| Summary | Originating update | Status | Last updated |
| Some applications may fail to run as expected on clients of AD FS 2016 Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016) See details > | OS Build 14393.2941 April 25, 2019 KB4493473 | Mitigated | June 04, 2019 05:55 PM PT |
| Devices running Windows Server 2016 with Hyper-V seeing Bitlocker error 0xC0210000 Some devices running Windows Server with Hyper-V enabled may start into Bitlocker recovery with error 0xC0210000 See details > | OS Build 14393.2969 May 14, 2019 KB4494440 | Mitigated | May 23, 2019 09:57 AM PT |
| Cluster service may fail if the minimum password length is set to greater than 14 The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters. See details > | OS Build 14393.2639 November 27, 2018 KB4467684 | Mitigated | April 25, 2019 02:00 PM PT |
| Issue using PXE to start a device from WDS There may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. See details > | OS Build 14393.2848 March 12, 2019 KB4489882 | Mitigated | April 25, 2019 02:00 PM PT |
| Details | Originating update | Status | History |
| Some applications may fail to run as expected on clients of AD FS 2016 Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016) after installation of KB4493473 on the server. Applications that may exhibit this behavior use an IFRAME during non-interactive authentication requests and receive X-Frame Options set to DENY. Affected platforms:
Workaround: You can use the Allow-From value of the header if the IFRAME is only accessing pages from a single-origin URL. On the affected server, open a PowerShell window as an administrator and run the following command: set-AdfsResponseHeaders -SetHeaderName X-Frame-Options -SetHeaderValue \"allow-from https://example.com\" Next steps: We are working on a resolution and will provide an update in an upcoming release. Back to top | OS Build 14393.2941 April 25, 2019 KB4493473 | Mitigated | Last updated: June 04, 2019 05:55 PM PT Opened: June 04, 2019 05:55 PM PT |
| Details | Originating update | Status | History |
| Issue using PXE to start a device from WDS After installing KB4489899, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension. Affected platforms:
Workaround: To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options: Option 1: Open an Administrator Command prompt and type the following: Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No Option 2: Use the Windows Deployment Services UI to make the following adjustment:
Option 3: Set the following registry value to 0: HKLM\\System\\CurrentControlSet\\Services\\WDSServer\\Providers\\WDSTFTP\\EnableVariableWindowExtension Restart the WDSServer service after disabling the Variable Window Extension. Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release. Back to top | OS Build 17763.379 March 12, 2019 KB4489899 | Mitigated | Last updated: April 09, 2019 10:00 AM PT Opened: March 12, 2019 10:00 AM PT |
| Custom URI schemes may not start corresponding application After installing KB4489899, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer. Affected platforms:
Workaround: Right-click the URL link to open it in a new window or tab, or enable Protected Mode in Internet Explorer for local intranet and trusted sites
You must restart the browser after making these changes. Resolution: This issue is resolved in KB4495667. Back to top | OS Build 17763.379 March 12, 2019 KB4489899 | Resolved KB4495667 | Resolved: May 03, 2019 10:00 AM PT Opened: March 12, 2019 10:00 AM PT |