk#g5SNV$-roP7UsDslfVZ80tK_BQaZH zJw{G=RwK3QtEFV3cVo(n(Q&5o`oo>y4x9MCh;eR+<;`1MR=oC;F5ioNY5<<=k^Cp6 zXr$w=t2I;D!ESCwnb@(bfMIs`myXWH^|h^cO3Y=Bi2d;~H{BhBDz`d^@4XIOHORfm zL)AGfBZGd0ZwtnaMxgpQuX1rv9vpAyTM*x;Tcs+TfU8n{`zo3dtM~YSjIPn`i@j}% zh(mjBw784JoK|RaM|=Bq1Fx^IuMwfonZSd1l0jZU5&0qCS8li#ebt%W4)-rw+Wbjs zWX7WJ*=WsBcQrX4Sq8y=yJRNPL0-g4iZw!Zrss0yPD%`_y>=QBo6eiPZO3R2@rE<5 zEpMsf0lcP7HdC++JAiMOj0CAqQOxJi;;VoOof>+KgZN~<%h33;Xc~Zb3hCCi8&e}R zdO59ixK&Hf_=R4@-Ez*`R-zRfNnOj0{?^+)F(J4kTmfp^%^t5v1ntl{9~>hT5oPTfUh@q)lrT9<#j< zUkurOl#F24__F;>d|KGs>B@N z?Kl#vyY4RVn>&;6@n&XFO0LU3J4o@Fx$Dne(#aBgI>e!KcZ%MPKG zh_;q{UJBgkXR*(9=v9h7?#!U5VYD%Aa_-B~rKX<+cShD@5=*kqFJ_m|pD&5;w;-bI z^(%rWpLs;>h=ZLmf9uP7MO}YacsYMrPRtl+I^Fu)@*1oG8IZ_$%|6nm43F(f;)c%r zWBKV0U&M#N6X+8jgT^EO#*3&o0NizF2%XLM5bF(O?1SSbIDUn*a)P<+G|1OnW z)H$aNPQSdP&ylIxM%j`p%PvPWLkeBggE(2SP-AGh>%snCRxIo~VhFg3Y;U&A$Vj%4 zF#o^A9Urw`muB?!v7g_IGfyd(+znFnIBs>VSLD!!CQD9cbhZU#!{2vQWFCE263OBg zq~E052&c&W!8kYK?ry4N_C`&^Pu9s=3zf!c-ElD@3x3y0c4}ubKiF8TVmTVqN2X+I zGzFaRs1^V`dEk{Nk{0Tx%0|gSsGW%$(p`+p3}{rN$PGT&e6jlkEmME~UTtJ??JqpL zRlTw-H>+dvMpIwL+q{q}!Zl$aV@DYHcHkd(W%n+0#ndck)a!jal2`jNoJmQbk2LNJ zRihJiPUn~TB#B1A$}n-o1#-$N_BytivGmR z{u*Qq^0f0)Wg%$cG-jO1l!0E+7o~IQW!3nsg#!RsnC-Yl!F7&hQ3%3k{j>&1&jfRtCT46Qx$NJ^%|A zL(Bv*@o`gcc3}Prka2q^%7sb_4`;tjDtTBMZn2Of(U`kQY z_&{uIKFgKvE@qw2l275G{KM`K392E5p~^4qOR%$u)lNMchvH*q5PgR)A&8Tu8?0j) zm*1-QR4ruC=Q$hKM$gHeX+dcSZuj?_RI+Cndl5R?F5!CD4Gi{{h2}S`Su~{m;c0gl z4ZjU<+P?5ZZ%5WF(h-iN_kTGw-m~$g=QK;5nFwSZYIPZjC91Mjo~5r-Hye$!78+@; zw6<$z8gjcdbT@2jBNwPw&s|e~FdWNdZ#Pgq4hw2oR6)wgb*{>U|JIvR6P?o&5r32V zluk)z@mXQI3k*sZ2UN5OS5A51p$e(gb146N?N@lOJLhGe`9(`sf9g8$${4-f2xehM zu@aTJ*+C3FLq|0}e*OT-_v7AVL)+?dORnhLYwVV)5HaG8jBlw32N-lmg+MEq#N$;u z=#t)~cjY%eev(N#D$n+`i#ogabD@Z~dJFRMEHyjlIS&*r^TuctrNpmOV%5#Ln9#uo z#(t{IZ$jw}NmeP!Tiq%vGUFI1e)Xk&ALkG&x2>?Q#4*}_z@kc#Vw7LyX5lVmdK90u z{$1UfFX1r&8zXb=Z|c^kbNVMZ!oP#|P_xRPonfbFMsh68UEnQ+K{^9py)vVfi*+@;M zPlipBxlb$XrQ}z7(wl@neaMdIe8O)s#Q|)Dfk_MG?f_ic1=}Nbq11%oi1<8q?DJV{iG6wMHRbT z`@NB=m~>jNfN$@?Z#F&2^YBZ-f0d!UhMUUNGn)BvJ|4rs9o4fvb?)p@bv?)DQDhCD zO`zK9pry8ntTb`PfT0U|*n6bjD`103I^ZrxNQW?5L{zb8T+AHTfC`+1~C z1{teB)fCWep-4wFt9~`=FQV>(dQ1VV%rj)qBQU;FJ?AtYl)P1j>e=PGFTuDW^%9dI zoL8SJ7b)`LuD(o)J}L)dEm0K9#J*$85bW~8{Jv18mzLvCGR23^%|p@UywRAAW~=(O zS^O>)@CD~-^bL*%%T-;E`$9>tRCcT%Jo%fH8y2t(d`iPuFhIS@GvPi^yk+Va3HG8V zJjl`-Gm`(c6qNiiyM_4e&9#<$27ehQ>Fo%LEH@D5e{9~G-Kog>+Q{-I)*!Yl;k^j4 zb7?s)NJ_%$9B;jcW45_PTnqDi`(h<`0EH;LW#jsEU0JXD-UoT(C*2ydCjb$_M>&BS zcV}Eb6PpYqUHhZ10hRy2H;~MUhU9bprT1a3nm7Q`6@Co_93FJm-rlF3G0fNQ%N7PZ@>RGE)qmwHm}h3 zx{`Vs#}L8V;D;YCo0**l#44TN28F$EW{fy*33C?Gdfp2>rypA{$_%g#FJ#O>Im;;- z>Oj}N4GD8il+9OM^%F6qiD4Xt3huMJEW2~1+GTrohV{5-r}rnxdw*!_(;S|yj}a4J z>n1g~L~9m2jL%_wq-u0}PZ>)9B%yHIn9Q(ij`?tYkO0O8+c+cJ$Q4dD$OVdG- zDmdOpm|0W}dz2gOR2H7ctxO%HKR%e&S9h%OdL-?&q+pG$ED&R$WOy5FXp8UOl#j-~ zLgdr;1r_1&wBi;7dP0xRmYXHKfoZL%vd+}>U0*02VAM~?MeNM2jb8-M9&Kb>=Z zH%49*_%PkpFH;b%Hk?TJUZTZqIB{cjb+G=MSm(87|D!d{@Xw!#Z)jH*8iIqr$4+f* z=t45<@nD=^mNu7V6u$a>FK6B31$jSInHAlSob!I`JPLg}X$}^BnE$+!;Wg>*iirij zVoddlAH#lu8*P#p?$}%3=j%!@VJpt3-VquP)9XF>sLv6l2NEMxA+OmX`xR*59)^Tj zpZ(^Af+L5RPH_o8+5_%mgZAI?<+i3rX$e7VDm&COjU;wCqI)^BZWY`N`Bq4(wSunx zb#9QHSVac3t#_$~(LtnGHlPL3zBu!dvt?#2Y^!O?p(iB^kuf#uKq;-iM*2)_9!CzA zDGZ6cOD8y#kdu)^QoyzJ_VS%sxUgDE?flPv;u^R8Zfdo6kaPa`%A0*t)=TXg@b%f& zaFWF70P+3RF_YS5^n^)OQ+~V0A=L4+@Y63;zC6L!2c;t8cz@ie6G_|G z@GJinmj6uS7CpP8Iu~;Nqg-B}<1zjh6JZ8Oldgs*-DNxj%4>`!5uv~1ns524_meK}ZPvnn#|LTh zWP0nDvCr&9VU}dBJ4r{*fA<&4@i{ZwC+%p8PIZ^zIjV{*PUVcq<~DWj!a{s?fcn6w z7N&4OiNsbFXZt7S7lRMz*Qvngb5IS3verDNUwLyt@iyxDzFL4%|5)x+S=Rih(q~m& zC330l3T2Y^_@g*Ob1#w9s5zfOZM|+Hg452fcG&-{YLT!hF^{He(Ui`P^deDz&z-T1 zw^zSMVNkaxAybaKZ{fP}b4t5dje){je@HqRD z_C|m5U5&#@l--|#7t;;F8#+lm{)e$cYIz)GryWURU(SA@qPP7y77-y(>9o#qhfv}4 zPAiMu4pGGmxlQTTKJ8&YU7UrRe?#Q4@@SlxP!$twp^?Rm-Iwv8QpA9~Hw|=)Yp+KF6%g;7$llH$op~z=t zo^IiBwVB?UcRNSDH|Ty*x3r=_aGzQ6x2-8*Fu(y#1x` z+T~#GHU3*prE=}v34i^U)5!Xuhs=B0kU@o65x)W_Mm~92-Xslb@&C>z&h73<G~WQjg5^!iQ9`8FWz-`&$5(%d`eW%d@a@=n`is0`OBm1#6qyry9u5C z9QqXe0CWXBI`Ng6<=M3#tNxqz50Bi|UyeIcLT3_vGu|v;(N0_^4ZXa7Yt;E!{Q?)S z(rRhbzGOBF`z_S$-Ti0>=WD`4LwPSL?pAu*;lE7j#n$;bz;a% z+U75RYj~+$&$_bjp#cw4k$OjmckiU{wQr`frKn)8MrFyS?3zLH)q^UKWyZnZli&Pf z|4|^D^9lwqKrGl!SWF}|Ywf_9?xMGMm&ezleG(Z~CFvyJf7M(fpPgr34S7&^M3+c!ejB zcgh-PCT@g5X~*}X_?IHKeDUG%#EK>giL9%V^T4)L<;X@|;Y@B^TV+%BCm74VS6rj? zG@S}8+-mu>^DbK3Ur6U~QSj}L&nLl}!Jc&=`mBDOs{p=mBgdNRf7(C(lTJjV;#nkk zJvTFy>66#yx^nj??PY2zgf8)I^htB5wpLmI0m|V1&({o;>68;_`52q152KFR;wLxx zq)j=xQ=`LJw7%uz9OUmpIWjn{)WprX{q8=QUb4O)=g`ybH}e7O*3^z=a5UW5hf$7k z9gCC5MIZBncHQHrU+n9)Di- z(O$R+T(sxh99CYY%KTw^13Ac z?u)xb+>Xj(DPm67Y`3d?A`jroX{if7R3q-#_0=X!IYKEniS+Ry^vnawtFMVJ5?m@uR zhEdi4rh)(B?mz3ibHfG_4tJf4ahvPf*R5Z{w-3KP;#8PqBCDLN``GQ3(t>Llvz%_t zs7nlp+usvUU6cuxUg#djZs>OW?-QB5A2iOO@08c?N%B=6*OG+$@@=C?3!@br#p1k10ODNbTVu}z;6U(D%_#LN5b zzB%ICPQf?Q|M4<6w1;>!Cg0V>-we28Nq0gzr!w#FBIuE-V5QxWaUCp*B9_#?hjO0ODS;+pUN+PD+UFo4tl~T*&IR0>J`vV^j3q?dV zON!=;QkL`$Ps}ZmjAhM4>5Bw!8b^WUXO#ws`sE1JTLj&HcKYunx{xE+93hnD2}oI+ zsB+|E$=cETV7@5lk#!BT^d3L@?@clB-soe#{3Lbp=LSEDGVV$0KkoI&!NK_X`FU>R zHs`gk4^|95{~0lMJU_xqao^vI0O8^4_@|xHum4`AO?k!?5DkqF^>AwEvr!NDG%iR4 z1BvK=iY2&staLdtoCS|Mc^v+yT7ZmPh~8$y>i_=7*Ix4~5t{r{E|kdgDPdoK9I z%RSgB{wMV{T(@+|NVw6jQ?7IfTI{2%3YuR$d(?lJ^ys>ECE(@h;DH+|r$Z6fvJD;-J^0ABSx;F1l>p(|3>?s`i+{u7j}BtcXfKO!R|hfd|r z*{JmIpPjw>Y`UrgILX@oGJL-APR$(tE>+VY?vQvgAS#~=lm_vTG;rbqN7sa7DT)<+ zQ^8C6&+oDk+#-H<;pXCz`j^bx{rRJl_=Bqin;k%9qQ^iI{LnRo*6tr|xqtul_tEza ze_FlmF&+_c`N!uIK=Q5b#XmoL#nH6nEJ_=_pfq6BsLLVupO*stXXdZm@twu41MdKD z@0O~nsxM!@+`2%7g@vI|Y3>L)yYWPANi&Boacm<@Q z$%WUgV*;I>aTE~h-@JKKZ`iyW%UamJ=hEQ5(U+M?2Cfkn6@`ymY$Y85HEr#G|MsuU zNp+a;ki}~Pgr-3`ls0$vyOBI+yY+i<1uuWX6K{7jR(W`*<}1D=-Pm-Xs@TL`*hxF< z&DIdz^X1_f@esv8`gXoUWwGlHEnA z5MZ+W=gsplB)~P{9;jFIz)zkQUwNJM&7X7yt2wwZ1|Keff%-2Vfq#Gh=ef4@km~(^ zKiL2O-vGOETKV7~GYOJ?|8yh&aRuJaxhbGaX|j=k6L4BpwO$rv%5uvlv1Ju~%Ktn5 z8aN*b@xSi?&#oWZEjNwT7V&_bBIVzGVLZ%REm0zS`b=+*3`Rj(C8AB2WCd0$M$EHY zQ4wv^5HMas#0)~y(uc*&@f`?G4h%ZVl$dh3I~+Wqk&7a?iCIHy)4jw_G#fWkoUg#1 zs?7(QI~-P@#jx(SCu6FiN*ZQXNT+AQq+kpE_m$xGA}rz}SD_IFbYDSAl+6%;GXP;a z@Gk@>3!y0#w#xUR$>}q+U41t^>sRQ2Nw9#bx@BcKlxyaHY7%0D+*Nij$ zX!P%MCQ4(6!owZ*;TA2-mMloc6kC(hP#rjjCMV{E0AU^>a%pA+JiFY9cxc4SUx$3F z!Hftx4V}EG@-2tOW{(PbAy-FcFgnX`z>9Us5`YIOiFEPihQOrIPfQf;qkLDMpB_=G z8EP=&lx(1wtEs3ecS7tx6nxG<@t~Mtl>KOq0i9E}#KZ`X`4(oLDPghY7hQ^~gGT2e zGrVF%mLX{ZX6lDn)jW0BY|=Q>0@d8imcK)%oPNH@B_z<9ky$9`sSu5;!H^B3OeLex za=Jk9)U;8}IF${*z>aAUu!|xoPCl@};X}AxW<1m4i8LGNF7S%MXQG zb-IBkDG4l>2L&&5R9MmtU=T@|ANZZTCYJC}2|70GimubENPl=ag#oxi0Z1jMGA-Nx zqE9E99x0pW$y9rC6q-+X#k!<;kB)2r&HS z5!okyq*qW>;gFA{w1+%qwfKp8IJI!D;)mBTTftHj2ZkMtXJ?r_Rml-BM}>+>_SjjJ zx^d`wUZz?{jZ01-RALWQGFC*P9^~@Hsxl$NP#{X_nksW+7O4c5@;Jz_7)a|p(E!No zyOdS!oS;-9g)s+`E(J>^2`;o*z~whJC1onLA#H0iV#!Fhl$VtRJ;U+<+C>o|@mw5- zPL>R*0|gdeY)h93it1-ZuB*AQ$0o=GeeoC^0aNE8Kjq~^iI_Tttt(s&>V=U^##F8^ zIq%Atk{oC?u+L3worob1QeUNeb>zvm;kX8fv058XdFIbn5Cln&7wdV%af`AHrg-=A0F z2!K#_KhPu15{?qaNT67S+^B|t1j7L(c+3h@Fgo2_d`p6YiA%P4ubDk+Mm!uFbWTkA1 zULr6bvZaXU>bN4qR#8y$pUYyB3o)k$~3f++!@^a=5 z#RcIlOp9WiFY3=6EjC-K_}EY4UEMf1ycq{W$9h8MF+Zg0r z4qJ#P2c>-PIRO=GJV3e_*5tVrW_Fe|6HOIRFdllPMe^hO{^8->p?;qY<0uCzCnl!Pi+;;Nc<`SB?bdw)F};{=NG z(?5h7aM^ZBasvrl-=F8-BzWz<0wHay(*l%a9pEgyeYjk3svq1R7~u~?1!8}5@h8{8PwTDip^})I^o6?F_-`VJ95-qRd*1&6NM$FhU$mSk*-BmpQ4~tz@Ft07 zZSlT4P$8j_2%^pbb|#8par?5MpZ2Ky4ViHu1Pc10okH!ccEohAvu!2CNP&o9dha)H z^2jl9ejwVX209lHQt;dUJL-Pqyn8x%dg$ISPw(6`r9g+@etWu=(8z&CDzsPk3bNvbd|CrhxP(rum}>F|rP}Y2&%BNlL_Y5+`~IY7 z)ZXs5qHkdlmcZ!m0l?1eG%~(uPpP#06ypS8TF{gtjgP_Ttlj?1cxg%?Ewjg7!5gSR zen!L1tF>EoYwN9t>$Pt&Yd#C63ubS*6&&s~4#>N2XzdZBcVS-3LFN zTto~`{+o%@;z0%~5l^j=Tt#ohm1MT_FLx3Xg|?9*oT60P-C_}XnxFb5{)Mj)Be+to z;hy$v&gB9Wv5SN6HD>?~Rq%dWp^BkK&4Hy8^@ zt{=^B`p6;pItP&=7d=Y=g($3ijY#tL)Q27O#~t7qdP0Aj93cn76^^wFO}oEcGVt_1Cx`JDL%P%BKVfzXavegC`3W4N-bu<;1Ib@#_^Y$O5axtrD7)E`xlQp}KdRWwh)8)0L)d zQp}6cB1{sOwXX$B7DN0HRgDF<~bHRHalI#do_U@n{_oDh9&Y zc1G!ax^jCGL>X&ubTz!?QVh70cpQFO*Bvn0{4;eiI&%dqvDTBl2~!Z4e8~;ZPS|VE z`viZR3g}A`zWoW#J@S_m7vGIlE#EX7CXG0HRCu+!vTk$)J%2vYwTRJh#TaLL`&WQk z7tDxgf!#qC{CHk8e7qSZ5}d4rcg=4ik-8#v`WC|csh`TV9g(Uq@JwlZnOx7ux7&Wy3?N^ z$*SFn9GPq2)kh8st|a?NWsZx^&$Y5tJu(x4jO8FII6q4cis8T!pNMeVJB$R`@~`Ks zfasPtKi-~=^OoVhycyH~8ip`{ILb#ujZr;_G4h4_eEUoui64R~FBIM*t1^5*cl@0Nb6NmMl;3vWah+!^RMy{&&dthbNP=vN#|i9BS4 zPZDs1s~RoOUU;!+MkwiScMblQiLobULL7@V^vox1Ahz0Fj0U~i8|Zf&khYDR@`P>w zM!n`=n6vWz^Z7*lHBAvKJ!B8 z)CUq?EEa{?f;h?wZVDd7H}y}K-AzcKfICU{O37_i{`V-~DKxLXl_iPC(O%(P0}>lG z@%S`C8W6PK@P*zWuDoF;1(f$~$wgsh69#qp8&y9%4WtBsGbnST*8W%H=|aO} zXJ!0U|1SzkIOl-GSOKO`-0%R6$I0-fPB?lE zhyk z--ZFv5jbTHK4aAll{#tP!h@}2;Dn4&Xv8>P{a$Ji|5Y-6X4_2NT^=Bten&Q((=#nv z$KTAN#wE+?9U^uSxg%w_BZr6QIKhOLEK}wBd?MG9)Dncw`(aRV zd51)~j)hm8hgE z;pE2|x(C9yQ7;nSeE`oBaKd#U1sm&8;GdZHF$ehaUZ4^lJI(+$1(nX|Y>MJHAd_c~ zI{uAtiQ@`S5ZUY9K3pX)zI7saUjHZOik1Ds=*qv>KJ5fs%N>vD0(c%3MOvR|I%lEb@7@y-?}}dabh=I3mddu&w2<5?dsX ziW{_ILj?PQ(*}DeBI69$mKp2Zuo*1mi3&bcS5~s*VBD#T`;JN0nSLfyB14PLLq^A= zA1#;sOMM`W0TpflS2ndYM8v70eA*;tRfjxMmuGVcxc}a&RPQ$Ux!ZTq(_9;B1y46@y;h$X0O*-5Wk5kmh0m zsFuKHvgxSAa_YfP=3nm3D;~@S`Xo&zs2^zw;_MBz7v}pNX^X&^t{9BJDw|<{@B27) z3H3IcM!{t0sE+RnB)vC3SF3bpVroXxg&z+UX)J{YIjBHUr>k02z6N68x%8c)VIb(t zfHgUNkwEH>mZ@NzJq9K#EAZ_Zn^=X&X{S|#pBqt2*l?6I=xPSYH7KUWLK+FO4W`&k zgC8zES9-x{IUxGA+1ayc8GJr-0#HRrioh2c1U{vOtHeMhWZDYF52@L014dT<%;ECP zd{AhZo^9ztSwp+%EK?&zGJ!JE%7R>TPV0BO6-fa|Hg%LRvWI-iKci+tQ%~9C>>L}u zv=AAGzLvh8vGwseekh~-5wtIaV*n>TP+4;O8$}I2O8yJsTTj)fISMX*=0(^PI~?yQ zDgr*f(I0&vf(ad@mqg-|4^`zyM4Kp`aem%(p;9-V1|WI(x7*t188cmz(hlaVOOBun zRcx-D(rPP{q9`VZ7xgM^_)3DSO{>z8poBx`>rJ5y+!w`$wUT~|^4wbmWHOAR4p%|mX%RX+hU8c-~Y=jBOJHn9>}nz0F@w;P$lhRBLe{ySRoyO9AZY!r-` zt_dN&cuCI?rEC|~#C;NfU~-|;00|{*kr6>fL^lJ$rtz2qOti@n9xR?}B>J3lk=>~g zQgwTTZY;}=dK7& z%neT+$B{gvAv8V^_9zKHynHTIodVYu21a)Qz_-w-a%Rh(GJCR0)=*FDIs+>bZQY+z z2dJRnAkOlwR5CGdGQ~sz1yeZKvXiR^fx+Rd0@E|3TrL}%!%M+d*Lnq{RD?GnID`Op zqNC6|AjkYI)eVnDu!Is4P-HqCGf2*>a@VLVU(8V>O;OZ*w`=B7j|PD)V20Gt`c|4D z77E!JCcWfzlrI^LEZmY4I4#d=88V!;H%skr-DZIY`=)U_LhRF^+nCBg>mMW`?vKQh zKGLkIOpT|un*uwj;9(?>Rz{Zk7$kqSl*MXN{*bwh7Isob5(_YCf=W8$L4n6oaoZS5 zb_wJTF-LUPiT;+6MZ}8eI2E$3HO|-yxk66I$i}wvl?ypE!-v6rkNEROl3Xv9TWkgf2QkY5cFd-0Mo{L}Ps1PhBOk{3|t`j0=%SIxMb zbs`s@y68X@Ls3xfq(NJ$AyCHR)`)Ge zWR>4h&`qPM_fzP3jiGHdE^Ikv=#!743~eXeG7H5Zrjm#muCL&%ojVkgYlTYEdVHFULJb92l@=@1xz~9~C08k;HR!I# zYhrN6eI^S_37nGG6@tz|%fOC^WTl4C$(wKh>~}CeG7@u8X31MdYynP64L2%V>cM%D ztR7lj)>%cg&^HqQkQ(lCCMcLJMNeExIL=3^WR;ezTB)iZBgyMX_YDIsC1M>$WIYt& zFXY9MBk7ovn3e=*AH>m-OV9Im2}>;A1NP?fMdD3X`#1gU7HoaCjy95^{vPnq>f_p+ zw=dz42dVXoHb9^cq7I=W_+~H4q8`=aKcI#k852)}A7e~X#W0nt>M!u9;EffLGw>r> zQi4b2BF1)Wen5wUS(uZOGzP9^eAFbn%9eDtdT|nFgzwPF63ZVT5ofPEJLHL6tB5BT zl{rw5N*~>6mGQTekQlM2-LiH>v64NNNAXBr>G*H1k!r#=6W0}FZix2#E9*cP4d!ma zDzfeIx$N)ZeE4%;38#dSaf(gL)ZnawkQ^wz4h)PU-taF3IpDui6qu+x}9WHi=dWXE~@jiFct=h2F?3s zoVnVqf(>c!{ zxw!I9Lt0VFDobxOxUgOMlwTt-1Myc9(_6!Khhq4MaReIKk)ZpG{gQdyb{?3;zL9h4 zowpm{bL8cw;Q=*d!c0a(qVfbmB1mYuvI(~Gx0q9__-m3)Gemx9Z*(@DFjLy?J9Iav zd3@JgW?AXiQxSs@%h^awN1DXmgZCqwU&0I-P7rogrotx5+VO}!Ad=yq8y`6)qdwPCVXfyibgIkC5e5iF)boHVaQI${Ej8u^TX_R zfL{^EK-%`M^u^^a{^j5w}oL(6>zO0Rxc%wsavxn^^#zznty;eO@ja2*2Q3 zqO@zD+{~SvIPaCOV&UTlAJa-;cm%5rmNM4XOba!b_X&I%YU-4eaRZV{DUlsZA`cG_IGKL# zH+i#q?_a+V5~?@pID00gUnJ2%+ zP{?f+AX6=ge4rM=*mQXt5CFtl0H}&36Y;*Gz8)XZ>Nah0WPRB32-q$+SQuzgGa4$M z+0`v&I=d}xgy;=>N{cvL9aAu*lAVyksciD%v2C@ptyca3`T9g^kuc(Qi(y&*1B`Xm zzuc14JlOJ?xM|{0D3OD9dls-MXOCzfQHaKebpakMZPZ0pxbnaw_)gabY_Wq}Kl#uJL z`#+y^-gF&u)_3*6n_GQPR>kb5sOS4Lxs3aRP~cgf8IQ zC1rIxK!nev82DyL(EZKyUrkkED%BH8!`@QS2l?5XFn(z;_bO+0-b>6JJayX}E7AIC zL3q4Oa%At|!%mjD?PLRJ;D_k_?`FW#+xMw~s6DiIr9JVvx5%L|UFO*4V7$_nal4!( z0vC58Mmv4J_-#BHx7BeYUN0cQKV5v+=tmcb2Hj?Zd9ic!k+@blK|wFDqm(S0vfot} z_ER)R4O`#_0$k=nEl4=YC{oC!p@a!N133$cbf`%?e?vY{m1V%nRSU@Y(lX_Swu)nQ zGHg$!{Xl3W2v(<9Fflg|2HGEtWH;KD|LNGH9f~>K$zEAn8db_6w2KiD@YrXO8WdXf zL%yC=FN-m>3;>z$M%BfmC90DjtQ+Oy@yMut6jsB?>!*H2Tyzg`;WuC#4wZT1pGf%b zKd=dcRKj*po~5dP!tdj)8DZaO3UrW2mwte!c?WvFB%n}%)+TRhl6tl%2q|n%3wxbi zwmxilW}@KbQZM)z;&74f5`OCmuviUk$F>DRY?Pi}yuP8Lb;-Z$AE@!X{JhBUofE!U z7BqaU9x)_vxd{LkgTK4gRxg@{st0Wnb(oysfq1wd=t{hff>*sp#@(C^Vq`ppk2eT} zzx@h+deFr8;^6(!Gqytf7xV%5CQmQovxNvl_@1S|W(sOJt$H*8u?kX@G@OI_ccK4o z4j`hBbBdAI1Ov{2B+-(g8!uep%LWZ$!e(?3eH%r;!qnN$c!y%6(xL;L_j64A!r#A; zoHNJ8yUU{`HiH~6?j{zaG-3hiC_J>5B%TMuU_R#+<@js7J|xxXE?=Z#s(dt^ zsNf!zb&70rQDlC+yme;9bpr!TQO_5{a>=#@4H1gPp@E6-*tX@ROe+ih?UdF7VY8D} zzC1knFKWIU7aKkZnC%foy|=Lk+9^;-smsHl`#6jflWkHVfmVVXA2We@S#HUbI<3RG z5!qv)J!rcIHccg-jQmx$GM?9OGXMB^)Slbi0<=l~ll;Ar(BFn=+Hr0fmpx2+ z1|rm0gcg=yB1{xmL4zlZ4#|iQb3VH(j_QT0N3WEvat~7)Ml13nxy1MvEW5sco&?)t z>MZ9|0g`YT+Vw;|bD+#`!!wF_Prlcav1lA2J|d1l;%lT$Ka@WDwSmzHQwRhzGdces zK^Zq}1g4dOnPP#-`Pv!S^AK_q;0hbiE}cyjZ$qk7sUJg8(h{jcb+-9EfcajP8HS(K zBko5Vh$Q!cSl#WF@9*`LGKQAH+0yi8B-*H!7NQqHDH{rmK9ItRByBRJaG1o6G=ai3_m9yTPYdSfRvhi0{R)`F}13bl~Ri;0ze@_4H>=y{w(5R{a<3XUpiO+> z)A{`-hi20r^`IgQ4n|28bm{@G2U)!i>*_T73^EXGO=9$)*)R#x#KR)5H~LHmQiw{T zUdjQ(V3YD09_bxG2*5g=p2}OB+}Msn57dQ?x8y#&zPG360okc>QK?!P+7i$1rymZq z{>)RD)!HH>r_QECwjB$JwN~F*8Ctero||IN@>D{I*f|SnXeS3FVsdP%Rx{%&oOy+T zsGzgeuJ=~YQ@8i1JA`M`1$SZ!Y-?58CB&e^?1L(bl=hLk2^g(Y&u?ZcL#mJtvXL@L z7>rJtJ2XaZ+Ff2%)81ny^cL8B#t*j>daMm8r12hEA~_a(qd--yoH4=PO5|EKhP)!) z4O7T@_+I5BohXbLI~hjkD&3T6uh?wCV^#%pi&NJ}y`Y9rhw%sK`KzeXf0nbN&`BRD zOjm6oq*CNeE!2d0oQBn;Gqp`Om)nSG%H|FtD2|ltfXB<`d8tOQYU-x6!GLy>sY(!Q zY~pSaHidB;#+W=P8HU=Eo08>%Gf_4I*%~rmP=9&LA}={lRJY%R(d0Ztw~BSP_HkrW zG<>k&Qj}6p z<~R&$@}1Da-D}1z;xq=#q$n-k76Psq!1)p=8me$sk>0YuEh$M#G$%*eN0x<Qw{-~!DyeKf#_#g$`>r_xJt?a7HyU?9?uGRe)Q+OYW83?ABY@hC#f?II@J1Pd@l zyFn3Ok1~q4Bz2%)!6|X%<3Z4Z9=cbFdEfjqQn6M%dES#}khl9w=nq7rXM_=x<@fl6 zS!te`ZZ?>3MFy>tn$-7TSss)Ak~VPfr=QaoAS)E6j>`|rdSfEN79c+EAZn3>DH;&O zK8EhP{wg%F>@OLgsq$Z>ZUT!!ywvl`K$23`1R)zF1+bbHZuu{v(1Mg2G_5*G;}=q~ zF)8L3LoR~1ZfGtcQ5c|{bNs8%zir5(lqBgUNXn5piPLi8g20Ip!o-d#WS&w{I|Ki; znT^bilGqqRL#i{{23}C0`*=L_ZBt${fe7Vs6W}q_fdj8}z)1tb<^zfgLDEv~MH@`q zWvWOJM9JCoI7n)$q)3J6EMpSejAu%46~ne%35W$#fH-Z4L)l*zv$0&u$s@>OH!^2a zizQ|WW|mEeh%_*PZH&j4V*_1!3vHI%%|%hcvrI{$Hnfn8SlVdHBuFDhaJjs^Buvxb z+#Y#kjb<4EtKr>_?$=|*20>?dGp*tNcH{+{?6TUKd}{H6Q1*(Ci}YA>pkgw;^f*gN zj#Qak1EZ3UI3#Li#E7%o)6^no!qg8IUvUU;%K`r(pNo$y92!>rhe-K3I>cw-6)M!iT#bNDEWEF&sRmLlcJ=y48=tln7;N;z6zZ+O28Lur};X(FW<4vn&zR72THpx z(EfotF0xsy>%PL(ncW}@ofHZ0VULhvgc!|OGF`N2)#}cxFk*CBVSM64F%#Jy+twWm zBDMA?3^JI0tS?pm$nmNcju4H@h4Y~Oqs)s`uDGlMYo1(hNuRkW`{G8lzUYi7QU7>(S{m{IxUY;7wjJCY)jXUK|(oQ&ulgChz!8s+X1L!OS3 zDH?@zw8UX)rZm9-`i%<&fky@` zOJt2uv zp(XTW5BU(e(gYN2)ixbnah}-hTQ$Qt#dKSg6UEb zbIO=<17^o1!U4^)3td`787WRH_>4yUT*hHOe>oN;Q3(b79YJraMyGb71d%DUJT%|d zUY~ZxHkYimDct^38-tkR9+G=hWdfz{_!c4->%IU^twVEZE!N?T{;{J$IbH2Kd)ATg zE#y-vx&irQ9(qkJbp?cv1aIdkFoq;E^7HASWif{h`QZXr6}HE*mL9H)yq**3;7fbQ z*Lp*RT(M;#pb9M_FA6<;Kw7TqEUYa2-UmzNY(%Cf{Y@OLpqgxFGWKc}K z1W)gjk2J62^+<09RU5TKEaP)i)yCb>#MEnzKEB4#Wh-dPZ?x{YFqHRrvb<~pgD~py zg9ob>sHJLyqO$qXn;BSC3J53y^mo9dj!ZyTU35L$-(L`%X1T_VMuK35P0CLCmlUCB zhO14u%w)KBx_FLn$ZQ)3-BC}b3C>1h4C>Sm25)=up9=3#0D3X$T;gC7lDwTL=?k&K zm#Dkp2D`RM`#=3^(O_eN#bXU&Y%}i~{H}W&_|2rZ(Gwi&i#ly}h zgvsyub6UkviREQ1<{Q`tMYRk#c?DI-_iL`$s?-HTWTG&NzA}$y@rR1eUk&c(TY&n` zl#y>wI6!oWw(*wUar0jS6R~Y-`gU@h_`PvX?3?smEAp{3bP|Qzh;-YB?@O@Ogod%vvN8Wrp8D46Y@eSd!}21}|s!cnP=FQuJBUY}Io#CND^DGAwr>vO=J*dYv6O zDk1@>cz6@SvzDhMI0U~cV+4>V1DF}gxC$wg$;ja#yciDp*(wb^I0;g!;VX?&x&rNZ z0jm&{3i6Fr+rS*yAPa^kSx&gd29@dLW$n!jAaWAnG?WjUy?s_Bgmy=naj;8(Csf{a>1JvCond)m}daZkFvZ ztLZY~3lOV1jpz8$rP@)r$HkfLY1q6Q6IDkgR37ZgD84f4B~*I%8JKN)|Mm+Y}Vehqya{Tfb8prC~fBPhn) z9&Vn(2IlEJsd8jn;qszQd9^1sd^I^GMHYH=T-%0_c0neYnwxqf`=FSAiG*bgIFk5i zbB^y_R5XnpPd|qB+Wj%u2WMw3*U8}}p{3jitLF<_wrge*BN5>1;H-_1VDFu>bvr1g zY`fb_wl_DYWvhxHjon%LV;rRs^dT!+;fpLXIr;ecf!c_fHrxb~d9e%Yc&-p`-x5iB zTe$`nhfo@Ea7^n}czD&`WC4n4b5^SgGXNJk~mEqHSY5asv6 zMhy5bRtUa$@=*ok^h`Q%;F=2QVF}-PdHwi+HY#^=Lzd3}fx|c zXKn3zt+afHux;l+lf`rn4qD=H7{}fi?O4I|k9;9l?Bln!ht-bq8N@H=H*e!+Ptp`n zb9rAdX3FI*5k0{1?qZery(R?YR%Wo7tI7|IyT=j?b+d>i#RE19saKfu3&-Dv?kV(Z zo{ITmQK8Tc;y@2Rgc5lv##bTr_ec#e$#SH8CwI@4q#ARed5;11?lkc2FZ~#CrcH`% zoqshnER`3^S?($jcrl8?vA?^@*$}|oYh?3c%$7uRU@SdQFlOlmcqBz2-tdgjdIwt( z`3f5kg}&$Ox>l`Xe9UMj-&DlnZ^9ZyX=nNbNaKDI)^K;6zc>&;Jo+YY^kc6t!*2FF zaHJFzqPN#=+zWs(8LHZjNu8rRP&J~Z7*v>rVv#*9shS(tPUK}$%HWZbUOMeZcUUTw z+mAT9&;J2K6WqNYzej}VJ*Jxz+v4}B7Y<2kn$DpYhO^t6Wy|*DH{r6S7RZOq`pm2y zz608r85Zt4G;DRTv|iUNOtnAZttc+ZUsdxL>ylO31y#xttBU#?d_du+)Y z4TCJz5FN94Oarz@2pxX`_Qd<^lOiEES~V_{_J)cIRHkQDGw9(Coi5NF5G_ZVR|#aE zP0OFwg6?-G^Rl=M!_*Cb!iRtws+#!8wa2SZe6Jj3U(v(C!L#K`1E8l7rle<4adGIQ z|IJ3U{znu4i~X6~^F5}CLPuxk@>f8cCX|Oh2<6Mb8%Q+5ge3eX$F9)wl&Q<_bQ6%V ztOc!o04wF#TK>>F;Nr+f8Ovd5n|M}6QBo`%6`wn2w(n#bH&FBwyaJjuB^T$&@@w-2 zkdxc`j#+ZB4PY&0=c%AY26n9bpK51sk{Qp^xh(M79X%-<>P5}H)oZIEa?*9>kN`<& ztu3rV0-F-NG9LG{%Q!}BDY@QjRj6m`8doQR`(^q&qEe_~WN%aqr$TS4Q-h3+^K>wE zU(|E3lj3Ej)>+oR81cP{3=)Fxaj46aGDzF!VSkx*gB_9oI8|dik?N@LSsrt-6Vnl(#0d>*ef@z~$S7U+k>9{;VT5O)GoR0Rf40E_D0f zaPhXI(F$~%R7GEEhqyNAbx(XW_rs6NkTw{-sVJvo8Ixjp>6z|hUTbvgUX2!`lH1mp ztXi*ViQ3#BcgXpkNyJB>qVr$OGG{{&GtB)(3bD#GJaIC@K64d$&aJ zER36y_kbGF#f%F>q?#f!vP@I{>PKs2c{=Vka?U1K$sp;&#LJ4{o6v|mmm47NF{M~Q zXlb8FC$Ty=C(C*|Xrg1GCQn^8ag3rq*t{+dh~I5*PR#PL)rl!?ov4Ld0o3E_su|IZ zI0uxmJ+;pG6Qc&Dd8~#)_)4_99!W{Q_6koe$g0wP?dv!|A%_IW|4RhDyO_pXS_92 z>>J;n{(Wl@{;gis4itOm}_7oq0Q=U9-O*~y>2|ZqZ`eWYsu$}9| z+IDgPqK^HF#%dQ|TBeMtM_W^wyG8R8%~%lUjVs;%0WCq&z8$QOr8~#G*hs}4ROPX1 zDF_SI(5>hf-Ya9}QfuDZJ(AzplUvf9T5v2iXJ7xqy;)dO5rqunQe_qTrgV;}mtpZxf*U2*x( zTvqqVk9_DC|J|qm<4rf-kxCZfqp+wyJ zKb+k+m_8cw2P&G^x#hs+`s`E*f|B~)%KDpT@0|Sd=9jj&93Sx#WqtUl==TS>@pG(! z_B5%(U1Sk3?LC2U(PsJK93T-~2m1x~Wgp315wKiY&ul;#0dFJZ4PYfnLo^8E8Q5rW z0r_Ma!bTgr01ZNCoZw+7@)4tT8j?c*hiqg>kRzuDya!FA2LbdOQ_nNCpEFXY19(Zi z27Zc1SR7BpDBv-1L%3Q>xfxKzu*x4#gr^xh{57M7F!v`Y8IQyDLSDB7Oc;-dk!I`= zpcWI%eBkfMq&l<0=;J_Xnv($|i-V&Tgn2}U@$KsBVg+#7A`=2&su*b49mmHsAcOrD z=K-t)CWt-2(r0p624ph+uoOFu36j$;yG8QJ`P$dMMuH0^6Ac5wH&8pY^sR4w3rd3s zxxC835qd)ss$-F`*x+Lp4;A5KF8Yu<)uCQi3)MGl*uZs`OzQsIzx^8(A!d|A)o?S% zL8?&1K><31k8iy3MotDC2skUiZIB{-2_3TGCr_TtB^Y2Bdbsb(pLoCNrkkjaFJefsIApGE-A{^mEoiNK5*Gtfystw5`EXYJax z#1B365PXk?^oRp1luUCt8df#q028xKNT8fIvT&buy58cUqHre<2kJk0IL=}rr$RW28*4eEs$C7ifv-#35kcmDbR{hOI<_ry2s7~Hy}C!W-=ffMw~)9<5a zRAr8Bu4AkEx^|5uT1Wl(i1LS{7w}7EUzm@7qm|O}w6ne^KEHWvX}de; zSo+27Juh!<-Fjkpq$F=zhoutCq2IR8hib%8{f=r*sNE;Sx}W@i>aP5yx+_03f5mpa z@JnSkKK37e`ByHh`{)&y|J+qq{`^mV{5L-Q!C$Pa`@~nie6wa`LRB9=N>$$t6RBL^ zaQwu;VB=_Si=Q5av*AEU{n&77Yx~IBmcfnfqbKs!bo3f~MCv6~_MM>o*xJUgJ-7YK zk1T(5^^qf^T=SJ%f!=b_Ckb2~a|DU*{W3E8W&8IC%n9BDkN_|R%Tnl;rH(U!3vld0 z4HQ8lJj&lx<$lQK;-Jr+5YA@VLlzu-Aqe&kTNN43xX9p<*i)2p!QjY?vtqULNQ~dW zaUqF**o50-WAvB%@dgyZU*vQ8Cyh?3Q$RZf}i3tM6bB+aHoN)p?N$M z6id$`Z)l!@U_=-@#5mDV1^>>d!PyKwk9Z{`%Q?U^DppcCSR2<7!{?&Wxa>#nJnO|A_R%$tW0WgP=Nlq?!(ZS3bk{+zzmijF}GoS z0Zfk#tZf!KhZ1;q>eQ*2#K^$^Ks%2>s*2 z(21*JtQbJFp@D%y9_7FHd%wpcUBgsHfRh9Vh2Q`E-$(hEzx-u{8C&|uhJyRqES!gE znu%jx7Bb5fA`R;d4K!gKlhQkPyf^vzj@u)ra^thib@8mX;f`HSy|VvHuR{^ ze(RZk|K~G4^9SGlZ+|^w+Yx8YmfoFv1`Me~meo>TNL?iw`i?F;d2nHGkVhdq9!VKf7&uWabu zJ&@}u>h}v6Fny+g)GL8kQjf1|`o;@8zx~Ymdl&9*%d4?azb~LkU4Jg2pyNuw#hof_ zNPUTamq|TZ6K8<9eSl98F*pK0&k+;%4y~|5@ejBZ+z2}hPXaZN$qph1uut&@tY>P8 z1{efwY!gb^K`;e7k?jd1!0YglTuSj#Y$99=@^CiWoVv(!Xut-J?Ce3j4ZOy#;aEUE zRoFgqkH;!3Byrww&PW~5Pdd!N;aTV^UK<9btK3fDcpMXBgg3-9a#rF72H%s<5HQ44 zk(WUj4hEfJWgzhExJcA8qxeTy85w2^cZpkJxJfV{T-T_=!Hu@?xePR#nJvbbkwp)~ zDt|tic2S6b=NN@!r3&5($@4tuKjz>l#)NXPWjnEpSTJlwCITKM&F0~dC;NdI%$qk4 zT4GMANX!(oS|DuMif}n=NvMwH#5#e}m{3lQuoSm#s<0YiK^PHvF04qxvhsF2#KziS zEkSRb36O;IU^tc;wz0Qy5X79v$>co2R)-g1I5e=sQ42A%`T-7*dwDd-x;Ajx=gD8VJso%`>18eZ?q zC5GHgGDznOBVJ+Da~-!(b{!Sy`){aUey{WnHZ0t;?A{Hp-L-c1Q-Ahf{>N2ypS-&6 z-`)7FDfyho-ISa9;XY^ev5{3xxpf_--~OAapZfiO`ONSC%m4d-Z&0flA;#j%V zkjicCORhVaUf2+Sb^q|Q8(Uu4)VSls&}j7W@}hfr>^?Mqr~+%5@P!fuZ0I_6{3UE|8RR!zN}U$h{OjY)mKv zd3G*2=%fj_jOwT&hezxohb;-y5hE!tFrR;%OH$|l&5$t=I2Q=joUP~{ndIQza50P* zX{eMmqaYp%0T`DA?hFq?T_JVc2WqLve4v&QWI$nb#*2Ie5XRZjE@MhvoGE(H&)myo z3#n5o4UwjlOs1blCXCpU`gsHM!dw7m0aAx?*>bQ2i-8@;EJI^VF4H8!#LPa&uL-Ak zHXf2D6NTpbNRg~P4sh&q$z=13PF9q>3;;|HG3Ui7Prs}u2|&}x$jfNxhx|xz^dyr7 zOsNP&vTy$W6q)i!>j;y^PRRr!z>=ezwV7B2uvu~pBwx~)itAxmP$+tc$u~CRWh4Q_ zFoeZ^Vi`|?q}fffF93rk!^KeG(MZrPy)YDR66X^7MdVX2!t)e;nXOo@!0UyIzON^J zCsxRg6|(X{xqN=acVl7Tg#ja=zmcXtC|8DnN8F+P1IJf&A6nJlaPZZ~pPTxfJ8qf$ z-No}4luAxH`leZTCU_cFPIwP5+cfiq`FGD={P62b8+t~Mv~>@Rrjj|AbtBZp z(PI3Aa!z-q?@+vFe{$$(I?lXsJ_*OE0G3lv9p!#yEX&}62))U{F_VA6jJbbjdSAXSVy6MgvZ@8WKrW^10&bMdGeq{-(hJ~+<)Mp?rCHX=S&$%Pn{7@k~T5&ly z=!KOnacC%Zq`c;&)0r)em9>SA{*pcoRP@i?1f?~{hhE>`KYxGs`bK^7NEM@x3XYRF zD?|b_^d5guj-}3emRNFFjVyZz6{i6OK&7}8oC$OT0duaUl!Ga27+xTat7l=e?8$^R z@E-Ua#Ha;LK<6Y7fRd;p!l*(sbtw{FBaLz>oS1eICXF7%*hr|hHXQFBAGQLNyvgBEo6@{vq?g7 zP=Y)QhL{}I6~dhAs7?Y&GMQ*uZ#<%q1P}v6fNd$6NMZ&F%zz!m24q-)W}VP9Yg;O^ z(j)=d;}@cGy-F)_Y6+Xk)kRaNPVN^mQWmXfni+x2Rxr5pV)+p8j})o`LbeW7HP;?=JMfzYSQNW_`*QU>&lIYZtBA zM6yK9QYU6V$|K8I7QAd#QAMWkj_h<|^4Wc|0ZE(cz*Lk+5@NY*5E8^@k4w(^#JMDO z(@DTU^GJVWAn3F4aRM_FKzuG>P$VG`85u7#-!fa$R;>~81W^%c(O2TX&nNuLEhhRg~S zwNSD=8W_W5&9K!ahlJ>twv1*`D4XAa$J)M_9f7Gb4(LR`XqN30mA^^1R57-hp_pK; zRLRWbu{r$Mm4TF-tEU*I6%~(aRLTh#>CP1IXpb~oJB3Zf_h??gjV<%t3D>3K< zrj~JJH9)p#!BhmIUzF1y0pPF#X@rn;RD>ReoNyH`govgXo>WqL4SomGFZfj^M3Rj_)%Mt z0b=8L&_nZXBC_nvpi~wuFx!MovzXa*vX+cbkbJWRc$Bo+Zc+C5W35{-csrBGXM;#X z=s|->8VgNDlXKp1E=e6s7=qJB1eYPc+YBgRph0a8U@S}ydSt{IJBE^?TFpF?Z>EGM zD3!?*@Mz?tmfzBl#rXvD0#z`HFdS3?A#w2qY)B?iW)_&8APLz#!jv+763cEB2we%% z>9nCbB!!$v(7NG5as~zl3?<8p=fJES5*TR=pgOT>g(B0s$z<)3DNRc$N{m9Wxfb+D zs28w+rHb4b1hoPNST6gBG(#tuY88z?YB2^! z>2rW^cGVB7niPG=zO0MT2*2u}f3IG@|IaiKI4p4NFn3?C;D*s(XffmO`dr=1)S?Sf z(BBK7N!{qFz+>86SRRk7F#r_o9fYz(drlEu^GN+2&0?2 z9!qivv>QFKU?hxB&3g!ji&-Exj}sDRc{5E&nnyj((HN)H)mi zMdTw4#EjMSy)bf9(wi5WPSsquQiq)q>UsU@IDs*74;^pL|y znVB%72F$qECf;r|rJ}T0tHk1bLS~1FX6F#INQhY*W_ife)J~$jHV$MBz{k{OqM1q& zCa0DWfuZnPP^EV52}Pk(gw2w8yR{LEzM4UTDze@%{`50}d`3hdjzH2hC#-LJO21%A zNt;HgB4Z+tU}$Ja7Olj<99)blvpXcmXcPA&gds)PV}vojmZxb{MirUbeI%Vdw?Orq z6C7Dpq48o#{z@Bh;Q6joAcU@0@&nh=KMfXC{OH=9FH{}B?CEb@F(d>=vCO?z|Lm)) za=!9{u&O^H524Z5iV7Vr=koJxn%$&rA_&-vXc#bPfKEr$IR01KxE!O3dpT|CzZ3^S zYud!%@t=r;{Hn_599RzX(T~gO=5(OxQk9N`0d!fAKj;$ZTfY9?m{QTJU}?$MANkWS zbeF1?kp2h7FwnR0isPk1eKZL;lmx5@-{W?!U!RZoSptS|Uk^(~frV2u(Oseb z^MqU~?zy=zBtJ({Dw8Z$ysR^pDEFg7 z~;gVt`V1imYL(07=V&H%f#u zWKZD`B;V+fD$zLGLn`mVxg=b zS*wyZD+H3^M|eQy%wmqP(`q!~&F~it6&&c*#Uw zKCWMDp%`Oi#40JGgA5mXOsN1Fawsx`DUxRd%FhaDgUIz~&A69F7f&w1FeI!gTn;0a z@;VfA1w!b;Upf6IyO(ugct6kO)$>caT;%O^0F8TI04X|tkoSw3Fz8MWC%m-2-Ew=*WmP;`P3NHYWWgT|OJfz4 zsHj3%t`vNg&Z<;Cp9zvqC0nTE{YpVoeia*`TaE;tTlC$c{#&t})$}L#b7ePE^s_YO z1%AP=I<(-cY@kD-q~FZWxdq3~2foYFuN2&3!E<2h(8W-?>|~O;to||r_iQ?m2`YqK zSaw7GLS|UVab}=ly2H{sg@O)#o^!)^S_cggV>|;V8)Q>KHXX2Z3mgr?T%nZ3F#Y%H zmFpFYZoXPbC}&7HBXGY|f0r=6EY1X3V0yts%dB>xN)ZsrcK~}tcA3aa^;%GbW+0_f zg-2qk0z|_Fi*rWmbd^{S*r_3lvd2#};yZwNBFTI^;9{6vkr55Vdeug6bqJVF0Wv&J zD8&Y;ivan=VwlL2Pg*QA0;Da@0~mIuz|0OD1DFD4goz_zrbEQYCoMNu60(q39>j>r zBQhj}0^w8^14X2z2w`cIYpAG|)j~oD7?3YT6JCf0sFmgf#zNAlCBc%Wb*e+Cvb-gq zrlT6V6-gi?nFw&mF!?B?NYv6g=7})^839U3Q$$Qf#tKRFkd`AzZ54sZ!78d#MIHeS zk%KnVHPLKrrV5%F4XGun5SI58=r2v55lEgD)ZB_V^;6j#8i94__A?p*uj1E4h0{!VbI_l)3zXF$Wb4foJ{c#tbV_|Yc zB}Y{@#SxFzSreSRMyhJGSj`4SR+Y**DwhwulC+ias%cjfA@p3VD(>!iC*XdrUvfZ0 zE>p~=i@9XzCZpRkhY{#sQ6=T7gs+kuMEo%8vD&z}=i$+E-U+h~i#A`#g@LEPS?&j% zRZ+-2JMWh=VJTfK=1S$D80tR{@4E`Z&g(1w4-UOfIU}$F12;NGaLfsVu$n4VlLbYb zbpmu2b7LyoU(F8sdHqGrcMs#s;xvpeuNp``lg~zw?M9|vyAh=HbRZ@ee?A3rP%=Re z`K*6p(qtM31)@q9D9)PH^>CgE6h&jDor1)YpbZklA|tVQ3PzCmh$`vJH;-fj9%~(| zQ~}hIiW7i<$ro*s2DNEpN$sOapv2<*K!#m#`g8zhll35ywKGU2+g{Q}9${9_1htY$ zf`xR(CP>3fC>(#T`NSEZIu$1fKzruujB?RGprsFFiF~HjT>oLoKFL0G(7nC(v(bSE}QT zuHWO;q#i)gu6|j0LeSUHQ@{qs6JTl(c#f0H=d-y?Hk-~6NRXkATZIs+a=Ee>ie4cM zINs!S(0B9b6>z{USbxCYcL*8RP35wgbkfZxD;^ho{n|j5OR`svIpx7@Fp}}odFtd# z5l?FkUNP?$(>X7ebVd_}c-q&D?v|r=L+-w;+LDti=d&dz>&vSPUeWO?c@64=Z%UXLw45c&WgNBzphjUBmdYI1RG! z#vjhK=?o}kcZ=BR7#BJds0GF!B237kI=eu2glM}kaV|-ny(L2+ehSnMfpHV0CG(6h zbp<>EGqO=r6DOuN2T9~Rx5(a2Mm`Rtn-lbI38n%P#U^00`gL#u4NE5&;Cuv9?Ddmwn zH&xJp9&<9lJYi7zc?Muq32TZZb>$JD6B%fG!pa1+g2M5K8vX{-iWpDtYH8j;6iQ5U zV!UZZMv}T_3W#O!(I#n;6y<1OJjp*N7$^1Uj!r_}Q|Hnxpdq^UCIV<3#xKD-f&NsO zzFlzwB@r zp)c7*Uxj|PsQ<*fQx4r?1%+Oq1M?7Y(+>So*(+C_as`tM98)kg8hK_muZjibx%!X3 zdKLY7K>d+)-9k}kaof)7FX7|a0@~8u`2kTZRosgHv3C-5M1NQ>babc7#h|PT75#-b z0s=mMwH%hpel*(eBF2}+Y0%>vtxSPDz5~YPPQ!Td4+geCEo!TawhI&IjMQZl%KjIR zAi|O+7S~B8`;bTR3-Tz!fNhHlmNWuXVVV)ho%)>+s*q`9C_+q{ko`{%KtP-wAX6?b zq!AORhNM4Z?<6NE^yAsGVz>Q^{clsX`nT>PKc78LCSw z#5_u=yrE8xD2IcEBVkrq1A^MiItoP<0wP0Y{4$1Hxy0VqK~`J{=lkW+;;Etvuu!Unm2n?~hj z0GgA20g8B}(b~EI0rJlYG!qi!nogopg$3z?{`+J4{b---G*?(cp6hrRx?vg045F8~ zsS$l8tgL^lRdb!M{|bv{L1Mb>a4d=bEXnwnu<0ig87+>thVlQS55uD-Qs#z1s+fy& zAFt}a8l#s0fl{=Ta3eXtnl7ol{)u?MpaRYi5w)MvX3|jt&HBe==$@~t7>7MtlRg~i zE-P(6*$g|ui9T_!rD?F>r_1GR^kMmk&IA3$^I}j6ihiJcNS?C+&Q%{8n8(ui=lOp? zpr2uhMy9HNL9gPdN?wKOlFzwTFAMCX?-FDH&qn+J%Stn!<%Y${kt(&XU<=vP zguEV(ewGRegy= zGz4pkax~PgYRr%`jg*Q>RHxB_fdQ#5O&F_0o+3KVBdzc#K&=cE&50V zMSp0A^vURN8PhrfXN0bQR-gt!^Rp&(G+-5U?w5*gDTK)N&&dT*2;EE=KKPcsk6>gYr6{=Htuj&X@3XcjcF_ct!v+3~%twetVjnT?hi<}Ru5O68_wpoRH zs#ge4eJ`wBE#ym~{*|_>(!VjM|L}>QQ$BPEwR7h!b3q?hD$uP!x4M()V6urBR^75L zf~Xx;x2Z8NX%TzN)XzR zD*N~EfAYyE7cE*OkIz2)?2a8fWCQ_S@mkojZ3@QD}A3rcJNE{yLgj0$B!Q;^RdSsV@DBQy1J@< z-Lvn_yYk8_7c5wyzNp!@ZQIpXU)`rqpIy6l!NXZA8zks;aw}G>=-00w1#GBs&6_t* zzj7-(LqzL@2@?>$a^*@cnVl9%%*Q~q;Bbg8K+5E@@w9zqTR4-fPsM5yk*Y+P<8a#I zdMutyC2$WmSeBhci@M-0@B_|;^JzBL>^B8MB#0W5XQ*HlW@RL#65+b-(5)c~C~Ipa zD1*dgB;F88)TMK*b+~qaAV}xzJLK5Wn%aEsP&RoWA1XG9I{O`NpdHSfd#Mb9EU63I zi+#JD{Q=WFD&ZFBMkkiog4_LZtx1=fi-C}8mP;xqz_`A zyn`Wj?%at*$lBx=CAh8bH={^NBsCHlxsUu#xU9tUQJf zAAbJ%=MyQ^FmP1T@6WP&fD?mb6Zi)X9Qc>N{DtQ9f->BC_St8L4I9StmnMS-4MG~N zSeKwbiyA?2(GpCZmx^$bLgCnaE|W z4q%K>r!H%XBZ+NQH5nk75l!q(W%s4Chb%y4D@>N{XM^1l2d`Ce5O@?dJ${ep zLx;+i&6wKn*{Aw;e{$K}DfQ(=_QARRHPVEYk*sJaUAt}7sD+cBUo@fbo>g;Fm0)3m z$%IX^(fxLe#q~hy5wh=n1%_E!tUE-A|_R9QspMJE7!0!8QPIfl>zFAs7RO{ z)wx-()Xm-8u)a7_mb8x?4(Bq<_7=T7Z_Nu6*Y}@yXyS(C!o6mFnb}>Rtw<)L!RvEg zFEQM3(!O-Z=40xbDd-foW9!aSP zC!?VQP;r#Uw9^|Wo8Vg_rjj{g-iaUFfH?(|h$|)wTx7DCQ!N1%Jj@y(O5xE*A7z!+ zqel-msUt>=0Cj*>pc=%z^Ugc*A8?CR8p5x+<{IFZSq7NzzWZ+W;s{~;E}3A}$dMyK zXuJ^wz3sN!*xcWL|NR6o=nfd;GsppPA)E~f_!z#8Ki_lDJrvM{PT7~ULBHUF3jlbu zLK+K*r=EHWB`>+;68wthu;FR+`_MxV?ccwjOI8~!3s8@~9)J9CMta?K*P-g=mtRi9 zYp=a_=FFK|G~98=9T#165wSo}s9&0Z+^9s1FmU{qZ~)zjFF+c7fP4naA_mFa#SX~4 z^wLYodSE}R3ff{fm{ z|JQVvhqL({+w@2(Q5TQYC8O2xa7n0kZ%z50+KS>xU0pJqiZ)jfRR6(drx!YLO|Ge>JEFz1t_` zR-br0TUl}Hm%s4clivT054`h_Kl+YotT0LYL^_+}TxU|n(L>9xIrA%*pZdkW{Oqew z+$Uo>o~vJ+vANQiqI`<;GgGI1;(yQk^r<(0@|O=^ z^2C~6^V2WQES<9XFc~xC)(yu(Xh%%YuG&O*_kZ-_K@b0_-vhs!GvE%B+GR3_Odhn0 zXPaJai|`{xYjYw?lRbn55O_>=&BK_IDP$BrFjFfNIA2prTi zFt2S}Qfq=bwqUfFhQX7|u&_AhV|Py8A=7b*5Vjh~fk8UR6*Lp%N3b7e?2cljY3BP) zvHM$|Yz}LQz;cKgCsY7+5Qv##a+y|ekpevWBMY<1nWY{e$20-AY<$_8pK-<+U@#y} zC8!McfPc(5A<8}ybbsN67ih@VlS(+5YtR%VqY_L7=}~|(8+zan+`>-)Il%Sdhadj+ zuYV2raTg6iJ36Hamk>)pnDIsc6<4Qg7yx)+51c~>9FI*cGSLLLyycc#G!PsQHVP;v zH6Z+)v7qe(4?Muy7YT$3x*a}z82MaM2JFc)43jZF^UO0e*Y5?h?qLPPT`E~Fu*#tl zOM>4N&>2e-VgN9)cH@mVl5WV{?Aif)HvQ;^K>%rla0wBZSc5G%=dNA5QiI))z>0?v zJ@UvSH{5Uo3bVLjwZSYfcXkY|LH0}P1>1D{m+VYBnobJT5641>8fyS`jzi(vxzDt6;7gSy4vjEP6HWyR-z?_0n5&ySz>iIcAR<&RBmvD;lYG$cw=xw3p>Z?0lh z=f9ou*k4b%<&Qt>_4r+Ydaj|wq#AS4I{QT3{_qI{YXQ_NGTCB4J)Qv6)9IxBpnkgA zB#PtZYa0(O1JqN=(s;HJP%n*{XGbpYGOp~tLHoK*-nQGA?YUT~G2Q3Q|MZ!ceeRq` zzVQ2=SNACCx6-^gKQwl8-Cp+bCS!M$$3SGqST1Fas{aEFeSsb-ExDxdcjxCb9~_1rInvD6tNPjkbg# ziw1ZKe*{^Yw;8o2sDq%GkD+2CvJcB2Mu^GS8(|c37CaaZE0FBid0-=$sUdySmKqF4 zL+#p`DiSOCh-n~+&&!GcnmmONF|+YfkXHP0S4UCiU4MV3sB)0?4)r;3LqSnU_YF&;aYgkl~-N~$dTSi z6JQw513a^67%^hRfddDCGcGs2L-@#OB`D|)m`6SqK>qmg z<5{dAgl!7z51Qb~G-0c)5MzT*=uyy`gSJE;DzVQ-2z>$D^p0Yju_0>()Zi`|4QZGZ zO~{7S&?Bkvsi&S|u&BfY!LK<&eyb2J5tJNk*zcufGqFrcpO34Fhszpk57ty3sI6qn zULUJZH6AvN4%8!cfO<5UisUV*vss(BueRsBO?G+y(Xx06Y#Ap{p-o!{ceX2-|W!gdO$r?Ve<7^)6kf&%+OVOf8(CH_y6uY z*Pim(i+=HquJ>JMqU9zIG)D7@2KR_Q?LnQs1nL}gU71Ojq|;^bqyzP|eWahNGl{ZT z`G&fZRaJ*p$D#*gnFj1zT%UM;^zz3>6y5vsz8B`~I|$4hQ({cFS#v+}>x)nP-&;R* z=ChYRy|3pI(|d7j%C0E4SlJvSsH0unt}0R`sj`&=I$hBB{f~zb}~Qy38<6vNhWwQsUEin^{M0%SOF=x3r-U_ zY##7=81Q7`l$APIK(Lb#2vY8H3s_;b4T>XB+YfG$tPn!_qB}qYA=DFhLNNjdQR~L>(1c1G zUG3DWDSC~K%Gt*@>K*Ehx*k|DcO&&TRBar-*ecsdhvKOS0{Gs_Rw zjb5{F$f|v#HdigEw$I+z#7t4n6sO`P$#{7xS)aEbK4%JXBXt*0P_moqXgrjPhwAq3 zyy1+~fBCTw|LmmqKk(=CGG+VI@#>6w1+DvZT6z7xh0k7h)&qb1@$DC$(dX$0@{Q&8 z^KNp-8CID$*Oqu_GtB%+KP>dcnP2$ z&ZWx3$%%`1JL>xXo^Y|hAsO=iEzm9dnupIES;=F8YW zOf-EXzwJperLv-%GeAJz09gd#EVw!2(qJPB7isnZLb(%X`Gyd#kZ6Uw${9ow3(*n1do?7Jevfh$FB2YlsdwE%k|tjN zLP7z~exwqD8eS7fcg1;>eAv7ZJQ00C$&InOF-6#47K0Rq>K%SH@yc)(sfJdHomL^N zNoP890EBGTbqLxUVv*W#V@;@`-oExMoCw!vWA>}#`E>}CqdDWx&9zah7~ zA-BE36lDzQ=1|_Sq^dFbnq00vZ@(bUVBk;t4JZE{nNJJq_KJU*%+94t_AOqpXW`tE zb*q5tbSj!Q>2NlZwK5t^vZQ3)w5pA>cdwpZw0({JxP6u*p3k96E^B|)JV0~~Av#l$ zwqJnDHJE(Zz48T=bbY2wHk^x>nM_qOj>>i1Oyumx&i7WuwpW`iHKr(LKjn_mIVjKC zQZ|2Ibmq?3+G?{Ou#cOHoc&+{P3+7a12LJgT#DJRHR+P-eG5W|mQ?MTlc?Qja^>!e zZP*p9n?CuUe$zl5^LcmmK956cS+7f$s&Y}CJ$WDY!7c|bjAeuuhLS)^%URXH;88|* zIs14-2gs);IA1I7+JIUO)V<*}80=MOdd5b*AE7VEteUMt6GL1|lt?_@teB58ljO}x zcmA$sf*M-Esk!7#eRC@p_R>zRMND6d#4Y@RsR5;!3j%{P&cm6gV2;ECX1!bFWPwv_#q@q8a!eX!Jrx+2=wI< zTB*tlDJ0A&!&3GS1Kv0x4&`3!02l4I)f4tdO~TQL{b`f9eLpK3bobHs;FD+)!eHV# zi|!oJyais27;;bMImio`LzN)9MN<)t?U+=wwee^wYk#htQo`5|vL#I-noA{VLND=j zCe3CzkD(e&w#t58E(c7rmu0^jOD4kEToQS9X+lR%D-H+hXq#oXn{bWM1U;?t^l88C zmdK|udqXyZtDto}mX6afkvEO`Jkx^{N3*87!M@mzhKz+u)^2dqtTt~VIs3x9Na$EW zH;2L?qcc*i$yX8$c7twev-!rfK?nN-?SY8__0*dN>X4$3Gf6rp2 zhj4rN<@Q9GV+mkOY=oNx5(0_^VY78J*EMX&lmyD~h+lU_UL}zvw=uOEs5AJW)I_qf z5)*ed6O5m;H-}ounm)%tZWe-d08M!o8Kbq%886nvcR+X{S~p z*||A!i|J5BpCwdkRWYo2){fHlG-8^qlwpn6d*RAUqpBpoI+U`q=R=ktwdE>r~qQ&kq)}c z*%vsYp$eWzRfpU=A!w_H(v40FA1bH-Ne6V39GOCTQsY-zT>AYAL|MY$I3b0OQHZlY zsPsoVYZX8-Oe$)KM59Se0}?tOaMAulST2(QS=|mf88_*qtB8`bu`lx>98KjdsJs1m zK{vsbwMGg^b)q>%bLqNd)V4wsyVrKRZ@BU%7O#(`suP*&e6}&44%yGUF?*SKHlLwk zD3M?yX~@~N2tb|1g8OCi;01Wdq>4#!FOLDHBk{!HOs*ks65(hAx9msL&0+hB8`u$q zL}_DJ9jU0PiJG#6sRGk&57cw_STdPLkIuAAC8~2-ma6r2q2frUK4#w;YmH_d$TB&N zF<+Cp+Mc|(c9bn-L7!P*hDVj2Q<1N-I`y~I zi`PWv_FY3Q&S*Qm5n_T~i)3vrs0E+Qh$f3O47PniylFKJ`3dzA#f&3Om*V%#5M`P) zpIpB;#YM$WjhqMXh1^Z+FxEkxpU_329GJQ5HB=KgsbMT~bz!`3k2U+Fg82mJNB%z0Zze2x+5iq1kKdFASx5``94ME&FO4+0l{ubfeQ?n+`|(53kgt z$7l?JWJn?^l(gTtx5BulPuQ#s_};v~sWZ#o>*Ta55DVV({r=nfOj90^$HFEbre4iG z1I*Ou5(iVH_>83H5Invk1t6DV7Qq0i%&o#8Rk_XRm_Z%=TBP81JGIlX5T1kI`)FxS z9$knZxtZdGGnX_Z)C)sPkX9I7{tTP$QYdT!sm8YwNw~^lpa73YIKa;%sIM%fLV;ur zF(Xz3;S9k;4QEwSfUPipsbAlbFQ_>MOr!!NYoH7bAzv?&9ekx{P#50RzTWo*QR9aI zgDT%R(TzU}$!gycfl`ct13j=2XV(yHci;KWMcu=2<{}fwwA)ZdXJ4fX+`4zh+e>@c zCLm|<=kKg-LS_fYIpTD5qzeS8SG$OyZ8C3R82q-tYdP$;ntIkup{!}hn1+-IrA##C zUifP7H~nUfJ={m)b-(~y(txA(NZDU_v0qE`2UEge?6j#Pt9aTjT(S+uercX1AgbCs zcFgd|G;T-DcsXou(qGLvyLAn!r+Ntn6A!w! zv!*o!oRGhS=p9bbi&iv8K9y2TW#J!04QDFF>C4g|Ari|iNwaMnkM9mqDCuv}kV}1F-Krc`w49a>Uj%Gh_E1M>jlFW%N>G(SQfwSO(4pGG=sG= z*~A0+4kiWa_CY#_RRzgHLdjWR<>RPEd3|GC? z-6>$@(~-3#WqZ$lZ!O+rJ^Qv9VhNd?n~bdXM||UWP%zK!^akjdK|N^KjDnzSr*`_g z1ZF@K@EK)rQFAX6Cj_ntazL`i#zw(2Z9M>RrYs3uM%>?7IO}OM1sFKPgEWMwI}lV* zN0}OWlqxJ6@|9a|mSwyjRmF*>$w z+qOEkZKGnNW81m)-}`bOYK-$zqcG~!IeV}9t!WLgr}=b|2z)qZuufJ+Kw}j{eC!B8 zA>mKMdJ4G`k=CO=;Nc;1S=7Iv1<%l#Q9TGx8;F>i=1 zItM+=Z4vH4vj#sY>SVrAN*ISejEpDJ9#~=O%{&&DK;KPEE)WROplBhlU<=tC0Nrf2G zk?(P;0ZYntEZ{Ktn5lolhlSqtko+6yoQ6lyg9j9dz_((}YZ|)wg{@YZJ6^QVvz=Nr zg!D}Xq>4|I#gE{`)N_T;K-ib!vlT0&AO79um|oX0Xy4%9fIfY)vfj*3#qr7T3Rg zV3efL6EL%|of#o`km=v+NCFk%L)6r3Xv#TyAse|wq(H)TJekzKO&yuMp36QZw zp*AVW=P&d;X5b4iOx$9EbSJh|)f4D8VEuO?*ypcyhW88GAb}8 zj%aU@2;({YpeBy_eUgcL8y+*6nTb20rcyd8a;^+6-4NaoTEXJxQ-a%|y#i7prY?x} zb4lqf{Ma3Rt68c-jwMIl^j@;1v3#4&n)sKbDn0Zd{c4mIFOt$4<;Q^pdW|YFvc@=X zzFAx@n~St+PJxvNT!QGPStzgoCVLoU8yqF*`Tj|s=O_pK zW-M*`SgS{VNO8hE zIJedg_%h43U^M}_J|SU}yzn04*QP35&o%4 zNtjk@`?RBQb$*0j2}%{e0YJsQ8fnOZDCvX8Aqu@kf{tdX2sM@z!$#X)K_9^0dMEf6w~{urDfGq^ z&*I=3l7uy(j9!AM&`J71pT~rnIlaUPeU_aa&T6ToQEGor?1&HH^muU0$d4Z!Gx#m= zVd1W6(bVxNjb6`{TSJ`nkl701>fyN-U{9P{Rn0o~?-{&iQ7WuTZg-7fkH6jx-A%Yn z!E{?y4z8eg|88L)TAcl=s`;GTB}_ zyUi^ync+(01kdg73=++p&WQwnRwvHtN~E9VfP8%a1T_t>HV71+5lOdX1lOB74waJCRq2V<|EZ>< zv8u)k{!&Ujycse!HjjA?<7CWdT>&8=A{L#y%%Y4_?7wS!ry0hk?SEIE;wnTgPy~OX zaB--zP}vE9>eCp+-Y;IaD|{w{zAlgZwqSE$+n1+D=W(&p@83O>^OKCde2#}wKY>~Y zK8O7wL_Cg%%MG{lZ4C_xY@i3ZAeZoXHV=6f=DNQZxK$1G9r%nVQjF!X z{aFAiqy0@XkqPm5PY3$4`?BVd>b>=7HPGaRH; z%#|wxN`e7EL59BvIh}qFJ|d9n*#UwA60MH^CV=^L&=S z*+l=&DOUu^PK6}CNH{gvrOA>T)1>+sAkP(%fgFMy#*g}81vx#{Jy$fpK!QU<%Bodn z#0tSLt&boP_p@K%GzzB)|JZ!IqCcd0J-^AYgAkh^I*K@leQjNk`_IbSW z=zx@Z`^k5r8utF)`Z=Jp-9R!%gqs;+aEs012L0GlZH!)4ZHG2lg8hS9s9S4mi&CRg zBoI_nLLDP@X250ChGYk8<5d5@H4(3JtNARUBPcI8%L=fut+^&oz=x+^hLjjKv0cj5 z1d*ZDW`hG5Uo4=Unx(w&IlTbWbg3DY$U`}f;20KpDN!JNQODn&=b>I&s=C1Mkt%bC zJs`cAl9JLyfjF=GLESQi+L;9Goud9%fIyQN*kM(sL2lM1PO1-{6v#|T;0^gLBw&wg zzRU2q{+_rQfRoAhc2bmo01PdpO{JyBk$rE#=Wu_Nw)aJYjeY(njJqCd2ZnVwNwhU> zfw(YJ=YR@yz7>7H&;Rne3vfpR4iS4P;!8Wfcf6iRjeG$m9-|?c8#E>_V583|r2l`p z;cxF-agex{|8N!d{{lF|kPYHITzq7GFuGgsR7igwCWH>rIKi)%Y;Gr%@;vmR@mqTo zT=%bGM&Ew4;NK^xFU2H@|8hoi7}JkP7c#TA!9fof^!1Jm6fk-x*Sc}m>q=Kg9j z5@)xZc)$KjV;#w|>&Zw7BZMN}0}4HcEh5h~$b%>OiM{;~K~UE>RebaN+RpIsMC#o| zA(E%Wajod2{w21-)#CqVfX6gaoAx-k-FTjcep9=_96;?ZbyZ9TU#v z*fzA%>jCLD($AAue-?%GQJ+D(>R?AN zSPOxh)T|ZO0>eg-*MgfCJ8n8@OflN3gzP1-PF&_c(Mu^0w-d3)S5t4(r74myG3zAG z&|*kBov9JmVq9DRSBp5xJeWe9!26$|skdazNxc_QcABX9TQL`T@Cv5n35mp~_uF*T zgVcE%9?n&wki{&E1nZsT_oDRm6w(M=EeaAs;pp)lg>$L28g!iRQ3U z7a~R!*i}G7i>|1nn)YKK#~;W*oGGY8P_t5qIml2@V-AXR1hc7$Y?=rrr}XsA2^0U@ zVyYjjHpIfGXt0~6Nb$4Y;6KR4DxkrQ#x;b(pGe)IHi%j1Pzp0FfagY5t`4c~-iaJF z2>8=3_>`H83;RpIm}&&spB*~0mH~g}fZM|)MKERSwSHwvhp~7PO+6P(e>jG~HGaeP@r=?|VgOM&S7F@0aJG{IS080nYJn*CV3Zp4(fU&gic0 z_qI+?`BQ$o^C|v6%}SCCgxbELXWBWC?@5 zwB36*xohwv+ssyDdDsZwgFs=RKHJ$yhG_1|qx-R7j_>8H;@2djBKLhk>@!6XJEf+M zeyi#G)1RVI0Rb1+xLYT$SzT6}kILaeP1_5;KaV>dvmFn^>Y9SRXURMKPbt^GAC~O$ z+|F>)kbZF3-p^E9aWLxl82U~G2dr7lID2~T&dzkab_#Z%rXBOS%=`oQb(;2Xv_11W zgN*yQNlW{>fCuah`#Ob9<*sW zF15PM7DM%*kt7!p>4+E1=iUh4&lIXE>Id!#FFtl=UvXIz7^Iog(a^2xMF)&Dbdgce{dnZBr#(A z2zUTdOO}Yngu%~7K_HAsjK~4!&lwxQ3wrYckkDivr_6H4Nmq`9F zbGSjvP@WYt8WL2eFy=OM)b?0H8v$cDtD!^C{*$VqL2o?qyh6 zC`Vx{%mk`L&-0F|*Za;3=&_&m{`4x-``qY+&U3hq*WVF*nCFHrRm(U{ zF&iPdAJ^C2*fTD3ei>8T{+<>@_@&F?VQw@~Gt}|(z09@qQoIn7xn)EhlQ$IU!gZpL zArJ5Eq0Ec_E&?>iZ}Wbym*4S|pURc%b?fP6=z3OQwr78uE&U?kQfCy|{k3K9fapx% znVe~XY_(XvzzN*mS)$@KUyfi?{#LP_vJ@|?fWDof}Xn?WS{EEC?9jiEKaBK z!_%nIRKRt$;)>=dn)%o38`AZQL>ThtQSq$)X9yAh+o`_mo1Zz~-QKk>U~fy`S0^k< zV6|Y7ir4wY5r`ppnujqupD`-3z{LO)9(`t|{_!c52YjYvxUA z99=|RUI=`>_jddX$`iPb((ip3LjHJ;u=^gO+Wu-$?0LTIenZ6P^x8{5b;7P$)54KV zr;*P(&6@anwtN1({)e3Haj!Zlo3ylEVT@@u4(qEbr9ir$_`}elRtE&sH+BQP3_~lZ z!C+YPcqZqsq`z3?XU1{6lY`kW&5v2AFr<*JWh5vP zw6>tsH)IeeIQ*V$Ml^ESTnTNVc?!~W3)Pnu>_olB#5Y-dkS0bNP|>jEB%jO*{3oUP z&^{PUI5_A!O2~rfgIF;#Ra1IY3jziK0XHLahwRG&zMArqhcqa-gtmsxiDWI5(#)Lp zfwyw7H9}4c=zN}zQjv#=?dD*seKbK*X1vW9SPj&`6aGdA&wI9V;%B>YnTZmvFdde?ml0jq~lD!RpX+`LS zQ?%VUWg`Dz^8c?}IbL=jl1YM#JA~lLrgck#qkz7Mn3GxPrCnT~F6al0gfXH#5N?j9 zfl*W;ff9o;3^dY0COE+!AA(;ts0cu+BuTPV`IUBv_tTgsRqWSXJkET~b_OrNw|LPQ zS#bF^B)5A2afy;>I(VY!(K?r|JcuW*o9zpJhyR#%hwC7X>ia4A`{QU<@MC`v|>kYjaPv_v|LGEbl=uEp`nf&tq(=lI{KO z$@JoB_8+m*g?i`036sbcTYO%N-AhqPK`xUI^rGW#KF9HkJ*$>Ye&_M;&DHNt&KUm3 z862XwbxeZo_avn2*O3jumy&H!Nyguu&cn3u%Qia6_1EF@4cT1Zcbz=hFM~+}-z&&| zU+dp*J2Uz(HfeU>|4wH=A2N}MJ~YCRsC*tSsk~o<-F&Yul zE0=>v@Cyg43qlD(e=saT5;R|phXS{c< zUC3}YXSb!bWLGi=f#Ays>^Fe9?8RXP9&X& zn`L^>CrFa@c1&ZyP!`KH8HmF}8R5#p50d>rEJQ&5Nwe-C{txDM*QE`v+8;RQq^gT6 zIbfqDBg4E&C`l2NProfInyFgkL%%hTpYlV%G!fpdgz6CvkqZaRl~|_$jYo+F3X}Ly z6k`{V|AS0=Xsc;bcSH)*s+_xJA&DO0n!)dbzvjLVNrGSfn!v)=S>NNPq_2a~yq8*{T;Iz)LOi!4@E|`=$=Wcp3tW9m zi3{nNRb1}dFu&8A06Q11TQ4I1SLC2H{OopK9uGx#7YbU)BoM$F*P$E~?_nkKbsk^a zd&cbc_gY$~ck_<1zTa!bjI`w<>vPi_4y*%z>!6**JwSp z>-!w{V_S`6wrk?{$_y z!NB}00G+4n@_>NHyG1l?*5%};1bv&M@;E9(>1PIW5LL|=ur2!ii!tXb!Y+Hm_~fJR zaZ`>``_Ek%EHSaEm+8f%VCSx=KL7jT4%hJ(mG_qu(d*{7*K_CBeGWk=0zQ-1-T;o% z5rckXPXo!+kfzzxfS$U!?)&bw-L>O(wcK$Z`vLNFyW4MH{re ztiM0Z5G7&kv8pt#vIxkdgK+`EhF~E$2Jt2gj-?i0K-#G;n+^gmK!|~~X)REN5*FnY zhAK>n)p!JfYn&-L08b=EpKUMF zNvvBf<_m)m<4Hc(OoS1fMj9MA!thVs9|m#ahnQckzf#=MwuTbPrl+R4(oYL6koK1f zHGWIgYe}*Gzw}TYyH&pGi;=0*%?+img5_7C!_4}T3HW(UUseB z+HQ1QlnrZ*qub{5`d*&q&m~|n0u1~P8j;K9$NmyyvA#=qyUT%Yr9UqJx&BMJ!F;9X z^BpN{1w&k-hMKUx#`ogw&9Jcr0l(Y+B;BJMD)wgum#(H?TcNX`s7(cdINL<}F~d5G z$wOp-F~<{b%b$;dOaa#CnBVF=&Q~qiP>SbUeup<{VKI1o2J3Uajgm;|JjHfvxdfC} zej!f=>PABk>SX4%*BmD6mHa7Hj{6bz9NJdj)CT%Ad4mLDbia5__DWHmRuF&i`7Yet zHoiS)t<^rqYA&l2Fz~wH2zhw?p-UO@+1pf4BkV9(jEB^Do7Rd6myk0Q96auMdZG;A z$=xLz7KI{I$VX+5#7Hgc7%nN)x-Bfzm9)3^2ajdDv1mjG1vp1c!z8 zJ+FA}N<=m+@%;l2Re&HRNr9%7CL1ttV#{hdJ$fy$j>BgvQ4%1G@q?A4P)_)9Ro01E zNAnn6R8jpw>$pA2*#pZ zxcI|(f|GEDu3pgA;Q9&D=0ZutFz18HAm47etq`sKauAa2ZEkD^CAf%AfvhpETyhkz zH>JeHXr%Lk-XGNN=zk=LO-R=y;UFQak`si_ zrx9JBAHL#KUs^oXbM5m!*xTF`JiOkf%t_=<>#!xc-w@+Wl6R+4O~Q<>(a;( z2JDq_4I5D7O-u0}O?goM@;kz_#g5ud!y0w-cH%R?qMIcc;6;bJ?Pgkl%K$={Jy^#d zuRm)@%|{H0ubD8qid3*Bgqj{5jtLZVk@0T9{shn}3q+DI2K$R6!m*KO`v9b*-_#K! z3lh0DqJNr-=$d1((8Hf0tfj8-2M*tWXD#?O_^ zrK?S{MTnGL%Kzcx!O<%-#{}7J@5$>96*u847H`6W|MH2YJ6|x2h<)=|>Jq#9Zr zJ##jYRpSC1!+Px@Ro`3(-If+GwY}FGQ3t_OjLor7=HO^ z-DFej9Q4aN`X6cz`Cx*lb3xHtG!4AD(yFU56;)6K%if?JX}Q;q8OJ{+z>Cz7_`knB zbZ#k(+R*l1w)k1HaAFy~w031x<^8whk*fhoo-k{~;#wk@%2Me{ip<9P>rmF#D^xtjqj};EuLUr4viDA)bjLbs{Oxi$ducP63Am zG7aXCMVna*xLcy`mLbAGqWOX|fbadl94l&U2;ao&eVFdulQW;ka^Z^L;;Pz4`~BY5 zka$U?7M!(m>$-(4-MV{R%-R^qc4MWrKCHs!I=7J@s#0ehGRzkEQnlhYtQPoc+T;OM zNESvVPU0m1|Bc4Agw;-6Na!^DD=h1FAVaCZh2DiWTEodC#t~<8u}*GmgzsThoX(!# zT<|bou(!6Ytj)q5Tkcov+(ms8-iTEX8@xAK2@w&~?}EV+ESp{EtX)Q} zT~eHnSADuXDj_M&W+m&;wuw`=!T7GM9?xorwS%qdt{!T$Lr}v&s%*`RZGu&1&8=VM zCWLxo0dfZVu}^f-#T;bA00?vIB!408o{`?k!hR0#R%+#%6js=?80$l4$%WiKt!VE* zo%`)_{!QY8E^W;6dPdXRh&n%ClFYBxJ2|m<`)*TZdIr)gE6$$FG_eji_0WyIAO zPU@7}cKUedU!J!5nP>4+A`KfG zDy~14Aez?H82$<_lJ=08Vf)SHT9$QCb>`t#B421$_P z+7UG!efKpmNVk_T#|Y>AJVHn&sQhjefZh(6%jqrv=IImd{^vqWkyRZ0|Ao{4OHjxJ z;3bs*DincA_|?3qlM?vHb%;V>mvC-1PQ}uOYSiD_bcElxHIKGcf83Gxws>xi#JO7f zl4(4KvVE%&ChN3=X5@LcV74yNxd56*`gQL%mp9vnA#eCnz;w()pHr* zv<+50s{>9|Kck|$>2HGdh>up^bj`J)%^_+snUVQohSw2=}EcQ6+`(BR6N>JPm zH3!jyRAWi2@%*MB1k=kr7^#XWChVfN>WCB;Jyu(3b^%Ar_BIX6pkd0XHxmvZ4!ho~(S)&8vf+hr@TfL+q_Cy?@}LP#7sJ{(#{d7>yTYsFOQGh;5~R5Bk+{*C zoMic!lJ=MW`~1c2SPnEw=F?>*ghC937a!zk5v7IW2>Dk6=-91sDf9xA@*noaCgSrW z!kro}j9WaU8ujZ#XU*@B&G@?kgEa4-PDpTV8Z*A3gInObMF}IKVX_*RYfL6Pl>+Rw z(d;Sb@(r6Nm8_-8`A9!>@)uccu)wS2xx3*`>0qG4{{9n#?{7!Rx$N1x-OzC+VE1@7 zzI-ZS7;ssE0)495dN>DhdB4JKIlxCvqS@+nKdCdfy?Q-iKY-@%@f-C{`pZHV4{~56kmQw{-vxX$j){^}s#RDbm$b)OjlZ%T0>0dCu!6@jkjrfRng5 z&O8=%$3Ea#oS9tc1n<8fHO-u-iKbva)KViL>C%SbpZ#lY6M zEKWOypFcC1jYlR@XcOw3PZxlqw!e!u8!i2Ue-?^?$+k++J0cLq03sajFR7(F2!Kvg zEXLncI9mpDotq>O8k(A{D0*lA?h)eW9U@qO@8sXrNDLmZvqTXQ=>wQ+lfZ?Th5_jc zCOE)G(;xI{^V!_#lM|nTVAyh-5FVXsV9-iZ`>WX!NRRv|Yin}{av=6BmgGw5+)k7S zfjHx<0VKqJz-dlkd{}Y^>_@S`+UnGF7%C=42cOB}jFa`0>>gOTJ;Q8Az^b;`FN3wL zmJ&uvyhVYEiXgV*p+<`sHa<1^nbZ`QLdJ|PZ({7)niG-btlna2x>ow-r6Hi#VQPPO zgNtrARYu1mzLro((0LCu{<$pv%I6tRM^zdmq~a!Eh;w+ zm$Yh?I6Us`F(oEKi7HRUib(Pv)BYANZDz!7?dOzH<&`4Gd3sn$jkRazSeS{4VqTNT1 zPA7R`%8;a(aPDZ}!Lp)dqwj@X&2$^|o{B)U`7c!%h#OUYA3#6Xgbz=uJU#E@X}_q6 z|E)Y&qCrP4J8z)OoyeEv%d%$DzO&>({SQA<1xpD2yyJ&9318&@lopw zfL~h=1&-6;aJZ6R0HGU2P`m^W96V9IMza_>iQEOedt@SkDGQn;4@3X4`KAzgyHzSG zmC{_k5d3w=H0#1YMT}w&^{;+oew81O3m;b3{~&D ze!G8}_`;T}rMS`Z4ayPZE+}ETKq>5cyAu_c*iREnFpUOnhBAFPzmtNnT|XdRk>`CU zoejF{4Q%VkbKi$8Y^tn0>$;x-$9R9b^qOX0IVr=f>3;fU=Djx%!sfjj03GkQVbi*2 z_d=NN3DggswT=_{Jj^TP@X+hDT#Vq^L7)ckXKwnwU%rVq1CgbfO!mK;wZDPkAD?`w zVx9sbEffVRgQCEz$>!tN`!zJneAooAmn6@1{SQn*wARSo06Zh#$IYMt6?^`56k`v} za^bzYrrz+JR#Ba2zT076^klVuZx8VN*?q<_&juB=+yOQ<6iLJw(Juf2s5dYRx9e?r zY>VMGCa^p01m~;G*KMzB(>=!(J-7Z5`s4!a2k*0rGJ{T_`cVsg_xnHYWljNcYD|oH zF~EVT%GV$_G+jKih(ozliX?{w;xS!J93K#w5QtBnM4G}w{2|N$s+&` z^e*oR&&nN%S!!nLK07y2%@~5Dz;>I{vf#r^U>*rJv8z!vQj90ZWAc4tP1L2cNxC+g zl;GaCc0mrh| z3IbrQy9h&iN5CX<1TDh)W{hCf1bR>eq{_Z8(36g3LN2vvqGxl&H)M-_s$MQ)O|#3? zIK!PBfC6FaC zlnmH~topbycMR9}1lx|3hk?=$z4;5ABgzN)AcwfoNypr@u#}}Vlt(bxjkovgl0>v5 zUbP7KtIQ=<>0jxh`HyfM3s@w#V8T2xZ8G47WMR+xAt8H5!KehHFHKYody|FxxsQkw z$tQxl-fXoJiAnq5#gv``G0FjXKOesY!Xh0z1!}ZrL!5V2-v6M5KV^0RxxJW5W7065 zo2hxn+m28O@A_v73vThhS{tMIQ8p^uW>s3WO89H{|DU^zWpKQCHK#y5a;EhvMix5}Bc<{F4Bz+q?3}Py}ayZx+=2;)wHn71U z?%`rhRmbFKKkEmgGVsSnaDqhY3v_ViLmB+nhh-792&DH2KuWpoV_9I#55B?#KZIXm zqQE|YHCV(w5Lbaa*uULLz9Qt7Ar5gjQ(8`fiq1w2ZzVLS+;)68Z>IJ^2>PrUP$##9 zgP>5!5Fq#jzCZ2_zZUbpg1>{F$3PE2&7PL&bS0vH1jtyx80-L_g^-;BUCq$83nm9T zXdK5cA&G#_>)$U1;bof%G>rzyTnvhYxgbxd`VC`hGNF$Bms5`P!wh^e=ye#R0?)nl zW+XjhEG%eTFf;D${Mba9IS7IFEC6f>F7BX9fdv;@vkpLO$kuF&1Lnham1v#+U*BDs z8@;dfab+4uEn%bMY2s_t3jI!3(rfG}t~`TUtJP(HN+VLWPMyv8raJu5Y$mteQ5VIc z*=(zY&3C0`%Ei8q)$*mM=~8U9*V84ves7KURko-q zW%5+cpTv1@zC?aFz$KXn{8>bsOJlJY?aWnTX2gB!tX`+n$3jdL^76H8#%FVL$v-dA ze_0~XsircTl2MwO?iJ&JdIYJG!Gy6r3uA2#6{EyvDN&BQvYGTw_qDUr#v{9}`ZV14 z{WtH@r?~)dJdI?#Um88WzYm^<>$lD;m#cE_jJ~PtE>~Y`!g#m8ZthI8{^Cxx>`R$0 zMC-Si?iW_0V_W~~Zni$pT`yd4pYLhlKTo^(&2Dqu;gO{|#j++f^F@a^Ka&0n!bPta zHrP0xSxv*NkADn&7m`;fJGeXVbG~jurp0pCSy>r%Ci+wDV)JC5 z4fzln+Lm>HB>1Ns|D|X)Xc!d9=`#_dQ_SN)P}nP>LE4*fJlEArnqO40QtuwqA^Dr5 z5QIsJE~8toX%95`L&Z_aXF`ZD{_aXA;G=<^%ty}I|ENOH`VnyTYYR;ynCToG48>~h zk-%*;0K)lvtCJIPPwWoZ{1!u54RaPU{fH3*l%u4REr5*&_lqp4hXE^M@%~z!lexHz z+v{;)&a87Ttj_kBR!*!S>2TbYLXy=GEIoI4*$RGN?Bw{JX=A%yemjnR^`}>ROiu;q zUANz?#Ob{sXMH<9tq44?J$FBgUVo37_uO3)UGZvV&x+mGHw5905N!i^n{Q7KKf;i@ zy|+qpR~T_#=K4Ul2tAJ~Vig6qPUmMhbG)u<1)majyidS2zn)tc#ep*|&1=!`b=vuz zLi{$46=FkQ^b5Wi)9K2pM_)HhJD(@5*xuJw@I-_x#vh?RPAgS;ynYi46`yHwUPmdX zj8)lyEwSfJHPfGZIz$Y#)vL-lxcGi2Xy$pWVefqZi|aYRr|NnBi|mZs zWN^91eE}@)d8YP?Jpok z=|k5s ztx3VMsM?n^Cxgt2NvBSkxYkg{=5ALKL*fu^{Llh{9>KqkW@LDuTr80n%^z-}jwG02 zF6Ihll8%Lzt%-JVg?QY$Y?<^3?5~m25vqlu!Ywpq!Ve&&HHg}gDFe!vX22~470zPn zkMe`npbvzj;=fii`d8{TaF@+J_8b*M`?k`kE|7<<~l!ej2@#8VX%DXW{R*J+~i3d7jJ23cdMGy#dOdsL*SZ zR9)`hh`pcNWNA4*)9q!xm#ldn*RWLG--CId6K=i>D2Cd3Z0#LqdX1Bu4+^#(ph|*s z&yh>BzuWV727TTI{oGp1h)%Z8Pp^EgdQTb}zku{Z&P#u<&n0bX2Nu(89kv}TK#xR6 zeFFp~Ca3x3T<~>TQ}Ok3#m}d|ntwD-TffPDGPXq4oH1v?>ok0nQ|_$8@k5nT)#MKI zbZRd%v=DswJPMg1POWyD3aO4tav*bhL*QM1=Vddk_ca&U=P*D)k!fF!$F`xqL{;*^ z`!G~l&n{>CGuDG~o8vqrEDbTs^YnBj8?Xm&cYc%c-1Xdv?2^-DA!~V9IAIv|Q^4U) zoXUHz_4;$FcJ}2SJf}m>y>2mFfgrEvIYr5d;z}KxRKAgbTq0b6sV;gNTvBeJuoxr(BrP0FI}xwimaT29TMr&_OO~ ztUERF65-*a8_wc^b&gVFqA1sQ7e=liFaVbx+M<hC|s(260x(Fo*8^{gCH+EMpDN0!c+~JL8YQ_)p zfcVwNO$t|TuneLs5;z7BAXH%Quhq()hww9?2&3xjn*xh(LPHL|-XoN2(umKeSsbMx z9MHpZ@~6lNln^7x6*Bel>HeuK9VOcUf(UBeg?em4FGX<$cR>PLNPi=N_=qALJ0QlT zK+RZ~2rPWZ*AnM?+dVtPU@LGt1mAWi05|8d-)|Zl3aBWiFPzH@4rFhW&0vSaC51~i zjaEyXIXq4ej5oXxi+nNcas3m2Lqj17HWR?f)J;W! zekMA5GOSKG*pPiWpKpGw7M*lQa5^PG)MG}gwzL6G37M$I27wbmh2EUu4W14MvR34| zae-a-{I#)g+bU1!uoJ_nf0M-e^>E-++x5P7#m;@y(SImY_Rw+tw3G93$liPHeoFLx zo|Fe{8{!A@gZ1CfG2b+`uC?}x_zYWo)h43ftEs=oA>*#D-5x8=YjZb_6Vl##oi`Tw zYuxLsMkVt)|8)@0kSW1MAI}LGhJ@T1l!67 zNB!3KM0dWIh^~Ei#}llViP{<$4>Uh(?kNPXUdo7^yKmh}J%LWJOx@Kl-R}1!uzX*L z6_+mQ;4pWk6;WNjJcFTt2;C2&v{E6Vz3w40JgaYPel(b?X)x@Q;Rt(cTV=}d-9sz~ zF$xh7<3i*M;u~0-GgK*el~5suj(oC-U`!jsd??sp%yO}Gr!>z@CwOQmpKy#?kB$FI zj_~LP;&dfelM2fF-wJZHlJcLLrUWu~M9?f6X zqW|!X(h(W;(H$ve2mu`eWq>jMi98J@A_hZ9bkjdn4K3goPkB`!m9zhJ5LWO&_8uJo zVmy18lJTD$Hdohmf=n$!EVM^ip+C)GYKW0EboQSadRR#!{%#bKcn0dZ2_0B7X{c{% zDMKkfE$K8k#39QUsS)P|;ggyCp(+^~e+W-8XgyMhY4y+(1-)-4F&!}v*ksgL&v=z! z!d}+Gx3f$sQ~9cOUr7+9TInpFx^&RBm7bMlyNoVVjk0D|!fdYn{&%9D*JsU5ha=2q zenDT6=08)JgOol7w{?bn^hs*m;^*>-#=K^ijS+#3*%1 z+sga6;{IXVP+?6uyt!*rWX`~SJ;Ceiy^Sf@c^Ip3uoAtd!tFNL@^8}IE}QozB_hXd z`l7?dj1zsss6qVHTASKo*Zxx?pK7UXf!y`z5_vp>;=I-S)9>qfa_7B2t>?b`*z>VI zb%JUk#tWN#FOhcecG~V{DHW zS$+-G*LEcJTHkxt@9UyA@1vhPZSxjj%!uGuwb5suceZ}eBKX*I+fOjA# z126dlV+_NdZw_=v6vK3RqAH?21fNG7y)M*+8c?yzmGykV}^-#b3Gln17|8f zHJXtiq$LAsnas$$q=_egY+%X-pkOmfso;a$Gvxe8zsFRh)^|LitCAWg)HW6q@GiAdhTMbh|%IRvXeM1Y2sm!98zA?4gLIL%Rswu8(M#m+kvf)~ z1szXxuvFXjkd=G`7xtP-1D?E54tLk8S~c@+L#Vfz{(^PIq!!t7*;J2;s*5!AeNyR)hD4{dkRTU8+AD^nN-aU{DGty#DyL}f(qm@JKGCH8y{ z20Gr|FpcSYdMplLzF8d3ma}Nrl@-pml^b&Fze8REzkziK5Z_vFL^BW)VmLzyYkYQW zTgP7kU=FoefoA_brm5Suq60UkrCtlUA*a7gsg<7H(Ykk$-64HRWyD1(b&U&~DG5O1 zl}M%jKJgzZzuR1Ur;LMVT2IqMC7o&)o6sF4+V?X(<5_V3bj0%0bBYBayUg0^<3;mK zVg3g~MB9<=buU+xVwmUrj^0L$-lq`5b|0wbt5@rQmp=#3j zLC}jSy}gkgxM2qi3|IXFH!ht&V6ChQ5NjH-LdRAPZ8e(79YE-Ior>2y4lu&KwlLWK zdss>IUjheheSwF(wiwQf|9uVAZ9aUkid=AjB!ADQks&KNxQ|AiddmMH>#f4#Xaa3* zY;bpX26y+t0t9ymB)GdQ7lolMT^}ejSX4`+yH-0l&6hC%)O7{9Zjk7>0XdwGe*oQmYE` z0n8R>1^uz4Ag$U3f;j5s_ZL-;b6|{O|95=$%5JQxmK6xK(F@m+QT!QZV`k@hNFw)w z7i6{i(nofAp~y>&s|aL)jEb^kaht+Rx)e^di~?gV1lcWAM{;XNCmtbxAX^vLf(G-G z-hNAPr%Dq9fkK6WuAXv@ZekuVlMN*KYzj8UxSKEO^e12cG8~r@f!cmy1Gl1=)McRm zU1Hxg=KTIGvqk69{@839PzjhRJ1oEQE|@jprIXR>9{5}N-^m1)mN9=({#qX@=#-p) zp_~y)xnF%k4V*JoX7behLOF;v?B1TCbmVG42JQZl^Bf=1#ga{cp$clvv&!=PPc1xR zF0>Qutp|H7!8*$R)@jh_B~;+9z#)INplaJ74B#A)_{`+&brhZo;!@GI7kOEH3Jjg{28578DiVhx785SNv<^U^DOMbS^rI zKB4;-h$HuZwF?dVDghnVqxoMz@FppRtc&s%%>PXM+aq9o$U5*2YmhEslc~h581KUX z4LJa7cmG4s$#*rUu4zU&{%OQ1m`jKz6p1uJx$vW(dP@$asGEjyh(KY+iFYUp=+WB6_}e0lv{rP|K0U(pnPTd zFaHwl|1)ORdlOp&GGE;U0)d}=TgySmSg(aq@*V8@U97%r0H&CMQYA}~$JC^@;dNR2 zA)3u2b4RQ=Eh-aEc93@A9@cdeuiTY~aqwM9Wv8Po^w zY^NQb`k%VI|L0)*cSin*4R*)^CK~wN@g$sg0+3xAWPOX-i?7PGmD$=++0~%W48f`4HizsmIB|2fpWRUV*!#S!{CqLfM zW63Z;xl^ZhQ0|;`;{Yk*H>vLXBfMVi4lU{E=xDH$|CIoFBTBobTGt|t;FK>JEGBrT z!>VGG(W>q&^a+g;bjR;1Bo%#>zxqPuS1v1GhxB%sDnSWi!z%3RRmAZw#jaARbJ-ef zTBTJjD1er<8vGo9WK8Es%DY5#^JgRIFD4+9m(LfZeu33uKr=yZr}Mw_PvJ$hJl_#6 zNg{t$?7>o(mBpJ260lc}^5Vg(oc$oxfqT|xAe210>c^gM+gD63)ZXf~)f`eqpXQjA zQ@LrfkP22al@QHwt;^;X?Gy>P`Pu8aebOgxe-YX8Z>P1Zuy^8P$=>EGzd*N67 z)nnl{-l_*Y;lZA(W>rd+Gk!{2V%D-F5QSs8lRIqIq^GZ&{)ySC((A*6Q`vY^^KhqL zQVVaK{cnGTW`19ik%->TN&WHqA-w(m_TYIuCm~*Xw?b*4Y#bKB;6?Rk9LVHn;~^qL z&m?52s^CoUV8sWNVBZZ>T26?W9lFOMWPaAP zVyQ0TI*6bj!n0s=go&xL&fjiJz2L#YbTJc>5)<1ai zkBt{*;A&EvNtqqWg*Y6;&7Mv5i8G$VYDJSqHIu^_MyVX(C7tc_CoQco0;OyLEb@*; zpef|Q3-?=e^zM8eZ7d;YaCd3j`~{$X-JLE!j&F9jTFzv5{OA$z1LzMCo9w9eo9)gK zFETPdEG~Vr0PO+3=Y?$bOM?k$s=Q36PReJ1qvoIoP>JuDv3s!A>YM?Uv_`GmqRCfH zWKszZP-&xy4~ht1m^RgKuoUQYQAkMGX;q^V)-HcgGfoQFu2dHwWxP%>*CEbekO~AQ z0eA~3B2xXjL40x3#48XA{v2GFT8G&GEO9H<`tPb%W*^+QO%1KMY&8@6EsDX2T%Aysp=8?leAX$5*Wj zh#I!6nK472HKjfao%-kVT0Zy9JsgQYKb0IAy1WSnthbrRzoPM;jw_6}zs4B|ed@NI z9$-yIwz)s zxKQ7HIi~%g?N};WtFQ}ZI)hZ|7SRduCU!Cq% zT*T=-p~)~PJcP&TTy6P)&Q6I*^*l}LA_@k}JIl99(v`@eD)nru{Zg(`R+Nn{*1vfK zz#YL1Q;Z-mE+(Dxi`NyjpizGyJ)rdi6$~SF&kujZ-Hug7pfxYoTh4&y1X)7ZS)lD; z9soVa8Mke^pfo8aPqKBP_UH21uWtcTB7kzIra-EOb;{W8@%;s;`v!5uyr%;|KJUEY z$4>Y2X%%pL9O1yQ2rSGrP^8aZ6#dmUaQiBD)en0NAz<%)r0!8@06KVb{O*B1wA%Bf zipBkS@ok_BB5VI0(Bj$Jt~`<$FMoV122NTZ8ZLVZ?*pvR{bqnz+x`CbLNvBF5?$AM z%A^?v-8L+q=Y2@Da}T&?N@O4B|A9)Xp$NIm&!xKiSDGwU-~h$H2NjxQRNx<1VtpI< zfu7sm^bO$$XLWu4qcKFA3yx#hZZTN{*x_Tvr2w2|7zGRNpyq=06+fE`&;E{W7KgHB68&wS+PfU#Q8FjkbIM1lh4>%1k;mMe-WNwJjt> z^@z6m3f-oM3x5}V{HZ*VQp(JE#KG27xAZyx|!$SDgiB)XSvz0 zEM#O|O0Il~3gH-+Us`NmuSCyY(*Ka>q1SMR+i4iz@YbN5CelXcHV3fFX=Q4Ly~07j zW?b@@d_h7v&V?FrP$FN%Ii1hvsUV+~@9^^_e-4Ts_&>7Ff83sP6^pM(z|S#5-CTg> zsJSw;X-3DS-F;d&wbG&7OZ##(1Cv8)?l)_k>FN7;f}$3dnyZPy+qVo4T%gV{g`>(f zs=j?{wafG%G1I*?!M#Bj1eq)bj^nd_l9n_xl<74>kz}(dg1Y6Bhq10!%+%(wyh(`p zn$Z!Bd2eQB6RL`V;TN>&CJIEl>q(zDk~yJ~SSI~Je5Z*Ru-N5gihT^FNdF)xrFAk3 zFwx_|tDI+^u}~aFTEdQm84k3nX&TT9URW9HWhxZ)HV0#gpT6y~_G4W0SxjXBKoIY@ zzfZ+Y|JWyy<^@pU)<}qw``rDsV-pU94Ue$xGkfuVB990TyE6YaGPJu9Hmww*>Q4YG zqK&k}HVG5_4&YA$-vP4;selt@Tf#V9XQHY@`!4+bFjOVqV!ENf;LNB8=^f6SPQoNS%8EZ@kt_UZ2HC1XbcF#>JkUGx zEfub(59kJwlX8vuuT1>4!uR3QDr|;>!(#>iR?@+wn-G(R<7;;gIZ%@0F#sYkk_yEX z%bgjG*XxQzh@}A9tppd^0*ZPPHTRy zN~p`Y6<;RQ&n;z9lRdoo!sQ75X+}fw8kfZ>vo&}ecFt?2mmZIYlZVk~)!8H89RKyq zqwMRhMSt(nf>*kZn3p+{_nS-uzQkE+W(B^BujWhJN>a=ZN=kgS{7)vP=-)+zE%==9 z303E9D&ArI;)ATPrZeP%d8Mb!Y?StuUl#5j{gauvGoQQVeN{bYG57BA>VF`fR?}Q} zK6D?6I{I#GC=2X{0`r>b^k4aXKzg_5xF`eW<0JjdcounaAYp|%!la(4TnJ9c&U?zW zE?)To8x%BZV%V)*JWLJ4j)gQG62j9kS0tO`L0THjtz?EOl(Za*4U9OT(bB=xV2-hx zD9uZB0OA@&U$XPqOg1M@2wXiUPQT#SN2g0JWo(MHk;?+AsoT%UQ+DM{e@vTYa~tx$N6u=`e0A5b!o{eCS}gJuH~4BESD{l zOJDDB@6XUm{R3KEd`nFf3QekzD4LD39Tb0T)h$8&5^VC`Z*?}MpUx1nJWbJSS>`+9 z3-S@NH^j?B<;DG(QsYprn_2$LWP#ErXM%$!4?&884R>N`C} z)~}|oPx&`Gqu({H*$7M=p}*`tuMiT|i`!GslF~FR8)NYSPd`#!j(crtNr*3p0dCt* z@~m?S!lZj7O9=FPS${C06BS$_iAgAzGaMYt=gt)FOHr#iO6>zgXuWm?Y)Wb)u+yrY zQ*^hs7I_Z2XaN9$K41dNv1WMeU4xu4s3RFDMj^mz;B_;lkNX} zVl{S}@R?T-24Y@>8VBRWu`_!-^tt};6!+{>d}%VIBRZVH>26u4XgrpGd$rBc5F4%s zs<~f;Of6m!DuXoir2vUMvaN{2Q(h<^9EaRr1TXL{nOkw4>uY{`0|(nPj04g9KNrYb z;nYMR3@oiNCnjzE98jJoKgWA#cdVD#AC+`G#cBb)k3qy0dLFM`?TAQm9uJm-Bm;=4 zB3Lv|tY}nlG^NS(Fc%EcFs1RxxmDJi^$qq{iTpSco-%2XtQekR(*oKNX>iii=t4(z zSWisYxLM5$mwv3gW|jesui*W!G2zC?vG3I&Mc-jlzFCVVg9Dc*O{Qru3zATVTk2~= zS{-ZSJvmUENbNi5G9alhJP4h1nl(S_D9U84o(Y%0Ien~foz z!w(>C62ei{Rtz^tFd)15qk>@Vkw^zbc;RS{Lrg54*^g)K;OSN zHqenMj{}ammG*Q&IdF0S9_}t~(Z$75kI+=-l$k8lLGtu=5HbtxXg)6|sBC0^N(w~F zZD$Trq?iG;KnPTn{1Q`!w`E5^E^L(mJOiQ)H8g^0t#Q8Kv5f4P*}^rlJp9%PF#@H@ zH9|Iy&OyvC>g;Jzd&Us^cD86(AKAEoB)FU1LN6K;D-I0vgsI4O5QfosBiVZ~iZm9% z(%A{jdJ;-GoUB@g7EDLr;SQ(YZa-Y)0)j1BeI8YMYHEX%v9x9($>2#k9_n%2S4Cv{ zi3D3HQ`C_wy=W^GWrBR*bi<8?g~Mhi%u7Ws0z-7OFikk>9U$mRgzWffce=e!>1+(9 z%;Djc6E)O&`+1bV<_IufKINm+QSW;3;70*8vX18z>#5b68rTarwq+|9;}`ooyU5TK z5GD7C8y`;WkE9AzS?WwsZZhM`ceaY=3-(m_WmcOX8oS*uW}PoDKBF*oz8BSgBuWd# zP@WGt9$5mcL0jz`!y!2XG$lW!nqw_vWpsI}w=^4fI+kJU^u+f{r@6`bqb@q^%-2PO z+J<)XR#1bqzOW`w@X`#bvFOh{_7^fr$1TB$V{jh>!{C zv_@#ljO&0x_z3#QrEmRI@0jze33HU{n23?8Nc5Sd!!OPybQB;>s(|62GB6qtkML7*ZABw_u?mh$orIm}7R>Iy;!=rSeho2a`7C=9xAbvOx^y78=`ye@o=k zRk$Xb3!w%|VJ5%MJR&hw!2eK{U=|qtQ$Fnmd4KlbT)oc|hhFb9&dO*BcgVo8HqBH3GemKIClL+YUgr_0mbm5W%vLmc`} z?bWib%hvv^JFm5Mha{euvB8#?wR4QSeRG{LGev^W7+?F-x5nP*Y_>n(xy0H_9SEyk zMMLK^fHcl`YgMx(y=UtWCvDrlh`+Q}@rUKpLcrQwmrmSiyTd3qxIs9*X66`N{kKT^ zkL;&Dwj?5FdJAdpv)3B)h5R_7FD2c==V#EGs!jYs2UB6vsKH=6j4KrgLODEEJrtA# z+R#zjj2DYsH5zR?6gNopXdfSJB8BLpA)ncbOtkWFwc{QNtE%Lh!C2MN2_{RNXqPF6 zIl$HZP@jSjKR0Zd+gfZ2?~ZGqh&WvQ)~yR&L{`CLTM|<&OWRcPt9t{U|kgphTJ3WAd%K{42z#aG|5&5T%g1~Vc{c% z*p@yaq;o{ef4yhrp`^2|u-Xp2xwjL?{Q)si3~7hP7h0&CoR49v?hx(kZOi>ilU=;p;f zmXf4Mu0rxz|@!J{L;siL)MWiB;8s1JXa{ht1bz#wL%DD{(8#L(N0z-d~jPn2w2QT--`jZ^or)z+<3zgU00 zPHvEG?9*7R$Meq;4^_u9{)n-k_wu$lYg^jFX>A%fyGW0)5cF)>qWKJ8-+_isgiWK? zw~zMvH?uG`VWzDoO8J+q7qSV_EmB$Bo5?aEq3X7Z}ok@R4%Kj}Vee5+o zTm$|mEmeKUz=elTbkgBxTt#mjwILgofQqLw&r?~clpzi>$;KVMZedbaF7scQIG%mU zrGVjB+BB$B*ect_Qs0qtovhQ&AD4rp){bu)I-6kA%hlu5!7vU>ceq%?A!`54%RwCB zk*UiXF=Z2T{lqXEkOEukY?P5Ff2xF93BQtHztj|wH$@-F>|uG&c=(_sACjqm3OvA& z=xm6@ehlxkOLTi+DAcwh3rq&l0W_8?kI74@<*na^P)kK?J4aJ@p3V=HTQ{91GZJ0Q zt3G65zl+#VCY3{_Z1t}qD7&8uf=KCIRMzjz27^0g-Qv%Jwu(D6TcrfzaNA{sd!TJv za(poL>%QZb1NYM(T!d493o=bIe~n$G+_EogW3nEl5`-j}8{{H=jQh*lz)Qbnue`}1 zkZ@AJ=}*+NGh|rHyxaK#5p^Q>q;Pf=I{(qPc)SERpcH}kt-tsMqK9)&;lBFO>sJ1z zlrC7x8R%gxMvvcWXc+ttz0Ok}Yg_Hpyo7)+=`y=^L&V_2AW)XsFd2 z1lIIb2)FWEmZ8gQ1kB|LyIgKO6H=Y>I665_)p&qT0q$$or~g7+hI8MZWrFA!jO9z> z6;+mSvOB-q`D`SLy`Nv|n?#Qi3C;%_HiY5+ZN72b2wbW|u2lP=`m+=C}p6Sf6Cel(|HiWWvZju9P)#trgx4wy{&DgJHUM(_IM!U>&)vEC?E?uf8^2d1+J;io=`1&Y5N(C#H)XlrAX<4SKNFQla~uiU~YS14rxYhj($ zNcSM~EPambs(h&XEfLwN?dcY@p8Fn~kmrUNn@d&uZ&fKHJU27-m?z}re!iUOEhhoSJ%q`VXl~ygpJT3s0$!t)DVA z-<&v>NSO#xaFdk>&fGyFY$ak$qB+>`^Wwyj$te}yd0W92#);EO6G`ayi-8qS|cXRLa{ur>P7~8vh5UzTw1CIloYd?AFd=Z<1j-PC*lz$ zwNerpyIYSdh$%p|&yjlhH#aVfsPpw#WUh@=$d79UU&mfIY0YKOZ1QWS*lhDtJO7h* z6>m1B`^78$2T@jD$eabZN;Lq!)o*|nYZkpiejgVL3r_T`F#%a?m(YX>zn8>TyQ^-| zRF3O%B$;rL+v8+{&+|`%%!a)WiC;Ob>;ni`iR4#nc<=M^hGO`#tlT?YJWobDe07vW znvGo^`>B)H?bU@FTWnkF2pi4T|BJS~-E4F)5z{+x%0Y@9#co+6EmgK~F-|fR)5uXu z871-jaK`t8*rVa&6+>;#^LM1v)rc8E!WLvVtGov8JF4WWj}fgDn?l~Ng#`TUXKFo` z#ZiuwCtP~djF_w7&>s^>4V0hvS6xJ8s!SWqSDi3U4n+^j2??AD{QoN1eFM#KyjTTe zBJM^0K>15htPSf9e{xY`hU_iCUM$I-cqhhiR$M`U;D6RF}iU$;>9?g=51q&pAP^(oH(Jp;s6%L)E+Q$I2~ zDe%UOA+X%Ir>ptS1Y{u}5vu{tgxhGP4{@XwdD%n)PCNM$Az%ETek0+4IX)zzX4hM% z>4S^8+#17PhrCD4H1L;9u}Tl(xM##(Gz|Y<{OEIfW$c@|WNs36M>%B_^=wmG5PX?= zaAVNxbpNm0`1{elA%BnT+UPvEX?b`hb2K#>Vf*^#Kb;4^!)LlC-!juK=VpVf5_Q^~ zsP_2jMb1X*b5D(i*SiS*rBv3sD&2G?z`pcY8W#|HO!_0a9^-Xi$!a)rs4}@Bz(9_i zZyXzEyVGByPOs=vPvm5K8ikyDO-HdecicufsGpCjTaAj6$<2|q=-QYKr6stp9!ca8 zBb5H7zf2vJ?qB`8CsgvGR2YN;V?9U*l0mby8CKK})qoxP9`1 zv&jXR;IafurUt7C00Z8Fa4Es(fF{|6gyi*CkX?S8bmvI3dcRhN@J_5B?c5-)ZSBaY zBBzAc44~Wsko0YUQfkow2ph8^|Di4l0fAwlh2H&SA*^*)?1iP{4QTsRN1WH5lkxuh zc+F$b=PxSU4Zs;4m&(;{xm*vYx-L6yf!y!a&No_^x!~CR&3qt|94~rLm`%d(@J}B3 z)AO*cLn;c0EkogGArh~EtbvMYyeY8-bP^R?VW0JLP(``|yO1q|z3drl! z`2q}ZpDsfuSr*Uh?Xo=oPK`2U0Lz+bgl#Pqj#{t`M8L)ft%KM3x4mepG6A+bSM$Hy z@cUq)bEyKAJTU+bE}(xJM<%S^KOWR0{HNO$(8fdY;3aT9%@wJ!&UT;1%zi4wB5o97 zq&oeJtKrZqF9}KY-Spb6ab11^*vU&qIN{trw^oNBGQurjV!uk_7D%ZIeMm~8hDl~i zKy8TWXCd?srJ2idR?6fG)6?kY-p57$-uJD1lq}HlVTR}hh4rL7iZ^RCd_(#Df{5Z} zc2W87LCLSD21Y?UNzM#z>jxc|uX8{uD@&0gPTGshoHbfK5crlV}m~#CdC;UR-Y3R{Z=j2R{`7_}gKJ*dqh=R@J&(h=;BMBU% zzTAB;?E8Ul!LH~NZdL>kd7L`l3YTP&dYhH#CfV&ams1*M@GsjbzT|*Kk5h81p6|O< z)q0+nnZcgk{1B^_A4$WL&n*QIWoreQYxqdJBpL4rAxsE5(c6kMT%@-_Qf>8 z{yjz7g$(*e@|*=S^EBK8rK~x2Yb>>omuAg?1UE36c{v(K7EQe5I*wfQ#M1_Jx04*R zVlBeOaQ3wi2ZK)|8iJ1VpK#l0J_{3Y9{zx0@M$nTbDwN48)7{0R~YpT9e z8Jq^#j7A*Ms22tuC^rRst5e$gH4x9Gq414X`y!+>!qB4oKmHHGk|7QCY{mtF<{V;= zJwV*REx|(+TLN}gi{b>G>8B=NjWOs(4OdP$H`H{;k(w>j(*vgZ z=e6Y?`q4p*xT^x81oQ)h-(aNGQvveH8Kn<~7!l0{Bw0>h+RTONvTr1SHwQb1+4O}) zqlp zHz-8HOv~pl!NQIeBxTEdSgdUT-op)w+aTYVWzd;9R$PZM{;Mh>7lXjr{8u@GpEzWZ zNMtEIqkLTuK@MZF+7X;Zc@5ku4{O4dKaTVMGzftW45P%Uc*h8M90IB}py)9XAtq^z zf%;xB(Sm_QvtI#4+X;RUBS-+2VJwX}(p<*}P(}9Tc+6g+X?7h08IlIn>YD=I-;BuF zBG4J47;vTJQ~Che1BY%+xCZ%EM@ctnx7pF)BHV;9shXui?-@AdY0G4C?(z1h z-wRYY_SttPvxyI4Ja2D5=tWkRLvbopr54P_Ut@lNNiYF#CY}86g0J1Tb2D@!8%JcT zJT&UP+Xs`1UU~AQpW2)@TbDKXS;@3IZ41V=H)a>jlX;pq{AP&WH!iG`E0y@qCztFe z!|z{h0hGOpy;W5ugSsdv5Q#i(EFYD8gfEE;YW6UJOX|ab*N!#?jeo4!Q&FM?G(>&YfmH$blOn zL&B@PD39hSeQqXSnj9@Iw$RE_XOzC1G##p$qE{%<6dZT#-Fzqr&UNZ52hM>l&qLh5 z{#3rlPt-}g8bgYlvcssZ6U9xqG__9Ts!Ee$v<$RH@DUk|`6#kJK(M_3P?p>qj?XCd zGdmT+Io3Fohy!e3kP3u20m&%j!_FR1AQI);*cFBYC&S_daLqlT%k9!T;2QchGuG7i z<*X!${z3&xs1_Gc^}-d;XMaq9hm)Z!j}m?bszYeZDG~B4ixi;+d4`kA6f?j@#u*uqMneW-Qn~=g2Cd&e00aY4vnl6?VsYqf!1Lk7 zg@r%@Hc^u5t5)E^%?_lfG@&-ZBwu0B%ypSy)V=9Es}0HPpoHfHUq$7zAnFqJhpe}4 z`<&6G8%Wk;QgX~ODtOq1B}JA*bI%CClHCeIVI@~(ywXRuN>m^%QHg|(o8xa5d7@k> zGJrHkq$2%94k#Y1+NRe+>l$Ob+8961vSaAVR*DNWw0TwRKM`-&KIgAfu8jAYyL{q(pU_rHfaJ72dud9UWNfJ1EBy8{SLJVlpqq>5>*_$B%|T%cGzt^_bH zp%-9lKaDlzLWrO1`^yC5zA^Yn^yoWugdM{1iNQ}DB;w5(RK$sa z{nSKOrV$*r-9R29i7tnQemnzlSOjK{@kki!4Dcx5iL7YMz)oyl9~lSB@1be=*m6*#b;qF%4u` zF_+9U*B(HTCdkV~y2B33Dp5NS2i~VxBW~EYjMFN@@0d4{&#be@!=8?7(!$#58#wZK zf8|P0W0e2Or`G55Io8;eemK`J?Ln zO=tZJL5KMEnabmjxsL}DqUJ5)H^I8$j`X24zrV~3B^1Wq3x@t~bTxmUx4bgnA960A(*{4qOrlI){%^ zWeWO|@Ll05>{y$t04h!u7UK=o1&jER{4!S21s4m=qns5>A`=2WqRhUPylr4FLn4%> zb3#|f(helcb_<$W>cVO!1KxRImy4CTP&zPRp9T_$3AtD3O_QAKK^_B6SM?dxA>1kx zG}+eCCC&Jz)Ey{LPWQ}Ec1lSl*iXPqhefK>svI0<(`2!Y%?YB~Qaytd%jbTGp<)KD z#((e{>cTz#jcef{1TXdLT&wR1hqRBLqk7ibC{c}2 zL>#V@)SW%3W7d0jf-csKn04=euPd3+z9lwh)t~;hcT{SNS1m9j%Vk*1#?sS5k=Vj! zT6;L|z|z}sNFpVj5lAB-`?8#^pcBt4U?3&iTTwbj5tntg!Zj}6?~bSgEe2X{N6tVl zh2o#M$1SIyb(OC?!bg-OqAWwjmcVT<#zwUmKyIAFEbOOCosh!}8|3OA_`J$cPYD%% z90|iqi93#li*pM(u8{nnOke_%P;g7IeoSp7UZhRvmFgU2SY2yLl@6VK4=e6&fcVH_ zA|Km83r+ES*ODq4R|^@tBB|yeINZaAWN>GdVv_srn-J?EpxH!WP9rYTD!15_1>mS3 zVCR0aPp(*_MI+)e1K!$!J#6`1%zWvfCHiMdYRV7nc{w)x2^kab)?{>2C;X43_{305 z53M?ZKZ4s#ouCTecYiyXU(SCpvU@lty@y{maZy+-V~k0;OuDplXFqVG%_Lr{I@oAD!@X;# zxBvd(2kQq~qgIoOgL)!S0i*nFHjVN!DiRv>*q=F@%ug)($ztahpVbPhn@fe2tBTxg zGsjQ`kTRjggHo1dfC2?RI&VWHZgLq3u|wt#&62r^WFc%O30&mKY#OCs)9_ZBG*4r2 z2=dO@kuYH&TcQ8yOlD*%jRLUy=hMz9yCR%7gNFtS#ZE~g<13rkpcW8q_)cMzD!jTL z>YOd(qVkW_3|=t7Lh;V)FjVRzQgMf^Gxo*_tBP3XYe}mT9v+^SmKL6QD&EVaWGdRY z7n3~~XENeZkt~EPpkUaT4565DwE~6xbGz$aJ}kP9M_aH3eqPqI2cFVbg8}FrXH`}G zHxOv@<2TqDL6%yw5q67)(*PY@`JmvUoiF_#@2WQ1nY)&Z@-EP$kBz$fbReLlkRc5t zqSg47mFzObZZ9CPCDGD4q<5Lbe}r2 z@AH5R#A~TgOj^Tf#j(WUKe642t2;S{zs<8b$Y9_?PzZ00yHuP|P>-?|Twd_S&zoFM zB-?tDwCY0}WvE;n@{$$qg1_kI#8&5aE$uBmek~AZ60UaT=OqSTvc1` zl=M}8Nb?GkH6uFB{O9{W6L)*y>ms{rKYI}mcF`HUqmgy`qjhVud(S|tA5vb_QnJ0* zAZ&o+UOR-9YUAwo-%hRl89p3{xl+=nr8$u2Wty@5Gh_hmh-u<)ik8aS@4KBS7RE4c zbGok?;~dzMK?+Qakp^8f=~r|3*nR8@Szg)r+GwYK&+4&ERLjk1K+F3}7b+f8wXxCC z@d6Ib14!J(`MEVW>nEuU2kA)2iIxTfg$-LCF=2L~htMVMca8pYMYINJwZH>f6CCTt z^%GXbn}|bcIqbp5a5lzdHrB7j|Bd>CM3Sf0Hibp`ZpFv(FgJx+aYefB&ESe6{1Jlk-EyMYc~oeS z;!L22($4fA`o^QyU+Av5pZS4zdDL0S@+n`wM1MNpySqIb!7o&#(!1D51A?6efki}| zb_MQEpN&|y)QJkWo75=XUOyw}lET3icO_^HB(WK5>@qMN1TiQeEVnIQmrC+GB@-#) z0NQ~x+J9%nz&|-Hc-#TMPgZS*X>)27qg~CyGZ&ehpo@&@F>zY&ydP+tPpcYS#=|5K z`r`MS=}Lw8B;PI_q}29__F8`?U-IBPnLAGvg9xeoQdNA>qd?YT;>Q-B9L>4Os<^Z$ zWwR+5JkkKDU8RROC#MIk`>%J#Ct9&zLWb9}4+u^2`zPXa+9odF=8NrSO|bYPVbV39 zeY$WwtK^q8w566`8uJmzL+6Ck!{V=(SFS(pEyNYn0IkVeXni0PyN?6VhRIJnB69bG z$C&#OIQ~o>AntTrfhwe7R-(_SOOXTPVv-!VNjVG;nF2_fK)N5h{PwOkndS^ut99`j zY&Vmsm!F>*oFUL1{L$i@51ZC~^0Km{)=iULQ3EBOdPV<|IYc0=A6DEs!=A!pW95>O z^QihoHyhS{>-TxVmS~QLEESBrO+VDY_g3|-ymG9MJxa@%ZFCScJ0uIC-7!jo?EAPQ zGl6>syOMBHiLg&ktpXw*S!ts>Jf-%_JIe3mpHH={Tjo|AIu|-hpM@>jbIqc zYnWt~oOH|`tbL3;N>Sbj|8z0ap1!htWKNa2^4-Hmx>$lAW`W?Ec|fpl7>dpwB@4b}xf3iy$qPL?b-p5})zF$h z&YJG)Lx2Bm_X&E{H4u_*BvspMhmDl&1u2lr3~;6FEG}>b`FA zkLCF(lx1dOtkU@E?VQ<|fwUtfAJfCo=BHUXQfog0?(KyDvVppM5cv5fP!6Z4(UDHr z#9>*XG5yckMn&xSY)UBv2l?q)QoW=%9kH)}+jS2(T0$qJD3P9(5S}mQ%B^(qozC=H$mRvJEV6%trz>;m5RNAmoJOn0~7@1VeeX3dh z)9$1~@zt^dD>}qU@5R+=X@ppbMY_)nTqP-F!-b`(wEFOKjn&cJl*SaLq%nIwlRJd^ zw=;9LB46?GLcSh@X`fR1SeDnie>3?+G3)c8#KsL3iE zs%2)wt+0jlAmpPh#RO<#Q~9GK@L6(d1&_r<6W5lB`jn3DKW{ z)X7_+fCzY8aSa5L0-n8s4*CbeYzu=u`7(NR2o}_meuwtrd1{sJZ0r?kR*v$Ee^lO3 ztqKx4sF7b;%s@dy_AW}m9X_uql8*XZeqCdR#pzV~<=%!Z&F2?maq&>eVT^)BSU4`N z#&AhqRDNYn95<(DmQPS@0;&r?tMy6-fk384Wa!?!+WhaFh^9kgYeY37Y z$wf)}AkESOLpR_N-rTJDdr+Bb*5KzY3MfHVgW`RUpdERis-w2=ma7NE!(gZaodara zu5lNS(Y*ZPf)u6q*|#Qp+Kxva2a9(*{Pc6{P3~-okAy3+5Ay(It%^RgSIaih2WUz^ zxd3TS1S(Of^o`rG!Izs-26fuQYaT(q)bp93c)twUIrpQHUnRl*9aKegza(=CG~5I{ zzv_R!a1t~)jZjOxj429X#Z$Km;gwLOnYYa+#2wmIW%zB_Nkz$PXBmV={o#ejU{sKa z))il(C(#u(A`_YQ)>@DzVF>`68Cs?*a4YRP75UbE&KU>F4^-K{=l?*Q{CNH+PIV@0(j&KwTB{Dj3$jkPhK+pN#i0N_ZdFqx?B6o;7GK#UGImAxpk`PC9oI3 z{LKmFXO?cw_|h5;$;WV;_AnSk8^!OcT)*b#j6AR0j0p(GvsB4EK{Kl5_w`Y{8STDX zUzl(e=q9P<@o^*c)EW#NxM+mtnT&ryjfpIzgh=ivfP7jM1;&3lix`A;#efF&8E~*X ztl03p5W?HTG@R4(uWFTXS_&0oi5ET=(C)Dr7xwR>k|^z{1%XXMc8al+;7;Z&{we)G z;$OJrkcqL)XF|)vr&Spv_3SDSQ2VB&iO5-I=q#rbyhNPGFDH(;*m^E__+^nEKDP_` zjxT*{auQpwu#b!~4Ti!#Oy?Gpf~F6GL6^0Q(#mrLZ-rA1J8b06+8ci~@R}<5oRPJd6``2^nuN&E@ zMtG8DVN=ll7Q)6R0_1J z?S$f8kmiXpPNkFh$wdAFSeuA-!@=bD{JNB{r~Rg3v!$c+b!}2(PpbO}+O_C%!I1Ss z=Tr6PXxxY-1d~IfiF2gitz>bRRSLMvG8oHzD^1h!5j6Abn$<$vW7PXjoxSB>A5PsK zjr_KHN1gOU^azlDVv_W8mjSMz|TGF^{z(kqw;vxIxk#D7$}1(WYF7I-e~7*zklDXw``TBCH-Koh-4~%P{~!w8Sl3s&+pit(In6DbLQ$j z<0@J5ffDmdekLq60mE1(2vK&>9Yyrw4ioF(_1A+-wd8sd(E0HyAUbEFNAcdPP6Cs7 zgQY1zC%abVM9eT3+7a|#{uj~tr|ZHumVTlI)?ambj$6TBm4wM0vCBDlG0nS!D~8_` znJq0=y5LZ=GX-oigav>$sfCZI{vAUd)Qxp)>mdd#= ze||o3A7y?A=4U}k1!&^IK<$*8Bi<8O^zjzjgjPvEEy<*4|;v?q$=M)*+>_PX}XA>-YhEtD}a2csDDz?5FOhZw!5-Ny%Vci zaL14j#l%?#HA^T9i-1nbYqNCBIaH=d(qS~-Jao5wttf^&S=MM5wIy|DP;B>*g{Dwi zZ760r(EapkNdDl}wi_?X@3Ry7WXI2ZRupA+UrXZn{9FcLne*On-~CUxEd%~cmIb_^ z9KGKhOwPRgZhYELXV2{P`*8{@BaFk@x-`C^+Wb9c49oJ zV|NXBiuLYLkOVmXcQTEy`26*$tI(FuxKet~!$sZK!~Hyg6Vtr^1G7O)zW(G#KKuDW z6Q+)sy=csWmFo{yl_l~;q2#u*+NrCz4w$!L;NopPrmgHebZY0ps;z5Mi>ul((mmz~q;@jJ$h8}#zvKI6xaJ@wSnK77(A zKK`-KeEg%Ixw8dkyIG?vp;;;k_R^@l&7g*>^xH z7S7a{ub)5Rf4=eQQ-1u-FaO}X-~aOkXLjuT<6AoY>9L+Y=Wm$4t9;VNJ!iq3W^|zOBLFNS`E}S0FoUURyCA;&Qc9VB)b(C7YpEtTN0McN5YlWNGp_O zFU%whQjd^BhYopBF#D&Y?WOJ_Gr=)^CoH)3|PnP;9sf`X7%ojP^W@3>HZ z?X}m!Ougi+Teoib@ZlRbZhZ2|Cnryyym#;3(W6H{`skw+=>491?&;mTw>rWTo`3#% zkP@#zrI%lR*>!HU2cx0g|xl$$}2~X9LX@zgy#C4LvM2eXVIcXcinXty-PCo^tnm# z+ggOhpx~lu2|^8L%*8;kL!Ul<7|z&nBl`{NK5^=>^6E06Jd&_qa0Afo!}wh2z~+VX zCJ&f5ZRFG`lX~Mw&Z*IN%noqv-9bZ4`z5o63_xdr6S-1VhrhK!uHZ0Uqqljba# zw0_;JL;IG8E7#8+)8&$LzVU}&|JONZegD1(uA4k{`0x<}r%ju3^2tBw(BWP0e8>Ac zba-#m@g8d4_O^Gt9eU?GmabZdw&_q+qHIV1PB#wdbi>p4T>ap!*W7s1E$3cz)w!45 zva>4Qkg_96H6AuOR(>3j-h+B~c*nasyz~7XKJc*~z5Cmb8stJ-S5Eulr{DGEul>in zKJ$_PJpI?dc<`xH9(?X=m*4l)tXHNT3=dnod&=g0Wf}Vig-Fi+hz-*g;QEot|Hot@ z!KG`?#226dWZ;=xdjAxG0)(W>gs>8VI8`ZR!M&*|^gxjUpTH4Vz@RAhM7`wue(A!? zQFcNyBnfRstp@7So3u+t)8(#RyRaJ2PL@$#Sh{rSmMvRIf}|=^9;t2X)~zhYfnjO@ zdomPB6CRQa1|r{W+O+AFS6*TA4jeeJYSk*vT3(UL$xS2|YIg422`BtChleKclg&|P z#flYl$7CRuR7fv$N+;h)OpFW)$ybc(+@WKmkzx{SR3O33c zHf+EjfHVN|-h1z*Q(%%s!~FU4sr>Vw|BPGWGjwss9d`iptR%R5@ZiC#ufBT5j2Y+y zoTCrxhOuMEe)-E^#(w}F{Wco$KV`}kn&X_;TyqV#Q1X^rZh7dThiC|0s3rNTEBtgAL%lxX zd`E{49p3%U4}boPy~a%LJz;jwN%I%(DKE~N11YnvEHr4r#xB!0K0SY5rwMCscxn6< zPxZT@TkmH^jGei9^{i!c<}8@FcJ0)nUGr)WE?hLZ>z$YV@UlOA>)dm`cklhzjvhOp z-+&iJjUM*>@Bi>!?|k1$Cw}T}9X{ZW_r0yd32%Sfd*1PmcUgMRyB927X-%IFnVP*r zI^Wv=p{rkf@P=nQ-Fx#bxBc<5>o2(R{)1urw{Xi7t2Md0ME!wixZHyJ`#vC0f9}QJ znRML5E0@k3{OON$_~KVT`oXV%_VeeR_k)g4eErTRzjpl-Pc7Orz0wTZR5EF6aZ$$p zSwTPW@T$M8)4>rJ_K%FtL z(kEMC1xAI5!BNh@Ho1n>Ov06cFyGp>YpLf_uuASAHxa-zA%l>4wFtmQn05X7^~&-) zcI*J)X-kr&Ja67SDmjzUm{b8gNt0=&3xpsL;HO{MSUS)bt;nsUdw`!#(U!fD-<`Bm z8xY=4yeUYST*8tGf(Rkzj=3Prm_F{p1K~N~E04}fvs6N$CUA}e zvj_kYaTxpu%)9m0Tk%!k8E*t!*}LC#(@m%We6poxt7CI*#0BXL;HPWi0`=z1nZp`_VN%Aby?gg&)k_pp z!$9=+3vEYGMuk=+3+YXuPCO5?~M6l0rhAqSJ#k@ zMNK;9zF?KADc`ev?V>S@=Zu*+VO;kfL+*OyU+6zzoV*HqUimR5FMT+)?t8rX* zf5~(#7b-1XH)H$EzUwAFe_-vDOr$88C8vcZ_r3q2i%)srvR~bF!7sk^#gBa8y&c~9 zz7yX6sn7HpJ8j^MB`?ogv%I+eK-%n#nAN4BmzVB%c+$ql=j?xQ;>KGB&bg`A_&a(H z?=oWC*o6zGvl3o7e&3!Y^;N5?_s?7~zSA9-eEZy=fBbJ3{p_*Mw@sWfc=Xtp$Br9$ z+G(f1_k@$)-r@Zxy!)f>`0xqu`Ote$IPrb&`+%hrKe%$;#&jl^kJdyFZXEpB4bR{9 zm+tpm(dB_VF1q;AKV5mtRUNx+Dhbuvj~?2sx=Gi7>x|;1zAwJ*11ENP=Lb5R_#ZC~ zc-a~_->`i4&~JbBLtp&nCrCc%Yzm%OD1+R1BgjI(2q$9@To5(%jwtO>X@w{n(hFtK zhX|q}$W^#SX&Y+Izo}ysatGF7JdB@|&6sD-oXH5u3yfU*V{E~&F+EmbO0X%J0wXeb znqY2rTAY}bvq0CjXD>9AtJZ{Y{&L0^EFhQ{_=!Fgpa8Xcl4=g>^v=AeGU z8i`MQ4HSDgb+nvgWl3Dvj zxRSKF_~9<6Ty?{*Zo1`~E>BgPWIS18;)hIPkEvR08Wx!NylnX}Q#ZMxbZTSmDr2hZ z(uWT=R%0V}h4x!pxrnLVXKHumDmR&MvE7~82lL^4^_KDtlOhLJ*6m-jY1QlvYnN=; z^2+AD`%6N};&66bWwTvW7t?&TrtZ4JJq64!+W>&&X zE;p}a%^sGI#vC%HBxfqq_6a;b)bs=%MAz~6KwTcf*@HT%o&-(-hha-V_>=aDO@fz2 zDgeYKK1?9s&)mh~iA`dPkb$3M0s~&n>K|yp`NCJM|2Zli5F zQ_rMuW};ayvsq_0nKjUnhWG-(xgfF8_q+30cl_@muz;~F(YBX zfC2c-(4j-wAL9>1?A>?Y%`H5K8gPzF78w91yI6LII3ATqCR4C2W>tY};YENbmnZ}D zvI;>yh=|+Im@$L4NXG4H1p~t*af}=}60ZYRA#?+D88W&7%%lVS8ENdQk<4(wQI?)W z5Nz7+vo-~ou?fo;)+k6Iad3&z=!L%UWK=~fhys^XLhNp_2~AkCAcR#2D-yINi1haY zu#*uX1hZf+h_2}oeY$k%g0{EbdMiRu#?G9}o<|j0fpV|cw~e@b@=e{qRdAN#PLL*?uzJ z9(j%ilaDn0)~fyPI9+g9@wTr_@ZIrT+!owl{%ybckZZ`|6;U)q6Z`pn4k_sm=zugNN8IPw2Ip|%?7`wd2a6uN?okWb ziuM-N-KXf0_S!`1@V>{=pI9S&h+j4aY!L}w2zMn#P)SG{lPR?D{ zsiY3ptfUuq-UI>(fwm+fqK1&?OfJ&1WO%f0AX3OJ1P)ywpMGg5fv7|c&1u3JPU)$q z&TUDp2I{)Yut^FKb|fil0vI;d1lM6BoxuY!C71v^VpeiAQ$hhl1MMI^4PizCIbDxF zFe_rYi@8B=ny}jjtr1H-bIDo(X~?7oY2-feo*L;ucUma0>mr?zi;+XlrA#GqIJZ+9 z5bG-D6h~*4S>X{6U^y!`opBpxN^4v1R1j0COTURn2q332;fGiXOfHV0N;N?g%Lwk` zT{sUD%_aO=?^7dw&LE}S03kSrLXk?!6lgC0!6${*lxfbHdbE<8;pb9bOB0mjQksM7 z5M{bX2zdc!3fxjwq5w0wgI1J@1td!v4$m1vf(kT5TRMe7cEF_}3S6p{Y(*2oK~3n9 zekqf8I79TsSh&S_r2|BnR_KXh*vdx-R+40$TZdi))T8kj3EqPGlu7;BsE-;kY|N-( zqec!IY(LpoQ(eXGFdhzN647)VG!kn1!+zr&smyWq)sU&%j3;ToNS;oZRLms9*-T@` zL_n>)MYif}wkBgPy`}SM=imL~vv0onp+Qw?3r=`g%)Q|SnO0?Npo0sY|KVZz@Dt{j zGe@AU8+tQlTWx=?hIIiw+L|WS14wl3sAgR5QMQ9d5IXG+7`Q>TlO{IxCovpUx@#I* ztupo%I`OPk%r)nKnA{bho;2~8(O2WCj%Mwr1aQ2N?E=w`jb%#S;yUne+3X8+{E;(R zq%?KSL78f+gVnGJ)SZ;(q<}3f;JWxHXid&1{|kC3kn@2IVv{qKL?Td)!@~(i;O#60 zhzQVq>C&adGVnym089V}mGF=OU=VE6iZ~*0XhpuFN4A2j24JH**k}%flWkywhrZwe zTxc#mm73a;S`E~dp0r;l83`;!BnWaM_M(hU$*LqQm6eq!EB#TRxiS|SLFXk7?DaO#q?cL3Z8pW)I&BMrS7x;;BghA% zCoVAy^^(wvbd*4;n#!cZ(FoAKXW!nj6DRZ=G_e26gZd2U-?x9i0Rsk1nKZe&qB0eW zhU#iLr&CNc<3(Y66u^0a89G!}C7WpWno0Zo9-vA@vZ+ue7fIW>6|;Lyhi6zenHPeoLxftr-T5Dr+E{HJ3^L-3Dw z9CWVXHbJ%6Z597fuR%J7Bgc`VOq6j5+cXOMFP*n9yVdC2j@emC9nd6W(r6+TfbG2f z`v6De2&a`p#%B8t}7oN;gA4l%9*QR&6fR+S=&0zoKnNtwJP#GwpqQ}A7&0MQ}WrGQKll$WMJYfEZ1 zP%q50kW#8FB9aN<^meBJY0R7<%mFF6kR=7`)T;>vwNgP-MFBR zs|f|pQi(ISsBfn>Ags*{YMLMl7+)d8+2e{h{ar5A3c|Ih6eneXlS&vQkQ%~CHL&3c zl;MP*8Z}2UM8QjTeFj7gXKv9}xA1Kh)R#p0eXRhSO4w)x1B86a)Ke&Yet?Ets(0O$ zOqJ1Gt>_xDbV^5*83>hH1nUt3a@0h20GqiB38bl12*9l2P(T{|oV9#`88)p*WHB*N zNkL|pa0)PUi?S!gwiX2v9dSw5C_|4FF!Jivs~0(%H*enj`SX`9Ub11$+E^%@OQoZY zA^ReeG}aRsyb8{B93k#GTyZ?PwB48{IDqzeHW^Fj5?T8u`9v;N7il+oF9WggG(6w^NxoktCzC1?3$VX@ajjiYm~KdZ)Qt)ybNQu^ zxFCFkwWB2i;g({c5I1IB;I8DgWFRdxNl-)iwySK^YO(kx+%|hV%wiC!EzI=g*CrV- zh=t==1`_2`a@o+Jfx5;fTXUo@W=%pw2=UuohRM}Aov9}$ zhrIqOSH{=+jD$m;4f2kS4$b8dw_ZcY_o8(~6~wLAmO_zkJ$XYxUK$zXNdBM@K-3WJ z$cmC0$)K8wdRi`)q9Ej!D@VV2SS#mB!ifl6<~V4>GUXk61Lqhsso#^Dk`c@tBSCOG zmBtLTZtpnbpbEb~r!r|MN1uJUhRnpyvIKV!i>tkN-8dSMC9%!dr6yCMUs^+>=Cowh zlH@u47#nP^f)b{UG_clsM`6m`uhH1w!f`O$5Wx(aYtC#qhK6Nu9Xpzv1pdK9LX7cX z1Q4AaVa3|9hiFVBZ3XH<|DdUGe;lz^_IQBJ0oxP_v$m#Nf6lfeODAzb_#Q6Jj8mvg zqvC@^tyYk>ty+wJ)d)%ur6tc=po&5*Ade|*Ia$AZk2}t zvC6AZK}|-Nwk=u)WE0>>d9F+Wu*Y=BNthjGs+m(0N3AA~t6Yya?RqQP=ihAL!o)vc`FiQG2~ zT$K#QjWxswfMwA=v3J@wwnS8898v{uwxSws*g!}rC9}EE-KBnV`Zt_l39|Yn9;)H7 zcspxE9t+{#6jGvEuF6wo4f+W=lIfisW(p-=S4cb}y5K5lkZ-7EMMgT%#Pd)h9S}(Q zGNZvfscYDt7^)v0K#vLg)mHD2Wu@1=O`_m{bA~gKIgPPb(bOQ_G+Q zN9?Krzwx@nNR)I-vH`Y`ctM`UXYt`7f^p6BaGzMbJmh3xoK>NTa^K|UkG&a`` zhQ*Ry600Q`@LEDJrBND}y%tui5AM8^>|1VIPK5JJ+4HZGgJ{ z7%NtS+1)NqngSV+UL7?|VYAfmj1LklKI6%}rHOP4kDL~drG!PZg6K`fkFHM)9f%BT4nAFs+`{8V0b?wc=`6h2E2J?%>prq)y;z+@nRH`| zonkacCD&LoO|0WHM#p9q*aBQ9Z#4}Tbhh7^1Jv_&wMX=g?n#aBzmZHV3P==JlG8^$ zy2ty*>GDfS(#m8T$t<-0a8Pf!hbh>2?uA1#J7VzbOH=08IOUM?!ffRgN#yyEHs#24 zl}2Kad@@>n%4>bm1-0T)Lu%C*x75-XDzS*XlFNqvX;5#pTY@w^hQWYkIL4!l225Vz zj9Zu)v&N6@Xii2|DufvxA4JH=`eZz_pDN8?^Hn_JCj-Ik^TbNc3f-xYT6$b6A*4lv zNSG9}gDb2eKZ6hx$D}}V4^1?r38I_~t#s@E`lY4l<){|YpUUtz?+=J|H6{v@a4mAK zxA*sVh5y783=a{;$O0NTd1@txj_8_O@`JuE5H2E* za2p`V!YH}MNiB>>c6O(8GN23-O>O@MfLT`x-7y=r!vI97h2;vUQO$#z@L_>cob*%! z_AzW$B4){U6ChZe7OMcZgLb6UQulp2GlDCu#&t`;WF@AemalS6i%H0p68D=j_DwJt z%2BBj!)ZY6wIU(E@jK|IpJ5+Hx8H%SMQO;Db8T5*nS_O;R*h>xzT&oY%myiDHxYA2 zFE~&yq}9;vA?(ZO%oloK8E1{8Zl4uMYUQMEC+S+P7)AJGC63DMTG%WX}Q(Nz`+O$$l>p>hK+-3@&akyR!*fNG*jlL9%MK zE+m9P^-goG2(IvuflU&$f?%T@l4SU4uKcp0K?8NFG#IgYq683S*s=)5VuY%aQPdU& zSp=d)Hia-H{JseWf{h>rKULgPD036z;HNLCq3$3uGAnG9Q=(RoXQM|lOC=jyiw2Km zc@gGiE|^LIm?zkn8W9txB_wLj(+X!03WB(PTA}8Sv;#m6S8nN4<+_DDjzU6Z2;tiN z!Hb|GhF?%L{=YwUtLDZhc3PKYT;J9M?sH@(>--u$fat7y8r>4C0q!@_F6T z(2MQq>G7(t|6#NvoU=h2^tO($PWrhGGaaX5?yUXK}fQ{vV$2(=$<`u zSWkdWJCG)6s1&8e0+3@1n^U$u`vrkOf7CZ&j2aZnM)h8B#hwko)&J#brE*M+pi|5R zWP;LFIOAFYfUKqD<8o+!LN2jsfSFB$wW5D8(S9xtc>rtxz@_z4z+@!(a)o^cO_bb_ z?2~V@_gY|xo*1GBq5D1G$BZokOxiWwUN zb>yUx@Q8+Ie2`%A8Bfk%jBpZGM6=U=7_m0BK)g(@Dsl0Kp?`pIb-$osrZ458=Ddg! z)PQJ$sAdLJeOb|9eo)TG8VLI$eMuV)Ab5PnPYKeNY)GMJ_5>R}{@q@ro~T)fFQ<@v ziU&L$<;Gq>)fsK63KM!x_6zEcg1j*5A^gb!_-r`TvDv=|p7aB@3a=4;^ zm{kjwOLDvWjX{r*e(_U?GQJ}+18@{hx|1}>4~JgVqlg_0!0fjR+Rz|PJTPl$>eris zj4b9!*bg;ti6A6PF=P&C!X|)PBvVdz%21AQh!SoGg&NVkiBzD31vxuc4BpVdo@N^u z*oV9T^~hc)S98y)-MQWVVHnzAALdJskVB?}gKZ^9`r@=FNqfrm&M+-;ng*XsVM?Y5 zuwtBgnh)cA*^s^rJX&9vD;tFEslC;WeB&u=7}bHSzCy8zCDN$M^v30UCFdR>*ioMZ z1M;Pgje^5*;J!u2&Vyb7-XN}Xc8|iKm`kIIJ{%q;F^4{s!Ijz56=})*kkGJR2hQ_p zwQR?9j`e|UA=p3YJu~i4{W^Km+&zJ32%L=BAZC*Y2P=hPwpOoDo{y@9B*v=>2_oAp zB{`%qxNyL(&G{EU>XM{aUwWzZewMRiWoa}cP zCOeBTt>Jd;k=ui`y~1|HENHI;s4^^cv+iM=XtuWr^tFmzXCQ@KuOBwVt6l zFCkh)y814-_2EKQ%|r=nR)Ion>W;R)L~@oS*TXWR!31?5q!^woLdJ(A!h~!M5nL2# z#7P8{p_QQ!Qi&H%TSaXM3#yQi1W7D%C{&dsP(l@2`F^QYUYsfU+_PU?J%b>1la0X|P@b3yKm+ z&=rB+IOwM3N$-@SKY0)Kp4eV!`!ay&1!hL-^)ZVK2Ki|238c`oYg7ciIpG!JAfE(f zJC;&rNR!q%kpqo3eQv<^XZeVOcCKh3$4EQc(f~w{@_kj>MD{7}Y$07xO*=|yH}Hxr z7(AzMQlEijn&mJ~kM5)nB}pN!b=2$gE9Li@khI=sZ-fmhNd=|UEAwbO3ZRv%gL5_- z2I`f_t|-ElM72E+aNtY7Ik$(XxHqwqB+LZ4S~Ot-I9zwTj6bPU%elT}y8=@)Ef<+o z+bNXUDb!JdO#m*!Y9WzF4vHq$9*Yr#^Fg`IWr|7NUhnG8=-D)yo+dNXS{Ll}Lo1}0 z-L$ZCs+arhrL(c^LeRgvnD!;uT4?S^o0R7G+{SEl48AR>a>Z> z##qlMN6rxD5lf>6k6UhdFK$dB8I~uGt%W>*;At-RLgf5ft%9d!`Knb$jiH`~se12&aN0z3*a zDuj?mrvx>sntK^=D}i2BPl$r8MazJ&HnRyxKuj5V=1yxy3qWjSxb^eypNe;Nb$R5b zp&myIrToKikPOMl^!OxK0T(?q%KaeLHk``S3OUN702-3R@gi%OCh;pCT@M*3$SV8Z-_a0Y7slRH+29SU?u`U3hCyGAPveFd4>h(LAZwIGS?;uGmY=<6IJSSBq`sTw68Y#c8-+ z4x-*9?25zQDB`q<<=rS~UQ6G5?X5emz5f0ihCeuT*xeVNKlYldMqPFFm`9&v7Q2JK zzFOO~u22?6Y%6KRxH#yC&Q=`nenKe{@DiUy1Q?jIQQh zdj6rOAHU(5C$4_=*&EYjT3Vi+mKMGL;`lqRzWVO#uDx~Wl|wH+_nIp%xctgX?zw+N zWRK46g==gKQHXOYm_2sfvv-Yn_@4V7d*PMI759g4!r}{4+HQJe;@wZYbnED+Uz@h@ ztyzoSn!ezbDYMVNdicfH-F4CM`|f;l(#RKQ-|@oS+g@C7`moVMF1+!|^RB#P$dwmg zam6{8U3k`zvoF8=f;)y?@z@R5KY8tqPYxaa$k3Zc-gx_+ca6OD(J{9?^V}s5K6~DX z@k2(AyX5XiuDa{KM<+~ppum-gxHaDeu2Lv;FzWizd7>^@gFtZ@BoeOO1zm|@BebHGL-hSDox14|GxnoD&@b-)M&Uo{IX>UIM<|{A0{`%DCU!ODl{-;m4 zde{lWZai_=183jz^yMR8xa^*%ue$3oPVKCal0Ei^h{GL98)8mgn{>B?`+;PVpC!ToX$dM!Uv27T@xl1p-blkXc z@4x^4Ew|iq)>&s=a>*sGE2~|&aN%vY-S*sb&s}uUMewjWK*EI=UWmiYnKS47^Ur_a zfd_CcCc3Sy?a@acMFCu8(V|78MvamLN`P>h-+%x8`h5We-gx7U==sPakBH5a{FCO_ zUw{3yY17C*|NQe0J@k+ptNANEOo{@}Jo5}ToHc6}c92!EJo7@6 zE3dqgQIkh`W`rt@Lf1hcmY03}Z850FAbK1Xldvx=_XH*2d~UvbMqkH_T<7d^Z(FrD zUtCl!%qtZZ6^otaN{+Zq9~E@vpz!cK5r- zjKhiq?Cu3qF2C@wlaJc$w4*k@`HH=3JrmRNl(h4`5m#RDt8c9Jqc5(p&T1=vVa3d6 zK9>3Psw@BDPn*r0Kewk)AnMtt=>Q(Kp{3f1r(W>8O}E>0i=8jO>b6|bo;bG`(^H0x z`0YL?Y_{J?o9ubyg||F-&B({Ez5l5pw>|i|@BH$U-}w0|-`e>12b_1v6^|Y~^vNwx zyDRhM4Kta~eLS;LCbQylE3K4SX}Qb_na{1d^7>!-!hf%^=C42dAOHR7HP`>tn(M6b z<+Z=L?l*q<%WwX1`?a z?i*{bwECvs{7(BzFB5!$#m-v&oqTCxTi>`@eMg>m`*NT9?n*0uX_e(y+;@i!hhK8g zRcG&U-Ni>$r5Y#`6JP_cAIJxpT3~_^a;sdq0kVAbk%6r#^$a^^=T%Cmj`Dg=q_Xb&5 z5&o98^rc(LlzdldOV4*SfY79oTP8GUpw94E{6vSzlP6;!q8s54$b_DJ@=3157pmsY zo%{03FB89rp;M+zfu8_}O^Gj|4>JKI?>sgZ8*H$_#EBExhJuuwaNm9RoqY1i7zd!;amO7|iH3Xawb!Yqp2~3k@P|JzQq-eI)HwX`!;d=ZC}4ZP z{q{q>V~#n7G1B#j5hG4N{d6SI5!S{Up#HVjUQ0*p9(LJf7ws^pWjO3_7&T+T+Ik_s zf)@kf>I2zFC6-q|qAQ@sX`N#_pxzsnJA>l*@d?X@@m+FILx7ey*zjUWGcrmTMljf&BdiA+K`s_+S`rIde`h`#bXw4PZ`gG=#pIm;6 zZMW6|om2|#(LuIkA16Ql&<`h>pxw5>CN^x|0yPr7i!kfRb#=777_~-w$_IGPj zrllbfGM*b%$1Pm=Mv%UeO^>_u!OZgOWHSG;a%Q>1cK_Yzn~uBw{M~Q4;+ShM9dhmU z_g;M6!@t_;ubDN!nptD*%-WlN^2d9Bebb}9^6P!q-DL0gI_r9RkA2*PLk`!K`iqt% z;=q6mk%Sn+-j^@}`m*`7gcU6Z1}5-f)+y13wko97aoKZ0dAIbhZs50ir_^a6el=x<)}eKX7Gdt{Tdx{2UsPN5^fUXHl zrdgU2Iw@op>2CP&;qScj4t9r=eig_B;Y*U5w`j14dBoj?RqU~tCZ>-mV0Hj?=Bs(% z&E!%7M3F!3w9}YeS^=o+%qWDwY@7is1Rz=DxETnFpIm+Q)tpfACGe6A%M3aCDRB<9 zG^9Ir2^8WCoOFS6fbD<-4glIYzEcHqUvb41NZV(heb@n9cG+b|AAK}#1KLr=J_A1o zU%^z`q6XKSZn}xgo_p?zN}TNRVT9j)`|X!patULk33(K_{PN3jJkHZPe4`{K;4Zk% zMuE))x9nHwmxhl$_83h#sZ&LUPW2puy#>c;bVk&cTW(3oU3c9@6P6f5)+Pf8M+Y#T zu7P}ZIcSbbvMN2&iZycm_1EinU@;nFzxn2y_0zP}A`M$xA9pzv_sk*RG=_pnEs-eBx-~M!53Wl71 z-nZBI&u_1~`VUuI?dzG$dMhsfl@&4v9dd9-Q0AmQyF6pe8~5G+!X0;wyZzyppE~Zs z%l1F(#&Xi`D+)N2{&=?JunP?RCHPy^S_pZ`<9!w$q89`Qx$wvE@-~{%)@?Z@B$# z$DDD=wb!3=`f+ERc)(hp&8(iue0`P7KAV2|_H%X|cEV=&owLo@GdCN3`WDxovCBml z9&_pKH(vG7W9Qs7@`#f!`RW?q{QAnD-{>pf%)k9!S}N7jq%DcY&tLe&oUZZn%O_lZ zUuNZRerlC3t(?j1we2r%xNyH4FWUE}%a6U}yfZGoblBOK-@d^%duKlPrObbRGqd`S zGvCF{on6BxxLmKrJea?X`oJ71BsU;#ROc}gCz$uyp+XG2|)uuVRZl~ z90-Xd5ZiqMzRq~SKWl+AA!`#f0h=gf(+nFY0h)7V!%bVn0xs0Df`|shD^Q<+)7#ri z9z+ASh#~Y#6Y{XJgo#UR?rFs_1FV54@w)`S!&o*nXrPW|F)N`83?_qdbr2^mfW9z* zy9`@w97MPhqq(IVdodrx4s1aaA{vt+LxA^8fNhZC7=Bt|M_RGNLb7-WtV|W*2C?+c z#sVH<5R%b{DjWj*Ap8-OF*>+TEJGBtNE2ohfi{K~{p$%wXYR;w6{0g!QT?r& zsT720cg%?s58#es2FNX~qrh(Intt8`O8_IE+#ZMs{3ow`- z;bHdxX0t_Lbe!68;KL3(jI{$B47e`)+I{!km$ut)zdbIEa0Y^^7=gn#ZSieP#O7eg zkRcq8e66#T^p@gcB?>td*An|U z*Zp^mKJYIG?6%EL2k*M)L4V$5kFB=aWvf5lb@y#k=S+>$pr_jY_RQB_egC=Fr@j2r z_Mo#u}hr z3LhH%*pWw`c+BxS%!Idb%b z9rrr=PrDzp=Vm`ZP_21gYm&F zW&upXbJ+YbeIN&0X)Ob;_y9-=@USKUOU{}sSDJHp1@Ks<_!#F)&L67Vw zD8#~8k6R)d!pXBDcHez>^ha9;hz0b3flUc9PTOcY^)zTFb%>b$K~N9ls2FkvFZBkc zo}knfTI!6Ha=l4szTQZ|*h^a6x7mpEwX~9pa@~b`*#9l?1SO+fzPs+e)m>wi z*NTaKf-NXS+1P#C+dkUHaMHB9T;()sk5)|@S_HMQH!9B$D)Z8q?Nr`Aw`boAuT}HK zAX{*s&<~Pov0AQJ6D9Ya9Qz=9Qj5a`fUlIJN;UB>yrZMOB<%{)?m|>31~pFgsEVg2 zre7gWImPzY(vo{XP0Gh?!weLZd2 zIrh1Z@^LL_JkqY&ug=>S=gMhPNTa@b+~c@<)AGW4eqLB?4?_D+IdL$b*1D@jd&f?( zudlZwiS4WZ2q}kYAxd-g#;4z54x(}r=F&KuhMo37dYanj>Vq(id*YxovA5pz)J-3n zbX3ybic=X=A&yaSRdN&NMnxjO6l#8Yrwl6&P#~TI3ha+rQ#dvyLLVTRD_{&juw*F2 zlL;~`K(L0k1Q}{s+AIXt3kwP%G-n0TmY_k9VSxZHta`8m{Du>ZW5vPA!l4|TqJ%{X zz94}seG$`GcOac$1%{xi6Qq+0 zwPctTq9kZ7b08D*Q9=+=M8@10ktt!D#?FXx<_rd`#?&GNe)DXOa-op;z}(pfde1}W^mN8m;|{WV%b~Zz~u2sHXLe*r>PJI zVgwmTPNhPX;Bt~PW5x`Iz^;N;QeJydh_FIKGAM%@$VWr*5D3`OI<6G=#>vUxlgdak z7GpWEabbXp5$K@7A`oU)ggjhVNa~@IGK>WyXzX-{5SbKy76Q^3phnHwfsIjMcFcl& zx~AOI0F3`g#88?*olBJ1J6<@f=R!-_$WotDT*?QzYLt&^l>|sk?5paA0``420NSkP z;5G`&JxS2(K9U8Z$EC2CEB95Cvio*=6xOTds93TWq1bC=NF^XJs8_;z9MH$u0wQ_ zL2F6G*kM3R3b8&6JyF^n)Qk32?*;_AZ=s_MDX=0c;ARr+tuOdzS5nJ{L9J9VxJ3eT zXi!0BY##)xR!XM4y^NN|)#iHA5(1Wbw z`f{H-phxmcp(Q~bG{Lc1M64`47Ia`~gTdSaw=7`}b=>0KI5sOCX9k#nVVVFvEGs}A z_XYxJ4&<|PVW6$BoI-*U(TV0XVM9Q$f`JT8U=w~(!YxaiAOIwB%W~!x#PMr?8Pj0? zO`S1dXaWR=g9OYFVHzSHk*A#SM4m7KGf|jZg*GAuB~&RuL(CsC6(8Xz;vf_Gs#Tz& zN^y!V2wSekNSbifEfLC_7*1S-hV)49Ds0g*Bj$o-!(_2+w3%c1u_RbvAQRKXyl4%R zX`WLdAO3)o2v-PLG<21zAP~tyTu5%?@sfGxs-Qrp-am0dc_7lzO@$EtBPT&gl@LS_ zqORpRAAIHjPCLkn*tUR)poXMvzHWGe3kt)bPCw8d-2(4C;_R0AHw-^VLSm2A29l%QM)p zTuA}|HL3^h?JMYsRu0SE2|EXz*Av64dcwgnLZD;9eDaxt|KN?EUcS3WKoJTj|vZlKOT zW}g&cgAmEUZJfZOaXG>`&OS+4E%a4OSVrwhl{Dx}!(1&Y2T?U2#@Q&z#po7yWxJ!8 zElZSC*$~+G)LD^5_eTU0y&{|uA>4+L?=$%hlFfLI!Cpq&zf&PYE2(6yWDcL~A}9F! z-h~Is30V#}1M5)>8F$5$a$tpb$`w6uW?UL{hk;w=Rqmaf1wvaSs{~9TPjdw#h(!l+ z%R-P?Sv4RZQf$OM9dKI4Zp>Y&TFEnyksfCQ*hxJMD#STcxIby9VQ2Wp zBrLA8?`6BgE>=cd!H&!c8x9(wls_f+CTUN?PNZH*WBdC;ShP0iQY)o(cce}#jYe>D zHNC5#x$S7!OaP+xx*7h*SNjt@VVE$R#7PIeKpu7g#ly(Gna+;yrZNKt^teG8Cn2`C z*hW?6TauWfD!ZmA!EhQG`Et3+-i5KUKCpmGb&~xR!ihp44#!~1_7(2HektF#SNcHq z?-1_cS0cm`faE-^K4p9u@yh{HE3WY9go%^8nno3bW81DV4E=(IM{HVs;#4mz5IA+) z+!53)kRgk0nbDwuI-~L<5qT3RuM8uk&>Q{32!2fIE#;dJAjyZ#M;TgSYsy)HWFY$T zwas#rr!6!<^A`O}3CrWManuPl<5Qsj?qoJPIL)ulK5~D*bY)GcWD?qvO z?C!bB4^h5ZEAO1X3rJB3@|=)2h$q^5_ofzUTvg@CH-Qsnnk8UZXX(aUI~t|^lQM{e z@Mf9ZE|m-#u^$E_NMa02?tpHk?DYY1uBDnwNv#ZM0Uza{R^kZfpeU)=0J9)0VR-tn z&gfQ&J9{*rRx5F(QVJveIXhoV^Ffp~gll3(Sy={|0C}NU&E?DBnHR?K!3HE|W+1e; zx^jm^Jea=imsn!`+6w1b13K(Zxl8O*7$IY+IOqqiIW!jy+LNGv;7+5Y#<83YN;PI* z<6ehnTDm%Wbm0;!0w>{W=k>-QP(^zkhuOqr>jXV;Xw+~+t%a3*nCnghba0O-un!Ha zjs4s`W3RC1azkcXRKv|;6Ob57SYa&eTH+epr4K4*5*tnhFG3_|snqNqALf3(98bn$ zA=VdeW7Fi`IiqVcr-)Ta70iwMeo`>`N4jn%M2TP)k#E#36B;y7Zyp0g30G%W+p4H! z08#EotEi_uWF~R(NOLfNn1kk!4Izq|BeUehd>HA(uU0KuW~3RHS73bRkwYXCs&&;o z;{$xA*%JUKVWB3GRxl&MRepd#V#>8Ro5@aH{ZlVM75SsKCz|`N2cWXX;&%hy_avE4 zVOy#LdtwJ5;D;E31d3=bIS7%rt7{Dzf*%_;t0&@C>T$|%wjqW7)@Rh?0Q;cQ0GY6% z478*rKO&(A3HggvRnbxtonvEQhby+>)*fwJQJCbbwR|Nh6oY)Wl*<+izzy|{c7WF6 z0WoAiDM&aT13^>+cA>p_)?~T@fWH#vqI#}opHyRuP)-PD2?odhNu>(XHY7JEQ^zIn zom(hoD`DFX_w?H~A2Ab2qT?DTZ2RI~pZk+`kSp|-q6#BHO|}*eUcq|~=yr%k)tdX< zpS44Mjh&2jLlM%|kex$Ni;DHIOiDve=WGJlKiE;b9>wKig$-~e;s96Fvh%0fOos;{ULz6keI4rY)fm4EAipxng zZy#B(zm*_?zKvj~Q<6zo8sQ!vaFTw)A?3qDnWg%3Gx4(k+XE z4C@GfbwQ6bSHG0|yw~dg3k~MucSwWuV}=x%Aj%c~WEvGhGAIqXQswzY3Qr=c5Td*! zs4ta>D3@6&mrNBR*>|CmB{gi(G9XzS`$Hy zhQn_HybiR25a?Z6UbFrpzhOeSO8ynZ%#r8<%QP2py0s6%HK!P4 zW^T~3krKcu3aUvZa6d&_PRZD3w@6Ht{X81jXlM0CFKi>-Br+VA=peMusW~uYs8*KC zRt<%XA7m|swLYM|ZV&n$kOQ$O;uvUG2^yQchWx~J>LigUapW*J=0IFVJNhZJN2r$K zxM(kv=loqSMOC(yQNl?arvQm4NZp#8^HL)M6GlzEf>^jKf0VFeRT#KtHP<1bUuWC=A=FaZN52MLv5iqe(80HY{7R8-%0s?<+0Z`? z>ge}j)ZkcxsPZEuFZ+7(7KgBu4{FT<2~UcNy7g5yMNMsGXb}@5HW-xQ>SLL4xF*U_ zPHl^p0m;(#k@vS46>cIh zBOu?8#r9rTmkMb;7uT3hSO6SwK5!@E#&csAwLt+V#a%7Kg&{fgp$v(OJ2z0T+jqa=!(uGmHTPG2+>$GLm~L@3z)6By<0En0;wo_%l{nDXW02VW zIxW16ACuaK!7;i&7TE94q-jUaegsZtpgdo)zw47I#85#oYahz9jY!3I22s6Kw4Ys1 zl2R101+mY-RU`YoHAIKF74{D>7bB1|cyftk9}7s?eA%>A3Y{1UM0dE($d&@?ZU?dy z!Ys|CR-Rxm-)-7}x<*SO)qWWLBRs4Qfy@6|8Z=PH(Abm#vodwdl@dY*E~1d35{O!v z1`TaEp4}N}3MS5Ur$=Y9WMhmGa~v7+`~kywpRQGD!1#3&`u~ zM@)Eoxb@v#YQcxCL7i8KYKIGVq&JBL%pBo3vbkJ*~v%ka}Fq$lI6o{wC zQsO>8Zy(u<@KP!{HV3x9CKrIc+K|ZcmZ6}o4M;#fE z{SCrKg&g;}JS8_5uH5vJ{C^PCJ>ifLQ|$fcZVV|%4OYiYi5SSJ*5(tX z{}fww|4sc#?MAT=b@+!iBZR^39BEXfZw+nPddl_vviQ-w?> zjP6{wi=S}9?B&DLqGdpuEHW~?sQH!&vSru5J~^$@L}ykCJ$`cqcsx8qFgJ4U88tlq zqiv$@?rt5F@dU{clr}f?PNj^F!Yc8EFR5QLXfEFqzxTrd4-dFfr3}4ur7ilCk)G-W z_0Sv!f9rX;syPk0h5R=^A-^Y}i64$Kf@d-`mz^mm!xbgr$GkL0Ah+7(SmS>3BZ41h zNze=q3Q0KBxbH6^gGwkPLx~s&z-hm&t_QpB+{cWPKy(I)u2{;B=KRNvgLh!hzEExu zVz3A9*XjW&;mBH#!6>@41a9fWWTZNPSJemQ9DLH;hHT$z2h#wo2E}QROJh#e_ygOW z#!0=xE&#TEeK4MFBREyZk=@hUGz7LogLVg*oSyA>U~AUO=8cvd{Hu2OMRcy7_67F# z89R>H^ZULqX|GhkrC=YbgH5&^?YdaPEI&_~ur0+tMuur682k=xi3`>e?rAl0?CY5}U5A6i+EMSNF zv{ZK9TP;@#S@)qpZb{VBw`oV`W*hgcVo5Tdr4i-LL{GdRE>APR8?WqgS;#CKJR1g_vTh5FQ+B9}*2&`24PZ!5GD z$twovz%9&Ro`6nlNPVSgjN)}TlRq&9kKJQy(rn`a!J zhG%?`oL?96#wDrUJ#>P=nKn*xKgO*f*8cKzY@csOcN*6Y~8(4uAb&m z!Tu1AAEBqNs2S$dgtIK*mrY8Y*ET*(7rEoHeVpFCp#>~o z7^Q7#%F%m4J#9-&Q5qV5&+IhrvENCvQ#>k{($cInnn?>ocee|P*+#g(JJ228iN?4l z8Ri~MWFNM3roY{xPLS)Rd8tL^eRoz(zsB*%)#ZB@sHGC`WF*ha^Gl(ufC_P%V1O|mm00!X$t&74Yq57Z%U z<=zkuEW#(bZE!fArINgt)e6DiDD9U|3AL;RNYY><&jO@eJW!*}|5o~^LH!>gtRf{3;Ta|55f%u+X7LVXzhWH2=Pr+OD~e?=UTV)%N2c=yh<^ziT+#-(TjK> z52c9pg(BG07Cq@j9YJ2Q2p%N(5?VpZBb-*vV%bs*&`RXD8e$ff(-u3B0kfr~-Z%@P zt&6=zQVgR}NZ$7jv2~CHNRqwGK_kZD6Vn8o+c7z*BvGjr72=?~QdpGhS&;4SDCPRX zVyViRoUM|58WB)zn2n=otrB$4=$SgcF!hmO>WI=C*A!m4DF5cLzBv;d%=Oq?+*3fe zuN)a@25CM_gQ`2)c12NpCGH6A@8@=sw!g!3zUP$RU9WZ4K@ zAARh(@z1>V+Dq@eGGXHATc64-oTZnwAXU;nlpLlxIU5}5rbK+y8)3BIE z_TZsbX)AY4?VkH)rFUi$^c2hBa@rZC6DD_!n_PQsLHfjN#XBFIG-m9Z6UMzZVa(I7 zjT=99#E4fXjE}>pqqoT3V*KOeu9nKX6FCRG?<{ymcz}jC z-E`A)&pk&8w^v+o1quL!cieHuv(G+@?@5_gUU>xuB(ouS_0?C&a}=f=Y`gW=TStu= zHGB4K@^q))0U9@M+*@zGB|w!&X(vGm8tQM}Q>ILTjSS;LGQ)ZL>8Ck}Pn$OFvdbALdNb}b z&pZRan$MUq0|m$<|NZyhM=brm{PN3aiv;~R`kQaQ$=D}Mn1JLFBSv5l#*X!11MKI` zn;<8W^env zLQi)kS1e`2Qck~=5|zWG%Hfq`Z$V51{@I_cvf9Sm{N>^|=BKlx^xaB2ZeISLm*2m0;-n|uo;A5W-_0REP3O&D z_^ox;ULlkD%*vTtuDv*oaL(R1J7?3MuKU$bf9yY3%KYkw-(ECxa$4!Fl{>oTy*26i z(JwrC_w32f2c?c`Qep02pWSiBwGZui%Ke9(|J<*)J^y2?{&K|?zrE_mzp`@X6Q9a_ z>~qVn{FiNa(Z zGiMF~lyF9j=9ZX9fFrOjSg?Q~3xpGK2rfi4?5=m;cXf4PI~eBApU?CVXox0?AT*(n zc!V@D>!&FoWD;SqIGH!zc!MUGn{wo!0Q|&F0v0h>6O3ZdKmR-d4uRwezVrnTc{KDB z*`j|nu_Od<%sVp(k})Y0Cr;%0?z``TE+C3HSzyc^Q*-v&XJ6z9X6AaEZMG3?KlRj8 zFyH|A%n?T%0g}D*&O1jPb=39OUr#OQh0Jr$J@>!^55(mF%VUo{7C!;4&pGED(2@PY zC6`=szySx~GiZX$PqemZe%rSTo0?`M^+<*W50attmETpfq&N>V4+GwMV z&;d4Z5#Od$G=ZP%?z`{);)^fhlP8{dA_`E2WXe%#uf6s{nIS`lTyVh!tQ3G52K}z! z#TQ?U4(FeLK06q|`>wn0q7b*I)4%@puk=EvJM6FnBc*)rz4t!#)Kjs^h8u2(WK@M% zG6x@gFhb5d@4O?AJQ5=ufBf;tr|nf&U4=4uJ2Z0S$TQA3gAEXcjOETd?>yy{Q?!pk z0v2H5fcsk>&vE z)nc)b3v>BuzF5tdNlCF{=k2(Z#$8j#-}dO$2TZtO_t$UQ`tkF=JNo#~J$Tml#@%yr z8W1!(qROm#!jZVURGnWkPv?tM` zI9L=_X%1#bci(#J+F$z0kJejn!(aStn=O97->zHzWwW1Nee!;3ZdNTfC#?f#K`|(? zIm*@3nccZp-=FpB)ERTS`Z$yW4n(51D4kiVPtBI+ltT6zoxp9HzL%tb9X|TVJIC!c z^wD1)dHLEq9P`a>5C8FBj^FMt`yThl?+)AQTPOc$tsPeV_-~ibY_wA5oE?9Xd*hzB zAG_}T7oON@vpqla$sd2>QyXr%%SAJD>AYI{UNs#vy=U0iSFe2FnUT-G{q`dBOY|vL zgSEc;#gAn&AJ1g2z2eMTX+at+Ds@c#{g1x0)+bh2bH&X1-}q9cXMz1SA?_@6O`iPP z!{f&cfBUsDxxP7Jo!w9R`rPiLhm1Jrf(a)Mowm_VS7ko_i%jO*pZnB$Yp(R=udMQg z)ia;ked}E~h8F|-p}Dh$Ke75xcK-HeM}6xThpqbMEi)@`u>30jwc@JZpWk5*;d4d* z`99$~*M9;j@e_eMAp)lb8o&r`;{Oq%Ic>oXq6e)6Rg_amXcA^~#o<8*7A(QRZ)E9l zFrEKjLxTzGEdEK8Ch5nlFcy)T^^egxaP;)_U`lrVl()6D5eflUA`T!;?8AISOoA5? z3ZUgE)7jYxKYIdf$~gmp*j*8sE47qA@x&9@m-7mT5`+*miSN*Z4?YMp;SXtaqzQwE z(2Q;z*Er7+vzRB^a^zAtZqeWp)3;Ot^Y8&?mgNCvfFH~Yz{bj9qCt9qQ{PO3fh$gR z*kOl}IrGdjnSIvbNhh5I+t8syfhz!v#R){6cG_w1uvcIQfHaQaz&ZYQ$RUS-lvLqq zKpItq0GPo)s#wogUwt*cM+uvTgAO`KKeq}e-JuWAPA?BX{4mnk3b4r0`OrfT1rgaJ zZnoKG;4A!SIBeLkOE0~Y-ob28^SbMTdHNs%& z0w8Cktd#xs+m91GNAulw+f6?Ui}IYXaa5KGtA<`MAe$2K7=dKA+ip8XciU~Zp$50? zKghEX7!`jldIPEhM|fBc?XPv0r0hhO*5QMW#`_tlU7>hLSSw(U{h*ye~I?RM-| zyX}4CpT2wbcHcc|gKzA-#wwexWT1ZLR^RWQc;h<{T{ZiqC-&QJpS9Nb*=Iict3T~{ z`n2wJc92f5q)$xkxqi&6SKt54sAu02sI!^qt5&}9)h{l$T;}5|WNsXKft}Qo&Y)-Z zhTmQHYb&ktrIl9xuWx)U*FHNcEv$ue3%!#jPr85HW7oX#()~T%(*SiOyfM4)hzmv> zbm0pp44w7s9fxLC_+=)u?x$B;Z`I5f*ZA0)pId&7UANv7Q12_Hol$z)4NtE2(_Pm6 z<1ydc=;+nIwk@EZ`NaCmeRAD7i)u@Nx=(+L2px@FKM~m3cXB)T_x(m3oitBfl?T7 zKT23{ASggi6&}U09<=7%jAwFY<$TOiCx7zECj-NPG{;%smXd3(xrUQHCt!B2>;Uj; zfFDQQeDlr8gNQrsxFgWci60k*0e=Hcf&bt9<~JO*M~oOj?+_Z|x@1t8!!$!94-6xX zlQ&U@4FqUSUpO{u5G*)(lZTDH0(g%;z%vAXqkx7+*RZi?MNd4RtuuQ9Y{edzT?Oi4 zGzzf{o{t>Hg+Nvu8yD2O@x~j`hYb_GV-~8oGFYhxvA8fS8RC>qGlN5fJD=P|pk9cB z-k{W0=$q5mIlH%GPOfV~sjsWVNxd56!>|;E?iWJr#b@?vwrpCS@&0qSK6c~bPhGdy z#Orn%bKWmU9=FaN$N%`faW|x4M_TWR3Ukr~811zWji=cl=}Xc|n8x`enBUhoy`ytp zuG|;et5oXty{&wb_Qag;>+K=n7ZIR2!^L;seed_b|HJQn@4G+#$q#<_`(Ny^)kb^& z>E}0|`PW*<|Rf21nD7{-Fw*85AS}#h+iCd;o4gsvi9ctuDA7p8*aJH;amULd0Vf$|M$MI z@k*JWXEGbDk~wXw^`}32#heLuOnzqco?GtnxlgY1iBEig%biYmdqI`qP0gnhX7t@V zaq^u{y*BpMsc$dnZLiqxzs>1rU+25u$}E@p)F(6754#|?{YP(p(X`Efyun&4e0ufF z@;_hiyWR7rxgoT5EqdwsXNCjn({jr+vTKD2c9?am)l+VvDG&E z_$Pn(*-wA>Q<*ha``8*QXI9#N^BuC;n1u}t4!LLi=YPKar@p_{mw&kHN}u~(W~Cox zR{HLz*I576Neikm!NE=aKaA+jq%%4hP=g&Rn2KYADa7_S-+YtJE9;K!I1!$8N`^uZ z0Y7Ia&FUcF(+Y&5Injg2z%4LASb(2(q$bZk`z$Mw64o76;646NTNVXXEI%G>BvXzBB@BnGxU_0$JGwGGFY#m@iJ5EF_jFgao#6@G~`+ zUw%2L!wD51)3Fi>AQ?D>zp>^KpgkvJ4F&0e6 z=-3CK6`_smcH3>|x5W%f%VZgx)XQN|46E6o+*2-e6tk8}xvok9m@kxy)pEssHYSeT zXDe&=8WS|k20ia}y+5}1y-}t2?kc^0UGBw8x?UXCIeA=K>jU*`l{SZ1xv<&+^oF%; zoPsZLxgPga${odWcO@y<``Q}cPzQo*X?K!#arlgDxiGRX=1iY9`?g!}!ce0h8uiTh zvCoZvWZZ}w-k&f!jk@hK@FBQfDh7FXQm=JZtMjrsQg6ae5VZpdt-Wze<_^Zz! zKlFlUue)%@*qhScw|gf)ouBjWi%(6wh^>k)2eQQx=()`@C z&Psc^4x(e7ava`t%MI7xaMg|1UpjN@>v7Od&uO{yrAHpU|GJy*xcZuh?!GfB_SU1m zTCk|pH>Gp_iwkB>C}-bKlkRf0fc}e$>DV_GKJr#>;_P(P#JN}AI`*bJ9=Y@O`)|H( z_&qlbA9ee!&p!P`5LDXpImR_^^7LV2pSktvH|~CH>Mi%aecOmPuDfO24Y!ObR_r4X zZmOXVfO@|Rd?*nO2>Uki?l0eZrps=dDgc57#X4m@vLZkVmK7@$0EP`$XF1@>AT%dQ z4i79tVhBr#E9;b1KxE)}KtrMgGFh;!XgnXtAT)8y$(veV^a(YY-1ON9>$6Jh{9Ntp;AH>IEuZP2CPi9k0becVHWs%`FO}2@XlWFw3L3m1Cnn-bjXWJRg}zhEv;0YN;ZF0%Yh&J6iJW zV(F9&ocO;u8NMjViRFgas%AVp6V*MJiE?a0NkD83sfR&hFR*Ln#tz zg6NlkNWZK&OvG3y)RKe-IYKFxD>-U_dbLsrEa~^ub73VLRqU5QN;xnlvX`jW?F(u3 zgcRA|W$h2gDW~6PK^o1mFMWkm(`Z($cb5ADc`>z@n{uY-nBU8ak81@^>h?Wx_agFA zQZFWULI-i&yIbswW_9<{7ndm~_T9H;J*~%D*ysKT-D}r!XF1QlA*j~vi`Z;S4N6_& zmVFQnxb`KrtbIxzai(@uufYjVckI4A=l;sh2|n+h)nn*-eqI{2rD2zSYn&8zq~&>O z+>us0(}Zy`9i}$SoR4YFm9|_-6e3)`(@|val;sY+irJo7Y;o$9&NL_zXK~XMxU80n zxz4)%Bps-OxJ$`y`euAvDaEk^Wy7g##scsL;>55#-%d|Z^(O&nlVvidlnvy@oWI4#SW z$bfIN1ONi^tPvI?%Yl^(tPoXb$l?W_sYQ+!3o(RSq68%f0Y~Ts$t)j)BZTIxAoazv zB7-I@C8}6Bl0(>GsiGtb`!&04XfQz?A`%g^fM+s|BIdQPk7*!Oft^Gmwmb}&U_>OM z%AW%mKQVlv_+H-7Vyv`8QAEBPH940 zEbft}MT1CKb*ZEYWdU#~$MsnQZ0tZ3e1^qCA=9U+WOCt`d*CWgYJ-?HWyA>^R}~_k ziI&f(TrdWy(0doYr;LIH8TI7}QMzhh=ohEhfKRRv3L`;05WRR8rE98Co-4QNg<9Pr zhZ3}fP*oDtR+>Y2FC?e+h2oKVh*CL1tj-Nk9cfnq$>z#K(qFBliLU7Bg+Qz|u6{0> zjngb`(22gPVZe#J$g-}KL3f`D)nc~PTM7*(07b!J37lZm)zHQOLPV9c)Mu|k3jx~h z#`mWa4$tV1!HaQBdtIqirHZc&0;8?Dp9DNwJn z`7tfxE=0 znXfv#TKX`evAh~mNLL0YX93D@i5@H>IOWgewe|`Av}M)ErD4|EryQ?F2u-NcdXXqf z-~mL0COEujU`1$~&U%5gxVR!8kb(!XFldc5FQ{ckg9hsQTmS=>K_PE1ohK+~w5syc zBZ8-qb3`q2pvJvh=duxoR+Vf`7noALU{;7iRr%%=N+osb%bRI{0xkOJgh`i5s$~{% z33)v8!VEHxEJDan5VHoq=2SCC6}J>J@6EWPrAw`s57C4*rb$OQw_GKheyKu8Ge7H7 zy+AlKi__QAki0~Z@odso8bY+vh$!(p2@!p9rCdT-2*^~4Rre1;Ju2dm_v^*iq9nFb zo-3~I&9!946U^$4D+5Wb|q{F|6G*b*2^P&ud9h4~+^TkTG z9Opw+Fi14?!Zaifj@&YGhS7Ly8&^H*CE0slD2i)!unpx6l7Se9-&W_j>ULDeG%(mh zc-I4_v%_UjtyRD%DmdXAaSiG~TA2+5hh{@hgkU58npi7xirC9o?blH1oS4~3m`tGB zUd0M*GZYg`ug2*_JIt%NH`$nk5Tva2xo^M~ttzS2!&*=U{ZWPeK*ZR4<20ApU+(Fe zTM~_(0tjYgh>5C|JSQCo_l&FY8*yo^3~ZYMSjZV7ELQP@v;yiE-LAsMTa4>jwwERl z10xV_PR&8RMh{T~q3hNs)+^g@z1WYt*@)cG?4@)@HS5bPphPQM5p=7ulUXX+q&Sa- z@CU6U5#FeE#OhFqAOJ`5UM<3@v=ID;UQ0~=EC@rgU%dFdR<1}2z<^lRf`r2ZKN2X% zVZ47#P2U+n@vfh8n1 z5o{Wl2S~b>1UVim`4c}4rHsx2kYq|94b6Az;}@hs$(Sk;wY9bR@B~SY2JY7y>Ule> z3X+Bp&C%1_obmx(d~~AkM)&ZCo>A?Y9O*?FN)`sfo(u0L_2tfs)0L@>laQ9 zgKggJJ#qb_m27VMH6hsr9cqDn4KFI#55@v=5gNr|rDm_Vvu2!uDbLeiF-$wFAbA|v z$NJohWWa2ON^htb_f_KdV$xZ*S~u{;T`38DHDty>!a|G)7wD`-`LNuX*dHdMC^i7L zMP}^cWrI*nE1#S})Us|+C%$cV~gYp$Mrpn;IUEhPC|VdmBcZrP5j zGJXO?&9O=4ObpFc*rLHDruf513f*B;kmC4nF`pNa204ldyB+M7(L+It@+M55m=ps%V1R3Ox)#?xz(2 zgXGJNrFmy(r&LlG>f&HoX~zjEiz;S(7=2rx?G9u zr&;I}1`yc&G^sgqf8t{A!3!())2k#9Jq+wOVi^n?k>CJ8gF+hgrAZXj(;oLHb3ne5 zmWt?OBJ30mbCR$l#9?|WQ4hV8!Cx~~ki?;V2*B-NI7V}xX8#d|h(S+Af_8RlcXmQh ziS0_EV$az1i}d!F3hW41nZ1Pj=~a&NVSp^Nj-9}*_W)>yhw&mK!<;LE1<*RtOmXePuz9Ib7 zY6-ATRR}X}{VjRF*ddksWdgxKo)ReugRffl^iP92+AozbR*PEnk5I#t{xQ&p|LbehEM}hejpGfo@c4xO|5tahY;8h+)u73 z27&G8yY*LYSBSw#Scq}E1oqi8ZFk22niC~Ky0y zxdcNHmg0o)4UcPe!=dOcVQ3WzqB0G(OGVXXB>6~mQb@xjs<)9Wa)r}F* ztdZi#DkL0;SF&3p@E7E^KNzW(Mk7}XKqsK6{gs?KWpdaXF}n>$CHGHPnmH#_f(_+e zs#W7swt~_e!BuPgKxI?_@?-aFr}?;+kBilMg;PGe3VTKXpA8?3?6#B?%pg{1f7r%4 zzFM!rE0`}Fb%8h2{2QPC_8GG z+*9<1O=@VarxEtC15WKRBXX#34+$EG&J4uGILO!SkMw2t_+5yO8b&r^CEMJz=p)fT z4eE`Rw*)Dmw5Ub@Gjc$)6yngy6$YI(aarZ{w2geheM*HqQ56QEFKlGMemw`nKjEPj zM8?HmySgP{r`K5Y&sSJSwETOdx|ia|WwLI@NO zSIUv2KOZ!2Tr@OlVdDy?5LW`ZMO)Y?fq{I{ecV@8k}0^#0+I=j&x!8v_oY)g<9u2uG}-wgukC{D`%mPxVj&mkPw~=9iSlB15Eg-7nC$mx-QL3VGa2SFAiBe5 zyn&-Q()7T;x9;Aw;{e-gE7gL1$iSWzP-0UMhdtTsf=XB@28A%L^zT?)S4grwfit%w z^=aKMWne~tzX)EjHDMJ@W9B;*j`HVv<0arcwl32Iaj!}~vV0*Qx=FY%ndL^ME% z2R6VAQr_d1Z>w4wQmBp~@;)PUr^+`$J!Mqr$E91Y&E%9a0#@N60n|r}rXsEG>)JyZ|{&nPjea(KZ&48LiVicCczD>w9SZ)6?o)RZ>_e-jFMrZ#LRqO}p-5(8LE!h+LLM`oah>nFx_9yv%n_H%y7NVpt zw(s}bH~?__79VqJ*0HT>xmfzZXC_EZ*@g$S=p)defqJ95MJ@V!gtrJn1QHET><7FC z(}xgEJjOTU5QQc8L2fdhK}4Q&F!KGa2Y6)!V3gCGt8iTm5Dj5)3fhNdnm=yo<)8^y zr~W|wX(c^j=E|+giEc1c$njcosFHB59JnQlDs)p7c|@TbU8|OIGF*{Nl`qsSoRUmA znrl!QBqu_LYJ(|VCcwK%C(!=NIIVSIOlb%%Wq>dZ-BHebkB zklDT{XP=@2#F#SslQ}YN2hh+Ac;$HPs-h%sU(1fOao8JG``nk*5oqvfdjN;%hO36R z_NRZn=%$*axpLf>Wsb{s1~-k;a@m1;KQ^jYYhn)`O7^%LGn5NKF=wyEwO#`E9z7z^~>dIt}jo&7?7Po-5vkKa;cEZ_x2UgN(gVQ zSU&o^T&3Xy}W3#ab=jFhbN9#(mW&TZnpdac?ojp!U*u z9o|XyT{r8qVadhGE{$D?-L&YV(LW99Eo#w6CqWLt23CoLBEl6xjz}kCh`^-S1ko0@ z-rioFcLg@85+O?9C$VHGY=&X-0yz;KHNzEZSX{HGkM?E>%4sNmsYixF|NS(SRG}v? zii}9N&EyL;3P=M)CK-*$^LY6(k@C_?nv=;p(il~xQBcdRSKC@TA}?uPIC+$j1kr$T zsjtS(pb)}*>i^$x#bBUbuG_oWvr(ltEcZnfQX!~tcIV*h@Yq4Wj;bX4Gi?-C3Q4u7 zyg$E^YKeUaT$~OO4cgh&I4t3;YNH}Kl((F1c=|ydFk(_dFf+i@;DUp4@HMyiv-6h%l7THUe3Y}*Q@jv_11&=Np+oN zR22W?w(0H;De00%Lb^MoYbohYrIrrqRJuF9bT<+b3j)&J-7F2y`1`+p_T8MBGrKcq zCqLJH-L^WK2aP>w3!tY$&ZEPzNr?6`?We)Rd@bbxh$c2Yi)EHe@&WG1e_9v#{A5Q< zLza1KVtS*TOe%2J`aix1IK*6O6tkjSdu@2ZpJ8mBmCX&4uJFs*P2w2W_vj#;d_JJC zikT*zCrUe|f8u`^I)7?`Rcx0r5st}M6pz0pDiMiu#r`Ni3wKMzZvTD>mOK!73el2G zr^CHyP$i;+(w6N5^jc~bF4qOkc0}MC)qPI8sj{@x4ikq1!%U3k$SkNn^^P1xU{lvb zI`xggC;sWT1b5>th_bMa8|S;NbS?AD3iCIv<7IoCPl0t;lp8cd(Fl=}U+CI2P8+wr zi;F3v@bk^GKd-Qy`$|AysykmfE8n5|h|Iwx^Sgz}j9iz$fkWQQ4!d>`L4T#z)XtKo zwr{z4YmPDuN_J`0i9wO_vwg!r0&;DdBg5Lljv?p@f~Z##T?Ui4H&7|8Pvhl5=uGrR zYDcalA$;MMMLCqUi`|Hja*B1=Bvy?oF~UrhcLh@N=mkap>1BY}##Q>`kQ(R5ptVc> zAVW*Fr_;$LuiokfP^m>61b6?)EnjE6G&MMt%RB2e+v-4Wbcu006dIXrQJ&Uh3~O!s z)U2pE`xSl3n&tTH~qOe~kSU z2{xJt2w8i15Th#2He1p*d|ooplp7r7!Yr(B3KRUJ@Y~5D*vQ}{nf)>MU#hvX3pkl} zAUwn1QAfBSve7^{#ZnR?%8I4O-Kv2O-0rggZ!iFH7RtqUzr8+{DyK`fZD4ME1IBv) zxo_j*;s6-q98g&S=Gqp7-#0RwF{C^jRKi|t-!|R=^vZ8HRX0%T;{IVjH&?{BSv=a} zu0STb*VX{G07V*;mteH}@u(6-4pzv2FWtICB~x}2@b0ero{Nwqz%bI|*wGfvznD^o zp%bx*OYM@9yQ$ z-G!kOPnXx`GAHcTA$=;_xf7b$+1oEnqDZ>k-z%~LKO4sczw@=g=@MpXK@JQ1`y5Q& z!^zetvv^j-sC)c-{wl0UD~?4%%QF{|=jQY@YqiV8r`UV*>AxPI-EYM2T94NN!PVW2 z1?8b0=degR^45(mRFnRo2B9m9T+nfE^a19F@(igv@tV)@h_RQjOUJ2~*y&EgTINkn zcHN97f%iP@V&jV81myfIqswJ;d~s&&+g)1}{+XZ0O~SAo=w{8{JFOk0a(sRI`GCuq zgnKb}>KNKfdR|UO0DqL#G%!}v{s<6xYXM{IYGTj>ZxbH~`P zxzt&}Q7g?nl|Llm`oGS{xMdFC%lzbZzl~Pw8sX!|!Z)8$h;T0WK-5CcgcH2^Q&Gs@ zU^1m6Ct&wirChFn$I0nr_nWHVdg`3`#>1eEft=S>KZKORpJK2UWvb+`G5z{O=fU*E z$K|WQ7c9TWOIL-!*gxf75K`TfhaZJ4i(cyulU-LYhdx0P#YwrwC*K%HRpJz9wrw=B z(&}w*PHxh5MR_-imUG114jPbiZ#QzlU1swl91CCeKYK4;-Wz+1dhJuhwFWFmIXXfq zyB`KUfZM1^vda^$k0M?-goRk5*J;&I!P7foO4o7HdC{k%EVrqfMZ~0s44l z_r?RTBJe)*7hKJ+9{@QC-?np0>CF8o$Y+!G^k)&U*5WI)(L4O(9TB7pu({$`B_kz# z!v4$XRcO@+C)oips}ay1;2=iM{$c}vf3NsHIYEv|jzBtwA*nxxOxmtJ1T^l!_%%?D zo}G*>$(LQ>X9hD)zy|7L5JDbq9-=eTuyts?&qs8Xn)ag#fO&obT+|Vy<7ZCsw*D7N5E0>DVZnF{Y` zxvL895U*H!b7z--1`Kkf-vr4(2W?^RFT1j5vCOmeT^^grbHfaBrrpfG-` zvi1*}$B+M}2XkL<7~2;0t+Sf|5nOT*Qy+WFf_XF`tAqmFq`>R_HZyFhH-L))ur#q{ z*X!dk=^;Q%M~O0t(>!wS04TO+X|`8?kX+omHURhx9+kHcc#QH!2!1)B=7R`qW5l@h zqcUQUawBM21u|xP;Bm(9{bM_2W%n*N2ksWFa}Ax^cE@=pi-rL@d;=gaEu(B#>q=mr z_JO?skexy|Q&LUe(@|=w*lMbTYeK{$5$4-iwqN5<(w&<+40Zy$nV7~|Jk$=2c?FmG z8>W}jEIS4s+Ds*Crav>KDGds+w3RjoTD8`Czh3jKb)KK@J7vE?e^v*)X8#4e&z9Uz z=k1>j{?l?FN0+joUWA-6-!?J=EjWAo#~+O^nsYRZHI={}576{oo!^$CO`~Y`9usGZ z(eGAV`@reh{rq-p2UaPcMI7_qhzi9r&-+i!xIwF2*N2!qV{aQ4m2c0*-fj`%*&6y zsF+Vl^y6os+)K;jXRagr){P|rPkE%2=sEa=mx$&xJDZ#1{=C7AwhcmlCSvNeiwLfK!q1g?=s z$SXLK<9~T;Q3KUCE{CZYLvfW8)kbLDY~AxT8UeR#Se=&nOKrgga%b2KHa!GaOa)E5?52Jlu$>Im&0I!?GL zN+cxq$Sy{!=!Her1)HV>g~vTh!p@Ge z{JuEV&3ReSCSA=BOC7}AFjR22G%d*&yO~8;{JCRV z-_ds6xA=tTb4fSP_3AvR`+SbIx#KwLt@|nIT+H`;&(=kkEDqCmr~w{jR3wIO!vnkQ zhr;bArfKXW;d6I&t2Q<8QF5+6b8`Ak|MlPZKXaN(4=;$HYJ8YG?~5Nf;;3#P#NORz zi&4B@S7Vd7K{n&Ft_FXXf?rcbz+Oiztl6*We0L+3XTlC4jZbOcPFqweyZsNE3g_3) z=Wd~tb$6c5U8myNQj>;lH^1+QW54;%p}Tij{~!~aZ_fMgV)5-+)2fXS2*0##&Kui< zg8X-ndl09NpOu8BZG4uvYPiogC7+W2nkssCp<@p3E0Sk< z-GV87CtFl~p$(ZvIr^@d%6sutpu_ld!ho)4>yMDCs|Jvhj}~9udQsn(NuS4;zi~p_ znfpdPeVZ-S&#NIk_715J3u?MAM^vTb4g1&70CF0iEm1wwb(g27yc#AI3=JeIBFl~9 zJZ7cL)i%FW&+pD5RS0NysJM-A(x#?ub%cSipWyV%5E;to;l+EUSg&yK79K;sd=(v$ zgb6wzw&l&wqP)Fh)**F~#jnu2O=%b}msDF&zWt&U^6=3!TqxlAYgLRss;sn{19G?M z!%nguW(c=IZ5jqmxS4ycsd=FGmaxM@27_M21TNA1c;7gU)Kye!C=1zpglpU!puDVF zVE+&Cm6;SQOh7xe+Sf3-coS4VraVClDe)eLE}0O;@q5jvL({~K>=_lNkOh z)o|eZcP%!6y}lVS*~|;UdVkg%F2O_-zXx!R9}V$Ont|JHQ|o3FtvcrtkUsWw5mOD9 zcg+dy3|=0jr_3pD%^0>P`ZV?V+59}FJMM5XPB68*x$M6ds#&FCMZVmj6W%HGg*YNF z$TzzoLvJ>}x9(~kH*M4AuonHAkZnDL?_veRKuBdv1O|#d}FW14(*ZQR=;Pu60 zG4DAa?9pnpC8cD#6;?KdBOT%;A$6w=Nxv z%fdWfsIw46cB9{bmy*Wr%y84eN00ENv6+Ye#EBAU8VjSqhU^l`KrPaWWI08#+xUKR z=m*B7BB>;7kp*f2Q$BizuXgdj)>j12jjRS@9SbcZR7`22eq`5#g$Vt0m>79NawxPHs;o`Q2X?7g2aW1itH6}loI-<#KTB7=t%m8 zRz6*g(2`^bKvrC$@$*o56stmEAw-z(Ndq}z%liLt30$Mt)N%gQPkWD#98miwT<)I6 z>LT-+m3ml#>;k?{&(@&~`_qNEX$<|ZG%RHJ?-!&3K)H~c7d-X*ix^&~baNPoj??CW z4i`ZmvyYr^JMwX*f$z%{Y+#6Cl`ISJ)F*IB+4kR!r|y0it{d4bVlOzj10qlinp4bY z?Z8bi7KIQ2BSOsYjSFeg8#?%!!hbO5AG|^Slx7DkJ(Qb%{$NuYIxFj5l0MxlfzqLW zZg+gPIG_eXWKl}WNf5ub&a@}^l?^TL2b0%MqTKW!AhRVaI2w4&q`V-Bl|++86(grG zM_}#KZfY+xGSGbT-D~Zebu%pqrtp-s8uJ1@&bFzAG@FPO0)>MYa$*|N(O~V8@o2~~ z6n{6Y`&-*t+rwGdu7ljvvTimAV^6nYG0$8~*$$+FOn90#uRYPT%I|wpkZxhs!)LXA z3T{~=7VUxBRf1ebnKfvRP4euhI+bSp+Uhx#g^q1MRDDV2Ws*tFGuba%ORT2!S~<)G z9WR3(kG#QMeNna1b(p8+}%iG@kxKR{y*FmU2_RpK7c=Hu3vZVw_a3LRi9=Ff^{T~fE zN^ZF|dUzC_GX-wLiHVH)&H8GH3A^~$o`sn6(zv0CeHr(tf623s@Z;0MVsqJI8P`>YK_ zs!qqoTHoFIo~~Y>-1pw>wpDZt{bQX2t}_eI$Tvj`Kx22>AD6chn!4)-4M1-%=lrXc zU0pW2w|?wm>|$W^y3;ndxn}0w#;Kg4ZKCE=pTi0AY}Y5N()h<+2yxZ*i^$x|T%6c5 zqBzr#cvg^U7mUK#Aa43?4G{)f8Pw@yVbIb`d z7@Jg@DN}n%)Z_>RGHxzq)H&qlI$AfTzF)KN6ZE3;4^g7=Q_|(@Xpn=l*nhI8^qsB1 zk#J5iC(C`3(MFTNs$nOS?x#vq{7GhNu@$IS5;!=t;`+r+u>a@~{aEgpD4^ym0m`T} zkGDWn&Tws-Y%JLzdyXvO#3kC*()A_=3?q8#DctT?#7M*|n(wN+By0wGxPm*0FxbDs z10{LQ^y|kE?hk_}VEtj8ZDg1v;F|6kb7H(VmBdB2%}KW>Yc=FOrtqonnHk~TXo-eP zm@ElxhNXU*B5qE%3c)2x&Es?s%~99J zidLZuEOx`3Vx%nruLB~AX3#Y{Ko*IG-~H0)YO1iUBSqbm^E??e$W)MM{V)Je=|Z2r+b?Ml8klD+zK*hJDDbcnoPeNj+qQZ5=(aOq)6FduZoFIcSu%-Q9+Pl3 z+K-7_=j45KJU>IVaNjTjH787lL$5iY{7*HI#*UBK9eHpoX^Wet#bgWyDRcXSf74y7 zML=U)MA^2FM%IVfyxCC|h-rFD4bO6#XUW6^RjVy^~1xt&C+#?dA8^Jg@8L3!2HnBKR90b;{D729U zX?oHL64Y*y1|HQ0k6}SLGy-?sT>vVoc2woZChupqV_HFlM-whTQJYSJ5kVLkqKq2$ zGe@Tuw}MxD!N8T2E{#3Vg!_a9MQqm`42Vz=Vq;GHkczA)aW2gA|=EsxXE6@YJ_KLhw*y+x%&@kpMFg;OYWE| zf6&dR2#sKpawnNZ>t}6!|IXG;Fm;`EMCq_6z^ib2m+_}nvhsHs~oEJb{5yFV=WC7Ex)KnNx?D%RZ75(L|!>+ z^zyp$e*DGF#1n4t3wOF(RHY)6rj+-o?V9=n{h6>nwMu$nBfOX+-U$_(#?Q2$DQk46 zH6_J4yuH_tcF-?QowU^)%JvP@OP##>33EczK5ErVwvmyEC$}7D`{ROz^CwCd{Mcu# z6p3BknDA~H6D7Ff>DBW}9!uJ4mpq-J@7d1w!bv5xvzmvyE(b+qTO1|T$eM^Nu7evb zees8lWJ-P1*>Ca$rkVcesfR!$?~>h9?cO2=IkQQZO=z8IJweqG$y#NyXJcFP^e7Dy zT%O;XBt@IBSIp3Pi~5_{@h1L8@zzU2f(5}~IoXCK zhcH($HzUs0-}F-0*^cy^Wy6^f;8mfRvyuKp#qx;78VMyensI|_nEy|yi$cpEfx)e( z816)wAB-425G*=vCb6UmMXqEnMzzyCr>?ET{mckPB8csWyQ)~?^t&)n7f)lO@hU+#DggOw`8w&y%)u-VH7Vxr1C}cdh2uya z4;9(M&z%>QNPL~m?;C@ua_6n!-cPos{6N$L;X$-XM_;g{;B3R*&7ok7SbqENj-#+` z2jP?@C6%PQsY+wlZe`tN`3qq>YdY5%fCTh*EvGhzz2|3U2tTg!@NHpjf@d!WLqrAq=C#1DrQK#_NiB^+hR|bwOCP&jWO7E z$KV$5o+wwIhCdFP_!9bNQ_?<#-SXBT>>}wc;-lPoee~Ho>Sa|VpK^C|=PW z_lkhBR-D%Pcaalwgbmu&iBx%o+Nvv74!SY3A$mdgXPv1utxd-f9@Xu|EG&kdd`pdN zdOm!P*I4%lO$kYtQlqtvHji`9>dCqMvekaVM0xOli{Uu0v+g&v_~KwBR(~kmA@$Jny)8X||~y*>kWh5`;5tL`g>xQ5}XI z;rXmgHIr{!kR{0ntHs-ZlCLusZeT`;l_#m#iU{RxYa~4TPL+O7i8q1{p;<@sE=cv+ z*P&J+q&JED?=L@YK`Iq7!rW+=28L~I6euXX^X{8KF)BAR0r^fyG{+w|^>}W$d0C?~ zY;8-^3kJNMW1^s=6dLque|BSWrrzoudq#w)egzOzr(-Rbk~EC`an6rW!-8b&&Yhy5#cg z+*_{3+b6f;BCa!!ZUEax$!7fH?DqT$yf@o{X?Y%?wng^!boQijNsgc_oUf54DBA-v z$M~V4*(lzs%q``>^FLQ$geOl4CtN@cN89~TL!ftgXMQyVXD_WCX3=TmHt$juq%=K~ zvbpv8rf!a6Fl+SNH$vk=cWA%-OOcyHWRN}kSENOWO3g4fvpKlkB(`V``KYv>;E=Q= z-N2@ec~R2a;CHFLC!Ts%|IkBPeHOk7!`T9$T-<{Q20dgqbRB(z22G!i-TSdeYP?Ym za~cz-gn*B60Q-kgo=28BW4VMwc~Cy}=$0M5{lVwYvBH`I&ZOD`_pbgy84R%k6PWWz zAumy#<)z{Bj1w7U!8;f6ESGu~H3aQy{>#_a7I_Ow_2hQ=!jChwB<6~|mIlS`r}M+I zjs<_iUh>H%{P7xvk(6W^*63ODiJv6%VsUK)$x&O~2Z{)h81<`vLt|A^4!4`-(oByh zJGy^aWtpIC!FImxNKhbI99uj8kt-o8YdLs>-{jnA=WjC=Bsb)i^cXdyyah)PjHZ&! z8qv`iWZmzZ_BzG%@u0bBAyYFag2p#L<71Z96}?rJi=*(?!*S$RQuHxPBBrvq9xt^= z-|z}F77dT3JT&f9tFdsU=XFyYQMe`7sbD7kCEtAkL^WtC?)E6EcVa6}c^xjsZn1v4 zI+_h1A-zM6JY_ScmrPTj=Vw}buy)?(xQDa_O&eq>q%SuPYd^^;%tIO2oarJCFrP^9 zrSa|m7Q`z9Lva8tA|~0}jB)|J$2=smTLHER3D&#Fs=jm{+H&y9`PPRJlA(9B&nIuY zF^P<4W0CZl*r->g1iffG(X=rR^rzzvPlv(^ywjgTGYT$S`9{geX`2NiAO2F2%>uX6 zlS!fgrnFTpEVB~xC2I%y+P_PXkoiG2i7%hBOf|DTf;Y7$?tRCI=5YXqx3@^KQj^ta z+zF`1WFy|;7hjz%5#)4yT%PI$HC8MpETB)-n?L?kM*BTA2lkr84858%iRuy1HZDl8 z9O5z*Ows{RcA%ze4dpkmS?hFIyRQlzVi{7HcSqiwgv|%*IVY1fR9UC(zSz$Z^um!W zZQ*qAYPs(o^^Z7$8em(fGBSQs*kksyC>YdgVdDonUk*2h_;jf&p*Ov{DOsjunZIyb zd_CgJJ&~JO#UXowSs#VbHB7>0ur*i7V&aWjQ5y!E7M;28op6T^TPlY{e)b1{FD^Ky z5R4-$;UOp3@#ts$ z^W=o50!#}xaK^e-Wa~lVA2|mKjqzpkIXV-$j9T2kO_D*H`+!f`U-WQlMj=|Of&DBe+ z-n%k6>cZ?I#3N7D{L>8|cJ}2VxD{S6&-~$$5+5+Pn|7IocKs?!*qr@#x*)03s*dDj zdn{~Sg_}WLkZb%3xxo|#<8{4ApRB(%F%q8e1H;((tTTt{S64SQ!D}daXc`p8=#eR% zn;|q?iZ6D|Hdy(q(Y)4T;Aym@P-0<(_C>C*dd;lL= z!<77s+P2}1SjimnuEA^p(aRg{K!dDK5nPfwDvTa?`6z|W>0~oQ???EqlbkoQyu)VL zegfSY>UdAQMRDF_C4D=_TLE@ABSe>~1jQQYUTT=_l7`x8EEip=_+a6+IiHc*8TfHm zi;B)RicXccROxU(RGfDoBAw3}219p;^@KriC@TVY-N=K zO8scw(stIgfD(~z$X1fn3+2Xg4a~phc`9HBonG~`>#1;}zloWnYlhX)8(TK~wz`h( z@bRyDkk`>5DAge_jY%q@!3;p2o5Z_h#!}Kgfj_bs+<=n_t}^8j^MYQhl{1JweJ9N#Uy8mq@s zl+jlADbP4RNsui@rZuN+l)7-0xfhq^igBq12}K@@uh!z5;85IVh<7O@7bkL+cmFOr z%MJ3`q3qPX>2e=6n#Z#TsapGL>O>KEGkPLvdU0H%x9XFXaimwt;g53S{7UtU7R7s+ z0S+sorZS*n9svnV`y#?U^@uFq-yjGHH@c!u4_ZX-AP6RX=0$tAzqO~t=*X;`w}10K zbB9ee1?8G-7CZJs-xPKb6vptBxhV8TjE19A!fU%lTeCd3?_ndR@eeQEQ?6acOTNFYR008h-Mp|420DzST0N^x`V4+u} zzb3gu4=_$DQlfy0G2(sb3B0+8f(QUm6@&U@hyXoDc97O`0szpv|Ndb5?TbtRfD&^V zagi_X`p3`D_QX=DyAda()yY{m7-Yzil8E1946i&5g;^$a4R2K}4D>xGvzLW2VV5$& z8m)gUWik^@h~q|$+eV@(Z?~m`89g@23;N%UOILfXP6b6H-JZppM)Pn9XHBZSt=DyO zE_AK6HR71?$#nN2XJac3FC#Cl29v`78W{+s&I}##2IHm-j`*F!Lp7zLeFuad@)5`p z0f6jUVF>gj9xs#_0Qfcq8w&>jeAXrdL9fZ8ilYMn!cvQkFXrYIuP0ffORgRc&%5^e zuNhjFME^7xt8#pv@q60p4tc#3$~^cnCh}L>75p!U{@16u*Yo!0r_tBr*Spu3`}62M z;=ckrPV#W=x`(Gud2^lqQKThOl}B_y1<@J(uR>qBV^O36t84W#0tR3JfCWyjc6}a7 zoali8to@bZgZWpJxh432G!I#bW_VT&p~U{@EYHUNWOgwk>mQLMrfK9-&L^z@zEyO! zPb>xR6(aJ#_wp&or7SX*|70bK{Z-aEUNMYVgtwtBDexcVo#WBNiL2V?1^&7FzcGxZ z|6c`Z82^u~`Cn?Jhu?GxemvRe4k02Ux;SOP<%)YOl}OGe0b`p#QdrvJKPCn`EJ@rEtEmjNeX)-AGB*+ULIx z8j{Y}=C-EH;o|0Cn{Q)1d{BgG8Q+q$eMx{DM~gx`1zrXX(*M#gM^j*IWH09879(i{}Mv^uz0$J+Mf+LzOHVjt< zS`P2Z#AT@9tPgqmCZY*4ODe6j&Rg)8acg^)*nAVO0K4C<$1s-*aFsR*LzYY;$ZuEO z){Z;Wh8Sin%uoKitQc-03|hr~=Pk(D#NhafRbJhCLav5*MU}Ia_ruoD<2L|cg9fhAbTFHkp6i4Uo!3uM$Uw(%v2e@As39ogOwg7JOL$FEF&_wu z7uD(?-8OH8i<$M3eb2qTLP8{OeC#*fT{yjK^TE0q&*uv@k9X?R(|MKY21D@R{_Fhv zZtU^n4KHPrjXL@VZFvSzj8#pZ7~-Eshnw)s>u4v-C9uz`Dw$Ud%Wr0DBBkDJu09RUP&z*Y{-!pgyJx zuXz8nR$l5bS{d)7N;^XL2!E_K!;8t@eZ%R2?)c7e+~W;SvGSJPb>ofgcnx#rK>C^1 z_@aN=?#Py>t>MlrE3UwmZ@hpdWmh1gHv6N~#NA$eneof3VZ8lmW?)Z#w3xa#qN*ETNT>9&yx?JJGYqaf z&m8=&f9my~owVUXj1wo^;@+k0`TiTh%b`slwJ-}c2-BC{J_FCk z8(uftwi`v$)3d#MHPvqxonlhzURE{Z@?%Uh@#lRH7fr=JUIi9*>>FcPUQOEVqtI^i@&N7S-=2bcL!w4! z0svOtk}*EnkBwkwSMO7>?CeR>~kcZBEONlz|N_L+4q zb-=a)%nrUy8N57U0lVyPn!6f6NIQ12ea>qI`3~r3jX89kUMAahD;sOP3jR#CVUM17 z3@taJl?~kufEeme8HC!$2 z#Uau0H-TGon%<@m#H5j#orr0#5c9+?*f)M-r4#(TH8@8ba}stLH^#2>WqvdTst9&H z{+wb)-ZT2{TlKb%mpkVIBjlN6tO-`1>9alaVtY%0{~ zj?A?W=b=~jVC0|u_PTI)^4XSjdAT~Wjzhfeb@RfhXcM9`b74JjZ>zmB3@V`L95>|E z8#^KJxUAR040OU2EH0=F#!gwG-`Pa7QHHR^O8jG={mb@q1>5t0Y4hlI&>7-Gb32Ke z4~fl@v+fU7!7lM#ZE1Kk^Bt#1>{ZHL$Vk zEK=MWN4QYRUi3%zHuPvO%rhLMSXj{Vep?(cam62iBb%ppdA#3G8fRP`Uy8;^fMlYu zM~E{`?O$W`N%?{(TlhF_xLB33-z=Z6{B8n2XkBkErtBy6U#+fvhNMa)vn;`r*t@1S zYQL#kOS}0GV=cKCT@1H-`@BvJycm=ES+XrLXcOsa2Is*c^* z>qbxm=y5Z(S-xC)OBgk-2%q=d2)=UNUi1<3>PI(dr6e{amBffd7f1uUCShCPOf@(o zrmz_8G);yNH0>Mz=!%7oJe%!Ag!gXvkRX5c!{8bFjIG_6n<$0xHP>+_&b9eL*u>Vh z5r^IZfi&@iT8%(Yh`;Y5|MSI&(OIilD`K1%-3S9t6SZ}c-|t-rqtEX$gAZ=Q$O|?z z_-U=3i2~GfLcZJk8--N*X-$m|#+DxC6?WT_n=O?tU414$ zPL9`p1Tp%-To1<>tO;ERwcTZDr$tdV-kZN}_z`-(T({fMIYE9pR_I-zcjl+W`V^`O zuFWIc>mo=Q{;B*J#ne>rfi*emgrUwkkW#VaN$fL@9pPQ|?oUZH>9k#8$idDO(TQt3 zC2;BK>`!dK;|+0o!}vh4k=#M12ggNtPcqLh`+ama+UucasD;`bDNZW@5 zdSB%GJev1%cH$jUS(bf?nXC+{LfsKno%Ydd|C#>7G93LY7n_F%=gkk*9a!z71Y;+k z{bQM*{>E9&TS9*V1_f}<@FLPv+xGAGxRcO#)&$8Gjv)E7MSOI<6l>pil}_|hvmMd< zxSZ=e0>g%X#Vn^!f2wD=@tV%8_xOG*P#(VGw&r6Vm`~g8dHBlp6r$>PK5ynC$M7n# z9TWWeTx^gs3tN8&izE1%4Q4aUz4jBXh7Rqz1c$vy-Yx?e0}whumJe;^+f zG>ZFugfymfV(&d2yD{t*w){zaU6MU^3&vUL0dl@~bL8ur`}1Z=|9nDE&IQ%oc`KPH zaOaWN!+P|yGeD?f^h6Hh3*o-nz*39xre^qU_IYO+f%@9Hxt5uMNi>Y0l83=`Q_5Wg z?BK=7A9)=F9Is5Cu$chroB>?P_vG=VS7F7{nN%=r`kaTBY1Hm((k~iUZ7O%LVKz<=$7Zp(6iIP%QtEW%AcDkXq zm*rM9HbNFxtV{N7o)Y+~zTOx2u$j}3G|t#aGNF zY~qyEbVZ3wDW$j}#5#^NZl$BB)4{){<2mTU%flQ4D)6g7Qg3S8{w8uY2p1PuWC_mY zJbqzti0>7uP}Jkamhm_SG}3sMJE`tR1AOkyL_b!U!oyxOY*Eli;{u*{HgQS@ z5#L?Gvt0bP+=c-xryy{|kGjXNpr9dI&1?vdN9Ic+(~pglV#_6$vVTr)g` zR(-es=7dPd_{G_>?WQv}z_@VSB(q}V%~g@ar5h-vko)#0KLgzsku~?YBAA!^QbmV+ z{%1(^g4#9y7pW5ZgVR!QljBZr)gthfulD6UcHd+7^_ZRc1n4jq?Xd^<%7diXdzEal zNzZtYYQA#{d19gg1-$pj52uC`mktlSJdd|zG2ibQDBdvR z%x2w=k_x)dT@_DU_E8IM3%TfRX}e?+mI{@m@mRl3#Vh_0W3M?EXxc==COy08v3cfT z4b;dC_mZu3`X>wMM)>icZEwGt7s+$Gi>fy@+Nk6DU2Y#6Ja6~6H$UfR9b+2kzaT5Y zw7sWmd-Bt>V@q1zB*of;lW4ydYg1j{pVTnJ-@vz_xBgS_JS{8e2} zBV?-&Yd`(2)b_R>_Id7Sos@F&7{=aHANHln8($1j=kcsX-Am?@q7mQv4;g^+P~yoE z=vbr%HnbBgyf}&oVfLH+(Z}81#AHCu-a_+XeE3e-sj}^bx$&|;u-?>1)t-NnIdT9@ zSTOK*b8K!@*wsGxy%~6e(koR%aVMG|ISj9KWHGXuCBHp4THSOL z=4CH;gTOs{!%3m9%T|5rh3LnBImn$$1Vm(^_|qt&(0)Z&oVuEPs%CuObv1k=KnPt6 zU;Vnt78<^5BTA_$YZ@pnooLc9rQm8$WcJH>`J-t)==8AY{0!mALRX4OU4uz8&`>(a z7@%-4esvo=YxV7Gu`d(9ybM7qF%4MCY-3EukVQg6TsZifWX@BLE=zaZQQ0~@LXvScjnQabsGSX zK@rX)EzOrc;-8$W7E8a3nhFER$VETzF)wWmhT$LT&6ydM$xz6UsE)5B5IBuSLvYuA2kIHs>r*jqA(y;9{DDmlYp* zLlel3{K2_<>tX82@bNn3JPvh(+ZpLaee%~m)`aE`1s|}?Kmf#W=NY{@`7qjWjBoxI zQkk(`R5~xme)%$;`)Fkc6LXU3H|bl$m{rT3_%M|phhTsSGFes;yZ!m_Gz5h@*s`t- zpQOGQwO8tCR_o*RrH(GGBtP?7V}z|dAZ`tE^X+b*axtRmp%&`AcCLwg)1AN7l-Te$ zw@`wFen=THB$N^YCMrfL-7Z$v2afCDH1$W#V(1$p#~O5~tReY4Y&*TEHcXn+wSyhL zt}Rqy*zNlEvkh-OjB@wWl!au4Zec_^>fLHhdb!~XfsbWvd>tP;&QvSM4lC6wnA=7x zsRb@2l=-4&G=5AoPvjPANXd!Yfd+M-tCK>=y;Zgu6SPe=k4aP-Ii2F zXIj&}+IFlxOSdfonf-1F)@9E65{k`xG(r&&5Hs^^W4*5SVkcAdf>v12-!e_!etP^K zIBpxUvNd|GgI~~}$$PgG)yoYRo42-ZLg$|H(V&AspxtUN)7$6KY-Wl(i7L3Cnc9yn zHkxUy^=d@5($`_j2y(MkH@t;#uy6-O=`QWpIIYn}&2C~Kt+MWyFUJuf{h1%qnwpXy zJ`@ymq!_7>2`~#bB(BXZsc>+V#9)&)V%S~IXLs4hUHtKWAvrO#D_blZJ-IcIuxC^$ z9QxFb)BKjpK4T&6A=zEu7lWmPTuN&9acjI#v0(*HX`+4r)0W?Ck>u=izR_n1yRD(C z9H$5R*^P$Cd8Svga|Q5h!|kDPx>z$_jkn$AT|VLX7o!Fs&WTV%s#ivhtJ&Jb(N8T_ zhSA6)IsNc5<_{I=uQpN4ba;Um-sY(tq+@@ac2L`6`V6o-^s)d;{tC`H)57=^{NYyiDG+EvFMa z1Y@P)>v6Ly^PO47+_T49_-9cA9%W|?ndd-m(h`mG8NvtLBes3!wZg8fb_7$f6X_p| zD)X^6qMbKbE;sHjjBc5&9+!6$fA)y(huQza8NZfGIlOpsDsms$+564uK}N)xAAGjG zS>l@l$&;dCN5$hMm`=mnDG4<*i^6CX6QR?ARj0Gn^_@NF{MgHH=_rqdG3a6rO)#>b+^TX7h1q3~~{R0#r2=Id3O^AV=%#)c zzl@_$x@piG^T+=!@ekgv{dlJsk|W7?9UgaGDm8OV;4}ZL>K|xMVEfd-949H8*8o|f5>kCoI&Kbf4uyFt`3F&3*3HlOIKj!1z+Vrv*2G{v}_cv~AX$Gm+!TNF&d4mW0?t{){ zy}LF=T{=dgIbD**43a8?SNp})f~C(i6NxpC<|BQ6c+WW(U%h!{Dmqr$TVCkyUa+EX zLG(gM8i!}=*!ixB^Xhg8uPqtp7i2q%tihOchgYGE|N%QJo?vXW~^_rX;uD}OJJ)gE4j zya2b1lcUS{?8+f-R<3-gZrnTPcHX-2eqOMg02h}FOO ztnhTgKYN)gc}qt$$HlD{iWDnD8r)(H_v<-4bxl+S>(iGFhZ}ZFtr{6G^E0)wug##Q zghKiTG7tiPNhK38@J=_nk;~fJ$z!Jjd}rqu;H-EXI<+7lS4iK^lYu-}ycK01F+@Sf zYlfp`4>TX27D9Gw0Be*`B{iLS#6D0?? z5@R?1GkrIlnAF$9E$_a-9cKb5+VTb5$h&q6f9WL%$n<<@!seEcxS4*rVm*7`hyOH< zs6Q|#5xua{PP4bZhBkq;BS<+SRELG{m*+)PTga~52zC#xluqUp>|#?9DQpwEx_1~~ z0lY(*H2E3()>R}r1!Rh#qNk_Dk$+eA?%~&lj_ke0S(oeJ(p~;+8ugPFrY>m&tood} z&qRbn_P`i^oH%(Q<*0)9_4pLKxh2+*$elFnQ;i$5@j>{US-h& zk8VY!xT;_`BVzivejN_%@Mr>wIh`??k-~e2pPTU?ozf=W?OrMo_+f&MpR2+!PKM~s zI3#Y`@|uz+S-$(_X0*E8USK>SD3zQzmvS}qTffg>cvNI4*X7+StsD%8{gBwRYI-x> zo8qwN9*QFNS+Pt`SJh>Lc^#6VPem|+9&d0?&u#W3y5o%>Dk(W)OXA>$*29 z`ot&J-l1N2kLwZdRam`Unx?jx-}jfptId1lyXuXXl$Fx()I`r!lhb!;Wn~N%r4a|L zGxL?yOm83!bzpZ$2l)Jw!x_tG&#VyBYK_wP?djqjlFhceT*9DdDd;<2XDXGkv=e?y z8f^9bMcAjMA*;@6+ZgXDy2`ny?lC&1aU>w#bl`{;mfHjZv0&vf29NLeFh6?L_=Z{4 z9NnB?O3&1=*lt{OJrIpJ(kAM+xY?upqo?;pW6!N}3~Y@-(gCzv#bUgN{A*O9$J7|D zp~vCG=g=Kdmunyn+n;@R{4!Kh5R1-n9I*n~R(sCl zlRtpf{&UJ8Hy1)y7(u>!k~_U`l?Ox+$+w;CO&sv;0(o{sh$ZAB#Kv(W5x9J0Wmm8i z-QyCH&*DkRU?xo9$8TJSju9bF?*#leoNYM&Ql9&%^xyp z8zm}T5t=2t6E!-hT1fYP1Rx>DJg-WIH1J-u$Kt;y__J^ILxynlDW=e^%(gQ~A^5R$ z=!Xj7`4*dQh9BMb(F$Z@f8x|GFVOU-Sgk@VACZvJ!G8TfmCw13NG$&uIWHBcCr>Jd z_f8OpZMLrcZl@#3yEXiLI{ux91UdBtbfZg=?qZ;Y&*E=?o+))fW);EIyU_{i-xXn> zyW>*N-0%l6in9IPifV92^atwuWZFvM;t{{NxR^T&Aa~4(?Mz zeO}g7g%V6&VYGIoV0Vl0FE48nHilIF3O!O^>HBp`J9!u7i+lcw04=^6B6M2`e)E&OXWHO)eD7C|}#P zC;em&I*qVrc@NSz>r~QsC`_L6FA#`TMT~1EC*8!zzH-XM^Btpn(n+5vmEs0vRa{}L z)?zth6_FMuF_Gd|Wm1T4Up!KGy~AD{e^^n7RrSmH_!=Bp3%u=Dz&!tUcK9~0P=DLF z>M1p0MxZG-iy<5u_}-`RXWcyK(+l!5iJ5i30+NibS73OZYi=Q5%ALzLXzj12TN1Vy zU2=k$F+<$e7hXpeJ284r$33igZyjr%`X^>u51!?y^RXs`&ttQqb`A*p9`Vt`15%=o z+nkb^UdWsrbrj&4+xe(G6#}wLsQr@J_?^#dA`X!7D`72FA$K>1S6^#BbUzi+PmkLW z-MLE(>FxVj*l9sD4cLWhrV#a|cO?`rAEE3KxAsT9;WaJOA{Mp9;>z8#nk|YG<*JbD zI-R8GHtUdhH>aCZ2!tRL8YkiDzJwF)uM_;VWWMF%nP*wQMjG26wbFJQP?>ChgdDmE zju=c4Yu_o)Wxp`?=Ip{D&gzqaVM!reZ)nvhv{u};h?92Xo7(*TJ z-HSSU&%NAVuj#QmKMNxTX^+-6AU%XH33%Zm^!-Gyv;xn;ntAFcv!k6ejlPj@&bm1- z%zebRt6rtdcKgu59+amFzdHXw_R>9RP4&T|3c5E!%zh2$xETUox4rYDNMNEigBQjq zyc&UGA?J2Blo!zH2aeYB=M=j#|gDC2IW)zuW;bn3ue(kuoZC6VO&s}se ze!33QZA354e%Kv(E%+GcX$Uuh(4Ea2%5AkP^`yJ;rg}P1iTqV}IECm;OWE_n-|lLo zpJpz-wfJSwF+O(2V;<*{trko1p?t8PCvTqj-8C~)2FF-Y9=&^rT!Z+D%=69m){TNd z^Xm9qo+O%~4*yR(j_;q`_I4i3cSnX9ZhTI&?`lQ$%Ql44tzNV%N6!AV`>M3vZ|*A- z2@KB6Vq<%!^1FQ1-?n@u<+dUvR=@X*L9877;T88PN_H)E?s5M{(6GCGMjihnwiJU% zTu$(wAA{D{ISoc~L&`r~U?|hSkf7l;!NtOs|F}Ls?LKen6J9v%{4hwdoJv zgzDlv5ow`pxZmthkf@J3Bx}g)i{W7{cN|=Ku3ZyutA%C%#-q2=w$DlHSqJ-Hir#X5 zg66a#8Hgks?EZAt+negaVrzW7^R#h>T&!Q10EYo(!7VVA_oSl3#U29E4!M~#p3akf zSw{KgaRjNSwrWA^f9Y+1#r%us{iWB{%l!vbhX^J9*(9kOy#j-T zjS?a%D4VfEcrtiEYxK<0bhj( zq3qLdBL9*bYi)EOcO~oc$vSD*^T>y@;ccz7pF&J*ta6wt{IpSRMiWVQ*m##I(x%y{ zN;EBTqEtY~7x`oIR8SEY)z2x!^s+4H$z5)~?rgnenE$Rinpz2q7x zC>-)DfzwzP>Q`?inENK_pzTzuGZ2*`rNuXQKhaTy`v&6|r>^wSmq+N{Ss<%j#kC7V zU>{SnS)l)9n+o#+skmz@Ua^gyk?Wm1fg?NMgO=Yl3DYii*A7gA<}OYCYJxSHf~b_v z5XQC<#hT_R2kAP1k^*HV&Bez`LT5^Z8^~GWpyb2faL&?@D>YdavK(Fl%FCnL0mpJp zN7R+SR8(|cN{}pj4_q9YTts}Sr^{H8qH64LLRNWLy6YdcnNmYNsKo6&h1iIbDw$CV z<-w7}+Ofq81U5Xq(nJ*k_FI8YF`sI?4cI#S&vvU>p|>$QxNgojn^j38t2LBkgxhmwRa3DV>;-i0PvmK@w!2)5;Ju+Enyh z%_FSr{M9oQ);N+lU?|a;Uf#|BK^YbVc<`yB&XUJszqHhZq9)646rLbu9Tb?b$I9JM zaw$q4l@QxTkvdJkYhViL-Fei97jU^#znTbwp?A=6`Hb({hOM}yU5vM-zL{Yp6(P zW4nP2W_b9h#Yxz$#6wKIim}<7a30*NrPBB>63vfTM|Xe4h@A8+6sZHJ-@yJcIUJ%Z zK-QCEd?d?NU;TI(rISYJXD6*nmmc=SA{=p0yO_=|Z#(vIni>cDTUQm;=Et)J?E083 zsjw+qqSM1qmJfFnKLV&EJ6zZ1FW|Nt-h_@kfTHk!5lzLfY$;i(aR#p_9P0bz49N}R z)s&k!#dEe;hr5;vb$l^n5zo1NL$??%=MQINHOCNP9ISB96mjAek|ETk-By28nkMhj z@ks#frkdBRS}zW)9E89}2L8pOGUG{}b=>&zA|Ty@mDsgCX6dE}JGzh|eR022-`cJz zWMNYP$f($PG`hd|gtE)>$(>&gm96&)gFLB=v?X-m5bEDgIxUf|cw?LVOWLwHK>=|3bh6i~A9-wY{GfvW#dks`|QvW~<6Gm66 zvXj)|YnIhSGP>^2k17!0DUrgilxtBy$+dVytbK*iVU{aAS_vw9Gr86TWm|EP zCu*Ws$nk1i&5|T&o7zepNo|u(W}AWxM2i(tCh*N2`}y0HjA^jQkZ_7Fna_&#(;^mE z60q)QgNO?f5j2~zxS)7szK$^udamxZDd4nw_>dvDSTn3Mb}TpNZsv`XzE7e`dj-5u zpc0}&zX;(TM1S~dMS|3?8n-X49HC4vP9=q=joPACYezq&t~@*uEH|m2r)EIkb~>OW zp#I0OX*d!=gR+ci1@CRK_=mn0!4>AznGHkk6x^EO0Ks(F`b=Y0rp^vjf}1Fw`ACU$9z@ zB~FO$pcMws%$D*dXZ2m>&@`==>$awujREnPy91k7 zQQD$BLR#wOu16n8(2hnF+EI%iO!-7PEGO$W-vM*O@LWsL%so@&n}|gYnFa-iOxy8I z@&ZX=P90p69HT36)!h_+2}CaC&W>30nf_ zP9BnIm~X2sCD1{i+i-^ky1672i4!-ylQ?p&!4?-Xt3O_1D9 z3IGMYk0+UvT(Aq&or8-Mm|XAXfNLN6SDLR`%09qT_^nI>-;FR9X|ts}I+Y~1Kkgm1 z1TBD^UBjl?3Zc%}Id~*jQg34zLw}@mt2Q-*Z`K2z7W)`k+O~x#eq`aI#Iz^9nVC+x zEL)-nw6IxZsu2oXm3@2fAbFoa+tg24-qa(P12>ntN0o+h5fs-Kx{7*zkj~>Z*ED{BfhRO0d>JiK+7Xi{LWmeWG~8<`enTMBT9rU@^zX3InLp5-xNO>jYwl}_hJ1o5-qL5x}rmB?Gt#+PiCE%Uz&`VX1yuSu^c#eQ*%5ddezP~ttW-0ZL!gTW&SKr@^;`jvq4g!nWLg-LhT3G!-DGG-E&T6 zR85DZCxh6?vqKk&CC*$b4{oV0k_b`;&rnGWU2?D;a8^=sA^6m`A$8{yr&oj%&!P|) zM4R-tTicB8>XFwub+^3{ZumBEO(&uo>P$(?-n7&mSR(mRQ0*sUGK=1)FF|iH4fXP> zVTu8I6S>ZriMFiNUql+wJWB{wvgWYaC2kDLRZ70JJL`;^XrQvZma>;$I!YDgWE+^M zyU6l(WPk+J#vGg~(&D!yRiX|GgLDE|=ZyzU<)!55!M{$BTFQr{VG`S%y5DzXO5t`p z*0eC&1ZBAO1ud4nz61UigBme`WzT6H3D$?0&E!hyU7&9`58Kt_xBP(E2zB5mSao6W zz~JZiP-Cs=z6(;jrEQWYU~(Cmz1OC;=~tT%r0y!fL#xR(u8lnM)N&QyMGRP%TF^n2 zS4M35R#e1iWTV1(;Crqfc91#@>GE9EnJ7oK?kYXg#1hL{_t|*!>0E(tQgHJU zGqMGmuBBv0scW>pr#}#s>6L}!60&R*%}yb;n=zER4qrZkz83z~LP7;I5CcUfjD{Ff z{D5X8WtInx61J2o`X}qC1d|$71~zAW)KM#4H|4b`{NC@@_kk?Y_`${?3ieh*dU&m~ zF&)%8t%@RU0u6$#H`{mKg%Jw%p1C;=rbXej#I8Nt)O5i<=Xm^`=iQCkBJ`b_xY2at z=tns3n)E4&u1K0Xd9zrggG8p`>v+(V6Ikf9R75_jtT$2UPz}itg~4)obd|E{2Dc#% z??&qw@{IM|MiQmaE!}SutOgR=mTWfXl`v}*e!(r_tNVP3wO~?8anX5<)9xl(sVk@! z-x70~Cr0D=+0-?JFYvp1ktTRRf@>QZSzdpg!a1H={KpWzm?Ll~hP;kpJ#jG=t*$x2 z=G~QHJhBz7XeABd0hwl+Q;N;U&j{qI^wBja=27csCA_$S!`X#7SfL6z&pgBt*6qHv zKGP=D4w=o^(cgwrKq#QTU6nOp;I{Af^3L8!$QVvo z0YVC+L({P^jCJ7+eQ z$n@iiEo|yyf0t*={tnQr_>Rf6aKK$$!D!-^yT<4L1n(7>u18OWCVTkY=cF-_OV}nB6LC$+@#ZM1$XVh|T(&(1|CKBMptw|Rp;t3T{yye)Bh4tFxh7h3lH)&>$1rJlPH@!$9>uh#yp-(SDPCR5K&*^=L8 z@BXb06vmFMMjm-HarqZ9$wpS0B?CPp{2eD!0kMY$o_Y|$EI&gd-`+B`H+4|3&_wX%N>&6uIJ@3%SSFd zUoH8>wYx}n6jTbb(0^}zg7GKc`a=2e#9=7vfUQRJ3(R7?W&Ee12H2h*MvQ8dLIDo# zQU{PDRF~H3;#5mGRVU`@XVl1&E$d}gQO2#})Ip?5eHbYf3ABEuw8lhgZD>xo*)>Zq zqkSo3$u1QZAHLb@6AfTi}?gq)TAC;B*Hb6N^j{o|j&_OpPh4D-F z&DVgGCQ&wa42|S~mMl+C7#5MN?lw0*o80Sh2UIc_g95vh*${+9wQyw|;HXjp1bdlxVaR+mBaJLxJzdXt@;)
Ds%|UQf0{u<0}FA~Zaa0bRf17zKU-}~ixZ%;e~`cM zgQ*VBq_dEb*(bKK)ID0!4M~?dq-2b0k%4GxL`)od=;p9Q8>>4il>0WpVNYlC1()n& zlIc%!e6y+dDEAuDv0J80KQ1XcFp2|hm+U}EZ3~*zK2Gtf#Y}1H7tAarMpmjk!8SjF zX$Cm*P-5Y-1?t_E#*kw$-=~TK1unNIx_9*mTo;$c22oQFvcT*a(B9e*CD$@G+C9D)O zsI)7=G!3-@N~{mrciEl5E^+~BgiQtlRODDxadHQ~+|Q9>zdj+k z6Qh{0y^Ddjt4%SYP0*|X`ouJ+fAIf`QDP!+z8&QS{tNpo8K+@n?#Wl`{Nm7B{h2zW z7AvQH$S1yFx>5YVk{ad{PBvymnVp;*`3U6g>=}v|n-WbX7uY zYpt%b*~hQ6K3KM=QJqH6bU}i%JzG)sCIns_{TtUp!2qpgN>-LDVV?%YmXS(aGc{bdwqX8U5;ij=)13Uu#sCHpaD)bBCq9=-QT6Q# zaa#j_|K_Bh=FO;^L!=RS2U1B}W>h0n;yuqe-}BlYR`YHlh64Mw^dS1ezFno!c87y# zEhV_vW!@+M)8e3Jtz}c*PoQCTiUg||XJi1&=UQ5j+Ya@P#z;HX5P_da{{8s#1?sd0 zX&{yap(Pg(m7g=+;NDw**PO{Fc&_OEGRF^2rb;#qLEhA=4u!*!mr3c&E1Z$#pZL%5 zIE<>jc$dibQYa;jlDw+MN=GF>iylNJMwpk+Kcx<86#*xkOAgJw*yrvhj;e<+Ulz2V z0y=QyfM(%g;e9xOuV0~5RB6Q-;<2I#f0u!xf#=eBcM+5{17BfY$fu#fgyt8^g5Xwf z=aOYam@zYqgqfJ!RlPRgf!xRjw%)0Z1Ym)yu!^XQ{vZT#2rnqKAjpt@J|Ke4+yD{30PV zmSFNoVzG@V%)hAL!^^}*#0Ou@mShgz%WF(xnp|9~>;~9r@aE;mU%=Jms#ii|6k3>v z;*S$%1ia57`AMUWppFTgorcG29jH4F^JheI8Nme7$_4-aMGi_{QUS{pt4lM&1JH7hb8qQDLHYXB#c|>WV?z&9jm!zBHmI^sSr}X z@tFEKHZP0)i7gHDlf>75Q3SfU3>VA_JBvV>fe%D6o`%at8Q7)Gyu0v%aDX@8p?n{6 z=^Pu2DpvNwZ_w&v-Z*O!hfp!-M00$g>X-=KohF8&3al17m7@=e64;*s!uQYunOwQ=k)JX1 zovb{~gFYk2lwe8Y9HukvmvQ0)EfqErY|f+_{yH3dGO1W zZITwyu|6>tKrH|lmi}cW5CF{%fM;6Jxy|3bF94ZLR#-aNjzD1dpO0Al_{Geu@%Q5$ z<$(X2X~bCqQh({+0G(dQ6GM^lvbRirug9l9n&U^_LHqmLoWx0|l+=AdJ}<8Id$3Wn zPi|x6Os7fkdjJcdmhvwyuFhPUP6(|CBm*r|hYw4W$eV@20N^_2#G}n!3QzV-UHp~D z&vrDNqp_NB`7Yz8-YdeNjttYseTlHC=CtnD!AmWPG%!{zVJd&aH7tsg6w90Z@1q&R z{${oe9^@PlHV-9#0SmMBWHYXVm^6dBn=aV z3rot!Hvlw%PAj!}p<`!!w5g0tv??D}dIfE(zKV?M>Reqjt~MTJ8UZu1vaaO8S2i&; zze@pbGd85!t9@T%GT{Oi} zb$;T%-(FIO776UMk&E?Rga>>Nq;U->x9i$|EKP> zBX^pIN}-f+Ud>Wt(RPATa$~7kDMYVWWab(G7Ax6vhD*qG-e~YfqmSUJja4*|2&8YA$rkR-DWYlSfd{ zE%#LU+j<4rObIovnsSNwA<_pnTpe2}Wyml$CiIs)gHGva4AT6&9cNK^suxodHta1s z!e<1a6hW`7hsV&G-`nwrR%c*IyWiKVOd>j6eMwuNCHvuwRIb0MbFBYZJ zkw3(RX0xKk0ou=55jc}+S$NhKr z^FLns|NF20S2#TXi!A0phxe2R&o%fw^!^+X=5;-W9+6y~K=V-JfYx)CI5}9TfAe%F zG)a+dX@#rg(jn8s<8H88+pZ&^7PeF2YoejE)?Q%v(C*d7&D7N6u#)<4nuI#Gn3Ji1zQwaRNO*DhtYCxGIZSQ?9<{A3Gaq*aWm|JJtCn5o8 znf+?*;ScYWZl5PC->8LQ2dkyC<4uMEC*$KK?qUiIZ$Eu}^uvXN#UiE@H&5oZ};QE0pV` z=V0)@ekhN(ht1DKLzFLhzM&|fDe7yp?RtK68Re+R-B1_~NPVVz`!g-R{ThZX&(3=m zT}(#GAJZDXX^zn?r_c0f3&PssDSOjQ7ccQYN{z$0Etxnw-Ro5U_ zZSCXL*EF>jsB8WuJ)mM7gt_w`SRd)cqVNzeJdel5@D-NWnV8+JIkqOzetqycQObKK z?|!6NfTk}!c=U=48CO98F+rtUO$(ky)+0$WvF@!c#DObrt<41PX~%=`F&L*QfSVn^ z&G(-X7*X2~==9Y>n84O^n$qYYzvo_~hK==|4PCMxnn%eq<}=ASob?hSkZ+F)fmAqJ z`HJ$Q#E11tCZ%x$`f4Tbdtg;3bKOlB!I3?kH@jHT)3lvXa=Id>PvKnvYefOwWzDc$M-COG46It7B|HJA`v3On9L-h+i0$c0}6S)8q(VvF|O-Z_u6`d6vzxShBMWjT2 zd7dMsFTY^88O507p`Hlazaf1%6(Srw-IwazY0(h962ao3R>7Kh$gi>d{gn|bXZMZV0s&Sr za3N}i=gyzripp~TSLh)wJUZ;doqM^adxt!e^dB`fV za?*t7;!fFSE8&IW{_ifv69_R@$2A>73A4#Y{0o>`91P&E3^nD6)8)rBRLm&A2*1R< zD3M*iPPz3cED!qBz&1|@yB0!4vKPbyNzWOX-RDA;-!MXjHhzdAATrW;%&(>4R_sqcVbRyVXeC&*D+5wf{++LsmdcDfx^1$OJMaV0Y$m`-N zFK^MrT+&J(PU`J^9u(@B76nA}Q|up=@`gjiH7f>bq?wP4rC*Jw*`hUv*(zonhU8kj z+%A^-_sedcFhVD?d-(|T=DjZ~pHt4*7}?(koD|jD>|HF>1hbZw>m_@hx!(I8c$?jw z3aOIkPEuM}`H=xK63@M4tI6TEtCpl;gVgj=wW*KQ4@Mh#P+1FuhvhDT+L!nJi|X@O zP%1JX8;!7UeRi4ibDDU2=Z~Aa9Xp&TZrAwA_x&XnHrDG|)qfS3h1NR@r$uJN%l}nBQddCXm(lqz2GLl`Q$-W zWVWlGCxMh490uA0CCkU%7(kcON)DS4Xi-UNsgM;f$$;vjf-!nS(!TQ6#224H7jWSvhGf+;e5+Px^8tZja{u#R>IDTfMbVP z=xQC?!XVRoC&03&$@h8#W@4e(%+JH`#q>@<2yt0`4CP4u%jXcAuf^|iYtmH!i4A)( z)1;%%i{j0F_EJWgUhP@xzEb){XFqx0Mh$9khad0!*og_z_`v&-_1h|X1VKFz<;OTu`Spn zgK4*t0#YE@AUts=r(wL&`J(EVQ9Wy`aX4b6Q!~7iMq>bVs(pu(Y*EYRcz(0T^B(ij zIMqOH56urv#G~?5xAwPW%`3bcK8=DOD7-m|{MhHPoi`;;unb>xVg2{954uX`1uzuKvxjrD7GFs-%`?IPQ>!R7Wi9Zox$`18_^pVOnE*QOF|eIee@ z3d&!*-+)UNg%pw={#eizYMsala*BPBjmvB^>bZsmf1YGm$_`C3v=QAC+l; z-s!kzsF)$>bu&1Jt$N#A;L)Bx(~~LU?2jL%DBM(XsSVV374|f;Bt$#sF+i!S*9%@6 zk^zI?jDfX(V=XL_0=hbTq0NwQ8 zr?wP#Ru~d;2@E5;DCs$@81y#9rgbio^QfX89c{hx-M=;vd5Tp#KT$c271d8Ydpju` zM*ta>mgmd0A6*-B>UO8#pnPeFp`8`OWww?*Kn5os|8!}34|oUe^u3VtPGEZpob}U0 z=rc*f8c{yh!M~IRI1RMlDhz*lG5!VpGe{_piZ^=!?f@I1hKG~-# zrv|JfD|aQM#HHS7eVJkLSMgs8BHJ@wp3>KE+2NQGl#`}#Pj^g{fb6&Joclo*rz{0Z zn#$kDdEeFve(filvp4^;Hl`Yw!m3~k z+i=VI8V$FrW)$p}Nu;F%_fWmSKv)xH%W=-AYF%PBqd1qtviry!+P_LM4=1npVbkWgX6;3J8{Eisr zONK;a!h+KqZ6Bh!!EVyq9%qsQ_*#?{#@K7t3y8#6^%TO0+2D`ui@){j^$Z2Me9fVA zQ*{X_s;g6V$eF%ofNF0V8Ydr%${v5Vp?d^F(Hlm@ciobEQrC<%vL!lqX68IV6t$zY zGhhbqU(c-}sO(KkgTzwWjp+21&Mx8J$Ucxa5^Mw*BDv-m{$Dp_tApstu|l&42;pBh zKlLUt(GBxok2L9dTpH6jLOGQ5+V<|XpjsmjO(Y~h9c`?JBxa!TH9K=ojmJ8(WVEgW zCAj00e{Gk*$d!+n{EKvM!(#CQ*m5u8V&{vPhGqdP5G<<2g4xpPGKx34f_4eucZqeYc z`1Q}1ddy&Di}bqBini*)gM)RfirJ+^%~RZ~pFVVeZ*3hBg5o${n!Ti3nEN8-GfLgH zO~dI!=7ACM5#-EcNY}*8?p)-vBs_<#Xs^yTteK?ae%vK^NKnV>x(#G(e^^glj2!!R zR;N}M&|NlnWO)C`fgu~o-WNn1W)cFWr2A|l^VTo%-csG#iivYwE^De}xa1%FO9O-x zMjW#r-e>DMXc`>|F_G90D$BH|@j8C7|4P>fk(A*5S6vGmKha7m_XI>C@uG)7gnjxe zlVdyoXN&v?_v}|_f40c7w&=&m0s_)sR9wu{68tWk*tBVB3~Y0kdi`c*qG86fMQaQh zc7vP{D(qc`KdbG!hcuMFdGxr^Cd#PI(S(N}$zU-0_P0jJ8kNfH*tuGS^XEYCSU=|~ zM9tsSl?CA*K@80qU#w^RtN!a7OhCcI8WNHBtO@I!>gg~HLfPl8G~1FuC%K87Bk|?F z%xE;w)^_`7%8WXjkVW>b@7tk&pVqrdrjH_sF?-s+w~5{hrQX@a-l3U(p?2rf^FNS7 zkLn6F%SzzO=uFFpI-esM@oI5BGeRS3=T@_~n}}8gtOXSJzgTlMiW$uCwYeGg^pOP& z`+laWVS2Xx9LRJ-ra0MfIcUQgu8)(B=03n~aGH6SjJlX#745ccIv#J}GZ3=()tIZl zSAwDSoF=SYBzC!mw^ zwF*XRw}k+K%FjSV8WUb7Vx+lknnRddBYth+AH+#}>p02{4+6q#svFL^%R5(fc%cR# z^9c^L1Q78Ukl#8{&jO$I8qgo)Nr7WI;!1?%3aw8z1fJ`@_rxfcl`{Gy*4lRx{9QHE zXj100Ipol;c}=EtQAWD9JR!p(lX0S0xSrMT*^l~FbVQC4HOU9s&&Z2cg;k9P4Hw^t zN3y!FE`tx>J(k=%`){#qpA0$&Vx~L=}fne6T@#8)(KMr`eGZ=_(} znps3H0;h!XB#DR*;~O?-BLJIcFvEVx6gD`l>l3Jh{@@`Ao9|I3HET#)qGGVmH^!3$ zl3SyQ=wDLBpztfa+PbG*vQZ7!F+!zZX6%v^aKMStK~F`gXH+!@)j9BY=-8h^16&~i z9HcWgqJCy+PI{N(PM!_F%t$FMF(4vTe#oIeH(m{%@PE3 zY{Qc6r;ugH8aiJQwNE+mFo=$rnNr7ulY+(qcWL&6^E-^kbtw;UQFVS0hG1w{l006| zv&ll?ksn>raaaY{uu> z81Ft4>0F0#y7(1!OL>j!rgJiXLznxcM)M^!L~=?S_+!M13manHm27jEQv2@=nS{;t zsv0QJ#n9rPh3HkpzOu&4);eLk6codyoP3T=xc<4I)6-v$I`WlJQcTr0IL|?L7F|B5 zI|n24m=U|xM12&=ov|lHrckURy#C$FuNSEl>SpH}vikuGn7+}084IjV;#C6;-nN2c z8&~e+Ha$|KmxY#}#Xqr5Tl)L5l5%a|(3|lm@f9&9y9>AS$cEpL1En z^pfy|h=^|VjAUFZ5iVRj6ZECxq!&l%bFWE$W=M=d-aOvP@`9*@(jpo)D%Ix-5c6NF zG-V20-epypgeoU^Q43_)yES;T#x2SBH;`m*Uc&Dze^G6695ZCJ65H@f=mj^y}J%)a})#+@*hqGlr+ zW4vZv#PE47JjzBFzK#DH2$t~(Pw`6Gbg;>IPWa>Gu&AS6;FXf#P0apC{Gq?dOJo{A zKhr2n%b{{EC*nI!+f6B{yRNO7<>B+vg>G{H(0|7B+bPgNS<17Cse;LsKN=ay>boy; zH`W26hw{H3|DG=)#Z+;9*7WxUiXV+AlqOcc%U|5TdJ3@kgfTL4gXKtBWPn=d5UX1< z7mK>a=Giv#Q)Cr8!7O?K+t+#0V*bxa<^Sah=@Z`k{|~=3vog8)Js)q^93XXnkRtjw zlM)O-YV%wWU09o0nwFbSi>mQjj4ybiKiyuO(fq!RSD!4he=j*+Ggm_eYdG(BUp`r8 z=n*KNtYTlstL85q zoY7iT>wR%zwN>rM21#kJ!h^!%h(f@0Ftlk+jT%HxHOWQrES>NwWk=JrKUN?X=-TnK z$C;$RqLmhochYlB(@HT7sZfKMALlC}o>_nwAtimR&@kqgfCPHCmZuJe#@CHC-$|fc zHDJJF>X!RMq{u-_^_iZqrTDfg7owOQE0e7~l+suF1uqVjK>Js~m-V{_@H)xOMs|(B zq$O}#-YccN$3sqCWv2cymWhcqz_=EP!HmFjBgwNtTb_&ujrZM?=i0N*r%5?1F+g!- zRHI@iPw_1RWfI;+q<^MDs=tYW4wVlhyW(A;NB?@=klSQ9^q=n)Fc86hKlZO`LG&)|EFX~x$d zZj~wBsO4zsI$aHXA>=eB#YB`zRE$2@Is0-6fO3$u`6e)zgwKmB8(0bklw_DB+?pqf_ol0sCe1 zs%d0c?GB;G2i{@-q9HoF4^|-SUcw2OL7&baP(nOR$IE!cp$ES?uk-#EA)c)*d0iOM zX*&fAx0JBW1w@uLslC(A7o!TJHc4!^xIFL3!yKJVL5lEKEang?4VW$kcrx&Pf&h)# z(-4C{0Fd`Lk5S8D=9{fpOb6h>VnK{qV7H9ImFv*?$H%3ML^;EqXtBnWqdUR)bZNG@ zA$pg8iqcw!67M(zrk|XgzX6W>|6$bs{|kFso=?nzUIojbT#LKW#Yr4p^pSyg6-Sej z?g|$Xa1~#dv-M+i+XM|jZOsO4+?*GOOH*!4HTAoD16%n$Y-MSP0{u6=!RQZHG0x*Yc&OttPhct7&{juV6_4nzTII;FUrm&^t0izwQ;i zGV85Up>Zxc?{0%*Lx2OUg!~c%NlaFV=fiM-v;Rx$@v83{H~kh4>xY_}#E%){$vJ^IOZ;PODcuB;qgB(UdUIRtsAbQ!tCt zzf0w0x#<4%34oIs+tOP>ZW=O<+f@Z>902UTwpq%Q(+D~+?E#6+{vTM~_Wm5US7dTt z9HzF(~5^-C6S zd+dB1M{!Him#`BGn&)OuM<+#v_5v(^@+TB=G?mtK3wuOr(g}}pP7$x${g~qX=fjhy z*)*dvwe4L2MSO?a>V{0`de81{LQALD6)o8aTw;Wc_Z_;v@qK?7ana6M=Xz3G7AP+B z8fttIEzNvj#~F}n+u~}rq-)Q$7|FR45NrWPmMRv<6P6*d9EAz9Mqs# z2ya{~iNZ5V^&i?t)$%$Nvu1aa*!~{hoVRATn6v{8HDQ%e6S7IIu*0ch2Lof!;7z5Y zne_^(OO^7yd`IgEXJ*+H84rLDXmJ0_?{!wlBfx)tr)TE`VCMa{uX#O4Q@ECebrv2L z3jR4aL>9yH{jN+5F8g#1bXK$jANxCaM=FDE+fyT1@eH?3Xaty;amr{>Aa)4ssMpnI z4Bngi8(-QFS_|B^@;dI;;Thf*!v8fUqUw~!`FPHse%6KdU1kW^*Oqk1BoX|ox z6=i++L^}|{bg$?~ej>YEn2{qO5ZJnU(k9(s?GB+UWM2P~&?PhUIc-o*<2Cg0@;vVv zk^nICpYGVzYqZODnKIXIzbHl<>Nwq;cSp{h6sT=NQ{w_|4#F!UMVg}D9C`fh#-6H( z94}`}J?eS-0#0Xcs9br}i^nYByRusbBu^cfX}gaOUEbB?`n)Tf z35j=0ibvx6W#*l8%gGm?o&CYJmwRi=tM^;A{oLh>=;$r|9NLD0zk=J&Tio4z0P4WP zR4OJ^$g5X@*|(;(&VB7SKwLap+|b!QTk$d!Y-y-Ac--ts!7nlnVv{P*@bY!H++6}X zycbhJRQO3nrY0Bnu$WcYKuM$o)oA|EM#}R}V46cg#~$wr0m+=3mWvGZBi5~Z4Ntux z%j_nazRr?msh@=XeoCuO;a-L@YCy*`gs&C_7GS~GUKT2fX1hRPwk^jgQ&1b^Cg+pp z1r%q;1!^T$EyU9M>~@XMkDf+*d`DxfvEE|}&t;X#jPk+T{(%S89%nQMVAX@Rr4Q^I z(YH*6Po%`sxBM{^=4#=fBqr&>?-IV??vR9WowIhwi<6U`8cyuapE{xHPW{pn@lV`W;Tyb6p{WqNwois}g8L<2FV}oKB zL)?u`G`3}Ynog!n7IJmeH-NbAwW}5!3q9lC3XEmQio4-ktgIDr?@RqW*F4xvybm0U zRaWVg&c%*TmH=lA)ree1^bw3kOhE+8_z1QnJi>c6Nm9$kI>=i76pyG|6yRDpe>3&; zboGm;629&X#KyO|xu4G>b5BFPYIoC;+^w(NTV$pia3_crk)hM0-!ct~V|qm3ZQ*Tq zNVsX zM&NZ9Ia{aUdL{?c2Q)I_oXEk!0Iwz}$zjQ$Ci9Rf|CX}8^=cmet=`M-9N;KqJ6M3z zuS`b}LLg?cLIM^LX6eQLxrsLi@YLALfhk z2v~^X&&E0PHGFnDesS|THaGqaVG&QI?*6`E>b|)-lazm5;-V-|+%}x~nTB*GX<4J? zb8v+oGZqxG%x#Uov~><}t$nZ$?58(@bZ2KIl@}W-X%p^LL7at#hAt#@(|=8~CvIv8 z&1K6}39HBw)+r&?BtwK7Df>(s*7~g1Ew5w}FLQGET1DO-wyxH1&EYG0=Lk2q;_^I< zh&)Urbfaz)Bjn{MTKs!r_f_bBOzc)iJeb}M6wsmRGcr$`PcW$ z5mr^4GPdFLrfYd1uHMsH9F9@ApM_5#f4_EGmR*^gNn+E#i|DA2y!vMtlNWkXh3_6) zY&0pfx%poK^qQzx6mHAT(IDvb*?pvIj;Z8w*CsPPBa7U3`%RJ!CD;qC)j)qqtD;4f z!UfXWzg~HRc3mVa(^}+Vs`bhVA&! z&PbN(ibL7d(G=@rd<*{>lKSARU-O*1`#QBcb-UN>Z2X#W1f;>ELfH`7B|@?cm7Uw| z+`GHhepkPB;AUCtKqsQ>V7u5dSiA4Gx**E1$oA-o%8&d3wmp-w7zd1n5{Sb-su(lA zU#HsAbUuuuW7>);igs4r_u5I<`N?Ns72}omoW2Ie?&jbuGBObGWJ6a^OtBCYb>nWp+${%aVR%`GZgUsjMKtz6g=Df zEa6v?L-9TWo~vK6ZB5%23QCUl$>!X2aC0yhYA%m=<{YWK8rOZ%|5?XIQrHG{O8P*= zn@$Mv;Tg%W9hlzUBS$(m2=m5guxzD~>vkUAPPRQ@)A+V`LQYIWy{AX2Ctrk{Q#SPr zpS-aclS(<(%Os0JmJCfmvPh`g%dgjl<(dl}|+4kCz znTE;}@igO%PC;?n**ig)u}bh*PEf6SXrhzteJ6|-(9bw~rR!{8t48&0oDZKW>7OsS z8Cy+w%5p+|J|X*BJ3Qcq=>ZLV5~{%aT!!zF5gCT|T%?V;sKqIZHj??kX3VEBIMR=v zILnZ;)zp2XCRtD@VECC5-i_LSTU)$P&@=XZ%ufd`yr1u^DQ3JQByICnRFwStl$;pZ zPZAPZ>IunV-u>At@&e!R#QJiXoc)zf&56t?EHAC7P*aRL$lj5afk%9FQaqdnjmH8b zmYAXwWFkq6$_qtqscgD|K~YXSkwRR1{Ln9M_sdJWMC&74;d%;3yWtLog=6SJ!F!p+ zD`X*y-&@@*Gm9ATKyD(jN3a+=Z$$z>U<2*iW<#A+g3 zXKbV2`RJW&!Q@25E@AiXjNq4XU7Ghd!+P0$n2}AJ?NWBu>W{-xvvkuHq#&u3+g7&+ z6u>ET|JUP;o;E?m+rvdwq`8<)iHM z>n?i#2y|>(NYbm+-*dg#W_-MR^g8yd%`$kL>GZp@sCk93EqS94ue;Q#ux}sPW@D|G zA}g<8JtccN+qMm4?3F*y@8!zr3`ZBW__>SNvLXdJZ^j+Hx`7<)_we}RKl~o}eq#%Kdd2Owk5Dx|Btm5B@j6LgH^j6@Zmry z_-WatXGw+uKLqAFz6Ac2hs60Wk!}Zq>(}76JCB1h+?r|{-`nZ)q&Dx*8lKPh#``t> z-s^{}*rdy&4>&BB$ot-mmeP}Y-)xXIU+UH%B3K4L%Y^+qKWE5+>1}|w3=25%Z(d;& zC9>6vuLQ>_#G#9TXx3$bP0sM3j86xT94rl#ubfE+;gCKd53q%S;-+vWU2T(V*ruyw z#ZtkALxudpoI#eq+A{n}UV3OKWDH)+9i8De>uX@eMqx~XJTA_k>x%Cc95z6%qvdq> z+w3&YH(+mW$t(`>_*2i?Qc66iasM)|jLh7HJgI#um2hfdI$x&R?l$`8;pdudt8!C| z1;2J}Z}OqJRw%&SC}2ODZ?XuNLP zRo*`~eZ|g;>bM8ivTZ#QA5}%Tc{K~Sqg}6N4{vpRv+gtyZqR@);FSk^ z4OVwoHFe-9W2VIR8>6tGlt7G*H6ecyk zO{k7aB98EAFkUXgdwZLhKAPfQ*N)v^LYiu7?B%5K^{C34 z5JOInzYI$_q@si2XOe&%JyFW+?j{o>CmuQy(=*(Vh!-ChQ9jJ-nd2FEy3H!7#)Kbq z`M!Mk!ZO3AJ7})6o_{1Nn@kxq@SkvG5YEw)VKn9-7QmY{F1jI=R{iVC5(f*o+E{=S z+IPi@-TxhZ=%X*kL=H}n1=tt6*M{&!8X=Z)ORZlNwW!Q4OwTk}(@Bh#p3o+{f9$Wz zr)Ea=GATItcI`{g1ZD5ipgH60q?dshXX3MM+4pfkJ|hEyWO&%AVsrdty~!Zng6oG3 zh8h2DG*f|_(vFNwf>mby%`)zgh7LH0hg!%zxMLCjn6#wY%_@-s3JZFNfC{~7`DC4J znH_o7>R=tqjlh3XS#XhGWh|_9JYywlUC0I_{FHf21Tphvz%GJA0ffRCxtnA7SGpFUB<+=4L z#b}Bg_Q7ld#yQikr*tVB!oBrp!-(74XI^@?l!l8dYQA*TvkG8fK&+3Ij+4$$4I$3{ zr9{L1d;k+Px9DXk?J=EFmzG1(q7G7`2a6R0P?#qe%8xLbHv-S_1cGd=sEpbAkUbE# z>0Wx%BFhA7G61FWw^wp#@h?Rlfe?ip`0SkRVU2y}Q2|(g(aAqL@`bIlYkXS3z9{3Mnnv`FFrz4iyZv;q?-+0xYA;~b z&KYr(k3+1oTb0;Btm?%sEi4~9{5!TRgmOuPQpAIv1G||z(^-gkq;yaGmuhK4INwZ3 z!kSLU{xML$(+bo>wJEwUR2g?dcFR^-dT;Y)LmC+0RFl(z;2iPa#npefWNsMtIZhqZ z+BO2nNWDceG*Q_+FB~M{yC|GI!qv5M*e|y5xnfK{GS@JN(%Y&ts*pFy42VpHv|6@dbo_~;MW17lV*i5Ty!-IWeq|_|TYo9kx2N3Jq+jkvr4dw~m+Sqo4c#4( zI~hSlsC#Y>j_C_!3VTxC^6DM|5#QWv?KEpdP4)N4R?yvIiYCn*fB`9K1+~sv)(!iW z*EDorj}(>nXSUvau+XKnvHh5&j50H*F=s!%u+-2|p?(@o;j`LJ8YSd0SY}@o9_e7*8LV@Q9qp6*ud3|^&^xP z;!;wjQX)jUl$Qjw055YI6z7fc)3JlsNWk7Li{a^YLmv*uJ6U`&7k2^}73` zV2>`~P4&Xn7f-qa$FKi}_#5K_4_rJ!vMZNMg>c3o572<%TWZ1bin~ z4TCrf*ASISp+tk2_TnP!25O&qgEpQOmU@Hd?u2E7LDxZO$1+~fE(mm zhclF;MFGJ88=p`mfUQj}RpI`-`S#@C?2nz(fb%_wq+2Ex8y$Z}FW1Dq{Bv#xvK~b+ zD7#V$J$54X?LW@<7v%qPz8mARAM@e#nd-oB=Hwx9YPV?}P2ug|dd})u9N4;W8RfuNHX{_H_x1XJPYC zs>sQ`T=f4y%%qAYjbfC4F0V`u7Qexdv*w@B_)h%IC`TTNrp8o~&(GE=P>@P<*`EM! zN{O3~8fe(-ex^+deaKa0b}&%zzqP;{M^7p`f;qBN+2$G@UZXL{8Z4N)EEr#ku`UIr zi@mhh!JDAPzs==2t`5ommFj&1`B7_JZ5=ZnEriiZ_K2M&FvOx-W=ERHI_@y~r=-#1qO z6i9Ov?<2HXi6K#%MUTCRomSPFi0&dV7pC@3BBhkQ{l&1R+v$WJJeRw|$UfVBj%#L2 zM9LwCd|oBwJX@(t814M#9sXlN0))O2oNGbNuh$Rnps@=RwcrV+ul!Akv&k2@5b++% znMF4yxPynfhZ+N9_%)8BP~!JyLyXl&xHn5e{K$S8F35pLgO3u2MVW7m%}S#~xUzFK zB*v`G@98Oh3hd{|#0Ei|c9>XS4~VSNN$k-Oei;9@0B4c)4Fe|mEN=3*SxM|k&$@#? z0wcDc|38V=Kv@6x3i$u_(lEdEZ=6QlN|s%egeNDvRp`8JT4qwo5Nhq57zHqLTc*}& zlmGdJqp23%wTm_>Q=CJqvI2;6Y^J~de#+%x)3Czl*da|o2t=EHEhseW2&`!TjwIn~ zGp??YG79K(!FbqpBX$*#4Hhr|$=>p*b;{iCc;kaDcLM+=L5lX7Mm5uAZt9CEufNy6 zwhz_2jCTED2HYO%e=w6QPnNK62BF{jTu{R#^-*KefeAQ@i5C19;jL$_8$rsa+Tn)g zv~OYt5M!9IlVPA3uT%JNbH<>Lu*23snMxZqF8|V)qB8 zr341M4g;v3P;kynP=NGgqNDDsdD!e##-7)j-qVXn1yB9mAy>>@I&oKV*nDN+`H8i`P-# zBFv|5$m7v$<>Rwtz`$z15kJPlULS4&)>v@Y)*%Op{12rdZcU{5CaH_SFyZW3JA=ad<_EwHk)yJ4o~JPj7pvN}dgH8(^r% z%THOV3hZaptiNGOIbe zUWjz&0x5r_kJ!%+*8DR?Umw~D29jPh$5U)p!|r#z(^ z&4E;s=w+Y3QzxNCO}X5x&vU|)s^#A??Ar}waiYD%N&-yBqgPEZ7MXffao4Wa zEaPP|);PjXJ?^A0^sISj*IV&FIyth7kQrvcS=W zO#%Js$S|{8QP6yYeUN51LVnutk$-2(5S}?brv-0S5vU5g+u(T_u%a@9sdXe~Ck4?d zXI}GBHk@%fDMr1feAPSGAFrL)n83jHO;};0OTbLK2MOQX15}CqVgrKL9dPw+`ReP2 z!0=w{FkEDlAgM64kOJ|6$7)i5bw73^`b3J0qoR=sn_@U4HerxK z20z|mIkM1gzt`(F7{O%k2oy>0sEl37Da7i=XY2tHm#OeTb5M#vu5$XA?RJEF2%yc# zWISA>?O(Nb1Yys3rTKmq+c+eU+&54aOlql{Z*?j4l3-F*2#sZ+RB!;w!4?TAk@T~` zk&%k!afL0$_@ZWx0f@P|JmKosrJWqymIU1q2OTY`s5XH_NStYKZ|?!7@LegA84sVk zd&!PMWrhATrLM0d@DJz|RPKHsV(3F=D1NDn)n^2BY(znOv$fw4APDq69l$oWUi^bR z**xgD;%Ir=7KFdUXsw`nYy&iafig{2=eDfML*oiLWyPP5tH164zb)YW&o?@q3djH0 z?wHK;xPem2xP1aM3HvyvwbSzlA8v%-hwuMzLXpWxgigom&1sNu-Jg7UU$#2s+{;RJ;&qCNd%|4lNCFlNH@_Y7_?!_HuWYIA9$-oBmwQ4NKr)#wh5nd*_EXC$29wQAOBStGoXxK$-AIk{96;I*P zRMmbG>;c}4VjZ4GX`k%1#Akq^`+XcXWx)#=Gm$zLhVl0$lnRMC1JSE;!}4{pl)Ywy)oz`ucdvuOyg%3EyL7yRG0}3k#g+DT zgK|9*7%Lpq3Kl!`YIVj$rTi@>fy$Z=GAA^?PdlbB1ky@iiJjn9oNpxy*V{8V5F92m zcr}k&{KM?Ppjrz(T^qq=`d5|E$q z1E;zmwiH}blnzR1wV%tU2adBu{y&x7c@jSu=r3FB{)m9l`q z6Ly3E;;VCJ zMvDn2NV%i2n5rt;PlN%i_i^i$<(pq56yBB!DZt84L^-y$Yi}8QcjYaq<1-0Zg3b4y zt8iCnEr)Q^&##%OGf@D4-(SuMqRSPh$x`3FY>&|)v#FW2R{Afm%g+X>jJCl?M#_;aa3ad?>n%~ zu~Z49#iInufpdtB$2#6``+t}UNP#y1Y>{Q_8 z5PT^83dT-JrQC+Pc!ld5J-}!n_Vz}ORS8Fh1bfYH^pe_XFhM9zPG5z}z@;&VR?)tM z91FDI8P%t4cczdpK74EPE>f_*B-f%k*M)Cp;b3)&CRJ8@gA*1KnV}$#|2{1Yl05!8 zuu{8*GKRz#qla4zXlm1AJ{OJ~DD)4#fUud1h;h)x3Weg+$5OyYxj;j?zRu_OU9RkUwuWJfqzZK6)fiQTE0UE|Ln-*Rp(c7 z=)w>Fz7kgmk8J88&=dT{@iR90a}3h3(a-=cNOT8MZqJ$U9jdPUVV2iSt;&p{5aH{C zIdExBvd&O&@SmMOQM|y+ho;UCBXHN0B@9r;__Y-!P=O;Jgu6zkV}TqotIwk45fMJH z0q@)YUMmBd^!0^9sA=m3S*`N17sI-nKGq2l`SsLbs4)<9Tp`~wVIDL<<@E`yk&%gR zrr0JYHVJTo3@0KkKLHfBL(XkZ&?V)gIc0&!6rOKoM@Vh~|!R0GN^JQoGH`KuC>l*{tE?V_QoOM>rKj|jW z4bc4q>MDe%F2{*#%%SRhL=#*JfhI9lph36eM>_u(TvC;z}aU%3v#SBjWM&Th-&q(qP%j2xC<&I2)A8Un%cpX zO8KLmUOS>`hn&BPTj#I{##kqmRMk`)Jvf-MLt)hy14(r7+Z(l%+f>}$kNcLoA=#O~ zFDKXt0z3{ihp;1jil#rFLZLi>DK|KrkIs=w+1!X1{*d$6b5wl^SofDSL~)m$qHZn1TNf|`H@{W?Z6p{9k2Ar=BfPqKlMc?_IB@+5GiS`-0+$6-i z$?geKjsuZ5$GArv3dD;XqX!AG4KdC(JSphBrPMm)8}W8`V7B+<@-c%j{M?3G-kfmC zMjMq_N_OQ6M=B1m#5^NJ(J}~2xG2!gBrImk2*fZZX;?N5P(!MwzmGP*TdPQK-D10v zD&^LdIK+A3%HCm8d?`d;u2Y;EqVU9uFG6EAqfHb?tA*fmt}@d9dNYu=+$mHJXbI5{ zdA!dJzejiK_a-&@W!)6d=i*PdfyDX@1swKE`BDrxJ%9+R>-fLcJO4YlEH{1>doe7f zrlxi+e!%&=m>h%Lc<$o)^owy65~-2R4!624){=Dt6dC@Iodk62CU9Gl>gyY>C`vzr{XFB z6AT+n!O^gmW1Jo@T$)^ooWxmAC1KbzMV75<4*fK;m>(fr|9P0x} z6um*KCqk~RMMmllV0}Ib0q&!5Or0R-ZJl}cKj8F^Q#+eVTYGPh-y_3MnQ*-`k z-E{F=v=yMD0!LX6ca{CgJGg_74M7yznrY8X>xuNku@z>?+?iNDwqJ>{DfJ3tW!M`< zJ|W9ukfyZMil~8-8jZ&+{UoXq+sATj<`hIZ@w4V!@X|FDFr%a}Ku@nn;ir-Qovp-L z+>cj)wSzi?&I$D$rleXoK7)s6;`^ME&z`%oIeSnmRmHlVZ4#d4Eeb6i;S#Qb+@Pd+V`}lx)DB?$eRdai>z?cdqI^!YtNwZ=D2VBo}Z-;hhAnF!)sDP*z#UAzg zDsfu>fP(8GaJSx8st43pws`Cii-tPQ>{>k|DZG?|$prg)#TMRK4q*by!&i*`;hPGl!7e`CDqPb!%(Um#YAF=&cRz^G>bHGxaI|ff`q~QifN#hj+z-4 zw_cmX%1Z~)DDB{SEA^r!TCP^fM&RR@#V5T{6J%WljLsvMFAR{A>uI8Aw7C#?;!kR7 zQb>0AQ;JC|6!p$sF0O(Np1%X*Bv7l<--XD}BauG5@`R7#%40m8(;1;j1U~=hL#M^^-I5K;w(mtv?~T z^bYFeC@qk$X8B9Xm~dZfjwi*<5x^?xGMod0;V*V&&vUoF8y%nM2nWdTw7hDc(I0e3G6`)xN)ZSHNHRcISqGKdbqNXc&af zs}o!FN*1lv68vi-z@*HorqN_BO161m))!BCr0@v!sed>?XZqCz;)T`iL=W`|%FPh6 zc*yB?#$D@S9{+hA{mI4xS-q(kY-PaSt>EpR31*qV3mup5!JAFrS1YG)Vy?6zC?GPW zr)a+edio|B|0zwcES>YeROkKXo{0K@N^{t!_Fzyq!I$A{1Xvx|e>MiYb>-ff*_$kPMv>QGn!Bbr6D}>ZGz-&3_j8V)c|l^o+bKS)r$F6t$w7el-K0^*G5af zmI@O^b?R;gzh}nY#iy@svf>@=m9z8vZ&~@ws?oC^)U#Z4D^sefT=InLa?g^!$PmEBXZy6y^#?MGr(uM=C$3nPAq8?LRx%L zk?y46F%hY`pC3ki)vt1$#x03&j*y9q7Iqv1fA6Z{#Hs9%mM2cLCJ?Gf%6_&okq5aZ zo8%wz0+%iQ3@AQR_sJC*42i%@k12e`ewva}NzVH!Wkn369x9!|yGzPF5t8xs`9~kc zNOxl^UWb^JIiDkKe!O8Ap0QI0?|;5+w~^(x5C`CuKj9~y0-_yY-EwHFeJ>q>9$ zai434%=#n!a9Z!98e0#4Pg+qbB^4nGGh!k$3YS1)?DJVJwvz>#R#n{OK%B6TxVymZ zEzIxb2%|hYE$tD9^z9Rdme1U?+R=UT2rkK#ajng_+64Vay3uy*qkMI}y_25PRlm$< zv_5#+HMuQp=bA*5r?IleMXLpw@P|Qm9%NG&H@ub~ZS(!~1*494nF^mF`!c6)IKV6v z#loNlR~m{0Gu~4EoT27*yh`C5stqD8qcPsyQsySVwFaSaf>~`{lS+1@#oH0ME*RZ_5QS@7{>_pIE+r=MhzrC1WKFS+SNxW~uzhsK=xiw56 zlCp(8bi=&!F%`XMow@y*6hJwtxV`(!7^rA)d;xC2ASELCwh_t0aTgsP85=EQts*G{#~?TXUyUp zObeCnn^AU;AXzwQ!W2czxXbe0#q)-nsB35MQgK_WHbKUbCa!p#vm{!LLq{(m^l$-g zsT}MW6T^rSbC1fgD`#t@wc=V(>hLpJl%s1BA_^~ECnJ`$?}($%eW}qa!wfwx{dKsU zF};f6$62xO1g2=wgIGnQ%RNPw%7Wr`8y5m}!>ZZbmh4*xB2rQ;it>s@Q6>@Q4Es0r$Gwhn!fcC60*oo!T@rrtoILe>Hu;cgqvPo~cpoJrY6bfw zGz!V{79odx(0N!HXkdizAoi^-Ehp8y+x>EfJ8;xFc;Pa?j`}VOf-lb4l8rgwf+0Y1 z1}Tx3-sii$0#XiX>}hB;w@_2CL$)H#=^$5y0HcFjAQKE;54DJk%wG2rmnXEQzvqRc zg{da4qo^OT=EnwItv-{#%6U8&^57j2{&Z5yz%2F2jE zx8Zo5%OVbCtUQE;YJ$LXs4k4b{S0}H*bJ}x_8O zt_ox+tE0%Q%PBhwn$3X6ADXU&X|`0K$|*3-`~hMrghN>17vX$vvyd$l0M{=jVU>v% zdxk9#vXAn<$Lg5#u9Y1$vYj<%%EK45v@!{VM57L0z4mXjjq99@0)9kD7h2d%beEh{(8l^ z1+5xU*Qm8~F=G-@f1V^%S~&Eor_6ClS7==rjT&6+m3+@G6&sH4{<8%G(4lN9nuBgB z3!9K9BK`gJ>N>f2c!_kGP_QCI7hy^u&9sk*{b{qd=wc(Hjd`a#5D@#)^QFcfIZ3JH ze<8sr7H7E->X3o*)i zhhjPQRDpt7zQ9flf;i!yiA-PybA3(IO?iu5MO)^uD1&|us+>1}S_7c8jbJ7)ce5Fy zU6)%^ucp?X@%J0yrh>3_WIj8hQ3*h7x*Lr(F8M7J#GxrDZ=?AD6z46|pn&ySY+=Uj zz#ZH-Zp%?FHvi>6Z{le&_N1rP^CjEx_`lME~jN-NE(3IKaxuYHnr z^}iao|2rZBVEhv4{$qn<&blSwgMNFtVUzI^+eIQyR&MwL977?L0`eg0|NGah>p}mS zECEX$aSl>;xNQFhI=qcy|MiE)OLvGU^9II3cmn+k_O?&T$S!|cSiCu1%l8g(tCO$? zfftzIlgMC+bSdo9VS;IS8&6=+-c;auXA3q^<^luQl?%i$@$X=E$DS9n!+|kImpcQ5 z;OuJY2mNWPFyl^^_0XX^`%r|^MhTsSx&dmm9KFh_h^A;^__JLFl~FUYXK}&LPJNTk z&qv8%BLN%Mi@_^`tTq5iTj8|9Uzm@^&Wd()yq_?9g|QB@X5f*_+%LIU&b%GVH3&(Ki-NcE!FR#V zk*o;Pgz1g~?e}dWRnx7WFXNleS7xO`GTVes?D<<;{rGmxxZT<@Z??;~W+Wuq50)k7^G zWl1Ce_Z7NFU;8yPvh%S^n5Zf#Gv}l2sQ}8&m;?lkmLgTtJ!S&ZMqnFm?$`!~wZF!j zBi%hkyY!k-2B!Dxe-6Q0_mZF7r^szfycZ1g^bXbwpPKYX$Q%C(oGg979cg}#_Q_Cf zlmB18v0P-jR7W!oPP&LPFX$AMN00rl8nf-nrZH8G8C#c`2{+@8AnKNbpmKWgPQU8? zGug8|gU6Bpvwl}IQ?CMpX8GQm5Sk)Lf{J}920;Z7C*V}k4^ls`7$8>$E+)5%^kkx* zL(t9#@STVzo;lj6chfX6A!JUFOt+qH`|&BY$)ZJ$!BrE(FMHhRP)tiq>OB`{bYQF$ z^EVBqyP{#+sF&X(LfdhC556wce&*|Qt(RFQXOh&q=^5z-)(38X$6ai1&K<)Zi)D91 zhvsR@)d={Vgn2IEpwsIh`UKjR3_12tWv}yF<%UpLI|*m0P(tN1Qj2~XBKxZeAU|Yz zn``=svgkHXD|HJ;ya3>lY~&?#Q7$d%K>DPC&mI4IW4nD)iRCtJXuJgPU~5K&*%$iS zHQ!`OjNZgU8e>-py!@f|JGq$%Xk0;fjrh;$RasxV!g3EbEsKyJ4tHfCGKp;owx`tj znY*1yGTS*fRD%+U$fPm>2!3#WP(61(oM>E(2;5^%Xz~UG24APS3&uCWU+d%uqD*wq zU&O#!5Qa-sC>8VGKtb7m=-TSMpuG=eK^=*PPcHF-q|$}5=@76c!Q*~i7PqjNR$BKd zzjBuzc`+{>&#DSCU|x;El6L4ok-&=G8Y$#u|5sM$b3qHTx;^}%!DnWD*=Lq|!aG?> zCz$1v=ehH|lbrHz<+^ltc!XGPmktsLzA?VIxAuU4Ebg(7wb25}jWmSQaz zcvvhb;bc$taSOtbKZ{xlnioE_IYWzexlvSAT!BZuk{w?(E5GEwtwuOny)$OHBUva z5*NS9E_+YKnu}Lp8?$+u{$qPyu8?J-_774pCh+3kEEo(Ot=e7}PE~VB=%@pS6`3V> zhH5QLP(~Cy8{=X=S*Wxj(7ps~o7JN+FMs3{RmF*B_ZECqOjm3qyy{hXq?hzePIPE` zYnbt?YbVyxHaI$y`PYpkM(4^q2PFNaweMol_^Ej%Emesy<8V}ow*e}$CoW6lAr_@+ z8;t78DG*2ybLSCXx5H01Z$iLdhAt`X$$e?ah#+8I3%dXHh^=pf{q58zj_5SCQxKg< zl!0hY^8l93y0KOmOogU#6LeSRmSnG$Y1EaZ?4WL})u+?6BSz z^_HooyWI%IeeqDi47}pPIa)SJqZYp{b_?&%i1Swz?mK@&Xbv8$eIvARGA|^~@ku3K zCPNX>&lh?nqZ2n#Fg9OsK};n&A^Tdm>`%U9E(}^nRL( z(cV%B{7cdWLu;Eatx>BpFgBZnvq5{F1@jfZ<*W=%tv*??f~r-*N~xZx3N|u_v(@9r zzrL&HcEd|%VOiH5s$gDPVBZD?{mkasX5X)h?hida($SIEUz@aI^f9AHN=e@{okVK5 z?d$mnjt=6xYCHkv>2;;!`GXCe=M*i;9|19-RtzHZI?Orbv4A18=}3m6q&Y_{zj@$i z%`8pkT%x@a;_XSmi(V zpAY%mu!H~rM_RxA>_LOy-2(u6)AX)ixf^6hWH7LzLum_#XvSZ~s8Ni(Q`Hw*P+kB> z^IFc}>ijD}p=&(1=S$Zu6sOxkYku#ax{nQ+SR8D)_s(|APe0kvoO4V@r}mxYtkv!f znFa@!{M>SBY@__Ppk=b7MOsHH|H;R1xB|4XzKY01Fs^P>H7!_+3e^gn99ZDps9Nh$ zUr+_7Nf?Lg&67%NCPO4oMErjB;K^UV@aKEnfBpacE?(yUmm7=GcUjZ)scQ#MR$dN< zNdGh+L<%@_ve!k<) z=o1xa!ePj9fP=4t(dl1{ui%8xP8}o213t`rfb0Bvg)2W{OZ!5PJK$maBbC@+gkxlS z*z2oE!-Ahw#AkBjV5?Entn~u1$iRu+*7bNMv0~a9@zDo3LfP%7e2H(W^CBuBW#eH&yZu9E8x)eCV+fEvDH_yw6Y;>JW-7TQrr$ zoS%wdkwkZ(ry8jp=$63op!=%r}=Gf@-D#T^Xx)q4ooAnlBZ;!(7j2R z#q4lmecMOW>>r7Qgua5=ih!><({cJpPAaQSt@<7#vqCn`{bK3tR;DaeX`Bj&Nl5^gLokbN`eVbH3sj%eoWJCPVjOB{!&? zVAk~~Dii&3(-bY5_jV6!_qy^$tN6%xMuMA>me?u_x8%R69Q^KiI;WhSfLv2}^92Zv zf4VG`8UbTWO!F@6tc3%^mL^RkQRj5huzhgu6y{F!kWO4mOZND#S5W!bakOzu!P{Mv zF@DWJ)!m>B=uFi`M09xYF5UPE>n>>Thd)0Fem))R{{LdVQAE7RW@B!nCWQX1ScUNw z70~llR}%*ne4wK@zKo(YhOS&4981H>3Ug*RF=ShL`qa>sy)5P39U|*O*zCTAk?U1K z5UbrgjK9`N)6C`P%i?i?JM=i+Lg*0eOBpU6I;vc!*f!O)%JhLX@15Ai_R2ulp%ShEUaxM+GVh0eWn-vG9w6-nwXBMzT~ z(4zVx0~zi5Kj;oy8eM02cpl{i+5i!IUVl8^FDHQA`|sjmfVO)ccU_|`b*}R;F^NP9 zHJb~^h?i*1R>T`ep&IF6TSy2c<7-D3Q%ew8J6wDp6Iw zwrQR7{w5g%UB+ZPQ6mGebAUPP!AW3cg-)<}1#~#4Uw<088g^!Ph}6EeU>udPsxA`G zn#0FOXhF->v*^W9W+5{;BWQX)?9vTe#xg1Z1w?fB7RD=yWOH538%c0MBxTwy2;ma) zHusZX#klvgNyTJGE^AQ}eX7U&RH!!FANaF)uJHvtClM;=C5+oulW%J6{9!mxNR2ZI zzc4o_2=t3~j?X-@FvJu$u0kmySXkH4l?^%Q6d%yn!`XUi?3HQ4O81=P*OF@k2SCl0 z3;`T~GeDa1BJ(&o4N!CJv|JflgXCx1I|^Gi!a2M#f*Co^tsuxB_B9l1zBkI z+yted=-NSx7P)m@LTk5gDDH1BB5xEehiI5IGB-L7$`v#rBI4D@c2~D= z_n%lz4*{hQ1bWOUFwKd;;6(;a!Ug@H%6MMjQLHd>#nWYMAa&T)(Q;}`DPsbjRaJ5U z>aXtRz2qx!*7FuJ1IQqerq7ZYD{*XIwQpqCper79NSmr0q3ymyx5#C8`=ycY#-{}u z9U0CW@*->{8b@X{OJ`PmP(omysg1z{gwht@-&8fDzAfBruiX)ty(=`xa(~%Tc^|G~ zyUtP*Voqb+T2MRvvPB}tSo0~Sld5pa_+{2)3J)j@BJY%ATA@E>+Ru*p6Akr0np;Sd23{!;qsbFJzlF^i>ED7~U7 zjtld-W%*Vemn*_wEgPTBhf5cE9(8Maw-odWNUNW}Id0IPk$CX}`0_AWZ;24(&G4VP zYONdBdVgp?nY2vl*vgph4>gXEeD3*L@f|OOw$_VYtF-rBvrLl6*>laJV~z%6s3f|6 ziYLdTfkkMX+FG)!5o*IKXpxMPq+m7(mHoGz=YtR&*H`x~*b8H{I6t%eF9*I{{Y5=PQu8^hMV-HTz{pCqTr ztUGy`(E~4}F%z4C^2MLAgqn+4VJsLJTQv1&4Y2UQCdSK%)7M@Q zT_OqSIWqM#GPrLo-vtj}y<5Bbd2u~aOkGejY$0tuU32)HbNboi7qyp(U-#rK-Z4=& zF?0Ih-(8+H{Mr!@+^TOjlSWRshe;!(5|*ORAf2U-3_%Iial%n)XZDj>47p|M`S`Ji zrCduLa7Fq=qg8LMLRYLmG|s={Z7eTV!q-K8C#P_l;?Rr$hHZ-3qy3b3`6)#?JMTYaL0>L7X(R}lsdq$F^ zQQgfhAq<&?YoL=rop5h~4Wc(dK-}$mpTjNZp8=Y@(KW)BK5P2!b`fjMdAhJkqScML z)iB+Z4L!9x^vtb=M>zhh!l-)eMQzWsS$A+bOCe^aS>k3jQp-wYq3Y&6S=3_T`LX0@ zB3ScZnw4Eu@!nqkwBsS#zjv zLm{&U&+=8zm?hYB#pJc4<{^S^{Z~=1sCQMyq)=W)9%on_kN^j8PPoS)nS;mq7+1Jm)vk z8b@f`UXh@!N_Ae@WVKc9!FuR3^Xeq9QHFEuVp>7N{p4yLZDa2sVVMi2`^n&mZKd1h z!m4tUsgvbqYtUZy?%ECu+A0ofndP6BFxIp-;zF{d)M;~lJz8a-npAAF#!IlPaIcNG zMR9Jii&pN9YNC3^Up8Bc;`wkHbS0?EG%0 zn@&&QCE4&_ap#p%U2v)Pk9a=sPZH5ND(m0@=EBVbOvT;DTH$Ay$*@?~08bVd4qDFk zp)$K)ieN$k!rNE2A2ps>Y~xLmmAv4tb$%mQlV8*{|NhLCV>h|##j`g{4QQq4S2UX( zZfo8evrHv&&0#XlrNBI&8!RMYUvsr1J5=7BdV!%%@LN;1@uD@Dx0GFzsP0VVD~VQt z&OY-QLa+k%XC7Q@@*Q{6Fq2%Esl9PV=VlZLn7;=g-Ubs?nc~iE{beF@!^347x5{OA z)LdmVgB8_jO%g2!G=opsR8g|@KWKaK zI6JF)Sjeioyr%WI_WgV_JCg!f@BJCbpN#lywv~uthqeb;vr}73tuXS-4C>X-?e0dW zza>oj{`${^DHRIZb~#vG0t^B zX2O0K8Kp|u)Tuq0Qo1(Mcw=QkNZXT3?$voukR`4-yh)l-r{>jY11dc`xpQh^tiFcR ztou~fHCic>b9$`7=NHGL6fPmA4uN-PN|vaFqgm~VQh!w_4I(H}-A80xc8**;z+0=x zp4kETG&s};<$T6Uy`oG!&`SvO39h1%98Bu#d{VRe5gzICJ_+(pmSq(>=kiG8uI?AWes&Z|g@pZhItq-=iJNjjC_D#(8yhD(TTVsx#@%^@i$K3UfM6 zimver;@~>Pci6U(VL-reL&AlL{F-W!PgqO2uZ+6dauhGN0H$pd#ScnWFCRXSQ_nD@ z)iQmDmFC9~v6jfh`ejk)6>)OK#%|T%5)kw>*YgJSNEIW45;~Dp9zU;+b)TL&tr2DQ z0QXm*2yVf3s_d}FlsqXK7T2=*w+x{=>4n@-H-CV;%4}TH$X`g= zt8!pg*n!eY`CIC|iU@><0VhSrG{@Vb+@jdqVE!+?sdLL2In6tV76Xub+`Pk7K>>Rt z<#$#v4M!uzdeFa>vh5=vRVWlWgnz&?T5Baj>(?xBbEcmA{fmXJC1tmr``UKb^LYpg zW0FIqwj0JBBbJp7`r^R@$-|#|Yb zyi&`7(sSNn?b1b7>SOyFVUL#@Zs!A4rP|;WJm9^*xDSZE@DK1$P@I75TMy!B6Hg6w zvDvvm&~un;DYckq1={?~lWQWtdZwV-T8P(Veqj`7+E znUu>E)DVxKRVdp84FhMGKz6v}H(wT__MPF;m3rCEok3>@$*Yu5!!fka#>>zniw%5U zSqbR!zKe$gMW49*ttZ&+VqNE3tPt)P_cu1ei%NO}+HQf)^sd?2Zw0W zR<0U4B`Fy+-N(o{Jed=B#{+#H?-RIp_`3n=xmKU-mB1iF)zhPgn()jkZ7XGMY^?!U zW)R}E&p-Z@i^Z$P?;h9?&-|`9ZA1bRH=Xoqj|<&s=~d~IOQ3`)|Hg?;F_LNhy@^Ci zUehj34!>%1!zsv(F_e48-K@g30nNzhlyS%nR@IB1Yt|}e=d%!<E`Mtbc85?Y zFbJa{JRJ-;*y`}@`fzle?a@FrDhxuI#xyi#?Ff$|c-EYiaC#>`8^AAtr9FO%Vk&gV z|9Bh#i1}vmDwQE)yG3!=i9%a277BWPw_=$Rwbo=uJjeES=hBkDg%Llli{Jd{$S3p!JhTCe9&fB-+nz_d^T%GJy$yeJ2~Yc(4v5tt?Axz zRk5*Q+uWaze6X7NwFACI8$Yi1$w36ti|Pq@fWbl=JUsaH`0pqakl)3sfyVUqd5+S}u!FMY7xN+olqX`@+%sCJU@zmKsriQ1lw|?g zZ0>j{QF1!8a~Ti7bN(lDI@7QUX?-EP&@vXPAuMoY+p;Q$P@>!Vs3=@*w@7zPt65;y z&fm0lngy*MGl6KTZ}-U_Vy!&lF9bbwfA}xScs^tAPxpR;-vUJV6hkkru4hrHl~up+ za(#+Hmm3P`if649u4|f_#e^=dzTbFImGed(5jf#y==pHyuYbN~3q`{($q8FwBvcL) zE+L9)D#VHuxfP9e2wN#F@kOB6#zzce87OSqjm7L=ze+Dx_;B;%e}qPrcG={w!DcUsH6u3lqg}85TQMb=_uA{&U81f zNy~;}zsAX0ULG=fc=RbY0t<=HmBe;ieMWUr$9vNm+#WEb%0#FA@u^ho`EC$tGAOb# z`IoEsw|#zQgUem|zX+oBW&{VUzAcGes9XFuxhA&BkHIe7B!VSt0$KRI#Hp#=cQy(qi)L*e>A*z~{s%ZH%p z%)rS*U=+D~y<-{q1lOA#9la-EHyQfCU;qFx*kd37c=(E#%5N#V_hHn3h(qdF@WUWd zto>ac0pc|s^985ldfnF!0E*Lz7aakB;b$(r(Z&3GUi18vRwsNf01IFzTFD(q7`Zz5 zwSa6VC*b{sWcL<;fyi2O%&>X1lO^fYvNk}V<)=nmiUNF)XPfYcc_&yaSq?F;FAcByL0RZ=HVTk%I1vBXTNO`cL)~ifn8Q?bCBXc9vx_`7mP4dW>AJBWFgf8V^# z_+G7e8D~#lA)VadnY#^I(nZDSs%#D6Rr!TEUi4t2go`}s^;Te}B1reSW*;4WPNZ*@ z;^o(E^-1^)^x_*&2PukX%&>LzsWkqD6E${HWS?4pwEy%cNN?GK=t11t2!9-&kyH(8 zs?EnKc*U+X@g3$XYZm#nz3xo{zPWo19(@IbQtKX2qfR0OR#r2&+t29wBo#Y&lA|hD zt8^mHwF3B1h-0jBB0q`9c71D^Y%#+cFah%6a*^QvUd5@M_hr_&q38^yIOirg|G4}r zh0mT|jG5}=(F)g@Cop~X3Oqux>cW&&T3FDXweF>j^(VHWEgSqROc2dkDHW^lTIB6F_nSqHq|@jq^JVYEmqtj3+Vov(!>Xq0=(ncDD8mYnRjC zv+f15;uXE0v2N!N8w$Cpx>wt4XG6D=eOTDZviAG8Ye_SFKDg+rxHV2SaOjAZ+1G85 zd8Bnb9sQG;A7(7uXw~^J!|9)%CQS+8aNNPDuk{YbUElpRf$OVf?3ZMDZ;3ddLCznN zuAT^D+#|Keqv`Q@<2zGE!3=1=p20oD5zEBj*Rd~Um1OLCO5$hbgJ#LNo@*_V(<{@< z=}}K5)|fscbj)f-zic?fxR$Vr?k3K>nWME%)D)kk{O%MW&y(4H?b`S-56|#9chOr# z+NS=y&%}-DFaJ54^9&h#I`~FEJ#i$<@>H~Js108rC|GZzsou&c&aJ8;M09`J* z)VVunE;IZm8bJCq!>+Z06vg87sRuUHnng)WZAiYqR5yikXy~o=(k&7F*=#5gdy(V|it7VaeS^oBV zS@*nV$^vZsnz}Vt#dvWM36=R-nVPr!3(w8s1-FDwG%~2 z6&N$&2F`jgoI7b}0CGl4CqO+u4FnF$s3na5k)`alblUx8z1Wedr??33Yu2uKr4U#G zC3Py>1U>n<;ZF!H*$0a#Iix-S*9`sytma2(Lh2QA^&d~@E9KhkmZdAPimi^WHrDQI zBs=9CV59C~)blKhH*$gY$0(X##dxK?nk+C4iXb>{iTG&eHN4MA2|Xh`*W(7@%u`0c ztm?c|uv#@V9JYl#|I0=}e%h!T1_o%jVH{4!eaCEdCENFFaA;tulDEGNGA8DuS_gc! z2oh&BULJ;fk4f!Usi+5jP)iL_B~&&bU-yOa(Ry6_;1o&;?*#1aj=}bl1SKMBj>^ds zVI01aW8?l*6afig?atqKyx!@(CK3%N$ zTBGy}^~_5krqP5P`Pt4U?hy{{A{xp#HaEsc%I_#`E3KIi^!&6G;(0f_d+n_ZrfT3- z5q5+|-MaF~vn7=>qFy%Xq2@GDn_64eXPSZCC|N4$I2T=ljKYZ{imRvOp}2%O1#}^# zsP9#pOUyteN3cIMS2V<6CEyW%5fO~{RK$(?!?eI;z|5o%2ilGA-7yY18nQxiT!`g~;BRt9YKp~;2f1vwI8T<{iME#= ztK8SAo|ersP-jC~Sdg>$Z3r&Ouz8o(I@E-24)R?n+Z@4ACtW&nM9^E|FV0`F#p{LjaDzZu6D|CmPbD6!oQHQQUlAYx#~W%iy119HmVBJ=krg3 z*LsV1sbzrNjqBHAY8g&^(Me9(X8!toZ-zJ?+Fq=gz4f9bCHzDW%g9Ng$HExNQ|PB> zr_ieavfTob@k9r*670bW*q9_jSEZ!82HP&mc2hY?E z4VNYM&J5PHrpoUNx87XHQWGlxrUXr@$aM?kxkqgh`mmI+g7cf=3kdW0fN_02ts5|9 zqG&(Lq;(S3P}sAG(9fw-2#QrJrwEqQXVNVG)X!+x zw2Zkn&D`#ct2QG0?%1YeDj^zx59X6LE+~McmqFOEtvhB)Fw1}yq5jKi#_yQe`7QVF z4rqO8Wa(}#^|9E&K&?gL(9K)hk9j6dN+m-Fjs0cisILQF&s5SdRHQg37}RHh_6;WNYir33TXy`}`_PB}u=Pm>95 zt$S`;o%b|&5NYnNS){ol(0dpR&uubPp+`S>4*Uq8e5+#n2fwCk!Wq=i-p}^G9~;@{ zRUsXH)>(P3=ea5>cF2L0*Y+e^0inkEQ8@pIBDjKxa~yu+6e}f=sLKC}_(|$r1^MRk zi($k&h?hBom2A1}KAN!0c zsH*F9WkLH`!R6dAwYWkXA@Dh7Uz|uB`Q>(C*2|D#kUl=`Z=EXp3hW*pZSAPSn@;V% zh8T?~3hZAJ5=<1INt%cArUhj(KlLP3#3aOyX5$+2BY=yv<^Gu!u?ZBmg{?gvn8g8k zQi(y|ID zZ1X#8wQDUkGAJEosFk0oC$_{S_P_O6XqWyn1ng(03&yLpm%=vJTc>*}`XVa&vJRtp zrUU|3M|edynYZ5dpSySDC9@c5JeoX3W_fyz&DHl}4g|;mNiMEOB2?aWoKHi!6yIB^ zyyO|XB{~^rn$auf*@-)!qnYx2YJzU0rK$?%5^w*c8*If!VrCUDcsK@^<&Fuml$uhUEQW<~`1?Ea zf8uTnuWrSgCq|oKQvyXSh;AD4A#cubrngQTF*N#Xzd-o3LV)7$h_ykUd{2k|x&umi zr=1i#r2gp@r&M5q1)@I~;*W7!dd(M8&t0vNU|{KO_1NySl03*P`t}=yooZaHpxDtk ze{Nj*=u!c#U~GzzMAFrI`nA2n3%9csoDY*sXKT_>fX!>QU_-5>#roOPF+zPd6Z@*9 zcXaFyaI;|;$mJV!t)?Sq0-B^zWRBLl1@^t~OvZ$|LW;|;XsHT3r6(yg!xEH#44T8(>0Wp*^Q^iEJCbhG>i zBry$kufW}OT+Ypmo{XKH6PbNyGSg+r>c4TGowR?xd@(L3aH{BQPZK#cwak6Mr9(<& zK}HXHl(EwlY7vsPNGAdYR?oo1Of3!ZOXYrP6io|fY7Krs6Yq*&D9?oY=DrzU`xSx9 z5u7&&TYgOs3o@`-Df^axBWwxh>ddkW%Yw4o{rTSZ1O*$vWg;1^d0s%EEMjGrRU&WprmqKcA^|;mTXN(c~w$g|uuxRMD|f zFCN$z>z6AVEgyH*v+RiR7?AKMi#~kd|BfG;x2j&e{GxM~91Uu)@>8TQF?~o2d^vf3 zOlQ8X)<`R|^YbF-#kzrHl?$cjMvAe5o=_wC8^@tW>A=`aB&(*WSo0Ty z2w04hm5Ai147MIus*0eqes_v3iE6{>14CgeZ)7~hdv+|_YU?brm+5cp zo8j~{dL_tSINCcDzkCK3dt>xx{p_WRv*twvf`hPC|5&BTWo4hGcTM6m8{rhM3HYjl zd$h#?a#?wC{z`M>H3CxD-2dgF0foS*nYQYJPRDalLy62)+@k>erJ`B??B!}N(Lsh? za)Ml0U-V+h(yOg!(sH9RGoq$IHL`vgG*ecW+F2PyFR|xS3MMJ`aPmYoHE6Dd=jRlm zTloWshtRV^gH{VpUbUY_2b_c)Jf*rK9$5l;5Y`=<7u7yJMy8plx{|eThVW448jsn) zUgju9sAa#qRo+pR+q8UZ#D0x8(adQ`hxlbd=1wBzx(oApSrPXVyI>Cv9=4H*4VEp< zC2`T@Q5Qn<1ICDreC=-u+JQ~yLRPIE*M>q{u0g@N`spILC#P2zGziwR`L36WMf$l) zm>iF?Scwb{mgDE+h5Ov=x3sPg(y=Tb8zOZn2eY_W*4}Ba?zNg`*(5@c1R+^(Hg6$( zw6_x0xTQhxyE4{HVWzK8Y1hWGw}w=3KPsr5jX<#s{5_*+WIyd-f3|Y%?GS;E)AuzG zz1%)n-#B=>fRuz6*O9QdGMfPjI*EYbMz)80G?lV%?Oe~G1r2nl8ovoK=wUX~T9(++ za2n+=qJeN{r@hUMXZ=eyA12!^PX}jM+#K2`5UXEhkJFaS6UIG@5l zJEPzjx}3Y%CQUEt#p70=raj#91yS<-LDZB~z0pcJVC<7zg9&e5^p>8=$D-MMWa0xS z!9|S2U6{ArS|cfrZmeLh9v(UpYEK2-FRGvt4+RRZHCsvp&nnvVyyBekOW=C1&gatd zf$znE5c2za1)Wsvi}uN=hD|L?->W?qjOy~#&#}Na+%`Zn7kiPMa8i9&N@{tMffR1M z~OooANwP*O)&@n?8ISd=2Tu7rD`BdU<`x+C<( zh$+-=^56l37)3%5M0MDhtUn$%?@wA(Tp%60OZHwe3BCv_u8gmD0YzdAppNXKhP}@x z?Nnf+dB@S^-@0coO5y#%7OCcc^2#_BDj5f59I8&#PP_R2!bQZw#|Hi!^3Yq0xyBJ& zSxsT@CMSF4td;IgY{_mn??2ZMyNwTq)&lCaaac4ML%X=6a03k*4 zFYSar9EjsvTn;JnORj{M5h?=>Hj~L2(ykdu`k&6e@<0++vv9Tw?YP8713p|$P%_(k z+;XbTnq2{%kQ!iDQI-BxMa?A7EQYp-*+9?1`|0JX$5xwZ9MhB7#qi;10Kd#HqY&(@ zsc61!$#d*YxX{>5q0bwEw$-~ZLF2B$NFVfx>`{2KpSaH5O!GL&R+VQ{iC|ZV)wyNC z*{{sM^u8fooC`Qq2%fQ!UUAduh7`M$@0#$f{yY8O)qhE4D%=pON%(4sZW62Dlx>o+ z)3}dc1+ZYBHFJ0hUM=o>6Z90vvcL2KtWWTZ&TW64rTDGBdvuOxpojF~Wbn@Er|gP0 zAE*UT%sUAcEJ5C zFI~dnWH(|L8QP7NVj(1UQz}2cFuoqT--O+q1xSu;Y`q71!+nAc)i&7I-e%Iaa|5XX`WIO)> zZ_%wg_K20|Ud>k^^-KJnyjW90h=?1(_b=l9Z*x8mV;M6q8}67HOl1JS7x|Sq_Bael zbw}(0SePfP$d=pv_E7VedPBOxykrL9`)gC#aNk4F710xO*|yCaG|!>Ox;rmUqFl0t zXHRkf@>?z$vY`e4durd=^W|s3F84_)HpTvr0O;H`IroKmHgEZUpk=KAsTTo&<=;rB z0L6!Y(uiS$J0ITu0C@kmBPVS5`v0IgEuO0oZMVN;f6J#pEkWo%u6}jmC7rr@-}EOM zMo>c7ABJrfun$6EirreNMF#=5S~9-l@cY^73IKfL?2(_G{kJ|j4skBP<-`BZc0&w& zQawnoc4c6~adzHAx7Aho%WC#slTx8#-XFmJ{%@$!QGzzW;@HoPoc>k?+PXS1UH&*@ zC@X!G>x;m`*BuYfQG+S?o+0$;F@ABCiGU9lvN%g z9UHet82icX@)qK9Z&d6Ax!HroqtwEkX)(4dL#o8jZzx8Z#OIifZg7K5Y6|TN>Po*B z1g4``Af!X4JH~oy%d`HOnarm<1By;I#vDJ?^q<@UMX?*s^R+n$e&hy5W0V^}5^GT% z2#y$YGMqZvo7$+iqH5+o=21b}?Vq?1;Ibs1EpppGx~$6Ai#?l^E_w*G)QKA`7%k;; zKi17Y=s=7VW)RJ8?r+;N3=hN%54^yL@z2&w zCQluR^NtXz+^`m^d$wquh}6}ql5MW@iqG2`rq6G2gEOm9O-7jpYF^=^M%)3Zd;dF; zTIH%RcvzbDIRthS+A-81jZiF%+QfJpahA(=ET(RJ^HkqD=(xUZ^z%K@Y&-hXrc{3I3mJ^u z5@Wh#1EtwV-EbXVJGy^bbC?NriB2ddJ(2_~nG+y8iey*kJG$da2q+|DO zK=?P4k-!A9QYyC{ycWzh)pJR;?E$3V_@@F*?vsO!>=Q69_NKVv1oc~Mmxh@>AJY4q zc3c$@eNnNG3o+u---R^7HyON;xlXZ0ae*6|Rzbwwx>|wXJHew8=ri2xCZ6vqKN=UD zKt2Ts`sst+1qqd3Sw4_J`$EB<#lPr=9J4)LpF6(RL5^`~kWDt3 z>kh-#)lBXiIFMxt?^E(J!ZV+`$d}Q29*h`$13(KtakOQCci)D5xG#38UX>qv!%9>Y z;4tJB#istfkrd=R1`7S#`@h;*$1FPTu=`)zx!91qRIEK~2}HUKw0p@9a4?m^M(jyd z{ps1te|WZtpRn+~BWXO}j^I3EJ6`=O%u$yeN;K;t@Jy#95CAaySZ*Nj(Eme&?Dt5d zqw!P7AApW8zmmjj-(eb#4=o8b7KGr>@6G~)PVZ+Ay7X<(#|DY-gSLJQ`qf2{ruB2s z)r2+HXjEiyyVAZr4h@!-hdACF1yP+Uo2`yU!}$;3q7h;TYgR*yw@U)o4z9td;7ID~ z7=Ii*VBmb2-EXx%f8)PGf8)Pm@5*>MNjIIm)BYW%H=y@4Perv_tYiH*2x2S zsF^b^8ediYB3LRAwXC)uVEfBo|F3{k<4qGb zu8M^x`obof?;po)7)624&0ZM@*10a@ZK<@jE5+>$jqTy9aZ$!Bu3xX18kDH6I!9l3 zgxFClt$UxSf(Fd_G-RL)jUs&;q?l+(sa^5@mrXo5Wi77R9gz7-0}?itfH(fuDowkpgK%vG){so5L(33f+i10SiE8$lO7OD*88_O@&0 zc)ztdLGUvSF$(B=Gp?ex<>N(~$7ZPVY^|kw-e2)2`7}3bo#I`A=*4!(uiQIM&MQEMrQ|1WM_@4rA zFFKv6LEKFW!G0Q1y*6+Hxw+U_HGLUd!YE})F?&v-EcK*PeyXDV}pt*17Y z8ml(`q*m!Xl{%8qURi41d+@=)$UfKl%mReIE+$*eio(nYF`<%LgRRDmk}}HD)#i4dc{aQr5VC510iFv zpvHXLtNHN1jD+Cj{E~le)jw@t34#{Xg|-bw>C^S!pdLHi&B+fUbeW zWz@?SF2j@yc@Xw*sq5#U2g(6RInr!k9(QNqrlzDsfl>udG$ zBTatSy4uBx*!}v2+6fu_Ztd2xiXlG6+vvdT&G=)g5UQ!;+G8fLKb8D8%XuykidmwA zLPWaN2Ul4-jRbsfbIff$%<1{@TL>YsoYASY)&V+q%xRG*PWa5EJlGl=y6*RPdyn9E zOTBOsct-@HsA4CSN3^bh|3G)Tv%vzV7(!~s54#d^p z`C;ID@+;yf9r6jjDk=ufLUR6p2Xc8%Mi=z{Wxz-Acq1mJ{_4#O^|0%tYan#vQ1!DM zG1smGakNKQxOf@sw*)1J%yL6U?i;*_>%9HyP3-TCh7b1l@DKD?_L_hf=-q=#cyUw@ zkStVaP7NH3pQXJol8OjpDd9!1N+wsxn1ys7WHJ=u7YI=|B{(` zgH*p_FI39LID5}EUOQg1LQ;$u<#IQ?fiAV?R^v?ekQitWIQ9#-DN_nLUfE6pQ(p z_@Txfx1qP6Fwqq+S-HAz(3)ZaliQbr`qd~)r0Gww=8>}M1QAJvfTnY}fT^mn-b3@d z_+Fkxb=k5No3{&*Wxz2N3yibtk%r$1$$2K^wC287vtL*Ts3TPLKzN+975bJt2%c)U zy3f=KDmFwXLf?PXON=XnOAwp1aYY&_^=$%^>75^=Ewkc@s;5hgcf`!nxAkBMsKcy0 z&SulFifTUbv)jeUZ-DNDj?2WjO--RsZg zf8x<#bFZ57#HbNp^1k_&!fnTy+~BH{Z}}jxJ$rA<>Ub)YbsrD_jaPE2oL!jCwHe8S zejY@byB zt0&D7vl7!tjc)4L-844xhR-@c3@D9;rfD!`QC04 znHupI8UwnU1A5M81@^{><#=0F5C<{fqB*R~L2VUPq)I%wS`)1Am5JjCWf2Q6A+lv+ zhljr?5Vo-PJW2{U^c$b6lxM(+6-g)c+*l8iV#ORX{%l!gon&^q^3m1!?3Me=cg0es z{6~W!^+Ko3?F5l`u*2n(iY11!F8-tx7j*L<+?Aw=B`sT{Y(8yoJNPkVT#3<>P_6Ap zKGekCG6|k1TH9YV=IhIKueH^^OO>pLAZ!{yQz_^M93&LuMu@ur&FJls*yqk=>YAr) zOddykyhdvdwSPwKbcKyhk)bChi|%HRg_`#i5on4={-uNN^I5mhKx%YA@v%{PBGh0C zIS^`|A#Ut%M~2JRgVIM1U{sLwN-qdDxmL8F%m%2Q@nWlk{YP6tlGNaza9vN>9sr(Q zAXoSL2sbjAOaQB=h=Yym1>7h~J`KJLa)^@Akk)=~iAjL>I9Fx>p4LrC4L^^~1KS{U zDio?UXg%(W%f-I7r$P3R$77npUPUUI*6*oOD@3Q;)%f{YU*Np;R@ieFh;iFx0eh1+5cjiuIO)mLd0 z@&+ypp%oUSXeR5WDAZ*TD@D_D83_hLndMI`d)=EreRTn9IJ5>7+)MqgQAq!~YT`um zxdM{9Z>|*P8WD{G zyK^mesK-TuY$HFtvg{#_`Dxxx!@jgfy~#|+Y5+sJ^)YLevP+dEf~!p@vj|{pyt~^# zR6Q)T@*F$nD-QBE*xKTlPE;%9%2wa?Q6{a(O|MiSS~gmhA~V(4%|MM>ukOo7^lef!4nf3VKcnAQTU_u z0^KVWH==zR`y6@AW#5CE_Pa0h@}n>_)i&cvoXrLr6XlyAkACRq0g6e8x;@elm?7hJ zR)>liWJCUG!+KpFn@hm**(5dDEwDEB0Ht;;xg5{D^(iQo)T_mR36#zDXLw?5Qts?m zsxMe*km+jRYe^n_ONc!BF;TYl95G*_jY>U%raJ71>aQqKFI?b-|bPWg0a8RjIiHT%zQS zRxenLmu?o49t?_I9Sr8ojq_(JuNLyWBwdcrVGt=;`EQ=B;{~XPkXWKpGPw@QjaSGA z3F-HYGbHc=603z>=LS4UmV?JJU2MpJfJ_}97Kn2#D~$L2JvyYD)Z;SLaju|7p~Tvs zWbV>8*z4T@u{v58>}wXHwR|#Ubz^1dyNqr_$0Go?NGe>a;|y$ zPK790A+4!{Xmb{FOD$!w?(%0GYIm60TLwIyYZMSZgn#jw68L-qS+fjz)0Rdb(vXOq z9S0Ydbq-y_X6LJGjX_#oDMXChzuf(QxO?xgCew9qn;AzL1wmz`7b{pO(xqF*fCzHnUGD+22gKGtpIVFbc6mAe__J+=|KktLmsh5SKY#pEL_d>kmu8hLw#RVA3XmSuWzf&9?SI-31P&MK#$ z4}VG7e8@s+=#Vq#j~L={JGF$ksaXHrb|T83X3ms#na-KCyOC$A+LQ=ARMG`V1Hxc% z>+Oi*))yUL0(ThOIo*{94}Cm7eVwEk)!;!=R-r%C!cKoqVW+^441*XiyDm)K4@9lY z{4S}Sp+~PQ#xdpA(~iYK&T1m9e5pRq@#Lrmfd6+uqYVRCw(cBxF*w`^MmG{&PAj53 zm-)q*lI7?y=>DSFJu@m@p(201y4qfAQ0+EIZ6b#Rx~~^q&J>=8zlf74eIC@f0zQ;8 z4#9wjRY)a$75cmg?$$OmzWfY3w}g`(%2+i+hBJNFPH?ZnC{&P`=^LOCvb?p>BYZSa zMID`veU#lmh}mQ`)G*&=Y7CWoHevUhGM%47_$(@PK{*&~vJ1 z@z6#S(^ScvSieX#`~?^Mh_+T-vVKc3_3(K;{NPHz z=h;g$O__XGXl!qoB)*c_g_B zOpS~m+a?N2fk?($^s7=Zvc>^_s~1JA4DjL+fuPN?fp;A3@-&N zt4i7FNjJW7H#sRyeNNOC0dE=L<-g-pc0_0!=3c<#;bR9QB$G`S&sM)j#@1%?dD~x_ zdy|ody~i-Q4WJ~t(B4bL>V!%^sT~{!(y{ka5&5Om>d-m2ULvhjw2u5-8VXuYaOs-p zOkpH&*uO95q^v!JHOP5pNPf)l@8b2p6$ECmCHnzjt5zdlB7~P8PsXsSjBWEn<>DJ7u(us*U9cY`{ z0I{QRQ*z{ebd@9bmQ&rcXO^jtFq#>Qwiny2fG8Kh5%FHnr-kETf)=beYra|VS{)D7;b5H_M0Ylw6TQ!Kg75o^2H-uYR2;s_}SehO6D=A?}>B-&9|o zEjYR~__H%U@mk32a9M0D0zIrNT{~61jHu0AI`H~o`1d+1a1m@xAt2Wa8lNj?cHw?2 zrM@hQW}vvx$l0X4w!-#;wI%lXc+$EBHF?#(p{w!5ZOx_mj}B3!fF1o@51=`02Ls4- z;E_+;DD5t1x_2K7+h4}RgGoJ?a)O8P$j@X$0V$i@EJ;VSd^d4Wo%o--AoPm-?QQd& zsRVLS{NgcV-I6gpll*HGgcCUu9Ktd8yQ;HPLr|X3kPURw#g=*K)WM#@SbbtdK7dzP z?)c0Lp#}W$w0?E>?*JPL*8sl#_HW{k*jMrA{`W5_kQ^Nbr2I@td^qn(I;9A{z9f1q zXdlWNQ$m@U$V1^fFclGW6#EyV)W&}n|12Did@Oo=tU8#Q=x}I%t7q!X^sn;eiEm~9zxrprA3LWWi(%07%F9NoX6- zzJ~$3dCVVvJAHW&&=%XYuTG%oh7EQt34qgP-}%OV+Tw)813Q_O_eSIZtF6;P>tFS|LQ-FN^ z--56IC7A_)IPB4uzwmQTcpA_1Z)g6Wyu;ozom0aSqrp|`QGigZ`Cpv{Q&qI4p#2`j zy6b#G5{lA4Ivr}~;Os})&`Lo40$=I5!!)o|`r)7Y0D%E@o9Q8El#&RHoj<&iU?7os zrDEXvUjD$HkTVb26BJ-LAE5^#=Aby+Sm@xd08mf!X|J77R& zoJ{hsnre6kCQi9_rMK}-^=7LEaJl|7owg3|2~?Xuo?WG!`|!4dzKNJAT?>WCme)yn z-TD$pnWJu{XOd^Au&FR92AXoCqpLsP&ArY}toK*~6Nlgg4+IzJZ6j!`F@06t~$v z@!zmB^ISn_T2Y>Rx9`ZAsEe!9s$wMp3UQD<2kWmbFNjC&pJBp8qZ9yibUAgpQM6sN zPD|nU`_^Nfx}aCX8w=63XS|O!sb9`5-T9z@3*ob|*y$p8UKb1s0C)L~bW7SMg=7C& ziaokeW(_B6W*!cS_xz)4s`c^g!B($`$)UA-Zw9Wxl=~U$rIS5ab$D%S$m}n9n-8A< zh$%+zO(l3cq{yk?EW|#G|0#`2s~iJVxPmmy(9oKIUfJbCfQ_|@Uei7Uv7cE?-u{84 z$`g7U>-N!i26gh(ka-!|M~4CqZ{vA=%rXI>g984`P8)QvW7BJWE&A7IL&-pz@GTT) zdql}kHe!9<^RBmo0nsnP3WWh^M{ANK}bUVnT({|l|X1w$bSe+SY^jau`r&9~Z5!I?TE=Z%0IXEZpn&QM&2?i)eEjAlLgqVxhNxDAzD~di9Bz_V-ypxj~ULo!&+!uaC!)*hdD7e9KIpv z`U4DZ3P|ex@<+z2g=xLfceDj&V;Aq+k-}2`AQ_KkD<}mZ$QY?VcU(Vh$i;!u39DC^ z7K3zX9PO@U#IgM7A;Aw4*nL_V?wN6Ol9wA9s%O*1hpK5hm-M`Ks7KmEKBD}3meY1@ zYedH-#I7r4V)R$$RD9Mg-~894@*iZ=8(kR_$pmoZh(6p+c-&*REJZwp;HUz6_v&&_ z)0(oOQBwQ$hJ{xUlOYHE)A{`IOabZ@dPy83qobyJYlyU6D{)LC;^IPczAwt!+$!4L zAn4=}q`OTnDnG!a-IaEFYEBzUj`|Imu^fF>J7btRIGLcX#;f2LWv%dUx~50qln1lW zSGMKL)<-Ox*}js0?vekVSY8$D>LvcdT+8iS6YRw<;;SehJTx9bz^76%l*;m9cOD6# zI)q7(^;DeoN-qA8ZekJlV!hmbRq&_w=DCQL+0K9)V*`!EW-w&E_#m*~3t1}&81Nq* zedR}@H^l}zm`8^y&5(tna5t7=1ev-wY4+k^FWt{@XhKsje@l4 zu6Ygj>E&IC=>|sWp=>{+^=QL`)l=KL4Tl8?c^;V;YxC09l!2H(yGo_v=*r^t6uVi; zD(l{$S7_DIH4_J+k_JZ3AWCIs9dLo7V~~{6jYfJ_=FIH+hgOAogZ92!$heVQ7prix zB6?)cEQ+jy5&hakKO0y^oJZcILxB&oLkh=i_hNXj4`7M`T$#!vq8n~WCH_S%{LavK zo%M#$Ds$DG;M*39&U;G+!jQ6qU$37afiOrc+I0W1Eyt_~U zLML7S$ve>*0bYTWYWH^%r8sBlJ@(sO1RY4azv~7phc=DCe5ny3^Ql2^)%^_YJw*f$ zlVoNaofOJKcV#~hn3R_mAH#(BzdCQYaK~DqpkUlY&AWGNjHrxpFjTVb?30nqW>)7O ztKh-$@@n^v%hR*{{f>+)a|EU)rB*NUP0Y~_V+n@sTq$D&YSRn576K$t4-!@r#%poL z4v^M<)nc#}25a(Cc=%fAw52$9_8?bBvk{W^vHl9Df=(QTiFk8;`I^S_J7)5G_(`WJ zB3mM8l=z-vcoxHs<-MsB=cq5uEZ!|JH6F}x zYieqaXQoCY>!3KGj$^5cU-D{aeg5KPi2O{yC4QM*2TJWp%s99L)DQzYJ%Yw5&Fb{1 zPt7+?Wel@9`)d-~=e_8KJM3^DC9Q=1eONi#9d7gb2e9%jF??E^1R1Y4hsnXM8%opB z?E#|*xP154?%-{&t~`NzaAtLw+U_B2(r@4ID6MaI)FIh?u&ylLU8oufCvkGlXQY)` zow&b!=p25j{aw-+xO1ven=X12Bu9Id10#>X{%{90Q>2den`U*0j|r z922$7?GD`Lj89KjLq_j@YKtBg>TaJ)1OdTJLn5Bsu`Q#Wmz`>Z41B>S_fV78%m+AO zxFdw4hBG1cEmvzx)dg?iD!$}*h6bKS%a~_?vU;9j}F86TPavV~UV zH_gw~ma0=0jgjLku4HC9c54jUG_Q-AAC#xB?69W&iCx_ZF2&umr8tiCRmKi1VOBkN zTG_!Or{ODheYrK}DYt#ZZPvd@H`1wcL>uS@BXJQSO;(K?T)WY%pZLUJEopy>EpSStWptiHN|&dX-Rb7+32ug#mUxbOod)1feIOE)K5`luQ3YM&~pYW zOJ1gq=SyR?hKHpK|IRJ`oVj>pae&^`Eg|!(QXt+QsV`YG-~Q<#z8;(_jI*zV@Wll5 z+K)ps5Q>T1l@)&B(>0jMr1j|$utRRMI-Yr-{yuD$tJt+U?e}f(KQT35H^Om62wk%ojzy zH83~)xYNvlgS#h)!u!jL5q=oueGGW zK}dOau_@9vgycl;n(~aW4RETzWNgzBNU79li0kiiNRZ;3S9{+rRIrZFLVh#awJ|`q zJNFOXx5Fmd_zd0O*8aG^9LH#vUNW`Irb+j8%LLjl5c1&nI@Ou}@y8a>@Tg=ZW`i&d zpIQhtC{$CSF$YrSm8Yh)Y(xBJ59SRy4>hn|Z?9ap^B80{H20AX11$hwlzSI24T6fQm;34 zYzv}OqAA65Xa%T3L!kmxFGN$A<{b%ao?6}oRMf$g_K+1RxOS*W6Hz&Du>E8nQX(1* z62W2JKo-ppqpc3L!K!!`MSkDv`xC{Z!||xPR&DErs*{Ba6w93&4wr1dSix&6c69=( zz=8%PM9SIj2=U!L<$U<*!KluA+BT(?0ubaAZM<*)IxM*=L$;ysbPJS0VHRTS*-4ot z%q>Cn!yw9F?{KC&7&~+EgRBIpwC*`3sB{Z1I(EK4sSMPP9e>$gHUDUAeP&?PQYj2Y zKbr3{jHyij)9{lHm#*+g*YmKgvs>yC)TTdx-oN?0@tHE@fW1|>*0V6uRCK4LR)^?d z5;vg1{gNn%PQSd2#VwH9v~SMg?5b!8NJ;^<>gI9TLXCnYN-rA=5 zN>2bBY^d#*RI^`|_pRjh@wiTsin)rfb#m1sX(etxS|il$ER^_O$9bP;>^hzPGAkP)sa^H$MrIfXM5CrtLmKZ5#f1- z0NSok8@06>**@A7L-{YeC$VC}Q&rJY_x+3l4t6a+u(cgDDEwgeRP_Zui7;>c31pY% zE&sFool2P(DshTqL-A?1ED3FI7?^u&$rWtgjR> z_f)+sFH7M~zI}H>aSuaH8&*c3JN0aVuM1ccFzuT#SvyU=CRhqBgPGN|!IZc=KKx%GjvHYb{}yrdYxoj5W}#;x`^rwq6AXHjR0Sb_)4`3f%ujtYr9^i{S} zB4-txi?>6_Qp!)bjidRheNpUP*Ji_g42AI!JFxuGj-;!`?3|L3EmukemaH{X* z?v5O8SpPlbAwnlV``E!jDu;JBKEkDB_8vK7Li=6S3qvJuCkHE-At4HaEV>5wWYfb( zi0{fYoUL#kI*hf)ON`C@gJ-J+8D+2(jgu3uX2>y2OY2^QhmX9T1zF`n%Tjw=o-(+& zCv2Nxc8{TI-c@J&!sWX89Wm_1=&MGB;KLLr>t(VTeen;OGe!B}3-Lbh>F_{LmlC0{ z7mNZ_kW2Lj7n5llZ=<6JMM{Xn5qYoAF%VJfS~sIMMIjWc+vm$T6>W+rpK!0SzajU~cJD z&O+B8k8&CTVkps`r;rl0QpBKeWOhCg51T4syzEf+7C=nLqBuIOX2|qKWN#+RHdSCF z0&PqdHu5Oo>u=TJ9t2{^|I6DFy;1+*`_>HGh@B!@Hr5_nJR$+D?!Mf}aq7JW=LqE_Ghs7G z_Oj42y9;s^qw7-yaUagO)U{S_x3rcwa|m}d2>8vd?NWI}SY3%m1i&U`cgcFktoHlq z79egY9kuG^vK|aHdaHhkHsvw>6N14yFU;4YHnJEm=&Qy0+Gi{uExa8$;eU|le-af$TSfB+_6H4ILqkO1USrXCAQ!R_h_U|< zRYwXGblHAsF#0|u?z1t2Ww~cApWEi57gPD+oq8GLc44r@Ir%}yTdOO)lqr-aCM4VZ9v3AoZ9JH}fzl_jFGI73*Li zZLEMd`t$y?AszZ!t!IIsh7X+pG|R(y=i9kqdA|Nm8co&E6l{>`I0pP`hhy(~(`xs{ z9bq4al+j$xbUQd1qdZ7Yl$t7rKT}n%>bDu&vQn>ocnPx-MCSXJc>ns9)Fxbf^H&QB z_^(2$S^*RbjOl{*u>_dG`qdb9^h4Ky1m(&y-S#x%gkhSk%p%e1=}9w*!^IkzoX=W5 z)4*RC1>MyCA@l2{A?|u;K7wX$mo&C_uT6ldxpYlEQky#ouQir~8OTkkH~1(%J9*8Q zyZ-D&FfhwRqQ3Fo(XTO~|3VA|(j@Yqxpg|<|7grlnP!g5HfSKisl{40t;JX!pLa=w z+`IL4_+NzC49RC-c*EI;ytjS*lz;j1|15wJG|_y`kD>a5S5x}grXoZHG)ij7XdGx5 zO2Ijbj;Ln^ecqW&*b4AjLoS=l7yEUVz`wA|0E#Bk zQBK`u?;Bh_@Iz}6pmKj{!J0@Vd{&tJD0oaUNfhM_mfk1$BTxnip6IiX^VrN1%M|6| z-~(Wtk+nzR+kfN<+Fb+`FCc1RBk%d25ARax%HI&5KNGbs3kE5MF;HW0ASHw3&HFaD!z<$vQvNC-SoRkC{Z$t%V| znG{1EC91>6UwD3qC50V9b0fdf3yZze1SRT#foJkR@+4DIv>F0F#drlQvC{oZW(eGau#@ETIw*u+^~|-A^6t;T7>3a-ri}8KQqj8qhGX}y z&RY&}TZm-+RCDD78u&~+&J+K6x+}3KEunt8LWb8Y&b1GNpEj{+#+HU7CTs>k`lI<= zW?A=qfq==>m)f=4^nHc-en0Cl1&aXi4Et4=3g3<_}5(@pI~@HJkF34WNzA zIw@GYE%n9@VwJ`^9pgR?z1o>d?fu?nI>!%IgOaZ`>kdeV`)Ev5IsN7&T^!{zlBP(| z;GXEi_}fA)XrAc?6pgdiRJXcm8Lmzi`-Kwq3Jz%ahAwp9_1U@z!d9oJ)@OCIqWp~C{~U`G!abL;n06ie_#SFJ?I?Nz%}b#* z69aBTFPG)L+J`jn@8~OwGyDe~Whnu>E>5ak0^^Ws=wMK3stQ7-p^w%ZbbAxJP0f6TzG!JE({ata;(TRGtHg3`d036zMK80_*KUds4n zGdHq(WPO&(KQ~;ZB&o&BF?DSC)ob)mom6vk7Xmqz2m3jw6=H;rxCp(7r-p^)gM}ZD zCQD)`PRhE1V}v37*esz1wbmsHq-}iBSq3?{`z( zPt9!HesGGZ6`&YAUeOYuK*wmwLW`Fjg1#WCNKN6#<2W6n1sU_Ug{})&;Sv|aNK0gq;kmeAy$jIwng-pki5)vo_Cw-GMvI8dkdQCX z<|sKB+&GL~IW-Wp6c1QkO#MQ@ibM`83MJ!j!_QEac_#mQSmA9z{*2?RC;P3Cm=`e` zC8^v3P_ALkGs)$ScT#hjhT{^o#v_$>xot&J%i?9wS_y$!&AbW-R>dy$^SC}3#D|1l z?i|^pw+#uc$bs;Qflo^Nku!Tp)VVVRoVUZ*8-xBvD_O)aP&rjdbV)bJBg0C*VM^&-AM*G%2L(Xk(UH1Uzgf&cIhmMkG{7_(7U(+aYBP*y! z3!f3R&lU%EIO(};Azo)cRKgI32a3NZRVep!Qoi@q0nLM54^s#o`vP@r=AC#jfM6bA zS)gTSgb3UdChMXTmTpk%AeNjPkh&_8CBNybnsnVFiWY48s&$W`k8Fo3i*vPxL^MUv zYKt~oPJ;T9=TjkjqP@8iMyND|JbSuA@tsW03NR()=J-PZUD{;|noJ|DzV+v>-5WN* z%hXvt-v8@@>WErz_}GNv(+kA>ImwiXRqJ;(11^2WaeU2bC5An1vs!UFE-va?3sc7F zyllTtbv2eYoUk*ER4WBZ4J^TB8AEHCs_4v<9t)T1*BDR_YO%zW-T)!lYaLy>oiyUp zJ7XZmLa`a67up(`q_Db@?Hm)|<#pHbgfGO9;#7@pM6U<#i9TmiVRQ}M01p4KX{wEt zh`38pMSMqCuTVwr=P4!pSn1{HNINA@k`Lu?uIfJ=*0F%Kf9$*1%y3rdHn@7F)9n{* zj<=3?1YiU^BoAprMeYyPuTa2b>(Aa&fxU|@Q=m>z`td`|fwdV1$7-yz*THlmlH{N& zxV`j2MQEwJ^nr|ePSedf%{th5+?OsOwyRD?2^$_7!w~eNmM07}J%09HAJO{I%qdOx zs=QGLw|M1>qB%}#%pkS2OG-JgU{xC`2T}t!tL68~(w>?MhBp^35L+(~k;M0xpY#wW z)Y@wud}jz2Nt*J_%kZ?S$T8#Y;hg9?4xKJcT()UFHU%bFD1aHsdB?#(08ryx+Sy~C zKJplw_1VSKK|?wsTOsaJ4hFxsU^F=s!A#X@vZyD8(+%+{s@DKv=Tm&QC*R(o4fSd# zj!Q7!OU|{{E?l1#FMRq1_)TtaIOA-a+jARiFKN0|v;b&7Icv%&Kgp#p{W&YO1LGf# z=;g7M2;ElWfrt*)=RU6M#cqzGq5KqG8*0*6xjG~|IIlY>MeWw|obFxBzY+Yo=> zEfDb0LD&%j>7}tgumAnn;SD$A2eHGEK%tR=u@9Z%Kr1xD-+fhAFJKme#j;~kF0=Y>JSPJ}n#n?qe}ClPwP?m+HsK$oAUMbq2n$-g8Z z`coTJk*)h-Io&R9(;ND#X+3x?Fd%3;EgSD&Vkm2AI9Jsmgoj-K%j5Mu7-W}|a{P`ItJ`U-P_lRj zwu}rlq&t9j^wTHivZ!Vf?U?*B1j8ZDlw>k(-O`bKV#;zbL}|Qc{CR0WsG8>>9V)H2 z?Ti_$RQ~=(I&q$}PR7|ldHz6tc~D&kyijh0AKYi`j_J~}_q3R}Bv^TAB{UeYc8z$BOq9Oc(if+&2-9}a`+^%l8>}{yt?DybIK^<7| zzWPb2prsYBkFCd>M5Gs@;(>KH&Rso-dd!vn;Px7n9*W3FwDbig8o7jh=u{6}I{~+J zK)%SDRz+qW#lKk>oGqJ+&gDwtE2CcYl1~D2E2I0smd{xf&W-!AvQl6z6LL^kiA9j2 zPndGOdhC6X3SF7Ppwc7x|DMNsk^c(*v2j!)&6OT2w&lEsvDz)Eihgcz3xAF`9Y{!F zy<9&gvSG3&Xcw?AvJWQ{CQzr2^g~cBPhaSY$`Nt62%oq5``)=|&#pC{9gSGkZ&V7d z4-}$3qZmleehDd?<6uMGJ=g7r{AjZ%>xP@iW3+kwExjf+H>P!0JF*OwcJ%w!yz>w_ zRh}*{&)5FYY`&@4aKY{183men^42V%@!icaQSb!08X|K0Qg@SK&8y3t=fE(uI_7dB zGd3nTwO)n6%0=dLUY6Q}L(pZ`&P8Y;IVNK|NiTFqO6??=jV1AFfGX^w1CF&(^yF0O z0UK$=sz5*^Mo*B;w3VT^=A2@mNiQ{CX$c7`nYvAxS1h9(hSoUQgtN_{t_B~Tb6SZ6 zmQ7u{>do4v_sDDdm4kuN%0j)>6Iw6E)sP3rbEf4voG}hJK}FVhxErJ$ByHx;Oh7V| zF6+*viEY}4l>Ahxc^kT8*OS}V?U9~thRAn%#f{Bv$nZUN+Ot` z^oIHt-~4YltTn#l-a5QfEBjRau1`@AQ^5yvl&>epkJa6%{;Q^EITnA~kim z8kjKeLk7&@(aA?bFdj`$V~A07U|qG4%j>k+gB0Ag%+YywQBkz(Ef-3o^g!r+s5%J;KEsnK6B8N|FbeqnNcIs6}-iX$uK=jlMIR}$9 zw4L}W(g=Z+4ETl-9mF0>0PAlse?qYxICIFRKv9C6OfvIgjDYArtF1eCV3M zxW!C5lD`V;iIz$oX;cz54gIjRNK>Q_EsXmx2BG06LLzD*U95pxEoQk-$I`PA>e{T# z#?$KGOe4m+6Rh}eD0}`}e0gK-n*X=>@~<`K*;?tHg13hYR9Dy%GYkIa=XV-7S%rq5A4 zN6L|4vTQ)9_s-2(L4UhIc5SH)F!dLsA)HuIE9bA2=DWAGbR`p_-stAlKcfYmQ7oCs zY?+*GZc8O-Rago|22&iawI-Eat@ajQ)h-bNxblUX>M8lxfOR-^pkklmSl`>DiUNgD zAvxTsuDo^?)T{uhE_^!p3GzZ3(i4ULJ&^j@;7i44`N7C1ZNLKn$ku z(4}7QMNTyq7%runSEg9tFdpzUDpcB~Zg`)!fQ*12(doB|mYyIrpFY9gr;^b42fjKk zZ*MWKK20N)*@IAs=_|cqsSyp+5;}Rtwcg$hY!^bBb}>6oGANa_p&SzFAX)p<)|soK zfZOjufy;YZ1oQ`JO$+WPhm^kefublF%*B*I9GAJ&Qt-cSude3OLw`0j?cVKM5~Fpb z!FNdyMCF}nfO|x2gZ)KcCDf3<+N%d4UEEypR9ihYE~I@STTjl&>TEN|jF#s1ez`ZU z(qs|SW*P^kJl(v8LcnBm+S1?SLi#>+aSz3DH9xX z&bq;?=r{0TT4=L}jBRgVZg^{q3UZH97URIS47($kfN8Fwm2ql=#)=brg~L8loH#32 zcPgr^|0F`p!Q@4Lq5M;)h}7V7>C^1ivP7o#d0PDmy1AXbsRLXfmjaQh+AfQ{GB*df z0tZ_w=xLZGEcaukDKJ2AGEb>vwoYKtl2V4HC^*$Hm5=shxI;4!gFU0Bm}%R`Gh%%t z7VkfY*j%4E9;6WG&m@#pIB6`&0Hd?zQqOmX<)tl>A+P9HF~et&igCBc_ab^UQ4tRi zx?R3SHZ*d4Ad!Bj1h;Qx(bD`7*M8yyGLZ!w*7QctR4x?n6h9E;WkK|hhbr5euW{&}(a&aJVq$V_8%Z^@}vy*mRwzZR1>9U8;0)v);QHgSM+e!8G0xw2u zezzaGN7~>w{g9SWu1U!ClqJCf2_&B&R6*&WjvxvC`)L&svVpVfEY(flkXCNx*auHb zcVKGdH0#ff@Wy%{c~9}3jild6Ss!1y3PpQ&>RCh^muHY(>K^Q!tQ`z=g3LmjJ~{>> zuX(0&ywSJ`|GM;6_WgTeC$o*{VBLMR8|J_uDjU zzl@G|Qg>ROkWvYps4g&F?R(&ILa-$aYT7z?g`EPb{i%uAhkbLrr*Eo0iSCo~(ef(o z>fR5S!!gPjmoU@5tJvd2InuI*=j{^XP%M@0P{RoNr6QMoIETWi(_-n)QAE|M|QK4K7QC1b}vSz2j6>A>tWS?3ZHGL$}&w&)q7Tfq;-y}X3WR9d>uQ&nB z3zqrnqPA>T{(q2B`?B?=cTOK8y27pF6ilSt$<|o(wF;bvMFZ}rP8$q}9R#7f#eivG zUEwuLWAhZ>2aNUdI)Tc-`8Rqu=`sdGgE$37i>s*OThU+cSpBKWd_6iFthiHj7hul#pHbpLKv%0g-TCLH-sLvm9`?=1Vh3>=L`e?{MF9~Fc-yOhoAe*)&X-TF4i z?d$M2_stB$vwt3irz@6~S_*i@?TL2Q?tZ{PM(w!VPB;K&;Xipu*B=5ReQgW7Wrn2` zb*jw@8zymAp=qHl%YyP7qrokYedZdhY*C-EQAWaA)50N#6sY__AZdmChW=z{^)K`% z;6jbC24^+a@7CC6+|Nf!%TV&|TI`x?sf2SkEw2AG1lKT`pagp$p*Y-52Qtw)fFrR{ z_y>RwKjkJ6)mkL<*K|y^qi}8Usx7i^YOg3gA#vMoLmLxTxIK3#!FJQMl}ru)%Ug(==&jh9`%t^sT8d^*Cb=l2kZsPT5PNz}QBxwrCWZk`%Qv`@m4sOAsl*BK=3^$e z>r3U`r7u*5QF3iCr|}WE21_4g@!gsC6bp#m1uSLJqIvNgI^BDfxBD62t{(wYV2o%~ zT%L1gm~AgCl?y6X*!T;RFqcM@qT08U`A_}xLu$ofR^I2x$&qqz#OV@E^J-AG2U>yz7bxOwW;tx;QHQHi_#ONu< zv^-gFwNpZ|DqI?3WVP=+RD{DFF9+Hal&_i9_gONJ7rG1J%Uw>OhncmW=kzGIeKIGh zXSeyF9OBD-L$~lUG+(;2Kktk*>5s~>TQ;FIGL;BVNdL%7w~Poo7|;DT_`4kTrk>z$lP* zCqWe;TYmWwE(ZXv!`}uvfk9g=e|T1K z0Bj9+1g5L{jUEJMg8o_@Ub%f->cX!t!i_t_e|=%r29);db-xazum1{W-veD0JR6er z^tZ)-4?x=yKVts>KYFoumA2@7((7*>QjNHG+j+!)bW#E_Yk;}#srr>xr2^gv*8c25xN>C9#EUI}z5g{*yjf+lt?B)rdqhxj^tlwm zxuUNz(;5#GHQzoOu|IY#By+HSnq4e(7P)=17fWrUS*mMGi@%{g&mFTeBLF;3e-}$r zHU_4?-u0&ubW2|t*tOK}_N+$4XL3YOT(_{t`TPtIJPzEfudh8t`C2t{#|(`44L@Jv z2maYB;9+w^>U)BL@@9g8@?Rfs&$Xm>8ZS7P)AG5awaHw|8sRc9YMe+zj5l zXfJYvO3Ft|eUVVkFtf%QZ&?z`x;xxjGy3xPqYUpqTz!hd>{>4qFljLI(P?4>GxUsM zU0rpVZpH8n<(ia{j2cs&6U3Q6u+hpT997?<(sTd3Lf9J#Wu8|%5`bq=5#N8&6Q+jd z6W>D6vQK_r6-E(7haD{#Au3=5)gHkhyEM0X?LDr3u|;0mpMot7!K@x=d8C3iZK8+| zLk7#B$B;uM6bSo8iD~yt7rwv<9uHf1K1Ed^yi=P56zu3%aa8`cy`-&DM##RQT87>zcBJ88{rWIYY^2WJ;pA<2YmNFu0%xRqt8V|^V*9i}a4%jEq&h3w8Y z9n-;M=Dl);9D4D6W`|0K!-ba{kNJlOP|sWSH@0#$3iWKJ*MbX9D#RT6_UC7f+(~tS z?n(=oT(8p&@%3=1UKyzAp6mD49!f5*(3iz6KZMnbYf7@mA|`CVw7PKGlk`>cNYeUt zP$(~Qyw^ZBWBWq$=$NF&QZ)1l-8WD^&xaM{@4ZzD806UBO|w3xcEVvZFZd92q5X-E zGB;@2D;3Ww)hAjg8H#k+H2bJ#%%-V=SCGrQAcWVJM%%w;j=W73!Cs;U&TsZSTFh;~ zppgk%hU)KP*(03>I5+Bg+$hBG%cp2#&KXqDm~JC-LH@P*-{O)N%4#Ix+K&8PQTq!z zdoPl%>}^s@c~>Ru1iFCW);eJk(dSGpNyqau`9c%5q+PYh(%3~MYxr%=^&Cf*P`#$->D#&_{i9T^1fx4PHIpjd?uQx;rs5HD+Ilxr z4f9|#w>-?OZJe#U-*+8W(2VT&^WZ+!G_OZxtN{D*rs8Ei!XOMtsX=a})PxEErv%ot zD8^S&{?1Z_2P{)tsnw_cM7Yf|8{3nX(o${xpbhhgw%E*Hv#2{G6WjbC->6?lFqPHJ z_2C!G)LxtVw9{wyQq62lTDZ+0^bbxR3Z6}m)lAadmeEe}OVzB3(57@+TJTs>%5qMG zvvk~A2_cVp@dG_zT{L%ma5y8<)9OC_X*y7I|L}X&k(dB)f!mChYe4^}pRGugE?qKc z_O2H<3OQOm>;TDUv>bM5TIh0kW%SRoE?EDG%StkLpYl;at%#>z2|6YdCzAs14=9)9t`=DwnhKg8?Q6iztZDSGU7J?zvI$*ljH|Ty+^*=gF&L!b zrN}w&GYlc~_G_^{E7_d>HbuF0OK=4+UzVkqR&COGoqn$mLf}Ir*$zEc8Rw7(ZJa+~ z5O1fFn*|EA2T&>mv2e$0-RZn$4P5P1?Sb3GT`Tw13{d^L9^ZcWjv6*7eIKji@QQ<- ziUv{!lp@On?UD${h~k9@NlE(?GeWuGv6K^edg*XA!pIx=Ag!ZYCa?P}S0`^BpR;=i zv4x)F845AQm>jY*1+9w?1~@6g(XI~GG7!pZb$9$x9nY;`PQZbjI_jsQh;v0S_rK_#K**4Whzkf;gxjqk zT6#+NagO}_9YmT6a!O~CdZuRBUp;-}#LORP?Ne&Y41sGeon>U!H(DytICbO3B?(=3x zxjQHShQJ{{FI83$GR5T_U~Kh2{u6L~_VM5cU4*dUE^ixyi_^gYFlU$1dRU#X*dA+E11sOUw3%dka^oLH)Vk(7wt zTsbiK7cj*S73aI41+S;OwX?2ENXwRZP=jYEP)=8k89qg;B-9j>h*!Ei9cv&*uH$$!TV%-*5EVjHc8Yjb!YOAIvxIvoe7Nxr12=iH_4ugvL&520=nz=flH(InBGIjmr=N9BBQAvMScm4Ie zx@EBDql3UC9N5E#%rD_8=`qc-cpJ%Fjy2&dOD8;YdViMvdqXz+?qU5SFGCYqmd^W~ zL^wM&8Va&?cU?3}Ck45_7rgrHZ^LuLLvHl`UmKpwxlzI>zKT@Dh1aT)E}52qzzpg) zSq!|;99YPFY&h;X)~as-1>vy;Sn+ImOrx}YYFartgs^CLA%-Mb*j=m-2PY_BA_#o! zUwRfesa!_cI&2Bj2^wpLzc^Z_ON|Z5IQjohYJNlt?_Zi42G6J$1J?7Yjz|(Voiff!oY1G3i`Y{seQ-+7_keko8~$j zdll*WE;RTh2l-ICH%IKUv40t{3tdm7d*=UO!meKlZ-W8z_?-Bkg)y;(tGaVNt22rt zZ_OJd?rcP}1ze2yeUn{pa{<`(LAeUoTe1*_|2Wt`$6HTT3;ab}*3BbY#Rfc6G@AN? zl;$&iU@B5;cva*mdWMAyNtQU1sg)jg^~L(-Om`!Ziz!(Osbw++l?Bi;l;R0E`M(3T zt6mxkCj_28j4#}pFCSO`5QjVh0hHuNh!5m|rj}N>_u*yMz8~_1VQpC@F+!x``%sq( z1*V}$#%`=br(@Z*8A5?)+kwhJo>zP{U&$TiOTB_-D^$axM`DbrrPJ|>ZH28hdBx%S zK>Qq#P7O?;+48&f+B!=zaj+h+S&0-F z)!Dx`KqQ>wlJ%Eb|E4M)yx5ti^l`t1R5acwPz0SB6YN86h8Grt<F9S3vi+<6U|(?X8N(8?otvRSh^R@J;)9?Ho$>d#A|U8kV?$9Qe|}J zT3~g4vXa0

mUmDQAb>dg2Fk{F-YDnVgqwaZS>z?(q@S*cze{LVrHHdT8ELkw$0?IMX{&qdvmx zkq(Z?STUs))Jm#HufTIYs?J9SXo=Ma5W5M-jAwdiNi~_th^3W1_%_zFqu8knrTQth z`eq_FzFZxgY#;D6I3ErS;uRz>$Y!{wv#!%GG&qoRO2v=@?UpYshv5oTS;%)SwzX4) z>+yHFTR^=E(4~M&xOszh7oEQk_jf#IJd%Nkzp6bOIhyd@s%{?Hw5m^)YNh6176^-1 za3GV{dkhZP^V{H)TE#NmY!Uyby7P={BH!CSdv+}=Dy{{P7Ey$?0HPE_T~t7%sephq z1(6y8hR{P?8zN0nAan&JAWZ}kI!cu;gdQLQnwW%uKtdoP$uj}m-E)rnJm-Gy&;8=g z3ttRQW-{}i`Oo~W-}SxrkG=)WT1!BzPtij`Q0e(Ng2xYE6d!Jz`3Ghsp*hasqu@lQ zqr3p5U~`J%VTIKK@VL!Z;tBZcpcF{`&QgWFo;TjPfh^knZwU7ThJ5&Ws(C*clg~v0 zf~GS0<<6ttwghj-azq0G9I--~J;b zI?8a*eEY5L2;&-4aEKBknJF;$VKHd>jjVQ^kD6HM!jJQ9bsr@D~P#{2uavpHJK ziQTT+DM$MfGNEzY$G&mgzV3H$oY+8RuWbu+q7g=dq>k@!- z7K(QGHC||20A((sWm87!a&M%PE~K?NCHU6}!3*W~nZlN;3CA0pSpNl^^_lryUzY6O zc`+2k(?i-r{|x6+E@;uP=K@eroH4@pxDSj?*^l&fHZ#|b+b0}2O>1U#!D#DCM zG68NWVc=V)pSs+O3s-Ip-5mf#UXSaRhKiw6nI9Bnsd}~+fM-9l`-ZKsK4jJJhoM=h zND_@}op{4Hbx@@x?oIz$W4nR@^3$qdp{rDh_gTo%K2v41|pCpEgTL1Oz~YGNeLygE|ueAk)K@;VZ2O*lFI%}@6CAw zr1$PF?N>qZ(|eDUh5_llP<6D>Q`;_t(F9VD)Ia1+A)>Dac>9Lh__v2KG4%6(z8@Rz4 zsIuMpsvcW(0-hw7$sJv^in51Xj8#R4bd(Zrxp#*69!_)pfL^g2IaQAHCIL=f6~!v5 zUN4NWEu?s2j}#?D<7(ebg@S~y&fL4;`Apg57xBLrk$5+do(i7R*mrBez5Thx%xd26 zZ}Wlg6|4!3_*r7dIIGSgc{&YcD;u4dJnN!?8hl2dCyPL4_qbxBC`i2ugUDaq3|U+8OSli1$XDF z=U7uQIqyhZc!?GqbcLt;{L(1aowJRMabHy1Z*bVM*vod$o=Tbh`KCyUy2c8HZa79x z#{F*y+%5f1pxfUH?n(nGa%o8YpI@KjgPvajFS=X)WHAFA44(?dBgACj8$~%Cd8!`p zTJp{LT(brn>9riC_~Q_h?o)fa6eLj&e@5?fjl4P0B9>S z-IV#godn>Kt1K&MHO~%q#c+GXroTkyuI0Px^{nN)9{+aBURk@)0E+V_py0Ns>2uzJ zo4Z4x;E`Sm;JUgO;JC(cj#_6p|IvFMF7Q^F@0ofj4J{cCe^@fLLsY=}a0dYB9o)3R zVYXT4Fn>!#Jo(2efX(Wu&PDUOeK_XL&PtSi-$K`K0@f-WCjq+eV7yB=fA^jXeLF&_ zCqXHbZ~uh+u5b^^3Apj?YqpQKY+Z3pwk@tz-r82Db`cHV11LJ_zo`LAJ! z04#Vm+NW+*taaseiTDQ35->jwuLDW1{WUJsJqh=Q7v}>={pKZn(`94t$ORioy$m}F z_K=I0dWH4hOK|jm1O^=%^C2Ic_(`NRnBO%pYWL%Mm%w|CuaSSNZ=!I50nOJI1RTwJ}kKUctedtxI{0NjPRQtC|uVfdw-&zZ#n(->k zc3M>_pkui9CK=FvZ!6s_yoC1_VVu6&OsN4E;-y=Poa0)7F6wKzQ3&4O#Qi{ZNkLm$ zKUU7sQfD098+fHe9cr5LrW>%aCkWpC+YQ=xxzCyJwx7N-^-@1yM8m+T=IUK5oTq6@ z@L_jITA7kvTyp*R^bS*w4AjOu8JcSk(MIN!uG?VASSyBCwBx(MHl+->mr~d%_(KMc;ZGrmb+_bp z6Jac`_o>2}y7Im!_0?}|oFTv>D1GnZQ6Mg*X~UF(JBc=eRj5EcC7zZYOwO`g8GLKn z)|y-5BG;0?_`tXEF<27YoLdMe?c;`|+Wq4>WQb#|uVmhiTQ1KGf)__v`=XT4o=#V{ zQ*1T{Sm4d=XSTk$EFgf7_=d#3X_^Qf&v}re`rLWqZi`)EY;#RgMM{ zW7A`q;wE4xZqu6A@>!o!3Lj>?iJ@|jAK@ycDcdJ|UndeFVSS2;or(86xOjgHr>|o z0C6-5Tj4%H&#)P+*5Dp_tVe1X$5(Ddkk z3@+CE9=O~K9e?Xp-B*xCQep^C%N_z35yA-CB_Ka2tSs>J}bINcq87=(SU1YxtE-<3x` zVD+D`-6=5xB83tH*fNIHemRime=TEm*XPCuqPqv~qObb3HRK@Ro9#${weTX!LcG9|1v$*8V26ua|```p}J6ud$6cv(;IAG5%}My}?6#+QC}mADyXG#KGnx(Qdl zhBX##SjQTF?IdqTE5vEz{5|RIDg8FnSf#i5kQYTpj%k}&4wMgdCh1ECp{2I9WJxlF zM<;Xlbh$QI>6FN6%G5gs9td4yAJD=Kj;6l_9&b0#o+OInFi(ALBMalx6 zWsN%nwGvW}P(vKPyUJz`mGTAii1jZ3PssV-Yg4B#f4aN+jaqNwtQ_4hM zX}9Ne1+ASP0f3PgN$0TgeM@DGavK0+@Prn?|v)EG-NI-N+uTtDgTs3J`RtvCjQH9In zFrNoeTt!OXvzIK3A#fqGa=cry3V9L*LOTZXnt*^pre!jYnXwvNaYQL=s4aEYJJwQxYu%NCykZi)DyOwgYiZ^6V#}6> z$cYlG3?T#Wnv+2Np)R-%kyTK|39q0`j-!+ilI;a{DJk+vCZdcQ6hTaCiS<6&wf2*!atObiPs`u%+rgU)(> zA@LJUi$_;tXoSp?Pt!0>xX=2A$h{0h=Nm1B{FK(pD#08sOTrVgh$v{4d)IWK9ZM>? z;5q$yN{w{JD__$Mi?|w#)pnezJXJQX+x-hH`h0qh;-l~nDYVKoI&3pgRL^+k-10mx zYi2HTt{>ZoQr=XOmgZLpyQTF#8Zyj8Vw>EJ3{hNH-NBZ#qq(ZkQ$}2t^=_k->IIvq zvyi{QOZBh&&a78>L^qqK35bpAql_xO9A z?@ZB1N+h*3WV}6;u!IO2o7h9IIW|<8<~mA;RL$0;w_J3&@(7kxY37HKZcZtEitupg z9y>Ipm1E;cVP9CWB|xWxEMkiT>f6T8&YXVb*A?_)G5IvD@~Ipo{H#~KhgptJAEs^2 zyED7{l|8w(M7_sSCO%y!{hY_lUY7k`bLz2(7elZ3a|4ND3Gt zY~FQHu@qI%7kMdP1UcUP{OTuvr+xUPA2Rb|yXCew!E7SgqtYb*~g|mS~@|lNnlpO#BWz!}N?Ks3m82 zJ}M)0RRB4DgVKd&mq;wl05*IuIGKKV%RX!&6k9wROm+^dqL1NP@wBou`EgFAs((k! zUdS6?&RY0y^@wNH;r))$5%JHUt(RVwLwXpO5VOD|HNa9fw5rn^#Fz|q4Z_^2?`j3? zFx1-8Cp%o`Up*_Xp}MISF16-!?Jk|9dbjgc<3g}~atq;CXK%D0C+>l$NB(fUrSQ`b)D2DaGmDy7xV)%Ai&TerJ_vz6M6clK&Z9~6 z7qbK@lO4q|5kQM)=&jcH$*19IKvCH)}$OE#!R&9FMsuX3>&oJiL?1wglNAF&c_6>l1n@>AvhAs`dK)LT# z`J0!pnXGALMS+Ne$Go^wkYF+kMQ|CjlPH(}oOj=`(g$ecYj&vHu2*`ovuwoHPWX#n zHm%XR*fitSX@A|Z{ug-H9dNNUwV@oTWNt(dz77X@O^dkEehVi?M=2{q6r7a>7t({t zr&Wo2!Xv9BsbWPcr30rVVIu@${9<-dF<1V*f0|huwhgLB8q2?gk8A1hWaSwHzS!xO zQ&s`G5F>5G>?@iVh*|#5t_QNgS*8u+X$hGV8Cnvvngx8&G6UbS+sd((X1x;{aFOH} zK1_gv&a+dwzxs51X&P|0Bp$&lvf*6SaX_2ll)9US%URUW#qtb`vx4n9f`DdBT7*%JOr`yg}ot;iKf@d^wJt;#IS+^Ju$u5W|&yFxoz%SA;B{%Rf z2B-8bwg0HQuE*f)ybSa0CDNnxy}Ey+eGmzFpdRyUkBVdXmuL;=3>5ux29Q11XzVKXvIo9IbRk7#bxUF_$k8D)Bjy>U@VS0DEHo9?aP+#GeF1$6i=T9FE`J|ywh%B<9W4iri19v`?q_s-sC z+7i?3qm`75>$YvYM6`yyO|QsTwly+Wk5-u|vn2YZ)yJu#%#%b#rzlb%U}lCe&jdtf#(a?G5#RV|FfA%tHz}TC1RFy!BP_LtSn6zQE)u}NVOsqI`$865k=-^p69wN_U0_$ikBX8LO11pL>T zVrGQlu@a9g|F1BSJj0O8lgQ@bfz1p6ACA@ZR7h;85wYqE+KfncjMp;Pp!qwPH`*&c zN@rgIaAoOVFB0&*aW`AxlMmTJu{0Y+516>@Ipx#Q??7a+jys~+Cam@fOpbe18e6E9 z%v~DGWk$Zp?{t^W^R&b^JvX7I_LqMcBV~xz%{RxZ=cv5O=d=kbZ!!hRAuJ>nsc81g zhrKIzA3}5l-Nh}FHr?vtS4h{MZ+EQW&QF<(-CdA{v`R#6b_zP4oEecv7R^^e0OOH{{ zN>~sVr5EC*y5bd11?_d}`WzxWUQx;ASdw*7rL7_55-4^ve4i)auxw92$EZLG@#c9W zj+p!j!n3qbYA&(fXme5&zm^lYijkaT)z1|DSm+SyV>Z0fDip8;?Fhb9-}|#b*8Fzz zf9Q+_@8}fYvx>W5tui2fbn*Do4+6*6@>p}u|FcF%dovihFnF_c38w8SAaM5mss7NR zm_N8@-`uQv6V|;#+af>gB_sn((u#{~9$OVXb!sz?c~7T;b@6l-(*@{1Lol{9)S_`5 zpt_lJmX#EdGZ(l|lst?9cFQsBg&pyUm?@DC{R zoHB3gL7=XDKYC55JJJY5nYDZbu&L=QnledezZG*IW36Y-Hd)Va2Fzq{J=W|%e^<-h z2UJ^Ee@|X0MAfM|cQ-4?B|ta-1K1%u&DVfFroHhzA_LndVEiLs#u^s>^urnM$Y-D! zeMKwqnb7{VQnb`bU=0BU2cTSh`rO1{nnj8nH-XMO?2Jd#b0&3 z;J*J3;Dyu29~R}iuQopGrTYgTAD=+?`v3f3U5VlUZKH-ReHuW{mf8OgZf1dwGh?=& z`YHS#I2vPgVm-QaZSU4qitX>DO>n7U%45Fd!;^31sj$gQY6@3he)s1kzXBt^1{4V* z{V8ygb-jZQsE@eCN(}e*EX%-vOVXG~X;Jeec8Z1)!-*vFEWY+a?x0Cp5&H zg-`alp2&67VZ@_ITr_98Xd+ZQlxc+At34m0@d{fMaF4(P)$I-_CY>fH!tt2O2#+Z)%DMftyNL+SV_ zT$v0t?YVXl+J@5Rxt(6tRk{;!&uokp@AIiCpdlbO?C{vU4x%!2F}S*mY{gX{vv|g= z8+ZI!XSwazBs`BWXTLj)Cm0Jf5Kl|OSn&ppFOb}KKDZ%lk7kC!_m3qPn2%57Vs9AN zGlBz`2MIe9Ii_ZHG*$GLb}9;YEU+|0>fMI1_n-GP2zIsK`69FnrC_nY8dN)H!>h=3 z=GIAt(aZ4-2Gg!;VH$QT$ZGjjMk$$%fH z512t2#K2E5mpc6g1IheQ9;+86tAy4dQ&C#*0z9lof4P*WtL=Q5JNe!+F?%CWDj@w*kmu-(LGk>fv?L+k)XNd*<+B?)mZ)xfAkdZYTAzX5uuFg)qDD{+1MS20{?g#_Bp<7_G3I)`hG zYD*ocA<{2OYRu~mxc(Mq)koV3s)ZlYj0D%7{Lbyhozq1oH98_Gv7@=YVDRn-`z~zmrXtiw?Y1LxVIX2Xo<+xmXkft*Eu>?1XRs=3)R#tdp2I7Ts1Bi2G zC7P_mj_nDzN)J<(cm&{Q-her{XcYIAty)7YcRHXUONUmRRGsc!ewCZYXZN`k^hnb`yG`Om>%O+oE>T^w%V)>Hy{(9ja+(h z-C^EDm#@J#t_z9#|1%RSa0#A-c1DVbNFNhDc#o%}mf?I`c~r%be>e^GOwSdaxpwFO E0O_e2)&Kwi literal 0 HcmV?d00001 From 4ce7197f94d34dbd4d8678229518b1d1793aaded Mon Sep 17 00:00:00 2001 From: Katya Goldenshlach Date: Wed, 24 Jul 2019 14:37:38 +0300 Subject: [PATCH 17/54] Fixed line breaks --- .../microsoft-defender-atp/configure-proxy-internet.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md index 763ecfb2dd..84bd3f8d8a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md @@ -180,15 +180,15 @@ Microsoft Defender ATP supports network connection monitoring from different lev The proxy acts as if it was the target endpoint. In these cases, simple network connection monitors will audit the connections with the proxy which is correct but has lower investigation value. Microsoft Defender ATP supports advanced HTTP level sensor. By enabling this sensor, Microsoft Defender ATP will expose a new type of events that surfaces the real target domain names.

-**Investigation Impact** +**Investigation Impact**
In machine's timeline the IP address will keep representing the proxy, while the real target address shows up. ![Image of network events on machine's timeline](images/atp-proxy-investigation.png)
Additional events triggered by the Network Protection layer are now available to surface the real domain names even behind a proxy.
Event's information: -![Image of single network event](images/atp-proxy-investigation-event.png)
+![Image of single network event](images/atp-proxy-investigation-event.png)
-Advanced Hunting
+**Advanced Hunting**
All new connection events are available for you to hunt on through advanced hunting as well. Since these events are connection events, you can find them under the NetworkCommunicationEvents table under the ‘ConnecionSuccess’ action type.
Using this simple query will show you all the relevant events: @@ -206,8 +206,8 @@ NetworkCommunicationEvents | take 10 ``` -**How to enable the advanced network connection sensor** -Monitoring network connection behind forward proxy is possible due to additional Network Events that originate from Network Protection. To see them in machine’s timeline you need to turn Network Protection on at least in audit mode.

+**How to enable the advanced network connection sensor**
+Monitoring network connection behind forward proxy is possible due to additional Network Events that originate from Network Protection. To see them in machine’s timeline you need to turn Network Protection on at least in audit mode.
Network protection is a feature in Windows Defender Exploit Guard that protects employees using any app from accessing phishing scams, exploit-hosting sites, and malicious content on the Internet. This includes preventing third-party browsers from connecting to dangerous sites. Its behavior can be controlled by the following options: Block and Audit.
If you turn this policy on in "Block" mode, users/apps will be blocked from connecting to dangerous domains. You will be able to see this activity in Windows Defender Security Center.
From 5124fbebd0fdaea1b6d9b9f914cce161db7180c5 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Wed, 24 Jul 2019 10:21:26 -0700 Subject: [PATCH 18/54] add an announcement message (#749) --- windows/release-information/windows-message-center.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index 8c72153bd3..99c1d54059 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -50,6 +50,7 @@ sections: text: "

MessageDate
Plan for change: Microsoft Silverlight will reach end of support on 12 October 2021
After this date, Silverlight will not receive any future quality or security updates. Microsoft will continue to ship updates to the Silverlight 5 Developer Runtime for supported browsers and versions (Internet Explorer 10 and Internet Explorer 11); however, please note that support for Internet Explorer 10 will end on 31 January 2020. See the Silverlight end of support FAQ for more details.
July 19, 2019
10:00 AM PT
Plan for change: Microsoft Silverlight will reach end of support on October 12, 2021
After this date, Silverlight will not receive any future quality or security updates. Microsoft will continue to ship updates to the Silverlight 5 Developer Runtime for supported browsers and versions (Internet Explorer 10 and Internet Explorer 11); however, please note that support for Internet Explorer 10 will end on 31 January 2020. See the Silverlight end of support FAQ for more details.
July 19, 2019
12:00 AM PT
Evolving Windows 10 servicing and quality
Find out how we plan to further optimize the delivery of the next Windows 10 feature update for devices running Windows 10, version 1903. If you're a commercial customer, please see the Windows IT Pro Blog for more details on how to plan for this new update option in your environment.
July 01, 2019
02:00 PM PT
Windows 10, version 1903 starting to roll out to devices running Windows 10, version 1803 and earlier
We are now beginning to build and train the machine learning (ML) based rollout process to update devices running Windows 10, version 1803 (the April 2018 Update) and earlier versions of Windows 10, to ensure we can continue to service these devices and provide the latest updates, security updates, and improvements.
June 18, 2019
02:00 PM PT
Windows 10, version 1903 available by selecting “Check for updates”
Windows 10, version 1903 is now available for any user who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.
June 06, 2019
06:00 PM PT
+ From 966fb91a29ef33a4c044b28a5981eb3a38783807 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Wed, 24 Jul 2019 10:57:02 -0700 Subject: [PATCH 19/54] New announcement change july (#751) * Change in announcement links * Fixed quote issue --- windows/release-information/windows-message-center.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index 99c1d54059..3f7b5e16c5 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -50,7 +50,7 @@ sections: text: "
MessageDate
Status update: Windows 10, version 1903 “D” release
The optional monthly “D” release for Windows 10, version 1903 will be available in the near term. Follow @WindowsUpdate for the latest on the availability of this release.
July 24, 2019
12:00 AM PT
Plan for change: Microsoft Silverlight will reach end of support on October 12, 2021
After this date, Silverlight will not receive any future quality or security updates. Microsoft will continue to ship updates to the Silverlight 5 Developer Runtime for supported browsers and versions (Internet Explorer 10 and Internet Explorer 11); however, please note that support for Internet Explorer 10 will end on 31 January 2020. See the Silverlight end of support FAQ for more details.
July 19, 2019
12:00 AM PT
Evolving Windows 10 servicing and quality
Find out how we plan to further optimize the delivery of the next Windows 10 feature update for devices running Windows 10, version 1903. If you're a commercial customer, please see the Windows IT Pro Blog for more details on how to plan for this new update option in your environment.
July 01, 2019
02:00 PM PT
Windows 10, version 1903 starting to roll out to devices running Windows 10, version 1803 and earlier
We are now beginning to build and train the machine learning (ML) based rollout process to update devices running Windows 10, version 1803 (the April 2018 Update) and earlier versions of Windows 10, to ensure we can continue to service these devices and provide the latest updates, security updates, and improvements.
June 18, 2019
02:00 PM PT
- + From 2d48a3aba105f68c3d062eda6895f98135fec227 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Wed, 24 Jul 2019 11:04:10 -0700 Subject: [PATCH 20/54] remove pdf - not supported --- .../information-protection-in-windows-config.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md index 95b79f587e..03aede1a25 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md +++ b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md @@ -59,7 +59,7 @@ After completing these steps Microsoft Defender ATP will automatically identify ## Configure auto labeling -Windows automatically detects when an Office file, PDF, CSV or TXT files are being created on a device and inspects it based on context to identify sensitive information types. +Windows automatically detects when an Office file, CSV or TXT files are being created on a device and inspects it based on context to identify sensitive information types. Those information types are evaluated against the auto-labeling policy. If a match is found, it is processed in the same way as if the file was labeled; the file is protected with Endpoint data loss prevention. From 9d3045c58bc94a9086cc93e5b62a97016d770d87 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Wed, 24 Jul 2019 11:15:13 -0700 Subject: [PATCH 21/54] update author --- .../information-protection-in-windows-config.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md index 03aede1a25..ed15d4feef 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md +++ b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md @@ -8,7 +8,7 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -ms.author: mjcaparas +ms.author: macapara author: mjcaparas ms.localizationpriority: medium manager: dansimp From 2885e5405a930ac997292fd748d7794a2000bf1b Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Wed, 24 Jul 2019 11:22:56 -0700 Subject: [PATCH 22/54] acrolinx --- ...nformation-protection-in-windows-config.md | 22 ++++++++++--------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md index ed15d4feef..507fe16a4d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md +++ b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md @@ -1,7 +1,7 @@ --- title: Configure information protection in Windows ms.reviewer: -description: Learn how to expand the coverage of WIP to protect files based on their label, regardless of their origin. +description: Learn how to expand the coverage of Windows Information Protection (WIP) to protect files based on their label, regardless of their origin. keywords: information, protection, data, loss, prevention, wip, policy, scc, compliance, labels, dlp search.product: eADQiWindows 10XVcnh ms.prod: w10 @@ -34,34 +34,36 @@ If a file meets the criteria set in the policy settings and endpoint data loss p ## Prerequisites - Endpoints need to be on Windows 10, version 1809 or later -- You'll need the appropriate license to leverage the Microsoft Defender ATP and Azure Information Protection integration -- Your tenant needs to be onboarded to Azure Information Protection analytics, for more information see, [Configure a Log Analytics workspace for the reports](https://docs.microsoft.com/azure/information-protection/reports-aip#configure-a-log-analytics-workspace-for-the-reports) +- You need the appropriate license to use the Microsoft Defender ATP and Azure Information Protection integration +- Your tenant needs to be onboarded to Azure Information Protection analytics, for more information, see [Configure a Log Analytics workspace for the reports](https://docs.microsoft.com/azure/information-protection/reports-aip#configure-a-log-analytics-workspace-for-the-reports) ## Configure endpoint data loss prevention +Complete the following steps so that Microsoft Defender ATP can automatically identify labeled documents stored on the device and enable WIP on them. + +>[!NOTE] +>- The Microsoft Defender ATP configuration is pulled every 15 minutes. Allow up to 30 minutes for the new policy to take effect and ensure that the endpoint is online. Otherwise, it will not receive the policy. +>- Data forwarded to Azure Information Protection is stored in the same location as your other Azure Information Protection data. + 1. Define a WIP policy and assign it to the relevant devices. For more information, see [Protect your enterprise data using Windows Information Protection (WIP)](https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip). If WIP is already configured on the relevant devices, skip this step. 2. Define which labels need to get WIP protection in Office 365 Security and Compliance. 1. Go to: **Classifications > Labels**. - 2. Create a new label or edit an existing one. + 2. Create a label or edit an existing one. 3. In the configuration wizard, go to 'Data loss prevention' tab and enable WIP. ![Image of Office 365 Security and Compliance sensitivity label](images/endpoint-data-loss-protection.png) 4. Repeat for every label that you want to get WIP applied to in Windows. -After completing these steps Microsoft Defender ATP will automatically identify labeled documents stored on the device and enable WIP on them. ->[!NOTE] ->- The Microsoft Defender ATP configuration is pulled every 15 minutes. Allow up to 30 minutes for the new policy to take effect and ensure that the endpoint is online. Otherwise, it will not receive the policy. ->- Data forwarded to Azure Information Protection is stored in the same location as your other Azure Information Protection data. ## Configure auto labeling -Windows automatically detects when an Office file, CSV or TXT files are being created on a device and inspects it based on context to identify sensitive information types. +Windows automatically detects when an Office file, CSV, or TXT files are being created on a device and inspects it based on context to identify sensitive information types. -Those information types are evaluated against the auto-labeling policy. If a match is found, it is processed in the same way as if the file was labeled; the file is protected with Endpoint data loss prevention. +Those information types are evaluated against the auto-labeling policy. If a match is found, it is processed in the same way as if the file was labeled. The file is protected with Endpoint data loss prevention. >[!NOTE] > Auto-labeling requires Windows 10, version 1903. From fc6d9eafb9ae22ca796707a2205b86a93a443d0c Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Wed, 24 Jul 2019 11:36:04 -0700 Subject: [PATCH 23/54] Updated with SecureScore note --- .../microsoft-defender-advanced-threat-protection.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md index c72919ffb8..70561d13b0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md @@ -99,6 +99,9 @@ In conjunction with being able to quickly respond to advanced attacks, Microsoft **[Secure score](overview-secure-score.md)**
+>[!NOTE] +> Secure score is now part of [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) as [Configuration score](configuration-score.md). The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. + Microsoft Defender ATP includes a secure score to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security of your organization. From a664929305ee93cce975e04eee41a9282ef794e2 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Wed, 24 Jul 2019 11:41:27 -0700 Subject: [PATCH 24/54] remove an announcement message (#754) --- windows/release-information/windows-message-center.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index 3f7b5e16c5..a62dca6a89 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -49,8 +49,6 @@ sections: - type: markdown text: "
MessageDate
Status update: Windows 10, version 1903 “D” release
The optional monthly “D” release for Windows 10, version 1903 will be available in the near term. Follow @WindowsUpdate for the latest on the availability of this release.
July 24, 2019
12:00 AM PT
Status update: Windows 10, version 1903 “D” release
The optional monthly “D” release for Windows 10, version 1903 will be available in the near term. Follow @WindowsUpdate for the latest on the availability of this release.
July 24, 2019
12:00 AM PT
Plan for change: Microsoft Silverlight will reach end of support on October 12, 2021
After this date, Silverlight will not receive any future quality or security updates. Microsoft will continue to ship updates to the Silverlight 5 Developer Runtime for supported browsers and versions (Internet Explorer 10 and Internet Explorer 11); however, please note that support for Internet Explorer 10 will end on 31 January 2020. See the Silverlight end of support FAQ for more details.
July 19, 2019
12:00 AM PT
Evolving Windows 10 servicing and quality
Find out how we plan to further optimize the delivery of the next Windows 10 feature update for devices running Windows 10, version 1903. If you're a commercial customer, please see the Windows IT Pro Blog for more details on how to plan for this new update option in your environment.
July 01, 2019
02:00 PM PT
Windows 10, version 1903 starting to roll out to devices running Windows 10, version 1803 and earlier
We are now beginning to build and train the machine learning (ML) based rollout process to update devices running Windows 10, version 1803 (the April 2018 Update) and earlier versions of Windows 10, to ensure we can continue to service these devices and provide the latest updates, security updates, and improvements.
June 18, 2019
02:00 PM PT
- - From 6bd3ed801ab65d7ccc7d43a825a677631220e4a0 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Wed, 24 Jul 2019 11:56:08 -0700 Subject: [PATCH 25/54] Added manager and author --- windows/security/threat-protection/index.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md index da60a14421..d85f33b6b5 100644 --- a/windows/security/threat-protection/index.md +++ b/windows/security/threat-protection/index.md @@ -7,8 +7,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: dansimp +ms.author: dolmont +author: DulceMontemayor ms.localizationpriority: medium +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual --- # Threat Protection From 0035f23705cff437de014837198313c8fe2ee2ab Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Wed, 24 Jul 2019 11:57:56 -0700 Subject: [PATCH 26/54] Added author manager and audience --- .../microsoft-defender-atp/secure-score-dashboard.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md b/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md index b98230426d..447334546e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md +++ b/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md @@ -8,12 +8,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: mjcaparas +ms.author: dolmont +author: DulceMontemayor ms.localizationpriority: medium manager: dansimp audience: ITPro ms.collection: M365-security-compliance -ms.topic: article +ms.topic: conceptual --- # Configure the security controls in Secure score From 780d436534ce0b48d108158c63ac83f15b029986 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Wed, 24 Jul 2019 12:22:56 -0700 Subject: [PATCH 27/54] Quickfix2 (#758) * New announcement added july (#729) (#730) * New Announcement added * Fixed date * add new issues (#745) (#746) * add new message --- windows/release-information/windows-message-center.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index a62dca6a89..03fb917e6b 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -49,6 +49,7 @@ sections: - type: markdown text: "
MessageDate
Status update: Windows 10, version 1903 “D” release
The optional monthly “D” release for Windows 10, version 1903 will be available in the near term. Follow @WindowsUpdate for the latest on the availability of this release.
July 24, 2019
12:00 AM PT
Plan for change: Microsoft Silverlight will reach end of support on October 12, 2021
After this date, Silverlight will not receive any future quality or security updates. Microsoft will continue to ship updates to the Silverlight 5 Developer Runtime for supported browsers and versions (Internet Explorer 10 and Internet Explorer 11); however, please note that support for Internet Explorer 10 will end on 31 January 2020. See the Silverlight end of support FAQ for more details.
July 19, 2019
12:00 AM PT
Evolving Windows 10 servicing and quality
Find out how we plan to further optimize the delivery of the next Windows 10 feature update for devices running Windows 10, version 1903. If you're a commercial customer, please see the Windows IT Pro Blog for more details on how to plan for this new update option in your environment.
July 01, 2019
02:00 PM PT
Windows 10, version 1903 starting to roll out to devices running Windows 10, version 1803 and earlier
We are now beginning to build and train the machine learning (ML) based rollout process to update devices running Windows 10, version 1803 (the April 2018 Update) and earlier versions of Windows 10, to ensure we can continue to service these devices and provide the latest updates, security updates, and improvements.
June 18, 2019
02:00 PM PT
+ From cd4f7c47809f2d8820cd643124166df8cc6fada3 Mon Sep 17 00:00:00 2001 From: Dani Halfin Date: Wed, 24 Jul 2019 13:31:21 -0700 Subject: [PATCH 28/54] Master to live (#762) * Updated with note and TVM references * Update overview-secure-score.md * Update overview-secure-score.md * Updated links * Update overview-secure-score.md * Updated TVM topics and added SecureScore note * Added deprecation note and TVM topic links * add new issues (#745) * add an announcement message (#749) * New announcement change july (#751) * Change in announcement links * Fixed quote issue * remove pdf - not supported * update author * acrolinx * Updated with SecureScore note * remove an announcement message (#754) * Quickfix2 (#758) * New announcement added july (#729) (#730) * New Announcement added * Fixed date * add new issues (#745) (#746) * add new message --- .../windows-message-center.yml | 3 ++- windows/security/threat-protection/index.md | 9 +++++++ ...nformation-protection-in-windows-config.md | 24 ++++++++++--------- ...oft-defender-advanced-threat-protection.md | 3 +++ .../overview-secure-score.md | 16 +++++++++++-- .../secure-score-dashboard.md | 13 ++++++++++ 6 files changed, 54 insertions(+), 14 deletions(-) diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index 8c72153bd3..9d2980d85a 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -49,7 +49,8 @@ sections: - type: markdown text: "
MessageDate
Status update: Windows 10, version 1903 “D” release
The optional monthly “D” release for Windows 10, version 1903 will be available in the near term. Follow @WindowsUpdate for the latest on the availability of this release.
July 24, 2019
12:00 AM PT
Plan for change: Microsoft Silverlight will reach end of support on October 12, 2021
After this date, Silverlight will not receive any future quality or security updates. Microsoft will continue to ship updates to the Silverlight 5 Developer Runtime for supported browsers and versions (Internet Explorer 10 and Internet Explorer 11); however, please note that support for Internet Explorer 10 will end on 31 January 2020. See the Silverlight end of support FAQ for more details.
July 19, 2019
12:00 AM PT
Evolving Windows 10 servicing and quality
Find out how we plan to further optimize the delivery of the next Windows 10 feature update for devices running Windows 10, version 1903. If you're a commercial customer, please see the Windows IT Pro Blog for more details on how to plan for this new update option in your environment.
July 01, 2019
02:00 PM PT
Windows 10, version 1903 starting to roll out to devices running Windows 10, version 1803 and earlier
We are now beginning to build and train the machine learning (ML) based rollout process to update devices running Windows 10, version 1803 (the April 2018 Update) and earlier versions of Windows 10, to ensure we can continue to service these devices and provide the latest updates, security updates, and improvements.
June 18, 2019
02:00 PM PT
- + + diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md index 8ef02bab91..da60a14421 100644 --- a/windows/security/threat-protection/index.md +++ b/windows/security/threat-protection/index.md @@ -39,9 +39,15 @@ ms.localizationpriority: medium **[Threat & Vulnerability Management](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md)**
This built-in capability uses a game-changing risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations. + - [Risk-based Threat & Vulnerability Management](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md) - [What's in the dashboard and what it means for my organization](microsoft-defender-atp/tvm-dashboard-insights.md) +- [Exposure score](microsoft-defender-atp/tvm-exposure-score.md) - [Configuration score](microsoft-defender-atp/configuration-score.md) +- [Security recommendations](microsoft-defender-atp/tvm-security-recommendation.md) +- [Remediation](microsoft-defender-atp/tvm-remediation.md) +- [Software inventory](microsoft-defender-atp/tvm-software-inventory.md) +- [Weaknesses](microsoft-defender-atp/tvm-weaknesses.md) - [Scenarios](microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md) @@ -97,6 +103,9 @@ In conjunction with being able to quickly respond to advanced attacks, Microsoft **[Secure score](microsoft-defender-atp/overview-secure-score.md)**
+>[!NOTE] +> Secure score is now part of [Threat & Vulnerability Management](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md) as [Configuration score](microsoft-defender-atp/configuration-score.md). The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. + Microsoft Defender ATP includes a secure score to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security of your organization. - [Asset inventory](microsoft-defender-atp/secure-score-dashboard.md) - [Recommended improvement actions](microsoft-defender-atp/secure-score-dashboard.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md index 95b79f587e..507fe16a4d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md +++ b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md @@ -1,14 +1,14 @@ --- title: Configure information protection in Windows ms.reviewer: -description: Learn how to expand the coverage of WIP to protect files based on their label, regardless of their origin. +description: Learn how to expand the coverage of Windows Information Protection (WIP) to protect files based on their label, regardless of their origin. keywords: information, protection, data, loss, prevention, wip, policy, scc, compliance, labels, dlp search.product: eADQiWindows 10XVcnh ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -ms.author: mjcaparas +ms.author: macapara author: mjcaparas ms.localizationpriority: medium manager: dansimp @@ -34,34 +34,36 @@ If a file meets the criteria set in the policy settings and endpoint data loss p ## Prerequisites - Endpoints need to be on Windows 10, version 1809 or later -- You'll need the appropriate license to leverage the Microsoft Defender ATP and Azure Information Protection integration -- Your tenant needs to be onboarded to Azure Information Protection analytics, for more information see, [Configure a Log Analytics workspace for the reports](https://docs.microsoft.com/azure/information-protection/reports-aip#configure-a-log-analytics-workspace-for-the-reports) +- You need the appropriate license to use the Microsoft Defender ATP and Azure Information Protection integration +- Your tenant needs to be onboarded to Azure Information Protection analytics, for more information, see [Configure a Log Analytics workspace for the reports](https://docs.microsoft.com/azure/information-protection/reports-aip#configure-a-log-analytics-workspace-for-the-reports) ## Configure endpoint data loss prevention +Complete the following steps so that Microsoft Defender ATP can automatically identify labeled documents stored on the device and enable WIP on them. + +>[!NOTE] +>- The Microsoft Defender ATP configuration is pulled every 15 minutes. Allow up to 30 minutes for the new policy to take effect and ensure that the endpoint is online. Otherwise, it will not receive the policy. +>- Data forwarded to Azure Information Protection is stored in the same location as your other Azure Information Protection data. + 1. Define a WIP policy and assign it to the relevant devices. For more information, see [Protect your enterprise data using Windows Information Protection (WIP)](https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip). If WIP is already configured on the relevant devices, skip this step. 2. Define which labels need to get WIP protection in Office 365 Security and Compliance. 1. Go to: **Classifications > Labels**. - 2. Create a new label or edit an existing one. + 2. Create a label or edit an existing one. 3. In the configuration wizard, go to 'Data loss prevention' tab and enable WIP. ![Image of Office 365 Security and Compliance sensitivity label](images/endpoint-data-loss-protection.png) 4. Repeat for every label that you want to get WIP applied to in Windows. -After completing these steps Microsoft Defender ATP will automatically identify labeled documents stored on the device and enable WIP on them. ->[!NOTE] ->- The Microsoft Defender ATP configuration is pulled every 15 minutes. Allow up to 30 minutes for the new policy to take effect and ensure that the endpoint is online. Otherwise, it will not receive the policy. ->- Data forwarded to Azure Information Protection is stored in the same location as your other Azure Information Protection data. ## Configure auto labeling -Windows automatically detects when an Office file, PDF, CSV or TXT files are being created on a device and inspects it based on context to identify sensitive information types. +Windows automatically detects when an Office file, CSV, or TXT files are being created on a device and inspects it based on context to identify sensitive information types. -Those information types are evaluated against the auto-labeling policy. If a match is found, it is processed in the same way as if the file was labeled; the file is protected with Endpoint data loss prevention. +Those information types are evaluated against the auto-labeling policy. If a match is found, it is processed in the same way as if the file was labeled. The file is protected with Endpoint data loss prevention. >[!NOTE] > Auto-labeling requires Windows 10, version 1903. diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md index c72919ffb8..70561d13b0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md @@ -99,6 +99,9 @@ In conjunction with being able to quickly respond to advanced attacks, Microsoft **[Secure score](overview-secure-score.md)**
+>[!NOTE] +> Secure score is now part of [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) as [Configuration score](configuration-score.md). The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. + Microsoft Defender ATP includes a secure score to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security of your organization. diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md b/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md index cb57adc063..1d466fca97 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md +++ b/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md @@ -21,6 +21,9 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) +>[!NOTE] +> Secure score is now part of [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) as [Configuration score](configuration-score.md). The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. + The Secure score dashboard expands your visibility into the overall security posture of your organization. From this dashboard, you'll be able to quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to further reduce the attack surface in your organization - all in one place. From there you can take action based on the recommended configuration baselines. >[!IMPORTANT] @@ -37,11 +40,11 @@ The **Secure score dashboard** displays a snapshot of: ![Secure score dashboard](images/new-secure-score-dashboard.png) ## Microsoft secure score -The Microsoft secure score tile is reflective of the sum of all the Windows Defender security controls that are configured according to the recommended baseline and Office 365 controls. It allows you to drill down into each portal for further analysis. You can also improve this score by taking the steps in configuring each of the security controls in the optimal settings. +The Microsoft secure score tile is reflective of the sum of all the Microsoft Defender security controls that are configured according to the recommended baseline and Office 365 controls. It allows you to drill down into each portal for further analysis. You can also improve this score by taking the steps in configuring each of the security controls in the optimal settings. ![Image of Microsoft secure score tile](images/mss.png) -Each Windows Defender security control contributes 100 points to the score. The total number is reflective of the score potential and calculated by multiplying the number of supported security controls (Microsoft Defender security controls pillars) by the maximum points that each pillar contributes (maximum of 100 points for each pillar). +Each Windows Defender security control contributes 100 points to the score. The total number is reflective of the score potential and calculated by multiplying the number of supported security controls (Windows Defender security controls pillars) by the maximum points that each pillar contributes (maximum of 100 points for each pillar). The Office 365 Secure Score looks at your settings and activities and compares them to a baseline established by Microsoft. For more information, see [Introducing the Office 365 Secure Score](https://support.office.com/en-us/article/introducing-the-office-365-secure-score-c9e7160f-2c34-4bd0-a548-5ddcc862eaef#howtoaccess). @@ -77,5 +80,14 @@ Within the tile, you can click on each control to see the recommended optimizati Clicking the link under the **Misconfigured machines** column opens up the **Machines list** with filters applied to show only the list of machines where the recommendation is applicable. You can export the list in Excel to create a target collection and apply relevant policies using a management solution of your choice. ## Related topic +- [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) +- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md) +- [Exposure score](tvm-exposure-score.md) +- [Configuration score](configuration-score.md) +- [Security recommendations](tvm-security-recommendation.md) +- [Remediation](tvm-remediation.md) +- [Software inventory](tvm-software-inventory.md) +- [Weaknesses](tvm-weaknesses.md) +- [Scenarios](threat-and-vuln-mgt-scenarios.md) - [Threat analytics](threat-analytics.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md b/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md index ad43e002b8..b98230426d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md +++ b/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md @@ -20,6 +20,9 @@ ms.topic: article **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) +>[!NOTE] +> Secure score is now part of [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) as [Configuration score](configuration-score.md). The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. + Each security control lists recommendations that you can take to increase the security posture of your organization. ### Endpoint detection and response (EDR) optimization @@ -281,6 +284,16 @@ For more information, see [Manage Windows Defender Credential Guard](https://doc ## Related topics - [Overview of Secure score](overview-secure-score.md) +- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) +- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md) +- [Exposure score](tvm-exposure-score.md) +- [Configuration score](configuration-score.md) +- [Security recommendations](tvm-security-recommendation.md) +- [Remediation](tvm-remediation.md) +- [Software inventory](tvm-software-inventory.md) +- [Weaknesses](tvm-weaknesses.md) +- [Scenarios](threat-and-vuln-mgt-scenarios.md) + From 8c1623c655f4da0c51eb0e6970a6be743ce540ab Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Wed, 24 Jul 2019 16:52:55 -0700 Subject: [PATCH 29/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md --- ...ponents-to-microsoft-services-using-MDM.md | 33 ++++++++++++++++--- 1 file changed, 28 insertions(+), 5 deletions(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md index b022cf4bcd..d58ff1558b 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md @@ -41,13 +41,36 @@ The following table lists management options for each setting. For Windows 10, the following MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). 1. **Automatic Root Certificates Update** - 1. **MDM Policy:** There is intentionally no MDM available for Automatic Root Certificate Update. - 1. **Description:** This MDM does not exist since it would prevent the operation and management of MDM management of devices. + 1. **MDM Policy:** There is intentionally no MDM available for Automatic Root Certificate Update. This MDM does not exist since it would prevent the operation and management of MDM management of devices. 1. **Cortana and Search** - 1. **MDM Policy:** [Experience/AllowCortana](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowcortana) - 1. **Description:** Choose whether to let Cortana install and run on the device. **Set to 0 (zero)** -1. (fin) + 1. **MDM Policy:** [Experience/AllowCortana](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowcortana). Choose whether to let Cortana install and run on the device. **Set to 0 (zero)** + 1. **MDM Policy:** [Search/AllowSearchToUseLocation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-search#search-allowsearchtouselocation). Choose whether Cortana and Search can provide location-aware search results. **Set to 0 (zero)** + +1. **Date & Time** + 1. **MDM Policy:** [Settings/AllowDateTime](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-settings#settings-allowdatetime). Allows the user to change date and time settings. **Set to 0 (zero)** + +1. **Device metadata retrieval** + 1. **MDM Policy:** [DeviceInstallation/PreventDeviceMetadataFromNetwork](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventdevicemetadatafromnetwork). Choose whether to prevent Windows from retrieving device metadata from the Internet. **Set to Enabled** + +1. **Find My Device ** + 1. **MDM Policy:** [Experience/AllowFindMyDevice](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowfindmydevice). This policy turns on Find My Device. **Set to 0 (zero)** + +1. **Font streaming** + 1. **MDM Policy:** [System/AllowFontProviders](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowfontproviders). Setting that determines whether Windows is allowed to download fonts and font catalog data from an online font provider. **Set to 0 (zero)** +1. **Insider Preview builds** + 1. **MDM Policy:** [System/AllowBuildPreview](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowbuildpreview). This policy setting determines whether users can access the Insider build controls in the Advanced Options for Windows Update. **Set to 0 (zero)** + +1. **Internet Explorer** + 1. The following Microsoft Internet Explorer MDM policies are available in the [Internet Explorer CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer) + 1. **MDM Policy:** [InternetExplorer/AllowSuggestedSites](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-allowsuggestedsites). Recommends websites based on the user’s browsing activity. **Set to Disabled** + 1. **MDM Policy:** [InternetExplorer/PreventManagingSmartScreenFilter]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-preventmanagingsmartscreenfilter). Prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing," or is known to host malware. **Set to Enabled** + 1. **MDM Policy** [InternetExplorer/DisableFlipAheadFeature]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disableflipaheadfeature). Determines whether a user can swipe across a screen or click Forward to go to the next pre-loaded page of a website. **Set to Enabled** + 1. **MDM Policy** [InternetExplorer/DisableHomePageChange]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablehomepagechange). Determines whether users can change the default Home Page or not. **Set to Enabled** + 1. **MDM Policy** [InternetExplorer/DisableFirstRunWizard]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablefirstrunwizard) | Prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Windows. **Set to Enabled** + + + > | Setting | MDM Policy | Description | From 9868ee3bc437805395069273f7d6fe46bc21e287 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Wed, 24 Jul 2019 16:53:56 -0700 Subject: [PATCH 30/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md --- ...rating-system-components-to-microsoft-services-using-MDM.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md index d58ff1558b..a05b3d4aaa 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md @@ -61,8 +61,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt 1. **Insider Preview builds** 1. **MDM Policy:** [System/AllowBuildPreview](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowbuildpreview). This policy setting determines whether users can access the Insider build controls in the Advanced Options for Windows Update. **Set to 0 (zero)** -1. **Internet Explorer** - 1. The following Microsoft Internet Explorer MDM policies are available in the [Internet Explorer CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer) +1. **Internet Explorer** The following Microsoft Internet Explorer MDM policies are available in the [Internet Explorer CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer) 1. **MDM Policy:** [InternetExplorer/AllowSuggestedSites](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-allowsuggestedsites). Recommends websites based on the user’s browsing activity. **Set to Disabled** 1. **MDM Policy:** [InternetExplorer/PreventManagingSmartScreenFilter]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-preventmanagingsmartscreenfilter). Prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing," or is known to host malware. **Set to Enabled** 1. **MDM Policy** [InternetExplorer/DisableFlipAheadFeature]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disableflipaheadfeature). Determines whether a user can swipe across a screen or click Forward to go to the next pre-loaded page of a website. **Set to Enabled** From 8a054736558d6fe1d3cf191469d9d86994796f72 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Wed, 24 Jul 2019 17:05:18 -0700 Subject: [PATCH 31/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md --- ...ponents-to-microsoft-services-using-MDM.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md index a05b3d4aaa..744cb55fbe 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md @@ -68,6 +68,25 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt 1. **MDM Policy** [InternetExplorer/DisableHomePageChange]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablehomepagechange). Determines whether users can change the default Home Page or not. **Set to Enabled** 1. **MDM Policy** [InternetExplorer/DisableFirstRunWizard]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablefirstrunwizard) | Prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Windows. **Set to Enabled** +1. **Live Tiles** + 1. **MDM Policy:** [Notifications/DisallowTileNotification](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-notifications). This policy setting turns off tile notifications. If you enable this policy setting applications and system features will not be able to update their tiles and tile badges in the Start screen. **Set to Enabled** + +1. **Mail synchronization** + 1. **MDM Policy:** [Accounts/AllowMicrosoftAccountConnection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountconnection). Specifies whether the user is allowed to use an MSA account for non-email related connection authentication and services. **Set to 0 (zero)** + +1. **Microsoft Account** + 1. **MDM Policy:** [Accounts/AllowMicrosoftAccountSignInAssistant](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountsigninassistant). Disable the Microsoft Account Sign-In Assistant. **Set to 0 (zero)** + +1. **Microsoft Edge** The following Microsoft Edge MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). For a complete list of the Microsoft Edge policies, see [Available policies for Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/available-policies). + 1. **MDM Policy:** [Browser/AllowAutoFill](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowautofill). Choose whether employees can use autofill on websites. **Set to 0 (zero)** + 1. **MDM Policy:** [Browser/AllowDoNotTrack](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowdonottrack). Choose whether employees can send Do Not Track headers. **Set to 0 (zero)** + 1. **MDM Policy:** [Browser/AllowMicrosoftCompatbilityList](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowmicrosoftcompatibilitylist). Specify the Microsoft compatibility list in Microsoft Edge. **Set to 0 (zero)** + 1. **MDM Policy:** [Browser/AllowPasswordManager](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowpasswordmanager). Choose whether employees can save passwords locally on their devices. **Set to 0 (zero)** + 1. **MDM Policy:** [Browser/AllowSearchSuggestionsinAddressBar](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsearchsuggestionsinaddressbar). Choose whether the Address Bar shows search suggestions. **Set to 0 (zero)** + + 1. **MDM Policy:** [Browser/AllowSmartScreen](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen). Choose whether SmartScreen is turned on or off. **Set to 0 (zero)** + + From 450b8def3d37822cc4995be090ff3d32c2289721 Mon Sep 17 00:00:00 2001 From: lomayor Date: Thu, 25 Jul 2019 07:49:54 -0700 Subject: [PATCH 32/54] Update configure-machines-security-baseline.md --- .../configure-machines-security-baseline.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md index 14dbc385d6..defa48fd67 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md @@ -46,7 +46,10 @@ Both baselines are maintained so that they complement one another and have ident ## Get permissions to manage security baselines in Intune -By default, only users who have been assigned the Global Administrator or the Intune Service Administrator role on Azure AD can manage security baseline profiles. If you haven’t been assigned either role, work with a Global Administrator or an Intune Service Administrator to [create a custom role in Intune](https://docs.microsoft.com/intune/create-custom-role#to-create-a-custom-role) with full permissions to security baselines and then assign that role to your Azure AD group. +By default, only users who have been assigned the Global Administrator or the Intune Service Administrator role on Azure AD can manage security baseline profiles. If you haven’t been assigned either role, work with a Global Administrator or an Intune Service Administrator to [create and assign a custom role in Intune](https://docs.microsoft.com/intune/create-custom-role#to-create-a-custom-role) with: + +* Read permissions to the organization +* Full permissions to security baselines ![Security baseline permissions on Intune](images/secconmgmt_baseline_permissions.png) From a36b5b4639b5eb7ae117813780e8893525355855 Mon Sep 17 00:00:00 2001 From: lomayor Date: Thu, 25 Jul 2019 09:20:12 -0700 Subject: [PATCH 33/54] Config-mgmt --- .../configure-machines-security-baseline.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md index defa48fd67..9ef47de4a4 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md @@ -107,7 +107,7 @@ Machine configuration management monitors baseline compliance only of Windows 10 *Saving and deploying the security baseline profile on Intune* >[!TIP] ->To learn more about Intune security baselines and assigning them, read [Create a Windows 10 security baseline in Intune](https://docs.microsoft.com/intune/security-baselines). +>Security baselines on Intune provide a convenient way to comprehensively secure and protect your machines. [Learn more about security baselines on Intune](https://docs.microsoft.com/intune/security-baselines). >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-onboardconfigure-belowfoldlink) From 79147e50040bf6185e8e5d2cdbf53d907713a43d Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Thu, 25 Jul 2019 09:37:06 -0700 Subject: [PATCH 34/54] Rebranded product names and fixed g errors --- .../secure-score-dashboard.md | 92 +++++++++---------- 1 file changed, 46 insertions(+), 46 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md b/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md index 447334546e..baef63a3f7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md +++ b/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md @@ -27,7 +27,7 @@ ms.topic: conceptual Each security control lists recommendations that you can take to increase the security posture of your organization. ### Endpoint detection and response (EDR) optimization -For an machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for your Endpoint detection and response tool. +For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for your Endpoint detection and response tool. >[!IMPORTANT] >This feature is available for machines on Windows 10, version 1607 or later. @@ -45,18 +45,18 @@ You can take the following actions to increase the overall security score of you For more information, see [Fix unhealthy sensors](fix-unhealthy-sensors.md). -### Windows Defender Antivirus (Windows Defender AV) optimization -For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for Windows Defender AV is fulfilled. +### Microsoft Defender Antivirus (Microsoft Defender AV) optimization +For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for Microsoft Defender AV is fulfilled. >[!IMPORTANT] >This feature is available for machines on Windows 10, version 1607 or later. -#### Minimum baseline configuration setting for Windows Defender AV: -Machines are considered "well configured" for Windows Defender AV if the following requirements are met: +#### Minimum baseline configuration setting for Microsoft Defender AV: +Machines are considered "well configured" for Microsoft Defender AV if the following requirements are met: -- Windows Defender AV is reporting correctly -- Windows Defender AV is turned on -- Security intelligence is up to date +- Microsoft Defender AV is reporting correctly +- Microsoft Defender AV is turned on +- Security intelligence is up-to-date - Real-time protection is on - Potentially Unwanted Application (PUA) protection is enabled @@ -64,16 +64,16 @@ Machines are considered "well configured" for Windows Defender AV if the followi You can take the following actions to increase the overall security score of your organization: >[!NOTE] -> For the Windows Defender Antivirus properties to show, you'll need to ensure that the Windows Defender Antivirus Cloud-based protection is properly configured on the machine. +> For the Microsoft Defender Antivirus properties to show, you'll need to ensure that the Microsoft Defender Antivirus Cloud-based protection is properly configured on the machine. - Fix antivirus reporting - - This recommendation is displayed when the Windows Defender Antivirus is not properly configured to report its health state. For more information on fixing the reporting, see [Configure and validate network connections](../windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md). + - This recommendation is displayed when the Microsoft Defender Antivirus is not properly configured to report its health state. For more information on fixing the reporting, see [Configure and validate network connections](../windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md). - Turn on antivirus - Update antivirus Security intelligence - Turn on real-time protection - Turn on PUA protection -For more information, see [Configure Windows Defender Antivirus](../windows-defender-antivirus/configure-windows-defender-antivirus-features.md). +For more information, see [Configure Microsoft Defender Antivirus](../windows-defender-antivirus/configure-windows-defender-antivirus-features.md). ### OS security updates optimization @@ -90,15 +90,15 @@ You can take the following actions to increase the overall security score of you For more information, see [Windows Update Troubleshooter](https://support.microsoft.com/help/4027322/windows-windows-update-troubleshooter). -### Windows Defender Exploit Guard (Windows Defender EG) optimization -For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on machines so that the minimum baseline configuration setting for Windows Defender EG is fulfilled. When endpoints are configured according to the baseline you'll be able to see Windows Defender EG events on the Microsoft Defender ATP Machine timeline. +### Microsoft Defender Exploit Guard (Microsoft Defender EG) optimization +For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on machines so that the minimum baseline configuration setting for Microsoft Defender EG is fulfilled. When endpoints are configured according to the baseline you'll be able to see Microsoft Defender EG events on the Microsoft Defender ATP Machine timeline. >[!IMPORTANT] >This security control is only applicable for machines with Windows 10, version 1709 or later. -#### Minimum baseline configuration setting for Windows Defender EG: -Machines are considered "well configured" for Windows Defender EG if the following requirements are met: +#### Minimum baseline configuration setting for Microsoft Defender EG: +Machines are considered "well configured" for Microsoft Defender EG if the following requirements are met: - System level protection settings are configured correctly - Attack Surface Reduction rules are configured correctly @@ -148,21 +148,21 @@ You can take the following actions to increase the overall security score of you - Turn on all system-level Exploit Protection settings - Set all ASR rules to enabled or audit mode - Turn on Controlled Folder Access -- Turn on Windows Defender Antivirus on compatible machines +- Turn on Microsoft Defender Antivirus on compatible machines -For more information, see [Windows Defender Exploit Guard](../windows-defender-exploit-guard/windows-defender-exploit-guard.md). +For more information, see [Microsoft Defender Exploit Guard](../windows-defender-exploit-guard/windows-defender-exploit-guard.md). -### Windows Defender Application Guard (Windows Defender AG) optimization -For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for Windows Defender AG is fulfilled. When endpoints are configured according to the baseline you'll be able to see Windows Defender AG events on the Microsoft Defender ATP Machine timeline. +### Microsoft Defender Application Guard (Microsoft Defender AG) optimization +For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for Microsoft Defender AG is fulfilled. When endpoints are configured according to the baseline you'll be able to see Microsoft Defender AG events on the Microsoft Defender ATP Machine timeline. >[!IMPORTANT] >This security control is only applicable for machines with Windows 10, version 1709 or later. -#### Minimum baseline configuration setting for Windows Defender AG: -Machines are considered "well configured" for Windows Defender AG if the following requirements are met: +#### Minimum baseline configuration setting for Microsoft Defender AG: +Machines are considered "well configured" for Microsoft Defender AG if the following requirements are met: - Hardware and software prerequisites are met -- Windows Defender AG is turned on compatible machines +- Microsoft Defender AG is turned on compatible machines - Managed mode is turned on ##### Recommended actions: @@ -170,26 +170,26 @@ You can take the following actions to increase the overall security score of you - Ensure hardware and software prerequisites are met >[!NOTE] - >This improvement item does not contribute to the security score in itself because it's not a prerequisite for Windows Defender AG. It gives an indication of a potential reason why Windows Defender AG is not turned on. + >This improvement item does not contribute to the security score in itself because it's not a prerequisite for Microsoft Defender AG. It gives an indication of a potential reason why Microsoft Defender AG is not turned on. -- Turn on Windows Defender AG on compatible machines +- Turn on Microsoft Defender AG on compatible machines - Turn on managed mode -For more information, see [Windows Defender Application Guard overview](../windows-defender-application-guard/wd-app-guard-overview.md). +For more information, see [Microsoft Defender Application Guard overview](../windows-defender-application-guard/wd-app-guard-overview.md). -### Windows Defender SmartScreen optimization -For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for Windows Defender SmartScreen is fulfilled. +### Microsoft Defender SmartScreen optimization +For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for Microsoft Defender SmartScreen is fulfilled. >[!WARNING] -> Data collected by Windows Defender SmartScreen might be stored and processed outside of the storage location you have selected for your Microsoft Defender ATP data. +> Data collected by Microsoft Defender SmartScreen might be stored and processed outside of the storage location you have selected for your Microsoft Defender ATP data. >[!IMPORTANT] >This security control is only applicable for machines with Windows 10, version 1709 or later. -#### Minimum baseline configuration setting for Windows Defender SmartScreen: +#### Minimum baseline configuration setting for Microsoft Defender SmartScreen: The following settings must be configured with the following settings: - Check apps and files: **Warn** or **Block** - SmartScreen for Microsoft Edge: **Warn** or **Block** @@ -201,27 +201,27 @@ You can take the following actions to increase the overall security score of you - Set **SmartScreen for Microsoft Edge** to **Warn** or **Block** - Set **SmartScreen for Microsoft store apps** to **Warn** or **Off** -For more information, see [Windows Defender SmartScreen](../windows-defender-smartscreen/windows-defender-smartscreen-overview.md). +For more information, see [Microsoft Defender SmartScreen](../windows-defender-smartscreen/windows-defender-smartscreen-overview.md). -### Windows Defender Firewall optimization -For a machine to be considered "well configured", Windows Defender Firewall must be turned on and enabled for all profiles and inbound connections are blocked by default. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for Windows Defender Firewall is fulfilled. +### Microsoft Defender Firewall optimization +For a machine to be considered "well configured", Microsoft Defender Firewall must be turned on and enabled for all profiles and inbound connections are blocked by default. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for Microsoft Defender Firewall is fulfilled. >[!IMPORTANT] >This security control is only applicable for machines with Windows 10, version 1709 or later. -#### Minimum baseline configuration setting for Windows Defender Firewall +#### Minimum baseline configuration setting for Microsoft Defender Firewall -- Windows Defender Firewall is turned on for all network connections -- Secure domain profile by enabling Windows Defender Firewall and ensure that Inbound connections is set to Blocked -- Secure private profile by enabling Windows Defender Firewall and ensure that Inbound connections is set to Blocked -- Secure public profile is configured by enabling Windows Defender Firewall and ensure that Inbound connections is set to Blocked +- Microsoft Defender Firewall is turned on for all network connections +- Secure domain profile by enabling Microsoft Defender Firewall and ensure that Inbound connections are set to Blocked +- Secure private profile by enabling Microsoft Defender Firewall and ensure that Inbound connections are set to Blocked +- Secure public profile is configured by enabling Microsoft Defender Firewall and ensure that Inbound connections are set to Blocked -For more information on Windows Defender Firewall settings, see [Planning settings for a basic firewall policy](https://docs.microsoft.com/windows/security/identity-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy). +For more information on Microsoft Defender Firewall settings, see [Planning settings for a basic firewall policy](https://docs.microsoft.com/windows/security/identity-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy). >[!NOTE] -> If Windows Defender Firewall is not your primary firewall, consider excluding it from the security score calculations and make sure that your third-party firewall is configured in a securely. +> If Microsoft Defender Firewall is not your primary firewall, consider excluding it from the security score calculations and make sure that your third-party firewall is configured in a securely. ##### Recommended actions: @@ -234,7 +234,7 @@ You can take the following actions to increase the overall security score of you - Fix sensor data collection - The Microsoft Defender ATP service relies on sensor data collection to determine the security state of a machine. The service will not be able to determine the security state of machines that are not reporting sensor data properly. Therefore, it's important to ensure that sensor data collection is working properly. For more information, see [Fix unhealthy sensors](fix-unhealthy-sensors.md). -For more information, see [Windows Defender Firewall with Advanced Security](https://docs.microsoft.com/windows/security/identity-protection/windows-firewall/windows-firewall-with-advanced-security). +For more information, see [Microsoft Defender Firewall with Advanced Security](https://docs.microsoft.com/windows/security/identity-protection/windows-firewall/windows-firewall-with-advanced-security). ### BitLocker optimization For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for BitLocker is fulfilled. @@ -258,17 +258,17 @@ You can take the following actions to increase the overall security score of you For more information, see [Bitlocker](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-overview). -### Windows Defender Credential Guard optimization -For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for Windows Defender Credential Guard is fulfilled. +### Microsoft Defender Credential Guard optimization +For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for Microsoft Defender Credential Guard is fulfilled. >[!IMPORTANT] >This security control is only applicable for machines with Windows 10, version 1709 or later. -#### Minimum baseline configuration setting for Windows Defender Credential Guard: -Machines are considered "well configured" for Windows Defender Credential Guard if the following requirements are met: +#### Minimum baseline configuration setting for Microsoft Defender Credential Guard: +Machines are considered "well configured" for Microsoft Defender Credential Guard if the following requirements are met: - Hardware and software prerequisites are met -- Windows Defender Credential Guard is turned on compatible machines +- Microsoft Defender Credential Guard is turned on compatible machines ##### Recommended actions: @@ -279,7 +279,7 @@ You can take the following actions to increase the overall security score of you - Fix sensor data collection - The Microsoft Defender ATP service relies on sensor data collection to determine the security state of a machine. The service will not be able to determine the security state of machines that are not reporting sensor data properly. Therefore, it's important to ensure that sensor data collection is working properly. For more information, see [Fix unhealthy sensors](fix-unhealthy-sensors.md). -For more information, see [Manage Windows Defender Credential Guard](https://docs.microsoft.com/windows/security/identity-protection/credential-guard/credential-guard-manage). +For more information, see [Manage Microsoft Defender Credential Guard](https://docs.microsoft.com/windows/security/identity-protection/credential-guard/credential-guard-manage). >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-sadashboard-belowfoldlink) From 7ad16e8c9da6a99d7a4ca20c367e82ae685f890e Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Thu, 25 Jul 2019 10:11:42 -0700 Subject: [PATCH 35/54] Reduced verbosity --- .../secure-score-dashboard.md | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md b/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md index baef63a3f7..b0ae432a26 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md +++ b/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md @@ -27,7 +27,7 @@ ms.topic: conceptual Each security control lists recommendations that you can take to increase the security posture of your organization. ### Endpoint detection and response (EDR) optimization -For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for your Endpoint detection and response tool. +A well-configured machine complies to a minimum baseline configuration setting. This tile shows you a list of actions to apply on endpoints to meet the minimum baseline configuration setting for your Endpoint detection and response tool. >[!IMPORTANT] >This feature is available for machines on Windows 10, version 1607 or later. @@ -46,7 +46,7 @@ You can take the following actions to increase the overall security score of you For more information, see [Fix unhealthy sensors](fix-unhealthy-sensors.md). ### Microsoft Defender Antivirus (Microsoft Defender AV) optimization -For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for Microsoft Defender AV is fulfilled. +A well-configured machine complies to a minimum baseline configuration setting. This tile shows you a list of actions to apply on endpoints to meet the minimum baseline configuration setting for Microsoft Defender AV. >[!IMPORTANT] >This feature is available for machines on Windows 10, version 1607 or later. @@ -77,7 +77,7 @@ For more information, see [Configure Microsoft Defender Antivirus](../windows-de ### OS security updates optimization -This tile shows you the exact number of machines that require the latest security updates. It also shows machines that are running on the latest Windows Insider preview build and serves as a reminder to ensure that users should run the latest builds. +This tile shows you the number of machines that require the latest security updates. It also shows machines that are running on the latest Windows Insider preview build and serves as a reminder to ensure that users should run the latest builds. >[!IMPORTANT] >This feature is available for machines on Windows 10, version 1607 or later. @@ -85,13 +85,13 @@ This tile shows you the exact number of machines that require the latest securit You can take the following actions to increase the overall security score of your organization: - Install the latest security updates - Fix sensor data collection - - The Microsoft Defender ATP service relies on sensor data collection to determine the security state of a machine. The service will not be able to determine the security state of machines that are not reporting sensor data properly. Therefore, it's important to ensure that sensor data collection is working properly. For more information, see [Fix unhealthy sensors](fix-unhealthy-sensors.md). + - The Microsoft Defender ATP service relies on sensor data collection to determine the security state of a machine. The service will not be able to determine the security state of machines that are not reporting sensor data properly. It's important to ensure that sensor data collection is working properly. For more information, see [Fix unhealthy sensors](fix-unhealthy-sensors.md). For more information, see [Windows Update Troubleshooter](https://support.microsoft.com/help/4027322/windows-windows-update-troubleshooter). ### Microsoft Defender Exploit Guard (Microsoft Defender EG) optimization -For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on machines so that the minimum baseline configuration setting for Microsoft Defender EG is fulfilled. When endpoints are configured according to the baseline you'll be able to see Microsoft Defender EG events on the Microsoft Defender ATP Machine timeline. +A well-configured machine complies to a minimum baseline configuration setting. This tile shows you a list of actions to apply on machines to meet the minimum baseline configuration setting for Microsoft Defender EG. When endpoints are configured according to the baseline the Microsoft Defender EG events shows on the Microsoft Defender ATP Machine timeline. >[!IMPORTANT] @@ -153,7 +153,7 @@ You can take the following actions to increase the overall security score of you For more information, see [Microsoft Defender Exploit Guard](../windows-defender-exploit-guard/windows-defender-exploit-guard.md). ### Microsoft Defender Application Guard (Microsoft Defender AG) optimization -For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for Microsoft Defender AG is fulfilled. When endpoints are configured according to the baseline you'll be able to see Microsoft Defender AG events on the Microsoft Defender ATP Machine timeline. +A well-configured machine complies to a minimum baseline configuration setting. This tile shows you a list of actions to apply on endpoints to meet the minimum baseline configuration setting for Microsoft Defender AG. When endpoints are configured according to the baseline, Microsoft Defender AG events shows on the Microsoft Defender ATP Machine timeline. >[!IMPORTANT] >This security control is only applicable for machines with Windows 10, version 1709 or later. @@ -180,7 +180,7 @@ For more information, see [Microsoft Defender Application Guard overview](../win ### Microsoft Defender SmartScreen optimization -For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for Microsoft Defender SmartScreen is fulfilled. +A well-configured machine complies to a minimum baseline configuration setting. This tile shows you a list of actions to apply on endpoints to meet the minimum baseline configuration setting for Microsoft Defender SmartScreen. >[!WARNING] > Data collected by Microsoft Defender SmartScreen might be stored and processed outside of the storage location you have selected for your Microsoft Defender ATP data. @@ -206,7 +206,7 @@ For more information, see [Microsoft Defender SmartScreen](../windows-defender-s ### Microsoft Defender Firewall optimization -For a machine to be considered "well configured", Microsoft Defender Firewall must be turned on and enabled for all profiles and inbound connections are blocked by default. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for Microsoft Defender Firewall is fulfilled. +A well-configured machine must have Microsoft Defender Firewall turned on and enabled for all profiles so that inbound connections are blocked by default. This tile shows you a list of actions to apply on endpoints to meet the minimum baseline configuration setting for Microsoft Defender Firewall. >[!IMPORTANT] >This security control is only applicable for machines with Windows 10, version 1709 or later. @@ -232,12 +232,12 @@ You can take the following actions to increase the overall security score of you - Secure public profile - Verify secure configuration of third-party firewall - Fix sensor data collection - - The Microsoft Defender ATP service relies on sensor data collection to determine the security state of a machine. The service will not be able to determine the security state of machines that are not reporting sensor data properly. Therefore, it's important to ensure that sensor data collection is working properly. For more information, see [Fix unhealthy sensors](fix-unhealthy-sensors.md). + - The Microsoft Defender ATP service relies on sensor data collection to determine the security state of a machine. The service will not be able to determine the security state of machines that are not reporting sensor data properly. It's important to ensure that sensor data collection is working properly. For more information, see [Fix unhealthy sensors](fix-unhealthy-sensors.md). For more information, see [Microsoft Defender Firewall with Advanced Security](https://docs.microsoft.com/windows/security/identity-protection/windows-firewall/windows-firewall-with-advanced-security). ### BitLocker optimization -For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for BitLocker is fulfilled. +A well-configured machine complies to the minimum baseline configuration setting. This tile shows you a list of actions to apply on endpoints to meet the minimum baseline configuration setting for BitLocker. >[!IMPORTANT] >This security control is only applicable for machines with Windows 10, version 1803 or later. @@ -254,18 +254,18 @@ You can take the following actions to increase the overall security score of you - Resume protection on all drives - Ensure drive compatibility - Fix sensor data collection - - The Microsoft Defender ATP service relies on sensor data collection to determine the security state of a machine. The service will not be able to determine the security state of machines that are not reporting sensor data properly. Therefore, it's important to ensure that sensor data collection is working properly. For more information, see [Fix unhealthy sensors](fix-unhealthy-sensors.md). + - The Microsoft Defender ATP service relies on sensor data collection to determine the security state of a machine. The service will not be able to determine the security state of machines that are not reporting sensor data properly. It's important to ensure that sensor data collection is working properly. For more information, see [Fix unhealthy sensors](fix-unhealthy-sensors.md). For more information, see [Bitlocker](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-overview). ### Microsoft Defender Credential Guard optimization -For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for Microsoft Defender Credential Guard is fulfilled. +A well-configured machine complies to the minimum baseline configuration setting. This tile shows you a list of actions to apply on endpoints to meet the minimum baseline configuration setting for Microsoft Defender Credential Guard. >[!IMPORTANT] >This security control is only applicable for machines with Windows 10, version 1709 or later. #### Minimum baseline configuration setting for Microsoft Defender Credential Guard: -Machines are considered "well configured" for Microsoft Defender Credential Guard if the following requirements are met: +Well-configured machines for Microsoft Defender Credential Guard meets the following requirements: - Hardware and software prerequisites are met - Microsoft Defender Credential Guard is turned on compatible machines @@ -277,7 +277,7 @@ You can take the following actions to increase the overall security score of you - Ensure hardware and software prerequisites are met - Turn on Credential Guard - Fix sensor data collection - - The Microsoft Defender ATP service relies on sensor data collection to determine the security state of a machine. The service will not be able to determine the security state of machines that are not reporting sensor data properly. Therefore, it's important to ensure that sensor data collection is working properly. For more information, see [Fix unhealthy sensors](fix-unhealthy-sensors.md). + - The Microsoft Defender ATP service relies on sensor data collection to determine the security state of a machine. The service will not be able to determine the security state of machines that are not reporting sensor data properly. It's important to ensure that sensor data collection is working properly. For more information, see [Fix unhealthy sensors](fix-unhealthy-sensors.md). For more information, see [Manage Microsoft Defender Credential Guard](https://docs.microsoft.com/windows/security/identity-protection/credential-guard/credential-guard-manage). From 1e4abe4bfcec3baece7b2bdcffd3f9868fe78b6c Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Thu, 25 Jul 2019 14:54:38 -0700 Subject: [PATCH 36/54] delete wdatp folder --- .../overview-secure-score.md | 82 ------------------- 1 file changed, 82 deletions(-) delete mode 100644 windows/security/threat-protection/windows-defender-atp/overview-secure-score.md diff --git a/windows/security/threat-protection/windows-defender-atp/overview-secure-score.md b/windows/security/threat-protection/windows-defender-atp/overview-secure-score.md deleted file mode 100644 index 7eed1f912d..0000000000 --- a/windows/security/threat-protection/windows-defender-atp/overview-secure-score.md +++ /dev/null @@ -1,82 +0,0 @@ ---- -title: Overview of Secure score in Windows Defender Security Center -description: Expand your visibility into the overall security posture of your organization -keywords: secure score, security controls, improvement opportunities, security score over time, score, posture, baseline -search.product: eADQiWindows 10XVcnh -search.appverid: met150 -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -ms.pagetype: security -ms.author: macapara -author: mjcaparas -ms.localizationpriority: medium -manager: dansimp -audience: ITPro -ms.collection: M365-security-compliance -ms.topic: conceptual -ms.date: 09/03/2018 ---- - -# Overview of Secure score in Windows Defender Security Center -**Applies to:** -- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) - -The Secure score dashboard expands your visibility into the overall security posture of your organization. From this dashboard, you'll be able to quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to further reduce the attack surface in your organization - all in one place. From there you can take action based on the recommended configuration baselines. - ->[!IMPORTANT] -> This feature is available for machines on Windows 10, version 1703 or later. - - -The **Secure score dashboard** displays a snapshot of: -- Microsoft secure score -- Secure score over time -- Top recommendations -- Improvement opportunities - - -![Secure score dashboard](images/new-secure-score-dashboard.png) - -## Microsoft secure score -The Microsoft secure score tile is reflective of the sum of all the Windows Defender security controls that are configured according to the recommended baseline and Office 365 controls. It allows you to drill down into each portal for further analysis. You can also improve this score by taking the steps in configuring each of the security controls in the optimal settings. - -![Image of Microsoft secure score tile](images/mss.png) - -Each Windows Defender security control contributes 100 points to the score. The total number is reflective of the score potential and calculated by multiplying the number of supported security controls (Windows Defender security controls pillars) by the maximum points that each pillar contributes (maximum of 100 points for each pillar). - -The Office 365 Secure Score looks at your settings and activities and compares them to a baseline established by Microsoft. For more information, see [Introducing the Office 365 Secure Score](https://support.office.com/en-us/article/introducing-the-office-365-secure-score-c9e7160f-2c34-4bd0-a548-5ddcc862eaef#howtoaccess). - -In the example image, the total points for the Windows security controls and Office 365 add up to 602 points. - -You can set the baselines for calculating the score of Windows Defender security controls on the Secure score dashboard through the **Settings**. For more information, see [Enable Secure score security controls](enable-secure-score-windows-defender-advanced-threat-protection.md). - -## Secure score over time -You can track the progression of your organizational security posture over time using this tile. It displays the overall score in a historical trend line enabling you to see how taking the recommended actions increase your overall security posture. The expected update schedule for Secure Score is about 24 hours. In some cases, depending of the size of the organization, number of computers and other factors, this update can take up to 72 hours. - -![Image of the security score over time tile](images/new-ssot.png) - -You can mouse over specific date points to see the total score for that security control is on a specific date. - - -## Top recommendations -Reflects specific actions you can take to significantly increase the security stance of your organization and how many points will be added to the secure score if you take the recommended action. - -![Top recommendations tile](images/top-recommendations.png) - -## Improvement opportunities -Improve your score by taking the recommended improvement actions listed on this tile. The goal is to reduce the gap between the perfect score and the current score for each control. - -Clicking on the affected machines link at the top of the table takes you to the Machines list. The list is filtered to reflect the list of machines where improvements can be made. - - - -![Improvement opportunities](images/io.png) - - -Within the tile, you can click on each control to see the recommended optimizations. - -Clicking the link under the Misconfigured machines column opens up the **Machines list** with filters applied to show only the list of machines where the recommendation is applicable. You can export the list in Excel to create a target collection and apply relevant policies using a management solution of your choice. - -## Related topic -- [Threat analytics](threat-analytics-dashboard-windows-defender-advanced-threat-protection.md) -- [Threat analytics for Spectre and Meltdown](threat-analytics-dashboard-windows-defender-advanced-threat-protection.md) From 8093bcad70c7631f5574f295d6416c08cea2eb9e Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Thu, 25 Jul 2019 14:57:19 -0700 Subject: [PATCH 37/54] update note on mcas --- .../microsoft-defender-atp/advanced-features.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md index edf9758501..38d679e8fa 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md @@ -130,7 +130,7 @@ Out of the two Microsoft Threat Expert components, targeted attack notification Enabling this setting forwards Microsoft Defender ATP signals to Microsoft Cloud App Security to provide deeper visibility into cloud application usage. Forwarded data is stored and processed in the same location as your Cloud App Security data. >[!NOTE] ->This feature is available with an E5 license for [Enterprise Mobility + Security](https://www.microsoft.com/cloud-platform/enterprise-mobility-security) on machines running Windows 10 version 1809 or later. +>This feature will be available with an E5 license for [Enterprise Mobility + Security](https://www.microsoft.com/cloud-platform/enterprise-mobility-security) on machines running Windows 10, version 1709 (OS Build 16299.1085 with [KB4493441](https://support.microsoft.com/help/4493441)), Windows 10, version 1803 (OS Build 17134.704 with [KB4493464](https://support.microsoft.com/help/4493464)), Windows 10, version 1809 (OS Build 17763.379 with [KB4489899](https://support.microsoft.com/help/4489899)) or later Windows 10 versions. ## Azure Information Protection From e1b6742a2db436927808fe6bf06d32e1c00422b9 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Thu, 25 Jul 2019 15:45:40 -0700 Subject: [PATCH 38/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services.md --- ...ndows-operating-system-components-to-microsoft-services.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index fe82aa66b7..12549f9740 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -418,7 +418,9 @@ To turn off Insider Preview builds for Windows 10: ### 8. Internet Explorer > [!NOTE] -> The following Group Policies and Registry Keys are for user interactive scenarios rather than the typical idle traffic scenario. Find the Internet Explorer Group Policy objects under **Computer Configuration > Administrative Templates > Windows Components > Internet Explorer** and make these settings: +>When attempting to use Internet Explorer on any edition of Windows Server be aware there are restrictions enforced by [Enhanced Security Configuration (ESC)](https://support.microsoft.com/en-us/help/815141/ie-enhanced-security-configuration-changes-browsing-experience). +> +>The following Group Policies and Registry Keys are for user interactive scenarios rather than the typical idle traffic scenario. Find the Internet Explorer Group Policy objects under **Computer Configuration > Administrative Templates > Windows Components > Internet Explorer** and make these settings: | Policy | Description | |------------------------------------------------------|-----------------------------------------------------------------------------------------------------| From 5c73ea49d49523efa78029a5a4774c67b11243d5 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Thu, 25 Jul 2019 15:51:10 -0700 Subject: [PATCH 39/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services.md --- ...ndows-operating-system-components-to-microsoft-services.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index 12549f9740..03023c8970 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -418,9 +418,7 @@ To turn off Insider Preview builds for Windows 10: ### 8. Internet Explorer > [!NOTE] ->When attempting to use Internet Explorer on any edition of Windows Server be aware there are restrictions enforced by [Enhanced Security Configuration (ESC)](https://support.microsoft.com/en-us/help/815141/ie-enhanced-security-configuration-changes-browsing-experience). -> ->The following Group Policies and Registry Keys are for user interactive scenarios rather than the typical idle traffic scenario. Find the Internet Explorer Group Policy objects under **Computer Configuration > Administrative Templates > Windows Components > Internet Explorer** and make these settings: +>When attempting to use Internet Explorer on any edition of Windows Server be aware there are restrictions enforced by [Enhanced Security Configuration (ESC)](https://support.microsoft.com/en-us/help/815141/ie-enhanced-security-configuration-changes-browsing-experience). The following Group Policies and Registry Keys are for user interactive scenarios rather than the typical idle traffic scenario. Find the Internet Explorer Group Policy objects under **Computer Configuration > Administrative Templates > Windows Components > Internet Explorer** and make these settings: | Policy | Description | |------------------------------------------------------|-----------------------------------------------------------------------------------------------------| From 41f4a071e087ef98e48188c4ee5be9e1239af7f3 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Thu, 25 Jul 2019 18:30:57 -0700 Subject: [PATCH 40/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md --- ...ponents-to-microsoft-services-using-MDM.md | 192 ++++++++---------- 1 file changed, 80 insertions(+), 112 deletions(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md index d2407c560b..50d850835b 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md @@ -41,141 +41,109 @@ The following table lists management options for each setting. For Windows 10, the following MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). 1. **Automatic Root Certificates Update** - 1. **MDM Policy:** There is intentionally no MDM available for Automatic Root Certificate Update. This MDM does not exist since it would prevent the operation and management of MDM management of devices. + 1. MDM Policy: There is intentionally no MDM available for Automatic Root Certificate Update. This MDM does not exist since it would prevent the operation and management of MDM management of devices. 1. **Cortana and Search** - 1. **MDM Policy:** [Experience/AllowCortana](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowcortana). Choose whether to let Cortana install and run on the device. **Set to 0 (zero)** - 1. **MDM Policy:** [Search/AllowSearchToUseLocation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-search#search-allowsearchtouselocation). Choose whether Cortana and Search can provide location-aware search results. **Set to 0 (zero)** + 1. MDM Policy: [Experience/AllowCortana](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowcortana). Choose whether to let Cortana install and run on the device. **Set to 0 (zero)** + 1. MDM Policy: [Search/AllowSearchToUseLocation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-search#search-allowsearchtouselocation). Choose whether Cortana and Search can provide location-aware search results. **Set to 0 (zero)** 1. **Date & Time** - 1. **MDM Policy:** [Settings/AllowDateTime](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-settings#settings-allowdatetime). Allows the user to change date and time settings. **Set to 0 (zero)** + 1. MDM Policy: [Settings/AllowDateTime](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-settings#settings-allowdatetime). Allows the user to change date and time settings. **Set to 0 (zero)** 1. **Device metadata retrieval** - 1. **MDM Policy:** [DeviceInstallation/PreventDeviceMetadataFromNetwork](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventdevicemetadatafromnetwork). Choose whether to prevent Windows from retrieving device metadata from the Internet. **Set to Enabled** + 1. MDM Policy: [DeviceInstallation/PreventDeviceMetadataFromNetwork](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventdevicemetadatafromnetwork). Choose whether to prevent Windows from retrieving device metadata from the Internet. **Set to Enabled** 1. **Find My Device ** - 1. **MDM Policy:** [Experience/AllowFindMyDevice](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowfindmydevice). This policy turns on Find My Device. **Set to 0 (zero)** + 1. MDM Policy: [Experience/AllowFindMyDevice](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowfindmydevice). This policy turns on Find My Device. **Set to 0 (zero)** 1. **Font streaming** - 1. **MDM Policy:** [System/AllowFontProviders](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowfontproviders). Setting that determines whether Windows is allowed to download fonts and font catalog data from an online font provider. **Set to 0 (zero)** + 1. MDM Policy: [System/AllowFontProviders](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowfontproviders). Setting that determines whether Windows is allowed to download fonts and font catalog data from an online font provider. **Set to 0 (zero)** 1. **Insider Preview builds** - 1. **MDM Policy:** [System/AllowBuildPreview](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowbuildpreview). This policy setting determines whether users can access the Insider build controls in the Advanced Options for Windows Update. **Set to 0 (zero)** + 1. MDM Policy: [System/AllowBuildPreview](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowbuildpreview). This policy setting determines whether users can access the Insider build controls in the Advanced Options for Windows Update. **Set to 0 (zero)** 1. **Internet Explorer** The following Microsoft Internet Explorer MDM policies are available in the [Internet Explorer CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer) - 1. **MDM Policy:** [InternetExplorer/AllowSuggestedSites](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-allowsuggestedsites). Recommends websites based on the user’s browsing activity. **Set to Disabled** - 1. **MDM Policy:** [InternetExplorer/PreventManagingSmartScreenFilter]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-preventmanagingsmartscreenfilter). Prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing," or is known to host malware. **Set to Enabled** - 1. **MDM Policy** [InternetExplorer/DisableFlipAheadFeature]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disableflipaheadfeature). Determines whether a user can swipe across a screen or click Forward to go to the next pre-loaded page of a website. **Set to Enabled** - 1. **MDM Policy** [InternetExplorer/DisableHomePageChange]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablehomepagechange). Determines whether users can change the default Home Page or not. **Set to Enabled** - 1. **MDM Policy** [InternetExplorer/DisableFirstRunWizard]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablefirstrunwizard) | Prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Windows. **Set to Enabled** + 1. MDM Policy: [InternetExplorer/AllowSuggestedSites](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-allowsuggestedsites). Recommends websites based on the user’s browsing activity. **Set to Disabled** + 1. MDM Policy: [InternetExplorer/PreventManagingSmartScreenFilter]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-preventmanagingsmartscreenfilter). Prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing," or is known to host malware. **Set to Enabled** + 1. MDM Policy: [InternetExplorer/DisableFlipAheadFeature]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disableflipaheadfeature). Determines whether a user can swipe across a screen or click Forward to go to the next pre-loaded page of a website. **Set to Enabled** + 1. MDM Policy: [InternetExplorer/DisableHomePageChange]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablehomepagechange). Determines whether users can change the default Home Page or not. **Set to Enabled** + 1. MDM Policy: [InternetExplorer/DisableFirstRunWizard]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablefirstrunwizard). Prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Windows. **Set to Enabled** 1. **Live Tiles** - 1. **MDM Policy:** [Notifications/DisallowTileNotification](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-notifications). This policy setting turns off tile notifications. If you enable this policy setting applications and system features will not be able to update their tiles and tile badges in the Start screen. **Set to Enabled** + 1. MDM Policy: [Notifications/DisallowTileNotification](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-notifications). This policy setting turns off tile notifications. If you enable this policy setting applications and system features will not be able to update their tiles and tile badges in the Start screen. **Set to Enabled** 1. **Mail synchronization** - 1. **MDM Policy:** [Accounts/AllowMicrosoftAccountConnection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountconnection). Specifies whether the user is allowed to use an MSA account for non-email related connection authentication and services. **Set to 0 (zero)** + 1. MDM Policy: [Accounts/AllowMicrosoftAccountConnection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountconnection). Specifies whether the user is allowed to use an MSA account for non-email related connection authentication and services. **Set to 0 (zero)** 1. **Microsoft Account** - 1. **MDM Policy:** [Accounts/AllowMicrosoftAccountSignInAssistant](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountsigninassistant). Disable the Microsoft Account Sign-In Assistant. **Set to 0 (zero)** + 1. MDM Policy: [Accounts/AllowMicrosoftAccountSignInAssistant](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountsigninassistant). Disable the Microsoft Account Sign-In Assistant. **Set to 0 (zero)** 1. **Microsoft Edge** The following Microsoft Edge MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). For a complete list of the Microsoft Edge policies, see [Available policies for Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/available-policies). - 1. **MDM Policy:** [Browser/AllowAutoFill](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowautofill). Choose whether employees can use autofill on websites. **Set to 0 (zero)** - 1. **MDM Policy:** [Browser/AllowDoNotTrack](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowdonottrack). Choose whether employees can send Do Not Track headers. **Set to 0 (zero)** - 1. **MDM Policy:** [Browser/AllowMicrosoftCompatbilityList](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowmicrosoftcompatibilitylist). Specify the Microsoft compatibility list in Microsoft Edge. **Set to 0 (zero)** - 1. **MDM Policy:** [Browser/AllowPasswordManager](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowpasswordmanager). Choose whether employees can save passwords locally on their devices. **Set to 0 (zero)** - 1. **MDM Policy:** [Browser/AllowSearchSuggestionsinAddressBar](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsearchsuggestionsinaddressbar). Choose whether the Address Bar shows search suggestions. **Set to 0 (zero)** + 1. MDM Policy: [Browser/AllowAutoFill](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowautofill). Choose whether employees can use autofill on websites. **Set to 0 (zero)** + 1. MDM Policy: [Browser/AllowDoNotTrack](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowdonottrack). Choose whether employees can send Do Not Track headers. **Set to 0 (zero)** + 1. MDM Policy: [Browser/AllowMicrosoftCompatbilityList](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowmicrosoftcompatibilitylist). Specify the Microsoft compatibility list in Microsoft Edge. **Set to 0 (zero)** + 1. MDM Policy: [Browser/AllowPasswordManager](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowpasswordmanager). Choose whether employees can save passwords locally on their devices. **Set to 0 (zero)** + 1. MDM Policy: [Browser/AllowSearchSuggestionsinAddressBar](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsearchsuggestionsinaddressbar). Choose whether the Address Bar shows search suggestions. **Set to 0 (zero)** + 1. MDM Policy: [Browser/AllowSmartScreen](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen). Choose whether SmartScreen is turned on or off. **Set to 0 (zero)** - 1. **MDM Policy:** [Browser/AllowSmartScreen](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen). Choose whether SmartScreen is turned on or off. **Set to 0 (zero)** +1. **Network Connection Status Indicator** + 1. [Connectivity/DisallowNetworkConnectivityActiveTests](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests). Note: After you apply this policy you must restart the device for the policy setting to take effect. **Set to 1 (one)** -> | Setting | MDM Policy | Description | -> | --- | --- | --- | -> | 1. Automatic Root Certificates Update | There is intentionally no MDM available for Automatic Root Certificate Update. | This MDM does not exist since it would prevent the operation and management of MDM management of devices.| -> | 2. Cortana and Search | [Experience/AllowCortana](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowcortana) | Choose whether to let Cortana install and run on the device. **Set to 0 (zero)**| -> | | [Search/AllowSearchToUseLocation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-search#search-allowsearchtouselocation) | Choose whether Cortana and Search can provide location-aware search results. **Set to 0 (zero)**| -> | 3. Date & Time | [Settings/AllowDateTime](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-settings#settings-allowdatetime)| Allows the user to change date and time settings. **Set to 0 (zero)**| -> | 4. Device metadata retrieval | [DeviceInstallation/PreventDeviceMetadataFromNetwork](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventdevicemetadatafromnetwork) | Choose whether to prevent Windows from retrieving device metadata from the Internet. **Set to Enabled**| -> | 5. Find My Device | [Experience/AllowFindMyDevice](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowfindmydevice)| This policy turns on Find My Device. **Set to 0 (zero)** | -> | 6. Font streaming | [System/AllowFontProviders](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowfontproviders) | Setting that determines whether Windows is allowed to download fonts and font catalog data from an online font provider. **Set to 0 (zero)** | -> | 7. Insider Preview builds | [System/AllowBuildPreview](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowbuildpreview) | This policy setting determines whether users can access the Insider build controls in the Advanced Options for Windows Update. **Set to 0 (zero)**| -> | 8. Internet Explorer | The following Microsoft Internet Explorer MDM policies are available in the [Internet Explorer CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer) | | -> | | [InternetExplorer/AllowSuggestedSites](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-allowsuggestedsites) | Recommends websites based on the user’s browsing activity. **Set to Disabled**| -> | | [InternetExplorer/PreventManagingSmartScreenFilter]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-preventmanagingsmartscreenfilter) | Prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing," or is known to host malware. **Set to Enabled**| -> | | [InternetExplorer/DisableFlipAheadFeature]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disableflipaheadfeature) | Determines whether a user can swipe across a screen or click Forward to go to the next pre-loaded page of a website. **Set to Enabled**| -> | | [InternetExplorer/DisableHomePageChange]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablehomepagechange) | Determines whether users can change the default Home Page or not. **Set to Enabled**| -> | | [InternetExplorer/DisableFirstRunWizard]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablefirstrunwizard) | Prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Windows. **Set to Enabled**| -> | 9. Live Tiles | [Notifications/DisallowTileNotification](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-notifications)| This policy setting turns off tile notifications. If you enable this policy setting applications and system features will not be able to update their tiles and tile badges in the Start screen. **Set to Enabled**| -> | 10. Mail synchronization | [Accounts/AllowMicrosoftAccountConnection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountconnection) | Specifies whether the user is allowed to use an MSA account for non-email related connection authentication and services. **Set to 0 (zero)** | -> | 11. Microsoft Account | [Accounts/AllowMicrosoftAccountSignInAssistant](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountsigninassistant) | Disable the Microsoft Account Sign-In Assistant. **Set to 0 (zero)** | -> | 12. Microsoft Edge | | The following Microsoft Edge MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). For a complete list of the Microsoft Edge policies, see [Available policies for Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/available-policies). | -> | | [Browser/AllowAutoFill](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowautofill) | Choose whether employees can use autofill on websites. **Set to 0 (zero)** | -> | | [Browser/AllowDoNotTrack](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowdonottrack) | Choose whether employees can send Do Not Track headers. **Set to 0 (zero)** | -> | | [Browser/AllowMicrosoftCompatbilityList](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowmicrosoftcompatibilitylist) | Specify the Microsoft compatibility list in Microsoft Edge. **Set to 0 (zero)** | -> | | [Browser/AllowPasswordManager](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowpasswordmanager) | Choose whether employees can save passwords locally on their devices. **Set to 0 (zero)** | -> | | [Browser/AllowSearchSuggestionsinAddressBar](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsearchsuggestionsinaddressbar) | Choose whether the Address Bar shows search suggestions. **Set to 0 (zero)** | -> | | [Browser/AllowSmartScreen](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Choose whether SmartScreen is turned on or off. **Set to 0 (zero)** | -> | 13. Network Connection Status Indicator | [Connectivity/DisallowNetworkConnectivityActiveTests](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) | Note: After you apply this policy you must restart the device for the policy setting to take effect. **Set to 1 (one)** | -> | 14. Offline maps | [AllowOfflineMapsDownloadOverMeteredConnection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps)|Allows the download and update of map data over metered connections.
**Set to 0 (zero)** | -> | | [EnableOfflineMapsAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate)|Disables the automatic download and update of map data. **Set to 0 (zero)** | -> | 15. OneDrive | [DisableOneDriveFileSync](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync)| Allows IT Admins to prevent apps and features from working with files on OneDrive. **Set to 1 (one)** | -> | 15.1 Ingest the ADMX | To get the latest OneDrive ADMX file you need an up-to-date Windows 10 client. | The ADMX files are located under the following path: %LocalAppData%\Microsoft\OneDrive\ there's a folder with the current OneDrive build (e.g. "18.162.0812.0001"). There is a folder named "adm" which contains the admx and adml policy definition files. | -> | 15.2 Prevent Network Traffic before User SignIn | PreventNetworkTrafficPreUserSignIn | The OMA-URI value is: ./Device/Vendor/MSFT/Policy/Config/OneDriveNGSC\~Policy\~OneDriveNGSC/PreventNetworkTrafficPreUserSignIn| -> | 16. Preinstalled apps | N/A | N/A | -> | 17. Privacy settings | | Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. | -> | 17.1 General | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) | This policy setting controls the ability to send inking and typing data to Microsoft. **Set to 0 (zero)**| -> | 17.2 Location | [System/AllowLocation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowlocation) | Specifies whether to allow app access to the Location service. **Set to 0 (zero)**| -> | 17.3 Camera | [Camera/AllowCamera](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-camera#camera-allowcamera) | Disables or enables the camera. **Set to 0 (zero)**| -> | 17.4 Microphone | [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone) | Specifies whether Windows apps can access the microphone. **Set to 2 (two)** | -> | 17.5 Notifications | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | Specifies whether Windows apps can access notifications. **Set to 2 (two)**| -> | | [Settings/AllowOnlineTips]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | Enables or disables the retrieval of online tips and help for the Settings app. **Set to Disabled**| -> | 17.6 Speech, Inking, & Typing | [Privacy/AllowInputPersonalization](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-allowinputpersonalization) | This policy specifies whether users on the device have the option to enable online speech recognition. **Set to 0 (zero)** | -> | | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)| This policy setting controls the ability to send inking and typing data to Microsoft **Set to 0 (zero)** | -> | 17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | Specifies whether Windows apps can access account information. **Set to 2 (two)** | -> | 17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | Specifies whether Windows apps can access contacts. **Set to 2 (two)** | -> | 17.9 Calendar | [Privacy/LetAppsAccessCalendar](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscalendar) | Specifies whether Windows apps can access the calendar. **Set to 2 (two)** | -> | 17.10 Call history | [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory) | Specifies whether Windows apps can access account information. **Set to 2 (two)** | -> | 17.11 Email | [Privacy/LetAppsAccessEmail](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessemail) | Specifies whether Windows apps can access email. **Set to 2 (two)** | -> | 17.12 Messaging | [Privacy/LetAppsAccessMessaging](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmessaging) | Specifies whether Windows apps can read or send messages (text or MMS). **Set to 2 (two)** | -> | 17.13 Phone calls | [Privacy/LetAppsAccessPhone](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone) | Specifies whether Windows apps can make phone calls. **Set to 2 (two)** | -> | 17.14 Radios | [Privacy/LetAppsAccessRadios](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessradios) | Specifies whether Windows apps have access to control radios. **Set to 2 (two)** | -> | 17.15 Other devices | [Privacy/LetAppsSyncWithDevices](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappssyncwithdevices) | Specifies whether Windows apps can sync with devices. **Set to 2 (two)** | -> | | [Privacy/LetAppsAccessTrustedDevices](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstrusteddevices) | Specifies whether Windows apps can access trusted devices. **Set to 2 (two)** | -> | 17.16 Feedback & diagnostics | [System/AllowTelemetry](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | Allow the device to send diagnostic and usage telemetry data, such as Watson. **Set to 0 (zero)** | -> | | [Experience/DoNotShowFeedbackNotifications](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-donotshowfeedbacknotifications)| Prevents devices from showing feedback questions from Microsoft. **Set to 1 (one)** | -> | 17.17 Background apps | [Privacy/LetAppsRunInBackground](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsruninbackground) | Specifies whether Windows apps can run in the background. **Set to 2 (two)** | -> | 17.18 Motion | [Privacy/LetAppsAccessMotion](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmotion) | Specifies whether Windows apps can access motion data. **Set to 2 (two)** | -> | 17.19 Tasks | [Privacy/LetAppsAccessTasks](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstasks) | Turn off the ability to choose which apps have access to tasks. **Set to 2 (two)** | -> | 17.20 App Diagnostics | [Privacy/LetAppsGetDiagnosticInfo](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsgetdiagnosticinfo) | Force allow, force deny or give user control of apps that can get diagnostic information about other running apps. **Set to 2 (two)** | -> | 18. Software Protection Platform | [Licensing/DisallowKMSClientOnlineAVSValidation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-licensing#licensing-disallowkmsclientonlineavsvalidation) | Opt out of sending KMS client activation data to Microsoft automatically. **Set to 1 (one)** | -> | 19. Storage Health | [Storage/AllowDiskHealthModelUpdates](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-storage#storage-allowdiskhealthmodelupdates) | Allows disk health model updates. **Set to 0 (zero)** | -> | 20. Sync your settings | [Experience/AllowSyncMySettings](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowsyncmysettings) | Control whether your settings are synchronized. **Set to 0 (zero)** | -> | 21. Teredo | No MDM needed | Teredo is **Off by default**. Delivery Optimization (DO) can turn on Teredo, but DO itself is turned Off via MDM. | -> | 22. Wi-Fi Sense | No MDM needed | Wi-Fi Sense is no longer available from Windows 10 version 1803 and newer. | -> | 23. Windows Defender | [Defender/AllowCloudProtection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-allowcloudprotection) | Disconnect from the Microsoft Antimalware Protection Service. **Set to 0 (zero)** | -> | | [Defender/SubmitSamplesConsent](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-submitsamplesconsent) | Stop sending file samples back to Microsoft. **Set to 2 (two)** | -> | 23.1 Windows Defender Smartscreen | [Browser/AllowSmartScreen](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Disable Windows Defender Smartscreen. **Set to 0 (zero)** | -> | 23.2 Windows Defender Smartscreen EnableAppInstallControl | [SmartScreen/EnableAppInstallControl](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-smartscreen#smartscreen-enableappinstallcontrol) | Controls whether users are allowed to install apps from places other than the Microsoft Store. **Set to 0 (zero)** | -> | 23.3 Windows Defender Potentially Unwanted Applications(PUA) Protection | [Defender/PUAProtection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-puaprotection) | Specifies the level of detection for potentially unwanted applications (PUAs). **Set to 1 (one)** | -> | 24. Windows Spotlight | [Experience/AllowWindowsSpotlight](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowwindowsspotlight) | Disable Windows Spotlight. **Set to 0 (zero)** | -> | 25. Microsoft Store | [ApplicationManagement/DisableStoreOriginatedApps](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-disablestoreoriginatedapps)| Boolean value that disables the launch of all apps from Microsoft Store that came pre-installed or were downloaded. **Set to 1 (one)** | -> | | [ApplicationManagement/AllowAppStoreAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-allowappstoreautoupdate)| Specifies whether automatic update of apps from Microsoft Store are allowed. **Set to 0 (zero)** | -> | 25.1 Apps for websites | [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers) | This policy setting determines whether Windows supports web-to-app linking with app URI handlers. **Set to 0 (zero)** | -> | 26. Windows Update Delivery Optimization | | The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). | -> | | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Lets you choose where Delivery Optimization gets or sends updates and apps. **Set to 100 (one hundred)** | -> | 27. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. **Set to 5 (five)**| -> | 27.1 Windows Update Allow Update Service | [Update/AllowUpdateService](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowupdateservice) | Specifies whether the device could use Microsoft Update, Windows Server Update Services (WSUS), or Microsoft Store. **Set to 0 (zero)**| -> | 27.2 Windows Update Service URL| [Update/UpdateServiceUrl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-updateserviceurl) | Allows the device to check for updates from a WSUS server instead of Microsoft Update. **Set to String** with this Value:| - - $CmdID$ - - - chr - text/plain - - - ./Vendor/MSFT/Policy/Config/Update/UpdateServiceUrl - - http://abcd-srv:8530 - - +1. **Offline maps** + 1. MDM Policy: [AllowOfflineMapsDownloadOverMeteredConnection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps). Allows the download and update of map data over metered connections.
**Set to 0 (zero)** + 1. MDM Policy: [EnableOfflineMapsAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate). Disables the automatic download and update of map data. **Set to 0 (zero)** + +1. **OneDrive** + 1. MDM Policy: [DisableOneDriveFileSync](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync). Allows IT Admins to prevent apps and features from working with files on OneDrive. **Set to 1 (one)** + 1. Ingest the ADMX - To get the latest OneDrive ADMX file you need an up-to-date Windows 10 client. The ADMX files are located under the following path: %LocalAppData%\Microsoft\OneDrive\ there's a folder with the current OneDrive build (e.g. "18.162.0812.0001"). There is a folder named "adm" which contains the admx and adml policy definition files. + 1. MDM Policy: Prevent Network Traffic before User SignIn. PreventNetworkTrafficPreUserSignIn. The OMA-URI value is: ./Device/Vendor/MSFT/Policy/Config/OneDriveNGSC\~Policy\~OneDriveNGSC/PreventNetworkTrafficPreUserSignIn + +1. **Privacy settings** Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. + 1. General - [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection). This policy setting controls the ability to send inking and typing data to Microsoft. **Set to 0 (zero)** + 1. Location - [System/AllowLocation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowlocation). Specifies whether to allow app access to the Location service. **Set to 0 (zero)** + 1. Camera - [Camera/AllowCamera](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-camera#camera-allowcamera). Disables or enables the camera. **Set to 0 (zero)** + 1. Microphone - [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone). Specifies whether Windows apps can access the microphone. **Set to 2 (two)** + 1. Notifications - [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications). Specifies whether Windows apps can access notifications. **Set to 2 (two)** + 1. Notifications - [Settings/AllowOnlineTips]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips). Enables or disables the retrieval of online tips and help for the Settings app. **Set to Disabled** + 1. Speech, Inking, & Typing - [Privacy/AllowInputPersonalization](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-allowinputpersonalization). This policy specifies whether users on the device have the option to enable online speech recognition. **Set to 0 (zero)** + 1. Speech, Inking, & Typing - [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection). This policy setting controls the ability to send inking and typing data to Microsoft **Set to 0 (zero)** + 1. Account info - [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo). Specifies whether Windows apps can access account information. **Set to 2 (two)** + 1. Contacts - [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts). Specifies whether Windows apps can access contacts. **Set to 2 (two)** + 1. Calendar - [Privacy/LetAppsAccessCalendar](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscalendar). Specifies whether Windows apps can access the calendar. **Set to 2 (two)** + 1. Call history - [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory). Specifies whether Windows apps can access account information. **Set to 2 (two)** + 1. Email - [Privacy/LetAppsAccessEmail](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessemail). Specifies whether Windows apps can access email. **Set to 2 (two)** + 1. Messaging - [Privacy/LetAppsAccessMessaging](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmessaging). Specifies whether Windows apps can read or send messages (text or MMS). **Set to 2 (two)** + 1. Phone calls - [Privacy/LetAppsAccessPhone](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone). Specifies whether Windows apps can make phone calls. **Set to 2 (two)** + 1. Radios - [Privacy/LetAppsAccessRadios](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessradios). Specifies whether Windows apps have access to control radios. **Set to 2 (two)** + 1. Other devices - [Privacy/LetAppsSyncWithDevices](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappssyncwithdevices). Specifies whether Windows apps can sync with devices. **Set to 2 (two)** + 1. Other devices - [Privacy/LetAppsAccessTrustedDevices](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstrusteddevices). Specifies whether Windows apps can access trusted devices. **Set to 2 (two)** + 1. Feedback & diagnostics - [System/AllowTelemetry](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowtelemetry). Allow the device to send diagnostic and usage telemetry data, such as Watson. **Set to 0 (zero)** + 1. Feedback & diagnostics - [Experience/DoNotShowFeedbackNotifications](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-donotshowfeedbacknotifications). Prevents devices from showing feedback questions from Microsoft. **Set to 1 (one)** + 1. Background apps - [Privacy/LetAppsRunInBackground](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsruninbackground). Specifies whether Windows apps can run in the background. **Set to 2 (two)** + 1. Motion - [Privacy/LetAppsAccessMotion](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmotion). Specifies whether Windows apps can access motion data. **Set to 2 (two)** + 1. Tasks - [Privacy/LetAppsAccessTasks](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstasks). Turn off the ability to choose which apps have access to tasks. **Set to 2 (two)** + 1. App Diagnostics - [Privacy/LetAppsGetDiagnosticInfo](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsgetdiagnosticinfo). Force allow, force deny or give user control of apps that can get diagnostic information about other running apps. **Set to 2 (two)** +1. Software Protection Platform - [Licensing/DisallowKMSClientOnlineAVSValidation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-licensing#licensing-disallowkmsclientonlineavsvalidation). Opt out of sending KMS client activation data to Microsoft automatically. **Set to 1 (one)** +1. Storage Health - [Storage/AllowDiskHealthModelUpdates](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-storage#storage-allowdiskhealthmodelupdates). Allows disk health model updates. **Set to 0 (zero)** +1. Sync your settings - [Experience/AllowSyncMySettings](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowsyncmysettings). Control whether your settings are synchronized. **Set to 0 (zero)** +1. Teredo - No MDM needed. Teredo is **Off by default**. Delivery Optimization (DO) can turn on Teredo, but DO itself is turned Off via MDM. +1. Wi-Fi Sense - No MDM needed. Wi-Fi Sense is no longer available from Windows 10 version 1803 and newer. +1. Windows Defender + 1. [Defender/AllowCloudProtection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-allowcloudprotection). Disconnect from the Microsoft Antimalware Protection Service. **Set to 0 (zero)** + 1. [Defender/SubmitSamplesConsent](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-submitsamplesconsent). Stop sending file samples back to Microsoft. **Set to 2 (two)** + 1. Windows Defender Smartscreen - [Browser/AllowSmartScreen](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen). Disable Windows Defender Smartscreen. **Set to 0 (zero)** + 1. Windows Defender Smartscreen EnableAppInstallControl - [SmartScreen/EnableAppInstallControl](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-smartscreen#smartscreen-enableappinstallcontrol). Controls whether users are allowed to install apps from places other than the Microsoft Store. **Set to 0 (zero)** + 1. Windows Defender Potentially Unwanted Applications(PUA) Protection - [Defender/PUAProtection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-puaprotection). Specifies the level of detection for potentially unwanted applications (PUAs). **Set to 1 (one)** +1. Windows Spotlight - [Experience/AllowWindowsSpotlight](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowwindowsspotlight). Disable Windows Spotlight. **Set to 0 (zero)** +1. Microsoft Store + 1. [ApplicationManagement/DisableStoreOriginatedApps](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-disablestoreoriginatedapps). Boolean value that disables the launch of all apps from Microsoft Store that came pre-installed or were downloaded. **Set to 1 (one)** + 1. [ApplicationManagement/AllowAppStoreAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-allowappstoreautoupdate). Specifies whether automatic update of apps from Microsoft Store are allowed. **Set to 0 (zero)** +1 Apps for websites - [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers). This policy setting determines whether Windows supports web-to-app linking with app URI handlers. **Set to 0 (zero)** +1. Windows Update Delivery Optimization - The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). + 1. [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode). Let’s you choose where Delivery Optimization gets or sends updates and apps. **Set to 100 (one hundred)** +1. Windows Update + 1. [Update/AllowAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowautoupdate). Control automatic updates. **Set to 5 (five)** + 1. Windows Update Allow Update Service - [Update/AllowUpdateService](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowupdateservice). Specifies whether the device could use Microsoft Update, Windows Server Update Services (WSUS), or Microsoft Store. **Set to 0 (zero)** + 1. Windows Update Service URL - [Update/UpdateServiceUrl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-updateserviceurl). Allows the device to check for updates from a WSUS server instead of Microsoft Update. **Set to String** with this Value: $CmdID$ chr text/plain ./Vendor/MSFT/Policy/Config/Update/UpdateServiceUrl http://abcd-srv:8530 ### Allowed traffic ("Whitelisted traffic") for Microsoft InTune / MDM configurations From 8fabc6a46951ef1e049e795504df4787086bd05d Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Thu, 25 Jul 2019 18:39:40 -0700 Subject: [PATCH 41/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md --- ...ponents-to-microsoft-services-using-MDM.md | 27 ++++++++++--------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md index 50d850835b..8c2ca337c4 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md @@ -53,7 +53,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt 1. **Device metadata retrieval** 1. MDM Policy: [DeviceInstallation/PreventDeviceMetadataFromNetwork](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventdevicemetadatafromnetwork). Choose whether to prevent Windows from retrieving device metadata from the Internet. **Set to Enabled** -1. **Find My Device ** +1. **Find My Device** 1. MDM Policy: [Experience/AllowFindMyDevice](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowfindmydevice). This policy turns on Find My Device. **Set to 0 (zero)** 1. **Font streaming** @@ -122,28 +122,29 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt 1. Motion - [Privacy/LetAppsAccessMotion](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmotion). Specifies whether Windows apps can access motion data. **Set to 2 (two)** 1. Tasks - [Privacy/LetAppsAccessTasks](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstasks). Turn off the ability to choose which apps have access to tasks. **Set to 2 (two)** 1. App Diagnostics - [Privacy/LetAppsGetDiagnosticInfo](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsgetdiagnosticinfo). Force allow, force deny or give user control of apps that can get diagnostic information about other running apps. **Set to 2 (two)** -1. Software Protection Platform - [Licensing/DisallowKMSClientOnlineAVSValidation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-licensing#licensing-disallowkmsclientonlineavsvalidation). Opt out of sending KMS client activation data to Microsoft automatically. **Set to 1 (one)** -1. Storage Health - [Storage/AllowDiskHealthModelUpdates](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-storage#storage-allowdiskhealthmodelupdates). Allows disk health model updates. **Set to 0 (zero)** -1. Sync your settings - [Experience/AllowSyncMySettings](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowsyncmysettings). Control whether your settings are synchronized. **Set to 0 (zero)** -1. Teredo - No MDM needed. Teredo is **Off by default**. Delivery Optimization (DO) can turn on Teredo, but DO itself is turned Off via MDM. -1. Wi-Fi Sense - No MDM needed. Wi-Fi Sense is no longer available from Windows 10 version 1803 and newer. -1. Windows Defender +1. **Software Protection Platform** - [Licensing/DisallowKMSClientOnlineAVSValidation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-licensing#licensing-disallowkmsclientonlineavsvalidation). Opt out of sending KMS client activation data to Microsoft automatically. **Set to 1 (one)** +1. **Storage Health** - [Storage/AllowDiskHealthModelUpdates](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-storage#storage-allowdiskhealthmodelupdates). Allows disk health model updates. **Set to 0 (zero)** +1. **Sync your settings** - [Experience/AllowSyncMySettings](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowsyncmysettings). Control whether your settings are synchronized. **Set to 0 (zero)** +1. **Teredo** - No MDM needed. Teredo is **Off by default**. Delivery Optimization (DO) can turn on Teredo, but DO itself is turned Off via MDM. +1. **Wi-Fi Sense** - No MDM needed. Wi-Fi Sense is no longer available from Windows 10 version 1803 and newer. +1. **Windows Defender** 1. [Defender/AllowCloudProtection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-allowcloudprotection). Disconnect from the Microsoft Antimalware Protection Service. **Set to 0 (zero)** 1. [Defender/SubmitSamplesConsent](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-submitsamplesconsent). Stop sending file samples back to Microsoft. **Set to 2 (two)** 1. Windows Defender Smartscreen - [Browser/AllowSmartScreen](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen). Disable Windows Defender Smartscreen. **Set to 0 (zero)** 1. Windows Defender Smartscreen EnableAppInstallControl - [SmartScreen/EnableAppInstallControl](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-smartscreen#smartscreen-enableappinstallcontrol). Controls whether users are allowed to install apps from places other than the Microsoft Store. **Set to 0 (zero)** 1. Windows Defender Potentially Unwanted Applications(PUA) Protection - [Defender/PUAProtection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-puaprotection). Specifies the level of detection for potentially unwanted applications (PUAs). **Set to 1 (one)** -1. Windows Spotlight - [Experience/AllowWindowsSpotlight](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowwindowsspotlight). Disable Windows Spotlight. **Set to 0 (zero)** -1. Microsoft Store +1. **Windows Spotlight** - [Experience/AllowWindowsSpotlight](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowwindowsspotlight). Disable Windows Spotlight. **Set to 0 (zero)** +1. **Microsoft Store** 1. [ApplicationManagement/DisableStoreOriginatedApps](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-disablestoreoriginatedapps). Boolean value that disables the launch of all apps from Microsoft Store that came pre-installed or were downloaded. **Set to 1 (one)** 1. [ApplicationManagement/AllowAppStoreAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-allowappstoreautoupdate). Specifies whether automatic update of apps from Microsoft Store are allowed. **Set to 0 (zero)** -1 Apps for websites - [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers). This policy setting determines whether Windows supports web-to-app linking with app URI handlers. **Set to 0 (zero)** -1. Windows Update Delivery Optimization - The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). +1 **Apps for websites** - [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers). This policy setting determines whether Windows supports web-to-app linking with app URI handlers. **Set to 0 (zero)** +1. **Windows Update Delivery Optimization** - The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). 1. [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode). Let’s you choose where Delivery Optimization gets or sends updates and apps. **Set to 100 (one hundred)** -1. Windows Update +1. **Windows Update** 1. [Update/AllowAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowautoupdate). Control automatic updates. **Set to 5 (five)** 1. Windows Update Allow Update Service - [Update/AllowUpdateService](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowupdateservice). Specifies whether the device could use Microsoft Update, Windows Server Update Services (WSUS), or Microsoft Store. **Set to 0 (zero)** - 1. Windows Update Service URL - [Update/UpdateServiceUrl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-updateserviceurl). Allows the device to check for updates from a WSUS server instead of Microsoft Update. **Set to String** with this Value: $CmdID$ chr text/plain ./Vendor/MSFT/Policy/Config/Update/UpdateServiceUrl http://abcd-srv:8530 + 1. Windows Update Service URL - [Update/UpdateServiceUrl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-updateserviceurl). Allows the device to check for updates from a WSUS server instead of Microsoft Update. **Set to String** with the Value next to item "a" below: + 1. \\$CmdID$\\\chr\text/plain\\ \./Vendor/MSFT/Policy/Config/Update/UpdateServiceUrl\\http://abcd-srv:8530\\ ### Allowed traffic ("Whitelisted traffic") for Microsoft InTune / MDM configurations From 09f27593ef18bdd4d5d220e7627153f4c9263d20 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Thu, 25 Jul 2019 18:57:31 -0700 Subject: [PATCH 42/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md --- ...ing-system-components-to-microsoft-services-using-MDM.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md index 8c2ca337c4..e43cc160d7 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md @@ -69,7 +69,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt 1. MDM Policy: [InternetExplorer/DisableFirstRunWizard]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablefirstrunwizard). Prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Windows. **Set to Enabled** 1. **Live Tiles** - 1. MDM Policy: [Notifications/DisallowTileNotification](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-notifications). This policy setting turns off tile notifications. If you enable this policy setting applications and system features will not be able to update their tiles and tile badges in the Start screen. **Set to Enabled** + 1. MDM Policy: [Notifications/DisallowTileNotification](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-notifications). This policy setting turns off tile notifications. If you enable this policy setting applications and system features will not be able to update their tiles and tile badges in the Start screen. **Integer value 1** 1. **Mail synchronization** 1. MDM Policy: [Accounts/AllowMicrosoftAccountConnection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountconnection). Specifies whether the user is allowed to use an MSA account for non-email related connection authentication and services. **Set to 0 (zero)** @@ -95,7 +95,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt 1. **OneDrive** 1. MDM Policy: [DisableOneDriveFileSync](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync). Allows IT Admins to prevent apps and features from working with files on OneDrive. **Set to 1 (one)** 1. Ingest the ADMX - To get the latest OneDrive ADMX file you need an up-to-date Windows 10 client. The ADMX files are located under the following path: %LocalAppData%\Microsoft\OneDrive\ there's a folder with the current OneDrive build (e.g. "18.162.0812.0001"). There is a folder named "adm" which contains the admx and adml policy definition files. - 1. MDM Policy: Prevent Network Traffic before User SignIn. PreventNetworkTrafficPreUserSignIn. The OMA-URI value is: ./Device/Vendor/MSFT/Policy/Config/OneDriveNGSC\~Policy\~OneDriveNGSC/PreventNetworkTrafficPreUserSignIn + 1. MDM Policy: Prevent Network Traffic before User SignIn. PreventNetworkTrafficPreUserSignIn. The OMA-URI value is: ./Device/Vendor/MSFT/Policy/Config/OneDriveNGSC\~Policy\~OneDriveNGSC/PreventNetworkTrafficPreUserSignIn, String, \ 1. **Privacy settings** Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. 1. General - [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection). This policy setting controls the ability to send inking and typing data to Microsoft. **Set to 0 (zero)** @@ -103,7 +103,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt 1. Camera - [Camera/AllowCamera](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-camera#camera-allowcamera). Disables or enables the camera. **Set to 0 (zero)** 1. Microphone - [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone). Specifies whether Windows apps can access the microphone. **Set to 2 (two)** 1. Notifications - [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications). Specifies whether Windows apps can access notifications. **Set to 2 (two)** - 1. Notifications - [Settings/AllowOnlineTips]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips). Enables or disables the retrieval of online tips and help for the Settings app. **Set to Disabled** + 1. Notifications - [Settings/AllowOnlineTips]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips). Enables or disables the retrieval of online tips and help for the Settings app. **Integer value 0** 1. Speech, Inking, & Typing - [Privacy/AllowInputPersonalization](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-allowinputpersonalization). This policy specifies whether users on the device have the option to enable online speech recognition. **Set to 0 (zero)** 1. Speech, Inking, & Typing - [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection). This policy setting controls the ability to send inking and typing data to Microsoft **Set to 0 (zero)** 1. Account info - [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo). Specifies whether Windows apps can access account information. **Set to 2 (two)** From ac0aab659cf626fa58e6c0db1683e02d8bcfe8d9 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Thu, 25 Jul 2019 19:10:14 -0700 Subject: [PATCH 43/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services.md --- ...ows-operating-system-components-to-microsoft-services.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index 21e7f8f027..782dda6dcc 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -67,7 +67,7 @@ The following table lists management options for each setting, beginning with Wi | [9. License Manager](#bkmk-licmgr) | | | ![Check mark](images/checkmark.png) | | [10. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [11. Mail synchronization](#bkmk-mailsync) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | -| [12. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | +| [12. Microsoft Account](#bkmk-microsoft-account) | | | ![Check mark](images/checkmark.png) | | [13. Microsoft Edge](#bkmk-edge) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [14. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [15. Offline maps](#bkmk-offlinemaps) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | @@ -125,7 +125,7 @@ See the following table for a summary of the management settings for Windows Ser | [7. Insider Preview builds](#bkmk-previewbuilds) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [8. Internet Explorer](#bkmk-ie) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [10. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | -| [12. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | +| [12. Microsoft Account](#bkmk-microsoft-account) | | | ![Check mark](images/checkmark.png) | | [14. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [16. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [18. Settings > Privacy](#bkmk-settingssection) | | | | @@ -179,7 +179,7 @@ See the following table for a summary of the management settings for Windows Ser | [8. Internet Explorer](#bkmk-ie) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [10. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [11. Mail synchronization](#bkmk-mailsync) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | -| [12. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | +| [12. Microsoft Account](#bkmk-microsoft-account) | | | ![Check mark](images/checkmark.png) | | [13. Microsoft Edge](#bkmk-edge) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [14. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [15. Offline maps](#bkmk-offlinemaps) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | From 8597aa8c7bb8290591047fc8df405712ea5bf409 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Thu, 25 Jul 2019 20:06:15 -0700 Subject: [PATCH 44/54] add new issues (#777) --- .../resolved-issues-windows-10-1507.yml | 20 ++++++------- .../resolved-issues-windows-10-1607.yml | 20 ++++++------- .../resolved-issues-windows-10-1703.yml | 10 +++---- .../resolved-issues-windows-10-1709.yml | 10 +++---- .../resolved-issues-windows-10-1803.yml | 16 +++++------ ...indows-10-1809-and-windows-server-2019.yml | 26 ++++++++--------- .../resolved-issues-windows-10-1903.yml | 8 +++--- ...ndows-7-and-windows-server-2008-r2-sp1.yml | 24 ++++++++-------- ...windows-8.1-and-windows-server-2012-r2.yml | 28 +++++++++---------- ...esolved-issues-windows-server-2008-sp2.yml | 8 +++--- .../resolved-issues-windows-server-2012.yml | 14 +++++----- .../status-windows-10-1507.yml | 2 +- ...indows-10-1607-and-windows-server-2016.yml | 14 ++++++---- .../status-windows-10-1703.yml | 12 +++++++- .../status-windows-10-1709.yml | 4 ++- .../status-windows-10-1803.yml | 6 ++-- ...indows-10-1809-and-windows-server-2019.yml | 9 +++--- .../status-windows-10-1903.yml | 26 +++++++++-------- ...windows-8.1-and-windows-server-2012-r2.yml | 2 +- 19 files changed, 140 insertions(+), 119 deletions(-) diff --git a/windows/release-information/resolved-issues-windows-10-1507.yml b/windows/release-information/resolved-issues-windows-10-1507.yml index fcb44369bb..048946f759 100644 --- a/windows/release-information/resolved-issues-windows-10-1507.yml +++ b/windows/release-information/resolved-issues-windows-10-1507.yml @@ -34,15 +34,15 @@ sections:
MessageDate
Status update: Windows 10, version 1903 “D” release
The optional monthly “D” release for Windows 10, version 1903 will be available in the near term. Follow @WindowsUpdate for the latest on the availability of this release.
July 24, 2019
12:00 AM PT
Plan for change: Microsoft Silverlight will reach end of support on October 12, 2021
After this date, Silverlight will not receive any future quality or security updates. Microsoft will continue to ship updates to the Silverlight 5 Developer Runtime for supported browsers and versions (Internet Explorer 10 and Internet Explorer 11); however, please note that support for Internet Explorer 10 will end on 31 January 2020. See the Silverlight end of support FAQ for more details.
July 19, 2019
12:00 AM PT
Evolving Windows 10 servicing and quality
Find out how we plan to further optimize the delivery of the next Windows 10 feature update for devices running Windows 10, version 1903. If you're a commercial customer, please see the Windows IT Pro Blog for more details on how to plan for this new update option in your environment.
July 01, 2019
02:00 PM PT
Windows 10, version 1903 starting to roll out to devices running Windows 10, version 1803 and earlier
We are now beginning to build and train the machine learning (ML) based rollout process to update devices running Windows 10, version 1803 (the April 2018 Update) and earlier versions of Windows 10, to ensure we can continue to service these devices and provide the latest updates, security updates, and improvements.
June 18, 2019
02:00 PM PT
- - - - - - - + + + + + + +
SummaryOriginating updateStatusDate resolved
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 10240.18244

June 11, 2019
KB4503291		Resolved
KB4507458		July 09, 2019
10:00 AM PT
Unable to access some gov.uk websites
gov.uk websites that don’t support “HSTS” may not be accessible

See details >		OS Build 10240.18215

May 14, 2019
KB4499154		Resolved
KB4505051		May 19, 2019
02:00 PM PT
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4493475		April 09, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >		OS Build 10240.18158

March 12, 2019
KB4489872		Resolved
KB4493475		April 09, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4493475		April 09, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		March 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		March 12, 2019
10:00 AM PT
First character of Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		March 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4491101		February 21, 2019
02:00 PM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4487018		February 12, 2019
10:00 AM PT
Unable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4487018		February 12, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4493475		April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		March 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4491101		February 21, 2019
02:00 PM PT
First character of Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		March 12, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >		OS Build 10240.18158

March 12, 2019
KB4489872		Resolved
KB4493475		April 09, 2019
10:00 AM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4487018		February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		March 12, 2019
10:00 AM PT
" @@ -86,10 +86,10 @@ sections: text: " - - + +
DetailsOriginating updateStatusHistory
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. 
 
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. 
 
Affected platforms:  
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493475

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4493475		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489872.

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4487018, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489872.

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
First character of Japanese era name not recognized
After installing KB4487018, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489872.

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
After installing KB4487018, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4491101.

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4491101		Resolved:
February 21, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
First character of Japanese era name not recognized
After installing KB4487018, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489872.

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489872.

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
" @@ -98,8 +98,8 @@ sections: - type: markdown text: " + -
DetailsOriginating updateStatusHistory
Unable to access hotspots with third-party applications
After installing KB4480962, third-party applications may have difficulty authenticating hotspots.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4487018.

Back to top		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4487018		Resolved:
February 12, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
After installing KB4480962, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493475.

Back to top		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4493475		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, \"Unrecognized Database Format\".

Affected platforms:
  • Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487018.

Back to top		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4487018		Resolved:
February 12, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Unable to access hotspots with third-party applications
After installing KB4480962, third-party applications may have difficulty authenticating hotspots.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4487018.

Back to top		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4487018		Resolved:
February 12, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml index f39eb6c19d..c20d9b33f0 100644 --- a/windows/release-information/resolved-issues-windows-10-1607.yml +++ b/windows/release-information/resolved-issues-windows-10-1607.yml @@ -43,17 +43,17 @@ sections:
Unable to access some gov.uk websites
gov.uk websites that don’t support “HSTS” may not be accessible

See details >OS Build 14393.2969

May 14, 2019
KB4494440Resolved
KB4505052May 19, 2019
02:00 PM PT
Layout and cell size of Excel sheets may change when using MS UI Gothic
When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel.

See details >OS Build 14393.2941

April 25, 2019
KB4493473Resolved
KB4494440May 14, 2019
10:00 AM PT
Zone transfers over TCP may fail
Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.

See details >OS Build 14393.2941

April 25, 2019
KB4493473Resolved
KB4494440May 14, 2019
10:00 AM PT -
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >OS Build 14393.2848

March 12, 2019
KB4489882Resolved
KB4493473April 25, 2019
02:00 PM PT -
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup.

See details >OS Build 14393.2879

March 19, 2019
KB4489889Resolved
KB4493470April 09, 2019
10:00 AM PT -
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >OS Build 14393.2724

January 08, 2019
KB4480961Resolved
KB4493470April 09, 2019
10:00 AM PT -
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 14393.2724

January 08, 2019
KB4480961Resolved
KB4493470April 09, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >OS Build 14393.2791

February 12, 2019
KB4487026Resolved
KB4493470April 09, 2019
10:00 AM PT -
Issue hosting multiple terminal server sessions and a user logs off on Windows Server
In some cases, Windows Server will stop working and restart when hosting multiple terminal server sessions and a user logs off.

See details >OS Build 14393.2828

February 19, 2019
KB4487006Resolved
KB4489882March 12, 2019
10:00 AM PT +
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >OS Build 14393.2724

January 08, 2019
KB4480961Resolved
KB4493470April 09, 2019
10:00 AM PT +
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup.

See details >OS Build 14393.2879

March 19, 2019
KB4489889Resolved
KB4493470April 09, 2019
10:00 AM PT +
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 14393.2724

January 08, 2019
KB4480961Resolved
KB4493470April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >OS Build 14393.2791

February 12, 2019
KB4487026Resolved
KB4489882March 12, 2019
10:00 AM PT -
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >OS Build 14393.2791

February 12, 2019
KB4487026Resolved
KB4487006February 19, 2019
02:00 PM PT -
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 14393.2759

January 17, 2019
KB4480977Resolved
KB4487006February 19, 2019
02:00 PM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >OS Build 14393.2791

February 12, 2019
KB4487026Resolved
KB4487006February 19, 2019
02:00 PM PT +
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 14393.2759

January 17, 2019
KB4480977Resolved
KB4487006February 19, 2019
02:00 PM PT +
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >OS Build 14393.2848

March 12, 2019
KB4489882Resolved
KB4493473April 25, 2019
02:00 PM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >OS Build 14393.2724

January 08, 2019
KB4480961Resolved
KB4487026February 12, 2019
10:00 AM PT +
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >OS Build 14393.2791

February 12, 2019
KB4487026Resolved
KB4487006February 19, 2019
02:00 PM PT +
Issue hosting multiple terminal server sessions and a user logs off on Windows Server
In some cases, Windows Server will stop working and restart when hosting multiple terminal server sessions and a user logs off.

See details >OS Build 14393.2828

February 19, 2019
KB4487006Resolved
KB4489882March 12, 2019
10:00 AM PT
Instant search in Microsoft Outlook fails on Windows Server 2016
Instant search in Microsoft Outlook clients fail with the error, \"Outlook cannot perform the search\" on Windows Server 2016.

See details >OS Build 14393.2639

November 27, 2018
KB4467684Resolved
KB4487026February 12, 2019
10:00 AM PT " @@ -104,8 +104,8 @@ sections: text: " - +
DetailsOriginating updateStatusHistory
Issue using PXE to start a device from WDS
After installing KB4489882, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4503267.

Back to top		OS Build 14393.2848

March 12, 2019
KB4489882		Resolved
KB4503267		Resolved:
June 11, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
After installing KB4489882, Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493473

Back to top		OS Build 14393.2848

March 12, 2019
KB4489882		Resolved
KB4493473		Resolved:
April 25, 2019
02:00 PM PT

Opened:
March 12, 2019
10:00 AM PT
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493470.

Back to top		OS Build 14393.2879

March 19, 2019
KB4489889		Resolved
KB4493470		Resolved:
April 09, 2019
10:00 AM PT

Opened:
March 19, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
After installing KB4489882, Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493473

Back to top		OS Build 14393.2848

March 12, 2019
KB4489882		Resolved
KB4493473		Resolved:
April 25, 2019
02:00 PM PT

Opened:
March 12, 2019
10:00 AM PT
" @@ -115,10 +115,10 @@ sections: text: " - - + +
DetailsOriginating updateStatusHistory
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. 
 
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. 
 
Affected platforms:  
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493470

Back to top		OS Build 14393.2791

February 12, 2019
KB4487026		Resolved
KB4493470		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Issue hosting multiple terminal server sessions and a user logs off on Windows Server
In some cases, Windows Server will stop working and restart when hosting multiple terminal server sessions and a user logs off. The faulting driver is win32kbase.sys.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Resolution: This issue is resolved in KB4489882.

Back to top		OS Build 14393.2828

February 19, 2019
KB4487006		Resolved
KB4489882		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 19, 2019
02:00 PM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4487026, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489882.

Back to top		OS Build 14393.2791

February 12, 2019
KB4487026		Resolved
KB4489882		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487006.

Back to top		OS Build 14393.2791

February 12, 2019
KB4487026		Resolved
KB4487006		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
After installing KB4487026, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4487006.

Back to top		OS Build 14393.2791

February 12, 2019
KB4487026		Resolved
KB4487006		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487006.

Back to top		OS Build 14393.2791

February 12, 2019
KB4487026		Resolved
KB4487006		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Issue hosting multiple terminal server sessions and a user logs off on Windows Server
In some cases, Windows Server will stop working and restart when hosting multiple terminal server sessions and a user logs off. The faulting driver is win32kbase.sys.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Resolution: This issue is resolved in KB4489882.

Back to top		OS Build 14393.2828

February 19, 2019
KB4487006		Resolved
KB4489882		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 19, 2019
02:00 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1703.yml b/windows/release-information/resolved-issues-windows-10-1703.yml index 30427c2a53..b87928c05d 100644 --- a/windows/release-information/resolved-issues-windows-10-1703.yml +++ b/windows/release-information/resolved-issues-windows-10-1703.yml @@ -38,15 +38,15 @@ sections:
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

See details >OS Build 15063.1839

May 28, 2019
KB4499162Resolved
KB4503279June 11, 2019
10:00 AM PT
Unable to access some gov.uk websites
gov.uk websites that don’t support “HSTS” may not be accessible

See details >OS Build 15063.1805

May 14, 2019
KB4499181Resolved
KB4505055May 19, 2019
02:00 PM PT
Layout and cell size of Excel sheets may change when using MS UI Gothic
When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel.

See details >OS Build 15063.1784

April 25, 2019
KB4493436Resolved
KB4499181May 14, 2019
10:00 AM PT -
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >OS Build 15063.1689

March 12, 2019
KB4489871Resolved
KB4493436April 25, 2019
02:00 PM PT +
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >OS Build 15063.1631

February 12, 2019
KB4487020Resolved
KB4493474April 09, 2019
10:00 AM PT
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.

See details >OS Build 15063.1716

March 19, 2019
KB4489888Resolved
KB4493474April 09, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 15063.1563

January 08, 2019
KB4480973Resolved
KB4493474April 09, 2019
10:00 AM PT -
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >OS Build 15063.1631

February 12, 2019
KB4487020Resolved
KB4493474April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >OS Build 15063.1659

February 19, 2019
KB4487011Resolved
KB4489871March 12, 2019
10:00 AM PT -
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 15063.1596

January 15, 2019
KB4480959Resolved
KB4487011February 19, 2019
02:00 PM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >OS Build 15063.1631

February 12, 2019
KB4487020Resolved
KB4487011February 19, 2019
02:00 PM PT -
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >OS Build 15063.1631

February 12, 2019
KB4487020Resolved
KB4487011February 19, 2019
02:00 PM PT +
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 15063.1596

January 15, 2019
KB4480959Resolved
KB4487011February 19, 2019
02:00 PM PT +
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >OS Build 15063.1689

March 12, 2019
KB4489871Resolved
KB4493436April 25, 2019
02:00 PM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >OS Build 15063.1563

January 08, 2019
KB4480973Resolved
KB4487020February 12, 2019
10:00 AM PT +
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >OS Build 15063.1631

February 12, 2019
KB4487020Resolved
KB4487011February 19, 2019
02:00 PM PT
Webpages become unresponsive in Microsoft Edge
Microsoft Edge users report difficulty browsing and loading webpages.

See details >OS Build 15063.1563

January 08, 2019
KB4480973Resolved
KB4487020February 12, 2019
10:00 AM PT " @@ -85,8 +85,8 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Custom URI schemes may not start corresponding application
After installing KB4489871, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493436

Back to top		OS Build 15063.1689

March 12, 2019
KB4489871		Resolved
KB4493436		Resolved:
April 25, 2019
02:00 PM PT

Opened:
March 12, 2019
10:00 AM PT
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493474.

Back to top		OS Build 15063.1716

March 19, 2019
KB4489888		Resolved
KB4493474		Resolved:
April 09, 2019
10:00 AM PT

Opened:
March 19, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
After installing KB4489871, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493436

Back to top		OS Build 15063.1689

March 12, 2019
KB4489871		Resolved
KB4493436		Resolved:
April 25, 2019
02:00 PM PT

Opened:
March 12, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1709.yml b/windows/release-information/resolved-issues-windows-10-1709.yml index b80a28eec7..cd92b2d492 100644 --- a/windows/release-information/resolved-issues-windows-10-1709.yml +++ b/windows/release-information/resolved-issues-windows-10-1709.yml @@ -39,16 +39,16 @@ sections:
Layout and cell size of Excel sheets may change when using MS UI Gothic
When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel.

See details >OS Build 16299.1127

April 25, 2019
KB4493440Resolved
KB4499179May 14, 2019
10:00 AM PT
Zone transfers over TCP may fail
Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.

See details >OS Build 16299.1127

April 25, 2019
KB4493440Resolved
KB4499179May 14, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >OS Build 16299.1029

March 12, 2019
KB4489886Resolved
KB4493440April 25, 2019
02:00 PM PT +
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >OS Build 16299.967

February 12, 2019
KB4486996Resolved
KB4493441April 09, 2019
10:00 AM PT
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.

See details >OS Build 16299.1059

March 19, 2019
KB4489890Resolved
KB4493441April 09, 2019
10:00 AM PT
MSXML6 causes applications to stop responding if an exception was thrown
MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 16299.904

January 08, 2019
KB4480978Resolved
KB4493441April 09, 2019
10:00 AM PT -
Stop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.

See details >OS Build 16299.1029

March 12, 2019
KB4489886Resolved
KB4493441April 09, 2019
10:00 AM PT -
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >OS Build 16299.967

February 12, 2019
KB4486996Resolved
KB4493441April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >OS Build 16299.967

February 12, 2019
KB4486996Resolved
KB4489886March 12, 2019
10:00 AM PT -
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >OS Build 16299.967

February 12, 2019
KB4486996Resolved
KB4487021February 19, 2019
02:00 PM PT -
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 16299.936

January 15, 2019
KB4480967Resolved
KB4487021February 19, 2019
02:00 PM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >OS Build 16299.967

February 12, 2019
KB4486996Resolved
KB4487021February 19, 2019
02:00 PM PT +
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 16299.936

January 15, 2019
KB4480967Resolved
KB4487021February 19, 2019
02:00 PM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >OS Build 16299.904

January 08, 2019
KB4480978Resolved
KB4486996February 12, 2019
10:00 AM PT +
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >OS Build 16299.967

February 12, 2019
KB4486996Resolved
KB4487021February 19, 2019
02:00 PM PT
Webpages become unresponsive in Microsoft Edge
Microsoft Edge users report difficulty browsing and loading webpages.

See details >OS Build 16299.904

January 08, 2019
KB4480978Resolved
KB4486996February 12, 2019
10:00 AM PT +
Stop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.

See details >OS Build 16299.1029

March 12, 2019
KB4489886Resolved
KB4493441April 09, 2019
10:00 AM PT " @@ -107,8 +107,8 @@ sections: - +
DetailsOriginating updateStatusHistory
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. 
 
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. 
 
Affected platforms:  
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493441

Back to top		OS Build 16299.967

February 12, 2019
KB4486996		Resolved
KB4493441		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4486996, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489886.

Back to top		OS Build 16299.967

February 12, 2019
KB4486996		Resolved
KB4489886		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487021.

Back to top		OS Build 16299.967

February 12, 2019
KB4486996		Resolved
KB4487021		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
After installing KB4486996, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4487021.

Back to top		OS Build 16299.967

February 12, 2019
KB4486996		Resolved
KB4487021		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487021.

Back to top		OS Build 16299.967

February 12, 2019
KB4486996		Resolved
KB4487021		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1803.yml b/windows/release-information/resolved-issues-windows-10-1803.yml index 3353facc94..7174542746 100644 --- a/windows/release-information/resolved-issues-windows-10-1803.yml +++ b/windows/release-information/resolved-issues-windows-10-1803.yml @@ -38,17 +38,17 @@ sections:
Unable to access some gov.uk websites
gov.uk websites that don’t support “HSTS” may not be accessible

See details >OS Build 17134.765

May 14, 2019
KB4499167Resolved
KB4505064May 19, 2019
02:00 PM PT
Layout and cell size of Excel sheets may change when using MS UI Gothic
When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel.

See details >OS Build 17134.753

April 25, 2019
KB4493437Resolved
KB4499167May 14, 2019
10:00 AM PT
Zone transfers over TCP may fail
Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.

See details >OS Build 17134.753

April 25, 2019
KB4493437Resolved
KB4499167May 14, 2019
10:00 AM PT -
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >OS Build 17134.648

March 12, 2019
KB4489868Resolved
KB4493437April 25, 2019
02:00 PM PT -
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.

See details >OS Build 17134.677

March 19, 2019
KB4489894Resolved
KB4493464April 09, 2019
10:00 AM PT -
First character of the Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 17134.556

January 15, 2019
KB4480976Resolved
KB4487029February 19, 2019
02:00 PM PT -
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 17134.523

January 08, 2019
KB4480966Resolved
KB4493464April 09, 2019
10:00 AM PT -
Stop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.

See details >OS Build 17134.648

March 12, 2019
KB4489868Resolved
KB4493464April 09, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >OS Build 17134.590

February 12, 2019
KB4487017Resolved
KB4493464April 09, 2019
10:00 AM PT +
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.

See details >OS Build 17134.677

March 19, 2019
KB4489894Resolved
KB4493464April 09, 2019
10:00 AM PT +
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 17134.523

January 08, 2019
KB4480966Resolved
KB4493464April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.

See details >OS Build 17134.590

February 12, 2019
KB4487017Resolved
KB4489868March 12, 2019
10:00 AM PT -
Cannot pin a web link on the Start menu or the taskbar
Some users cannot pin a web link on the Start menu or the taskbar.

See details >OS Build 17134.471

December 11, 2018
KB4471324Resolved
KB4487029February 19, 2019
02:00 PM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >OS Build 17134.590

February 12, 2019
KB4487017Resolved
KB4487029February 19, 2019
02:00 PM PT +
First character of the Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 17134.556

January 15, 2019
KB4480976Resolved
KB4487029February 19, 2019
02:00 PM PT +
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >OS Build 17134.648

March 12, 2019
KB4489868Resolved
KB4493437April 25, 2019
02:00 PM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >OS Build 17134.523

January 08, 2019
KB4480966Resolved
KB4487017February 12, 2019
10:00 AM PT +
Cannot pin a web link on the Start menu or the taskbar
Some users cannot pin a web link on the Start menu or the taskbar.

See details >OS Build 17134.471

December 11, 2018
KB4471324Resolved
KB4487029February 19, 2019
02:00 PM PT
Webpages become unresponsive in Microsoft Edge
Microsoft Edge users report difficulty browsing and loading webpages.

See details >OS Build 17134.523

January 08, 2019
KB4480966Resolved
KB4487017February 12, 2019
10:00 AM PT +
Stop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.

See details >OS Build 17134.648

March 12, 2019
KB4489868Resolved
KB4493464April 09, 2019
10:00 AM PT " @@ -94,8 +94,8 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Custom URI schemes may not start corresponding application
After installing KB4489868, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493437

Back to top		OS Build 17134.648

March 12, 2019
KB4489868		Resolved
KB4493437		Resolved:
April 25, 2019
02:00 PM PT

Opened:
March 12, 2019
10:00 AM PT
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493464

Back to top		OS Build 17134.677

March 19, 2019
KB4489894		Resolved
KB4493464		Resolved:
April 09, 2019
10:00 AM PT

Opened:
March 19, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
After installing KB4489868, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493437

Back to top		OS Build 17134.648

March 12, 2019
KB4489868		Resolved
KB4493437		Resolved:
April 25, 2019
02:00 PM PT

Opened:
March 12, 2019
10:00 AM PT
Stop error when attempting to start SSH from WSL
After applying KB4489868, a stop error occurs when attempting to start the Secure Shell (SSH) client program from Windows Subsystem for Linux (WSL) with agent forwarding enabled using a command line switch (ssh -A) or a configuration setting.

Affected platforms:
  • Client: Windows 10, version 1803; Windows 10, version 1709
  • Server: Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue was resolved in KB4493464.

Back to top		OS Build 17134.648

March 12, 2019
KB4489868		Resolved
KB4493464		Resolved:
April 09, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
" @@ -116,8 +116,8 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
First character of the Japanese era name not recognized
After installing KB4480976, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487029

Back to top		OS Build 17134.556

January 15, 2019
KB4480976		Resolved
KB4487029		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
After installing KB4480966, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493464

Back to top		OS Build 17134.523

January 08, 2019
KB4480966		Resolved
KB4493464		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
First character of the Japanese era name not recognized
After installing KB4480976, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487029

Back to top		OS Build 17134.556

January 15, 2019
KB4480976		Resolved
KB4487029		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487017.

Back to top		OS Build 17134.523

January 08, 2019
KB4480966		Resolved
KB4487017		Resolved:
February 12, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Webpages become unresponsive in Microsoft Edge
After installing KB4480966, some Microsoft Edge users report that they: 
  • Cannot load web pages using a local IP address. 
  • Cannot load web pages on the Internet using a VPN connection.  
Browsing fails or the web page may become unresponsive. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue is resolved in KB4487017

Back to top		OS Build 17134.523

January 08, 2019
KB4480966		Resolved
KB4487017		Resolved:
February 12, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml index 50ed0c88b7..c8dd852476 100644 --- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml @@ -40,28 +40,28 @@ sections:
Issue using PXE to start a device from WDS
Using PXE to start a device from a WDS server configured to use Variable Window Extension may cause the connection to the WDS server to terminate prematurely.

See details >OS Build 17763.379

March 12, 2019
KB4489899Resolved
KB4503327June 11, 2019
10:00 AM PT
Audio not working on monitors or TV connected to a PC via HDMI, USB, or DisplayPort
Upgrade block: Microsoft has identified issues with certain new Intel display drivers, which accidentally turn on unsupported features in Windows.

See details >OS Build 17763.134

November 13, 2018
KB4467708Resolved
May 21, 2019
07:42 AM PT
Unable to access some gov.uk websites
gov.uk websites that don’t support “HSTS” may not be accessible

See details >OS Build 17763.503

May 14, 2019
KB4494441Resolved
KB4505056May 19, 2019
02:00 PM PT -
Windows 10, version 1809 update history may show an update installed twice
Some customers are reporting that KB4494441 installed twice on their device

See details >OS Build 17763.503

May 14, 2019
KB4494441Resolved
May 16, 2019
02:37 PM PT
Layout and cell size of Excel sheets may change when using MS UI Gothic
When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel.

See details >OS Build 17763.475

May 03, 2019
KB4495667Resolved
KB4494441May 14, 2019
10:00 AM PT +
Windows 10, version 1809 update history may show an update installed twice
Some customers are reporting that KB4494441 installed twice on their device

See details >OS Build 17763.503

May 14, 2019
KB4494441Resolved
May 16, 2019
02:37 PM PT
Zone transfers over TCP may fail
Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.

See details >OS Build 17763.475

May 03, 2019
KB4495667Resolved
KB4494441May 14, 2019
10:00 AM PT
Latest cumulative update (KB 4495667) installs automatically
Reports that the optional cumulative update (KB 4495667) installs automatically.

See details >OS Build 17763.475

May 03, 2019
KB4495667Resolved
May 08, 2019
03:37 PM PT
System may be unresponsive after restart if ArcaBit antivirus software installed
After further investigation ArcaBit has confirmed this issue is not applicable to Windows 10, version 1809

See details >OS Build 17763.437

April 09, 2019
KB4493509Resolved
May 08, 2019
03:30 PM PT
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >OS Build 17763.379

March 12, 2019
KB4489899Resolved
KB4495667May 03, 2019
10:00 AM PT -
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.

See details >OS Build 17763.404

April 02, 2019
KB4490481Resolved
KB4493509April 09, 2019
10:00 AM PT -
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >OS Build 17763.253

January 08, 2019
KB4480116Resolved
KB4493509April 09, 2019
10:00 AM PT -
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 17763.253

January 08, 2019
KB4480116Resolved
KB4493509April 09, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >OS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4493509April 09, 2019
10:00 AM PT -
Apps may stop working after selecting an audio output device other than the default
Users with multiple audio devices that select an audio output device different from the \"Default Audio Device\" may find certain applications stop working unexpectedly.

See details >OS Build 17763.348

March 01, 2019
KB4482887Resolved
KB4490481April 02, 2019
10:00 AM PT +
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >OS Build 17763.253

January 08, 2019
KB4480116Resolved
KB4493509April 09, 2019
10:00 AM PT +
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.

See details >OS Build 17763.404

April 02, 2019
KB4490481Resolved
KB4493509April 09, 2019
10:00 AM PT +
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 17763.253

January 08, 2019
KB4480116Resolved
KB4493509April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.

See details >OS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4489899March 12, 2019
10:00 AM PT -
Global DNS outage affects Windows Update customers
Windows Update customers were recently affected by a network infrastructure event caused by an external DNS service provider's global outage.

See details >N/A

Resolved
March 08, 2019
11:15 AM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >OS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4482887March 01, 2019
10:00 AM PT -
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 9 file format may randomly stop working.

See details >OS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4482887March 01, 2019
10:00 AM PT
First character of the Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4482887March 01, 2019
10:00 AM PT +
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 9 file format may randomly stop working.

See details >OS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4482887March 01, 2019
10:00 AM PT +
Issues with lock screen and Microsoft Edge tabs for certain AMD Radeon video cards
Upgrade block: Devices utilizing AMD Radeon HD2000 or HD4000 series video cards may experience issues with the lock screen and Microsoft Edge tabs.

See details >OS Build 17763.134

November 13, 2018
KB4467708Resolved
KB4487044February 12, 2019
10:00 AM PT +
Trend Micro OfficeScan and Worry-Free Business Security AV software not compatible
Upgrade block: Microsoft and Trend Micro identified a compatibility issue with the Trend Micro business endpoint security solutions OfficeScan and Worry-Free Business Security.

See details >OS Build 17763.134

November 13, 2018
KB4467708Resolved
February 01, 2019
09:00 AM PT
Shared albums may not sync with iCloud for Windows
Upgrade block: Apple has identified an incompatibility with iCloud for Windows (version 7.7.0.27) where users may experience issues updating or synching Shared Albums.

See details >OS Build 17763.134

November 13, 2018
KB4467708Resolved
KB4482887March 01, 2019
10:00 AM PT
Intel Audio Display (intcdaud.sys) notification during Windows 10 Setup
Upgrade block: Users may see an Intel Audio Display (intcdaud.sys) notification during setup for devices with certain Intel Display Audio Drivers.

See details >OS Build 17763.134

November 13, 2018
KB4467708Resolved
KB4482887March 01, 2019
10:00 AM PT
F5 VPN clients losing network connectivity
Upgrade block: After updating to Windows 10, version 1809, F5 VPN clients may lose network connectivity when the VPN service is in a split tunnel configuration.

See details >OS Build 17763.134

November 13, 2018
KB4467708Resolved
KB4482887March 01, 2019
10:00 AM PT +
Global DNS outage affects Windows Update customers
Windows Update customers were recently affected by a network infrastructure event caused by an external DNS service provider's global outage.

See details >N/A

Resolved
March 08, 2019
11:15 AM PT +
Apps may stop working after selecting an audio output device other than the default
Users with multiple audio devices that select an audio output device different from the \"Default Audio Device\" may find certain applications stop working unexpectedly.

See details >OS Build 17763.348

March 01, 2019
KB4482887Resolved
KB4490481April 02, 2019
10:00 AM PT
Webpages become unresponsive in Microsoft Edge
Microsoft Edge users report difficulty browsing and loading webpages.

See details >OS Build 17763.253

January 08, 2019
KB4480116Resolved
KB4487044February 12, 2019
10:00 AM PT -
Issues with lock screen and Microsoft Edge tabs for certain AMD Radeon video cards
Upgrade block: Devices utilizing AMD Radeon HD2000 or HD4000 series video cards may experience issues with the lock screen and Microsoft Edge tabs.

See details >OS Build 17763.134

November 13, 2018
KB4467708Resolved
KB4487044February 12, 2019
10:00 AM PT -
Trend Micro OfficeScan and Worry-Free Business Security AV software not compatible
Upgrade block: Microsoft and Trend Micro identified a compatibility issue with the Trend Micro business endpoint security solutions OfficeScan and Worry-Free Business Security.

See details >OS Build 17763.134

November 13, 2018
KB4467708Resolved
February 01, 2019
09:00 AM PT " @@ -91,8 +91,8 @@ sections: - +
DetailsOriginating updateStatusHistory
Printing from Microsoft Edge or other UWP apps may result in the error 0x80070007
When attempting to print from Microsoft Edge or other Universal Windows Platform (UWP) applications you may receive the error, \"Your printer has experienced an unexpected configuration problem. 0x80070007e.\"
 
Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4501371

Back to top		OS Build 17763.379

March 12, 2019
KB4489899		Resolved
KB4501371		Resolved:
June 18, 2019
02:00 PM PT

Opened:
May 02, 2019
04:47 PM PT
Unable to access some gov.uk websites
After installing the May 14, 2019 update, some gov.uk websites that don’t support HTTP Strict Transport Security (HSTS) may not be accessible through Internet Explorer 11 or Microsoft Edge.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10, version 1507; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolved: We have released an \"out-of-band\" update for Windows 10 (KB4505056) to resolve this issue.

  • UK customers: This update will be applied automatically to resolve this issue. You may be required to restart your device again. If you are affected by this issue, Check for updates to apply the update immediately.
  • Customers outside of the UK: This update will not be applied automatically. If you are affected by this issue, we recommend you apply this update by installing KB4505056 from Windows Update and then restarting your device.
To download and install this update, go to Settings > Update & Security > Windows Update and select Check for updates. To get the standalone package for KB4505056, search for it in the Microsoft Update Catalog.
 

Back to top		OS Build 17763.503

May 14, 2019
KB4494441		Resolved
KB4505056		Resolved:
May 19, 2019
02:00 PM PT

Opened:
May 16, 2019
01:57 PM PT
Windows 10, version 1809 update history may show an update installed twice
Affected platforms:
  • Client: Windows 10, version 1809
Cause:
In certain situations, installing an update requires multiple download and restart steps. In cases where two intermediate steps of the installation complete successfully, the View your Update history page will report that installation completed successfully twice. 

Resolution:
No action is required on your part. The update installation may take longer and may require more than one restart, but will install successfully after all intermediate installation steps have completed. We are working on improving this update experience to ensure the Update history correctly reflects the installation of the latest cumulative update (LCU).

Back to top		OS Build 17763.503

May 14, 2019
KB4494441		Resolved
Resolved:
May 16, 2019
02:37 PM PT

Opened:
May 14, 2019
02:56 PM PT
Layout and cell size of Excel sheets may change when using MS UI Gothic
When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel. For example, the layout and cell size of Microsoft Excel sheets may change when using MS UI Gothic.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue has been resolved.

Back to top		OS Build 17763.475

May 03, 2019
KB4495667		Resolved
KB4494441		Resolved:
May 14, 2019
10:00 AM PT

Opened:
May 10, 2019
10:35 AM PT
Windows 10, version 1809 update history may show an update installed twice
Affected platforms:
  • Client: Windows 10, version 1809
Cause:
In certain situations, installing an update requires multiple download and restart steps. In cases where two intermediate steps of the installation complete successfully, the View your Update history page will report that installation completed successfully twice. 

Resolution:
No action is required on your part. The update installation may take longer and may require more than one restart, but will install successfully after all intermediate installation steps have completed. We are working on improving this update experience to ensure the Update history correctly reflects the installation of the latest cumulative update (LCU).

Back to top		OS Build 17763.503

May 14, 2019
KB4494441		Resolved
Resolved:
May 16, 2019
02:37 PM PT

Opened:
May 14, 2019
02:56 PM PT
Zone transfers over TCP may fail
Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail after installing KB4495667
 
Affected platforms:  
  • Client: Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016 
  • Server: Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016 
Resolution: This issue was resolved in KB4494441.

Back to top		OS Build 17763.475

May 03, 2019
KB4495667		Resolved
KB4494441		Resolved:
May 14, 2019
10:00 AM PT

Opened:
May 14, 2019
01:19 PM PT
Latest cumulative update (KB 4495667) installs automatically
Due to a servicing side issue some users were offered KB4495667 (optional update) automatically and rebooted devices. This issue has been mitigated.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
Resolution:: This issue has been mitigated on the servicing side to prevent auto installing of this update. Customers do not need to take any action.

Back to top		OS Build 17763.475

May 03, 2019
KB4495667		Resolved
Resolved:
May 08, 2019
03:37 PM PT

Opened:
May 05, 2019
12:01 PM PT
@@ -127,8 +127,8 @@ sections:
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. 
 
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. 
 
Affected platforms:  
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1  
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2  
Resolution: This issue is resolved in KB4493509.  

Back to topOS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4493509Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4487044, users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489899

Back to topOS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4489899Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
After installing KB4487044, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4482887.

Back to topOS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4482887Resolved:
March 01, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT -
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4482887.

Back to topOS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4482887Resolved:
March 01, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
First character of the Japanese era name not recognized
After installing KB4487044, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4482887

Back to topOS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4482887Resolved:
March 01, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT +
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4482887.

Back to topOS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4482887Resolved:
March 01, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT " @@ -150,10 +150,10 @@ sections: text: " + + - -
DetailsOriginating updateStatusHistory
Audio not working on monitors or TV connected to a PC via HDMI, USB, or DisplayPort
Upgrade block: Microsoft has identified issues with certain new Intel display drivers. Intel inadvertently released versions of its display driver (versions 24.20.100.6344, 24.20.100.6345) to OEMs that accidentally turned on unsupported features in Windows. 
 
As a result, after updating to Windows 10, version 1809, audio playback from a monitor or television connected to a PC via HDMI, USB-C, or a DisplayPort may not function correctly on devices with these drivers.
Note: This Intel display driver issue is different from the Intel Smart Sound Technology driver (version 09.21.00.3755) audio issue previously documented.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019 
Next steps: Intel has released updated drivers to OEM device manufacturers. OEMs need to make the updated driver available via Windows Update. For more information, see the Intel Customer Support article.

Resolution: Microsoft has removed the safeguard hold.



Back to top		OS Build 17763.134

November 13, 2018
KB4467708		Resolved
Resolved:
May 21, 2019
07:42 AM PT

Opened:
November 13, 2018
10:00 AM PT
Issues with lock screen and Microsoft Edge tabs for certain AMD Radeon video cards
Note: AMD no longer supports Radeon HD2000 and HD4000 series graphic processor units (GPUs).
 
Upgrade block: After updating to Windows 10, version 1809, Microsoft Edge tabs may stop working when a device is configured with AMD Radeon HD2000 or HD4000 series video cards. Customers may get the following error code: \"INVALID_POINTER_READ_c0000005_atidxx64.dll\". 
 
Some users may also experience performance issues with the lock screen or the ShellExperienceHost. (The lock screen hosts widgets, and the ShellExperienceHost is responsible for assorted shell functionality.) 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4487044, and the block was removed.

Back to top		OS Build 17763.134

November 13, 2018
KB4467708		Resolved
KB4487044		Resolved:
February 12, 2019
10:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
Trend Micro OfficeScan and Worry-Free Business Security AV software not compatible
Upgrade block: Microsoft and Trend Micro have identified a compatibility issue with Trend Micro's OfficeScan and Worry-Free Business Security software when attempting to update to Windows 10, version 1809.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019 
Resolution: Trend Micro has released a new version of these products that resolves the issue. To download them, please visit the Trend Micro Business Support Portal.

Once you have updated your version of Trend Micro's OfficeScan or Worry-Free Business Security software, you will be offered Windows 10, version 1809 automatically. 

Back to top		OS Build 17763.134

November 13, 2018
KB4467708		Resolved
Resolved:
February 01, 2019
09:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
Shared albums may not sync with iCloud for Windows
Upgrade block: Users who attempt to install iCloud for Windows (version 7.7.0.27) will see a message displayed that this version iCloud for Windows isn't supported and the install will fail.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
To ensure a seamless experience, Microsoft is blocking devices with iCloud for Windows (version 7.7.0.27) software installed from being offered Windows 10, version 1809 until this issue has been resolved. 

We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool from the Microsoft software download website until this issue is resolved. 
 
Resolution: Apple has released an updated version of iCloud for Windows (version 7.8.1) that resolves compatibility issues encountered when updating or synching Shared Albums after updating to Windows 10, version 1809. We recommend that you update your iCloud for Windows to version 7.8.1 when prompted before attempting to upgrade to Windows 10, version 1809. You can also manually download the latest version of iCloud for Windows by visiting https://support.apple.com/HT204283.

Back to top		OS Build 17763.134

November 13, 2018
KB4467708		Resolved
KB4482887		Resolved:
March 01, 2019
10:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
Intel Audio Display (intcdaud.sys) notification during Windows 10 Setup
Upgrade block: Microsoft and Intel have identified a compatibility issue with a range of Intel Display Audio device drivers (intcdaud.sys, versions 10.25.0.3 - 10.25.0.8) that may result in excessive processor demand and reduced battery life. As a result, the update process to the Windows 10 October 2018 Update (Windows 10, version 1809) will fail and affected devices will automatically revert to the previous working configuration. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
If you see a \"What needs your attention\" notification during installation of the October 2018 Update, you have one of these affected drivers on your system. On the notification, click Back to remain on your current version of Windows 10. 
 
To ensure a seamless experience, we are blocking devices from being offered the October 2018 Update until updated Intel device drivers are installed on your current operating system. We recommend that you do not attempt to manually update to Windows 10, version 1809, using the Update Now button or the Media Creation Tool from the Microsoft Software Download Center until newer Intel device drivers are available with the update. You can either wait for newer drivers to be installed automatically through Windows Update or check with your computer manufacturer for the latest device driver software availability and installation procedures. For more information about this issue, see Intel's customer support guidance.
 
Resolution: This issue was resolved in KB4482887 and the upgrade block removed. 

Back to top		OS Build 17763.134

November 13, 2018
KB4467708		Resolved
KB4482887		Resolved:
March 01, 2019
10:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
F5 VPN clients losing network connectivity
Upgrade block: After updating to Windows 10, version 1809, F5 VPN clients may lose network connectivity when the VPN service is in a split tunnel configuration.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4482887 and the upgrade block removed. 

Back to top		OS Build 17763.134

November 13, 2018
KB4467708		Resolved
KB4482887		Resolved:
March 01, 2019
10:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
Issues with lock screen and Microsoft Edge tabs for certain AMD Radeon video cards
Note: AMD no longer supports Radeon HD2000 and HD4000 series graphic processor units (GPUs).
 
Upgrade block: After updating to Windows 10, version 1809, Microsoft Edge tabs may stop working when a device is configured with AMD Radeon HD2000 or HD4000 series video cards. Customers may get the following error code: \"INVALID_POINTER_READ_c0000005_atidxx64.dll\". 
 
Some users may also experience performance issues with the lock screen or the ShellExperienceHost. (The lock screen hosts widgets, and the ShellExperienceHost is responsible for assorted shell functionality.) 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4487044, and the block was removed.

Back to top		OS Build 17763.134

November 13, 2018
KB4467708		Resolved
KB4487044		Resolved:
February 12, 2019
10:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
Trend Micro OfficeScan and Worry-Free Business Security AV software not compatible
Upgrade block: Microsoft and Trend Micro have identified a compatibility issue with Trend Micro's OfficeScan and Worry-Free Business Security software when attempting to update to Windows 10, version 1809.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019 
Resolution: Trend Micro has released a new version of these products that resolves the issue. To download them, please visit the Trend Micro Business Support Portal.

Once you have updated your version of Trend Micro's OfficeScan or Worry-Free Business Security software, you will be offered Windows 10, version 1809 automatically. 

Back to top		OS Build 17763.134

November 13, 2018
KB4467708		Resolved
Resolved:
February 01, 2019
09:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1903.yml b/windows/release-information/resolved-issues-windows-10-1903.yml index 6b4eeb59c5..e791545b58 100644 --- a/windows/release-information/resolved-issues-windows-10-1903.yml +++ b/windows/release-information/resolved-issues-windows-10-1903.yml @@ -33,13 +33,13 @@ sections: text: " - + - +
SummaryOriginating updateStatusDate resolved
Loss of functionality in Dynabook Smartphone Link app
After updating to Windows 10, version 1903, you may experience a loss of functionality when using the Dynabook Smartphone Link application.

See details >		OS Build 18362.116

May 20, 2019
KB4505057		Resolved
July 11, 2019
01:54 PM PT
Audio not working with Dolby Atmos headphones and home theater
Users may experience audio loss with Dolby Atmos headphones or Dolby Atmos home theater.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
July 11, 2019
01:53 PM PT
Error attempting to update with external USB device or memory card attached
PCs with an external USB device or SD memory card attached may get error: \"This PC can't be upgraded to Windows 10.\"

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
July 11, 2019
01:53 PM PT
Audio not working with Dolby Atmos headphones and home theater
Users may experience audio loss with Dolby Atmos headphones or Dolby Atmos home theater.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
July 11, 2019
01:53 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Resolved
KB4501375		June 27, 2019
10:00 AM PT
Duplicate folders and documents showing in user profile directory
If known folders (e.g. Desktop, Documents, or Pictures folders) are redirected, an empty folder with that same name may be created.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4497935		May 29, 2019
02:00 PM PT
Older versions of BattlEye anti-cheat software incompatible
Microsoft and BattlEye have identified a compatibility issue with some games that use older versions of BattlEye anti-cheat software.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
June 07, 2019
04:26 PM PT
AMD RAID driver incompatibility
Installation process may stop when trying to install Windows 10, version 1903 update on computers that run certain versions of AMD RAID drivers.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
June 06, 2019
11:06 AM PT
D3D applications and games may fail to enter full-screen mode on rotated displays
Some Direct3D (D3D) applications and games may fail to enter full-screen mode on rotated displays.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4497935		May 29, 2019
02:00 PM PT
AMD RAID driver incompatibility
Installation process may stop when trying to install Windows 10, version 1903 update on computers that run certain versions of AMD RAID drivers.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
June 06, 2019
11:06 AM PT
" @@ -65,11 +65,11 @@ sections: text: " - + - +
DetailsOriginating updateStatusHistory
Loss of functionality in Dynabook Smartphone Link app
Some users may experience a loss of functionality after updating to Windows 10, version 1903 when using the Dynabook Smartphone Link application on Windows devices. Loss of functionality may affect the display of phone numbers in the Call menu and the ability to answer phone calls on the Windows PC.

To safeguard your update experience, we have applied a compatibility hold on devices with Dynabook Smartphone Link from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 20, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:54 PM PT

Opened:
May 24, 2019
03:10 PM PT
Audio not working with Dolby Atmos headphones and home theater
After updating to Windows 10, version 1903, you may experience loss of audio with Dolby Atmos for home theater (free extension) or Dolby Atmos for headphones (paid extension) acquired through the Microsoft Store due to a licensing configuration error.
 
This occurs due to an issue with a Microsoft Store licensing component, where license holders are not able to connect to the Dolby Access app and enable Dolby Atmos extensions.
 
To safeguard your update experience, we have applied protective hold on devices from being offered Windows 10, version 1903 until this issue is resolved. This configuration error will not result in loss of access for the acquired license once the problem is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:53 PM PT

Opened:
May 21, 2019
07:16 AM PT
Error attempting to update with external USB device or memory card attached
If you have an external USB device or SD memory card attached when installing Windows 10, version 1903, you may get an error message stating \"This PC can't be upgraded to Windows 10.\" This is caused by inappropriate drive reassignment during installation.

Sample scenario: An update to Windows 10, version 1903 is attempted on a computer that has a thumb drive inserted into its USB port. Before the update, the thumb drive is mounted in the system as drive G based on the existing drive configuration. After the feature update is installed; however, the device is reassigned a different drive letter (e.g., drive H).

Note The drive reassignment is not limited to removable drives. Internal hard drives may also be affected.

To safeguard your update experience, we have applied a hold on devices with an external USB device or SD memory card attached from being offered Windows 10, version 1903 until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:53 PM PT

Opened:
May 21, 2019
07:38 AM PT
Audio not working with Dolby Atmos headphones and home theater
After updating to Windows 10, version 1903, you may experience loss of audio with Dolby Atmos for home theater (free extension) or Dolby Atmos for headphones (paid extension) acquired through the Microsoft Store due to a licensing configuration error.
 
This occurs due to an issue with a Microsoft Store licensing component, where license holders are not able to connect to the Dolby Access app and enable Dolby Atmos extensions.
 
To safeguard your update experience, we have applied protective hold on devices from being offered Windows 10, version 1903 until this issue is resolved. This configuration error will not result in loss of access for the acquired license once the problem is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:53 PM PT

Opened:
May 21, 2019
07:16 AM PT
Duplicate folders and documents showing in user profile directory
If you have redirected known folders (e.g. Desktop, Documents, or Pictures folders) you may see an empty folder with the same name in your %userprofile% directories after updating to Windows 10, version 1903. This may occur if known folders were redirected when you chose to back up your content to OneDrive using the OneDrive wizard, or if you chose to back up your content during the Windows Out-of-Box-Experience (OOBE). This may also occur if you redirected your known folders manually through the Properties dialog box in File Explorer. ?This issue does not cause any user files to be deleted and a solution is in progress.

To safeguard your update experience, we have applied a quality hold on devices with redirected known folders from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4497935 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.
(Posted June 11, 2019)

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4497935		Resolved:
May 29, 2019
02:00 PM PT

Opened:
May 21, 2019
07:16 AM PT
Older versions of BattlEye anti-cheat software incompatible
Microsoft and BattlEye have identified a compatibility issue with some games that use older versions of BattlEye anti-cheat software. When launching a game that uses an older, impacted version of BattlEye anti-cheat software on a device running Windows 10, version 1903, the device may experience a system crash.

To safeguard your gaming experience, we have applied a compatibility hold on devices with the impacted versions of BattlEye software used by games installed on your PC. This will prevent Windows 10, version 1903 from being offered until the incompatible version of BattlEye software is no longer installed on the device. 

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: Before updating your machine, we recommend you do one or more of the following:

  • Verify that your game is up to date with the latest available version of BattlEye software. Some game platforms allow you to validate your game files, which can confirm that your installation is fully up to date.
  • Restart your system and open the game again.
  • Uninstall BattlEye using https://www.battleye.com/downloads/UninstallBE.exe, and then reopen your game.
  • Uninstall and reinstall your game.
Resolution: This issue was resolved externally by BattlEye for all known impacted games. For a list of recent games that use BattlEye, go to https://www.battleye.com/. We recommend following the workaround before updating to Windows 10, version 1903, as games with incompatible versions of BattleEye may fail to open after updating Windows. If you have confirmed your game is up to date and you have any issues with opening games related to a BattlEye error, please see https://www.battleye.com/support/faq/.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
June 07, 2019
04:26 PM PT

Opened:
May 21, 2019
07:34 AM PT
AMD RAID driver incompatibility
Microsoft and AMD have identified an incompatibility with AMD RAID driver versions earlier than 9.2.0.105. When you attempt to install the Windows 10, version 1903 update on a Windows 10-based computer with an affected driver version, the installation process stops and you get a message like the following:

AMD Ryzen™ or AMD Ryzen™ Threadripper™ configured in SATA or NVMe RAID mode.

“A driver is installed that causes stability problems on Windows. This driver will be disabled. Check with your software/driver provider for an updated version that runs on this version of Windows.”

 
To safeguard your update experience, we have applied a compatibility hold on devices with these AMD drivers from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue has been resolved externally by AMD. To resolve this issue, you will need to download the latest AMD RAID drivers directly from AMD at https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399. The drivers must be version 9.2.0.105 or later. Install the drivers on the affected computer, and then restart the installation process for the Windows 10, version 1903 feature update.
 
Note The safeguard hold will remain in place on machines with the older AMD RAID drivers. We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
June 06, 2019
11:06 AM PT

Opened:
May 21, 2019
07:12 AM PT
D3D applications and games may fail to enter full-screen mode on rotated displays
Some Direct3D (D3D) applications and games (e.g., 3DMark) may fail to enter full-screen mode on displays where the display orientation has been changed from the default (e.g., a landscape display in portrait mode).

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Resolution: This issue was resolved in KB4497935

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4497935		Resolved:
May 29, 2019
02:00 PM PT

Opened:
May 21, 2019
07:05 AM PT
AMD RAID driver incompatibility
Microsoft and AMD have identified an incompatibility with AMD RAID driver versions earlier than 9.2.0.105. When you attempt to install the Windows 10, version 1903 update on a Windows 10-based computer with an affected driver version, the installation process stops and you get a message like the following:

AMD Ryzen™ or AMD Ryzen™ Threadripper™ configured in SATA or NVMe RAID mode.

“A driver is installed that causes stability problems on Windows. This driver will be disabled. Check with your software/driver provider for an updated version that runs on this version of Windows.”

 
To safeguard your update experience, we have applied a compatibility hold on devices with these AMD drivers from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue has been resolved externally by AMD. To resolve this issue, you will need to download the latest AMD RAID drivers directly from AMD at https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399. The drivers must be version 9.2.0.105 or later. Install the drivers on the affected computer, and then restart the installation process for the Windows 10, version 1903 feature update.
 
Note The safeguard hold will remain in place on machines with the older AMD RAID drivers. We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
June 06, 2019
11:06 AM PT

Opened:
May 21, 2019
07:12 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml index 1f8c14cf98..8d0678c091 100644 --- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml @@ -39,17 +39,17 @@ sections:
System unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.

See details >April 09, 2019
KB4493472Resolved
May 14, 2019
01:22 PM PT
System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.

See details >April 09, 2019
KB4493472Resolved
May 14, 2019
01:21 PM PT
Authentication may fail for services after the Kerberos ticket expires
Authentication may fail for services that require unconstrained delegation after the Kerberos ticket expires.

See details >March 12, 2019
KB4489878Resolved
KB4499164May 14, 2019
10:00 AM PT -
Devices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.

See details >April 09, 2019
KB4493472Resolved
April 25, 2019
02:00 PM PT -
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >January 08, 2019
KB4480970Resolved
KB4493472April 09, 2019
10:00 AM PT -
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >March 12, 2019
KB4489878Resolved
KB4493472April 09, 2019
10:00 AM PT -
NETDOM.EXE fails to run
NETDOM.EXE fails to run and the error, “The command failed to complete successfully.” appears on screen.

See details >March 12, 2019
KB4489878Resolved
KB4493472April 09, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >February 12, 2019
KB4486563Resolved
KB4493472April 09, 2019
10:00 AM PT +
Devices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.

See details >April 09, 2019
KB4493472Resolved
April 25, 2019
02:00 PM PT +
NETDOM.EXE fails to run
NETDOM.EXE fails to run and the error, “The command failed to complete successfully.” appears on screen.

See details >March 12, 2019
KB4489878Resolved
KB4493472April 09, 2019
10:00 AM PT +
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >March 12, 2019
KB4489878Resolved
KB4493472April 09, 2019
10:00 AM PT +
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >February 12, 2019
KB4486563Resolved
KB4486565February 19, 2019
02:00 PM PT +
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >February 12, 2019
KB4486563Resolved
KB4486565February 19, 2019
02:00 PM PT +
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >January 17, 2019
KB4480955Resolved
KB4486565February 19, 2019
02:00 PM PT +
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >January 08, 2019
KB4480970Resolved
KB4493472April 09, 2019
10:00 AM PT +
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >January 08, 2019
KB4480970Resolved
KB4486563February 12, 2019
10:00 AM PT
Event Viewer may not show some event descriptions for network interface cards
The Event Viewer may not show some event descriptions for network interface cards (NIC).

See details >October 18, 2018
KB4462927Resolved
KB4489878March 12, 2019
10:00 AM PT
Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.

See details >January 08, 2019
KB4480970Resolved
KB4490511February 19, 2019
02:00 PM PT -
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >January 17, 2019
KB4480955Resolved
KB4486565February 19, 2019
02:00 PM PT -
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >February 12, 2019
KB4486563Resolved
KB4486565February 19, 2019
02:00 PM PT -
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >February 12, 2019
KB4486563Resolved
KB4486565February 19, 2019
02:00 PM PT -
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >January 08, 2019
KB4480970Resolved
KB4486563February 12, 2019
10:00 AM PT " @@ -97,8 +97,8 @@ sections: text: " - +
DetailsOriginating updateStatusHistory
Authentication may fail for services after the Kerberos ticket expires
After installing KB4489878, some customers report that authentication fails for services that require unconstrained delegation after the Kerberos ticket expires (the default is 10 hours). For example, the SQL server service fails.

Affected platforms: 
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4499164.

Back to top		March 12, 2019
KB4489878		Resolved
KB4499164		Resolved:
May 14, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
After installing KB4489878, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1 
Resolution: This issue is resolved in KB4493472.

Back to top		March 12, 2019
KB4489878		Resolved
KB4493472		Resolved:
April 09, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
NETDOM.EXE fails to run
After installing KB4489878, NETDOM.EXE fails to run, and the on-screen error, “The command failed to complete successfully.” appears.

Affected platforms: 
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493472.

Back to top		March 12, 2019
KB4489878		Resolved
KB4493472		Resolved:
April 09, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
After installing KB4489878, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1 
Resolution: This issue is resolved in KB4493472.

Back to top		March 12, 2019
KB4489878		Resolved
KB4493472		Resolved:
April 09, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
" @@ -108,8 +108,8 @@ sections: text: " - +
DetailsOriginating updateStatusHistory
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. 
 
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. 
 
Affected platforms:  
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493472

Back to top		February 12, 2019
KB4486563		Resolved
KB4493472		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
After installing KB4486563, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1 
Resolution: This issue is resolved in KB4486565.

Back to top		February 12, 2019
KB4486563		Resolved
KB4486565		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4486565.

Back to top		February 12, 2019
KB4486563		Resolved
KB4486565		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
After installing KB4486563, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1 
Resolution: This issue is resolved in KB4486565.

Back to top		February 12, 2019
KB4486563		Resolved
KB4486565		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
" @@ -118,10 +118,10 @@ sections: - type: markdown text: " - - + +
DetailsOriginating updateStatusHistory
Internet Explorer 11 authentication issue with multiple concurrent logons
After installing KB4480970, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:
  • Cache size and location show zero or empty.
  • Keyboard shortcuts may not work properly.
  • Webpages may intermittently fail to load or render correctly.
  • Issues with credential prompts.
  • Issues when downloading files.
Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493472.

Back to top		January 08, 2019
KB4480970		Resolved
KB4493472		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Virtual machines fail to restore
After installing KB4480970, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”

This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.

Affected platforms: 
  • Client: Windows 8.1; Windows 7 SP1 
  • Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490511.

Back to top		January 08, 2019
KB4480970		Resolved
KB4490511		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
First character of the Japanese era name not recognized as an abbreviation
After installing KB4480955, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4486565.

Back to top		January 17, 2019
KB4480955		Resolved
KB4486565		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 17, 2019
10:00 AM PT
Internet Explorer 11 authentication issue with multiple concurrent logons
After installing KB4480970, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:
  • Cache size and location show zero or empty.
  • Keyboard shortcuts may not work properly.
  • Webpages may intermittently fail to load or render correctly.
  • Issues with credential prompts.
  • Issues when downloading files.
Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493472.

Back to top		January 08, 2019
KB4480970		Resolved
KB4493472		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, “Unrecognized Database Format”.

Affected Platforms:
  • Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 

Resolution: This issue is resolved in KB4486563.

Back to top		January 08, 2019
KB4480970		Resolved
KB4486563		Resolved:
February 12, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Virtual machines fail to restore
After installing KB4480970, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”

This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.

Affected platforms: 
  • Client: Windows 8.1; Windows 7 SP1 
  • Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490511.

Back to top		January 08, 2019
KB4480970		Resolved
KB4490511		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml index a4428a3d64..dc386260cc 100644 --- a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml @@ -40,16 +40,16 @@ sections:
System may be unresponsive after restart if ArcaBit antivirus software installed
Devices with ArcaBit antivirus software installed may become unresponsive upon restart.

See details >April 09, 2019
KB4493446Resolved
May 14, 2019
01:22 PM PT
System unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.

See details >April 09, 2019
KB4493446Resolved
May 14, 2019
01:22 PM PT
System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.

See details >April 09, 2019
KB4493446Resolved
May 14, 2019
01:21 PM PT -
Devices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.

See details >April 09, 2019
KB4493446Resolved
April 25, 2019
02:00 PM PT -
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >January 08, 2019
KB4480963Resolved
KB4493446April 09, 2019
10:00 AM PT -
MSXML6 may cause applications to stop responding.
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >January 08, 2019
KB4480963Resolved
KB4493446April 09, 2019
10:00 AM PT -
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >March 12, 2019
KB4489881Resolved
KB4493446April 09, 2019
10:00 AM PT -
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >February 12, 2019
KB4487000Resolved
KB4493446April 09, 2019
10:00 AM PT -
Devices with winsock kernel client may receive error
Devices with a winsock kernel client may receive D1, FC, and other errors.

See details >March 12, 2019
KB4489881Resolved
KB4489893March 19, 2019
10:00 AM PT -
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >February 19, 2019
KB4487016Resolved
KB4489881March 12, 2019
10:00 AM PT -
Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.

See details >January 08, 2019
KB4480963Resolved
KB4490512February 19, 2019
02:00 PM PT -
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >January 15, 2019
KB4480969Resolved
KB4487016February 19, 2019
02:00 PM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >February 12, 2019
KB4487000Resolved
KB4487016February 19, 2019
02:00 PM PT +
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >January 15, 2019
KB4480969Resolved
KB4487016February 19, 2019
02:00 PM PT +
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >February 12, 2019
KB4487000Resolved
KB4493446April 09, 2019
10:00 AM PT +
Devices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.

See details >April 09, 2019
KB4493446Resolved
April 25, 2019
02:00 PM PT +
Devices with winsock kernel client may receive error
Devices with a winsock kernel client may receive D1, FC, and other errors.

See details >March 12, 2019
KB4489881Resolved
KB4489893March 19, 2019
10:00 AM PT +
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >March 12, 2019
KB4489881Resolved
KB4493446April 09, 2019
10:00 AM PT +
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >February 19, 2019
KB4487016Resolved
KB4489881March 12, 2019
10:00 AM PT +
MSXML6 may cause applications to stop responding.
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >January 08, 2019
KB4480963Resolved
KB4493446April 09, 2019
10:00 AM PT +
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >January 08, 2019
KB4480963Resolved
KB4493446April 09, 2019
10:00 AM PT +
Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.

See details >January 08, 2019
KB4480963Resolved
KB4490512February 19, 2019
02:00 PM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >January 08, 2019
KB4480963Resolved
KB4487000February 12, 2019
10:00 AM PT " @@ -99,8 +99,8 @@ sections: text: " - +
DetailsOriginating updateStatusHistory
Issue using PXE to start a device from WDS
After installing KB4489881, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012 
Resolution: This issue was resolved in KB4503276.

Back to top		March 12, 2019
KB4489881		Resolved
KB4503276		Resolved:
June 11, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
After installing KB4489881, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1 
Resolution: This issue is resolved in KB4493446.

Back to top		March 12, 2019
KB4489881		Resolved
KB4493446		Resolved:
April 09, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
Devices with winsock kernel client may receive error
After installing KB4489881, devices with a winsock kernel client may receive D1, FC, and other errors. Additionally, systems that run the Skype for Business or Lync Server Edge Transport role may be affected by this issue.

Affected platforms: 
  • Client: Windows 8.1 
  • Server: Windows Server 2012 R2 
Resolution: This issue is resolved in KB4489893.

Back to top		March 12, 2019
KB4489881		Resolved
KB4489893		Resolved:
March 19, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
After installing KB4489881, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1 
Resolution: This issue is resolved in KB4493446.

Back to top		March 12, 2019
KB4489881		Resolved
KB4493446		Resolved:
April 09, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
" @@ -109,9 +109,9 @@ sections: - type: markdown text: " + -
DetailsOriginating updateStatusHistory
Internet Explorer may fail to load images
After installing KB4487000, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1 
Resolution: This issue is resolved in KB4487016.

Back to top		February 12, 2019
KB4487000		Resolved
KB4487016		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.

Affected platforms 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493446.

Back to top		February 12, 2019
KB4487000		Resolved
KB4493446		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4487016, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012 
Resolution: This issue is resolved in KB4489881.

Back to top		February 19, 2019
KB4487016		Resolved
KB4489881		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 19, 2019
02:00 PM PT
Internet Explorer may fail to load images
After installing KB4487000, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1 
Resolution: This issue is resolved in KB4487016.

Back to top		February 12, 2019
KB4487000		Resolved
KB4487016		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
" @@ -120,10 +120,10 @@ sections: - type: markdown text: " - - - + + +
DetailsOriginating updateStatusHistory
Internet Explorer 11 authentication issue with multiple concurrent logons
After installing KB4480963, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:
  • Cache size and location show zero or empty.
  • Keyboard shortcuts may not work properly.
  • Webpages may intermittently fail to load or render correctly.
  • Issues with credential prompts.
  • Issues when downloading files.
Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493446.

Back to top		January 08, 2019
KB4480963		Resolved
KB4493446		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding.
After installing KB4480963, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493446.

Back to top		January 08, 2019
KB4480963		Resolved
KB4493446		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Virtual machines fail to restore
After installing KB4480963, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”

This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.

Affected platforms: 
  • Client: Windows 8.1; Windows 7 SP1 
  • Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490512.

Back to top		January 08, 2019
KB4480963		Resolved
KB4490512		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
First character of the Japanese era name not recognized as an abbreviation
After installing KB4480969, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4487016.

Back to top		January 15, 2019
KB4480969		Resolved
KB4487016		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 15, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding.
After installing KB4480963, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493446.

Back to top		January 08, 2019
KB4480963		Resolved
KB4493446		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Internet Explorer 11 authentication issue with multiple concurrent logons
After installing KB4480963, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:
  • Cache size and location show zero or empty.
  • Keyboard shortcuts may not work properly.
  • Webpages may intermittently fail to load or render correctly.
  • Issues with credential prompts.
  • Issues when downloading files.
Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493446.

Back to top		January 08, 2019
KB4480963		Resolved
KB4493446		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Virtual machines fail to restore
After installing KB4480963, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”

This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.

Affected platforms: 
  • Client: Windows 8.1; Windows 7 SP1 
  • Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490512.

Back to top		January 08, 2019
KB4480963		Resolved
KB4490512		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, “Unrecognized Database Format”.

Affected platforms: 
  • Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4487000.

Back to top		January 08, 2019
KB4480963		Resolved
KB4487000		Resolved:
February 12, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml index 31be3e66fc..1a7ffb0d7a 100644 --- a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml +++ b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml @@ -36,11 +36,11 @@ sections:
System unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.

See details >April 09, 2019
KB4493471Resolved
May 14, 2019
01:21 PM PT
System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.

See details >April 09, 2019
KB4493471Resolved
May 14, 2019
01:19 PM PT
Authentication may fail for services after the Kerberos ticket expires
Authentication may fail for services that require unconstrained delegation after the Kerberos ticket expires.

See details >March 12, 2019
KB4489880Resolved
KB4499149May 14, 2019
10:00 AM PT -
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >February 12, 2019
KB4487023Resolved
KB4493471April 09, 2019
10:00 AM PT
NETDOM.EXE fails to run
NETDOM.EXE fails to run and the error, “The command failed to complete successfully.” appears on screen.

See details >March 12, 2019
KB4489880Resolved
KB4493471April 09, 2019
10:00 AM PT -
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >January 17, 2019
KB4480974Resolved
KB4489880March 12, 2019
10:00 AM PT -
Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.

See details >January 08, 2019
KB4480968Resolved
KB4490514February 19, 2019
02:00 PM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >February 12, 2019
KB4487023Resolved
KB4487022February 19, 2019
02:00 PM PT +
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >January 17, 2019
KB4480974Resolved
KB4489880March 12, 2019
10:00 AM PT +
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >February 12, 2019
KB4487023Resolved
KB4493471April 09, 2019
10:00 AM PT +
Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.

See details >January 08, 2019
KB4480968Resolved
KB4490514February 19, 2019
02:00 PM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >January 08, 2019
KB4480968Resolved
KB4487023February 12, 2019
10:00 AM PT " @@ -86,8 +86,8 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.

Affected platforms 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493471.

Back to top		February 12, 2019
KB4487023		Resolved
KB4493471		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487022.

Back to top		February 12, 2019
KB4487023		Resolved
KB4487022		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.

Affected platforms 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493471.

Back to top		February 12, 2019
KB4487023		Resolved
KB4493471		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-server-2012.yml b/windows/release-information/resolved-issues-windows-server-2012.yml index 678c8e0517..b46a4674bf 100644 --- a/windows/release-information/resolved-issues-windows-server-2012.yml +++ b/windows/release-information/resolved-issues-windows-server-2012.yml @@ -40,15 +40,15 @@ sections:
Layout and cell size of Excel sheets may change when using MS UI Gothic
When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel.

See details >April 25, 2019
KB4493462Resolved
KB4499171May 14, 2019
10:00 AM PT
System unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.

See details >April 09, 2019
KB4493451Resolved
May 14, 2019
01:21 PM PT
System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.

See details >April 09, 2019
KB4493451Resolved
May 14, 2019
01:19 PM PT +
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >February 12, 2019
KB4487025Resolved
KB4487024February 19, 2019
02:00 PM PT +
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >January 15, 2019
KB4480971Resolved
KB4487024February 19, 2019
02:00 PM PT +
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >February 12, 2019
KB4487025Resolved
KB4493451April 09, 2019
10:00 AM PT +
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >February 12, 2019
KB4487025Resolved
KB4489891March 12, 2019
10:00 AM PT
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >January 08, 2019
KB4480975Resolved
KB4493451April 09, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >January 08, 2019
KB4480975Resolved
KB4493451April 09, 2019
10:00 AM PT -
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >February 12, 2019
KB4487025Resolved
KB4493451April 09, 2019
10:00 AM PT -
Event Viewer may not show some event descriptions for network interface cards
The Event Viewer may not show some event descriptions for network interface cards (NIC).

See details >September 11, 2018
KB4457135Resolved
KB4489891March 12, 2019
10:00 AM PT -
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >February 12, 2019
KB4487025Resolved
KB4489891March 12, 2019
10:00 AM PT
Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.

See details >January 08, 2019
KB4480975Resolved
KB4490516February 19, 2019
02:00 PM PT -
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >January 15, 2019
KB4480971Resolved
KB4487024February 19, 2019
02:00 PM PT -
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >February 12, 2019
KB4487025Resolved
KB4487024February 19, 2019
02:00 PM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >January 08, 2019
KB4480975Resolved
KB4487025February 12, 2019
10:00 AM PT +
Event Viewer may not show some event descriptions for network interface cards
The Event Viewer may not show some event descriptions for network interface cards (NIC).

See details >September 11, 2018
KB4457135Resolved
KB4489891March 12, 2019
10:00 AM PT " @@ -104,9 +104,9 @@ sections: - type: markdown text: " + -
DetailsOriginating updateStatusHistory
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487024.

Back to top		February 12, 2019
KB4487025		Resolved
KB4487024		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.

Affected platforms 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493451.

Back to top		February 12, 2019
KB4487025		Resolved
KB4493451		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4487025, users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489891.

Back to top		February 12, 2019
KB4487025		Resolved
KB4489891		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487024.

Back to top		February 12, 2019
KB4487025		Resolved
KB4487024		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
" @@ -115,10 +115,10 @@ sections: - type: markdown text: " + -
DetailsOriginating updateStatusHistory
First character of the Japanese era name not recognized as an abbreviation
After installing KB4480971, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487024.

Back to top		January 15, 2019
KB4480971		Resolved
KB4487024		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 15, 2019
10:00 AM PT
Internet Explorer 11 authentication issue with multiple concurrent logons
After installing KB4480975, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:
  • Cache size and location show zero or empty.
  • Keyboard shortcuts may not work properly.
  • Webpages may intermittently fail to load or render correctly.
  • Issues with credential prompts.
  • Issues when downloading files.
Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493451.

Back to top		January 08, 2019
KB4480975		Resolved
KB4493451		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
After installing KB4480975, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493451.

Back to top		January 08, 2019
KB4480975		Resolved
KB4493451		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Virtual machines fail to restore
After installing KB4480975, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, \"Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).\"

This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.

Affected platforms: 
  • Client: Windows 8.1; Windows 7 SP1 
  • Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490516.

Back to top		January 08, 2019
KB4480975		Resolved
KB4490516		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
First character of the Japanese era name not recognized as an abbreviation
After installing KB4480971, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487024.

Back to top		January 15, 2019
KB4480971		Resolved
KB4487024		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 15, 2019
10:00 AM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, \"Unrecognized Database Format\".

Affected platforms: 
  • Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487025.

Back to top		January 08, 2019
KB4480975		Resolved
KB4487025		Resolved:
February 12, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
" diff --git a/windows/release-information/status-windows-10-1507.yml b/windows/release-information/status-windows-10-1507.yml index e81ad9523c..9f116c65f8 100644 --- a/windows/release-information/status-windows-10-1507.yml +++ b/windows/release-information/status-windows-10-1507.yml @@ -60,8 +60,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- +
SummaryOriginating updateStatusLast updated
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Mitigated
April 25, 2019
02:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 10240.18244

June 11, 2019
KB4503291		Resolved
KB4507458		July 09, 2019
10:00 AM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Mitigated
April 25, 2019
02:00 PM PT
" diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml index 004468483a..31c6e06ec3 100644 --- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml +++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml @@ -60,14 +60,15 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- - - - + + + + +
SummaryOriginating updateStatusLast updated
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Mitigated
July 10, 2019
07:09 PM PT
Cluster service may fail if the minimum password length is set to greater than 14
The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
April 25, 2019
02:00 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 14393.2724

January 08, 2019
KB4480961		Mitigated
April 25, 2019
02:00 PM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

See details >		OS Build 14393.2608

November 13, 2018
KB4467691		Mitigated
February 19, 2019
10:00 AM PT
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after updating.

See details >		OS Build 14393.3115

July 16, 2019
KB4507459		Investigating
July 25, 2019
06:10 PM PT
SCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Resolved
KB4507459		July 16, 2019
10:00 AM PT
Some applications may fail to run as expected on clients of AD FS 2016
Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016)

See details >		OS Build 14393.2941

April 25, 2019
KB4493473		Resolved
KB4507459		July 16, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Mitigated
July 10, 2019
07:09 PM PT
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000.

See details >		OS Build 14393.2969

May 14, 2019
KB4494440		Resolved
KB4507460		July 09, 2019
10:00 AM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 14393.2999

May 23, 2019
KB4499177		Resolved
KB4509475		June 27, 2019
02:00 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 14393.2724

January 08, 2019
KB4480961		Mitigated
April 25, 2019
02:00 PM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

See details >		OS Build 14393.2608

November 13, 2018
KB4467691		Mitigated
February 19, 2019
10:00 AM PT
Cluster service may fail if the minimum password length is set to greater than 14
The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
April 25, 2019
02:00 PM PT
" @@ -83,6 +84,7 @@ sections: - type: markdown text: " +
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after installation of KB4507459. Devices that are domain controllers or domain members are both affected.

If you are not sure if your device is affected, contact your administrator. Advanced users can check if this registry key exists HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms or for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Next steps: At this time, we suggest that devices in an affected environment do not install KB4507459. We are working on a resolution and estimate a solution will be available in mid-August.

Back to top		OS Build 14393.3115

July 16, 2019
KB4507459		Investigating
Last updated:
July 25, 2019
06:10 PM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503267 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround:
To mitigate this issue on an SCCM server:
  1. Verify Variable Window Extension is enabled.
  2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In WDS TFTP settings, verify Variable Window Extension is enabled.
  2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 14393.3025

June 11, 2019
KB4503267		Mitigated
Last updated:
July 10, 2019
07:09 PM PT

Opened:
July 10, 2019
02:51 PM PT
" @@ -120,8 +122,8 @@ sections: - type: markdown text: " - - + +
DetailsOriginating updateStatusHistory
Cluster service may fail if the minimum password length is set to greater than 14
After installing KB4467684, the cluster service may fail to start with the error \"2245 (NERR_PasswordTooShort)\" if the Group Policy \"Minimum Password Length\" is configured with greater than 14 characters.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Workaround: Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.

Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
Last updated:
April 25, 2019
02:00 PM PT

Opened:
November 27, 2018
10:00 AM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
After installing KB4467691, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Workaround: Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.

If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.

Next steps: Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.

Back to top		OS Build 14393.2608

November 13, 2018
KB4467691		Mitigated
Last updated:
February 19, 2019
10:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
SCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host after installing KB4467684.

Additionally, if you do not follow the best practices, a stop error may occur in vfpext.sys on the hosts.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Resolution: This issue was resolved in KB4507459.

Back to top		OS Build 14393.2639

November 27, 2018
KB4467684		Resolved
KB4507459		Resolved:
July 16, 2019
10:00 AM PT

Opened:
November 27, 2018
10:00 AM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
After installing KB4467691, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Workaround: Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.

If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.

Next steps: Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.

Back to top		OS Build 14393.2608

November 13, 2018
KB4467691		Mitigated
Last updated:
February 19, 2019
10:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
Cluster service may fail if the minimum password length is set to greater than 14
After installing KB4467684, the cluster service may fail to start with the error \"2245 (NERR_PasswordTooShort)\" if the Group Policy \"Minimum Password Length\" is configured with greater than 14 characters.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Workaround: Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.

Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
Last updated:
April 25, 2019
02:00 PM PT

Opened:
November 27, 2018
10:00 AM PT
" diff --git a/windows/release-information/status-windows-10-1703.yml b/windows/release-information/status-windows-10-1703.yml index a45bf5b15b..1055bb156e 100644 --- a/windows/release-information/status-windows-10-1703.yml +++ b/windows/release-information/status-windows-10-1703.yml @@ -60,9 +60,10 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- + +
SummaryOriginating updateStatusLast updated
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 15063.1563

January 08, 2019
KB4480973		Mitigated
April 25, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after updating.

See details >		OS Build 15063.1955

July 16, 2019
KB4507467		Investigating
July 25, 2019
06:10 PM PT
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000.

See details >		OS Build 15063.1805

May 14, 2019
KB4499181		Resolved
KB4507450		July 09, 2019
10:00 AM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 15063.1839

May 28, 2019
KB4499162		Resolved
KB4509476		June 26, 2019
04:00 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 15063.1563

January 08, 2019
KB4480973		Mitigated
April 25, 2019
02:00 PM PT
" @@ -73,6 +74,15 @@ sections:
" +- title: July 2019 +- items: + - type: markdown + text: " + + +
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after installation of KB4507467. Devices that are domain controllers or domain members are both affected.

If you are not sure if your device is affected, contact your administrator. Advanced users can check if this registry key exists HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms or for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Next steps: At this time, we suggest that devices in an affected environment do not install KB4507467. We are working on a resolution and estimate a solution will be available in mid-August.

Back to top		OS Build 15063.1955

July 16, 2019
KB4507467		Investigating
Last updated:
July 25, 2019
06:10 PM PT

Opened:
July 25, 2019
06:10 PM PT
+ " + - title: June 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml index 301dd17335..4667f66e88 100644 --- a/windows/release-information/status-windows-10-1709.yml +++ b/windows/release-information/status-windows-10-1709.yml @@ -60,9 +60,10 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ - +
SummaryOriginating updateStatusLast updated
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after updating.

See details >		OS Build 16299.1296

July 16, 2019
KB4507465		Investigating
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 16299.1217

June 11, 2019
KB4503284		Mitigated
July 10, 2019
07:09 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 16299.904

January 08, 2019
KB4480978		Mitigated
April 25, 2019
02:00 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 16299.1182

May 28, 2019
KB4499147		Resolved
KB4509477		June 26, 2019
04:00 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 16299.904

January 08, 2019
KB4480978		Mitigated
April 25, 2019
02:00 PM PT
" @@ -78,6 +79,7 @@ sections: - type: markdown text: " +
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after installation of KB4507465. Devices that are domain controllers or domain members are both affected.

If you are not sure if your device is affected, contact your administrator. Advanced users can check if this registry key exists HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms or for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Next steps: At this time, we suggest that devices in an affected environment do not install KB4507465. We are working on a resolution and estimate a solution will be available in mid-August.

Back to top		OS Build 16299.1296

July 16, 2019
KB4507465		Investigating
Last updated:
July 25, 2019
06:10 PM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503284 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround:
To mitigate this issue on an SCCM server:
  1. Verify Variable Window Extension is enabled.
  2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In WDS TFTP settings, verify Variable Window Extension is enabled.
  2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 16299.1217

June 11, 2019
KB4503284		Mitigated
Last updated:
July 10, 2019
07:09 PM PT

Opened:
July 10, 2019
02:51 PM PT
" diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml index e9e62c1dce..166d39fa83 100644 --- a/windows/release-information/status-windows-10-1803.yml +++ b/windows/release-information/status-windows-10-1803.yml @@ -60,10 +60,11 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ + -
SummaryOriginating updateStatusLast updated
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after updating.

See details >		OS Build 17134.915

July 16, 2019
KB4507466		Investigating
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Mitigated
July 10, 2019
07:09 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4509478		June 26, 2019
04:00 PM PT
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Mitigated
June 14, 2019
04:41 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 17134.523

January 08, 2019
KB4480966		Mitigated
April 25, 2019
02:00 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4509478		June 26, 2019
04:00 PM PT
" @@ -79,6 +80,7 @@ sections: - type: markdown text: " +
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after installation of KB4507466. Devices that are domain controllers or domain members are both affected.

If you are not sure if your device is affected, contact your administrator. Advanced users can check if this registry key exists HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms or for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Next steps: At this time, we suggest that devices in an affected environment do not install KB4507466. We are working on a resolution and estimate a solution will be available in mid-August.

Back to top		OS Build 17134.915

July 16, 2019
KB4507466		Investigating
Last updated:
July 25, 2019
06:10 PM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503286 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround:
To mitigate this issue on an SCCM server:
  1. Verify Variable Window Extension is enabled.
  2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In WDS TFTP settings, verify Variable Window Extension is enabled.
  2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Mitigated
Last updated:
July 10, 2019
07:09 PM PT

Opened:
July 10, 2019
02:51 PM PT
" @@ -88,8 +90,8 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Startup to a black screen after installing updates
We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.


Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803
  • Server: Windows Server 2019
Workaround: To mitigate this issue, press Ctrl+Alt+Delete, then select the Power button in the lower right corner of the screen and select Restart. Your device should now restart normally.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Mitigated
Last updated:
June 14, 2019
04:41 PM PT

Opened:
June 14, 2019
04:41 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4499183. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509478.

Back to top		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4509478		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Startup to a black screen after installing updates
We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.


Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803
  • Server: Windows Server 2019
Workaround: To mitigate this issue, press Ctrl+Alt+Delete, then select the Power button in the lower right corner of the screen and select Restart. Your device should now restart normally.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Mitigated
Last updated:
June 14, 2019
04:41 PM PT

Opened:
June 14, 2019
04:41 PM PT
" diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml index 5613d45790..a8d6b78e6b 100644 --- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml @@ -21,8 +21,7 @@ sections: Find information on known issues and the status of the rollout for Windows 10, version 1809 and Windows Server 2019. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s). -
Current status:
- Windows 10, version 1809 is designated for broad deployment and available for any user who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel. +		Current status:
Windows 10, version 1809 is designated for broad deployment and available for any user who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.
" @@ -65,11 +64,12 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ + -
SummaryOriginating updateStatusLast updated
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after updating.

See details >		OS Build 17763.652

July 22, 2019
KB4505658		Investigating
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 17763.557

June 11, 2019
KB4503327		Mitigated
July 10, 2019
07:09 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 17763.529

May 21, 2019
KB4497934		Resolved
KB4509479		June 26, 2019
04:00 PM PT
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.

See details >		OS Build 17763.557

June 11, 2019
KB4503327		Mitigated
June 14, 2019
04:41 PM PT
Devices with some Asian language packs installed may receive an error
After installing the KB4493509 devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_F

See details >		OS Build 17763.437

April 09, 2019
KB4493509		Mitigated
May 03, 2019
10:59 AM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 17763.253

January 08, 2019
KB4480116		Mitigated
April 09, 2019
10:00 AM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 17763.529

May 21, 2019
KB4497934		Resolved
KB4509479		June 26, 2019
04:00 PM PT
" @@ -85,6 +85,7 @@ sections: - type: markdown text: " +
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after installation of KB4505658. Devices that are domain controllers or domain members are both affected.

If you are not sure if your device is affected, contact your administrator. Advanced users can check if this registry key exists HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms or for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Next steps: At this time, we suggest that devices in an affected environment do not install KB4505658. We are working on a resolution and estimate a solution will be available in mid-August.

Back to top		OS Build 17763.652

July 22, 2019
KB4505658		Investigating
Last updated:
July 25, 2019
06:10 PM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503327 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround:
To mitigate this issue on an SCCM server:
  1. Verify Variable Window Extension is enabled.
  2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In WDS TFTP settings, verify Variable Window Extension is enabled.
  2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Mitigated
Last updated:
July 10, 2019
07:09 PM PT

Opened:
July 10, 2019
02:51 PM PT
" @@ -94,8 +95,8 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Startup to a black screen after installing updates
We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.


Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803
  • Server: Windows Server 2019
Workaround: To mitigate this issue, press Ctrl+Alt+Delete, then select the Power button in the lower right corner of the screen and select Restart. Your device should now restart normally.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Mitigated
Last updated:
June 14, 2019
04:41 PM PT

Opened:
June 14, 2019
04:41 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4497934. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509479.

Back to top		OS Build 17763.529

May 21, 2019
KB4497934		Resolved
KB4509479		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Startup to a black screen after installing updates
We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.


Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803
  • Server: Windows Server 2019
Workaround: To mitigate this issue, press Ctrl+Alt+Delete, then select the Power button in the lower right corner of the screen and select Restart. Your device should now restart normally.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Mitigated
Last updated:
June 14, 2019
04:41 PM PT

Opened:
June 14, 2019
04:41 PM PT
" diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml index 29dfcd9330..a1ebf8f433 100644 --- a/windows/release-information/status-windows-10-1903.yml +++ b/windows/release-information/status-windows-10-1903.yml @@ -22,7 +22,7 @@ sections:
Current status as of July 16, 2019:
-
We are initiating the Windows 10 May 2019 Update for customers with devices that are at or nearing end of service and have not yet updated their device. Keeping these devices both supported and receiving monthly updates is critical to device security and ecosystem health. Based on the large number of devices running the April 2018 Update, that will reach the end of 18 months of service on November 12, 2019, we are starting the update process now for Home and Pro editions to help ensure adequate time for a smooth update process.

Our update rollout process takes into consideration the scale and complexity of the Windows 10 ecosystem, with the many hardware, software, and app configuration options users have, to provide a seamless update experience for all users. We closely monitor update feedback to allow us to prioritize those devices likely to have a good update experience and quickly put safeguards on other devices while we address known issues. Windows 10 Home and Pro edition users will have the ability to pause the update for up to 35 days so they can choose a convenient time.

The Windows 10 May 2019 Update is available for any user who manually selects “Check for updates” via Windows Update on a device that does not have a safeguard hold for issues already detected. If you are not offered the update, please check below for any known issues that may affect your device.

We recommend commercial customers running earlier versions of Windows 10 begin targeted deployments of Windows 10, version 1903 to validate that the apps, devices, and infrastructure used by their organizations work as expected with the new release and features.

Note Follow @WindowsUpdate to find out when new content is published to the release information dashboard.
+
We are initiating the Windows 10 May 2019 Update for customers with devices that are at or nearing end of service and have not yet updated their device. Keeping these devices both supported and receiving monthly updates is critical to device security and ecosystem health. Based on the large number of devices running the April 2018 Update, that will reach the end of 18 months of service on November 12, 2019, we are starting the update process now for Home and Pro editions to help ensure adequate time for a smooth update process.

Our update rollout process takes into consideration the scale and complexity of the Windows 10 ecosystem, with the many hardware, software, and app configuration options users have, to provide a seamless update experience for all users. We closely monitor update feedback to allow us to prioritize those devices likely to have a good update experience and quickly put safeguards on other devices while we address known issues. Windows 10 Home and Pro edition users will have the ability to pause the update for up to 35 days so they can choose a convenient time.

The Windows 10 May 2019 Update is available for any user who manually selects “Check for updates” via Windows Update on a device that does not have a safeguard hold for issues already detected. If you are not offered the update, please check below for any known issues that may affect your device.

We recommend commercial customers running earlier versions of Windows 10 begin targeted deployments of Windows 10, version 1903 to validate that the apps, devices, and infrastructure used by their organizations work as expected with the new release and features.

Note Follow @WindowsUpdate to find out when new content is published to the release information dashboard.
" @@ -65,21 +65,23 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ + - - + + + + + + - - - -
SummaryOriginating updateStatusLast updated
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after updating.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
July 25, 2019
06:10 PM PT
Issues updating when certain versions of Intel storage drivers are installed
Certain versions of Intel Rapid Storage Technology (Intel RST) drivers may cause updating to Windows 10, version 1903 to fail.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Mitigated External
July 25, 2019
06:10 PM PT
The dGPU may occasionally disappear from device manager on Surface Book 2 with dGPU
Some apps or games that needs to perform graphics intensive operations may close or fail to open on Surface Book 2 devices with Nvidia dGPU.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
July 16, 2019
09:04 AM PT
Initiating a Remote Desktop connection may result in black screen
When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
July 12, 2019
04:42 PM PT
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates

See details >		OS Build 18362.116

May 20, 2019
KB4505057		Investigating
June 10, 2019
06:06 PM PT
Display brightness may not respond to adjustments
Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Investigating
May 21, 2019
04:47 PM PT
Loss of functionality in Dynabook Smartphone Link app
After updating to Windows 10, version 1903, you may experience a loss of functionality when using the Dynabook Smartphone Link application.

See details >		OS Build 18362.116

May 20, 2019
KB4505057		Resolved
July 11, 2019
01:54 PM PT
Error attempting to update with external USB device or memory card attached
PCs with an external USB device or SD memory card attached may get error: \"This PC can't be upgraded to Windows 10.\"

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
July 11, 2019
01:53 PM PT
Audio not working with Dolby Atmos headphones and home theater
Users may experience audio loss with Dolby Atmos headphones or Dolby Atmos home theater.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
July 11, 2019
01:53 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Mitigated
July 10, 2019
07:09 PM PT
RASMAN service may stop working and result in the error “0xc0000005”
The Remote Access Connection Manager (RASMAN) service may stop working and result in the error “0xc0000005” with VPN profiles configured as an Always On VPN connection.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Mitigated
July 01, 2019
05:04 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Resolved
KB4501375		June 27, 2019
10:00 AM PT
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates

See details >		OS Build 18362.116

May 20, 2019
KB4505057		Investigating
June 10, 2019
06:06 PM PT
Gamma ramps, color profiles, and night light settings do not apply in some cases
Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
May 24, 2019
11:02 AM PT
Unable to discover or connect to Bluetooth devices
Microsoft has identified compatibility issues with some versions of Realtek and Qualcomm Bluetooth radio drivers.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
May 21, 2019
04:48 PM PT
Display brightness may not respond to adjustments
Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Investigating
May 21, 2019
04:47 PM PT
Intel Audio displays an intcdaud.sys notification
Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in battery drain.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
May 21, 2019
04:47 PM PT
Cannot launch Camera app
Microsoft and Intel have identified an issue affecting Intel RealSense SR300 or Intel RealSense S200 camera apps.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
May 21, 2019
04:47 PM PT
Intermittent loss of Wi-Fi connectivity
Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
May 21, 2019
04:46 PM PT
Loss of functionality in Dynabook Smartphone Link app
After updating to Windows 10, version 1903, you may experience a loss of functionality when using the Dynabook Smartphone Link application.

See details >		OS Build 18362.116

May 20, 2019
KB4505057		Resolved
July 11, 2019
01:54 PM PT
Audio not working with Dolby Atmos headphones and home theater
Users may experience audio loss with Dolby Atmos headphones or Dolby Atmos home theater.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
July 11, 2019
01:53 PM PT
Error attempting to update with external USB device or memory card attached
PCs with an external USB device or SD memory card attached may get error: \"This PC can't be upgraded to Windows 10.\"

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
July 11, 2019
01:53 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Resolved
KB4501375		June 27, 2019
10:00 AM PT
" @@ -95,6 +97,8 @@ sections: - type: markdown text: " + + @@ -116,15 +120,15 @@ sections: - type: markdown text: "
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after installation of KB4497935. Devices that are domain controllers or domain members are both affected.

If you are not sure if your device is affected, contact your administrator. Advanced users can check if this registry key exists HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms or for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Next steps: At this time, we suggest that devices in an affected environment do not install KB4497935. We are working on a resolution and estimate a solution will be available in mid-August.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
Last updated:
July 25, 2019
06:10 PM PT

Opened:
July 25, 2019
06:10 PM PT
Issues updating when certain versions of Intel storage drivers are installed
Intel and Microsoft have found incompatibility issues with certain versions of the Intel Rapid Storage Technology (Intel RST) drivers and the Windows 10 May 2019 Update (Windows 10, version 1903).  

To safeguard your update experience, we have applied a compatibility hold on devices with Intel RST driver version between 15.1.0.1002 and 15.5.2.1053 installed from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.

Versions 15.5.2.1054 or later are compatible, and a device that has these drivers installed can install the Windows 10 May 2019 Update. For affected devices, the recommended version is 15.9.6.1044.

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Next steps: To resolve this issue, you will need to update the Intel RST drivers for your device to version 15.5.2.1054 or a later.  Check with your device manufacturer (OEM) to see if an updated driver is available and install it. You can also download the latest Intel RST drivers directly from Intel at Intel® Rapid Storage Technology (Intel® RST) User Interface and Driver. Once your drivers are updated, you can restart the installation process for the May 2019 Update.

Note Until an updated driver has been installed, we recommend you do not attempt to manually update using the Update now button or the Media Creation Tool. 

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Mitigated External
Last updated:
July 25, 2019
06:10 PM PT

Opened:
July 25, 2019
06:10 PM PT
The dGPU may occasionally disappear from device manager on Surface Book 2 with dGPU
Microsoft has identified a compatibility issue on some Surface Book 2 devices configured with Nvidia discrete graphics processing unit (dGPU). After updating to Windows 10, version 1903 (May 2019 Feature Update), some apps or games that needs to perform graphics intensive operations may close or fail to open.

To safeguard your update experience, we have applied a compatibility hold on Surface Book 2 devices with Nvidia dGPUs from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: To mitigate the issue if you are already on Windows 10, version 1903, you can restart the device or select the Scan for hardware changes button in the Action menu or on the toolbar in Device Manager.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
Last updated:
July 16, 2019
09:04 AM PT

Opened:
July 12, 2019
04:20 PM PT
Initiating a Remote Desktop connection may result in black screen
When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen. Any version of Windows may encounter this issue when initiating a Remote Desktop connection to a Windows 10, version 1903 device which is running an affected display driver, including the drivers for the Intel 4 series chipset integrated GPU (iGPU).

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Next steps: We are working on a resolution that will be made available in upcoming release.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
Last updated:
July 12, 2019
04:42 PM PT

Opened:
July 12, 2019
04:42 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503293 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround:
To mitigate this issue on an SCCM server:
  1. Verify Variable Window Extension is enabled.
  2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In WDS TFTP settings, verify Variable Window Extension is enabled.
  2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.175

June 11, 2019
KB4503293		Mitigated
Last updated:
July 10, 2019
07:09 PM PT

Opened:
July 10, 2019
02:51 PM PT
+ + + - + - - -
DetailsOriginating updateStatusHistory
Loss of functionality in Dynabook Smartphone Link app
Some users may experience a loss of functionality after updating to Windows 10, version 1903 when using the Dynabook Smartphone Link application on Windows devices. Loss of functionality may affect the display of phone numbers in the Call menu and the ability to answer phone calls on the Windows PC.

To safeguard your update experience, we have applied a compatibility hold on devices with Dynabook Smartphone Link from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 20, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:54 PM PT

Opened:
May 24, 2019
03:10 PM PT
Error attempting to update with external USB device or memory card attached
If you have an external USB device or SD memory card attached when installing Windows 10, version 1903, you may get an error message stating \"This PC can't be upgraded to Windows 10.\" This is caused by inappropriate drive reassignment during installation.

Sample scenario: An update to Windows 10, version 1903 is attempted on a computer that has a thumb drive inserted into its USB port. Before the update, the thumb drive is mounted in the system as drive G based on the existing drive configuration. After the feature update is installed; however, the device is reassigned a different drive letter (e.g., drive H).

Note The drive reassignment is not limited to removable drives. Internal hard drives may also be affected.

To safeguard your update experience, we have applied a hold on devices with an external USB device or SD memory card attached from being offered Windows 10, version 1903 until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:53 PM PT

Opened:
May 21, 2019
07:38 AM PT
Audio not working with Dolby Atmos headphones and home theater
After updating to Windows 10, version 1903, you may experience loss of audio with Dolby Atmos for home theater (free extension) or Dolby Atmos for headphones (paid extension) acquired through the Microsoft Store due to a licensing configuration error.
 
This occurs due to an issue with a Microsoft Store licensing component, where license holders are not able to connect to the Dolby Access app and enable Dolby Atmos extensions.
 
To safeguard your update experience, we have applied protective hold on devices from being offered Windows 10, version 1903 until this issue is resolved. This configuration error will not result in loss of access for the acquired license once the problem is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:53 PM PT

Opened:
May 21, 2019
07:16 AM PT
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.

Affected platforms:
  • Client: Windows 10, version 1903
Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.116

May 20, 2019
KB4505057		Investigating
Last updated:
June 10, 2019
06:06 PM PT

Opened:
May 24, 2019
04:20 PM PT
Display brightness may not respond to adjustments
Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Windows 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.

To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: Restart your device to apply changes to brightness.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Next steps: We are working on a resolution that will be made available in upcoming release.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Investigating
Last updated:
May 21, 2019
04:47 PM PT

Opened:
May 21, 2019
07:56 AM PT
Gamma ramps, color profiles, and night light settings do not apply in some cases
Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

Microsoft has identified some scenarios where night light settings may stop working, for example:
  • Connecting to (or disconnecting from) an external monitor, dock, or projector
  • Rotating the screen
  • Updating display drivers or making other display mode changes
  • Closing full screen applications
  • Applying custom color profiles
  • Running applications that rely on custom gamma ramps
Affected platforms:
  • Client: Windows 10, version 1903
Workaround: If you find that your night light has stopped working, try turning the night light off and on, or restarting your computer. For other color setting issues, restart your computer to correct the issue.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
May 24, 2019
11:02 AM PT

Opened:
May 21, 2019
07:28 AM PT
Unable to discover or connect to Bluetooth devices
Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Realtek and Qualcomm. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Realtek or Qualcomm Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Workaround: Check with your device manufacturer (OEM) to see if an updated driver is available and install it.

  • For Qualcomm drivers, you will need to install a driver version greater than 10.0.1.11.
  • For Realtek drivers, you will need to install a driver version greater than 1.5.1011.0.
Note Until an updated driver has been installed, we recommend you do not attempt to manually update using the Update now button or the Media Creation Tool. 

Next steps: Microsoft is working with Realtek and Qualcomm to release new drivers for all affected system via Windows Update.  


Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
May 21, 2019
04:48 PM PT

Opened:
May 21, 2019
07:29 AM PT
Display brightness may not respond to adjustments
Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Windows 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.

To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: Restart your device to apply changes to brightness.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Next steps: We are working on a resolution that will be made available in upcoming release.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Investigating
Last updated:
May 21, 2019
04:47 PM PT

Opened:
May 21, 2019
07:56 AM PT
Intel Audio displays an intcdaud.sys notification
Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain. If you see an intcdaud.sys notification or “What needs your attention” notification when trying to update to Windows 10, version 1903, you have an affected Intel Audio Display device driver installed on your machine (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8).
  
To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until updated device drivers have been installed.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809
Workaround:
On the “What needs your attention\" notification, click the Back button to remain on your current version of Windows 10. (Do not click Confirm as this will proceed with the update and you may experience compatibility issues.) Affected devices will automatically revert to the previous working configuration.

For more information, see Intel's customer support guidance and the Microsoft knowledge base article KB4465877.

Note We recommend you do not attempt to update your devices until newer device drivers are installed.

Next steps: You can opt to wait for newer drivers to be installed automatically through Windows Update or check with the computer manufacturer for the latest device driver software availability and installation procedures.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
May 21, 2019
04:47 PM PT

Opened:
May 21, 2019
07:22 AM PT
Cannot launch Camera app
Microsoft and Intel have identified an issue affecting Intel RealSense SR300 and Intel RealSense S200 cameras when using the Camera app. After updating to the Windows 10 May 2019 Update and launching the Camera app, you may get an error message stating:

\"Close other apps, error code: 0XA00F4243.”


To safeguard your update experience, we have applied a protective hold on machines with Intel RealSense SR300 or Intel RealSense S200 cameras installed from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: To temporarily resolve this issue, perform one of the following:

  • Unplug your camera and plug it back in.

or

  • Disable and re-enable the driver in Device Manager. In the Search box, type \"Device Manager\" and press Enter. In the Device Manager dialog box, expand Cameras, then right-click on any RealSense driver listed and select Disable device. Right click on the driver again and select Enable device.

or

  • Restart the RealSense service. In the Search box, type \"Task Manager\" and hit Enter. In the Task Manager dialog box, click on the Services tab, right-click on RealSense, and select Restart
Note This workaround will only resolve the issue until your next system restart.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
May 21, 2019
04:47 PM PT

Opened:
May 21, 2019
07:20 AM PT
Intermittent loss of Wi-Fi connectivity
Some older computers may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).

To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until the updated driver is installed.

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: Download and install an updated Wi-Fi driver from your device manufacturer (OEM).
 
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
May 21, 2019
04:46 PM PT

Opened:
May 21, 2019
07:13 AM PT
Loss of functionality in Dynabook Smartphone Link app
Some users may experience a loss of functionality after updating to Windows 10, version 1903 when using the Dynabook Smartphone Link application on Windows devices. Loss of functionality may affect the display of phone numbers in the Call menu and the ability to answer phone calls on the Windows PC.

To safeguard your update experience, we have applied a compatibility hold on devices with Dynabook Smartphone Link from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 20, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:54 PM PT

Opened:
May 24, 2019
03:10 PM PT
Audio not working with Dolby Atmos headphones and home theater
After updating to Windows 10, version 1903, you may experience loss of audio with Dolby Atmos for home theater (free extension) or Dolby Atmos for headphones (paid extension) acquired through the Microsoft Store due to a licensing configuration error.
 
This occurs due to an issue with a Microsoft Store licensing component, where license holders are not able to connect to the Dolby Access app and enable Dolby Atmos extensions.
 
To safeguard your update experience, we have applied protective hold on devices from being offered Windows 10, version 1903 until this issue is resolved. This configuration error will not result in loss of access for the acquired license once the problem is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:53 PM PT

Opened:
May 21, 2019
07:16 AM PT
Error attempting to update with external USB device or memory card attached
If you have an external USB device or SD memory card attached when installing Windows 10, version 1903, you may get an error message stating \"This PC can't be upgraded to Windows 10.\" This is caused by inappropriate drive reassignment during installation.

Sample scenario: An update to Windows 10, version 1903 is attempted on a computer that has a thumb drive inserted into its USB port. Before the update, the thumb drive is mounted in the system as drive G based on the existing drive configuration. After the feature update is installed; however, the device is reassigned a different drive letter (e.g., drive H).

Note The drive reassignment is not limited to removable drives. Internal hard drives may also be affected.

To safeguard your update experience, we have applied a hold on devices with an external USB device or SD memory card attached from being offered Windows 10, version 1903 until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:53 PM PT

Opened:
May 21, 2019
07:38 AM PT
" diff --git a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml index 883499827b..36e559e6aa 100644 --- a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml @@ -62,8 +62,8 @@ sections: - +
SummaryOriginating updateStatusLast updated
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503276		Mitigated
July 10, 2019
07:09 PM PT
Japanese IME doesn't show the new Japanese Era name as a text input option
If previous dictionary updates are installed, the Japanese input method editor (IME) doesn't show the new Japanese Era name as a text input option.

See details >		April 25, 2019
KB4493443		Mitigated
May 15, 2019
05:53 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.

See details >		January 08, 2019
KB4480963		Mitigated
April 25, 2019
02:00 PM PT
System may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.

See details >		April 09, 2019
KB4493446		Mitigated
April 18, 2019
05:00 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.

See details >		January 08, 2019
KB4480963		Mitigated
April 25, 2019
02:00 PM PT
" From 47ccd732a79958f96c48edd789805f5182091958 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Thu, 25 Jul 2019 20:34:44 -0700 Subject: [PATCH 45/54] add 2 new issues (#778) * Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md * Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md * Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md * Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md * Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md * Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md * Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md * Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md * Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md * Update manage-connections-from-windows-operating-system-components-to-microsoft-services.md * Update manage-connections-from-windows-operating-system-components-to-microsoft-services.md * Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md * Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md * Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md * add new issues (#777) --- ...ponents-to-microsoft-services-using-MDM.md | 196 +++++++++--------- ...system-components-to-microsoft-services.md | 2 +- .../resolved-issues-windows-10-1507.yml | 20 +- .../resolved-issues-windows-10-1607.yml | 20 +- .../resolved-issues-windows-10-1703.yml | 10 +- .../resolved-issues-windows-10-1709.yml | 10 +- .../resolved-issues-windows-10-1803.yml | 16 +- ...indows-10-1809-and-windows-server-2019.yml | 26 +-- .../resolved-issues-windows-10-1903.yml | 8 +- ...ndows-7-and-windows-server-2008-r2-sp1.yml | 24 +-- ...windows-8.1-and-windows-server-2012-r2.yml | 28 +-- ...esolved-issues-windows-server-2008-sp2.yml | 8 +- .../resolved-issues-windows-server-2012.yml | 14 +- .../status-windows-10-1507.yml | 2 +- ...indows-10-1607-and-windows-server-2016.yml | 14 +- .../status-windows-10-1703.yml | 12 +- .../status-windows-10-1709.yml | 4 +- .../status-windows-10-1803.yml | 6 +- ...indows-10-1809-and-windows-server-2019.yml | 9 +- .../status-windows-10-1903.yml | 26 ++- ...windows-8.1-and-windows-server-2012-r2.yml | 2 +- 21 files changed, 244 insertions(+), 213 deletions(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md index 84112c5107..e43cc160d7 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md @@ -40,98 +40,111 @@ The following table lists management options for each setting. For Windows 10, the following MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). -| Setting | MDM Policy | Description | -| --- | --- | --- | -| 1. Automatic Root Certificates Update | There is intentionally no MDM available for Automatic Root Certificate Update. | This MDM does not exist since it would prevent the operation and management of MDM management of devices. -| 2. Cortana and Search | [Experience/AllowCortana](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowcortana) | Choose whether to let Cortana install and run on the device. **Set to 0 (zero)** -| | [Search/AllowSearchToUseLocation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-search#search-allowsearchtouselocation) | Choose whether Cortana and Search can provide location-aware search results. **Set to 0 (zero)** -| 3. Date & Time | [Settings/AllowDateTime](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-settings#settings-allowdatetime)| Allows the user to change date and time settings. **Set to 0 (zero)** -| 4. Device metadata retrieval | [DeviceInstallation/PreventDeviceMetadataFromNetwork](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventdevicemetadatafromnetwork) | Choose whether to prevent Windows from retrieving device metadata from the Internet. **Set to Enabled** -| 5. Find My Device | [Experience/AllowFindMyDevice](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowfindmydevice)| This policy turns on Find My Device. **Set to 0 (zero)** -| 6. Font streaming | [System/AllowFontProviders](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowfontproviders) | Setting that determines whether Windows is allowed to download fonts and font catalog data from an online font provider. **Set to 0 (zero)** -| 7. Insider Preview builds | [System/AllowBuildPreview](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowbuildpreview) | This policy setting determines whether users can access the Insider build controls in the Advanced Options for Windows Update. **Set to 0 (zero)** -| 8. Internet Explorer | The following Microsoft Internet Explorer MDM policies are available in the [Internet Explorer CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer) | -| | [InternetExplorer/AllowSuggestedSites](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-allowsuggestedsites) | Recommends websites based on the user’s browsing activity. **Set to Disabled** -| | [InternetExplorer/PreventManagingSmartScreenFilter]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-preventmanagingsmartscreenfilter) | Prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing," or is known to host malware. **Set to Enabled** -| | [InternetExplorer/DisableFlipAheadFeature]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disableflipaheadfeature) | Determines whether a user can swipe across a screen or click Forward to go to the next pre-loaded page of a website. **Set to Enabled** -| | [InternetExplorer/DisableHomePageChange]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablehomepagechange) | Determines whether users can change the default Home Page or not. **Set to Enabled** -| | [InternetExplorer/DisableFirstRunWizard]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablefirstrunwizard) | Prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Windows. **Set to Enabled** -| 9. Live Tiles | [Notifications/DisallowTileNotification](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-notifications)| This policy setting turns off tile notifications. If you enable this policy setting applications and system features will not be able to update their tiles and tile badges in the Start screen. **Set to Enabled** -| 10. Mail synchronization | [Accounts/AllowMicrosoftAccountConnection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountconnection) | Specifies whether the user is allowed to use an MSA account for non-email related connection authentication and services. **Set to 0 (zero)** -| 11. Microsoft Account | [Accounts/AllowMicrosoftAccountSignInAssistant](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountsigninassistant) | Disable the Microsoft Account Sign-In Assistant. **Set to 0 (zero)** -| 12. Microsoft Edge | | The following Microsoft Edge MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). For a complete list of the Microsoft Edge policies, see [Available policies for Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/available-policies). -| | [Browser/AllowAutoFill](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowautofill) | Choose whether employees can use autofill on websites. **Set to 0 (zero)** -| | [Browser/AllowDoNotTrack](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowdonottrack) | Choose whether employees can send Do Not Track headers. **Set to 0 (zero)** -| | [Browser/AllowMicrosoftCompatbilityList](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowmicrosoftcompatibilitylist) | Specify the Microsoft compatibility list in Microsoft Edge. **Set to 0 (zero)** -| | [Browser/AllowPasswordManager](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowpasswordmanager) | Choose whether employees can save passwords locally on their devices. **Set to 0 (zero)** -| | [Browser/AllowSearchSuggestionsinAddressBar](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsearchsuggestionsinaddressbar) | Choose whether the Address Bar shows search suggestions. **Set to 0 (zero)** -| | [Browser/AllowSmartScreen](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Choose whether SmartScreen is turned on or off. **Set to 0 (zero)** -| 13. Network Connection Status Indicator | [Connectivity/DisallowNetworkConnectivityActiveTests](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) | Note: After you apply this policy you must restart the device for the policy setting to take effect. **Set to 1 (one)** -| 14. Offline maps | [AllowOfflineMapsDownloadOverMeteredConnection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps)|Allows the download and update of map data over metered connections.
**Set to 0 (zero)** -| | [EnableOfflineMapsAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate)|Disables the automatic download and update of map data. **Set to 0 (zero)** -| 15. OneDrive | [DisableOneDriveFileSync](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync)| Allows IT Admins to prevent apps and features from working with files on OneDrive. **Set to 1 (one)** -| 15.1 Injest the ADMX | To get the latest OneDrive ADMX file you need an up-to-date Windows 10 client. | The ADMX files are located under the following path: %LocalAppData%\Microsoft\OneDrive\ there's a folder with the current OneDrive build (e.g. "18.162.0812.0001"). -| 15.2 Prevent Network Traffic before User SignIn | PreventNetworkTrafficPreUserSignIn | The OMA-URI value is: ./Device/Vendor/MSFT/Policy/Config/OneDriveNGSC\~Policy\~OneDriveNGSC/PreventNetworkTrafficPreUserSignIn -| 16. Preinstalled apps | N/A | N/A -| 17. Privacy settings | | Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. -| 17.1 General | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) | This policy setting controls the ability to send inking and typing data to Microsoft. **Set to 0 (zero)** -| 17.2 Location | [System/AllowLocation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowlocation) | Specifies whether to allow app access to the Location service. **Set to 0 (zero)** -| 17.3 Camera | [Camera/AllowCamera](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-camera#camera-allowcamera) | Disables or enables the camera. **Set to 0 (zero)** -| 17.4 Microphone | [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone) | Specifies whether Windows apps can access the microphone. **Set to 2 (two)** -| 17.5 Notifications | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | Specifies whether Windows apps can access notifications. **Set to 2 (two)** -| | [Settings/AllowOnlineTips]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | Enables or disables the retrieval of online tips and help for the Settings app. **Set to Disabled** -| 17.6 Speech, Inking, & Typing | [Privacy/AllowInputPersonalization](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-allowinputpersonalization) | This policy specifies whether users on the device have the option to enable online speech recognition. **Set to 0 (zero)** -| | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)| This policy setting controls the ability to send inking and typing data to Microsoft **Set to 0 (zero)** -| 17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | Specifies whether Windows apps can access account information. **Set to 2 (two)** -| 17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | Specifies whether Windows apps can access contacts. **Set to 2 (two)** -| 17.9 Calendar | [Privacy/LetAppsAccessCalendar](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscalendar) | Specifies whether Windows apps can access the calendar. **Set to 2 (two)** -| 17.10 Call history | [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory) | Specifies whether Windows apps can access account information. **Set to 2 (two)** -| 17.11 Email | [Privacy/LetAppsAccessEmail](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessemail) | Specifies whether Windows apps can access email. **Set to 2 (two)** -| 17.12 Messaging | [Privacy/LetAppsAccessMessaging](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmessaging) | Specifies whether Windows apps can read or send messages (text or MMS). **Set to 2 (two)** -| 17.13 Phone calls | [Privacy/LetAppsAccessPhone](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone) | Specifies whether Windows apps can make phone calls. **Set to 2 (two)** -| 17.14 Radios | [Privacy/LetAppsAccessRadios](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessradios) | Specifies whether Windows apps have access to control radios. **Set to 2 (two)** -| 17.15 Other devices | [Privacy/LetAppsSyncWithDevices](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappssyncwithdevices) | Specifies whether Windows apps can sync with devices. **Set to 2 (two)** -| | [Privacy/LetAppsAccessTrustedDevices](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstrusteddevices) | Specifies whether Windows apps can access trusted devices. **Set to 2 (two)** -| 17.16 Feedback & diagnostics | [System/AllowTelemetry](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | Allow the device to send diagnostic and usage telemetry data, such as Watson. **Set to 0 (zero)** -| | [Experience/DoNotShowFeedbackNotifications](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-donotshowfeedbacknotifications)| Prevents devices from showing feedback questions from Microsoft. **Set to 1 (one)** -| 17.17 Background apps | [Privacy/LetAppsRunInBackground](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsruninbackground) | Specifies whether Windows apps can run in the background. **Set to 2 (two)** -| 17.18 Motion | [Privacy/LetAppsAccessMotion](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmotion) | Specifies whether Windows apps can access motion data. **Set to 2 (two)** -| 17.19 Tasks | [Privacy/LetAppsAccessTasks](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstasks) | Turn off the ability to choose which apps have access to tasks. **Set to 2 (two)** -| 17.20 App Diagnostics | [Privacy/LetAppsGetDiagnosticInfo](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsgetdiagnosticinfo) | Force allow, force deny or give user control of apps that can get diagnostic information about other running apps. **Set to 2 (two)** -| 18. Software Protection Platform | [Licensing/DisallowKMSClientOnlineAVSValidation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-licensing#licensing-disallowkmsclientonlineavsvalidation) | Opt out of sending KMS client activation data to Microsoft automatically. **Set to 1 (one)** -| 19. Storage Health | [Storage/AllowDiskHealthModelUpdates](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-storage#storage-allowdiskhealthmodelupdates) | Allows disk health model updates. **Set to 0 (zero)** -| 20. Sync your settings | [Experience/AllowSyncMySettings](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowsyncmysettings) | Control whether your settings are synchronized. **Set to 0 (zero)** -| 21. Teredo | No MDM needed | Teredo is **Off by default**. Delivery Optimization (DO) can turn on Teredo, but DO itself is turned Off via MDM. -| 22. Wi-Fi Sense | No MDM needed | Wi-Fi Sense is no longer available from Windows 10 version 1803 and newer. -| 23. Windows Defender | [Defender/AllowCloudProtection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-allowcloudprotection) | Disconnect from the Microsoft Antimalware Protection Service. **Set to 0 (zero)** -| | [Defender/SubmitSamplesConsent](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-submitsamplesconsent) | Stop sending file samples back to Microsoft. **Set to 2 (two)** -| 23.1 Windows Defender Smartscreen | [Browser/AllowSmartScreen](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Disable Windows Defender Smartscreen. **Set to 0 (zero)** -| 23.2 Windows Defender Smartscreen EnableAppInstallControl | [SmartScreen/EnableAppInstallControl](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-smartscreen#smartscreen-enableappinstallcontrol) | Controls whether users are allowed to install apps from places other than the Microsoft Store. **Set to 0 (zero)** -| 23.3 Windows Defender Potentially Unwanted Applications(PUA) Protection | [Defender/PUAProtection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-puaprotection) | Specifies the level of detection for potentially unwanted applications (PUAs). **Set to 1 (one)** -| 24. Windows Spotlight | [Experience/AllowWindowsSpotlight](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowwindowsspotlight) | Disable Windows Spotlight. **Set to 0 (zero)** -| 25. Microsoft Store | [ApplicationManagement/DisableStoreOriginatedApps](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-disablestoreoriginatedapps)| Boolean value that disables the launch of all apps from Microsoft Store that came pre-installed or were downloaded. **Set to 1 (one)** -| | [ApplicationManagement/AllowAppStoreAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-allowappstoreautoupdate)| Specifies whether automatic update of apps from Microsoft Store are allowed. **Set to 0 (zero)** -| 25.1 Apps for websites | [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers) | This policy setting determines whether Windows supports web-to-app linking with app URI handlers. **Set to 0 (zero)** -| 26. Windows Update Delivery Optimization | | The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). -| | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Lets you choose where Delivery Optimization gets or sends updates and apps. **Set to 100 (one hundred)** -| 27. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. **Set to 5 (five)** -| 27.1 Windows Update Allow Update Service | [Update/AllowUpdateService](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowupdateservice) | Specifies whether the device could use Microsoft Update, Windows Server Update Services (WSUS), or Microsoft Store. **Set to 0 (zero)** -| 27.2 Windows Update Service URL| [Update/UpdateServiceUrl](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-updateserviceurl) | Allows the device to check for updates from a WSUS server instead of Microsoft Update. **Set to String** with this Value: +1. **Automatic Root Certificates Update** + 1. MDM Policy: There is intentionally no MDM available for Automatic Root Certificate Update. This MDM does not exist since it would prevent the operation and management of MDM management of devices. - - $CmdID$ - - - chr - text/plain - - - ./Vendor/MSFT/Policy/Config/Update/UpdateServiceUrl - - http://abcd-srv:8530 - - +1. **Cortana and Search** + 1. MDM Policy: [Experience/AllowCortana](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowcortana). Choose whether to let Cortana install and run on the device. **Set to 0 (zero)** + 1. MDM Policy: [Search/AllowSearchToUseLocation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-search#search-allowsearchtouselocation). Choose whether Cortana and Search can provide location-aware search results. **Set to 0 (zero)** +1. **Date & Time** + 1. MDM Policy: [Settings/AllowDateTime](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-settings#settings-allowdatetime). Allows the user to change date and time settings. **Set to 0 (zero)** + +1. **Device metadata retrieval** + 1. MDM Policy: [DeviceInstallation/PreventDeviceMetadataFromNetwork](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventdevicemetadatafromnetwork). Choose whether to prevent Windows from retrieving device metadata from the Internet. **Set to Enabled** + +1. **Find My Device** + 1. MDM Policy: [Experience/AllowFindMyDevice](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowfindmydevice). This policy turns on Find My Device. **Set to 0 (zero)** + +1. **Font streaming** + 1. MDM Policy: [System/AllowFontProviders](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowfontproviders). Setting that determines whether Windows is allowed to download fonts and font catalog data from an online font provider. **Set to 0 (zero)** +1. **Insider Preview builds** + 1. MDM Policy: [System/AllowBuildPreview](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowbuildpreview). This policy setting determines whether users can access the Insider build controls in the Advanced Options for Windows Update. **Set to 0 (zero)** + +1. **Internet Explorer** The following Microsoft Internet Explorer MDM policies are available in the [Internet Explorer CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer) + 1. MDM Policy: [InternetExplorer/AllowSuggestedSites](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-allowsuggestedsites). Recommends websites based on the user’s browsing activity. **Set to Disabled** + 1. MDM Policy: [InternetExplorer/PreventManagingSmartScreenFilter]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-preventmanagingsmartscreenfilter). Prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing," or is known to host malware. **Set to Enabled** + 1. MDM Policy: [InternetExplorer/DisableFlipAheadFeature]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disableflipaheadfeature). Determines whether a user can swipe across a screen or click Forward to go to the next pre-loaded page of a website. **Set to Enabled** + 1. MDM Policy: [InternetExplorer/DisableHomePageChange]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablehomepagechange). Determines whether users can change the default Home Page or not. **Set to Enabled** + 1. MDM Policy: [InternetExplorer/DisableFirstRunWizard]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablefirstrunwizard). Prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Windows. **Set to Enabled** + +1. **Live Tiles** + 1. MDM Policy: [Notifications/DisallowTileNotification](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-notifications). This policy setting turns off tile notifications. If you enable this policy setting applications and system features will not be able to update their tiles and tile badges in the Start screen. **Integer value 1** + +1. **Mail synchronization** + 1. MDM Policy: [Accounts/AllowMicrosoftAccountConnection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountconnection). Specifies whether the user is allowed to use an MSA account for non-email related connection authentication and services. **Set to 0 (zero)** + +1. **Microsoft Account** + 1. MDM Policy: [Accounts/AllowMicrosoftAccountSignInAssistant](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountsigninassistant). Disable the Microsoft Account Sign-In Assistant. **Set to 0 (zero)** + +1. **Microsoft Edge** The following Microsoft Edge MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). For a complete list of the Microsoft Edge policies, see [Available policies for Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/available-policies). + 1. MDM Policy: [Browser/AllowAutoFill](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowautofill). Choose whether employees can use autofill on websites. **Set to 0 (zero)** + 1. MDM Policy: [Browser/AllowDoNotTrack](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowdonottrack). Choose whether employees can send Do Not Track headers. **Set to 0 (zero)** + 1. MDM Policy: [Browser/AllowMicrosoftCompatbilityList](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowmicrosoftcompatibilitylist). Specify the Microsoft compatibility list in Microsoft Edge. **Set to 0 (zero)** + 1. MDM Policy: [Browser/AllowPasswordManager](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowpasswordmanager). Choose whether employees can save passwords locally on their devices. **Set to 0 (zero)** + 1. MDM Policy: [Browser/AllowSearchSuggestionsinAddressBar](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsearchsuggestionsinaddressbar). Choose whether the Address Bar shows search suggestions. **Set to 0 (zero)** + 1. MDM Policy: [Browser/AllowSmartScreen](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen). Choose whether SmartScreen is turned on or off. **Set to 0 (zero)** + +1. **Network Connection Status Indicator** + 1. [Connectivity/DisallowNetworkConnectivityActiveTests](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests). Note: After you apply this policy you must restart the device for the policy setting to take effect. **Set to 1 (one)** + +1. **Offline maps** + 1. MDM Policy: [AllowOfflineMapsDownloadOverMeteredConnection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps). Allows the download and update of map data over metered connections.
**Set to 0 (zero)** + 1. MDM Policy: [EnableOfflineMapsAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate). Disables the automatic download and update of map data. **Set to 0 (zero)** + +1. **OneDrive** + 1. MDM Policy: [DisableOneDriveFileSync](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync). Allows IT Admins to prevent apps and features from working with files on OneDrive. **Set to 1 (one)** + 1. Ingest the ADMX - To get the latest OneDrive ADMX file you need an up-to-date Windows 10 client. The ADMX files are located under the following path: %LocalAppData%\Microsoft\OneDrive\ there's a folder with the current OneDrive build (e.g. "18.162.0812.0001"). There is a folder named "adm" which contains the admx and adml policy definition files. + 1. MDM Policy: Prevent Network Traffic before User SignIn. PreventNetworkTrafficPreUserSignIn. The OMA-URI value is: ./Device/Vendor/MSFT/Policy/Config/OneDriveNGSC\~Policy\~OneDriveNGSC/PreventNetworkTrafficPreUserSignIn, String, \ + +1. **Privacy settings** Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. + 1. General - [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection). This policy setting controls the ability to send inking and typing data to Microsoft. **Set to 0 (zero)** + 1. Location - [System/AllowLocation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowlocation). Specifies whether to allow app access to the Location service. **Set to 0 (zero)** + 1. Camera - [Camera/AllowCamera](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-camera#camera-allowcamera). Disables or enables the camera. **Set to 0 (zero)** + 1. Microphone - [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone). Specifies whether Windows apps can access the microphone. **Set to 2 (two)** + 1. Notifications - [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications). Specifies whether Windows apps can access notifications. **Set to 2 (two)** + 1. Notifications - [Settings/AllowOnlineTips]( https://docs.microsoft.com/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips). Enables or disables the retrieval of online tips and help for the Settings app. **Integer value 0** + 1. Speech, Inking, & Typing - [Privacy/AllowInputPersonalization](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-allowinputpersonalization). This policy specifies whether users on the device have the option to enable online speech recognition. **Set to 0 (zero)** + 1. Speech, Inking, & Typing - [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection). This policy setting controls the ability to send inking and typing data to Microsoft **Set to 0 (zero)** + 1. Account info - [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo). Specifies whether Windows apps can access account information. **Set to 2 (two)** + 1. Contacts - [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts). Specifies whether Windows apps can access contacts. **Set to 2 (two)** + 1. Calendar - [Privacy/LetAppsAccessCalendar](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscalendar). Specifies whether Windows apps can access the calendar. **Set to 2 (two)** + 1. Call history - [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory). Specifies whether Windows apps can access account information. **Set to 2 (two)** + 1. Email - [Privacy/LetAppsAccessEmail](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessemail). Specifies whether Windows apps can access email. **Set to 2 (two)** + 1. Messaging - [Privacy/LetAppsAccessMessaging](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmessaging). Specifies whether Windows apps can read or send messages (text or MMS). **Set to 2 (two)** + 1. Phone calls - [Privacy/LetAppsAccessPhone](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone). Specifies whether Windows apps can make phone calls. **Set to 2 (two)** + 1. Radios - [Privacy/LetAppsAccessRadios](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessradios). Specifies whether Windows apps have access to control radios. **Set to 2 (two)** + 1. Other devices - [Privacy/LetAppsSyncWithDevices](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappssyncwithdevices). Specifies whether Windows apps can sync with devices. **Set to 2 (two)** + 1. Other devices - [Privacy/LetAppsAccessTrustedDevices](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstrusteddevices). Specifies whether Windows apps can access trusted devices. **Set to 2 (two)** + 1. Feedback & diagnostics - [System/AllowTelemetry](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowtelemetry). Allow the device to send diagnostic and usage telemetry data, such as Watson. **Set to 0 (zero)** + 1. Feedback & diagnostics - [Experience/DoNotShowFeedbackNotifications](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-donotshowfeedbacknotifications). Prevents devices from showing feedback questions from Microsoft. **Set to 1 (one)** + 1. Background apps - [Privacy/LetAppsRunInBackground](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsruninbackground). Specifies whether Windows apps can run in the background. **Set to 2 (two)** + 1. Motion - [Privacy/LetAppsAccessMotion](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmotion). Specifies whether Windows apps can access motion data. **Set to 2 (two)** + 1. Tasks - [Privacy/LetAppsAccessTasks](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstasks). Turn off the ability to choose which apps have access to tasks. **Set to 2 (two)** + 1. App Diagnostics - [Privacy/LetAppsGetDiagnosticInfo](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsgetdiagnosticinfo). Force allow, force deny or give user control of apps that can get diagnostic information about other running apps. **Set to 2 (two)** +1. **Software Protection Platform** - [Licensing/DisallowKMSClientOnlineAVSValidation](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-licensing#licensing-disallowkmsclientonlineavsvalidation). Opt out of sending KMS client activation data to Microsoft automatically. **Set to 1 (one)** +1. **Storage Health** - [Storage/AllowDiskHealthModelUpdates](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-storage#storage-allowdiskhealthmodelupdates). Allows disk health model updates. **Set to 0 (zero)** +1. **Sync your settings** - [Experience/AllowSyncMySettings](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowsyncmysettings). Control whether your settings are synchronized. **Set to 0 (zero)** +1. **Teredo** - No MDM needed. Teredo is **Off by default**. Delivery Optimization (DO) can turn on Teredo, but DO itself is turned Off via MDM. +1. **Wi-Fi Sense** - No MDM needed. Wi-Fi Sense is no longer available from Windows 10 version 1803 and newer. +1. **Windows Defender** + 1. [Defender/AllowCloudProtection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-allowcloudprotection). Disconnect from the Microsoft Antimalware Protection Service. **Set to 0 (zero)** + 1. [Defender/SubmitSamplesConsent](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-submitsamplesconsent). Stop sending file samples back to Microsoft. **Set to 2 (two)** + 1. Windows Defender Smartscreen - [Browser/AllowSmartScreen](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen). Disable Windows Defender Smartscreen. **Set to 0 (zero)** + 1. Windows Defender Smartscreen EnableAppInstallControl - [SmartScreen/EnableAppInstallControl](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-smartscreen#smartscreen-enableappinstallcontrol). Controls whether users are allowed to install apps from places other than the Microsoft Store. **Set to 0 (zero)** + 1. Windows Defender Potentially Unwanted Applications(PUA) Protection - [Defender/PUAProtection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-puaprotection). Specifies the level of detection for potentially unwanted applications (PUAs). **Set to 1 (one)** +1. **Windows Spotlight** - [Experience/AllowWindowsSpotlight](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowwindowsspotlight). Disable Windows Spotlight. **Set to 0 (zero)** +1. **Microsoft Store** + 1. [ApplicationManagement/DisableStoreOriginatedApps](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-disablestoreoriginatedapps). Boolean value that disables the launch of all apps from Microsoft Store that came pre-installed or were downloaded. **Set to 1 (one)** + 1. [ApplicationManagement/AllowAppStoreAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-allowappstoreautoupdate). Specifies whether automatic update of apps from Microsoft Store are allowed. **Set to 0 (zero)** +1 **Apps for websites** - [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers). This policy setting determines whether Windows supports web-to-app linking with app URI handlers. **Set to 0 (zero)** +1. **Windows Update Delivery Optimization** - The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). + 1. [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode). Let’s you choose where Delivery Optimization gets or sends updates and apps. **Set to 100 (one hundred)** +1. **Windows Update** + 1. [Update/AllowAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowautoupdate). Control automatic updates. **Set to 5 (five)** + 1. Windows Update Allow Update Service - [Update/AllowUpdateService](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowupdateservice). Specifies whether the device could use Microsoft Update, Windows Server Update Services (WSUS), or Microsoft Store. **Set to 0 (zero)** + 1. Windows Update Service URL - [Update/UpdateServiceUrl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-updateserviceurl). Allows the device to check for updates from a WSUS server instead of Microsoft Update. **Set to String** with the Value next to item "a" below: + 1. \\$CmdID$\\\chr\text/plain\\ \./Vendor/MSFT/Policy/Config/Update/UpdateServiceUrl\\http://abcd-srv:8530\\ ### Allowed traffic ("Whitelisted traffic") for Microsoft InTune / MDM configurations @@ -148,6 +161,3 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt |*microsoft.com/pkiops/crl/**| |activation-v2.sls.microsoft.com/*| |ocsp.digicert.com/*| - - - diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index a53d72a967..21e7f8f027 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -418,7 +418,7 @@ To turn off Insider Preview builds for Windows 10: ### 8. Internet Explorer > [!NOTE] -> The following Group Policies and Registry Keys are for user interactive scenarios rather than the typical idle traffic scenario. Find the Internet Explorer Group Policy objects under **Computer Configuration > Administrative Templates > Windows Components > Internet Explorer** and make these settings: +>When attempting to use Internet Explorer on any edition of Windows Server be aware there are restrictions enforced by [Enhanced Security Configuration (ESC)](https://support.microsoft.com/en-us/help/815141/ie-enhanced-security-configuration-changes-browsing-experience). The following Group Policies and Registry Keys are for user interactive scenarios rather than the typical idle traffic scenario. Find the Internet Explorer Group Policy objects under **Computer Configuration > Administrative Templates > Windows Components > Internet Explorer** and make these settings: | Policy | Description | |------------------------------------------------------|-----------------------------------------------------------------------------------------------------| diff --git a/windows/release-information/resolved-issues-windows-10-1507.yml b/windows/release-information/resolved-issues-windows-10-1507.yml index fcb44369bb..048946f759 100644 --- a/windows/release-information/resolved-issues-windows-10-1507.yml +++ b/windows/release-information/resolved-issues-windows-10-1507.yml @@ -34,15 +34,15 @@ sections: - - - - - - - + + + + + + +
SummaryOriginating updateStatusDate resolved
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 10240.18244

June 11, 2019
KB4503291		Resolved
KB4507458		July 09, 2019
10:00 AM PT
Unable to access some gov.uk websites
gov.uk websites that don’t support “HSTS” may not be accessible

See details >		OS Build 10240.18215

May 14, 2019
KB4499154		Resolved
KB4505051		May 19, 2019
02:00 PM PT
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4493475		April 09, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >		OS Build 10240.18158

March 12, 2019
KB4489872		Resolved
KB4493475		April 09, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4493475		April 09, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		March 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		March 12, 2019
10:00 AM PT
First character of Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		March 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4491101		February 21, 2019
02:00 PM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4487018		February 12, 2019
10:00 AM PT
Unable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4487018		February 12, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4493475		April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		March 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4491101		February 21, 2019
02:00 PM PT
First character of Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		March 12, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >		OS Build 10240.18158

March 12, 2019
KB4489872		Resolved
KB4493475		April 09, 2019
10:00 AM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4487018		February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		March 12, 2019
10:00 AM PT
" @@ -86,10 +86,10 @@ sections: text: " - - + +
DetailsOriginating updateStatusHistory
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. 
 
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. 
 
Affected platforms:  
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493475

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4493475		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489872.

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4487018, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489872.

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
First character of Japanese era name not recognized
After installing KB4487018, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489872.

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
After installing KB4487018, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4491101.

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4491101		Resolved:
February 21, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
First character of Japanese era name not recognized
After installing KB4487018, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489872.

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489872.

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
" @@ -98,8 +98,8 @@ sections: - type: markdown text: " + -
DetailsOriginating updateStatusHistory
Unable to access hotspots with third-party applications
After installing KB4480962, third-party applications may have difficulty authenticating hotspots.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4487018.

Back to top		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4487018		Resolved:
February 12, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
After installing KB4480962, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493475.

Back to top		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4493475		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, \"Unrecognized Database Format\".

Affected platforms:
  • Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487018.

Back to top		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4487018		Resolved:
February 12, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Unable to access hotspots with third-party applications
After installing KB4480962, third-party applications may have difficulty authenticating hotspots.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4487018.

Back to top		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4487018		Resolved:
February 12, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml index f39eb6c19d..c20d9b33f0 100644 --- a/windows/release-information/resolved-issues-windows-10-1607.yml +++ b/windows/release-information/resolved-issues-windows-10-1607.yml @@ -43,17 +43,17 @@ sections:
Unable to access some gov.uk websites
gov.uk websites that don’t support “HSTS” may not be accessible

See details >OS Build 14393.2969

May 14, 2019
KB4494440Resolved
KB4505052May 19, 2019
02:00 PM PT
Layout and cell size of Excel sheets may change when using MS UI Gothic
When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel.

See details >OS Build 14393.2941

April 25, 2019
KB4493473Resolved
KB4494440May 14, 2019
10:00 AM PT
Zone transfers over TCP may fail
Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.

See details >OS Build 14393.2941

April 25, 2019
KB4493473Resolved
KB4494440May 14, 2019
10:00 AM PT -
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >OS Build 14393.2848

March 12, 2019
KB4489882Resolved
KB4493473April 25, 2019
02:00 PM PT -
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup.

See details >OS Build 14393.2879

March 19, 2019
KB4489889Resolved
KB4493470April 09, 2019
10:00 AM PT -
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >OS Build 14393.2724

January 08, 2019
KB4480961Resolved
KB4493470April 09, 2019
10:00 AM PT -
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 14393.2724

January 08, 2019
KB4480961Resolved
KB4493470April 09, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >OS Build 14393.2791

February 12, 2019
KB4487026Resolved
KB4493470April 09, 2019
10:00 AM PT -
Issue hosting multiple terminal server sessions and a user logs off on Windows Server
In some cases, Windows Server will stop working and restart when hosting multiple terminal server sessions and a user logs off.

See details >OS Build 14393.2828

February 19, 2019
KB4487006Resolved
KB4489882March 12, 2019
10:00 AM PT +
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >OS Build 14393.2724

January 08, 2019
KB4480961Resolved
KB4493470April 09, 2019
10:00 AM PT +
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup.

See details >OS Build 14393.2879

March 19, 2019
KB4489889Resolved
KB4493470April 09, 2019
10:00 AM PT +
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 14393.2724

January 08, 2019
KB4480961Resolved
KB4493470April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >OS Build 14393.2791

February 12, 2019
KB4487026Resolved
KB4489882March 12, 2019
10:00 AM PT -
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >OS Build 14393.2791

February 12, 2019
KB4487026Resolved
KB4487006February 19, 2019
02:00 PM PT -
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 14393.2759

January 17, 2019
KB4480977Resolved
KB4487006February 19, 2019
02:00 PM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >OS Build 14393.2791

February 12, 2019
KB4487026Resolved
KB4487006February 19, 2019
02:00 PM PT +
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 14393.2759

January 17, 2019
KB4480977Resolved
KB4487006February 19, 2019
02:00 PM PT +
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >OS Build 14393.2848

March 12, 2019
KB4489882Resolved
KB4493473April 25, 2019
02:00 PM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >OS Build 14393.2724

January 08, 2019
KB4480961Resolved
KB4487026February 12, 2019
10:00 AM PT +
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >OS Build 14393.2791

February 12, 2019
KB4487026Resolved
KB4487006February 19, 2019
02:00 PM PT +
Issue hosting multiple terminal server sessions and a user logs off on Windows Server
In some cases, Windows Server will stop working and restart when hosting multiple terminal server sessions and a user logs off.

See details >OS Build 14393.2828

February 19, 2019
KB4487006Resolved
KB4489882March 12, 2019
10:00 AM PT
Instant search in Microsoft Outlook fails on Windows Server 2016
Instant search in Microsoft Outlook clients fail with the error, \"Outlook cannot perform the search\" on Windows Server 2016.

See details >OS Build 14393.2639

November 27, 2018
KB4467684Resolved
KB4487026February 12, 2019
10:00 AM PT " @@ -104,8 +104,8 @@ sections: text: " - +
DetailsOriginating updateStatusHistory
Issue using PXE to start a device from WDS
After installing KB4489882, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4503267.

Back to top		OS Build 14393.2848

March 12, 2019
KB4489882		Resolved
KB4503267		Resolved:
June 11, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
After installing KB4489882, Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493473

Back to top		OS Build 14393.2848

March 12, 2019
KB4489882		Resolved
KB4493473		Resolved:
April 25, 2019
02:00 PM PT

Opened:
March 12, 2019
10:00 AM PT
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493470.

Back to top		OS Build 14393.2879

March 19, 2019
KB4489889		Resolved
KB4493470		Resolved:
April 09, 2019
10:00 AM PT

Opened:
March 19, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
After installing KB4489882, Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493473

Back to top		OS Build 14393.2848

March 12, 2019
KB4489882		Resolved
KB4493473		Resolved:
April 25, 2019
02:00 PM PT

Opened:
March 12, 2019
10:00 AM PT
" @@ -115,10 +115,10 @@ sections: text: " - - + +
DetailsOriginating updateStatusHistory
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. 
 
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. 
 
Affected platforms:  
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493470

Back to top		OS Build 14393.2791

February 12, 2019
KB4487026		Resolved
KB4493470		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Issue hosting multiple terminal server sessions and a user logs off on Windows Server
In some cases, Windows Server will stop working and restart when hosting multiple terminal server sessions and a user logs off. The faulting driver is win32kbase.sys.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Resolution: This issue is resolved in KB4489882.

Back to top		OS Build 14393.2828

February 19, 2019
KB4487006		Resolved
KB4489882		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 19, 2019
02:00 PM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4487026, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489882.

Back to top		OS Build 14393.2791

February 12, 2019
KB4487026		Resolved
KB4489882		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487006.

Back to top		OS Build 14393.2791

February 12, 2019
KB4487026		Resolved
KB4487006		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
After installing KB4487026, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4487006.

Back to top		OS Build 14393.2791

February 12, 2019
KB4487026		Resolved
KB4487006		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487006.

Back to top		OS Build 14393.2791

February 12, 2019
KB4487026		Resolved
KB4487006		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Issue hosting multiple terminal server sessions and a user logs off on Windows Server
In some cases, Windows Server will stop working and restart when hosting multiple terminal server sessions and a user logs off. The faulting driver is win32kbase.sys.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Resolution: This issue is resolved in KB4489882.

Back to top		OS Build 14393.2828

February 19, 2019
KB4487006		Resolved
KB4489882		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 19, 2019
02:00 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1703.yml b/windows/release-information/resolved-issues-windows-10-1703.yml index 30427c2a53..b87928c05d 100644 --- a/windows/release-information/resolved-issues-windows-10-1703.yml +++ b/windows/release-information/resolved-issues-windows-10-1703.yml @@ -38,15 +38,15 @@ sections:
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

See details >OS Build 15063.1839

May 28, 2019
KB4499162Resolved
KB4503279June 11, 2019
10:00 AM PT
Unable to access some gov.uk websites
gov.uk websites that don’t support “HSTS” may not be accessible

See details >OS Build 15063.1805

May 14, 2019
KB4499181Resolved
KB4505055May 19, 2019
02:00 PM PT
Layout and cell size of Excel sheets may change when using MS UI Gothic
When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel.

See details >OS Build 15063.1784

April 25, 2019
KB4493436Resolved
KB4499181May 14, 2019
10:00 AM PT -
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >OS Build 15063.1689

March 12, 2019
KB4489871Resolved
KB4493436April 25, 2019
02:00 PM PT +
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >OS Build 15063.1631

February 12, 2019
KB4487020Resolved
KB4493474April 09, 2019
10:00 AM PT
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.

See details >OS Build 15063.1716

March 19, 2019
KB4489888Resolved
KB4493474April 09, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 15063.1563

January 08, 2019
KB4480973Resolved
KB4493474April 09, 2019
10:00 AM PT -
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >OS Build 15063.1631

February 12, 2019
KB4487020Resolved
KB4493474April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >OS Build 15063.1659

February 19, 2019
KB4487011Resolved
KB4489871March 12, 2019
10:00 AM PT -
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 15063.1596

January 15, 2019
KB4480959Resolved
KB4487011February 19, 2019
02:00 PM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >OS Build 15063.1631

February 12, 2019
KB4487020Resolved
KB4487011February 19, 2019
02:00 PM PT -
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >OS Build 15063.1631

February 12, 2019
KB4487020Resolved
KB4487011February 19, 2019
02:00 PM PT +
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 15063.1596

January 15, 2019
KB4480959Resolved
KB4487011February 19, 2019
02:00 PM PT +
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >OS Build 15063.1689

March 12, 2019
KB4489871Resolved
KB4493436April 25, 2019
02:00 PM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >OS Build 15063.1563

January 08, 2019
KB4480973Resolved
KB4487020February 12, 2019
10:00 AM PT +
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >OS Build 15063.1631

February 12, 2019
KB4487020Resolved
KB4487011February 19, 2019
02:00 PM PT
Webpages become unresponsive in Microsoft Edge
Microsoft Edge users report difficulty browsing and loading webpages.

See details >OS Build 15063.1563

January 08, 2019
KB4480973Resolved
KB4487020February 12, 2019
10:00 AM PT " @@ -85,8 +85,8 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Custom URI schemes may not start corresponding application
After installing KB4489871, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493436

Back to top		OS Build 15063.1689

March 12, 2019
KB4489871		Resolved
KB4493436		Resolved:
April 25, 2019
02:00 PM PT

Opened:
March 12, 2019
10:00 AM PT
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493474.

Back to top		OS Build 15063.1716

March 19, 2019
KB4489888		Resolved
KB4493474		Resolved:
April 09, 2019
10:00 AM PT

Opened:
March 19, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
After installing KB4489871, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493436

Back to top		OS Build 15063.1689

March 12, 2019
KB4489871		Resolved
KB4493436		Resolved:
April 25, 2019
02:00 PM PT

Opened:
March 12, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1709.yml b/windows/release-information/resolved-issues-windows-10-1709.yml index b80a28eec7..cd92b2d492 100644 --- a/windows/release-information/resolved-issues-windows-10-1709.yml +++ b/windows/release-information/resolved-issues-windows-10-1709.yml @@ -39,16 +39,16 @@ sections:
Layout and cell size of Excel sheets may change when using MS UI Gothic
When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel.

See details >OS Build 16299.1127

April 25, 2019
KB4493440Resolved
KB4499179May 14, 2019
10:00 AM PT
Zone transfers over TCP may fail
Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.

See details >OS Build 16299.1127

April 25, 2019
KB4493440Resolved
KB4499179May 14, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >OS Build 16299.1029

March 12, 2019
KB4489886Resolved
KB4493440April 25, 2019
02:00 PM PT +
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >OS Build 16299.967

February 12, 2019
KB4486996Resolved
KB4493441April 09, 2019
10:00 AM PT
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.

See details >OS Build 16299.1059

March 19, 2019
KB4489890Resolved
KB4493441April 09, 2019
10:00 AM PT
MSXML6 causes applications to stop responding if an exception was thrown
MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 16299.904

January 08, 2019
KB4480978Resolved
KB4493441April 09, 2019
10:00 AM PT -
Stop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.

See details >OS Build 16299.1029

March 12, 2019
KB4489886Resolved
KB4493441April 09, 2019
10:00 AM PT -
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >OS Build 16299.967

February 12, 2019
KB4486996Resolved
KB4493441April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >OS Build 16299.967

February 12, 2019
KB4486996Resolved
KB4489886March 12, 2019
10:00 AM PT -
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >OS Build 16299.967

February 12, 2019
KB4486996Resolved
KB4487021February 19, 2019
02:00 PM PT -
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 16299.936

January 15, 2019
KB4480967Resolved
KB4487021February 19, 2019
02:00 PM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >OS Build 16299.967

February 12, 2019
KB4486996Resolved
KB4487021February 19, 2019
02:00 PM PT +
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 16299.936

January 15, 2019
KB4480967Resolved
KB4487021February 19, 2019
02:00 PM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >OS Build 16299.904

January 08, 2019
KB4480978Resolved
KB4486996February 12, 2019
10:00 AM PT +
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >OS Build 16299.967

February 12, 2019
KB4486996Resolved
KB4487021February 19, 2019
02:00 PM PT
Webpages become unresponsive in Microsoft Edge
Microsoft Edge users report difficulty browsing and loading webpages.

See details >OS Build 16299.904

January 08, 2019
KB4480978Resolved
KB4486996February 12, 2019
10:00 AM PT +
Stop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.

See details >OS Build 16299.1029

March 12, 2019
KB4489886Resolved
KB4493441April 09, 2019
10:00 AM PT " @@ -107,8 +107,8 @@ sections: - +
DetailsOriginating updateStatusHistory
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. 
 
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. 
 
Affected platforms:  
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493441

Back to top		OS Build 16299.967

February 12, 2019
KB4486996		Resolved
KB4493441		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4486996, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489886.

Back to top		OS Build 16299.967

February 12, 2019
KB4486996		Resolved
KB4489886		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487021.

Back to top		OS Build 16299.967

February 12, 2019
KB4486996		Resolved
KB4487021		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
After installing KB4486996, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4487021.

Back to top		OS Build 16299.967

February 12, 2019
KB4486996		Resolved
KB4487021		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487021.

Back to top		OS Build 16299.967

February 12, 2019
KB4486996		Resolved
KB4487021		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1803.yml b/windows/release-information/resolved-issues-windows-10-1803.yml index 3353facc94..7174542746 100644 --- a/windows/release-information/resolved-issues-windows-10-1803.yml +++ b/windows/release-information/resolved-issues-windows-10-1803.yml @@ -38,17 +38,17 @@ sections:
Unable to access some gov.uk websites
gov.uk websites that don’t support “HSTS” may not be accessible

See details >OS Build 17134.765

May 14, 2019
KB4499167Resolved
KB4505064May 19, 2019
02:00 PM PT
Layout and cell size of Excel sheets may change when using MS UI Gothic
When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel.

See details >OS Build 17134.753

April 25, 2019
KB4493437Resolved
KB4499167May 14, 2019
10:00 AM PT
Zone transfers over TCP may fail
Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.

See details >OS Build 17134.753

April 25, 2019
KB4493437Resolved
KB4499167May 14, 2019
10:00 AM PT -
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >OS Build 17134.648

March 12, 2019
KB4489868Resolved
KB4493437April 25, 2019
02:00 PM PT -
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.

See details >OS Build 17134.677

March 19, 2019
KB4489894Resolved
KB4493464April 09, 2019
10:00 AM PT -
First character of the Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 17134.556

January 15, 2019
KB4480976Resolved
KB4487029February 19, 2019
02:00 PM PT -
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 17134.523

January 08, 2019
KB4480966Resolved
KB4493464April 09, 2019
10:00 AM PT -
Stop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.

See details >OS Build 17134.648

March 12, 2019
KB4489868Resolved
KB4493464April 09, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >OS Build 17134.590

February 12, 2019
KB4487017Resolved
KB4493464April 09, 2019
10:00 AM PT +
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.

See details >OS Build 17134.677

March 19, 2019
KB4489894Resolved
KB4493464April 09, 2019
10:00 AM PT +
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 17134.523

January 08, 2019
KB4480966Resolved
KB4493464April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.

See details >OS Build 17134.590

February 12, 2019
KB4487017Resolved
KB4489868March 12, 2019
10:00 AM PT -
Cannot pin a web link on the Start menu or the taskbar
Some users cannot pin a web link on the Start menu or the taskbar.

See details >OS Build 17134.471

December 11, 2018
KB4471324Resolved
KB4487029February 19, 2019
02:00 PM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >OS Build 17134.590

February 12, 2019
KB4487017Resolved
KB4487029February 19, 2019
02:00 PM PT +
First character of the Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 17134.556

January 15, 2019
KB4480976Resolved
KB4487029February 19, 2019
02:00 PM PT +
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >OS Build 17134.648

March 12, 2019
KB4489868Resolved
KB4493437April 25, 2019
02:00 PM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >OS Build 17134.523

January 08, 2019
KB4480966Resolved
KB4487017February 12, 2019
10:00 AM PT +
Cannot pin a web link on the Start menu or the taskbar
Some users cannot pin a web link on the Start menu or the taskbar.

See details >OS Build 17134.471

December 11, 2018
KB4471324Resolved
KB4487029February 19, 2019
02:00 PM PT
Webpages become unresponsive in Microsoft Edge
Microsoft Edge users report difficulty browsing and loading webpages.

See details >OS Build 17134.523

January 08, 2019
KB4480966Resolved
KB4487017February 12, 2019
10:00 AM PT +
Stop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.

See details >OS Build 17134.648

March 12, 2019
KB4489868Resolved
KB4493464April 09, 2019
10:00 AM PT " @@ -94,8 +94,8 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Custom URI schemes may not start corresponding application
After installing KB4489868, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493437

Back to top		OS Build 17134.648

March 12, 2019
KB4489868		Resolved
KB4493437		Resolved:
April 25, 2019
02:00 PM PT

Opened:
March 12, 2019
10:00 AM PT
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493464

Back to top		OS Build 17134.677

March 19, 2019
KB4489894		Resolved
KB4493464		Resolved:
April 09, 2019
10:00 AM PT

Opened:
March 19, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
After installing KB4489868, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493437

Back to top		OS Build 17134.648

March 12, 2019
KB4489868		Resolved
KB4493437		Resolved:
April 25, 2019
02:00 PM PT

Opened:
March 12, 2019
10:00 AM PT
Stop error when attempting to start SSH from WSL
After applying KB4489868, a stop error occurs when attempting to start the Secure Shell (SSH) client program from Windows Subsystem for Linux (WSL) with agent forwarding enabled using a command line switch (ssh -A) or a configuration setting.

Affected platforms:
  • Client: Windows 10, version 1803; Windows 10, version 1709
  • Server: Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue was resolved in KB4493464.

Back to top		OS Build 17134.648

March 12, 2019
KB4489868		Resolved
KB4493464		Resolved:
April 09, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
" @@ -116,8 +116,8 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
First character of the Japanese era name not recognized
After installing KB4480976, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487029

Back to top		OS Build 17134.556

January 15, 2019
KB4480976		Resolved
KB4487029		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
After installing KB4480966, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493464

Back to top		OS Build 17134.523

January 08, 2019
KB4480966		Resolved
KB4493464		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
First character of the Japanese era name not recognized
After installing KB4480976, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487029

Back to top		OS Build 17134.556

January 15, 2019
KB4480976		Resolved
KB4487029		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487017.

Back to top		OS Build 17134.523

January 08, 2019
KB4480966		Resolved
KB4487017		Resolved:
February 12, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Webpages become unresponsive in Microsoft Edge
After installing KB4480966, some Microsoft Edge users report that they: 
  • Cannot load web pages using a local IP address. 
  • Cannot load web pages on the Internet using a VPN connection.  
Browsing fails or the web page may become unresponsive. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue is resolved in KB4487017

Back to top		OS Build 17134.523

January 08, 2019
KB4480966		Resolved
KB4487017		Resolved:
February 12, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml index 50ed0c88b7..c8dd852476 100644 --- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml @@ -40,28 +40,28 @@ sections:
Issue using PXE to start a device from WDS
Using PXE to start a device from a WDS server configured to use Variable Window Extension may cause the connection to the WDS server to terminate prematurely.

See details >OS Build 17763.379

March 12, 2019
KB4489899Resolved
KB4503327June 11, 2019
10:00 AM PT
Audio not working on monitors or TV connected to a PC via HDMI, USB, or DisplayPort
Upgrade block: Microsoft has identified issues with certain new Intel display drivers, which accidentally turn on unsupported features in Windows.

See details >OS Build 17763.134

November 13, 2018
KB4467708Resolved
May 21, 2019
07:42 AM PT
Unable to access some gov.uk websites
gov.uk websites that don’t support “HSTS” may not be accessible

See details >OS Build 17763.503

May 14, 2019
KB4494441Resolved
KB4505056May 19, 2019
02:00 PM PT -
Windows 10, version 1809 update history may show an update installed twice
Some customers are reporting that KB4494441 installed twice on their device

See details >OS Build 17763.503

May 14, 2019
KB4494441Resolved
May 16, 2019
02:37 PM PT
Layout and cell size of Excel sheets may change when using MS UI Gothic
When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel.

See details >OS Build 17763.475

May 03, 2019
KB4495667Resolved
KB4494441May 14, 2019
10:00 AM PT +
Windows 10, version 1809 update history may show an update installed twice
Some customers are reporting that KB4494441 installed twice on their device

See details >OS Build 17763.503

May 14, 2019
KB4494441Resolved
May 16, 2019
02:37 PM PT
Zone transfers over TCP may fail
Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.

See details >OS Build 17763.475

May 03, 2019
KB4495667Resolved
KB4494441May 14, 2019
10:00 AM PT
Latest cumulative update (KB 4495667) installs automatically
Reports that the optional cumulative update (KB 4495667) installs automatically.

See details >OS Build 17763.475

May 03, 2019
KB4495667Resolved
May 08, 2019
03:37 PM PT
System may be unresponsive after restart if ArcaBit antivirus software installed
After further investigation ArcaBit has confirmed this issue is not applicable to Windows 10, version 1809

See details >OS Build 17763.437

April 09, 2019
KB4493509Resolved
May 08, 2019
03:30 PM PT
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >OS Build 17763.379

March 12, 2019
KB4489899Resolved
KB4495667May 03, 2019
10:00 AM PT -
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.

See details >OS Build 17763.404

April 02, 2019
KB4490481Resolved
KB4493509April 09, 2019
10:00 AM PT -
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >OS Build 17763.253

January 08, 2019
KB4480116Resolved
KB4493509April 09, 2019
10:00 AM PT -
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 17763.253

January 08, 2019
KB4480116Resolved
KB4493509April 09, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >OS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4493509April 09, 2019
10:00 AM PT -
Apps may stop working after selecting an audio output device other than the default
Users with multiple audio devices that select an audio output device different from the \"Default Audio Device\" may find certain applications stop working unexpectedly.

See details >OS Build 17763.348

March 01, 2019
KB4482887Resolved
KB4490481April 02, 2019
10:00 AM PT +
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >OS Build 17763.253

January 08, 2019
KB4480116Resolved
KB4493509April 09, 2019
10:00 AM PT +
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.

See details >OS Build 17763.404

April 02, 2019
KB4490481Resolved
KB4493509April 09, 2019
10:00 AM PT +
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 17763.253

January 08, 2019
KB4480116Resolved
KB4493509April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.

See details >OS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4489899March 12, 2019
10:00 AM PT -
Global DNS outage affects Windows Update customers
Windows Update customers were recently affected by a network infrastructure event caused by an external DNS service provider's global outage.

See details >N/A

Resolved
March 08, 2019
11:15 AM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >OS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4482887March 01, 2019
10:00 AM PT -
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 9 file format may randomly stop working.

See details >OS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4482887March 01, 2019
10:00 AM PT
First character of the Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4482887March 01, 2019
10:00 AM PT +
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 9 file format may randomly stop working.

See details >OS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4482887March 01, 2019
10:00 AM PT +
Issues with lock screen and Microsoft Edge tabs for certain AMD Radeon video cards
Upgrade block: Devices utilizing AMD Radeon HD2000 or HD4000 series video cards may experience issues with the lock screen and Microsoft Edge tabs.

See details >OS Build 17763.134

November 13, 2018
KB4467708Resolved
KB4487044February 12, 2019
10:00 AM PT +
Trend Micro OfficeScan and Worry-Free Business Security AV software not compatible
Upgrade block: Microsoft and Trend Micro identified a compatibility issue with the Trend Micro business endpoint security solutions OfficeScan and Worry-Free Business Security.

See details >OS Build 17763.134

November 13, 2018
KB4467708Resolved
February 01, 2019
09:00 AM PT
Shared albums may not sync with iCloud for Windows
Upgrade block: Apple has identified an incompatibility with iCloud for Windows (version 7.7.0.27) where users may experience issues updating or synching Shared Albums.

See details >OS Build 17763.134

November 13, 2018
KB4467708Resolved
KB4482887March 01, 2019
10:00 AM PT
Intel Audio Display (intcdaud.sys) notification during Windows 10 Setup
Upgrade block: Users may see an Intel Audio Display (intcdaud.sys) notification during setup for devices with certain Intel Display Audio Drivers.

See details >OS Build 17763.134

November 13, 2018
KB4467708Resolved
KB4482887March 01, 2019
10:00 AM PT
F5 VPN clients losing network connectivity
Upgrade block: After updating to Windows 10, version 1809, F5 VPN clients may lose network connectivity when the VPN service is in a split tunnel configuration.

See details >OS Build 17763.134

November 13, 2018
KB4467708Resolved
KB4482887March 01, 2019
10:00 AM PT +
Global DNS outage affects Windows Update customers
Windows Update customers were recently affected by a network infrastructure event caused by an external DNS service provider's global outage.

See details >N/A

Resolved
March 08, 2019
11:15 AM PT +
Apps may stop working after selecting an audio output device other than the default
Users with multiple audio devices that select an audio output device different from the \"Default Audio Device\" may find certain applications stop working unexpectedly.

See details >OS Build 17763.348

March 01, 2019
KB4482887Resolved
KB4490481April 02, 2019
10:00 AM PT
Webpages become unresponsive in Microsoft Edge
Microsoft Edge users report difficulty browsing and loading webpages.

See details >OS Build 17763.253

January 08, 2019
KB4480116Resolved
KB4487044February 12, 2019
10:00 AM PT -
Issues with lock screen and Microsoft Edge tabs for certain AMD Radeon video cards
Upgrade block: Devices utilizing AMD Radeon HD2000 or HD4000 series video cards may experience issues with the lock screen and Microsoft Edge tabs.

See details >OS Build 17763.134

November 13, 2018
KB4467708Resolved
KB4487044February 12, 2019
10:00 AM PT -
Trend Micro OfficeScan and Worry-Free Business Security AV software not compatible
Upgrade block: Microsoft and Trend Micro identified a compatibility issue with the Trend Micro business endpoint security solutions OfficeScan and Worry-Free Business Security.

See details >OS Build 17763.134

November 13, 2018
KB4467708Resolved
February 01, 2019
09:00 AM PT " @@ -91,8 +91,8 @@ sections: - +
DetailsOriginating updateStatusHistory
Printing from Microsoft Edge or other UWP apps may result in the error 0x80070007
When attempting to print from Microsoft Edge or other Universal Windows Platform (UWP) applications you may receive the error, \"Your printer has experienced an unexpected configuration problem. 0x80070007e.\"
 
Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4501371

Back to top		OS Build 17763.379

March 12, 2019
KB4489899		Resolved
KB4501371		Resolved:
June 18, 2019
02:00 PM PT

Opened:
May 02, 2019
04:47 PM PT
Unable to access some gov.uk websites
After installing the May 14, 2019 update, some gov.uk websites that don’t support HTTP Strict Transport Security (HSTS) may not be accessible through Internet Explorer 11 or Microsoft Edge.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10, version 1507; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolved: We have released an \"out-of-band\" update for Windows 10 (KB4505056) to resolve this issue.

  • UK customers: This update will be applied automatically to resolve this issue. You may be required to restart your device again. If you are affected by this issue, Check for updates to apply the update immediately.
  • Customers outside of the UK: This update will not be applied automatically. If you are affected by this issue, we recommend you apply this update by installing KB4505056 from Windows Update and then restarting your device.
To download and install this update, go to Settings > Update & Security > Windows Update and select Check for updates. To get the standalone package for KB4505056, search for it in the Microsoft Update Catalog.
 

Back to top		OS Build 17763.503

May 14, 2019
KB4494441		Resolved
KB4505056		Resolved:
May 19, 2019
02:00 PM PT

Opened:
May 16, 2019
01:57 PM PT
Windows 10, version 1809 update history may show an update installed twice
Affected platforms:
  • Client: Windows 10, version 1809
Cause:
In certain situations, installing an update requires multiple download and restart steps. In cases where two intermediate steps of the installation complete successfully, the View your Update history page will report that installation completed successfully twice. 

Resolution:
No action is required on your part. The update installation may take longer and may require more than one restart, but will install successfully after all intermediate installation steps have completed. We are working on improving this update experience to ensure the Update history correctly reflects the installation of the latest cumulative update (LCU).

Back to top		OS Build 17763.503

May 14, 2019
KB4494441		Resolved
Resolved:
May 16, 2019
02:37 PM PT

Opened:
May 14, 2019
02:56 PM PT
Layout and cell size of Excel sheets may change when using MS UI Gothic
When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel. For example, the layout and cell size of Microsoft Excel sheets may change when using MS UI Gothic.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue has been resolved.

Back to top		OS Build 17763.475

May 03, 2019
KB4495667		Resolved
KB4494441		Resolved:
May 14, 2019
10:00 AM PT

Opened:
May 10, 2019
10:35 AM PT
Windows 10, version 1809 update history may show an update installed twice
Affected platforms:
  • Client: Windows 10, version 1809
Cause:
In certain situations, installing an update requires multiple download and restart steps. In cases where two intermediate steps of the installation complete successfully, the View your Update history page will report that installation completed successfully twice. 

Resolution:
No action is required on your part. The update installation may take longer and may require more than one restart, but will install successfully after all intermediate installation steps have completed. We are working on improving this update experience to ensure the Update history correctly reflects the installation of the latest cumulative update (LCU).

Back to top		OS Build 17763.503

May 14, 2019
KB4494441		Resolved
Resolved:
May 16, 2019
02:37 PM PT

Opened:
May 14, 2019
02:56 PM PT
Zone transfers over TCP may fail
Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail after installing KB4495667
 
Affected platforms:  
  • Client: Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016 
  • Server: Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016 
Resolution: This issue was resolved in KB4494441.

Back to top		OS Build 17763.475

May 03, 2019
KB4495667		Resolved
KB4494441		Resolved:
May 14, 2019
10:00 AM PT

Opened:
May 14, 2019
01:19 PM PT
Latest cumulative update (KB 4495667) installs automatically
Due to a servicing side issue some users were offered KB4495667 (optional update) automatically and rebooted devices. This issue has been mitigated.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
Resolution:: This issue has been mitigated on the servicing side to prevent auto installing of this update. Customers do not need to take any action.

Back to top		OS Build 17763.475

May 03, 2019
KB4495667		Resolved
Resolved:
May 08, 2019
03:37 PM PT

Opened:
May 05, 2019
12:01 PM PT
@@ -127,8 +127,8 @@ sections:
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. 
 
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. 
 
Affected platforms:  
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1  
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2  
Resolution: This issue is resolved in KB4493509.  

Back to topOS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4493509Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4487044, users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489899

Back to topOS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4489899Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
After installing KB4487044, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4482887.

Back to topOS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4482887Resolved:
March 01, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT -
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4482887.

Back to topOS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4482887Resolved:
March 01, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
First character of the Japanese era name not recognized
After installing KB4487044, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4482887

Back to topOS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4482887Resolved:
March 01, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT +
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4482887.

Back to topOS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4482887Resolved:
March 01, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT " @@ -150,10 +150,10 @@ sections: text: " + + - -
DetailsOriginating updateStatusHistory
Audio not working on monitors or TV connected to a PC via HDMI, USB, or DisplayPort
Upgrade block: Microsoft has identified issues with certain new Intel display drivers. Intel inadvertently released versions of its display driver (versions 24.20.100.6344, 24.20.100.6345) to OEMs that accidentally turned on unsupported features in Windows. 
 
As a result, after updating to Windows 10, version 1809, audio playback from a monitor or television connected to a PC via HDMI, USB-C, or a DisplayPort may not function correctly on devices with these drivers.
Note: This Intel display driver issue is different from the Intel Smart Sound Technology driver (version 09.21.00.3755) audio issue previously documented.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019 
Next steps: Intel has released updated drivers to OEM device manufacturers. OEMs need to make the updated driver available via Windows Update. For more information, see the Intel Customer Support article.

Resolution: Microsoft has removed the safeguard hold.



Back to top		OS Build 17763.134

November 13, 2018
KB4467708		Resolved
Resolved:
May 21, 2019
07:42 AM PT

Opened:
November 13, 2018
10:00 AM PT
Issues with lock screen and Microsoft Edge tabs for certain AMD Radeon video cards
Note: AMD no longer supports Radeon HD2000 and HD4000 series graphic processor units (GPUs).
 
Upgrade block: After updating to Windows 10, version 1809, Microsoft Edge tabs may stop working when a device is configured with AMD Radeon HD2000 or HD4000 series video cards. Customers may get the following error code: \"INVALID_POINTER_READ_c0000005_atidxx64.dll\". 
 
Some users may also experience performance issues with the lock screen or the ShellExperienceHost. (The lock screen hosts widgets, and the ShellExperienceHost is responsible for assorted shell functionality.) 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4487044, and the block was removed.

Back to top		OS Build 17763.134

November 13, 2018
KB4467708		Resolved
KB4487044		Resolved:
February 12, 2019
10:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
Trend Micro OfficeScan and Worry-Free Business Security AV software not compatible
Upgrade block: Microsoft and Trend Micro have identified a compatibility issue with Trend Micro's OfficeScan and Worry-Free Business Security software when attempting to update to Windows 10, version 1809.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019 
Resolution: Trend Micro has released a new version of these products that resolves the issue. To download them, please visit the Trend Micro Business Support Portal.

Once you have updated your version of Trend Micro's OfficeScan or Worry-Free Business Security software, you will be offered Windows 10, version 1809 automatically. 

Back to top		OS Build 17763.134

November 13, 2018
KB4467708		Resolved
Resolved:
February 01, 2019
09:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
Shared albums may not sync with iCloud for Windows
Upgrade block: Users who attempt to install iCloud for Windows (version 7.7.0.27) will see a message displayed that this version iCloud for Windows isn't supported and the install will fail.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
To ensure a seamless experience, Microsoft is blocking devices with iCloud for Windows (version 7.7.0.27) software installed from being offered Windows 10, version 1809 until this issue has been resolved. 

We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool from the Microsoft software download website until this issue is resolved. 
 
Resolution: Apple has released an updated version of iCloud for Windows (version 7.8.1) that resolves compatibility issues encountered when updating or synching Shared Albums after updating to Windows 10, version 1809. We recommend that you update your iCloud for Windows to version 7.8.1 when prompted before attempting to upgrade to Windows 10, version 1809. You can also manually download the latest version of iCloud for Windows by visiting https://support.apple.com/HT204283.

Back to top		OS Build 17763.134

November 13, 2018
KB4467708		Resolved
KB4482887		Resolved:
March 01, 2019
10:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
Intel Audio Display (intcdaud.sys) notification during Windows 10 Setup
Upgrade block: Microsoft and Intel have identified a compatibility issue with a range of Intel Display Audio device drivers (intcdaud.sys, versions 10.25.0.3 - 10.25.0.8) that may result in excessive processor demand and reduced battery life. As a result, the update process to the Windows 10 October 2018 Update (Windows 10, version 1809) will fail and affected devices will automatically revert to the previous working configuration. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
If you see a \"What needs your attention\" notification during installation of the October 2018 Update, you have one of these affected drivers on your system. On the notification, click Back to remain on your current version of Windows 10. 
 
To ensure a seamless experience, we are blocking devices from being offered the October 2018 Update until updated Intel device drivers are installed on your current operating system. We recommend that you do not attempt to manually update to Windows 10, version 1809, using the Update Now button or the Media Creation Tool from the Microsoft Software Download Center until newer Intel device drivers are available with the update. You can either wait for newer drivers to be installed automatically through Windows Update or check with your computer manufacturer for the latest device driver software availability and installation procedures. For more information about this issue, see Intel's customer support guidance.
 
Resolution: This issue was resolved in KB4482887 and the upgrade block removed. 

Back to top		OS Build 17763.134

November 13, 2018
KB4467708		Resolved
KB4482887		Resolved:
March 01, 2019
10:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
F5 VPN clients losing network connectivity
Upgrade block: After updating to Windows 10, version 1809, F5 VPN clients may lose network connectivity when the VPN service is in a split tunnel configuration.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4482887 and the upgrade block removed. 

Back to top		OS Build 17763.134

November 13, 2018
KB4467708		Resolved
KB4482887		Resolved:
March 01, 2019
10:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
Issues with lock screen and Microsoft Edge tabs for certain AMD Radeon video cards
Note: AMD no longer supports Radeon HD2000 and HD4000 series graphic processor units (GPUs).
 
Upgrade block: After updating to Windows 10, version 1809, Microsoft Edge tabs may stop working when a device is configured with AMD Radeon HD2000 or HD4000 series video cards. Customers may get the following error code: \"INVALID_POINTER_READ_c0000005_atidxx64.dll\". 
 
Some users may also experience performance issues with the lock screen or the ShellExperienceHost. (The lock screen hosts widgets, and the ShellExperienceHost is responsible for assorted shell functionality.) 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4487044, and the block was removed.

Back to top		OS Build 17763.134

November 13, 2018
KB4467708		Resolved
KB4487044		Resolved:
February 12, 2019
10:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
Trend Micro OfficeScan and Worry-Free Business Security AV software not compatible
Upgrade block: Microsoft and Trend Micro have identified a compatibility issue with Trend Micro's OfficeScan and Worry-Free Business Security software when attempting to update to Windows 10, version 1809.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019 
Resolution: Trend Micro has released a new version of these products that resolves the issue. To download them, please visit the Trend Micro Business Support Portal.

Once you have updated your version of Trend Micro's OfficeScan or Worry-Free Business Security software, you will be offered Windows 10, version 1809 automatically. 

Back to top		OS Build 17763.134

November 13, 2018
KB4467708		Resolved
Resolved:
February 01, 2019
09:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1903.yml b/windows/release-information/resolved-issues-windows-10-1903.yml index 6b4eeb59c5..e791545b58 100644 --- a/windows/release-information/resolved-issues-windows-10-1903.yml +++ b/windows/release-information/resolved-issues-windows-10-1903.yml @@ -33,13 +33,13 @@ sections: text: " - + - +
SummaryOriginating updateStatusDate resolved
Loss of functionality in Dynabook Smartphone Link app
After updating to Windows 10, version 1903, you may experience a loss of functionality when using the Dynabook Smartphone Link application.

See details >		OS Build 18362.116

May 20, 2019
KB4505057		Resolved
July 11, 2019
01:54 PM PT
Audio not working with Dolby Atmos headphones and home theater
Users may experience audio loss with Dolby Atmos headphones or Dolby Atmos home theater.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
July 11, 2019
01:53 PM PT
Error attempting to update with external USB device or memory card attached
PCs with an external USB device or SD memory card attached may get error: \"This PC can't be upgraded to Windows 10.\"

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
July 11, 2019
01:53 PM PT
Audio not working with Dolby Atmos headphones and home theater
Users may experience audio loss with Dolby Atmos headphones or Dolby Atmos home theater.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
July 11, 2019
01:53 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Resolved
KB4501375		June 27, 2019
10:00 AM PT
Duplicate folders and documents showing in user profile directory
If known folders (e.g. Desktop, Documents, or Pictures folders) are redirected, an empty folder with that same name may be created.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4497935		May 29, 2019
02:00 PM PT
Older versions of BattlEye anti-cheat software incompatible
Microsoft and BattlEye have identified a compatibility issue with some games that use older versions of BattlEye anti-cheat software.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
June 07, 2019
04:26 PM PT
AMD RAID driver incompatibility
Installation process may stop when trying to install Windows 10, version 1903 update on computers that run certain versions of AMD RAID drivers.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
June 06, 2019
11:06 AM PT
D3D applications and games may fail to enter full-screen mode on rotated displays
Some Direct3D (D3D) applications and games may fail to enter full-screen mode on rotated displays.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4497935		May 29, 2019
02:00 PM PT
AMD RAID driver incompatibility
Installation process may stop when trying to install Windows 10, version 1903 update on computers that run certain versions of AMD RAID drivers.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
June 06, 2019
11:06 AM PT
" @@ -65,11 +65,11 @@ sections: text: " - + - +
DetailsOriginating updateStatusHistory
Loss of functionality in Dynabook Smartphone Link app
Some users may experience a loss of functionality after updating to Windows 10, version 1903 when using the Dynabook Smartphone Link application on Windows devices. Loss of functionality may affect the display of phone numbers in the Call menu and the ability to answer phone calls on the Windows PC.

To safeguard your update experience, we have applied a compatibility hold on devices with Dynabook Smartphone Link from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 20, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:54 PM PT

Opened:
May 24, 2019
03:10 PM PT
Audio not working with Dolby Atmos headphones and home theater
After updating to Windows 10, version 1903, you may experience loss of audio with Dolby Atmos for home theater (free extension) or Dolby Atmos for headphones (paid extension) acquired through the Microsoft Store due to a licensing configuration error.
 
This occurs due to an issue with a Microsoft Store licensing component, where license holders are not able to connect to the Dolby Access app and enable Dolby Atmos extensions.
 
To safeguard your update experience, we have applied protective hold on devices from being offered Windows 10, version 1903 until this issue is resolved. This configuration error will not result in loss of access for the acquired license once the problem is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:53 PM PT

Opened:
May 21, 2019
07:16 AM PT
Error attempting to update with external USB device or memory card attached
If you have an external USB device or SD memory card attached when installing Windows 10, version 1903, you may get an error message stating \"This PC can't be upgraded to Windows 10.\" This is caused by inappropriate drive reassignment during installation.

Sample scenario: An update to Windows 10, version 1903 is attempted on a computer that has a thumb drive inserted into its USB port. Before the update, the thumb drive is mounted in the system as drive G based on the existing drive configuration. After the feature update is installed; however, the device is reassigned a different drive letter (e.g., drive H).

Note The drive reassignment is not limited to removable drives. Internal hard drives may also be affected.

To safeguard your update experience, we have applied a hold on devices with an external USB device or SD memory card attached from being offered Windows 10, version 1903 until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:53 PM PT

Opened:
May 21, 2019
07:38 AM PT
Audio not working with Dolby Atmos headphones and home theater
After updating to Windows 10, version 1903, you may experience loss of audio with Dolby Atmos for home theater (free extension) or Dolby Atmos for headphones (paid extension) acquired through the Microsoft Store due to a licensing configuration error.
 
This occurs due to an issue with a Microsoft Store licensing component, where license holders are not able to connect to the Dolby Access app and enable Dolby Atmos extensions.
 
To safeguard your update experience, we have applied protective hold on devices from being offered Windows 10, version 1903 until this issue is resolved. This configuration error will not result in loss of access for the acquired license once the problem is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:53 PM PT

Opened:
May 21, 2019
07:16 AM PT
Duplicate folders and documents showing in user profile directory
If you have redirected known folders (e.g. Desktop, Documents, or Pictures folders) you may see an empty folder with the same name in your %userprofile% directories after updating to Windows 10, version 1903. This may occur if known folders were redirected when you chose to back up your content to OneDrive using the OneDrive wizard, or if you chose to back up your content during the Windows Out-of-Box-Experience (OOBE). This may also occur if you redirected your known folders manually through the Properties dialog box in File Explorer. ?This issue does not cause any user files to be deleted and a solution is in progress.

To safeguard your update experience, we have applied a quality hold on devices with redirected known folders from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4497935 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.
(Posted June 11, 2019)

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4497935		Resolved:
May 29, 2019
02:00 PM PT

Opened:
May 21, 2019
07:16 AM PT
Older versions of BattlEye anti-cheat software incompatible
Microsoft and BattlEye have identified a compatibility issue with some games that use older versions of BattlEye anti-cheat software. When launching a game that uses an older, impacted version of BattlEye anti-cheat software on a device running Windows 10, version 1903, the device may experience a system crash.

To safeguard your gaming experience, we have applied a compatibility hold on devices with the impacted versions of BattlEye software used by games installed on your PC. This will prevent Windows 10, version 1903 from being offered until the incompatible version of BattlEye software is no longer installed on the device. 

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: Before updating your machine, we recommend you do one or more of the following:

  • Verify that your game is up to date with the latest available version of BattlEye software. Some game platforms allow you to validate your game files, which can confirm that your installation is fully up to date.
  • Restart your system and open the game again.
  • Uninstall BattlEye using https://www.battleye.com/downloads/UninstallBE.exe, and then reopen your game.
  • Uninstall and reinstall your game.
Resolution: This issue was resolved externally by BattlEye for all known impacted games. For a list of recent games that use BattlEye, go to https://www.battleye.com/. We recommend following the workaround before updating to Windows 10, version 1903, as games with incompatible versions of BattleEye may fail to open after updating Windows. If you have confirmed your game is up to date and you have any issues with opening games related to a BattlEye error, please see https://www.battleye.com/support/faq/.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
June 07, 2019
04:26 PM PT

Opened:
May 21, 2019
07:34 AM PT
AMD RAID driver incompatibility
Microsoft and AMD have identified an incompatibility with AMD RAID driver versions earlier than 9.2.0.105. When you attempt to install the Windows 10, version 1903 update on a Windows 10-based computer with an affected driver version, the installation process stops and you get a message like the following:

AMD Ryzen™ or AMD Ryzen™ Threadripper™ configured in SATA or NVMe RAID mode.

“A driver is installed that causes stability problems on Windows. This driver will be disabled. Check with your software/driver provider for an updated version that runs on this version of Windows.”

 
To safeguard your update experience, we have applied a compatibility hold on devices with these AMD drivers from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue has been resolved externally by AMD. To resolve this issue, you will need to download the latest AMD RAID drivers directly from AMD at https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399. The drivers must be version 9.2.0.105 or later. Install the drivers on the affected computer, and then restart the installation process for the Windows 10, version 1903 feature update.
 
Note The safeguard hold will remain in place on machines with the older AMD RAID drivers. We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
June 06, 2019
11:06 AM PT

Opened:
May 21, 2019
07:12 AM PT
D3D applications and games may fail to enter full-screen mode on rotated displays
Some Direct3D (D3D) applications and games (e.g., 3DMark) may fail to enter full-screen mode on displays where the display orientation has been changed from the default (e.g., a landscape display in portrait mode).

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Resolution: This issue was resolved in KB4497935

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4497935		Resolved:
May 29, 2019
02:00 PM PT

Opened:
May 21, 2019
07:05 AM PT
AMD RAID driver incompatibility
Microsoft and AMD have identified an incompatibility with AMD RAID driver versions earlier than 9.2.0.105. When you attempt to install the Windows 10, version 1903 update on a Windows 10-based computer with an affected driver version, the installation process stops and you get a message like the following:

AMD Ryzen™ or AMD Ryzen™ Threadripper™ configured in SATA or NVMe RAID mode.

“A driver is installed that causes stability problems on Windows. This driver will be disabled. Check with your software/driver provider for an updated version that runs on this version of Windows.”

 
To safeguard your update experience, we have applied a compatibility hold on devices with these AMD drivers from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue has been resolved externally by AMD. To resolve this issue, you will need to download the latest AMD RAID drivers directly from AMD at https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399. The drivers must be version 9.2.0.105 or later. Install the drivers on the affected computer, and then restart the installation process for the Windows 10, version 1903 feature update.
 
Note The safeguard hold will remain in place on machines with the older AMD RAID drivers. We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
June 06, 2019
11:06 AM PT

Opened:
May 21, 2019
07:12 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml index 1f8c14cf98..8d0678c091 100644 --- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml @@ -39,17 +39,17 @@ sections:
System unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.

See details >April 09, 2019
KB4493472Resolved
May 14, 2019
01:22 PM PT
System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.

See details >April 09, 2019
KB4493472Resolved
May 14, 2019
01:21 PM PT
Authentication may fail for services after the Kerberos ticket expires
Authentication may fail for services that require unconstrained delegation after the Kerberos ticket expires.

See details >March 12, 2019
KB4489878Resolved
KB4499164May 14, 2019
10:00 AM PT -
Devices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.

See details >April 09, 2019
KB4493472Resolved
April 25, 2019
02:00 PM PT -
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >January 08, 2019
KB4480970Resolved
KB4493472April 09, 2019
10:00 AM PT -
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >March 12, 2019
KB4489878Resolved
KB4493472April 09, 2019
10:00 AM PT -
NETDOM.EXE fails to run
NETDOM.EXE fails to run and the error, “The command failed to complete successfully.” appears on screen.

See details >March 12, 2019
KB4489878Resolved
KB4493472April 09, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >February 12, 2019
KB4486563Resolved
KB4493472April 09, 2019
10:00 AM PT +
Devices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.

See details >April 09, 2019
KB4493472Resolved
April 25, 2019
02:00 PM PT +
NETDOM.EXE fails to run
NETDOM.EXE fails to run and the error, “The command failed to complete successfully.” appears on screen.

See details >March 12, 2019
KB4489878Resolved
KB4493472April 09, 2019
10:00 AM PT +
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >March 12, 2019
KB4489878Resolved
KB4493472April 09, 2019
10:00 AM PT +
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >February 12, 2019
KB4486563Resolved
KB4486565February 19, 2019
02:00 PM PT +
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >February 12, 2019
KB4486563Resolved
KB4486565February 19, 2019
02:00 PM PT +
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >January 17, 2019
KB4480955Resolved
KB4486565February 19, 2019
02:00 PM PT +
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >January 08, 2019
KB4480970Resolved
KB4493472April 09, 2019
10:00 AM PT +
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >January 08, 2019
KB4480970Resolved
KB4486563February 12, 2019
10:00 AM PT
Event Viewer may not show some event descriptions for network interface cards
The Event Viewer may not show some event descriptions for network interface cards (NIC).

See details >October 18, 2018
KB4462927Resolved
KB4489878March 12, 2019
10:00 AM PT
Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.

See details >January 08, 2019
KB4480970Resolved
KB4490511February 19, 2019
02:00 PM PT -
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >January 17, 2019
KB4480955Resolved
KB4486565February 19, 2019
02:00 PM PT -
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >February 12, 2019
KB4486563Resolved
KB4486565February 19, 2019
02:00 PM PT -
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >February 12, 2019
KB4486563Resolved
KB4486565February 19, 2019
02:00 PM PT -
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >January 08, 2019
KB4480970Resolved
KB4486563February 12, 2019
10:00 AM PT " @@ -97,8 +97,8 @@ sections: text: " - +
DetailsOriginating updateStatusHistory
Authentication may fail for services after the Kerberos ticket expires
After installing KB4489878, some customers report that authentication fails for services that require unconstrained delegation after the Kerberos ticket expires (the default is 10 hours). For example, the SQL server service fails.

Affected platforms: 
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4499164.

Back to top		March 12, 2019
KB4489878		Resolved
KB4499164		Resolved:
May 14, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
After installing KB4489878, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1 
Resolution: This issue is resolved in KB4493472.

Back to top		March 12, 2019
KB4489878		Resolved
KB4493472		Resolved:
April 09, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
NETDOM.EXE fails to run
After installing KB4489878, NETDOM.EXE fails to run, and the on-screen error, “The command failed to complete successfully.” appears.

Affected platforms: 
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493472.

Back to top		March 12, 2019
KB4489878		Resolved
KB4493472		Resolved:
April 09, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
After installing KB4489878, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1 
Resolution: This issue is resolved in KB4493472.

Back to top		March 12, 2019
KB4489878		Resolved
KB4493472		Resolved:
April 09, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
" @@ -108,8 +108,8 @@ sections: text: " - +
DetailsOriginating updateStatusHistory
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. 
 
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. 
 
Affected platforms:  
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493472

Back to top		February 12, 2019
KB4486563		Resolved
KB4493472		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
After installing KB4486563, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1 
Resolution: This issue is resolved in KB4486565.

Back to top		February 12, 2019
KB4486563		Resolved
KB4486565		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4486565.

Back to top		February 12, 2019
KB4486563		Resolved
KB4486565		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
After installing KB4486563, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1 
Resolution: This issue is resolved in KB4486565.

Back to top		February 12, 2019
KB4486563		Resolved
KB4486565		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
" @@ -118,10 +118,10 @@ sections: - type: markdown text: " - - + +
DetailsOriginating updateStatusHistory
Internet Explorer 11 authentication issue with multiple concurrent logons
After installing KB4480970, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:
  • Cache size and location show zero or empty.
  • Keyboard shortcuts may not work properly.
  • Webpages may intermittently fail to load or render correctly.
  • Issues with credential prompts.
  • Issues when downloading files.
Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493472.

Back to top		January 08, 2019
KB4480970		Resolved
KB4493472		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Virtual machines fail to restore
After installing KB4480970, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”

This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.

Affected platforms: 
  • Client: Windows 8.1; Windows 7 SP1 
  • Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490511.

Back to top		January 08, 2019
KB4480970		Resolved
KB4490511		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
First character of the Japanese era name not recognized as an abbreviation
After installing KB4480955, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4486565.

Back to top		January 17, 2019
KB4480955		Resolved
KB4486565		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 17, 2019
10:00 AM PT
Internet Explorer 11 authentication issue with multiple concurrent logons
After installing KB4480970, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:
  • Cache size and location show zero or empty.
  • Keyboard shortcuts may not work properly.
  • Webpages may intermittently fail to load or render correctly.
  • Issues with credential prompts.
  • Issues when downloading files.
Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493472.

Back to top		January 08, 2019
KB4480970		Resolved
KB4493472		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, “Unrecognized Database Format”.

Affected Platforms:
  • Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 

Resolution: This issue is resolved in KB4486563.

Back to top		January 08, 2019
KB4480970		Resolved
KB4486563		Resolved:
February 12, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Virtual machines fail to restore
After installing KB4480970, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”

This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.

Affected platforms: 
  • Client: Windows 8.1; Windows 7 SP1 
  • Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490511.

Back to top		January 08, 2019
KB4480970		Resolved
KB4490511		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml index a4428a3d64..dc386260cc 100644 --- a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml @@ -40,16 +40,16 @@ sections:
System may be unresponsive after restart if ArcaBit antivirus software installed
Devices with ArcaBit antivirus software installed may become unresponsive upon restart.

See details >April 09, 2019
KB4493446Resolved
May 14, 2019
01:22 PM PT
System unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.

See details >April 09, 2019
KB4493446Resolved
May 14, 2019
01:22 PM PT
System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.

See details >April 09, 2019
KB4493446Resolved
May 14, 2019
01:21 PM PT -
Devices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.

See details >April 09, 2019
KB4493446Resolved
April 25, 2019
02:00 PM PT -
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >January 08, 2019
KB4480963Resolved
KB4493446April 09, 2019
10:00 AM PT -
MSXML6 may cause applications to stop responding.
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >January 08, 2019
KB4480963Resolved
KB4493446April 09, 2019
10:00 AM PT -
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >March 12, 2019
KB4489881Resolved
KB4493446April 09, 2019
10:00 AM PT -
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >February 12, 2019
KB4487000Resolved
KB4493446April 09, 2019
10:00 AM PT -
Devices with winsock kernel client may receive error
Devices with a winsock kernel client may receive D1, FC, and other errors.

See details >March 12, 2019
KB4489881Resolved
KB4489893March 19, 2019
10:00 AM PT -
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >February 19, 2019
KB4487016Resolved
KB4489881March 12, 2019
10:00 AM PT -
Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.

See details >January 08, 2019
KB4480963Resolved
KB4490512February 19, 2019
02:00 PM PT -
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >January 15, 2019
KB4480969Resolved
KB4487016February 19, 2019
02:00 PM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >February 12, 2019
KB4487000Resolved
KB4487016February 19, 2019
02:00 PM PT +
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >January 15, 2019
KB4480969Resolved
KB4487016February 19, 2019
02:00 PM PT +
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >February 12, 2019
KB4487000Resolved
KB4493446April 09, 2019
10:00 AM PT +
Devices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.

See details >April 09, 2019
KB4493446Resolved
April 25, 2019
02:00 PM PT +
Devices with winsock kernel client may receive error
Devices with a winsock kernel client may receive D1, FC, and other errors.

See details >March 12, 2019
KB4489881Resolved
KB4489893March 19, 2019
10:00 AM PT +
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >March 12, 2019
KB4489881Resolved
KB4493446April 09, 2019
10:00 AM PT +
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >February 19, 2019
KB4487016Resolved
KB4489881March 12, 2019
10:00 AM PT +
MSXML6 may cause applications to stop responding.
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >January 08, 2019
KB4480963Resolved
KB4493446April 09, 2019
10:00 AM PT +
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >January 08, 2019
KB4480963Resolved
KB4493446April 09, 2019
10:00 AM PT +
Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.

See details >January 08, 2019
KB4480963Resolved
KB4490512February 19, 2019
02:00 PM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >January 08, 2019
KB4480963Resolved
KB4487000February 12, 2019
10:00 AM PT " @@ -99,8 +99,8 @@ sections: text: " - +
DetailsOriginating updateStatusHistory
Issue using PXE to start a device from WDS
After installing KB4489881, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012 
Resolution: This issue was resolved in KB4503276.

Back to top		March 12, 2019
KB4489881		Resolved
KB4503276		Resolved:
June 11, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
After installing KB4489881, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1 
Resolution: This issue is resolved in KB4493446.

Back to top		March 12, 2019
KB4489881		Resolved
KB4493446		Resolved:
April 09, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
Devices with winsock kernel client may receive error
After installing KB4489881, devices with a winsock kernel client may receive D1, FC, and other errors. Additionally, systems that run the Skype for Business or Lync Server Edge Transport role may be affected by this issue.

Affected platforms: 
  • Client: Windows 8.1 
  • Server: Windows Server 2012 R2 
Resolution: This issue is resolved in KB4489893.

Back to top		March 12, 2019
KB4489881		Resolved
KB4489893		Resolved:
March 19, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
After installing KB4489881, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1 
Resolution: This issue is resolved in KB4493446.

Back to top		March 12, 2019
KB4489881		Resolved
KB4493446		Resolved:
April 09, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
" @@ -109,9 +109,9 @@ sections: - type: markdown text: " + -
DetailsOriginating updateStatusHistory
Internet Explorer may fail to load images
After installing KB4487000, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1 
Resolution: This issue is resolved in KB4487016.

Back to top		February 12, 2019
KB4487000		Resolved
KB4487016		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.

Affected platforms 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493446.

Back to top		February 12, 2019
KB4487000		Resolved
KB4493446		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4487016, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012 
Resolution: This issue is resolved in KB4489881.

Back to top		February 19, 2019
KB4487016		Resolved
KB4489881		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 19, 2019
02:00 PM PT
Internet Explorer may fail to load images
After installing KB4487000, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1 
Resolution: This issue is resolved in KB4487016.

Back to top		February 12, 2019
KB4487000		Resolved
KB4487016		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
" @@ -120,10 +120,10 @@ sections: - type: markdown text: " - - - + + +
DetailsOriginating updateStatusHistory
Internet Explorer 11 authentication issue with multiple concurrent logons
After installing KB4480963, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:
  • Cache size and location show zero or empty.
  • Keyboard shortcuts may not work properly.
  • Webpages may intermittently fail to load or render correctly.
  • Issues with credential prompts.
  • Issues when downloading files.
Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493446.

Back to top		January 08, 2019
KB4480963		Resolved
KB4493446		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding.
After installing KB4480963, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493446.

Back to top		January 08, 2019
KB4480963		Resolved
KB4493446		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Virtual machines fail to restore
After installing KB4480963, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”

This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.

Affected platforms: 
  • Client: Windows 8.1; Windows 7 SP1 
  • Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490512.

Back to top		January 08, 2019
KB4480963		Resolved
KB4490512		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
First character of the Japanese era name not recognized as an abbreviation
After installing KB4480969, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4487016.

Back to top		January 15, 2019
KB4480969		Resolved
KB4487016		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 15, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding.
After installing KB4480963, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493446.

Back to top		January 08, 2019
KB4480963		Resolved
KB4493446		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Internet Explorer 11 authentication issue with multiple concurrent logons
After installing KB4480963, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:
  • Cache size and location show zero or empty.
  • Keyboard shortcuts may not work properly.
  • Webpages may intermittently fail to load or render correctly.
  • Issues with credential prompts.
  • Issues when downloading files.
Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493446.

Back to top		January 08, 2019
KB4480963		Resolved
KB4493446		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Virtual machines fail to restore
After installing KB4480963, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”

This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.

Affected platforms: 
  • Client: Windows 8.1; Windows 7 SP1 
  • Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490512.

Back to top		January 08, 2019
KB4480963		Resolved
KB4490512		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, “Unrecognized Database Format”.

Affected platforms: 
  • Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4487000.

Back to top		January 08, 2019
KB4480963		Resolved
KB4487000		Resolved:
February 12, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml index 31be3e66fc..1a7ffb0d7a 100644 --- a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml +++ b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml @@ -36,11 +36,11 @@ sections:
System unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.

See details >April 09, 2019
KB4493471Resolved
May 14, 2019
01:21 PM PT
System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.

See details >April 09, 2019
KB4493471Resolved
May 14, 2019
01:19 PM PT
Authentication may fail for services after the Kerberos ticket expires
Authentication may fail for services that require unconstrained delegation after the Kerberos ticket expires.

See details >March 12, 2019
KB4489880Resolved
KB4499149May 14, 2019
10:00 AM PT -
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >February 12, 2019
KB4487023Resolved
KB4493471April 09, 2019
10:00 AM PT
NETDOM.EXE fails to run
NETDOM.EXE fails to run and the error, “The command failed to complete successfully.” appears on screen.

See details >March 12, 2019
KB4489880Resolved
KB4493471April 09, 2019
10:00 AM PT -
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >January 17, 2019
KB4480974Resolved
KB4489880March 12, 2019
10:00 AM PT -
Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.

See details >January 08, 2019
KB4480968Resolved
KB4490514February 19, 2019
02:00 PM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >February 12, 2019
KB4487023Resolved
KB4487022February 19, 2019
02:00 PM PT +
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >January 17, 2019
KB4480974Resolved
KB4489880March 12, 2019
10:00 AM PT +
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >February 12, 2019
KB4487023Resolved
KB4493471April 09, 2019
10:00 AM PT +
Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.

See details >January 08, 2019
KB4480968Resolved
KB4490514February 19, 2019
02:00 PM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >January 08, 2019
KB4480968Resolved
KB4487023February 12, 2019
10:00 AM PT " @@ -86,8 +86,8 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.

Affected platforms 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493471.

Back to top		February 12, 2019
KB4487023		Resolved
KB4493471		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487022.

Back to top		February 12, 2019
KB4487023		Resolved
KB4487022		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.

Affected platforms 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493471.

Back to top		February 12, 2019
KB4487023		Resolved
KB4493471		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-server-2012.yml b/windows/release-information/resolved-issues-windows-server-2012.yml index 678c8e0517..b46a4674bf 100644 --- a/windows/release-information/resolved-issues-windows-server-2012.yml +++ b/windows/release-information/resolved-issues-windows-server-2012.yml @@ -40,15 +40,15 @@ sections:
Layout and cell size of Excel sheets may change when using MS UI Gothic
When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel.

See details >April 25, 2019
KB4493462Resolved
KB4499171May 14, 2019
10:00 AM PT
System unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.

See details >April 09, 2019
KB4493451Resolved
May 14, 2019
01:21 PM PT
System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.

See details >April 09, 2019
KB4493451Resolved
May 14, 2019
01:19 PM PT +
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >February 12, 2019
KB4487025Resolved
KB4487024February 19, 2019
02:00 PM PT +
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >January 15, 2019
KB4480971Resolved
KB4487024February 19, 2019
02:00 PM PT +
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >February 12, 2019
KB4487025Resolved
KB4493451April 09, 2019
10:00 AM PT +
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >February 12, 2019
KB4487025Resolved
KB4489891March 12, 2019
10:00 AM PT
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >January 08, 2019
KB4480975Resolved
KB4493451April 09, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >January 08, 2019
KB4480975Resolved
KB4493451April 09, 2019
10:00 AM PT -
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >February 12, 2019
KB4487025Resolved
KB4493451April 09, 2019
10:00 AM PT -
Event Viewer may not show some event descriptions for network interface cards
The Event Viewer may not show some event descriptions for network interface cards (NIC).

See details >September 11, 2018
KB4457135Resolved
KB4489891March 12, 2019
10:00 AM PT -
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >February 12, 2019
KB4487025Resolved
KB4489891March 12, 2019
10:00 AM PT
Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.

See details >January 08, 2019
KB4480975Resolved
KB4490516February 19, 2019
02:00 PM PT -
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >January 15, 2019
KB4480971Resolved
KB4487024February 19, 2019
02:00 PM PT -
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >February 12, 2019
KB4487025Resolved
KB4487024February 19, 2019
02:00 PM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.

See details >January 08, 2019
KB4480975Resolved
KB4487025February 12, 2019
10:00 AM PT +
Event Viewer may not show some event descriptions for network interface cards
The Event Viewer may not show some event descriptions for network interface cards (NIC).

See details >September 11, 2018
KB4457135Resolved
KB4489891March 12, 2019
10:00 AM PT " @@ -104,9 +104,9 @@ sections: - type: markdown text: " + -
DetailsOriginating updateStatusHistory
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487024.

Back to top		February 12, 2019
KB4487025		Resolved
KB4487024		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.

Affected platforms 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493451.

Back to top		February 12, 2019
KB4487025		Resolved
KB4493451		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4487025, users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489891.

Back to top		February 12, 2019
KB4487025		Resolved
KB4489891		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487024.

Back to top		February 12, 2019
KB4487025		Resolved
KB4487024		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
" @@ -115,10 +115,10 @@ sections: - type: markdown text: " + -
DetailsOriginating updateStatusHistory
First character of the Japanese era name not recognized as an abbreviation
After installing KB4480971, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487024.

Back to top		January 15, 2019
KB4480971		Resolved
KB4487024		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 15, 2019
10:00 AM PT
Internet Explorer 11 authentication issue with multiple concurrent logons
After installing KB4480975, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:
  • Cache size and location show zero or empty.
  • Keyboard shortcuts may not work properly.
  • Webpages may intermittently fail to load or render correctly.
  • Issues with credential prompts.
  • Issues when downloading files.
Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493451.

Back to top		January 08, 2019
KB4480975		Resolved
KB4493451		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
After installing KB4480975, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493451.

Back to top		January 08, 2019
KB4480975		Resolved
KB4493451		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Virtual machines fail to restore
After installing KB4480975, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, \"Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).\"

This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.

Affected platforms: 
  • Client: Windows 8.1; Windows 7 SP1 
  • Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490516.

Back to top		January 08, 2019
KB4480975		Resolved
KB4490516		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
First character of the Japanese era name not recognized as an abbreviation
After installing KB4480971, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487024.

Back to top		January 15, 2019
KB4480971		Resolved
KB4487024		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 15, 2019
10:00 AM PT
Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, \"Unrecognized Database Format\".

Affected platforms: 
  • Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487025.

Back to top		January 08, 2019
KB4480975		Resolved
KB4487025		Resolved:
February 12, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
" diff --git a/windows/release-information/status-windows-10-1507.yml b/windows/release-information/status-windows-10-1507.yml index e81ad9523c..9f116c65f8 100644 --- a/windows/release-information/status-windows-10-1507.yml +++ b/windows/release-information/status-windows-10-1507.yml @@ -60,8 +60,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- +
SummaryOriginating updateStatusLast updated
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Mitigated
April 25, 2019
02:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 10240.18244

June 11, 2019
KB4503291		Resolved
KB4507458		July 09, 2019
10:00 AM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Mitigated
April 25, 2019
02:00 PM PT
" diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml index 004468483a..31c6e06ec3 100644 --- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml +++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml @@ -60,14 +60,15 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- - - - + + + + +
SummaryOriginating updateStatusLast updated
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Mitigated
July 10, 2019
07:09 PM PT
Cluster service may fail if the minimum password length is set to greater than 14
The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
April 25, 2019
02:00 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 14393.2724

January 08, 2019
KB4480961		Mitigated
April 25, 2019
02:00 PM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

See details >		OS Build 14393.2608

November 13, 2018
KB4467691		Mitigated
February 19, 2019
10:00 AM PT
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after updating.

See details >		OS Build 14393.3115

July 16, 2019
KB4507459		Investigating
July 25, 2019
06:10 PM PT
SCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Resolved
KB4507459		July 16, 2019
10:00 AM PT
Some applications may fail to run as expected on clients of AD FS 2016
Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016)

See details >		OS Build 14393.2941

April 25, 2019
KB4493473		Resolved
KB4507459		July 16, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Mitigated
July 10, 2019
07:09 PM PT
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000.

See details >		OS Build 14393.2969

May 14, 2019
KB4494440		Resolved
KB4507460		July 09, 2019
10:00 AM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 14393.2999

May 23, 2019
KB4499177		Resolved
KB4509475		June 27, 2019
02:00 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 14393.2724

January 08, 2019
KB4480961		Mitigated
April 25, 2019
02:00 PM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

See details >		OS Build 14393.2608

November 13, 2018
KB4467691		Mitigated
February 19, 2019
10:00 AM PT
Cluster service may fail if the minimum password length is set to greater than 14
The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
April 25, 2019
02:00 PM PT
" @@ -83,6 +84,7 @@ sections: - type: markdown text: " +
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after installation of KB4507459. Devices that are domain controllers or domain members are both affected.

If you are not sure if your device is affected, contact your administrator. Advanced users can check if this registry key exists HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms or for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Next steps: At this time, we suggest that devices in an affected environment do not install KB4507459. We are working on a resolution and estimate a solution will be available in mid-August.

Back to top		OS Build 14393.3115

July 16, 2019
KB4507459		Investigating
Last updated:
July 25, 2019
06:10 PM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503267 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround:
To mitigate this issue on an SCCM server:
  1. Verify Variable Window Extension is enabled.
  2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In WDS TFTP settings, verify Variable Window Extension is enabled.
  2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 14393.3025

June 11, 2019
KB4503267		Mitigated
Last updated:
July 10, 2019
07:09 PM PT

Opened:
July 10, 2019
02:51 PM PT
" @@ -120,8 +122,8 @@ sections: - type: markdown text: " - - + +
DetailsOriginating updateStatusHistory
Cluster service may fail if the minimum password length is set to greater than 14
After installing KB4467684, the cluster service may fail to start with the error \"2245 (NERR_PasswordTooShort)\" if the Group Policy \"Minimum Password Length\" is configured with greater than 14 characters.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Workaround: Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.

Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
Last updated:
April 25, 2019
02:00 PM PT

Opened:
November 27, 2018
10:00 AM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
After installing KB4467691, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Workaround: Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.

If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.

Next steps: Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.

Back to top		OS Build 14393.2608

November 13, 2018
KB4467691		Mitigated
Last updated:
February 19, 2019
10:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
SCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host after installing KB4467684.

Additionally, if you do not follow the best practices, a stop error may occur in vfpext.sys on the hosts.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Resolution: This issue was resolved in KB4507459.

Back to top		OS Build 14393.2639

November 27, 2018
KB4467684		Resolved
KB4507459		Resolved:
July 16, 2019
10:00 AM PT

Opened:
November 27, 2018
10:00 AM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
After installing KB4467691, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Workaround: Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.

If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.

Next steps: Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.

Back to top		OS Build 14393.2608

November 13, 2018
KB4467691		Mitigated
Last updated:
February 19, 2019
10:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
Cluster service may fail if the minimum password length is set to greater than 14
After installing KB4467684, the cluster service may fail to start with the error \"2245 (NERR_PasswordTooShort)\" if the Group Policy \"Minimum Password Length\" is configured with greater than 14 characters.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Workaround: Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.

Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
Last updated:
April 25, 2019
02:00 PM PT

Opened:
November 27, 2018
10:00 AM PT
" diff --git a/windows/release-information/status-windows-10-1703.yml b/windows/release-information/status-windows-10-1703.yml index a45bf5b15b..1055bb156e 100644 --- a/windows/release-information/status-windows-10-1703.yml +++ b/windows/release-information/status-windows-10-1703.yml @@ -60,9 +60,10 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- + +
SummaryOriginating updateStatusLast updated
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 15063.1563

January 08, 2019
KB4480973		Mitigated
April 25, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after updating.

See details >		OS Build 15063.1955

July 16, 2019
KB4507467		Investigating
July 25, 2019
06:10 PM PT
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000.

See details >		OS Build 15063.1805

May 14, 2019
KB4499181		Resolved
KB4507450		July 09, 2019
10:00 AM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 15063.1839

May 28, 2019
KB4499162		Resolved
KB4509476		June 26, 2019
04:00 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 15063.1563

January 08, 2019
KB4480973		Mitigated
April 25, 2019
02:00 PM PT
" @@ -73,6 +74,15 @@ sections:
" +- title: July 2019 +- items: + - type: markdown + text: " + + +
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after installation of KB4507467. Devices that are domain controllers or domain members are both affected.

If you are not sure if your device is affected, contact your administrator. Advanced users can check if this registry key exists HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms or for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Next steps: At this time, we suggest that devices in an affected environment do not install KB4507467. We are working on a resolution and estimate a solution will be available in mid-August.

Back to top		OS Build 15063.1955

July 16, 2019
KB4507467		Investigating
Last updated:
July 25, 2019
06:10 PM PT

Opened:
July 25, 2019
06:10 PM PT
+ " + - title: June 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml index 301dd17335..4667f66e88 100644 --- a/windows/release-information/status-windows-10-1709.yml +++ b/windows/release-information/status-windows-10-1709.yml @@ -60,9 +60,10 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ - +
SummaryOriginating updateStatusLast updated
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after updating.

See details >		OS Build 16299.1296

July 16, 2019
KB4507465		Investigating
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 16299.1217

June 11, 2019
KB4503284		Mitigated
July 10, 2019
07:09 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 16299.904

January 08, 2019
KB4480978		Mitigated
April 25, 2019
02:00 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 16299.1182

May 28, 2019
KB4499147		Resolved
KB4509477		June 26, 2019
04:00 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 16299.904

January 08, 2019
KB4480978		Mitigated
April 25, 2019
02:00 PM PT
" @@ -78,6 +79,7 @@ sections: - type: markdown text: " +
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after installation of KB4507465. Devices that are domain controllers or domain members are both affected.

If you are not sure if your device is affected, contact your administrator. Advanced users can check if this registry key exists HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms or for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Next steps: At this time, we suggest that devices in an affected environment do not install KB4507465. We are working on a resolution and estimate a solution will be available in mid-August.

Back to top		OS Build 16299.1296

July 16, 2019
KB4507465		Investigating
Last updated:
July 25, 2019
06:10 PM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503284 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround:
To mitigate this issue on an SCCM server:
  1. Verify Variable Window Extension is enabled.
  2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In WDS TFTP settings, verify Variable Window Extension is enabled.
  2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 16299.1217

June 11, 2019
KB4503284		Mitigated
Last updated:
July 10, 2019
07:09 PM PT

Opened:
July 10, 2019
02:51 PM PT
" diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml index e9e62c1dce..166d39fa83 100644 --- a/windows/release-information/status-windows-10-1803.yml +++ b/windows/release-information/status-windows-10-1803.yml @@ -60,10 +60,11 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ + -
SummaryOriginating updateStatusLast updated
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after updating.

See details >		OS Build 17134.915

July 16, 2019
KB4507466		Investigating
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Mitigated
July 10, 2019
07:09 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4509478		June 26, 2019
04:00 PM PT
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Mitigated
June 14, 2019
04:41 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 17134.523

January 08, 2019
KB4480966		Mitigated
April 25, 2019
02:00 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4509478		June 26, 2019
04:00 PM PT
" @@ -79,6 +80,7 @@ sections: - type: markdown text: " +
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after installation of KB4507466. Devices that are domain controllers or domain members are both affected.

If you are not sure if your device is affected, contact your administrator. Advanced users can check if this registry key exists HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms or for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Next steps: At this time, we suggest that devices in an affected environment do not install KB4507466. We are working on a resolution and estimate a solution will be available in mid-August.

Back to top		OS Build 17134.915

July 16, 2019
KB4507466		Investigating
Last updated:
July 25, 2019
06:10 PM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503286 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround:
To mitigate this issue on an SCCM server:
  1. Verify Variable Window Extension is enabled.
  2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In WDS TFTP settings, verify Variable Window Extension is enabled.
  2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Mitigated
Last updated:
July 10, 2019
07:09 PM PT

Opened:
July 10, 2019
02:51 PM PT
" @@ -88,8 +90,8 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Startup to a black screen after installing updates
We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.


Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803
  • Server: Windows Server 2019
Workaround: To mitigate this issue, press Ctrl+Alt+Delete, then select the Power button in the lower right corner of the screen and select Restart. Your device should now restart normally.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Mitigated
Last updated:
June 14, 2019
04:41 PM PT

Opened:
June 14, 2019
04:41 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4499183. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509478.

Back to top		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4509478		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Startup to a black screen after installing updates
We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.


Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803
  • Server: Windows Server 2019
Workaround: To mitigate this issue, press Ctrl+Alt+Delete, then select the Power button in the lower right corner of the screen and select Restart. Your device should now restart normally.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Mitigated
Last updated:
June 14, 2019
04:41 PM PT

Opened:
June 14, 2019
04:41 PM PT
" diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml index 5613d45790..a8d6b78e6b 100644 --- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml @@ -21,8 +21,7 @@ sections: Find information on known issues and the status of the rollout for Windows 10, version 1809 and Windows Server 2019. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s). -
Current status:
- Windows 10, version 1809 is designated for broad deployment and available for any user who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel. +		Current status:
Windows 10, version 1809 is designated for broad deployment and available for any user who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.
" @@ -65,11 +64,12 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ + -
SummaryOriginating updateStatusLast updated
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after updating.

See details >		OS Build 17763.652

July 22, 2019
KB4505658		Investigating
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 17763.557

June 11, 2019
KB4503327		Mitigated
July 10, 2019
07:09 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 17763.529

May 21, 2019
KB4497934		Resolved
KB4509479		June 26, 2019
04:00 PM PT
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.

See details >		OS Build 17763.557

June 11, 2019
KB4503327		Mitigated
June 14, 2019
04:41 PM PT
Devices with some Asian language packs installed may receive an error
After installing the KB4493509 devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_F

See details >		OS Build 17763.437

April 09, 2019
KB4493509		Mitigated
May 03, 2019
10:59 AM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 17763.253

January 08, 2019
KB4480116		Mitigated
April 09, 2019
10:00 AM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 17763.529

May 21, 2019
KB4497934		Resolved
KB4509479		June 26, 2019
04:00 PM PT
" @@ -85,6 +85,7 @@ sections: - type: markdown text: " +
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after installation of KB4505658. Devices that are domain controllers or domain members are both affected.

If you are not sure if your device is affected, contact your administrator. Advanced users can check if this registry key exists HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms or for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Next steps: At this time, we suggest that devices in an affected environment do not install KB4505658. We are working on a resolution and estimate a solution will be available in mid-August.

Back to top		OS Build 17763.652

July 22, 2019
KB4505658		Investigating
Last updated:
July 25, 2019
06:10 PM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503327 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround:
To mitigate this issue on an SCCM server:
  1. Verify Variable Window Extension is enabled.
  2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In WDS TFTP settings, verify Variable Window Extension is enabled.
  2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Mitigated
Last updated:
July 10, 2019
07:09 PM PT

Opened:
July 10, 2019
02:51 PM PT
" @@ -94,8 +95,8 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Startup to a black screen after installing updates
We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.


Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803
  • Server: Windows Server 2019
Workaround: To mitigate this issue, press Ctrl+Alt+Delete, then select the Power button in the lower right corner of the screen and select Restart. Your device should now restart normally.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Mitigated
Last updated:
June 14, 2019
04:41 PM PT

Opened:
June 14, 2019
04:41 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4497934. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509479.

Back to top		OS Build 17763.529

May 21, 2019
KB4497934		Resolved
KB4509479		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Startup to a black screen after installing updates
We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.


Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803
  • Server: Windows Server 2019
Workaround: To mitigate this issue, press Ctrl+Alt+Delete, then select the Power button in the lower right corner of the screen and select Restart. Your device should now restart normally.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Mitigated
Last updated:
June 14, 2019
04:41 PM PT

Opened:
June 14, 2019
04:41 PM PT
" diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml index 29dfcd9330..a1ebf8f433 100644 --- a/windows/release-information/status-windows-10-1903.yml +++ b/windows/release-information/status-windows-10-1903.yml @@ -22,7 +22,7 @@ sections:
Current status as of July 16, 2019:
-
We are initiating the Windows 10 May 2019 Update for customers with devices that are at or nearing end of service and have not yet updated their device. Keeping these devices both supported and receiving monthly updates is critical to device security and ecosystem health. Based on the large number of devices running the April 2018 Update, that will reach the end of 18 months of service on November 12, 2019, we are starting the update process now for Home and Pro editions to help ensure adequate time for a smooth update process.

Our update rollout process takes into consideration the scale and complexity of the Windows 10 ecosystem, with the many hardware, software, and app configuration options users have, to provide a seamless update experience for all users. We closely monitor update feedback to allow us to prioritize those devices likely to have a good update experience and quickly put safeguards on other devices while we address known issues. Windows 10 Home and Pro edition users will have the ability to pause the update for up to 35 days so they can choose a convenient time.

The Windows 10 May 2019 Update is available for any user who manually selects “Check for updates” via Windows Update on a device that does not have a safeguard hold for issues already detected. If you are not offered the update, please check below for any known issues that may affect your device.

We recommend commercial customers running earlier versions of Windows 10 begin targeted deployments of Windows 10, version 1903 to validate that the apps, devices, and infrastructure used by their organizations work as expected with the new release and features.

Note Follow @WindowsUpdate to find out when new content is published to the release information dashboard.
+
We are initiating the Windows 10 May 2019 Update for customers with devices that are at or nearing end of service and have not yet updated their device. Keeping these devices both supported and receiving monthly updates is critical to device security and ecosystem health. Based on the large number of devices running the April 2018 Update, that will reach the end of 18 months of service on November 12, 2019, we are starting the update process now for Home and Pro editions to help ensure adequate time for a smooth update process.

Our update rollout process takes into consideration the scale and complexity of the Windows 10 ecosystem, with the many hardware, software, and app configuration options users have, to provide a seamless update experience for all users. We closely monitor update feedback to allow us to prioritize those devices likely to have a good update experience and quickly put safeguards on other devices while we address known issues. Windows 10 Home and Pro edition users will have the ability to pause the update for up to 35 days so they can choose a convenient time.

The Windows 10 May 2019 Update is available for any user who manually selects “Check for updates” via Windows Update on a device that does not have a safeguard hold for issues already detected. If you are not offered the update, please check below for any known issues that may affect your device.

We recommend commercial customers running earlier versions of Windows 10 begin targeted deployments of Windows 10, version 1903 to validate that the apps, devices, and infrastructure used by their organizations work as expected with the new release and features.

Note Follow @WindowsUpdate to find out when new content is published to the release information dashboard.
" @@ -65,21 +65,23 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ + - - + + + + + + - - - -
SummaryOriginating updateStatusLast updated
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after updating.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
July 25, 2019
06:10 PM PT
Issues updating when certain versions of Intel storage drivers are installed
Certain versions of Intel Rapid Storage Technology (Intel RST) drivers may cause updating to Windows 10, version 1903 to fail.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Mitigated External
July 25, 2019
06:10 PM PT
The dGPU may occasionally disappear from device manager on Surface Book 2 with dGPU
Some apps or games that needs to perform graphics intensive operations may close or fail to open on Surface Book 2 devices with Nvidia dGPU.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
July 16, 2019
09:04 AM PT
Initiating a Remote Desktop connection may result in black screen
When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
July 12, 2019
04:42 PM PT
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates

See details >		OS Build 18362.116

May 20, 2019
KB4505057		Investigating
June 10, 2019
06:06 PM PT
Display brightness may not respond to adjustments
Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Investigating
May 21, 2019
04:47 PM PT
Loss of functionality in Dynabook Smartphone Link app
After updating to Windows 10, version 1903, you may experience a loss of functionality when using the Dynabook Smartphone Link application.

See details >		OS Build 18362.116

May 20, 2019
KB4505057		Resolved
July 11, 2019
01:54 PM PT
Error attempting to update with external USB device or memory card attached
PCs with an external USB device or SD memory card attached may get error: \"This PC can't be upgraded to Windows 10.\"

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
July 11, 2019
01:53 PM PT
Audio not working with Dolby Atmos headphones and home theater
Users may experience audio loss with Dolby Atmos headphones or Dolby Atmos home theater.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
July 11, 2019
01:53 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Mitigated
July 10, 2019
07:09 PM PT
RASMAN service may stop working and result in the error “0xc0000005”
The Remote Access Connection Manager (RASMAN) service may stop working and result in the error “0xc0000005” with VPN profiles configured as an Always On VPN connection.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Mitigated
July 01, 2019
05:04 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Resolved
KB4501375		June 27, 2019
10:00 AM PT
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates

See details >		OS Build 18362.116

May 20, 2019
KB4505057		Investigating
June 10, 2019
06:06 PM PT
Gamma ramps, color profiles, and night light settings do not apply in some cases
Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
May 24, 2019
11:02 AM PT
Unable to discover or connect to Bluetooth devices
Microsoft has identified compatibility issues with some versions of Realtek and Qualcomm Bluetooth radio drivers.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
May 21, 2019
04:48 PM PT
Display brightness may not respond to adjustments
Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Investigating
May 21, 2019
04:47 PM PT
Intel Audio displays an intcdaud.sys notification
Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in battery drain.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
May 21, 2019
04:47 PM PT
Cannot launch Camera app
Microsoft and Intel have identified an issue affecting Intel RealSense SR300 or Intel RealSense S200 camera apps.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
May 21, 2019
04:47 PM PT
Intermittent loss of Wi-Fi connectivity
Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
May 21, 2019
04:46 PM PT
Loss of functionality in Dynabook Smartphone Link app
After updating to Windows 10, version 1903, you may experience a loss of functionality when using the Dynabook Smartphone Link application.

See details >		OS Build 18362.116

May 20, 2019
KB4505057		Resolved
July 11, 2019
01:54 PM PT
Audio not working with Dolby Atmos headphones and home theater
Users may experience audio loss with Dolby Atmos headphones or Dolby Atmos home theater.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
July 11, 2019
01:53 PM PT
Error attempting to update with external USB device or memory card attached
PCs with an external USB device or SD memory card attached may get error: \"This PC can't be upgraded to Windows 10.\"

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
July 11, 2019
01:53 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Resolved
KB4501375		June 27, 2019
10:00 AM PT
" @@ -95,6 +97,8 @@ sections: - type: markdown text: " + + @@ -116,15 +120,15 @@ sections: - type: markdown text: "
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms may not start up
Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after installation of KB4497935. Devices that are domain controllers or domain members are both affected.

If you are not sure if your device is affected, contact your administrator. Advanced users can check if this registry key exists HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms or for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Next steps: At this time, we suggest that devices in an affected environment do not install KB4497935. We are working on a resolution and estimate a solution will be available in mid-August.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
Last updated:
July 25, 2019
06:10 PM PT

Opened:
July 25, 2019
06:10 PM PT
Issues updating when certain versions of Intel storage drivers are installed
Intel and Microsoft have found incompatibility issues with certain versions of the Intel Rapid Storage Technology (Intel RST) drivers and the Windows 10 May 2019 Update (Windows 10, version 1903).  

To safeguard your update experience, we have applied a compatibility hold on devices with Intel RST driver version between 15.1.0.1002 and 15.5.2.1053 installed from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.

Versions 15.5.2.1054 or later are compatible, and a device that has these drivers installed can install the Windows 10 May 2019 Update. For affected devices, the recommended version is 15.9.6.1044.

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Next steps: To resolve this issue, you will need to update the Intel RST drivers for your device to version 15.5.2.1054 or a later.  Check with your device manufacturer (OEM) to see if an updated driver is available and install it. You can also download the latest Intel RST drivers directly from Intel at Intel® Rapid Storage Technology (Intel® RST) User Interface and Driver. Once your drivers are updated, you can restart the installation process for the May 2019 Update.

Note Until an updated driver has been installed, we recommend you do not attempt to manually update using the Update now button or the Media Creation Tool. 

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Mitigated External
Last updated:
July 25, 2019
06:10 PM PT

Opened:
July 25, 2019
06:10 PM PT
The dGPU may occasionally disappear from device manager on Surface Book 2 with dGPU
Microsoft has identified a compatibility issue on some Surface Book 2 devices configured with Nvidia discrete graphics processing unit (dGPU). After updating to Windows 10, version 1903 (May 2019 Feature Update), some apps or games that needs to perform graphics intensive operations may close or fail to open.

To safeguard your update experience, we have applied a compatibility hold on Surface Book 2 devices with Nvidia dGPUs from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: To mitigate the issue if you are already on Windows 10, version 1903, you can restart the device or select the Scan for hardware changes button in the Action menu or on the toolbar in Device Manager.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
Last updated:
July 16, 2019
09:04 AM PT

Opened:
July 12, 2019
04:20 PM PT
Initiating a Remote Desktop connection may result in black screen
When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen. Any version of Windows may encounter this issue when initiating a Remote Desktop connection to a Windows 10, version 1903 device which is running an affected display driver, including the drivers for the Intel 4 series chipset integrated GPU (iGPU).

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Next steps: We are working on a resolution that will be made available in upcoming release.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
Last updated:
July 12, 2019
04:42 PM PT

Opened:
July 12, 2019
04:42 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503293 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround:
To mitigate this issue on an SCCM server:
  1. Verify Variable Window Extension is enabled.
  2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In WDS TFTP settings, verify Variable Window Extension is enabled.
  2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.175

June 11, 2019
KB4503293		Mitigated
Last updated:
July 10, 2019
07:09 PM PT

Opened:
July 10, 2019
02:51 PM PT
+ + + - + - - -
DetailsOriginating updateStatusHistory
Loss of functionality in Dynabook Smartphone Link app
Some users may experience a loss of functionality after updating to Windows 10, version 1903 when using the Dynabook Smartphone Link application on Windows devices. Loss of functionality may affect the display of phone numbers in the Call menu and the ability to answer phone calls on the Windows PC.

To safeguard your update experience, we have applied a compatibility hold on devices with Dynabook Smartphone Link from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 20, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:54 PM PT

Opened:
May 24, 2019
03:10 PM PT
Error attempting to update with external USB device or memory card attached
If you have an external USB device or SD memory card attached when installing Windows 10, version 1903, you may get an error message stating \"This PC can't be upgraded to Windows 10.\" This is caused by inappropriate drive reassignment during installation.

Sample scenario: An update to Windows 10, version 1903 is attempted on a computer that has a thumb drive inserted into its USB port. Before the update, the thumb drive is mounted in the system as drive G based on the existing drive configuration. After the feature update is installed; however, the device is reassigned a different drive letter (e.g., drive H).

Note The drive reassignment is not limited to removable drives. Internal hard drives may also be affected.

To safeguard your update experience, we have applied a hold on devices with an external USB device or SD memory card attached from being offered Windows 10, version 1903 until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:53 PM PT

Opened:
May 21, 2019
07:38 AM PT
Audio not working with Dolby Atmos headphones and home theater
After updating to Windows 10, version 1903, you may experience loss of audio with Dolby Atmos for home theater (free extension) or Dolby Atmos for headphones (paid extension) acquired through the Microsoft Store due to a licensing configuration error.
 
This occurs due to an issue with a Microsoft Store licensing component, where license holders are not able to connect to the Dolby Access app and enable Dolby Atmos extensions.
 
To safeguard your update experience, we have applied protective hold on devices from being offered Windows 10, version 1903 until this issue is resolved. This configuration error will not result in loss of access for the acquired license once the problem is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:53 PM PT

Opened:
May 21, 2019
07:16 AM PT
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.

Affected platforms:
  • Client: Windows 10, version 1903
Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.116

May 20, 2019
KB4505057		Investigating
Last updated:
June 10, 2019
06:06 PM PT

Opened:
May 24, 2019
04:20 PM PT
Display brightness may not respond to adjustments
Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Windows 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.

To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: Restart your device to apply changes to brightness.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Next steps: We are working on a resolution that will be made available in upcoming release.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Investigating
Last updated:
May 21, 2019
04:47 PM PT

Opened:
May 21, 2019
07:56 AM PT
Gamma ramps, color profiles, and night light settings do not apply in some cases
Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

Microsoft has identified some scenarios where night light settings may stop working, for example:
  • Connecting to (or disconnecting from) an external monitor, dock, or projector
  • Rotating the screen
  • Updating display drivers or making other display mode changes
  • Closing full screen applications
  • Applying custom color profiles
  • Running applications that rely on custom gamma ramps
Affected platforms:
  • Client: Windows 10, version 1903
Workaround: If you find that your night light has stopped working, try turning the night light off and on, or restarting your computer. For other color setting issues, restart your computer to correct the issue.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
May 24, 2019
11:02 AM PT

Opened:
May 21, 2019
07:28 AM PT
Unable to discover or connect to Bluetooth devices
Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Realtek and Qualcomm. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Realtek or Qualcomm Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Workaround: Check with your device manufacturer (OEM) to see if an updated driver is available and install it.

  • For Qualcomm drivers, you will need to install a driver version greater than 10.0.1.11.
  • For Realtek drivers, you will need to install a driver version greater than 1.5.1011.0.
Note Until an updated driver has been installed, we recommend you do not attempt to manually update using the Update now button or the Media Creation Tool. 

Next steps: Microsoft is working with Realtek and Qualcomm to release new drivers for all affected system via Windows Update.  


Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
May 21, 2019
04:48 PM PT

Opened:
May 21, 2019
07:29 AM PT
Display brightness may not respond to adjustments
Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Windows 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.

To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: Restart your device to apply changes to brightness.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Next steps: We are working on a resolution that will be made available in upcoming release.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Investigating
Last updated:
May 21, 2019
04:47 PM PT

Opened:
May 21, 2019
07:56 AM PT
Intel Audio displays an intcdaud.sys notification
Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain. If you see an intcdaud.sys notification or “What needs your attention” notification when trying to update to Windows 10, version 1903, you have an affected Intel Audio Display device driver installed on your machine (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8).
  
To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until updated device drivers have been installed.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809
Workaround:
On the “What needs your attention\" notification, click the Back button to remain on your current version of Windows 10. (Do not click Confirm as this will proceed with the update and you may experience compatibility issues.) Affected devices will automatically revert to the previous working configuration.

For more information, see Intel's customer support guidance and the Microsoft knowledge base article KB4465877.

Note We recommend you do not attempt to update your devices until newer device drivers are installed.

Next steps: You can opt to wait for newer drivers to be installed automatically through Windows Update or check with the computer manufacturer for the latest device driver software availability and installation procedures.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
May 21, 2019
04:47 PM PT

Opened:
May 21, 2019
07:22 AM PT
Cannot launch Camera app
Microsoft and Intel have identified an issue affecting Intel RealSense SR300 and Intel RealSense S200 cameras when using the Camera app. After updating to the Windows 10 May 2019 Update and launching the Camera app, you may get an error message stating:

\"Close other apps, error code: 0XA00F4243.”


To safeguard your update experience, we have applied a protective hold on machines with Intel RealSense SR300 or Intel RealSense S200 cameras installed from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: To temporarily resolve this issue, perform one of the following:

  • Unplug your camera and plug it back in.

or

  • Disable and re-enable the driver in Device Manager. In the Search box, type \"Device Manager\" and press Enter. In the Device Manager dialog box, expand Cameras, then right-click on any RealSense driver listed and select Disable device. Right click on the driver again and select Enable device.

or

  • Restart the RealSense service. In the Search box, type \"Task Manager\" and hit Enter. In the Task Manager dialog box, click on the Services tab, right-click on RealSense, and select Restart
Note This workaround will only resolve the issue until your next system restart.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
May 21, 2019
04:47 PM PT

Opened:
May 21, 2019
07:20 AM PT
Intermittent loss of Wi-Fi connectivity
Some older computers may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).

To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until the updated driver is installed.

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: Download and install an updated Wi-Fi driver from your device manufacturer (OEM).
 
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
May 21, 2019
04:46 PM PT

Opened:
May 21, 2019
07:13 AM PT
Loss of functionality in Dynabook Smartphone Link app
Some users may experience a loss of functionality after updating to Windows 10, version 1903 when using the Dynabook Smartphone Link application on Windows devices. Loss of functionality may affect the display of phone numbers in the Call menu and the ability to answer phone calls on the Windows PC.

To safeguard your update experience, we have applied a compatibility hold on devices with Dynabook Smartphone Link from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 20, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:54 PM PT

Opened:
May 24, 2019
03:10 PM PT
Audio not working with Dolby Atmos headphones and home theater
After updating to Windows 10, version 1903, you may experience loss of audio with Dolby Atmos for home theater (free extension) or Dolby Atmos for headphones (paid extension) acquired through the Microsoft Store due to a licensing configuration error.
 
This occurs due to an issue with a Microsoft Store licensing component, where license holders are not able to connect to the Dolby Access app and enable Dolby Atmos extensions.
 
To safeguard your update experience, we have applied protective hold on devices from being offered Windows 10, version 1903 until this issue is resolved. This configuration error will not result in loss of access for the acquired license once the problem is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:53 PM PT

Opened:
May 21, 2019
07:16 AM PT
Error attempting to update with external USB device or memory card attached
If you have an external USB device or SD memory card attached when installing Windows 10, version 1903, you may get an error message stating \"This PC can't be upgraded to Windows 10.\" This is caused by inappropriate drive reassignment during installation.

Sample scenario: An update to Windows 10, version 1903 is attempted on a computer that has a thumb drive inserted into its USB port. Before the update, the thumb drive is mounted in the system as drive G based on the existing drive configuration. After the feature update is installed; however, the device is reassigned a different drive letter (e.g., drive H).

Note The drive reassignment is not limited to removable drives. Internal hard drives may also be affected.

To safeguard your update experience, we have applied a hold on devices with an external USB device or SD memory card attached from being offered Windows 10, version 1903 until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
Resolved:
July 11, 2019
01:53 PM PT

Opened:
May 21, 2019
07:38 AM PT
" diff --git a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml index 883499827b..36e559e6aa 100644 --- a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml @@ -62,8 +62,8 @@ sections: - +
SummaryOriginating updateStatusLast updated
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503276		Mitigated
July 10, 2019
07:09 PM PT
Japanese IME doesn't show the new Japanese Era name as a text input option
If previous dictionary updates are installed, the Japanese input method editor (IME) doesn't show the new Japanese Era name as a text input option.

See details >		April 25, 2019
KB4493443		Mitigated
May 15, 2019
05:53 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.

See details >		January 08, 2019
KB4480963		Mitigated
April 25, 2019
02:00 PM PT
System may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.

See details >		April 09, 2019
KB4493446		Mitigated
April 18, 2019
05:00 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.

See details >		January 08, 2019
KB4480963		Mitigated
April 25, 2019
02:00 PM PT
" From 5c3aff3c7fe744c7c468dd7359e97974deebf050 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Fri, 26 Jul 2019 09:21:52 -0700 Subject: [PATCH 46/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md --- ...ing-system-components-to-microsoft-services-using-MDM.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md index e43cc160d7..262e9a1641 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md @@ -95,7 +95,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt 1. **OneDrive** 1. MDM Policy: [DisableOneDriveFileSync](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync). Allows IT Admins to prevent apps and features from working with files on OneDrive. **Set to 1 (one)** 1. Ingest the ADMX - To get the latest OneDrive ADMX file you need an up-to-date Windows 10 client. The ADMX files are located under the following path: %LocalAppData%\Microsoft\OneDrive\ there's a folder with the current OneDrive build (e.g. "18.162.0812.0001"). There is a folder named "adm" which contains the admx and adml policy definition files. - 1. MDM Policy: Prevent Network Traffic before User SignIn. PreventNetworkTrafficPreUserSignIn. The OMA-URI value is: ./Device/Vendor/MSFT/Policy/Config/OneDriveNGSC\~Policy\~OneDriveNGSC/PreventNetworkTrafficPreUserSignIn, String, \ + 1. MDM Policy: Prevent Network Traffic before User SignIn. PreventNetworkTrafficPreUserSignIn. The OMA-URI value is: ./Device/Vendor/MSFT/Policy/Config/OneDriveNGSC\~Policy\~OneDriveNGSC/PreventNetworkTrafficPreUserSignIn, **String, \** 1. **Privacy settings** Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. 1. General - [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection). This policy setting controls the ability to send inking and typing data to Microsoft. **Set to 0 (zero)** @@ -137,13 +137,13 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt 1. **Microsoft Store** 1. [ApplicationManagement/DisableStoreOriginatedApps](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-disablestoreoriginatedapps). Boolean value that disables the launch of all apps from Microsoft Store that came pre-installed or were downloaded. **Set to 1 (one)** 1. [ApplicationManagement/AllowAppStoreAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-allowappstoreautoupdate). Specifies whether automatic update of apps from Microsoft Store are allowed. **Set to 0 (zero)** -1 **Apps for websites** - [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers). This policy setting determines whether Windows supports web-to-app linking with app URI handlers. **Set to 0 (zero)** +1. **Apps for websites** - [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers). This policy setting determines whether Windows supports web-to-app linking with app URI handlers. **Set to 0 (zero)** 1. **Windows Update Delivery Optimization** - The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). 1. [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode). Let’s you choose where Delivery Optimization gets or sends updates and apps. **Set to 100 (one hundred)** 1. **Windows Update** 1. [Update/AllowAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowautoupdate). Control automatic updates. **Set to 5 (five)** 1. Windows Update Allow Update Service - [Update/AllowUpdateService](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowupdateservice). Specifies whether the device could use Microsoft Update, Windows Server Update Services (WSUS), or Microsoft Store. **Set to 0 (zero)** - 1. Windows Update Service URL - [Update/UpdateServiceUrl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-updateserviceurl). Allows the device to check for updates from a WSUS server instead of Microsoft Update. **Set to String** with the Value next to item "a" below: + 1. Windows Update Service URL - [Update/UpdateServiceUrl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-updateserviceurl). Allows the device to check for updates from a WSUS server instead of Microsoft Update. **Set to String** with the Value next to item below: 1. \\$CmdID$\\\chr\text/plain\\ \./Vendor/MSFT/Policy/Config/Update/UpdateServiceUrl\\http://abcd-srv:8530\\ ### Allowed traffic ("Whitelisted traffic") for Microsoft InTune / MDM configurations From 5fcdd94062fa9b341f19a6c34c7e688316a30085 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Fri, 26 Jul 2019 09:22:52 -0700 Subject: [PATCH 47/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md --- ...erating-system-components-to-microsoft-services-using-MDM.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md index 262e9a1641..f370ebdc1b 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md @@ -95,7 +95,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt 1. **OneDrive** 1. MDM Policy: [DisableOneDriveFileSync](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync). Allows IT Admins to prevent apps and features from working with files on OneDrive. **Set to 1 (one)** 1. Ingest the ADMX - To get the latest OneDrive ADMX file you need an up-to-date Windows 10 client. The ADMX files are located under the following path: %LocalAppData%\Microsoft\OneDrive\ there's a folder with the current OneDrive build (e.g. "18.162.0812.0001"). There is a folder named "adm" which contains the admx and adml policy definition files. - 1. MDM Policy: Prevent Network Traffic before User SignIn. PreventNetworkTrafficPreUserSignIn. The OMA-URI value is: ./Device/Vendor/MSFT/Policy/Config/OneDriveNGSC\~Policy\~OneDriveNGSC/PreventNetworkTrafficPreUserSignIn, **String, \** + 1. MDM Policy: Prevent Network Traffic before User SignIn. **PreventNetworkTrafficPreUserSignIn**. The OMA-URI value is: ./Device/Vendor/MSFT/Policy/Config/OneDriveNGSC\~Policy\~OneDriveNGSC/PreventNetworkTrafficPreUserSignIn, **String, \** 1. **Privacy settings** Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. 1. General - [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection). This policy setting controls the ability to send inking and typing data to Microsoft. **Set to 0 (zero)** From 2e2c6ece2ee1c00fea26da1f7435a287c38cd9d6 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Fri, 26 Jul 2019 09:30:26 -0700 Subject: [PATCH 48/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services.md --- ...system-components-to-microsoft-services.md | 32 +++++++++---------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index 782dda6dcc..9c0fbd1942 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -106,9 +106,9 @@ The following table lists management options for each setting, beginning with Wi |     [24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | -|     [26.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | -| [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | -| [28. Windows Update](#bkmk-wu) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | +| [27. Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | +| [28. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | +| [29. Windows Update](#bkmk-wu) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ### Settings for Windows Server 2016 with Desktop Experience @@ -134,8 +134,8 @@ See the following table for a summary of the management settings for Windows Ser | [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | -|     [26.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | -| [28. Windows Update](#bkmk-wu) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | +| [27. Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | +| [29. Windows Update](#bkmk-wu) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ### Settings for Windows Server 2016 Server Core @@ -150,7 +150,7 @@ See the following table for a summary of the management settings for Windows Ser | [19. Software Protection Platform](#bkmk-spp) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [22. Teredo](#bkmk-teredo) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [24. Windows Defender](#bkmk-defender) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | -| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | +| [29. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ### Settings for Windows Server 2016 Nano Server @@ -161,7 +161,7 @@ See the following table for a summary of the management settings for Windows Ser | [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | ![Check mark](images/checkmark.png) | | [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | | [22. Teredo](#bkmk-teredo) | ![Check mark](images/checkmark.png) | -| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | +| [29. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ### Settings for Windows Server 2019 @@ -218,9 +218,9 @@ See the following table for a summary of the management settings for Windows Ser |     [24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | -|     [26.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |![Check mark](images/checkmark.png) | -| [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | -| [28. Windows Update](#bkmk-wu) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | +| [27. Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |![Check mark](images/checkmark.png) | +| [28. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | +| [29. Windows Update](#bkmk-wu) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ## How to configure each setting @@ -1783,7 +1783,7 @@ On Windows Server 2016, this will block Microsoft Store calls from Universal Win - Create a new REG_DWORD registry setting named **AutoDownload** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsStore** with a value of 2 (two). -### 26.1 Apps for websites +### 27. Apps for websites You can turn off apps for websites, preventing customers who visit websites that are registered with their associated app from directly launching the app. @@ -1793,7 +1793,7 @@ You can turn off apps for websites, preventing customers who visit websites that - Create a new REG_DWORD registry setting named **EnableAppUriHandlers** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**. -### 27. Windows Update Delivery Optimization +### 28. Windows Update Delivery Optimization Windows Update Delivery Optimization lets you get Windows updates and Microsoft Store apps from sources in addition to Microsoft, which not only helps when you have a limited or unreliable Internet connection, but can also help you reduce the amount of bandwidth needed to keep all of your organization's PCs up-to-date. If you have Delivery Optimization turned on, PCs on your network may send and receive updates and apps to other PCs on your local network, if you choose, or to PCs on the Internet. @@ -1803,13 +1803,13 @@ Use the UI, Group Policy, or Registry Keys to set up Delivery Optimization. In Windows 10 version 1607 and above you can stop network traffic related to Windows Update Delivery Optimization by setting **Download Mode** to **Bypass** (100), as described below. -### 27.1 Settings > Update & security +### 28.1 Settings > Update & security You can set up Delivery Optimization from the **Settings** UI. - Go to **Settings** > **Update & security** > **Windows Update** > **Advanced options** > **Choose how updates are delivered**. -### 27.2 Delivery Optimization Group Policies +### 28.2 Delivery Optimization Group Policies You can find the Delivery Optimization Group Policy objects under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Delivery Optimization**. @@ -1821,7 +1821,7 @@ You can find the Delivery Optimization Group Policy objects under **Computer Con | Max Cache Size | Lets you specify the maximum cache size as a percentage of disk size.
The default value is 20, which represents 20% of the disk.| | Max Upload Bandwidth | Lets you specify the maximum upload bandwidth (in KB/second) that a device uses across all concurrent upload activity.
The default value is 0, which means unlimited possible bandwidth.| -### 27.3 Delivery Optimization +### 28.3 Delivery Optimization - **Enable** the **Download Mode** Group Policy under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Delivery Optimization** and set the **Download Mode** to **"Bypass"** to prevent traffic. @@ -1832,7 +1832,7 @@ You can find the Delivery Optimization Group Policy objects under **Computer Con For more info about Delivery Optimization in general, see [Windows Update Delivery Optimization: FAQ](https://go.microsoft.com/fwlink/p/?LinkId=730684). -### 28. Windows Update +### 29. Windows Update You can turn off Windows Update by setting the following registry entries: From e35cd53ab3fb713b23d8b4eaa8b851de039b562b Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Fri, 26 Jul 2019 09:39:39 -0700 Subject: [PATCH 49/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services.md --- ...-windows-operating-system-components-to-microsoft-services.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index 9c0fbd1942..064c755d52 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -215,7 +215,6 @@ See the following table for a summary of the management settings for Windows Ser | [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [23. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | -|     [24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [27. Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |![Check mark](images/checkmark.png) | From a1ebb996bc2933ed50c6e0668f176091aa34ab8e Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Fri, 26 Jul 2019 09:41:17 -0700 Subject: [PATCH 50/54] Update manage-connections-from-windows-operating-system-components-to-microsoft-services.md --- ...windows-operating-system-components-to-microsoft-services.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index 064c755d52..a7aec9de77 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -103,7 +103,6 @@ The following table lists management options for each setting, beginning with Wi | [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [23. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | -|     [24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [27. Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | @@ -129,7 +128,6 @@ See the following table for a summary of the management settings for Windows Ser | [14. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [16. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [18. Settings > Privacy](#bkmk-settingssection) | | | | -|     [18.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | From 23b5a6c98e7c26cac051a70c8858f006725befff Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Fri, 26 Jul 2019 09:58:21 -0700 Subject: [PATCH 51/54] Update control-usb-devices-using-intune.md --- .../device-control/control-usb-devices-using-intune.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md b/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md index 537c68720b..5855b14b1d 100644 --- a/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md +++ b/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md @@ -114,7 +114,7 @@ To prevent malware infections or data loss, an organization may restrict USB dri All of the above controls can be set through the Intune [Administrative Templates](https://docs.microsoft.com/en-us/intune/administrative-templates-windows). The relevant policies are located here in the Intune Administrator Templates: -![Admintemplates](https://github.com/MicrosoftDocs/windows-docs-pr/blob/v-jowirt-updates/windows/security/threat-protection/windows-defender-antivirus/images/admintemplates.png) +![Admintemplates](windows-defender-antivirus/images/admintemplates.png) >[!Note] >Using Intune, you can apply device configuration policies to AAD user and/or device groups. From 83a2a4fa11dfd4613e089d7aa327fa88671b4e29 Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Fri, 26 Jul 2019 10:34:05 -0700 Subject: [PATCH 52/54] Update control-usb-devices-using-intune.md --- .../device-control/control-usb-devices-using-intune.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md b/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md index 5855b14b1d..e8f58439cb 100644 --- a/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md +++ b/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md @@ -114,7 +114,7 @@ To prevent malware infections or data loss, an organization may restrict USB dri All of the above controls can be set through the Intune [Administrative Templates](https://docs.microsoft.com/en-us/intune/administrative-templates-windows). The relevant policies are located here in the Intune Administrator Templates: -![Admintemplates](windows-defender-antivirus/images/admintemplates.png) +![Admintemplates](images/admintemplates.png) >[!Note] >Using Intune, you can apply device configuration policies to AAD user and/or device groups. @@ -159,13 +159,13 @@ If you want to prevent a device class or certain devices, you can use the preven The Microsoft Defender Advanced Threat Protection (ATP) baseline settings, represent the recommended configuration for ATP. Configuration settings for baseline are located here in the edit profile page of the configuration settings. -![Baselines](https://github.com/MicrosoftDocs/windows-docs-pr/blob/v-jowirt-updates/windows/security/threat-protection/windows-defender-antivirus/images/baselines.png) +![Baselines](images/baselines.png) ### Bluetooth Using Intune, you can limited the services that can use Bluetooth through the “Bluetooth allowed services”. The default state of “Bluetooth allowed services” settings means everything is allowed. As soon as a service is added, that becomes the allowed list. If the customer adds the Keyboards and Mice values, and don’t add the file transfer GUIDs, file transfer should be blocked. -![Bluetooth](https://github.com/MicrosoftDocs/windows-docs-pr/blob/v-jowirt-updates/windows/security/threat-protection/windows-defender-antivirus/images/bluetooth.png) +![Bluetooth](images/bluetooth.png) From fb9920b7841bd9050a1b313f79cebf661e8fc8ab Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Fri, 26 Jul 2019 10:38:47 -0700 Subject: [PATCH 53/54] moving images --- .../images/admintemplates.png | Bin .../images/baselines.png | Bin .../images/bluetooth.png | Bin 3 files changed, 0 insertions(+), 0 deletions(-) rename windows/security/threat-protection/{windows-defender-antivirus => device-control}/images/admintemplates.png (100%) rename windows/security/threat-protection/{windows-defender-antivirus => device-control}/images/baselines.png (100%) rename windows/security/threat-protection/{windows-defender-antivirus => device-control}/images/bluetooth.png (100%) diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/admintemplates.png b/windows/security/threat-protection/device-control/images/admintemplates.png similarity index 100% rename from windows/security/threat-protection/windows-defender-antivirus/images/admintemplates.png rename to windows/security/threat-protection/device-control/images/admintemplates.png diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/baselines.png b/windows/security/threat-protection/device-control/images/baselines.png similarity index 100% rename from windows/security/threat-protection/windows-defender-antivirus/images/baselines.png rename to windows/security/threat-protection/device-control/images/baselines.png diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/bluetooth.png b/windows/security/threat-protection/device-control/images/bluetooth.png similarity index 100% rename from windows/security/threat-protection/windows-defender-antivirus/images/bluetooth.png rename to windows/security/threat-protection/device-control/images/bluetooth.png From a4b734d7ef1b9f879c188df29eaaf5edfc4f3f6f Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Fri, 26 Jul 2019 12:04:44 -0700 Subject: [PATCH 54/54] Update TOC.md --- windows/security/threat-protection/TOC.md | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index d42055564e..c3243e4a9c 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -158,14 +158,24 @@ ### [Configure attack surface reduction]() #### [Attack surface reduction configuration settings](microsoft-defender-atp/configure-attack-surface-reduction.md) +### [Configure and manage capabilities](microsoft-defender-atp/onboard.md) +#### [Microsoft Defender Advanced Threat Protection for Mac](windows-defender-antivirus/microsoft-defender-atp-mac.md) +##### [Deploy Microsoft Defender Advanced Threat Protection for Mac]() +###### [Microsoft Intune-based deployment](windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md) +###### [JAMF-based deployment](windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md) +###### [Deployment with a different Mobile Device Management (MDM) system](windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md) +###### [Manual deployment](windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md) +##### [Update Microsoft Defender ATP for Mac](windows-defender-antivirus/microsoft-defender-atp-mac-updates.md) +##### [Set preferences for Microsoft Defender ATP for Mac](windows-defender-antivirus/microsoft-defender-atp-mac-preferences.md) +##### [Privacy for Microsoft Defender ATP for Mac](windows-defender-antivirus/microsoft-defender-atp-mac-privacy.md) +##### [Resources for Microsoft Defender ATP for Mac](windows-defender-antivirus/microsoft-defender-atp-mac-resources.md) + #### [Hardware-based isolation]() ##### [System isolation](windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md) ##### [Application isolation]() ###### [Install Windows Defender Application Guard](windows-defender-application-guard/install-wd-app-guard.md) -###### [Configuration settings](windows-defender-application-guard/configure-wd-app-guard.md) - -#### [Application control](windows-defender-application-control/windows-defender-application-control.md) +###### [Application control](windows-defender-application-control/windows-defender-application-control.md) #### [Device control]() ##### [Control USB devices](device-control/control-usb-devices-using-intune.md)