-AllowManagementOS $true
+Install-WindowsFeature -Name Hyper-V -IncludeManagementTools
+```
+
+When you are prompted to restart the computer, choose **Yes**. The computer might restart more than once.
+
+>Alternatively, you can install Hyper-V using the Control Panel in Windows under **Turn Windows features on or off** for a client operating system, or using Server Manager's **Add Roles and Features Wizard** on a server operating system, as shown below:
+
+ 
+
+ 
+
+If you choose to install Hyper-V using Server Manager, accept all default selections. Also be sure to install both items under **Role Administration Tools\Hyper-V Management Tools**.
+
+After installation is complete, open Hyper-V Manager by typing **virtmgmt.msc** at an elevated command prompt, or by typing **Hyper-V** in the Start menu search box.
+
+To read more about Hyper-V, see [Introduction to Hyper-V on Windows 10](https://docs.microsoft.com/virtualization/hyper-v-on-windows/about/) and [Hyper-V on Windows Server](https://docs.microsoft.com/windows-server/virtualization/hyper-v/hyper-v-on-windows-server).
+
+## Create a demo VM
+
+Now that Hyper-V is enabled, we need to create a VM running Windows 10. We can [create a VM](https://docs.microsoft.com/virtualization/hyper-v-on-windows/quick-start/create-virtual-machine) and [virtual network](https://docs.microsoft.com/virtualization/hyper-v-on-windows/quick-start/connect-to-network) using Hyper-V Manager, but it is simpler to use Windows PowerShell.
+
+To use Windows Powershell we just need to know two things:
+
+1. The location of the Windows 10 ISO file.
+ - In the example, we assume the location is **c:\iso\win10-eval.iso**.
+2. The name of the network interface that connects to the Internet.
+ - In the example, we use a Windows PowerShell command to determine this automatically.
+
+After we have set the ISO file location and determined the name of the appropriate network interface, we can install Windows 10.
+
+### Set ISO file location
+
+You can download an ISO file for an evaluation version of the latest release of Windows 10 Enterprise [here](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise).
+- When asked to select a platform, choose **64 bit**.
+
+After you download this file, the name will be extremely long (ex: 17763.107.101029-1455.rs5_release_svc_refresh_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us.iso).
+
+1. So that it is easier to type and remember, rename the file to **win10-eval.iso**.
+2. Create a directory on your computer named **c:\iso** and move the **win10-eval.iso** file there, so the path to the file is **c:\iso\win10-eval.iso**.
+3. If you wish to use a different name and location for the file, you must modify the Windows PowerShell commands below to use your custom name and directory.
+
+### Determine network adapter name
+
+The Get-NetAdaper cmdlet is used below to automatically find the network adapter that is most likely to be the one you use to connect to the Internet. You should test this command first by running the following at an elevated Windows PowerShell prompt:
+
+```powershell
+(Get-NetAdapter |?{$_.Status -eq "Up" -and !$_.Virtual}).Name
+```
+
+The output of this command should be the name of the network interface you use to connect to the Internet. Verify that this is the correct interface name. If it is not the correct interface name, you'll need to edit the first command below to use your network interface name.
+
+For example, if the command above displays Ethernet but you wish to use Ethernet2, then the first command below would be New-VMSwitch -Name AutopilotExternal -AllowManagementOS $true -NetAdapterName **Ethernet2**.
+
+### Use Windows PowerShell to create the demo VM
+
+All VM data will be created under the current path in your PowerShell prompt. Consider navigating into a new folder before running the following commands.
+
+>[!IMPORTANT]
+>**VM switch**: a VM switch is how Hyper-V connects VMs to a network.
If you have previously enabled Hyper-V and your Internet-connected network interface is already bound to a VM switch, then the PowerShell commands below will fail. In this case, you can either delete the existing VM switch (so that the commands below can create one), or you can reuse this VM switch by skipping the first command below and either modifying the second command to replace the switch name **AutopilotExternal** with the name of your switch, or by renaming your existing switch to "AutopilotExternal."
If you have never created an external VM switch before, then just run the commands below.
+
+```powershell
+New-VMSwitch -Name AutopilotExternal -AllowManagementOS $true -NetAdapterName (Get-NetAdapter |?{$_.Status -eq "Up" -and !$_.Virtual}).Name
New-VM -Name WindowsAutopilot -MemoryStartupBytes 2GB -BootDevice VHD -NewVHDPath .\VMs\WindowsAutopilot.vhdx -Path .\VMData -NewVHDSizeBytes 80GB -Generation 2 -Switch AutopilotExternal
-Add-VMDvdDrive -Path -VMName WindowsAutopilot
+Add-VMDvdDrive -Path c:\iso\win10-eval.iso -VMName WindowsAutopilot
Start-VM -VMName WindowsAutopilot
```
->[!IMPORTANT]
->Make sure to replace <*Name of Network Adapter with internet access*> and <*Path to Windows 10 ISO*> with the appropriate values.
->Additionally, note that all Virtual Machine related data will be created under the current path in your PowerShell prompt. Consider navigating into a new folder before running the above.
+After entering these commands, connect to the VM that you just created and wait for a prompt to press a key and boot from the DVD. You can connect to the VM by double-clicking it in Hyper-V Manager.
+
+See the sample output below. In this sample, the VM is created under the **c:\autopilot** directory and the vmconnect.exe command is used (which is only available on Windows Server). If you installed Hyper-V on Windows 10, use Hyper-V Manager to connect to your VM.
+
+
+PS C:\autopilot> dir c:\iso
+
+
+ Directory: C:\iso
+
+
+Mode LastWriteTime Length Name
+---- ------------- ------ ----
+-a---- 3/12/2019 2:46 PM 4627343360 win10-eval.iso
+
+PS C:\autopilot> (Get-NetAdapter |?{$_.Status -eq "Up" -and !$_.Virtual}).Name
+Ethernet
+PS C:\autopilot> New-VMSwitch -Name AutopilotExternal -AllowManagementOS $true -NetAdapterName (Get-NetAdapter |?{$_.Status -eq "Up" -and !$_.Virtual}).Name
+
+Name SwitchType NetAdapterInterfaceDescription
+---- ---------- ------------------------------
+AutopilotExternal External Intel(R) Ethernet Connection (2) I218-LM
+
+PS C:\autopilot> New-VM -Name WindowsAutopilot -MemoryStartupBytes 2GB -BootDevice VHD -NewVHDPath .\VMs\WindowsAutopilot.vhdx -Path .\VMData -NewVHDSizeBytes 80GB -Generation 2 -Switch AutopilotExternal
+
+Name State CPUUsage(%) MemoryAssigned(M) Uptime Status Version
+---- ----- ----------- ----------------- ------ ------ -------
+WindowsAutopilot Off 0 0 00:00:00 Operating normally 8.0
+
+PS C:\autopilot> Add-VMDvdDrive -Path c:\iso\win10-eval.iso -VMName WindowsAutopilot
+PS C:\autopilot> Start-VM -VMName WindowsAutopilot
+PS C:\autopilot> vmconnect.exe localhost WindowsAutopilot
+PS C:\autopilot> dir
+
+ Directory: C:\autopilot
+
+Mode LastWriteTime Length Name
+---- ------------- ------ ----
+d----- 3/12/2019 3:15 PM VMData
+d----- 3/12/2019 3:42 PM VMs
+
+PS C:\autopilot>
+
### Install Windows 10
-Now that the Virtual Machine was created and started, open **Hyper-V Manager** and connect to the **WindowsAutopilot** Virtual Machine.
-Make sure the Virtual Machine booted from the installation media you've provided and complete the Windows installation process.
+Ensure the VM booted from the installation ISO, click **Next** then click **Install now** and complete the Windows installation process. See the following examples:
-Once the installation is complete, create a checkpoint. You will create multiple checkpoints throughout this process, which you can later use to go through the process again.
+ 
+ 
+ 
+ 
+ 
+ 
+
+>After the VM restarts, during OOBE, it’s fine to select **Set up for personal use** or **Domain join instead** and then choose an offline account on the **Sign in** screen. This will offer the fastest way to the desktop. For example:
+
+ 
+
+Once the installation is complete, sign in and verify that you are at the Windows 10 desktop, then create your first Hyper-V checkpoint. Checkpoints are used to restore the VM to a previous state. You will create multiple checkpoints throughout this lab, which can be used later to go through the process again.
+
+ 
+
+To create your first checkpoint, open an elevated Windows PowerShell prompt on the computer running Hyper-V (not on the VM) and run the following:
-To create the checkpoint, open a PowerShell prompt **as an administrator** and run the following:
```powershell
Checkpoint-VM -Name WindowsAutopilot -SnapshotName "Finished Windows install"
```
-## Capture your Virtual Machine's hardware ID
+Click on the **WindowsAutopilot** VM in Hyper-V Manager and verify that you see **Finished Windows Install** listed in the Checkpoints pane.
-On the newly created Virtual Machine, open a PowerShell prompt **as an administrator** and run the following:
-```powershell
-md c:\HWID
-Set-Location c:\HWID
-Set-ExecutionPolicy Unrestricted
-Install-Script -Name Get-WindowsAutopilotInfo
-Get-WindowsAutopilotInfo.ps1 -OutputFile AutopilotHWID.csv
-```
+## Capture the hardware ID
+
+>NOTE: Normally, the Device ID is captured by the OEM as they run the OA3 Tool on each device in the factory. The OEM then submits the 4K HH created by the OA3 Tool to Microsoft by submitting it with a Computer Build Report (CBR). For purposes of this lab, you are acting as the OEM (capturing the 4K HH), but you’re not going to use the OA3 Tool to capture the full 4K HH for various reasons (you’d have to install the OA3 tool, your device couldn’t have a volume license version of Windows, it’s a more complicated process than using a PS script, etc.). Instead, you’ll simulate running the OA3 tool by running a PowerShell script, which captures the device 4K HH just like the OA3 tool.
+
+Follow these steps to run the PS script:
+
+1. Open an elevated Windows PowerShell prompt and run the following commands. These commands are the same regardless of whether you are using a VM or a physical device:
+
+ ```powershell
+ md c:\HWID
+ Set-Location c:\HWID
+ Set-ExecutionPolicy -Scope Process -ExecutionPolicy Unrestricted -Force
+ Install-Script -Name Get-WindowsAutopilotInfo -Force
+ $env:Path += ";C:\Program Files\WindowsPowerShell\Scripts"
+ Get-WindowsAutopilotInfo.ps1 -OutputFile AutopilotHWID.csv
+ ```
+
+When you are prompted to install the NuGet package, choose **Yes**.
+
+See the sample output below.
+
+
+PS C:\> md c:\HWID
+
+ Directory: C:\
+
+Mode LastWriteTime Length Name
+---- ------------- ------ ----
+d----- 3/14/2019 11:33 AM HWID
+
+PS C:\> Set-Location c:\HWID
+PS C:\HWID> Set-ExecutionPolicy -Scope Process -ExecutionPolicy Unrestricted -Force
+PS C:\HWID> Install-Script -Name Get-WindowsAutopilotInfo -Force
+
+NuGet provider is required to continue
+PowerShellGet requires NuGet provider version '2.8.5.201' or newer to interact with NuGet-based repositories. The NuGet
+ provider must be available in 'C:\Program Files\PackageManagement\ProviderAssemblies' or
+'C:\Users\user1\AppData\Local\PackageManagement\ProviderAssemblies'. You can also install the NuGet provider by running
+ 'Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force'. Do you want PowerShellGet to install and
+import the NuGet provider now?
+[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): Y
+PS C:\HWID> $env:Path += ";C:\Program Files\WindowsPowerShell\Scripts"
+PS C:\HWID> Get-WindowsAutopilotInfo.ps1 -OutputFile AutopilotHWID.csv
+PS C:\HWID> dir
+
+ Directory: C:\HWID
+
+Mode LastWriteTime Length Name
+---- ------------- ------ ----
+-a---- 3/14/2019 11:33 AM 8184 AutopilotHWID.csv
+
+PS C:\HWID>
+
+
+Verify that there is an **AutopilotHWID.csv** file in the **c:\HWID** directory that is about 8 KB in size. This file contains the complete 4K HH.
+
+**Note**: Although the .csv extension might be associated with Microsoft Excel, you cannot view the file properly by double-clicking it. To correctly parse the comma delimiters and view the file in Excel, you must use the **Data** > **From Text/CSV** function in Excel to import the appropriate data columns. You don't need to view the file in Excel unless you are curious. The file format will be validated when it is imported into Autopilot. An example of the data in this file is shown below.
+
+
+
+You will need to upload this data into Intune to register your device for Autopilot, so it needs to be transferred to the computer you will use to access the Azure portal. If you are using a physical device instead of a VM, you can copy the file to a USB stick. If you’re using a VM, you can right-click the AutopilotHWID.csv file and copy it, then right-click and paste the file to your desktop (outside the VM).
+
+If you have trouble copying and pasting the file, just view the contents in Notepad on the VM and copy the text into Notepad outside the VM. Do not use another text editor to do this.
>[!NOTE]
->Accept all prompts while running the above cmdlets.
+>When copying and pasting to or from VMs, avoid clicking other things with your mouse cursor between the copy and paste process as this can empty or overwrite the clipboard and require that you start over. Go directly from copy to paste.
-### Mount the Virtual Hard Drive (VHD)
+## Reset the VM back to Out-Of-Box-Experience (OOBE)
-To gain access to the AutopilotHWID.csv that contains the hardware ID, stop the Virtual Machine to unlock the Virtual Hard Drive.
-
-To do that, on your device (**not** on the Virtual Machine), open a PowerShell prompt **as an administrator** and run the following:
-```powershell
-Stop-VM -VMName WindowsAutopilot
-```
-
-Once the Virtual Machine has stopped, create a checkpoint:
-```powershell
-Checkpoint-VM -Name WindowsAutopilot -SnapshotName "HWID captured"
-```
-
-With the checkpoint created, continue to mount the VHD:
-```powershell
-Mount-VHD -path (Get-VMHardDiskDrive -VMName WindowsAutopilot).Path
-```
-
-Once mounted, navigate to the new drive and copy **AutopilotHWID.csv** to a location on your device.
-
-Before you proceed, unmount the VHD to unlock it and start the Virtual Machine:
-```powershell
-Dismount-VHD -path (Get-VMHardDiskDrive -VMName WindowsAutopilot).Path
-Start-VM -VMName WindowsAutopilot
-```
-
-## Reset Virtual Machine back to Out-Of-Box-Experience (OOBE)
-
-With the hardware ID captured, prepare your Virtual Machine for Windows Autopilot deployment by resetting it back to OOBE.
+With the hardware ID captured in a file, prepare your Virtual Machine for Windows Autopilot deployment by resetting it back to OOBE.
On the Virtual Machine, go to **Settings > Update & Security > Recovery** and click on **Get started** under **Reset this PC**.
Select **Remove everything** and **Just remove my files**. Finally, click on **Reset**.
-Resetting your Virtual Machine can take a while. Proceed to the next steps while your Virtual Machine is resetting.
+Resetting the VM or device can take a while. Proceed to the next step (verify subscription level) during the reset process.
+## Verify subscription level
+
+For this lab, you need an AAD Premium subscription. You can tell if you have a Premium subscription by navigating to the [MDM enrollment configuration](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Mobility) blade. See the following example:
+
+**Azure Active Directory** > **Mobility (MDM and MAM)** > **Microsoft Intune**
+
+
+
+If the configuration blade shown above does not appear, it’s likely that you don’t have a **Premium** subscription. Auto-enrollment is a feature only available in AAD Premium.
+
+To convert your Intune trial account to a free Premium trial account, navigate to **Azure Active Directory** > **Licenses** > **All products** > **Try / Buy** and select **Free trial** for Azure AD Premium, or EMS E5.
+
+
+
## Configure company branding
->[!IMPORTANT]
->If you already have company branding configured in Azure Active Directory, you can skip this step.
-
-Navigate to [Company branding in Azure Active Directory](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/LoginTenantBranding).
+If you already have company branding configured in Azure Active Directory, you can skip this step.
>[!IMPORTANT]
>Make sure to sign-in with a Global Administrator account.
-Click on **Configure** and configure any type of company branding you'd like to see during the OOBE.
+Navigate to [Company branding in Azure Active Directory](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/LoginTenantBranding), click on **Configure** and configure any type of company branding you'd like to see during the OOBE.
-
+
-Once finished, click **Save**.
+When you are finished, click **Save**.
>[!NOTE]
>Changes to company branding can take up to 30 minutes to apply.
-
## Configure Microsoft Intune auto-enrollment
->[!IMPORTANT]
->If you already have MDM auto-enrollment configured in Azure Active Directory, you can skip this step.
+If you already have MDM auto-enrollment configured in Azure Active Directory, you can skip this step.
-Navigate to [Mobility (MDM and MAM) in Azure Active Directory](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Mobility) and select **Microsoft Intune**.
+Open [Mobility (MDM and MAM) in Azure Active Directory](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Mobility) and select **Microsoft Intune**. If you do not see Microsoft Intune, click **Add application** and choose **Intune**.
For the purposes of this demo, select **All** under the **MDM user scope** and click **Save**.
-
+
-## Register your Virtual Machine to your organization
+## Register your VM
-Navigate to [Microsoft Store for Business device management](https://businessstore.microsoft.com/en-us/manage/devices). Click on **Add devices** and select the **AutopilotHWID.csv** you've saved earlier. A message will appear indicating your request is being processed. Wait a few moments before refreshing to see your Virtual Machine added.
+Your VM (or device) can be registered either via Intune or Microsoft Store for Business (MSfB). Both processes are shown here, but only pick one for purposes of this lab. We highly recommend using Intune rather than MSfB.
-
+### Autopilot registration using Intune
+
+1. In Intune in the Azure portal, choose **Device enrollment** > **Windows enrollment** > **Devices** > **Import**.
+
+ 
+
+ >[!NOTE]
+ >If menu items like **Windows enrollment** are not active for you, then look to the far-right blade in the UI. You might need to provide Intune configuration privileges in a challenge window that appeared.
+
+2. Under **Add Windows Autopilot devices** in the far right pane, browse to the **AutopilotHWID.csv** file you previously copied to your local computer. The file should contain the serial number and 4K HH of your VM (or device). It’s okay if other fields (Windows Product ID) are left blank.
+
+ 
+
+ You should receive confirmation that the file is formatted correctly before uploading it, as shown above.
+
+3. Click **Import** and wait until the import process completes. This can take up to 15 minutes.
+
+4. Click **Sync** to sync the device you just registered. Wait a few moments before refreshing to verify your VM or device has been added. See the following example.
+
+ 
+
+### Autopilot registration using MSfB
+
+>[!IMPORTANT]
+>If you've already registered your VM (or device) using Intune, then skip this step.
+
+Optional: see the following video for an overview of the process.
+
+
+
+> [!video https://www.youtube.com/embed/IpLIZU_j7Z0]
+
+First, you need a MSfB account. You can use the same one you created above for Intune, or follow [these instructions](https://docs.microsoft.com/en-us/microsoft-store/windows-store-for-business-overview) to create a new one.
+
+Next, sign in to [Microsoft Store for Business](https://businessstore.microsoft.com/en-us/store) using your test account by clicking **Sign in** in the upper-right-corner of the main page.
+
+Select **Manage** from the top menu, then click the **Windows Autopilot Deployment Program** link under the **Devices** card. See the following example:
+
+
+
+Click the **Add devices** link to upload your CSV file. A message will appear indicating your request is being processed. Wait a few moments before refreshing to see your new device has been added.
+
+
## Create and assign a Windows Autopilot deployment profile
-Navigate to [Windows enrollment in Microsoft Intune](https://portal.azure.com/#blade/Microsoft_Intune_Enrollment/OverviewBlade/windowsEnrollment).
+>[!IMPORTANT]
+>Autopilot profiles can be created and assigned to your registered VM or device either through Intune or MSfB. Both processes are shown here, but only pick one for purposes of this lab:
-Make sure to sync the device you've just registered, by clicking on **Devices** under **Windows Autopilot Deployment Program (Preview)** and selecting **Sync**. Wait a few moments before refreshing to see your Virtual Machine added.
+Pick one:
+- [Create profiles using Intune](#create-a-windows-autopilot-deployment-profile-using-intune)
+- [Create profiles using MSfB](#create-a-windows-autopilot-deployment-profile-using-msfb)
-
+### Create a Windows Autopilot deployment profile using Intune
-### Create a Windows Autopilot deployment profile
+>[!NOTE]
+>Even if you registered your device in MSfB, it will still appear in Intune, though you might have to **sync** and then **refresh** your device list first:
-Click on **Deployment profiles** under **Windows Autopilot Deployment Program (Preview)** and select **Create profile**.
+
-
+>The example above lists both a physical device and a VM. Your list should only include only one of these.
-In the **Create profile** blade, set the name to **Autopilot Intune Demo**, click on **Out-of-box experience (OOBE)** and configure the following:
-| Setting name | Value |
+To create a Windows Autopilot profile, select **Device enrollment** > **Windows enrollment** > **Deployment profiles**
+
+
+
+Click on **Create profile**.
+
+
+
+On the **Create profile** blade, use the following values:
+
+| Setting | Value |
|---|---|
-|Privacy Settings|Hide|
-|End user license agreement (EULA)|Hide|
-|User account type|Standard|
+| Name | Autopilot Lab profile |
+| Description | blank |
+| Convert all targeted devices to Autopilot | No |
+| Deployment mode | User-driven |
+| Join to Azure AD as | Azure AD joined |
-Click on **Save** and **Create**.
+Click on **Out-of-box experience (OOBE)** and configure the following settings:
-
+| Setting | Value |
+|---|---|
+| EULA | Hide |
+| Privacy Settings | Hide |
+| Hide change account options | Hide |
+| User account type | Standard |
+| Apply device name template | No |
-### Assign a Windows Autopilot deployment profile
+See the following example:
-With the deployment profile created, go back to **Devices** under **Windows Autopilot Deployment Program (Preview)** and select your Virtual Machine. Click on **Assign profile** and in the **Assign Profile** blade select **Autopilot Intune Demo** under the **Autopilot profile**. Click on **Assign**.
+
-
+Click on **OK** and then click on **Create**.
-Wait a few minutes for all changes to apply.
+>If you want to add an app to your profile via Intune, the OPTIONAL steps for doing so can be found in [Appendix B: Adding apps to your profile](#appendix-b-adding-apps-to-your-profile).
+
+#### Assign the profile
+
+Profiles can only be assigned to Groups, so first you must create a group that contains the devices to which the profile should be applied. This guide will provide simple instructions to assign a profile, for more detailed instructions, see [Create an Autopilot device group](https://docs.microsoft.com/intune/enrollment-autopilot#create-an-autopilot-device-group) and [Assign an Autopilot deployment profile to a device group](https://docs.microsoft.com/en-us/intune/enrollment-autopilot#assign-an-autopilot-deployment-profile-to-a-device-group), as optional reading.
+
+To create a Group, open the Azure Portal and select **Azure Active Directory** > **Groups** > **All groups**:
+
+
+
+Select New group from the Groups blade to open the new groups UI. Select the “Security” group type, name the group, and select the “Assigned” membership type:
+
+Before clicking **Create**, expand the **Members** panel, click your device's serial number (it will then appear under **Selected members**) and then click **Select** to add that device to this group.
+
+
+
+Now click **Create** to finish creating the new group.
+
+Click on **All groups** and click **Refresh** to verify that your new group has been successfully created.
+
+With a group created containing your device, you can now go back and assign your profile to that group. Navigate back to the Intune page in the Azure portal (one way is to type **Intune** in the top banner search bar and select **Intune** from the results).
+
+From Intune, select **Device enrollment** > **Windows enrollment** > **Deployment Profiles** to open the profile blade. Click on the name of the profile you previously created (Autopilot Lab profile) to open the details blade for that profile:
+
+
+
+Under **Manage**, click **Assignments**, and then with the **Include** tab highlighted, expand the **Select groups** blade and click **AP Lab Group 1** (the group will appear under **Selected members**).
+
+
+
+Click **Select** and then click **Save**.
+
+
+
+It’s also possible to assign specific users to a profile, but we will not cover this scenario in the lab. For more detailed information, see [Enroll Windows devices in Intune by using Windows Autopilot](https://docs.microsoft.com/intune/enrollment-autopilot).
+
+### Create a Windows Autopilot deployment profile using MSfB
+
+If you have already created and assigned a profile via Intune by using the steps immediately above, then skip this section.
+
+A [video](https://www.youtube.com/watch?v=IpLIZU_j7Z0) is available that covers the steps required to create and assign profiles in MSfB. These steps are also summarized below.
+
+First, sign in to the [Microsoft Store for Business](https://businessstore.microsoft.com/manage/dashboard) using the Intune account you initially created for this lab.
+
+Click **Manage** from the top menu, then click **Devices** from the left navigation tree.
+
+
+
+Click the **Windows Autopilot Deployment Program** link in the **Devices** tile.
+
+To CREATE the profile:
+
+Select your device from the **Devices** list:
+
+
+
+On the Autopilot deployment dropdown menu, select **Create new profile**:
+
+
+
+Name the profile, choose your desired settings, and then click **Create**:
+
+
+
+The new profile is added to the Autopilot deployment list.
+
+To ASSIGN the profile:
+
+To assign (or reassign) the profile to a device, select the checkboxes next to the device you registered for this lab, then select the profile you want to assign from the **Autopilot deployment** dropdown menu as shown:
+
+
+
+Confirm the profile was successfully assigned to the intended device by checking the contents of the **Profile** column:
+
+
+
+>[!IMPORTANT]
+>The new profile will only be applied if the device has not been started, and gone through OOBE. Settings from a different profile can't be applied when another profile has been applied. Windows would need to be reinstalled on the device for the second profile to be applied to the device.
## See Windows Autopilot in action
-By now, your Virtual Machine should be back to OOBE. Make sure to wait at least 30 minutes from the time you've [configured company branding](#configure-company-branding)
-, otherwise those changes might not show up.
+If you shut down your VM after the last reset, it’s time to start it back up again, so it can progress through the Autopilot OOBE experience but do not attempt to start your device again until the **PROFILE STATUS** for your device in Intune has changed from **Not assigned** to **Assigning** and finally **Assigned**:
+
+
+
+Also, make sure to wait at least 30 minutes from the time you've [configured company branding](#configure-company-branding), otherwise these changes might not show up.
+
+>[!TIP]
+>If you reset your device previously after collecting the 4K HH info, and then let it restart back to the first OOBE screen, then you might need to restart the device again to ensure the device is recognized as an Autopilot device and displays the Autopilot OOBE experience you’re expecting. If you do not see the Autopilot OOBE experience, then reset the device again (Settings > Update & Security > Recovery and click on Get started. Under Reset this PC, select Remove everything and Just remove my files. Click on Reset).
+
+- Ensure your device has an internet connection.
+- Turn on the device
+- Verify that the appropriate OOBE screens (with appropriate Company Branding) appear. You should see the region selection screen, the keyboard selection screen, and the second keyboard selection screen (which you can skip).
+
+
+
+Soon after reaching the desktop, the device should show up in Intune as an **enabled** Autopilot device. Go into the Intune Azure portal, and select **Devices > All devices**, then **Refresh** the data to verify that your device has changed from disabled to enabled, and the name of the device is updated.
+
+
Once you select a language and a keyboard layout, your company branded sign-in screen should appear. Provide your Azure Active Directory credentials and you're all done.
-
+Windows Autopilot will now take over to automatically join your device into Azure Active Directory and enroll it to Microsoft Intune. Use the checkpoints you've created to go through this process again with different settings.
-Windows Autopilot will now take over to automatically join your Virtual Machine into Azure Active Directory and enroll it to Microsoft Intune. Use the checkpoints you've created to go through this process again with different settings.
+## Remove devices from Autopilot
+To use the device (or VM) for other purposes after completion of this lab, you will need to remove (deregister) it from Autopilot via either Intune or MSfB, and then reset it. Instructions for deregistering devices can be found [here](https://docs.microsoft.com/en-us/intune/enrollment-autopilot#create-an-autopilot-device-group) and [here](https://docs.microsoft.com/en-us/intune/devices-wipe#delete-devices-from-the-azure-active-directory-portal) and below.
+
+### Delete (deregister) Autopilot device
+
+You need to delete (or retire, or factory reset) the device from Intune before deregistering the device from Autopilot. To delete the device from Intune (not Azure Active Directory), log into your Intune Azure portal, then navigate to **Intune > Devices > All Devices**. Select the checkbox next to the device you want to delete, then click the Delete button along the top menu.
+
+
+
+Click **X** when challenged to complete the operation:
+
+
+
+This will remove the device from Intune management, and it will disappear from **Intune > Devices > All devices**. But this does not yet deregister the device from Autopilot, so the device should still appear under **Intune > Device Enrollment > Windows Enrollment > Windows Autopilot Deployment Program > Devices**.
+
+
+
+The **Intune > Devices > All Devices** list and the **Intune > Device Enrollment > Windows Enrollment > Windows Autopilot Deployment Program > Devices** list mean different things and are two completely separate datastores. The former (All devices) is the list of devices currently enrolled into Intune. Note: A device will only appear in the All devices list once it has booted. The latter (Windows Autopilot Deployment Program > Devices) is the list of devices currently registered from that Intune account into the Autopilot program - which may or may not be enrolled to Intune.
+
+To remove the device from the Autopilot program, select the device and click Delete.
+
+
+
+A warning message appears reminding you to first remove the device from Intune, which we previously did.
+
+
+
+At this point, your device has been unenrolled from Intune and also deregistered from Autopilot. After several minutes, click the **Sync** button, followed by the **Refresh** button to confirm the device is no longer listed in the Autopilot program:
+
+
+
+Once the device no longer appears, you are free to reuse it for other purposes.
+
+If you also (optionally) want to remove your device from AAD, navigate to **Azure Active Directory > Devices > All Devices**, select your device, and click the delete button:
+
+
+
+## Appendix A: Verify support for Hyper-V
+
+Starting with Windows 8, the host computer’s microprocessor must support second level address translation (SLAT) to install Hyper-V. See [Hyper-V: List of SLAT-Capable CPUs for Hosts](https://social.technet.microsoft.com/wiki/contents/articles/1401.hyper-v-list-of-slat-capable-cpus-for-hosts.aspx) for more information.
+
+To verify your computer supports SLAT, open an administrator command prompt, type **systeminfo**, press ENTER, scroll down, and review the section displayed at the bottom of the output, next to Hyper-V Requirements. See the following example:
+
+
+C:\>systeminfo
+
+...
+Hyper-V Requirements: VM Monitor Mode Extensions: Yes
+ Virtualization Enabled In Firmware: Yes
+ Second Level Address Translation: Yes
+ Data Execution Prevention Available: Yes
+
+
+In this example, the computer supports SLAT and Hyper-V.
+
+>If one or more requirements are evaluated as **No** then the computer does not support installing Hyper-V. However, if only the virtualization setting is incompatible, you might be able to enable virtualization in the BIOS and change the **Virtualization Enabled In Firmware** setting from **No** to **Yes**. The location of this setting will depend on the manufacturer and BIOS version, but is typically found associated with the BIOS security settings.
+
+You can also identify Hyper-V support using [tools](https://blogs.msdn.microsoft.com/taylorb/2008/06/19/hyper-v-will-my-computer-run-hyper-v-detecting-intel-vt-and-amd-v/) provided by the processor manufacturer, the [msinfo32](https://technet.microsoft.com/library/cc731397.aspx) tool, or you can download the [coreinfo](https://technet.microsoft.com/sysinternals/cc835722) utility and run it, as shown in the following example:
+
+
+C:\>coreinfo -v
+
+Coreinfo v3.31 - Dump information on system CPU and memory topology
+Copyright (C) 2008-2014 Mark Russinovich
+Sysinternals - www.sysinternals.com
+
+Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
+Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
+Microcode signature: 0000001B
+HYPERVISOR - Hypervisor is present
+VMX * Supports Intel hardware-assisted virtualization
+EPT * Supports Intel extended page tables (SLAT)
+
+
+Note: A 64-bit operating system is required to run Hyper-V.
+
+## Appendix B: Adding apps to your profile
+
+### Add a Win32 app
+
+#### Prepare the app for Intune
+
+Before we can pull an application into Intune to make it part of our AP profile, we need to “package” the application for delivery using the [IntuneWinAppUtil.exe command-line tool](https://github.com/Microsoft/Intune-Win32-App-Packaging-Tool). After downloading the tool, gather the following three bits of information to use the tool:
+
+1. The source folder for your application
+2. The name of the setup executable file
+3. The output folder for the new file
+
+For the purposes of this lab, we’ll use the Notepad++ tool as our Win32 app.
+
+Download the Notepad++ msi package [here](https://www.hass.de/content/notepad-msi-package-enterprise-deployment-available) and then opy the file to a known location, such as C:\Notepad++msi.
+
+Run the IntuneWinAppUtil tool, supplying answers to the three questions, for example:
+
+
+
+After the tool finishes running, you should have an .intunewin file in the Output folder, which you can now upload into Intune using the following steps.
+
+#### Create app in Intune
+
+Log into the Azure portal and select **Intune**.
+
+Navigate to **Intune > Clients apps > Apps**, and then click the **Add** button to create a new app package.
+
+
+
+Under **App Type**, select **Windows app (Win32)**:
+
+
+
+On the **App package file** blade, browse to the **npp.7.6.3.installer.x64.intunewin** file in your output folder, open it, then click **OK**:
+
+
+
+On the **App Information Configure** blade, provide a friendly name, description, and publisher, such as:
+
+
+
+On the **Program Configuration** blade, supply the install and uninstall commands:
+
+Install: msiexec /i "npp.7.6.3.installer.x64.msi" /q
+Uninstall: msiexec /x "{F188A506-C3C6-4411-BE3A-DA5BF1EA6737}" /q
+
+NOTE: Likely, you do not have to write the install and uninstall commands yourself because the [IntuneWinAppUtil.exe command-line tool](https://github.com/Microsoft/Intune-Win32-App-Packaging-Tool) automatically generated them when it converted the .msi file into a .intunewin file.
+
+
+
+Simply using an install command like “notepad++.exe /S” will not actually install Notepad++; it will only launch the app. To actually install the program, we need to use the .msi file instead. Notepad++ doesn’t actually have an .msi version of their program, but we got an .msi version from a [third party provider](https://www.hass.de/content/notepad-msi-package-enterprise-deployment-available).
+
+Click **OK** to save your input and activate the **Requirements** blade.
+
+On the **Requirements Configuration** blade, specify the **OS architecture** and the **Minimum OS version**:
+
+
+
+Next, configure the **Detection rules**. For our purposes, we will select manual format:
+
+
+
+Click **Add** to define the rule properties. For **Rule type**, select **MSI**, which will automatically import the right MSI product code into the rule:
+
+
+
+Click **OK** twice to save, as you back out to the main **Add app** blade again for the final configuration.
+
+**Return codes**: For our purposes, leave the return codes at their default values:
+
+
+
+Click **OK** to exit.
+
+You may skip configuring the final **Scope (Tags)** blade.
+
+Click the **Add** button to finalize and save your app package.
+
+Once the indicator message says the addition has completed.
+
+
+
+You will be able to find your app in your app list:
+
+
+
+#### Assign the app to your Intune profile
+
+**NOTE**: The following steps only work if you previously [created a GROUP in Intune and assigned a profile to it](#assign-the-profile). If you have not done that, please return to the main part of the lab and complete those steps before returning here.
+
+In the **Intune > Client Apps > Apps** pane, select the app package you already created to reveal its properties blade. Then click **Assignments** from the menu:
+
+
+
+Select **Add Group** to open the **Add group** pane that is related to the app.
+
+For our purposes, select *8Required** from the **Assignment type** dropdown menu:
+
+>**Available for enrolled devices** means users install the app from the Company Portal app or Company Portal website.
+
+Select **Included Groups** and assign the groups you previously created that will use this app:
+
+
+
+
+
+In the **Select groups** pane, click the **Select** button.
+
+In the **Assign group** pane, select **OK**.
+
+In the **Add group** pane, select **OK**.
+
+In the app **Assignments** pane, select **Save**.
+
+
+
+At this point, you have completed steps to add a Win32 app to Intune.
+
+For more information on adding adds to Intune, see [Intune Standalone - Win32 app management](https://docs.microsoft.com/en-us/intune/apps-win32-app-management).
+
+### Add Office 365
+
+#### Create app in Intune
+
+Log into the Azure portal and select **Intune**.
+
+Navigate to **Intune > Clients apps > Apps**, and then click the **Add** button to create a new app package.
+
+
+
+Under **App Type**, select **Office 365 Suite > Windows 10**:
+
+
+
+Under the **Configure App Suite** pane, select the Office apps you want to install. For the purposes of this labe we have only selected Excel:
+
+
+
+Click **OK**.
+
+In the **App Suite Information** pane, enter a unique suite name, and a suitable description.
+
+>Enter the name of the app suite as it is displayed in the company portal. Make sure that all suite names that you use are unique. If the same app suite name exists twice, only one of the apps is displayed to users in the company portal.
+
+
+
+Click **OK**.
+
+In the **App Suite Settings** pane, select **Monthly** for the **Update channel** (any selection would be fine for the purposes of this lab). Also select **Yes** for **Automatically accept the app end user license agreement**:
+
+
+
+Click **OK** and then click **Add**.
+
+#### Assign the app to your Intune profile
+
+**NOTE**: The following steps only work if you previously [created a GROUP in Intune and assigned a profile to it](#assign-the-profile). If you have not done that, please return to the main part of the lab and complete those steps before returning here.
+
+In the **Intune > Client Apps > Apps** pane, select the Office package you already created to reveal its properties blade. Then click **Assignments** from the menu:
+
+
+
+Select **Add Group** to open the **Add group** pane that is related to the app.
+
+For our purposes, select **Required** from the **Assignment type** dropdown menu:
+
+>**Available for enrolled devices** means users install the app from the Company Portal app or Company Portal website.
+
+Select **Included Groups** and assign the groups you previously created that will use this app:
+
+
+
+
+
+In the **Select groups** pane, click the **Select** button.
+
+In the **Assign group** pane, select **OK**.
+
+In the **Add group** pane, select **OK**.
+
+In the app **Assignments** pane, select **Save**.
+
+
+
+At this point, you have completed steps to add Office to Intune.
+
+For more information on adding Office apps to Intune, see [Assign Office 365 apps to Windows 10 devices with Microsoft Intune](https://docs.microsoft.com/en-us/intune/apps-add-office365).
+
+If you installed both the win32 app (Notepad++) and Office (just Excel) per the instructions in this lab, your VM will show them in the apps list, although it could take several minutes to populate:
+
+
+
+## Glossary
+
+
+| OEM | Original Equipment Manufacturer |
+| CSV | Comma Separated Values |
+| MPC | Microsoft Partner Center |
+| CSP | Cloud Solution Provider |
+| MSfB | Microsoft Store for Business |
+| AAD | Azure Active Directory |
+| 4K HH | 4K Hardware Hash |
+| CBR | Computer Build Report |
+| EC | Enterprise Commerce (server) |
+| DDS | Device Directory Service |
+| OOBE | Out of the Box Experience |
+| VM | Virtual Machine |
+
diff --git a/windows/deployment/windows-autopilot/enrollment-status.md b/windows/deployment/windows-autopilot/enrollment-status.md
index 89e9a585ba..d2e6471454 100644
--- a/windows/deployment/windows-autopilot/enrollment-status.md
+++ b/windows/deployment/windows-autopilot/enrollment-status.md
@@ -62,7 +62,7 @@ The following types of policies and installations are not tracked:
## More information
For more information on configuring the Enrollment Status page, see the [Microsoft Intune documentation](https://docs.microsoft.com/intune/windows-enrollment-status).
-For details about the underlying implementation, see the [FirstSyncStatus details in the DMClient CSP docuementation](https://docs.microsoft.com/windows/client-management/mdm/dmclient-csp).
+For details about the underlying implementation, see the [FirstSyncStatus details in the DMClient CSP documentation](https://docs.microsoft.com/windows/client-management/mdm/dmclient-csp).
For more information about blocking for app installation:
- [Blocking for app installation using Enrollment Status Page](https://blogs.technet.microsoft.com/mniehaus/2018/12/06/blocking-for-app-installation-using-enrollment-status-page/).
-- [Support Tip: Office C2R installation is now tracked during ESP](https://techcommunity.microsoft.com/t5/Intune-Customer-Success/Support-Tip-Office-C2R-installation-is-now-tracked-during-ESP/ba-p/295514).
\ No newline at end of file
+- [Support Tip: Office C2R installation is now tracked during ESP](https://techcommunity.microsoft.com/t5/Intune-Customer-Success/Support-Tip-Office-C2R-installation-is-now-tracked-during-ESP/ba-p/295514).
diff --git a/windows/deployment/windows-autopilot/existing-devices.md b/windows/deployment/windows-autopilot/existing-devices.md
index 643cfeb6bd..0996810392 100644
--- a/windows/deployment/windows-autopilot/existing-devices.md
+++ b/windows/deployment/windows-autopilot/existing-devices.md
@@ -20,7 +20,7 @@ ms.topic: article
Modern desktop management with Windows Autopilot enables you to easily deploy the latest version of Windows 10 to your existing devices. The apps you need for work can be automatically installed. Your work profile is synchronized, so you can resume working right away.
-This topic describes how to convert Windows 7 domain-joined computers to Azure Active Directory-joined computers running Windows 10 by using Windows Autopilot.
+This topic describes how to convert Windows 7 or Windows 8.1 domain-joined computers to Azure Active Directory-joined computers running Windows 10 by using Windows Autopilot.
## Prerequisites
@@ -278,7 +278,7 @@ Next, ensure that all content required for the task sequence is deployed to dist
### Complete the client installation process
-1. Open the Software Center on the target Windows 7 client computer. You can do this by clicking Start and then typing **software** in the search box, or by typing the following at a Windows PowerShell or command prompt:
+1. Open the Software Center on the target Windows 7 or Windows 8.1 client computer. You can do this by clicking Start and then typing **software** in the search box, or by typing the following at a Windows PowerShell or command prompt:
```
C:\Windows\CCM\SCClient.exe
diff --git a/windows/deployment/windows-autopilot/images/aad-lic1.png b/windows/deployment/windows-autopilot/images/aad-lic1.png
new file mode 100644
index 0000000000..569d601066
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/aad-lic1.png differ
diff --git a/windows/deployment/windows-autopilot/images/all-groups.png b/windows/deployment/windows-autopilot/images/all-groups.png
new file mode 100644
index 0000000000..6ae904ed62
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/all-groups.png differ
diff --git a/windows/deployment/windows-autopilot/images/app01.png b/windows/deployment/windows-autopilot/images/app01.png
new file mode 100644
index 0000000000..f551c5ca68
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app01.png differ
diff --git a/windows/deployment/windows-autopilot/images/app02.png b/windows/deployment/windows-autopilot/images/app02.png
new file mode 100644
index 0000000000..e5036043cc
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app02.png differ
diff --git a/windows/deployment/windows-autopilot/images/app03.png b/windows/deployment/windows-autopilot/images/app03.png
new file mode 100644
index 0000000000..63ef76b3f8
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app03.png differ
diff --git a/windows/deployment/windows-autopilot/images/app04.png b/windows/deployment/windows-autopilot/images/app04.png
new file mode 100644
index 0000000000..bd307c4a46
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app04.png differ
diff --git a/windows/deployment/windows-autopilot/images/app05.png b/windows/deployment/windows-autopilot/images/app05.png
new file mode 100644
index 0000000000..83861dcd51
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app05.png differ
diff --git a/windows/deployment/windows-autopilot/images/app06.png b/windows/deployment/windows-autopilot/images/app06.png
new file mode 100644
index 0000000000..9563e0514c
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app06.png differ
diff --git a/windows/deployment/windows-autopilot/images/app07.png b/windows/deployment/windows-autopilot/images/app07.png
new file mode 100644
index 0000000000..59025e69fa
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app07.png differ
diff --git a/windows/deployment/windows-autopilot/images/app08.png b/windows/deployment/windows-autopilot/images/app08.png
new file mode 100644
index 0000000000..cea5edfc57
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app08.png differ
diff --git a/windows/deployment/windows-autopilot/images/app09.png b/windows/deployment/windows-autopilot/images/app09.png
new file mode 100644
index 0000000000..250c85dd8a
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app09.png differ
diff --git a/windows/deployment/windows-autopilot/images/app10.png b/windows/deployment/windows-autopilot/images/app10.png
new file mode 100644
index 0000000000..8d5af2ece1
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app10.png differ
diff --git a/windows/deployment/windows-autopilot/images/app11.png b/windows/deployment/windows-autopilot/images/app11.png
new file mode 100644
index 0000000000..9ca5bc10eb
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app11.png differ
diff --git a/windows/deployment/windows-autopilot/images/app12.png b/windows/deployment/windows-autopilot/images/app12.png
new file mode 100644
index 0000000000..3f82bf78a9
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app12.png differ
diff --git a/windows/deployment/windows-autopilot/images/app13.png b/windows/deployment/windows-autopilot/images/app13.png
new file mode 100644
index 0000000000..2b499f4ec2
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app13.png differ
diff --git a/windows/deployment/windows-autopilot/images/app14.png b/windows/deployment/windows-autopilot/images/app14.png
new file mode 100644
index 0000000000..e809db6134
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app14.png differ
diff --git a/windows/deployment/windows-autopilot/images/app15.png b/windows/deployment/windows-autopilot/images/app15.png
new file mode 100644
index 0000000000..b85a96bf9e
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app15.png differ
diff --git a/windows/deployment/windows-autopilot/images/app16.png b/windows/deployment/windows-autopilot/images/app16.png
new file mode 100644
index 0000000000..f22f74a091
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app16.png differ
diff --git a/windows/deployment/windows-autopilot/images/app17.png b/windows/deployment/windows-autopilot/images/app17.png
new file mode 100644
index 0000000000..5adfc9218f
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app17.png differ
diff --git a/windows/deployment/windows-autopilot/images/app18.png b/windows/deployment/windows-autopilot/images/app18.png
new file mode 100644
index 0000000000..24c4b9f331
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app18.png differ
diff --git a/windows/deployment/windows-autopilot/images/app19.png b/windows/deployment/windows-autopilot/images/app19.png
new file mode 100644
index 0000000000..281ba9fb40
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app19.png differ
diff --git a/windows/deployment/windows-autopilot/images/app20.png b/windows/deployment/windows-autopilot/images/app20.png
new file mode 100644
index 0000000000..a5a066b45e
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app20.png differ
diff --git a/windows/deployment/windows-autopilot/images/app21.png b/windows/deployment/windows-autopilot/images/app21.png
new file mode 100644
index 0000000000..d2e23f2db4
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app21.png differ
diff --git a/windows/deployment/windows-autopilot/images/app22.png b/windows/deployment/windows-autopilot/images/app22.png
new file mode 100644
index 0000000000..4541a69204
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app22.png differ
diff --git a/windows/deployment/windows-autopilot/images/app23.png b/windows/deployment/windows-autopilot/images/app23.png
new file mode 100644
index 0000000000..19b951c653
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app23.png differ
diff --git a/windows/deployment/windows-autopilot/images/app24.png b/windows/deployment/windows-autopilot/images/app24.png
new file mode 100644
index 0000000000..aa77e4083f
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app24.png differ
diff --git a/windows/deployment/windows-autopilot/images/app25.png b/windows/deployment/windows-autopilot/images/app25.png
new file mode 100644
index 0000000000..544d1ae37a
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app25.png differ
diff --git a/windows/deployment/windows-autopilot/images/app26.png b/windows/deployment/windows-autopilot/images/app26.png
new file mode 100644
index 0000000000..e210faa31b
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app26.png differ
diff --git a/windows/deployment/windows-autopilot/images/autopilot-aad-mdm.png b/windows/deployment/windows-autopilot/images/autopilot-aad-mdm.png
new file mode 100644
index 0000000000..1533f68c7c
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/autopilot-aad-mdm.png differ
diff --git a/windows/deployment/windows-autopilot/images/branding.png b/windows/deployment/windows-autopilot/images/branding.png
new file mode 100644
index 0000000000..46dd37bc4a
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/branding.png differ
diff --git a/windows/deployment/windows-autopilot/images/create-profile.png b/windows/deployment/windows-autopilot/images/create-profile.png
new file mode 100644
index 0000000000..52f087721d
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/create-profile.png differ
diff --git a/windows/deployment/windows-autopilot/images/delete-device1.png b/windows/deployment/windows-autopilot/images/delete-device1.png
new file mode 100644
index 0000000000..e73f929fbd
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/delete-device1.png differ
diff --git a/windows/deployment/windows-autopilot/images/delete-device2.png b/windows/deployment/windows-autopilot/images/delete-device2.png
new file mode 100644
index 0000000000..ed764ac1ed
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/delete-device2.png differ
diff --git a/windows/deployment/windows-autopilot/images/delete-device3.png b/windows/deployment/windows-autopilot/images/delete-device3.png
new file mode 100644
index 0000000000..a2daa1c39a
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/delete-device3.png differ
diff --git a/windows/deployment/windows-autopilot/images/delete-device4.png b/windows/deployment/windows-autopilot/images/delete-device4.png
new file mode 100644
index 0000000000..c0119fbc39
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/delete-device4.png differ
diff --git a/windows/deployment/windows-autopilot/images/delete-device5.png b/windows/deployment/windows-autopilot/images/delete-device5.png
new file mode 100644
index 0000000000..33b539d33c
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/delete-device5.png differ
diff --git a/windows/deployment/windows-autopilot/images/delete-device6.png b/windows/deployment/windows-autopilot/images/delete-device6.png
new file mode 100644
index 0000000000..23cbcb7c44
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/delete-device6.png differ
diff --git a/windows/deployment/windows-autopilot/images/delete-device7.png b/windows/deployment/windows-autopilot/images/delete-device7.png
new file mode 100644
index 0000000000..dcdeee5205
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/delete-device7.png differ
diff --git a/windows/deployment/windows-autopilot/images/deployment-profiles.png b/windows/deployment/windows-autopilot/images/deployment-profiles.png
new file mode 100644
index 0000000000..7888da55d1
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/deployment-profiles.png differ
diff --git a/windows/deployment/windows-autopilot/images/deployment-profiles2.png b/windows/deployment/windows-autopilot/images/deployment-profiles2.png
new file mode 100644
index 0000000000..6ff9fbb89e
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/deployment-profiles2.png differ
diff --git a/windows/deployment/windows-autopilot/images/device-import.png b/windows/deployment/windows-autopilot/images/device-import.png
new file mode 100644
index 0000000000..3be4cff996
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/device-import.png differ
diff --git a/windows/deployment/windows-autopilot/images/device-status.png b/windows/deployment/windows-autopilot/images/device-status.png
new file mode 100644
index 0000000000..5a78973ce5
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/device-status.png differ
diff --git a/windows/deployment/windows-autopilot/images/enabled-device.png b/windows/deployment/windows-autopilot/images/enabled-device.png
new file mode 100644
index 0000000000..96dc935309
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/enabled-device.png differ
diff --git a/windows/deployment/windows-autopilot/images/hwid-csv.png b/windows/deployment/windows-autopilot/images/hwid-csv.png
new file mode 100644
index 0000000000..ac177e0b5a
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/hwid-csv.png differ
diff --git a/windows/deployment/windows-autopilot/images/hwid.png b/windows/deployment/windows-autopilot/images/hwid.png
new file mode 100644
index 0000000000..fcc73fa0b0
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/hwid.png differ
diff --git a/windows/deployment/windows-autopilot/images/import-vm.png b/windows/deployment/windows-autopilot/images/import-vm.png
new file mode 100644
index 0000000000..5fb97cda5d
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/import-vm.png differ
diff --git a/windows/deployment/windows-autopilot/images/include-group.png b/windows/deployment/windows-autopilot/images/include-group.png
new file mode 100644
index 0000000000..fb7bca7efa
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/include-group.png differ
diff --git a/windows/deployment/windows-autopilot/images/include-group2.png b/windows/deployment/windows-autopilot/images/include-group2.png
new file mode 100644
index 0000000000..585d006bac
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/include-group2.png differ
diff --git a/windows/deployment/windows-autopilot/images/intune-devices.png b/windows/deployment/windows-autopilot/images/intune-devices.png
new file mode 100644
index 0000000000..bc29c76511
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/intune-devices.png differ
diff --git a/windows/deployment/windows-autopilot/images/mdm-intune.png b/windows/deployment/windows-autopilot/images/mdm-intune.png
new file mode 100644
index 0000000000..db9b144fad
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/mdm-intune.png differ
diff --git a/windows/deployment/windows-autopilot/images/mdm-intune2.png b/windows/deployment/windows-autopilot/images/mdm-intune2.png
new file mode 100644
index 0000000000..d464863f37
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/mdm-intune2.png differ
diff --git a/windows/deployment/windows-autopilot/images/msfb-assign1.png b/windows/deployment/windows-autopilot/images/msfb-assign1.png
new file mode 100644
index 0000000000..c1e8e27e21
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb-assign1.png differ
diff --git a/windows/deployment/windows-autopilot/images/msfb-assign2.png b/windows/deployment/windows-autopilot/images/msfb-assign2.png
new file mode 100644
index 0000000000..fd3be16853
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb-assign2.png differ
diff --git a/windows/deployment/windows-autopilot/images/msfb-create1.png b/windows/deployment/windows-autopilot/images/msfb-create1.png
new file mode 100644
index 0000000000..f76aa82991
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb-create1.png differ
diff --git a/windows/deployment/windows-autopilot/images/msfb-create2.png b/windows/deployment/windows-autopilot/images/msfb-create2.png
new file mode 100644
index 0000000000..ec6c260fcd
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb-create2.png differ
diff --git a/windows/deployment/windows-autopilot/images/msfb-create3.png b/windows/deployment/windows-autopilot/images/msfb-create3.png
new file mode 100644
index 0000000000..a6241fb5ea
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb-create3.png differ
diff --git a/windows/deployment/windows-autopilot/images/msfb-device.png b/windows/deployment/windows-autopilot/images/msfb-device.png
new file mode 100644
index 0000000000..d338056013
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb-device.png differ
diff --git a/windows/deployment/windows-autopilot/images/msfb-manage.png b/windows/deployment/windows-autopilot/images/msfb-manage.png
new file mode 100644
index 0000000000..9bf684d844
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb-manage.png differ
diff --git a/windows/deployment/windows-autopilot/images/msfb-manage2.png b/windows/deployment/windows-autopilot/images/msfb-manage2.png
new file mode 100644
index 0000000000..406aaf5948
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb-manage2.png differ
diff --git a/windows/deployment/windows-autopilot/images/msfb-manage3.png b/windows/deployment/windows-autopilot/images/msfb-manage3.png
new file mode 100644
index 0000000000..bf5fb1ccf9
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb-manage3.png differ
diff --git a/windows/deployment/windows-autopilot/images/msfb.png b/windows/deployment/windows-autopilot/images/msfb.png
new file mode 100644
index 0000000000..af937c2c5f
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb.png differ
diff --git a/windows/deployment/windows-autopilot/images/new-group.png b/windows/deployment/windows-autopilot/images/new-group.png
new file mode 100644
index 0000000000..c18c1865f6
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/new-group.png differ
diff --git a/windows/deployment/windows-autopilot/images/profile.png b/windows/deployment/windows-autopilot/images/profile.png
new file mode 100644
index 0000000000..40cf26bee2
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/profile.png differ
diff --git a/windows/deployment/windows-autopilot/images/winsetup1.png b/windows/deployment/windows-autopilot/images/winsetup1.png
new file mode 100644
index 0000000000..c8048256c4
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/winsetup1.png differ
diff --git a/windows/deployment/windows-autopilot/images/winsetup2.png b/windows/deployment/windows-autopilot/images/winsetup2.png
new file mode 100644
index 0000000000..43db844334
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/winsetup2.png differ
diff --git a/windows/deployment/windows-autopilot/images/winsetup3.png b/windows/deployment/windows-autopilot/images/winsetup3.png
new file mode 100644
index 0000000000..dbea3969de
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/winsetup3.png differ
diff --git a/windows/deployment/windows-autopilot/images/winsetup4.png b/windows/deployment/windows-autopilot/images/winsetup4.png
new file mode 100644
index 0000000000..1121b1dff5
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/winsetup4.png differ
diff --git a/windows/deployment/windows-autopilot/images/winsetup5.png b/windows/deployment/windows-autopilot/images/winsetup5.png
new file mode 100644
index 0000000000..2757253097
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/winsetup5.png differ
diff --git a/windows/deployment/windows-autopilot/images/winsetup6.png b/windows/deployment/windows-autopilot/images/winsetup6.png
new file mode 100644
index 0000000000..e91843e1ff
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/winsetup6.png differ
diff --git a/windows/deployment/windows-autopilot/images/winsetup7.png b/windows/deployment/windows-autopilot/images/winsetup7.png
new file mode 100644
index 0000000000..dadf85485e
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/winsetup7.png differ
diff --git a/windows/deployment/windows-autopilot/images/winsetup8.png b/windows/deployment/windows-autopilot/images/winsetup8.png
new file mode 100644
index 0000000000..9d7a499db0
Binary files /dev/null and b/windows/deployment/windows-autopilot/images/winsetup8.png differ
diff --git a/windows/deployment/windows-autopilot/troubleshooting.md b/windows/deployment/windows-autopilot/troubleshooting.md
index 70fa92e2a5..0d365a9cac 100644
--- a/windows/deployment/windows-autopilot/troubleshooting.md
+++ b/windows/deployment/windows-autopilot/troubleshooting.md
@@ -85,10 +85,12 @@ On Windows 10 version 1703 and above, ETW tracing can be used to capture detaile
The most common issue joining a device to Azure AD is related to Azure AD permissions. Ensure [the correct configuration is in place](windows-autopilot-requirements-configuration.md) to allow users to join devices to Azure AD. Errors can also happen if the user has exceeded the number of devices that they are allowed to join, as configured in Azure AD.
-Error code 801C0003 will typically be reported on an error page titled "Something went wrong." This error means that the Azure AD join failed.
+Error code 801C0003 will typically be reported on an error page titled "Something went wrong". This error means that the Azure AD join failed.
### Troubleshooting Intune enrollment issues
See [this knowledge base article](https://support.microsoft.com/help/4089533/troubleshooting-windows-device-enrollment-problems-in-microsoft-intune) for assistance with Intune enrollment issues. Common issues include incorrect or missing licenses assigned to the user or too many devices enrolled for the user.
-Error code 80180018 will typiclaly be reported on an error page titled "Something went wrong." This error means that the MDM enrollment failed.
+Error code 80180018 will typically be reported on an error page titled "Something went wrong". This error means that the MDM enrollment failed.
+
+If Autopilot Reset fails immediately with an error "Ran into trouble. Please sign in with an administrator account to see why and reset manually," see [Troubleshoot Autopilot Reset](https://docs.microsoft.com/education/windows/autopilot-reset#troubleshoot-autopilot-reset) for more help.
diff --git a/windows/deployment/windows-autopilot/user-driven-hybrid.md b/windows/deployment/windows-autopilot/user-driven-hybrid.md
index c084916d3e..d69c5869ba 100644
--- a/windows/deployment/windows-autopilot/user-driven-hybrid.md
+++ b/windows/deployment/windows-autopilot/user-driven-hybrid.md
@@ -32,7 +32,7 @@ To perform a user-driven hybrid AAD joined deployment using Windows Autopilot:
- The device must be connected to the Internet and have access to an Active Directory domain controller.
- The Intune Connector for Active Directory must be installed.
- Note: The Intune Connector will perform an on-prem AD join, therefore users do not need on-prem AD-join permission, assuming the Connector is [configured to perform this action](https://docs.microsoft.com/intune/windows-autopilot-hybrid#increase-the-computer-account-limit-in-the-organizational-unit) on the user's behalf.
-- If using Proxy, WDAP Proxy settings option must be enabled and configured.
+- If using Proxy, WPAD Proxy settings option must be enabled and configured.
**AAD device join**: The hybrid AAD join process uses the system context to perform device AAD join, therefore it is not affected by user based AAD join permission settings. In addition, all users are enabled to join devices to AAD by default.
diff --git a/windows/deployment/windows-autopilot/windows-autopilot-requirements-network.md b/windows/deployment/windows-autopilot/windows-autopilot-requirements-network.md
index dc3de62a1b..f2b2c19fb8 100644
--- a/windows/deployment/windows-autopilot/windows-autopilot-requirements-network.md
+++ b/windows/deployment/windows-autopilot/windows-autopilot-requirements-network.md
@@ -26,7 +26,12 @@ Windows Autopilot depends on a variety of internet-based services; access to the
In environments that have more restrictive internet access, or for those that require authentication before internet access can be obtained, additional configuration may be required to whitelist access to the needed services. For additional details about each of these services and their specific requirements, review the following details:
-- **Windows Autopilot Deployment Service (and Windows Activation).** After a network connection is in place, each Windows 10 device will contact the Windows Autopilot Deployment Service using the same services used for Windows Activation. See the following link for details:
+- **Windows Autopilot Deployment Service (and Windows Activation).** After a network connection is in place, each Windows 10 device will contact the Windows Autopilot Deployment Service. With Windows 10 builds 18204 and above, the following URLs are used:
+
+ - https://ztd.dds.microsoft.com
+ - https://cs.dds.microsoft.com
+
+ For all supported Windows 10 releases, Windows Autopilot also uses Windows Activation services. See the following link for details:
-
diff --git a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
index fc304b4020..358e9fefd8 100644
--- a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
+++ b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
@@ -22,16 +22,26 @@ Windows Autopilot depends on specific capabilities available in Windows 10, Azur
- Windows 10 version 1703 (semi-annual channel) or higher is required.
- The following editions are supported:
- - Pro
- - Pro Education
- - Pro for Workstations
- - Enterprise
- - Education
+ - Windows 10 Pro
+ - Windows 10 Pro Education
+ - Windows 10 Pro for Workstations
+ - Windows 10 Enterprise
+ - Windows 10 Education
+ - Windows 10 Enterprise 2019 LTSC
+
+ - If you're using Autopilot for Surface devices, note that only the following Surface devices support Autopilot:
+ - Surface Go
+ - Surface Go with LTE Advanced
+ - Surface Pro (5th gen)
+ - Surface Pro with LTE Advanced (5th gen)
+ - Surface Pro 6
+ - Surface Laptop (1st gen)
+ - Surface Laptop 2
+ - Surface Studio (1st gen)
+ - Surface Studio 2
+ - Surface Book 2
-- Windows 10 Enterprise 2019 LTSC is also supported.
-
-See the following topics for details on licensing, network, and configuration requirements:
-- [Licensing requirements](windows-autopilot-requirements-licensing.md)
+See the following topics for details on network and configuration requirements:
- [Networking requirements](windows-autopilot-requirements-network.md)
- [Configuration requirements](windows-autopilot-requirements-configuration.md)
- For details about specific configuration requirements to enable user-driven Hybrid Azure Active Directory join for Windows Autopilot, see [Intune Connector (preview) language requirements](intune-connector.md). This requirement is a temporary workaround, and will be removed in the next release of Intune Connector.
diff --git a/windows/deployment/windows-autopilot/windows-autopilot-reset-remote.md b/windows/deployment/windows-autopilot/windows-autopilot-reset-remote.md
index 30fb733eb0..7e67c7eca1 100644
--- a/windows/deployment/windows-autopilot/windows-autopilot-reset-remote.md
+++ b/windows/deployment/windows-autopilot/windows-autopilot-reset-remote.md
@@ -21,7 +21,7 @@ ms.topic: article
When performing a remote Windows Autopilot Reset, an MDM service such an Microsoft Intune can be used to initiate the reset process, avoiding the need for IT staff or other administrators to visit each machine to initiate the process.
-To enable a device for a remote Windows Autopilot Reset, the device must be MDM managed, joined to Azure AD, and configured to use the [enrollment status page](enrollment-status.md).
+To enable a device for a remote Windows Autopilot Reset, the device must be MDM managed, joined to Azure AD, and configured to use the [enrollment status page](enrollment-status.md). This feature is not supported on devices that were enrolled using [Autopilot self deploying mode](self-deploying.md).
## Triggering a remote Windows Autopilot Reset
@@ -34,5 +34,8 @@ To trigger a remote Windows Autopilot Reset via Intune, follow these steps:
>[!NOTE]
>The Autopilot Reset option will not be enabled in Microsoft Intune for devices not running Windows 10 build 17672 or higher.
+>[!IMPORTANT]
+>The feature for Autopilot Reset (preview) will stay grayed out, **unless** you reset the device using Autopilot (either using Fresh Reset or manually sysprep the device).
+
Once the reset is complete, the device is again ready for use.
-
\ No newline at end of file
+
diff --git a/windows/deployment/windows-autopilot/windows-autopilot-reset.md b/windows/deployment/windows-autopilot/windows-autopilot-reset.md
index 1a5c9e982d..78eca0eb39 100644
--- a/windows/deployment/windows-autopilot/windows-autopilot-reset.md
+++ b/windows/deployment/windows-autopilot/windows-autopilot-reset.md
@@ -33,6 +33,9 @@ Windows Autopilot Reset will block the user from accessing the desktop until thi
>[!IMPORTANT]
>To reestablish Wi-Fi connectivity after reset, make sure the **Connect automatically** box is checked for the device's wireless network connection.
+>[!NOTE]
+>The Autopilot Reset does not support Hybrid Azure AD joined devices.
+
## Scenarios
Windows Autopilot Reset supports two scenarios:
diff --git a/windows/device-security/docfx.json b/windows/device-security/docfx.json
index acfa4df08b..bac00186ea 100644
--- a/windows/device-security/docfx.json
+++ b/windows/device-security/docfx.json
@@ -39,7 +39,8 @@
"ms.date": "04/05/2017",
"_op_documentIdPathDepotMapping": {
"./": {
- "depot_name": "MSDN.win-device-security"
+ "depot_name": "MSDN.win-device-security",
+ "folder_relative_path_in_docset": "./"
}
}
},
@@ -47,4 +48,4 @@
"template": [],
"dest": "win-device-security"
}
-}
\ No newline at end of file
+}
diff --git a/windows/hub/TOC.md b/windows/hub/TOC.md
index 1883594880..a811ff7119 100644
--- a/windows/hub/TOC.md
+++ b/windows/hub/TOC.md
@@ -1,6 +1,6 @@
# [Windows 10 and Windows 10 Mobile](index.md)
## [What's new](/windows/whats-new)
-## [Release information](release-information.md)
+## [Release information](/windows/release-information)
## [Deployment](/windows/deployment)
## [Configuration](/windows/configuration)
## [Client management](/windows/client-management)
diff --git a/windows/hub/breadcrumb/toc.yml b/windows/hub/breadcrumb/toc.yml
index 4539d3b751..a28aaa3b77 100644
--- a/windows/hub/breadcrumb/toc.yml
+++ b/windows/hub/breadcrumb/toc.yml
@@ -25,9 +25,9 @@
- name: Mobile Device Management
tocHref: /windows/client-management/mdm/
topicHref: /windows/client-management/mdm/index
- - name: Known issues
- tocHref: /windows/known-issues/
- topicHref: /windows/known-issues/index
+ - name: Release information
+ tocHref: /windows/release-information/
+ topicHref: /windows/release-information/index
- name: Privacy
tocHref: /windows/privacy/
topicHref: /windows/privacy/index
diff --git a/windows/hub/docfx.json b/windows/hub/docfx.json
index a44aea3b51..292438cfe3 100644
--- a/windows/hub/docfx.json
+++ b/windows/hub/docfx.json
@@ -44,7 +44,8 @@
"feedback_product_url": "https://support.microsoft.com/help/4021566/windows-10-send-feedback-to-microsoft-with-feedback-hub-app",
"_op_documentIdPathDepotMapping": {
"./": {
- "depot_name": "MSDN.windows-hub"
+ "depot_name": "MSDN.windows-hub",
+ "folder_relative_path_in_docset": "./"
}
}
},
@@ -53,4 +54,4 @@
"dest": "windows-hub",
"markdownEngineName": "dfm"
}
-}
\ No newline at end of file
+}
diff --git a/windows/hub/release-information.md b/windows/hub/release-information.md
deleted file mode 100644
index 0901e6fe8c..0000000000
--- a/windows/hub/release-information.md
+++ /dev/null
@@ -1,39 +0,0 @@
----
-title: Windows 10 - release information
-description: Learn release information for Windows 10 releases
-keywords: ["Windows 10", "Windows 10 October 2018 Update"]
-ms.prod: w10
-layout: LandingPage
-ms.topic: landing-page
-ms.mktglfcycl: deploy
-ms.sitesec: library
-author: lizap
-ms.author: elizapo
-ms.localizationpriority: high
----
-# Windows 10 - Release information
-
->[!IMPORTANT]
-> The URL for the release information page has changed - update your bookmark!
-
-Microsoft has updated its servicing model. The Semi-Annual Channel (SAC) offers twice-per-year feature updates that release around March and September, with an 18-month servicing period for each release. Starting with Windows 10, version 1809, feature updates for Windows 10 Enterprise and Education editions with a targeted release month of September will be serviced for 30 months from their release date (more information can be found [here](https://www.microsoft.com/microsoft-365/blog/2018/09/06/helping-customers-shift-to-a-modern-desktop/)).
-
-If you are not using Windows Update for Business today, “Semi-Annual Channel (Targeted)” (SAC-T) has no impact on your devices (more information can be found [here](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-and-the-disappearing-SAC-T/ba-p/199747)), and we recommend you begin deployment of each Semi-Annual Channel release right away to devices selected for early adoption and ramp up to full deployment at your discretion. This will enable you to gain access to new features, experiences, and integrated security as soon as possible.
-
-If you are using Windows Update for Business today, refer to the table below to understand when your device will be updated, based on which deferral period you have configured, SAC -T or SAC.
-
-**Notice: November 13, 2018:** All editions of Windows 10 October 2018 Update, version 1809, for Windows client and server have resumed. Customers currently running Windows 10, version 1809, will receive build 17763.134 as part of our regularly scheduled Update Tuesday servicing in November. If you update to the Window 10, version 1809, feature update you will receive build 17763.107. On the next automatic scan for updates, you’ll be taken to the latest cumulative update (build 17763.134 or higher).
-
-November 13 marks the revised start of the servicing timeline for the Semi-Annual Channel ("Targeted") and Long-Term Servicing Channel (LTSC) release for Windows 10, version 1809, Windows Server 2019, and Windows Server, version 1809.
-
-For information about the re-release and updates to the support lifecycle, refer to [John Cable's blog](https://blogs.windows.com/windowsexperience/2018/10/09/updated-version-of-windows-10-october-2018-update-released-to-windows-insiders/), [Windows 10 Update History](https://support.microsoft.com/help/4464619), and the [Windows lifecycle fact sheet](https://support.microsoft.com/help/13853).
-
-
-
-
-
-
diff --git a/windows/keep-secure/docfx.json b/windows/keep-secure/docfx.json
index c69d3e3f49..e7c4c32d2a 100644
--- a/windows/keep-secure/docfx.json
+++ b/windows/keep-secure/docfx.json
@@ -32,7 +32,8 @@
"globalMetadata": {
"_op_documentIdPathDepotMapping": {
"./": {
- "depot_name": "MSDN.keep-secure"
+ "depot_name": "MSDN.keep-secure",
+ "folder_relative_path_in_docset": "./"
}
}
},
@@ -40,4 +41,4 @@
"template": [],
"dest": "keep-secure"
}
-}
\ No newline at end of file
+}
diff --git a/windows/manage/docfx.json b/windows/manage/docfx.json
index eee8740627..36d3bfc69c 100644
--- a/windows/manage/docfx.json
+++ b/windows/manage/docfx.json
@@ -32,7 +32,8 @@
"globalMetadata": {
"_op_documentIdPathDepotMapping": {
"./": {
- "depot_name": "MSDN.windows-manage"
+ "depot_name": "MSDN.windows-manage",
+ "folder_relative_path_in_docset": "./"
}
}
},
@@ -40,4 +41,4 @@
"template": [],
"dest": "windows-manage"
}
-}
\ No newline at end of file
+}
diff --git a/windows/plan/docfx.json b/windows/plan/docfx.json
index 4a303a21bc..1a52d12cc9 100644
--- a/windows/plan/docfx.json
+++ b/windows/plan/docfx.json
@@ -32,7 +32,8 @@
"globalMetadata": {
"_op_documentIdPathDepotMapping": {
"./": {
- "depot_name": "MSDN.windows-plan"
+ "depot_name": "MSDN.windows-plan",
+ "folder_relative_path_in_docset": "./"
}
}
},
@@ -40,4 +41,4 @@
"template": [],
"dest": "windows-plan"
}
-}
\ No newline at end of file
+}
diff --git a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md
index da571eeaf2..3d87b25a9b 100644
--- a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md
+++ b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md
@@ -155,14 +155,18 @@ The following table defines the endpoints for Connected User Experiences and Tel
Windows release | Endpoint
--- | ---
-Windows 10, versions 1703 and 1709 | Diagnostics data: v10.vortex-win.data.microsoft.com/collect/v1Functional: v20.vortex-win.data.microsoft.com/collect/v1Windows Advanced Threat Protection is country specific and the prefix changes by country for example: **de**.vortex-win.data.microsoft.com/collect/v1settings-win.data.microsoft.com
-Windows 10, version 1607 | v10.vortex-win.data.microsoft.comsettings-win.data.microsoft.com
+Windows 10, versions 1703 or later, with the 2018-09 cumulative update installed| Diagnostics data: v10c.vortex-win.data.microsoft.comFunctional: v20.vortex-win.data.microsoft.comWindows Advanced Threat Protection is country specific and the prefix changes by country for example: **de**.vortex-win.data.microsoft.comsettings-win.data.microsoft.com
+Windows 10, versions 1803 or later, without the 2018-09 cumulative update installed | Diagnostics data: v10.events.data.microsoft.comFunctional: v20.vortex-win.data.microsoft.comWindows Advanced Threat Protection is country specific and the prefix changes by country for example: **de**.vortex-win.data.microsoft.comsettings-win.data.microsoft.com
+Windows 10, version 1709 or earlier | Diagnostics data: v10.vortex-win.data.microsoft.comFunctional: v20.vortex-win.data.microsoft.comWindows Advanced Threat Protection is country specific and the prefix changes by country for example: **de**.vortex-win.data.microsoft.comsettings-win.data.microsoft.com
+Windows 7 and Windows 8.1 | vortex-win.data.microsoft.com
The following table defines the endpoints for other diagnostic data services:
| Service | Endpoint |
| - | - |
| [Windows Error Reporting](https://msdn.microsoft.com/library/windows/desktop/bb513641.aspx) | watson.telemetry.microsoft.com |
+| | umwatsonc.events.data.microsoft.com |
+| | kmwatsonc.events.data.microsoft.com |
| | ceuswatcab01.blob.core.windows.net |
| | ceuswatcab02.blob.core.windows.net |
| | eaus2watcab01.blob.core.windows.net |
@@ -170,7 +174,7 @@ The following table defines the endpoints for other diagnostic data services:
| | weus2watcab01.blob.core.windows.net |
| | weus2watcab02.blob.core.windows.net |
| [Online Crash Analysis](https://msdn.microsoft.com/library/windows/desktop/ee416349.aspx) | oca.telemetry.microsoft.com |
-| OneDrive app for Windows 10 | vortex.data.microsoft.com/collect/v1 |
+| OneDrive app for Windows 10 | vortex.data.microsoft.com |
### Data use and access
@@ -356,9 +360,9 @@ You can turn on or turn off System Center diagnostic data gathering. The default
The lowest diagnostic data setting level supported through management policies is **Security**. The lowest diagnostic data setting supported through the Settings UI is **Basic**. The default diagnostic data setting for Windows Server 2016 is **Enhanced**.
-### Configure the operating system diagnostic data level
+## Configure the operating system diagnostic data level
-You can configure your operating system diagnostic data settings using the management tools you’re already using, such as Group Policy, MDM, or Windows Provisioning. You can also manually change your settings using Registry Editor. Setting your diagnostic data levels through a management policy sets the upper level for diagnostic data on the device.
+You can configure your operating system diagnostic data settings using the management tools you’re already using, such as **Group Policy, MDM, or Windows Provisioning.** You can also manually change your settings using Registry Editor. Setting your diagnostic data levels through a management policy sets the upper level for diagnostic data on the device.
Use the appropriate value in the table below when you configure the management policy.
@@ -388,7 +392,7 @@ Use the [Policy Configuration Service Provider (CSP)](https://msdn.microsoft.com
### Use Registry Editor to set the diagnostic data level
-Use Registry Editor to manually set the registry level on each device in your organization or you can write a script to edit the registry. If a management policy already exists, such as Group Policy or MDM, it will override this registry setting.
+Use Registry Editor to manually set the registry level on the devices in your organization, or you can write a script to edit the registry. If a management policy already exists, such as Group Policy or MDM, the policy will replace the manually set registry level.
1. Open Registry Editor, and go to **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\DataCollection**.
diff --git a/windows/privacy/diagnostic-data-viewer-overview.md b/windows/privacy/diagnostic-data-viewer-overview.md
index 2f7c2c256d..ec17064fc8 100644
--- a/windows/privacy/diagnostic-data-viewer-overview.md
+++ b/windows/privacy/diagnostic-data-viewer-overview.md
@@ -21,17 +21,17 @@ ms.date: 01/17/2018
**Applies to**
- Windows 10, version 1809
-- Windows 10, version 1803
+- Windows 10, version 1803
## Introduction
-The Diagnostic Data Viewer is a Windows app that lets you review the diagnostic data your device is sending to Microsoft, grouping the info into simple categories based on how it's used by Microsoft.
+The Diagnostic Data Viewer is a Windows app that lets you review the Windows diagnostic data your device is sending to Microsoft, grouping the info into simple categories based on how it's used by Microsoft.
## Install and Use the Diagnostic Data Viewer
-You must turn on data viewing and download the app before you can use the Diagnostic Data Viewer to review your device's diagnostic data.
+You must download the app before you can use the Diagnostic Data Viewer to review your device's diagnostic data.
### Turn on data viewing
-Before you can use this tool, you must turn on data viewing in the **Settings** panel. Turning on data viewing lets Windows store your device's diagnostic data until you turn it off. Turning off data viewing stops Windows from collecting your diagnostic data and clears the existing diagnostic data from your device.
+Before you can use this tool for viewing Windows diagnostic data, you must turn on data viewing in the **Settings** panel. Turning on data viewing lets Windows store your device's diagnostic data until you turn it off. Turning off data viewing stops Windows from collecting your diagnostic data and clears the existing diagnostic data from your device. Note that this setting does not affect your Office data viewing or history.
**To turn on data viewing**
1. Go to **Start**, select **Settings** > **Privacy** > **Diagnostics & feedback**.
@@ -44,7 +44,7 @@ Before you can use this tool, you must turn on data viewing in the **Settings**
Download the app from the [Microsoft Store Diagnostic Data Viewer](https://www.microsoft.com/en-us/store/p/diagnostic-data-viewer/9n8wtrrsq8f7?rtc=1) page.
### Start the Diagnostic Data Viewer
-You must start this app from the **Settings** panel.
+You can start this app from the **Settings** panel.
**To start the Diagnostic Data Viewer**
1. Go to **Start**, select **Settings** > **Privacy** > **Diagnostics & feedback**.
@@ -58,29 +58,25 @@ You must start this app from the **Settings** panel.
3. Close the Diagnostic Data Viewer app, use your device as you normally would for a few days, and then open Diagnostic Data Viewer again to review the updated list of diagnostic data.
>[!Important]
- >Turning on data viewing can use up to 1GB of disk space on your system drive. We strongly recommend that your turn off data viewing when you're done using the Diagnostic Data Viewer. For info about turning off data viewing, see the [Turn off data viewing](#turn-off-data-viewing) section in this article.
+ >Turning on data viewing can use up to 1GB (by default) of disk space on your system drive. We strongly recommend that you turn off data viewing when you're done using the Diagnostic Data Viewer. For info about turning off data viewing, see the [Turn off data viewing](#turn-off-data-viewing) section in this article.
### Use the Diagnostic Data Viewer
The Diagnostic Data Viewer provides you with the following features to view and filter your device's diagnostic data.
-- **View your diagnostic events.** In the left column, you can review your diagnostic events. These events reflect activities that occurred and were sent to Microsoft.
+- **View your Windows diagnostic events.** In the left column, you can review your diagnostic events. These events reflect activities that occurred and were sent to Microsoft.
Selecting an event opens the detailed JSON view, which provides the exact details uploaded to Microsoft. Microsoft uses this info to continually improve the Windows operating system.
-
+
>[!Important]
>Seeing an event does not necessarily mean it has been uploaded yet. It’s possible that some events are still queued and will be uploaded at a later time.
-
- 
+
+ 
- **Search your diagnostic events.** The **Search** box at the top of the screen lets you search amongst all of the diagnostic event details. The returned search results include any diagnostic event that contains the matching text.
Selecting an event opens the detailed JSON view, with the matching text highlighted.
-- **Filter your diagnostic event categories.** The apps Menu button opens the detailed menu. In here, you'll find a list of diagnostic event categories, which define how the events are used by Microsoft.
-
- Selecting a check box lets you filter between the diagnostic event categories.
-
- 
+- **Filter your diagnostic event categories.** The app's **Menu** button opens the detailed menu. In here, you'll find a list of diagnostic event categories, which define how the events are used by Microsoft. Selecting a check box lets you filter between the diagnostic event categories.
- **Help to make your Windows experience better.** Microsoft only needs diagnostic data from a small amount of devices to make big improvements to the Windows operating system and ultimately, your experience. If you’re a part of this small device group and you experience issues, Microsoft will collect the associated event diagnostic data, allowing your info to potentially help fix the issue for others.
@@ -93,8 +89,20 @@ The Diagnostic Data Viewer provides you with the following features to view and
>[!Important]
>All content in the Feedback Hub is publicly viewable. Therefore, make sure you don't put any personal info into your feedback comments.
+- **View a summary of the data you've shared with us over time.** Available for users on build 19H1+, 'About my data' in Diagnostic Data Viewer lets you see an overview of the Windows data you've shared with Microsoft.
+
+ Through this feature, you can checkout how much data you send on average each day, the breakdown of your data by category, the top components and services that have sent data, and more.
+
+ >[!Important]
+ >This content is a reflection of the history of Windows data the app has stored. If you'd like to have extended analyses, please modify the storage capacity of Diagnostic Data Viewer.
+
+ 
+
+## View Office Diagnostic Data
+By default, Diagnostic Data Viewer shows you Windows data. You can also view Office diagnostic data by enabling the feature in the app settings page. To learn more about how to view Office diagnostic data, please visit this [page](https://go.microsoft.com/fwlink/?linkid=2023830).
+
## Turn off data viewing
-When you're done reviewing your diagnostic data, you should turn of data viewing.
+When you're done reviewing your diagnostic data, you should turn of data viewing. This will also remove your Windows data history. Note that this setting does not affect your Office data viewing or history.
**To turn off data viewing**
1. Go to **Start**, select **Settings** > **Privacy** > **Diagnostics & feedback**.
@@ -103,8 +111,24 @@ When you're done reviewing your diagnostic data, you should turn of data viewing
+## Modifying the size of your data history
+By default, Diagnostic Data Viewer shows you up to 1GB or 30 days of data (whichever comes first) for Windows diagnostic data. Once either the time or space limit is reached, the data is incrementally dropped with the oldest data points dropped first.
+
+ >[!Important]
+ >Note that if you have [Office diagnostic data viewing enabled](#view-office-diagnostic-data), the Office data history is fixed at 1 GB and cannot be modified.
+
+**Modify the size of your data history**
+
+ To make changes to the size of your Windows diagnostic data history, visit the **app settings**, located at the bottom of the navigation menu. Data will be incrementally dropped with the oldest data points first once your chosen size or time limit is reached.
+
+ >[!Important]
+ >Decreasing the maximum amount of diagnostic data viewable through the tool will remove all data history and requires a reboot of your device. Additionally, increasing the maximum amount of diagnostic data viewable by the tool may come with performance impacts to your machine.
+
+ 
+
## View additional diagnostic data in the View problem reports tool
Available on Windows 1809 and higher, you can review additional Windows Error Reporting diagnostic data in the **View problem reports** page within the Diagnostic Data Viewer.
+
This page provides you with a summary of various crash reports that are sent to Microsoft as part of Windows Error Reporting.
We use this data to find and fix specific issues that are hard to replicate and to improve the Windows operating system.
@@ -112,7 +136,7 @@ You can also use the Windows Error Reporting tool available in the Control Panel
**To view your Windows Error Reporting diagnostic data using the Diagnostic Data Viewer**
-Starting with Windows 1809 and higher, you can review Windows Error Reporting diagnostic data in the Diagnostic Data Viewer.
+Starting with Windows 1809 and higher, you can review Windows Error Reporting diagnostic data in the Diagnostic Data Viewer.
@@ -123,3 +147,4 @@ Go to **Start** and search for _Problem Reports_.
The **Review problem reports** tool opens, showing you your Windows Error Reporting reports, along with a status about whether it was sent to Microsoft.
+
diff --git a/windows/privacy/docfx.json b/windows/privacy/docfx.json
index 98296c6b76..9221109b4d 100644
--- a/windows/privacy/docfx.json
+++ b/windows/privacy/docfx.json
@@ -36,13 +36,19 @@
"breadcrumb_path": "/windows/windows-10/breadcrumb/toc.json",
"ms.technology": "windows",
"ms.topic": "article",
- "feedback_system": "GitHub",
+ "feedback_system": "GitHub",
"feedback_github_repo": "MicrosoftDocs/windows-itpro-docs",
- "feedback_product_url": "https://support.microsoft.com/help/4021566/windows-10-send-feedback-to-microsoft-with-feedback-hub-app"
+ "feedback_product_url": "https://support.microsoft.com/help/4021566/windows-10-send-feedback-to-microsoft-with-feedback-hub-app",
+ "_op_documentIdPathDepotMapping": {
+ "./": {
+ "depot_name": "MSDN.privacy",
+ "folder_relative_path_in_docset": "./"
+ }
+ }
},
"fileMetadata": {},
"template": [],
"dest": "privacy",
"markdownEngineName": "markdig"
}
-}
\ No newline at end of file
+}
diff --git a/windows/privacy/images/ddv-analytics.png b/windows/privacy/images/ddv-analytics.png
new file mode 100644
index 0000000000..499a541b00
Binary files /dev/null and b/windows/privacy/images/ddv-analytics.png differ
diff --git a/windows/privacy/images/ddv-event-view.jpg b/windows/privacy/images/ddv-event-view.jpg
new file mode 100644
index 0000000000..0a6c2ef113
Binary files /dev/null and b/windows/privacy/images/ddv-event-view.jpg differ
diff --git a/windows/privacy/images/ddv-event-view.png b/windows/privacy/images/ddv-event-view.png
deleted file mode 100644
index 264add2d9c..0000000000
Binary files a/windows/privacy/images/ddv-event-view.png and /dev/null differ
diff --git a/windows/privacy/images/ddv-problem-reports.png b/windows/privacy/images/ddv-problem-reports.png
index 49ae0fffc0..bd3dc7ba7d 100644
Binary files a/windows/privacy/images/ddv-problem-reports.png and b/windows/privacy/images/ddv-problem-reports.png differ
diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 0cbf266f2a..b46666da35 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1,4 +1,4 @@
----
+---
title: Manage connections from Windows operating system components to Microsoft services (Windows 10)
description: If you want to minimize connections from Windows to Microsoft services, or configure particular privacy settings, this article covers the settings that you could consider.
ms.assetid: ACCEB0DD-BC6F-41B1-B359-140B242183D9
@@ -133,7 +133,7 @@ The following table lists management options for each setting, beginning with Wi
| [18.3 Camera](#bkmk-priv-camera) |  |  |  |  | |
| [18.4 Microphone](#bkmk-priv-microphone) |  |  |  |  | |
| [18.5 Notifications](#bkmk-priv-notifications) |  |  | |  | |
-| [18.6 Speech, inking, & typing](#bkmk-priv-speech) |  |  |  |  | |
+| [18.6 Speech](#bkmk-priv-speech) |  |  |  |  | |
| [18.7 Account info](#bkmk-priv-accounts) |  |  |  |  | |
| [18.8 Contacts](#bkmk-priv-contacts) |  |  |  |  | |
| [18.9 Calendar](#bkmk-priv-calendar) |  |  |  |  | |
@@ -148,6 +148,7 @@ The following table lists management options for each setting, beginning with Wi
| [18.18 Motion](#bkmk-priv-motion) |  |  |  |  | |
| [18.19 Tasks](#bkmk-priv-tasks) |  |  |  |  | |
| [18.20 App Diagnostics](#bkmk-priv-diag) |  |  |  |  | |
+| [18.21 Inking & Typing](#bkmk-priv-ink) |  | |  |  | |
| [19. Software Protection Platform](#bkmk-spp) | |  |  |  | |
| [20. Storage Health](#bkmk-storage-health) | |  | | | |
| [21. Sync your settings](#bkmk-syncsettings) |  |  |  |  | |
@@ -155,12 +156,11 @@ The following table lists management options for each setting, beginning with Wi
| [23. Wi-Fi Sense](#bkmk-wifisense) |  |  | |  | |
| [24. Windows Defender](#bkmk-defender) | |  |  |  | |
| [24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | |  |  |  | |
-| [25. Windows Media Player](#bkmk-wmp) |  | | | |  |
-| [26. Windows Spotlight](#bkmk-spotlight) |  |  |  |  | |
-| [27. Microsoft Store](#bkmk-windowsstore) | |  | |  | |
+| [25. Windows Spotlight](#bkmk-spotlight) |  |  |  |  | |
+| [26. Microsoft Store](#bkmk-windowsstore) | |  | |  | |
| [27.1 Apps for websites](#bkmk-apps-for-websites) | |  | | |
-| [28. Windows Update Delivery Optimization](#bkmk-updates) |  |  |  |  | |
-| [29. Windows Update](#bkmk-wu) |  |  |  | | |
+| [27. Windows Update Delivery Optimization](#bkmk-updates) |  |  |  |  | |
+| [28. Windows Update](#bkmk-wu) |  |  |  | | |
### Settings for Windows Server 2016 with Desktop Experience
@@ -185,10 +185,9 @@ See the following table for a summary of the management settings for Windows Ser
| [19. Software Protection Platform](#bkmk-spp) | |  |  | |
| [20. Teredo](#bkmk-teredo) | |  |  |  |
| [24. Windows Defender](#bkmk-defender) | |  |  | |
-| [25. Windows Media Player](#bkmk-wmp) | | | |  |
-| [27. Microsoft Store](#bkmk-windowsstore) | |  |  | |
+| [26. Microsoft Store](#bkmk-windowsstore) | |  |  | |
| [27.1 Apps for websites](#bkmk-apps-for-websites) | |  | | |
-| [29. Windows Update](#bkmk-wu) | |  |  | |
+| [28. Windows Update](#bkmk-wu) | |  |  | |
### Settings for Windows Server 2016 Server Core
@@ -203,7 +202,7 @@ See the following table for a summary of the management settings for Windows Ser
| [19. Software Protection Platform](#bkmk-spp) |  | | |
| [22. Teredo](#bkmk-teredo) |  | |  |
| [24. Windows Defender](#bkmk-defender) |  |  | |
-| [29. Windows Update](#bkmk-wu) |  |  | |
+| [28. Windows Update](#bkmk-wu) |  |  | |
### Settings for Windows Server 2016 Nano Server
@@ -214,7 +213,7 @@ See the following table for a summary of the management settings for Windows Ser
| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) |  | |
| [3. Date & Time](#bkmk-datetime) |  | |
| [22. Teredo](#bkmk-teredo) | |  |
-| [29. Windows Update](#bkmk-wu) |  | |
+| [28. Windows Update](#bkmk-wu) |  | |
### Settings for Windows Server 2019
@@ -244,7 +243,7 @@ See the following table for a summary of the management settings for Windows Ser
| [18.3 Camera](#bkmk-priv-camera) |  |  |  |  | |
| [18.4 Microphone](#bkmk-priv-microphone) |  |  |  |  | |
| [18.5 Notifications](#bkmk-priv-notifications) |  |  | |  | |
-| [18.6 Speech, inking, & typing](#bkmk-priv-speech) |  |  |  |  | |
+| [18.6 Speech](#bkmk-priv-speech) |  |  |  |  | |
| [18.7 Account info](#bkmk-priv-accounts) |  |  |  |  | |
| [18.8 Contacts](#bkmk-priv-contacts) |  |  |  |  | |
| [18.9 Calendar](#bkmk-priv-calendar) |  |  |  |  | |
@@ -259,6 +258,7 @@ See the following table for a summary of the management settings for Windows Ser
| [18.18 Motion](#bkmk-priv-motion) |  |  |  |  | |
| [18.19 Tasks](#bkmk-priv-tasks) |  |  |  |  | |
| [18.20 App Diagnostics](#bkmk-priv-diag) |  |  |  |  | |
+| [18.21 Inking & Typing](#bkmk-priv-ink) | | |  |  | |
| [19. Software Protection Platform](#bkmk-spp) | |  |  |  | |
| [20. Storage Health](#bkmk-storage-health) | |  | | | |
| [21. Sync your settings](#bkmk-syncsettings) |  |  |  |  | |
@@ -266,12 +266,11 @@ See the following table for a summary of the management settings for Windows Ser
| [23. Wi-Fi Sense](#bkmk-wifisense) |  |  | |  | |
| [24. Windows Defender](#bkmk-defender) | |  |  |  | |
| [24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | |  |  |  | |
-| [25. Windows Media Player](#bkmk-wmp) |  | | | |  |
-| [26. Windows Spotlight](#bkmk-spotlight) |  |  |  |  | |
-| [27. Microsoft Store](#bkmk-windowsstore) | |  | |  | |
+| [25. Windows Spotlight](#bkmk-spotlight) |  |  |  |  | |
+| [26. Microsoft Store](#bkmk-windowsstore) | |  | |  | |
| [27.1 Apps for websites](#bkmk-apps-for-websites) | |  | | |
-| [28. Windows Update Delivery Optimization](#bkmk-updates) |  |  |  |  | |
-| [29. Windows Update](#bkmk-wu) |  |  |  | | |
+| [27. Windows Update Delivery Optimization](#bkmk-updates) |  |  |  |  | |
+| [28. Windows Update](#bkmk-wu) |  |  |  | | |
## How to configure each setting
@@ -299,7 +298,7 @@ For Windows 10, Windows Server 2016 with Desktop Experience, and Windows Server
-or-
-- Create the registry path **HKEY\_LOCAL\_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\AuthRoot** and then add a REG\_DWORD registry setting, named **DisableRootAutoUpdate**, with a value of 1.
+- Create the registry path **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\SystemCertificates\\AuthRoot** and then add a REG_DWORD registry setting, named **DisableRootAutoUpdate**, with a value of 1.
-and-
@@ -311,7 +310,7 @@ For Windows 10, Windows Server 2016 with Desktop Experience, and Windows Server
On Windows Server 2016 Nano Server:
-- Create the registry path **HKEY\_LOCAL\_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\AuthRoot** and then add a REG\_DWORD registry setting, named **DisableRootAutoUpdate**, with a value of 1.
+- Create the registry path **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\SystemCertificates\\AuthRoot** and then add a REG_DWORD registry setting, named **DisableRootAutoUpdate**, with a value of 1.
>[!NOTE]
>CRL and OCSP network traffic is currently whitelisted and will still show up in network traces. CRL and OCSP checks are made to the issuing certificate authorities. Microsoft is one of them, but there are many others, such as DigiCert, Thawte, Google, Symantec, and VeriSign.
@@ -326,26 +325,26 @@ Find the Cortana Group Policy objects under **Computer Configuration** > **Ad
| Policy | Description |
|------------------------------------------------------|---------------------------------------------------------------------------------------|
-| Allow Cortana | Choose whether to let Cortana install and run on the device.
Disable this policy to turn off Cortana. |
-| Allow search and Cortana to use location | Choose whether Cortana and Search can provide location-aware search results.
Disable this policy to block access to location information for Cortana. |
-| Do not allow web search | Choose whether to search the web from Windows Desktop Search.
Enable this policy to remove the option to search the Internet from Cortana. |
-| Don't search the web or display web results in Search| Choose whether to search the web from Cortana.
Enable this policy to stop web queries and results from showing in Search. |
-| Set what information is shared in Search | Control what information is shared with Bing in Search.
If you enable this policy and set it to **Anonymous info**, usage information will be shared but not search history, Microsoft Account information, or specific location. |
+| Allow Cortana | Choose whether to let Cortana install and run on the device.
**Disable** this policy to turn off Cortana. |
+| Allow search and Cortana to use location | Choose whether Cortana and Search can provide location-aware search results.
**Disable** this policy to block access to location information for Cortana. |
+| Do not allow web search | Choose whether to search the web from Windows Desktop Search.
**Enable** this policy to remove the option to search the Internet from Cortana. |
+| Don't search the web or display web results in Search| Choose whether to search the web from Cortana.
**Enable** this policy to stop web queries and results from showing in Search. |
+| Set what information is shared in Search | Control what information is shared with Bing in Search.
If you **enable** this policy and set it to **Anonymous info**, usage information will be shared but not search history, Microsoft Account information, or specific location. |
You can also apply the Group Policies using the following registry keys:
| Policy | Registry Path |
|------------------------------------------------------|---------------------------------------------------------------------------------------|
-| Allow Cortana | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: AllowCortana
Value: 0|
-| Allow search and Cortana to use location | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: AllowSearchToUseLocation
Value: 0 |
-| Do not allow web search | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: DisableWebSearch
Value: 1 |
-| Don't search the web or display web results in Search| HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: ConnectedSearchUseWeb
Value: 0 |
-| Set what information is shared in Search | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: ConnectedSearchPrivacy
Value: 3 |
+| Allow Cortana | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: AllowCortana
Value: 0|
+| Allow search and Cortana to use location | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: AllowSearchToUseLocation
Value: 0 |
+| Do not allow web search | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: DisableWebSearch
Value: 1 |
+| Don't search the web or display web results in Search| HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: ConnectedSearchUseWeb
Value: 0 |
+| Set what information is shared in Search | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: ConnectedSearchPrivacy
Value: 3 |
>[!IMPORTANT]
->These steps are not required for devices running Windows 10, version 1607 or Windows Server 2016.
+> Using the Group Policy editor these steps are required for all supported versions of Windows 10, however they are not required for devices running Windows 10, version 1607 or Windows Server 2016.
-1. Expand **Computer Configuration** > **Windows Settings** > **Security Settings** > **Windows Firewall with Advanced Security** > **Windows Firewall with Advanced Security - <LDAP name>**, and then click **Outbound Rules**.
+1. Expand **Computer Configuration** > **Windows Settings** > **Security Settings** > **Windows Defender Firewall with Advanced Security** > **Windows Defender Firewall with Advanced Security - <LDAP name>**, and then click **Outbound Rules**.
2. Right-click **Outbound Rules**, and then click **New Rule**. The **New Outbound Rule Wizard** starts.
@@ -363,12 +362,15 @@ You can also apply the Group Policies using the following registry keys:
9. Configure the **Protocols and Ports** page with the following info, and then click **OK**.
- - For **Protocol type**, choose **TCP**.
+ - For **Protocol type**, choose **TCP**.
- - For **Local port**, choose **All Ports**.
+ - For **Local port**, choose **All Ports**.
- - For **Remote port**, choose **All ports**.
+ - For **Remote port**, choose **All ports**.
+-or-
+
+- Create a new REG_SZ registry setting named **{0DE40C8E-C126-4A27-9371-A27DAB1039F7}** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\FirewallRules** and set it to a value of **v2.25|Action=Block|Active=TRUE|Dir=Out|Protocol=6|App=%windir%\\SystemApps\\Microsoft.Windows.Cortana_cw5n1h2txyewy\\searchUI.exe|Name=Block outbound Cortana|**
If your organization tests network traffic, do not use a network proxy as Windows Firewall does not block proxy traffic. Instead, use a network traffic analyzer. Based on your needs, there are many network traffic analyzers available at no cost.
@@ -389,29 +391,26 @@ You can prevent Windows from setting the time automatically.
-or-
-- Create a REG\_SZ registry setting in **HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\W32Time\\Parameters\\Type** with a value of **NoSync**.
+- Create a REG_SZ registry setting in **HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\W32Time\\Parameters\\Type** with a value of **NoSync**.
After that, configure the following:
-- Disable the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Enable Windows NTP Server** > **Windows Time Service** > **Configure Windows NTP Client**
+- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Windows Time Service** > **Time Providers** > **Enable Windows NTP Client**
- > [!NOTE]
- > This is only available on Windows 10, version 1703 and later. If you're using Windows 10, version 1607, the Group Policy setting is **Computer Configuration** > **Administrative Templates** > **System** > **Windows Time Service** > **Time Providers** > **Enable Windows NTP Client**
+ -or-
- -or -
-
-- Create a new REG\_DWORD registry setting named **Enabled** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\W32time\\TimeProviders\\NtpClient** and set it to 0 (zero).
+- Create a new REG_DWORD registry setting named **Enabled** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\W32time\\TimeProviders\\NtpClient** and set it to **0 (zero)**.
### 4. Device metadata retrieval
To prevent Windows from retrieving device metadata from the Internet:
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Device Installation** > **Prevent device metadata retrieval from the Internet**.
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Device Installation** > **Prevent device metadata retrieval from the Internet**.
-or -
-- Create a new REG\_DWORD registry setting named **PreventDeviceMetadataFromNetwork** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Device Metadata** and set it to 1 (one).
+- Create a new REG_DWORD registry setting named **PreventDeviceMetadataFromNetwork** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Device Metadata** and set it to 1 (one).
-or -
@@ -421,13 +420,15 @@ To prevent Windows from retrieving device metadata from the Internet:
To turn off Find My Device:
-- Turn off the feature in the UI
+- Turn **Off** the feature in the UI by going to **Settings -> Update & Security -> Find My Device**, click the Change button, and set the value to **Off**
-or-
-- Disable the Group Policy: **Computer Configuration** > **Administrative Template** > **Windows Components** > **Find My Device** > **Turn On/Off Find My Device**
+- **Disable** the Group Policy: **Computer Configuration** > **Administrative Template** > **Windows Components** > **Find My Device** > **Turn On/Off Find My Device**
-You can also create a new REG\_DWORD registry setting **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FindMyDevice\\AllowFindMyDevice** to 0 (zero).
+ -or-
+
+- You can also create a new REG_DWORD registry setting **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FindMyDevice\\AllowFindMyDevice** to **0 (zero)**.
### 6. Font streaming
@@ -435,15 +436,19 @@ Fonts that are included in Windows but that are not stored on the local device c
If you're running Windows 10, version 1607, Windows Server 2016, or later:
-- Disable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Network** > **Fonts** > **Enable Font Providers**.
+- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Network** > **Fonts** > **Enable Font Providers**.
-- Create a new REG\_DWORD registry setting **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\System\\EnableFontProviders** to 0 (zero).
+ -or-
+
+- Create a new REG_DWORD registry setting **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\System\\EnableFontProviders** to **0 (zero)**.
+
+ -or-
- In Windows 10, version 1703, you can apply the System/AllowFontProviders MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where:
- - **false**. Font streaming is disabled.
+ - **False**. Font streaming is Disabled.
- - **true**. Font streaming is enabled.
+ - **True**. Font streaming is Enabled.
> [!NOTE]
> After you apply this policy, you must restart the device for it to take effect.
@@ -451,8 +456,7 @@ If you're running Windows 10, version 1607, Windows Server 2016, or later:
### 7. Insider Preview builds
-The Windows Insider Preview program lets you help shape the future of Windows, be part of the community, and get early access to releases of Windows 10.
-This setting stops communication with the Windows Insider Preview service that checks for new builds.
+The Windows Insider Preview program lets you help shape the future of Windows, be part of the community, and get early access to releases of Windows 10. This setting stops communication with the Windows Insider Preview service that checks for new builds.
Windows Insider Preview builds only apply to Windows 10 and are not available for Windows Server 2016.
@@ -461,7 +465,7 @@ Windows Insider Preview builds only apply to Windows 10 and are not available fo
To turn off Insider Preview builds for a released version of Windows 10:
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Data Collection and Preview Builds** > **Toggle user control over Insider builds**.
+- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Data Collection and Preview Builds** > **Toggle user control over Insider builds**.
To turn off Insider Preview builds for Windows 10:
@@ -472,11 +476,11 @@ To turn off Insider Preview builds for Windows 10:
-or-
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Data Collection and Preview Builds** > **Toggle user control over Insider builds**.
+- **Enable** the Group Policy **Toggle user control over Insider builds** under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Data Collection and Preview Builds**
- -or -
+ -or-
-- Create a new REG\_DWORD registry setting named **AllowBuildPreview** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\PreviewBuilds** with a vlue of 0 (zero)
+- Create a new REG_DWORD registry setting named **AllowBuildPreview** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\PreviewBuilds** with a **value of 0 (zero)**
-or-
@@ -488,63 +492,70 @@ To turn off Insider Preview builds for Windows 10:
- **2**. (default) Not configured. Users can make their devices available for download and installing preview software.
- -or-
-
-- Create a provisioning package: **Runtime settings** > **Policies** > **System** > **AllowBuildPreview**, where:
-
- - **0**. Users cannot make their devices available for downloading and installing preview software.
-
- - **1**. Users can make their devices available for downloading and installing preview software.
-
- - **2**. (default) Not configured. Users can make their devices available for download and installing preview software.
### 8. Internet Explorer
-
-Use Group Policy to manage settings for Internet Explorer. You can find the Internet Explorer Group Policy objects under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer**.
+> [!NOTE]
+> The following Group Policies and Registry Keys are for user interactive scenarios rather then the typical idle traffic scenario. Find the Internet Explorer Group Policy objects under **Computer Configuration > Administrative Templates > Windows Components > Internet Explorer** and make these settings:
| Policy | Description |
|------------------------------------------------------|-----------------------------------------------------------------------------------------------------|
-| Turn on Suggested Sites| Choose whether an employee can configure Suggested Sites.
Default: Enabled
You can also turn this off in the UI by clearing the **Internet Options** > **Advanced** > **Enable Suggested Sites** check box.|
-| Allow Microsoft services to provide enhanced suggestions as the user types in the Address Bar | Choose whether an employee can configure enhanced suggestions, which are presented to the employee as they type in the Address Bar.
Default: Enabled|
-| Turn off the auto-complete feature for web addresses | Choose whether auto-complete suggests possible matches when employees are typing web address in the Address Bar.
Default: Disabled You can also turn this off in the UI by clearing the Internet Options > **Advanced** > **Use inline AutoComplete in the Internet Explorer Address Bar and Open Dialog** check box.|
-| Turn off browser geolocation | Choose whether websites can request location data from Internet Explorer.
Default: Disabled|
-| Prevent managing SmartScreen filter | Choose whether employees can manage the SmartScreen Filter in Internet Explorer.
Default: Disabled |
+| Turn on Suggested Sites| Choose whether an employee can configure Suggested Sites.
**Set Value to: Disabled**
You can also turn this off in the UI by clearing the **Internet Options** > **Advanced** > **Enable Suggested Sites** check box.|
+| Allow Microsoft services to provide enhanced suggestions as the user types in the Address Bar | Choose whether an employee can configure enhanced suggestions, which are presented to the employee as they type in the Address Bar.
**Set Value to: Disabled**|
+| Turn off the auto-complete feature for web addresses | Choose whether auto-complete suggests possible matches when employees are typing web address in the Address Bar.
**Set Value to: Enabled** You can also turn this off in the UI by clearing the Internet Options > **Advanced** > **Use inline AutoComplete in the Internet Explorer Address Bar and Open Dialog** check box.|
+| Turn off browser geolocation | Choose whether websites can request location data from Internet Explorer.
**Set Value to: Enabled**|
+| Prevent managing SmartScreen filter | Choose whether employees can manage the SmartScreen Filter in Internet Explorer.
**Set Value to: Enabled** and then set **Select SmartScreen filtering mode** to **Off**.|
-Alternatively, you could use the registry to set the Group Policies.
-| Policy | Registry path |
+| Registry Key | Registry path |
|------------------------------------------------------|-----------------------------------------------------------------------------------------------------|
-| Turn on Suggested Sites| HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Suggested Sites
REG_DWORD: Enabled
Value: 0|
-| Allow Microsoft services to provide enhanced suggestions as the user types in the Address Bar | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer
REG_DWORD: AllowServicePoweredQSA
Value: 0|
-| Turn off the auto-complete feature for web addresses | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\AutoComplete
REG_SZ: AutoSuggest
Value: **No** |
-| Turn off browser geolocation | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Geolocation
REG_DWORD: PolicyDisableGeolocation
Value: 1 |
-| Prevent managing SmartScreen filter | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\PhishingFilter
REG_DWORD: EnabledV9
Value: 0 |
+| Turn on Suggested Sites| HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Suggested Sites
REG_DWORD: Enabled
**Set Value to: 0**|
+| Allow Microsoft services to provide enhanced suggestions as the user types in the Address Bar | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer
REG_DWORD: AllowServicePoweredQSA
**Set Value to: 0**|
+| Turn off the auto-complete feature for web addresses | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\CurrentVersion\\Explorer\\AutoComplete
REG_SZ: AutoSuggest
Set Value to: **no** |
+| Turn off browser geolocation | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Geolocation
REG_DWORD: PolicyDisableGeolocation
**Set Value to: 1** |
+| Prevent managing SmartScreen filter | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\PhishingFilter
REG_DWORD: EnabledV9
**Set Value to: 0** |
There are more Group Policy objects that are used by Internet Explorer:
| Path | Policy | Description |
| - | - | - |
-| **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Compatibility View** > **Turn off Compatibility View** | Choose whether employees can configure Compatibility View. | Choose whether an employee can swipe across a screen or click forward to go to the next pre-loaded page of a website.
Default: Disabled |
-| **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Internet Control Panel** > **Advanced Page** | Turn off the flip ahead with page prediction feature | Choose whether an employee can swipe across a screen or click forward to go to the next pre-loaded page of a website.
Default: Enabled |
-| **Computer Configuration** > **Administrative Templates** > **Windows Components** > **RSS Feeds** | Turn off background synchronization for feeds and Web Slices | Choose whether to have background synchronization for feeds and Web Slices.
Default: Enabled |
-| **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Allow Online Tips** | Allow Online Tips | Enables or disables the retrieval of online tips and help for the Settings app.
Set to : Disabled |
+| **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Compatibility View** > **Turn off Compatibility View** | Choose whether employees can configure Compatibility View. | Choose whether an employee can fix website display problems that he or she may encounter while browsing.
**Set to: Enabled** |
+| **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Internet Control Panel** > **Advanced Page** | Turn off the flip ahead with page prediction feature | Choose whether an employee can swipe across a screen or click forward to go to the next pre-loaded page of a website.
**Set to: Enabled** |
+| **Computer Configuration** > **Administrative Templates** > **Windows Components** > **RSS Feeds** | Turn off background synchronization for feeds and Web Slices | Choose whether to have background synchronization for feeds and Web Slices.
**Set to: Enabled** |
+| **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Allow Online Tips** | Allow Online Tips | Enables or disables the retrieval of online tips and help for the Settings app.
**Set to: Disabled** |
-You can also use registry entries to set these Group Policies.
+You can also use Registry keys to set these policies.
-| Policy | Registry path |
+| Registry Key | Registry path |
|------------------------------------------------------|-----------------------------------------------------------------------------------------------------|
-| Choose whether employees can configure Compatibility View. | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\BrowserEmulation
REG_DWORD: MSCompatibilityMode
Value: 0|
-| Turn off the flip ahead with page prediction feature | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\FlipAhead
REG_DWORD: Enabled
Value: 0|
-| Turn off background synchronization for feeds and Web Slices | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Feeds
REG_DWORD: BackgroundSyncStatus
Value: 0|
-| Turn off Online Tips | HKEY\_LOCAL\_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer
REG_DWORD: AllowOnlineTips
Value: 0|
+| Choose whether employees can configure Compatibility View. | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\BrowserEmulation
REG_DWORD: DisableSiteListEditing
**Set Value to 1**|
+| Turn off the flip ahead with page prediction feature | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\FlipAhead
REG_DWORD: Enabled
**Set Value to 0**|
+| Turn off background synchronization for feeds and Web Slices | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Feeds
REG_DWORD: BackgroundSyncStatus
**Set Value to 0**|
+| Allow Online Tips | HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer
REG_DWORD: AllowOnlineTips
**Set Value to 0 (zero)**|
+
+To turn off the home page, **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Disable changing home page settings**, and set it to **about:blank**.
+
+ -or -
+
+- Create a new REG_SZ registry setting named **Start Page** in **HKEY_Current_User\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Main** with a **about:blank**
+
+ -and -
+
+- Create a new REG_DWORD registry setting named **HomePage** in **HKEY_Current_User\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Control Panel** with a **1 (one)**
+To configure the First Run Wizard, **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Prevent running First Run wizard**, and set it to **Go directly to home page**.
-To turn off the home page, enable the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Disable changing home page settings**, and set it to **about:blank**.
+ -or -
-To configure the First Run Wizard, enable the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Prevent running First Run wizard**, and set it to **Go directly to home page**.
+- Create a new REG_DWORD registry setting named **DisableFirstRunCustomize** in **HKEY_Current_User\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Main** with a **1 (one)**
+
+
+To configure the behavior for a new tab, **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Specify default behavior for a new tab**, and set it to **about:blank**.
+
+ -or -
+
+- Create a new REG_DWORD registry setting named **NewTabPageShow** in **HKEY_Current_User\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\TabbedBrowsing** with a **0 (zero)**
-To configure the behavior for a new tab, enable the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Specify default behavior for a new tab**, and set it to **about:blank**.
### 8.1 ActiveX control blocking
@@ -552,11 +563,11 @@ ActiveX control blocking periodically downloads a new list of out-of-date Active
You can turn this off by:
-- Apply the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Security Features** > **Add-on Management** > **Turn off Automatic download of the ActiveX VersionList**
+- **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Security Features** > **Add-on Management** > **Turn off Automatic download of the ActiveX VersionList**
-or -
-- Changing the REG\_DWORD registry setting **HKEY\_CURRENT\_USER\\Software\\Microsoft\\Internet Explorer\\VersionManager\\DownloadVersionList** to 0 (zero).
+- Changing the REG_DWORD registry setting **HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\VersionManager\\DownloadVersionList** to **0 (zero)**.
For more info, see [Out-of-date ActiveX control blocking](https://technet.microsoft.com/library/dn761713.aspx).
@@ -564,7 +575,7 @@ For more info, see [Out-of-date ActiveX control blocking](https://technet.micros
You can turn off License Manager related traffic by setting the following registry entry:
-- Add a REG\_DWORD value named **Start** to **HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Services\\LicenseManager** and set the value to 4
+- Add a REG_DWORD value named **Start** to **HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\LicenseManager** and set the **value to 4**
- The value 4 is to disable the service. Here are the available options to set the registry:
@@ -582,11 +593,11 @@ You can turn off License Manager related traffic by setting the following regist
To turn off Live Tiles:
-- Apply the Group Policy: **User Configuration** > **Administrative Templates** > **Start Menu and Taskbar** > **Notifications** > **Turn Off notifications network usage**
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Start Menu and Taskbar** > **Notifications** > **Turn Off notifications network usage**
-or-
-- Create a REG\_DWORD registry setting named **NoCloudApplicationNotification** in **HKEY\_CURRENT\_USER\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications** with a value of 1 (one).
+- Create a REG_DWORD registry setting named **NoCloudApplicationNotification** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications** with a **value of 1 (one)**
In Windows 10 Mobile, you must also unpin all tiles that are pinned to Start.
@@ -606,28 +617,24 @@ To turn off mail synchronization for Microsoft Accounts that are configured on a
To turn off the Windows Mail app:
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Mail** > **Turn off Windows Mail application**
-
- -or-
-
-- Create a REG\_DWORD registry setting named **ManualLaunchAllowed** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Mail** with a value of 0 (zero).
+- Create a REG_DWORD registry setting named **ManualLaunchAllowed** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Mail** with a **value of 0 (zero)**.
### 12. Microsoft Account
To prevent communication to the Microsoft Account cloud authentication service. Many apps and system components that depend on Microsoft Account authentication may lose functionality. Some of them could be in unexpected ways. For example, Windows Update will no longer offer feature updates to devices running Windows 10 1709 or higher. See [Feature updates are not being offered while other updates are](https://docs.microsoft.com/windows/deployment/update/windows-update-troubleshooting#feature-updates-are-not-being-offered-while-other-updates-are).
-- Apply the Group Policy: **Computer Configuration** > **Windows Settings** > **Security Settings** > **Local Policies** > **Security Options** > **Accounts: Block Microsoft Accounts** and set it to **Users can't add Microsoft accounts**.
+- **Enable** the Group Policy: **Computer Configuration** > **Windows Settings** > **Security Settings** > **Local Policies** > **Security Options** > **Accounts: Block Microsoft Accounts** and set it to **Users can't add Microsoft accounts**.
-or-
-- Create a REG\_DWORD registry setting named **NoConnectedUser** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System** with a value of 3.
+- Create a REG_DWORD registry setting named **NoConnectedUser** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System** with a **value of 3**.
To disable the Microsoft Account Sign-In Assistant:
- Apply the Accounts/AllowMicrosoftAccountSignInAssistant MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where 0 is turned off and 1 is turned on.
-- Change the Start REG\_DWORD registry setting in **HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Services\\wlidsvc** to a value of **4**.
+- Change the **Start** REG_DWORD registry setting in **HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\wlidsvc** to a value of **4**.
### 13. Microsoft Edge
@@ -640,30 +647,33 @@ Find the Microsoft Edge Group Policy objects under **Computer Configuration** &g
| Policy | Description |
|------------------------------------------------------|-----------------------------------------------------------------------------------------------------|
-| Allow configuration updates for the Books Library | Choose whether configuration updates are done for the Books Library.
Default: Enabled |
-| Configure Autofill | Choose whether employees can use autofill on websites.
Default: Enabled |
-| Configure Do Not Track | Choose whether employees can send Do Not Track headers.
Default: Disabled |
-| Configure Password Manager | Choose whether employees can save passwords locally on their devices.
Default: Enabled |
-| Configure search suggestions in Address Bar | Choose whether the Address Bar shows search suggestions.
Default: Enabled |
-| Configure Windows Defender SmartScreen (Windows 10, version 1703) | Choose whether Windows Defender SmartScreen is turned on or off.
Default: Enabled |
-| Allow web content on New Tab page | Choose whether a new tab page appears.
Default: Enabled |
-| Configure Start pages | Choose the Start page for domain-joined devices.
Set this to **\** |
-| Prevent the First Run webpage from opening on Microsoft Edge | Choose whether employees see the First Run webpage.
Set to: Enable |
+| Allow Address bar drop-down list suggestions | Choose whether to show the address bar drop-down list
**Set to Disabled** |
+| Allow configuration updates for the Books Library | Choose whether configuration updates are done for the Books Library.
**Set to Disabled** |
+| Configure Autofill | Choose whether employees can use autofill on websites.
**Set to Disabled** |
+| Configure Do Not Track | Choose whether employees can send Do Not Track headers.
**Set to Enabled** |
+| Configure Password Manager | Choose whether employees can save passwords locally on their devices.
**Set to Disabled** |
+| Configure search suggestions in Address Bar | Choose whether the Address Bar shows search suggestions.
**Set to Disabled** |
+| Configure Windows Defender SmartScreen (Windows 10, version 1703) | Choose whether Windows Defender SmartScreen is turned on or off.
**Set to Disabled** |
+| Allow web content on New Tab page | Choose whether a new tab page appears.
**Set to Disabled** |
+| Configure Start pages | Choose the Start page for domain-joined devices.
**Enabled** and **Set this to <>** |
+| Prevent the First Run webpage from opening on Microsoft Edge | Choose whether employees see the First Run webpage.
**Set to: Enable** |
+| Allow Microsoft Compatibility List | Choose whether to use the Microsoft Compatibility List in Microsoft Edge.
**Set to: Disabled** |
-Alternatively, you can configure the Microsoft Group Policies using the following registry entries:
+Alternatively, you can configure the these Registry keys as described:
-| Policy | Registry path |
+| Registry Key | Registry path |
| - | - |
-| Allow Address Bar drop-down list suggestions | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\ServiceUI
REG_DWORD name: ShowOneBox
Value: 0|
-| Allow configuration updates for the Books Library | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\BooksLibrary
REG_DWORD name: AllowConfigurationUpdateForBooksLibrary
Value: 1|
-| Configure Autofill | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main
REG_SZ name: Use FormSuggest
Value : **no** |
-| Configure Do Not Track | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main
REG_DWORD name: DoNotTrack
REG_DWORD: 1 |
-| Configure Password Manager | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main
REG_SZ name: FormSuggest Passwords
REG_SZ: **no** |
-| Configure search suggestions in Address Bar | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\SearchScopes
REG_DWORD name: ShowSearchSuggestionsGlobal
Value: 0|
-| Configure Windows Defender SmartScreen Filter (Windows 10, version 1703) | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\PhishingFilter
REG_DWORD name: EnabledV9
Value: 0 |
-| Allow web content on New Tab page | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\SearchScopes
REG_DWORD name: AllowWebContentOnNewTabPage
Value: 0 |
-| Configure corporate Home pages | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\ServiceUI
REG_DWORD name: ProvisionedHomePages
Value: 0|
-| Prevent the First Run webpage from opening on Microsoft Edge | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main
REG_DWORD name: PreventFirstRunPage
Value: 1|
+| Allow Address Bar drop-down list suggestions | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\ServiceUI
REG_DWORD name: ShowOneBox
Set to **0**|
+| Allow configuration updates for the Books Library | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\BooksLibrary
REG_DWORD name: AllowConfigurationUpdateForBooksLibrary
Set to **0**|
+| Configure Autofill | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main
REG_SZ name: Use FormSuggest
Value : **No** |
+| Configure Do Not Track | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main
REG_DWORD name: DoNotTrack
REG_DWORD: **1** |
+| Configure Password Manager | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main
REG_SZ name: FormSuggest Passwords
REG_SZ: **No** |
+| Configure search suggestions in Address Bar | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\SearchScopes
REG_DWORD name: ShowSearchSuggestionsGlobal
Value: **0**|
+| Configure Windows Defender SmartScreen Filter (Windows 10, version 1703) | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\PhishingFilter
REG_DWORD name: EnabledV9
Value: **0** |
+| Allow web content on New Tab page | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\ServiceUI
REG_DWORD name: AllowWebContentOnNewTabPage
Value: **0** |
+| Configure corporate Home pages | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Internet Settings
REG_SZ name: ProvisionedHomePages
Value: **<>**|
+| Prevent the First Run webpage from opening on Microsoft Edge | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main
REG_DWORD name: PreventFirstRunPage
Value: **1**|
+| Choose whether employees can configure Compatibility View. | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\BrowserEmulation
REG_DWORD: MSCompatibilityMode
Value: **0**|
### 13.2 Microsoft Edge MDM policies
@@ -672,13 +682,13 @@ The following Microsoft Edge MDM policies are available in the [Policy CSP](http
| Policy | Description |
|------------------------------------------------------|-----------------------------------------------------------------------------------------------------|
-| Browser/AllowAutoFill | Choose whether employees can use autofill on websites.
Default: Allowed |
-| Browser/AllowDoNotTrack | Choose whether employees can send Do Not Track headers.
Default: Not allowed |
-| Browser/AllowMicrosoftCompatbilityList | Specify the Microsoft compatibility list in Microsoft Edge.
Default: Enabled |
-| Browser/AllowPasswordManager | Choose whether employees can save passwords locally on their devices.
Default: Allowed |
-| Browser/AllowSearchSuggestionsinAddressBar | Choose whether the Address Bar shows search suggestions..
Default: Allowed |
-| Browser/AllowSmartScreen | Choose whether SmartScreen is turned on or off.
Default: Allowed |
-| Browser/FirstRunURL | Choose the home page for Microsoft Edge on Windows Mobile 10.
Default: blank |
+| Browser/AllowAutoFill | Choose whether employees can use autofill on websites.
**Set to: Not Allowed** |
+| Browser/AllowDoNotTrack | Choose whether employees can send Do Not Track headers.
**Set to: Allowed** |
+| Browser/AllowMicrosoftCompatbilityList | Specify the Microsoft compatibility list in Microsoft Edge.
**Set to: Not Allowed** |
+| Browser/AllowPasswordManager | Choose whether employees can save passwords locally on their devices.
**Set to: Not Allowed** |
+| Browser/AllowSearchSuggestionsinAddressBar | Choose whether the Address Bar shows search suggestions..
**Set to: Not Allowed** |
+| Browser/AllowSmartScreen | Choose whether SmartScreen is turned on or off.
**Set to: Not Allowed** |
+| Browser/FirstRunURL | Choose the home page for Microsoft Edge on Windows Mobile 10.
**Set to:** blank |
For a complete list of the Microsoft Edge policies, see [Available policies for Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/available-policies).
@@ -691,7 +701,7 @@ In versions of Windows 10 prior to Windows 10, version 1607 and Windows Server 2
You can turn off NCSI by doing one of the following:
-- Enable the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Internet Communication Management** > **Internet Communication Settings** > **Turn off Windows Network Connectivity Status Indicator active tests**
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Internet Communication Management** > **Internet Communication Settings** > **Turn off Windows Network Connectivity Status Indicator active tests**
- In Windows 10, version 1703 and later, apply the Connectivity/DisallowNetworkConnectivityActiveTests MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) with a value of 1.
@@ -700,49 +710,49 @@ You can turn off NCSI by doing one of the following:
-or-
-- Create a REG\_DWORD registry setting named **NoActiveProbe** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\NetworkConnectivityStatusIndicator** with a value of 1 (one).
+- Create a REG_DWORD registry setting named **NoActiveProbe** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\NetworkConnectivityStatusIndicator** with a value of 1 (one).
### 15. Offline maps
You can turn off the ability to download and update offline maps.
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Maps** > **Turn off Automatic Download and Update of Map Data**
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Maps** > **Turn off Automatic Download and Update of Map Data**
-or-
-- Create a REG\_DWORD registry setting named **AutoDownloadAndUpdateMapData** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Maps** with a value of 0 (zero).
+- Create a REG_DWORD registry setting named **AutoDownloadAndUpdateMapData** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Maps** with a **value of 0 (zero)**.
-or-
-- In Windows 10, version 1607 and later, apply the Maps/EnableOfflineMapsAutoUpdate MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate) with a value of 0.
+- In Windows 10, version 1607 and later, apply the Maps/EnableOfflineMapsAutoUpdate MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate) with a **value of 0**.
-and-
-- In Windows 10, version 1607 and later, apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Maps** > **Turn off unsolicited network traffic on the Offline Maps settings page**
+- In Windows 10, version 1607 and later, **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Maps** > **Turn off unsolicited network traffic on the Offline Maps settings page**
-or-
-- Create a REG\_DWORD registry setting named **AllowUntriggeredNetworkTrafficOnSettingsPage** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Maps** with a value of 0 (zero).
+- Create a REG_DWORD registry setting named **AllowUntriggeredNetworkTrafficOnSettingsPage** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Maps** with a value of 0 (zero).
### 16. OneDrive
To turn off OneDrive in your organization:
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **OneDrive** > **Prevent the usage of OneDrive for file storage**
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **OneDrive** > **Prevent the usage of OneDrive for file storage**
-or-
-- Create a REG\_DWORD registry setting named **DisableFileSyncNGSC** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\OneDrive** with a value of 1 (one).
+- Create a REG_DWORD registry setting named **DisableFileSyncNGSC** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\OneDrive** with a value of 1 (one).
-and-
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **OneDrive** > **Prevent OneDrive from generating network traffic until the user signs in to OneDrive (Enable)**
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **OneDrive** > **Prevent OneDrive from generating network traffic until the user signs in to OneDrive (Enable)**
-or-
-- Create a REG\_DWORD registry setting named **PreventNetworkTrafficPreUserSignIn** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\OneDrive** with a value of 1 (one).
+- Create a REG_DWORD registry setting named **PreventNetworkTrafficPreUserSignIn** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\OneDrive** with a **value of 1 (one)**
- -or-
+-or-
- Set the System/DisableOneDriveFileSync MDM policy from the [Policy CSP](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync) to True (value 1) to disable OneDrive File Sync.
@@ -881,7 +891,7 @@ Use Settings > Privacy to configure some settings that may be important to yo
- [18.5 Notifications](#bkmk-priv-notifications)
-- [18.6 Speech, inking, & typing](#bkmk-priv-speech)
+- [18.6 Speech](#bkmk-priv-speech)
- [18.7 Account info](#bkmk-priv-accounts)
@@ -895,19 +905,23 @@ Use Settings > Privacy to configure some settings that may be important to yo
- [18.12 Messaging](#bkmk-priv-messaging)
-- [18.13 Radios](#bkmk-priv-radios)
+- [18.13 Phone Calls](#bkmk-priv-phone-calls)
-- [18.14 Other devices](#bkmk-priv-other-devices)
+- [18.14 Radios](#bkmk-priv-radios)
-- [18.15 Feedback & diagnostics](#bkmk-priv-feedback)
+- [18.15 Other devices](#bkmk-priv-other-devices)
-- [18.16 Background apps](#bkmk-priv-background)
+- [18.16 Feedback & diagnostics](#bkmk-priv-feedback)
-- [18.17 Motion](#bkmk-priv-motion)
+- [18.17 Background apps](#bkmk-priv-background)
-- [18.18 Tasks](#bkmk-priv-tasks)
+- [18.18 Motion](#bkmk-priv-motion)
-- [18.19 App Diagnostics](#bkmk-priv-diag)
+- [18.19 Tasks](#bkmk-priv-tasks)
+
+- [18.20 App Diagnostics](#bkmk-priv-diag)
+
+- [18.21 Inking & Typing](#bkmk-priv-ink)
### 18.1 General
@@ -924,15 +938,15 @@ To turn off **Let apps use advertising ID to make ads more interesting to you ba
-or-
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **User Profiles** > **Turn off the advertising ID**.
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **User Profiles** > **Turn off the advertising ID**.
-or-
-- Create a REG\_DWORD registry setting named **Enabled** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\AdvertisingInfo** with a value of 0 (zero).
+- Create a REG_DWORD registry setting named **Enabled** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\AdvertisingInfo** with a value of 0 (zero).
- -or-
+ -and-
-- Create a REG\_DWORD registry setting named **DisabledByGroupPolicy** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\AdvertisingInfo** with a value of 1 (one).
+- Create a REG_DWORD registry setting named **DisabledByGroupPolicy** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\AdvertisingInfo** with a value of 1 (one).
To turn off **Let websites provide locally relevant content by accessing my language list**:
@@ -940,7 +954,7 @@ To turn off **Let websites provide locally relevant content by accessing my lang
-or-
-- Create a new REG\_DWORD registry setting named **HttpAcceptLanguageOptOut** in **HKEY\_CURRENT\_USER\\Control Panel\\International\\User Profile** with a value of 1.
+- Create a new REG_DWORD registry setting named **HttpAcceptLanguageOptOut** in **HKEY_CURRENT_USER\\Control Panel\\International\\User Profile** with a value of 1.
To turn off **Let Windows track app launches to improve Start and search results**:
@@ -948,7 +962,7 @@ To turn off **Let Windows track app launches to improve Start and search results
-or-
-- Create a REG_DWORD registry setting named **Start_TrackProgs** in **HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced** with value of 0 (zero).
+- Create a REG_DWORD registry setting named **Start_TrackProgs** in **HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced** with value of 0 (zero).
#### Windows Server 2016 and Windows 10, version 1607 and earlier options
@@ -961,15 +975,15 @@ To turn off **Let apps use my advertising ID for experiences across apps (turnin
-or-
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **User Profiles** > **Turn off the advertising ID**.
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **User Profiles** > **Turn off the advertising ID**.
+
+ -or-
+
+- Create a REG_DWORD registry setting named **Enabled** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\AdvertisingInfo** with a value of 0 (zero).
-or-
-- Create a REG\_DWORD registry setting named **Enabled** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\AdvertisingInfo** with a value of 0 (zero).
-
- -or-
-
-- Create a REG\_DWORD registry setting named **DisabledByGroupPolicy** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\AdvertisingInfo** with a value of 1 (one).
+- Create a REG_DWORD registry setting named **DisabledByGroupPolicy** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\AdvertisingInfo** with a value of 1 (one).
To turn off **Turn on SmartScreen Filter to check web content (URLs) that Microsoft Store apps use**:
@@ -977,30 +991,22 @@ To turn off **Turn on SmartScreen Filter to check web content (URLs) that Micros
-or-
-- Create a provisioning package, using:
- - For Internet Explorer: **Runtime settings > Policies > Browser > AllowSmartScreen**
- - For Microsoft Edge: **Runtime settings > Policies > MicrosoftEdge > AllowSmartScreen**
-
- -or-
-
-- Create a REG_DWORD registry setting named **EnableWebContentEvaluation** in **HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost** with a value of 0 (zero).
+- Create a REG_DWORD registry setting named **EnableWebContentEvaluation** in **HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\AppHost** with a value of 0 (zero).
To turn off **Send Microsoft info about how I write to help us improve typing and writing in the future**:
> [!NOTE]
> If the diagnostic data level is set to either **Basic** or **Security**, this is turned off automatically.
-
-
- Turn off the feature in the UI.
-or-
- Apply the TextInput/AllowLinguisticDataCollection MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where:
- - **0**. Not allowed
+ - **0**. Not allowed
- - **1**. Allowed (default)
+ - **1**. Allowed (default)
To turn off **Let websites provide locally relevant content by accessing my language list**:
@@ -1008,7 +1014,7 @@ To turn off **Let websites provide locally relevant content by accessing my lang
-or-
-- Create a new REG\_DWORD registry setting named **HttpAcceptLanguageOptOut** in **HKEY\_CURRENT\_USER\\Control Panel\\International\\User Profile** with a value of 1.
+- Create a new REG_DWORD registry setting named **HttpAcceptLanguageOptOut** in **HKEY_CURRENT_USER\\Control Panel\\International\\User Profile** with a value of 1.
To turn off **Let apps on my other devices open apps and continue experiences on this devices**:
@@ -1020,7 +1026,7 @@ To turn off **Let apps on my other devices open apps and continue experiences on
-or-
-- Create a REG\_DWORD registry setting named **EnableCdp** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a value of 0 (zero).
+- Create a REG_DWORD registry setting named **EnableCdp** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a value of 0 (zero).
To turn off **Let apps on my other devices use Bluetooth to open apps and continue experiences on this device**:
@@ -1036,46 +1042,39 @@ To turn off **Location for this device**:
-or-
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Location and Sensors** > **Turn off location**.
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Location and Sensors** > **Turn off location**.
-or-
-- Create a REG\_DWORD registry setting named **LetAppsAccessLocation** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
+- Create a REG_DWORD registry setting named **LetAppsAccessLocation** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**.
-or-
- Apply the System/AllowLocation MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx), where:
- - **0**. Turned off and the employee can't turn it back on.
+ - **0**. Turned off and the employee can't turn it back on.
- - **1**. Turned on, but lets the employee choose whether to use it. (default)
+ - **1**. Turned on, but lets the employee choose whether to use it. (default)
- - **2**. Turned on and the employee can't turn it off.
+ - **2**. Turned on and the employee can't turn it off.
> [!NOTE]
> You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx).
- -or-
-
-- Create a provisioning package, using **Runtime settings** > **Policies** > **System** > **AllowLocation**, where
-
- - **No**. Turns off location service.
-
- - **Yes**. Turns on location service. (default)
-
To turn off **Location**:
- Turn off the feature in the UI.
-
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access location**
+
+ -or-
+
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access location**
- Set the **Select a setting** box to **Force Deny**.
-or-
-- Create a REG\_DWORD registry setting named **DisableLocation** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\LocationAndSensors** with a value of 1 (one).
+- Create a REG_DWORD registry setting named **DisableLocation** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\LocationAndSensors** with a value of 1 (one).
- -or-
To turn off **Location history**:
@@ -1101,26 +1100,19 @@ To turn off **Let apps use my camera**:
-or-
-- Create a REG\_DWORD registry setting named **LetAppsAccessCamera** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
+- Create a REG_DWORD registry setting named **LetAppsAccessCamera** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
-or-
- Apply the Camera/AllowCamera MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx), where:
- - **0**. Apps can't use the camera.
+ - **0**. Apps can't use the camera.
- - **1**. Apps can use the camera.
+ - **1**. Apps can use the camera.
> [!NOTE]
> You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx).
- -or-
-
-- Create a provisioning package with use Windows ICD, using **Runtime settings** > **Policies** > **Camera** > **AllowCamera**, where:
-
- - **0**. Apps can't use the camera.
-
- - **1**. Apps can use the camera.
To turn off **Choose apps that can use your camera**:
@@ -1144,13 +1136,13 @@ To turn off **Let apps use my microphone**:
- Apply the Privacy/LetAppsAccessMicrophone MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessmicrophone), where:
- - **0**. User in control
- - **1**. Force allow
- - **2**. Force deny
+ - **0**. User in control
+ - **1**. Force allow
+ - **2**. Force deny
-or-
-- Create a REG\_DWORD registry setting named **LetAppsAccessMicrophone** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two)
+- Create a REG_DWORD registry setting named **LetAppsAccessMicrophone** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two)
To turn off **Choose apps that can use your microphone**:
@@ -1169,15 +1161,15 @@ To turn off notifications network usage:
-or-
-- Create a REG\_DWORD registry setting named **NoCloudApplicationNotification** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications** with a value of 1 (one)
+- Create a REG_DWORD registry setting named **NoCloudApplicationNotification** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications** with a value of 1 (one)
-or-
- Apply the Notifications/DisallowCloudNotification MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-notifications#notifications-disallowcloudnotification), where:
- - **0**. WNS notifications allowed
- - **1**. No WNS notifications allowed
+ - **0**. WNS notifications allowed
+ - **1**. No WNS notifications allowed
In the **Notifications** area, you can also choose which apps have access to notifications.
@@ -1195,55 +1187,33 @@ To turn off **Let apps access my notifications**:
- Apply the Privacy/LetAppsAccessNotifications MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessnotifications), where:
- - **0**. User in control
- - **1**. Force allow
- - **2**. Force deny
+ - **0**. User in control
+ - **1**. Force allow
+ - **2**. Force deny
-or-
-- Create a REG\_DWORD registry setting named **LetAppsAccessNotifications** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two)
+- Create a REG_DWORD registry setting named **LetAppsAccessNotifications** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two)
-### 18.6 Speech, inking, & typing
+### 18.6 Speech
-In the **Speech, Inking, & Typing** area, you can let Windows and Cortana better understand your employee's voice and written input by sampling their voice and writing, and by comparing verbal and written input to contact names and calendar entrees.
+In the **Speech** area, you can configure the functionality as such:
-> [!NOTE]
-> For more info on how to disable Cortana in your enterprise, see [Cortana](#bkmk-cortana) in this article.
+To turn off streaming audio to Microsoft Speech services,
-To turn off the functionality:
-
-- Click the **Stop getting to know me** button, and then click **Turn off**.
+- Toggle the Settings -> Privacy -> Speech -> **Online speech recognition** switch to **Off**
-or-
-- Enable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Regional and Language Options** > **Handwriting personalization** > **Turn off automatic learning**
+- **Disable** the Group Policy: **Computer Configuration > Administrative Templates > Control Panel > Regional and Language Options > Allow users to enable online speech recognition services**
-or-
-- Create a REG\_DWORD registry setting named **RestrictImplicitInkCollection** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\InputPersonalization** with a value of 1 (one).
+- Set the Privacy\AllowInputPersonalization MDM Policy from the Policy CSP to **0 - Not allowed**
-or-
-- Create a REG\_DWORD registry setting named **AcceptedPrivacyPolicy** in **HKEY\_CURRENT\_USER\\Software\\Microsoft\\Personalization\\Settings** with a value of 0 (zero).
-
- -and-
-
-- Create a REG\_DWORD registry setting named **HarvestContacts** in **HKEY\_CURRENT\_USER\\Software\\Microsoft\\InputPersonalization\\TrainedDataStore** with a value of 0 (zero).
-
-If you're running at least Windows 10, version 1703, you can turn off updates to the speech recognition and speech synthesis models:
-
-- Disable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Speech** > **Allow automatically update of Speech Data**
-
-If you're running at least Windows 10, version 1607, you can turn off updates to the speech recognition and speech synthesis models:
-
-Apply the Speech/AllowSpeechModelUpdate MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962(v=vs.85).aspx#Speech_AllowSpeechModelUpdate), where:
-
-- **0** (default). Not allowed.
-- **1**. Allowed.
-
- -or-
-
-- Create a REG\_DWORD registry setting named **ModelDownloadAllowed** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Speech_OneCore\\Preferences** with a value of 0 (zero).
+- Create a REG_DWORD registry setting named **HasAccepted** in **HKEY_CURRENT_USER\\Software\\Microsoft\\Speech_OneCore\\Settings\\OnlineSpeechPrivacy** with a **value of 0 (zero)**
### 18.7 Account info
@@ -1263,13 +1233,15 @@ To turn off **Let apps access my name, picture, and other account info**:
- Apply the Privacy/LetAppsAccessAccountInfo MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessaccountinfo), where:
- - **0**. User in control
- - **1**. Force allow
- - **2**. Force deny
+ - **0**. User in control
+ - **1**. Force allow
+ - **2**. Force deny
-or-
-- Create a REG\_DWORD registry setting named **LetAppsAccessAccountInfo** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
+- Create a REG_DWORD registry setting named **LetAppsAccessAccountInfo** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
+
+
To turn off **Choose the apps that can access your account info**:
@@ -1293,13 +1265,13 @@ To turn off **Choose apps that can access contacts**:
- Apply the Privacy/LetAppsAccessContacts MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccesscontacts), where:
- - **0**. User in control
- - **1**. Force allow
- - **2**. Force deny
+ - **0**. User in control
+ - **1**. Force allow
+ - **2**. Force deny
-or-
-- Create a REG\_DWORD registry setting named **LetAppsAccessContacts** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
+- Create a REG_DWORD registry setting named **LetAppsAccessContacts** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
### 18.9 Calendar
@@ -1319,13 +1291,13 @@ To turn off **Let apps access my calendar**:
- Apply the Privacy/LetAppsAccessCalendar MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccesscalendar), where:
- - **0**. User in control
- - **1**. Force allow
- - **2**. Force deny
+ - **0**. User in control
+ - **1**. Force allow
+ - **2**. Force deny
-or-
-- Create a REG\_DWORD registry setting named **LetAppsAccessCalendar** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
+- Create a REG_DWORD registry setting named **LetAppsAccessCalendar** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
To turn off **Choose apps that can access calendar**:
@@ -1349,13 +1321,13 @@ To turn off **Let apps access my call history**:
- Apply the Privacy/LetAppsAccessCallHistory MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccesscallhistory), where:
- - **0**. User in control
- - **1**. Force allow
- - **2**. Force deny
+ - **0**. User in control
+ - **1**. Force allow
+ - **2**. Force deny
-or-
-- Create a REG\_DWORD registry setting named **LetAppsAccessCallHistory** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
+- Create a REG_DWORD registry setting named **LetAppsAccessCallHistory** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
### 18.11 Email
@@ -1381,7 +1353,7 @@ To turn off **Let apps access and send email**:
-or-
-- Create a REG\_DWORD registry setting named **LetAppsAccessEmail** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
+- Create a REG_DWORD registry setting named **LetAppsAccessEmail** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
### 18.12 Messaging
@@ -1401,13 +1373,13 @@ To turn off **Let apps read or send messages (text or MMS)**:
- Apply the Privacy/LetAppsAccessMessaging MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessmessaging), where:
- - **0**. User in control
- - **1**. Force allow
- - **2**. Force deny
+ - **0**. User in control
+ - **1**. Force allow
+ - **2**. Force deny
-or-
-- Create a REG\_DWORD registry setting named **LetAppsAccessMessaging** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
+- Create a REG_DWORD registry setting named **LetAppsAccessMessaging** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
To turn off **Choose apps that can read or send messages**:
@@ -1415,13 +1387,13 @@ To turn off **Choose apps that can read or send messages**:
**To turn off Message Sync**
-- Create a REG\_DWORD registry setting named **AllowMessageSync** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\Messaging and set the value to 0.
+- Create a REG_DWORD registry setting named **AllowMessageSync** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\Messaging** and set the **value to 0 (zero)**.
-or-
- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Messaging**
- - Set the **Allow Message Service Cloud** to **Disable**.
+ - Set the **Allow Message Service Cloud Sync** to **Disable**.
### 18.13 Phone calls
@@ -1441,13 +1413,13 @@ To turn off **Let apps make phone calls**:
- Apply the Privacy/LetAppsAccessPhone MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone), where:
- - **0**. User in control
- - **1**. Force allow
- - **2**. Force deny
+ - **0**. User in control
+ - **1**. Force allow
+ - **2**. Force deny
-or-
-- Create a REG\_DWORD registry setting named **LetAppsAccessPhone** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
+- Create a REG_DWORD registry setting named **LetAppsAccessPhone** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
To turn off **Choose apps that can make phone calls**:
@@ -1478,7 +1450,7 @@ To turn off **Let apps control radios**:
-or-
-- Create a REG\_DWORD registry setting named **LetAppsAccessRadios** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
+- Create a REG_DWORD registry setting named **LetAppsAccessRadios** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
To turn off **Choose apps that can control radios**:
@@ -1491,23 +1463,19 @@ In the **Other Devices** area, you can choose whether devices that aren't paired
To turn off **Let apps automatically share and sync info with wireless devices that don't explicitly pair with your PC, tablet, or phone**:
-- Turn off the feature in the UI.
+- Turn off the feature in the UI by going to Settings > Privacy > Other devices > "Communicate with unpaired devices. Let apps automatically share and sync info with wireless devices that don't explicitly pair with your PC, tablet, or phone" and **Turn it OFF**.
-or-
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps sync with devices**
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps communicate with unpaired devices** and set the **Select a setting** box to **Force Deny**.
-or-
-- Apply the Privacy/LetAppsSyncWithDevices MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappssyncwithdevices), where:
-
- - **0**. User in control
- - **1**. Force allow
- - **2**. Force deny
+- Set the Privacy/LetAppsSyncWithDevices MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappssyncwithdevices) to **2**. Force deny
-or-
-- Create a REG\_DWORD registry setting named **LetAppsSyncWithDevices** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
+- Create a REG_DWORD registry setting named **LetAppsSyncWithDevices** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**.
To turn off **Let your apps use your trusted devices (hardware you've already connected, or comes with your PC, tablet, or phone)**:
@@ -1515,9 +1483,11 @@ To turn off **Let your apps use your trusted devices (hardware you've already co
-or-
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access trusted devices**
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access trusted devices** and set the **Select a setting** box to **Force Deny**.
-- Set the **Select a setting** box to **Force Deny**.
+ -or-
+
+- Create a REG_DWORD registry setting named **LetAppsAccessTrustedDevices** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**.
-or-
@@ -1538,24 +1508,23 @@ To change how frequently **Windows should ask for my feedback**:
> Feedback frequency only applies to user-generated feedback, not diagnostic and usage data sent from the device.
-
- To change from **Automatically (Recommended)**, use the drop-down list in the UI.
-or-
-- Enable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Data Collection and Preview Builds** > **Do not show feedback notifications**
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Data Collection and Preview Builds** > **Do not show feedback notifications**
-or-
-- Create a REG\_DWORD registry setting named **DoNotShowFeedbackNotifications** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\DataCollection** with a value of 1 (one).
+- Create a REG_DWORD registry setting named **DoNotShowFeedbackNotifications** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\DataCollection** with a value of 1 (one).
-or-
-- Create the registry keys (REG\_DWORD type):
+- Create the registry keys (REG_DWORD type):
- - HKEY\_CURRENT\_USER\\Software\\Microsoft\\Siuf\\Rules\\PeriodInNanoSeconds
+ - HKEY_CURRENT_USER\\Software\\Microsoft\\Siuf\\Rules\\PeriodInNanoSeconds
- - HKEY\_CURRENT\_USER\\Software\\Microsoft\\Siuf\\Rules\\NumberOfSIUFInPeriod
+ - HKEY_CURRENT_USER\\Software\\Microsoft\\Siuf\\Rules\\NumberOfSIUFInPeriod
Based on these settings:
@@ -1574,11 +1543,11 @@ To change the level of diagnostic and usage data sent when you **Send your devic
-or-
-- Apply the Group Policy: **Computer Configuration\\Administrative Templates\\Windows Components\\Data Collection And Preview Builds\\Allow Telemetry** and select the appropriate option for your deployment.
+- **Enable** the Group Policy: **Computer Configuration\\Administrative Templates\\Windows Components\\Data Collection And Preview Builds\\Allow Telemetry** and **set it to a value of 0**.
-or-
-- Create a REG\_DWORD registry setting in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\DataCollection\\AllowTelemetry** with a value of 0-3, as appropriate for your deployment (see below for the values for each level).
+- Create a REG_DWORD registry setting in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\DataCollection\\AllowTelemetry** with a **value of 0**.
> [!NOTE]
> If the **Security** option is configured by using Group Policy or the Registry, the value will not be reflected in the UI. The **Security** option is only available in Windows 10 Enterprise edition.
@@ -1587,25 +1556,14 @@ To change the level of diagnostic and usage data sent when you **Send your devic
- Apply the System/AllowTelemetry MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx), where:
- - **0**. Maps to the **Security** level.
+ - **0**. Maps to the **Security** level.
- - **1**. Maps to the **Basic** level.
+ - **1**. Maps to the **Basic** level.
- - **2**. Maps to the **Enhanced** level.
+ - **2**. Maps to the **Enhanced** level.
- - **3**. Maps to the **Full** level.
-
- -or-
-
-- Create a provisioning package, using **Runtime settings** > **Policies** > **System** > **AllowTelemetry**, where:
-
- - **0**. Maps to the **Security** level.
-
- - **1**. Maps to the **Basic** level.
-
- - **2**. Maps to the **Enhanced** level.
-
- - **3**. Maps to the **Full** level.
+ - **3**. Maps to the **Full** level.
+
To turn off tailored experiences with relevant tips and recommendations by using your diagnostics data:
@@ -1613,7 +1571,20 @@ To turn off tailored experiences with relevant tips and recommendations by using
-or-
-- Apply the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Do not use diagnostic data for tailored experiences**
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Turn off Microsoft consumer experiences**
+
+ -or-
+
+- Create a REG_DWORD registry setting named **DisableWindowsConsumerFeatures** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a value of **1**
+
+ -and-
+
+- **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Do not use diagnostic data for tailored experiences**
+
+ -or-
+
+- Create a REG_DWORD registry setting named **DisableTailoredExperiencesWithDiagnosticData** in **HKEY_Current_User\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a value of **1**
+
### 18.17 Background apps
@@ -1621,25 +1592,23 @@ In the **Background Apps** area, you can choose which apps can run in the backgr
To turn off **Let apps run in the background**:
-- In **Background apps**, set **Let apps run in the background** to **Off**.
+- In the **Background apps** settings page, set **Let apps run in the background** to **Off**.
-or-
-- In **Background apps**, turn off the feature for each app.
+- In the **Background apps** settings page, turn off the feature for each app.
+
+ -or-
+
+- **Enable** the Group Policy (only applicable for Windows 10 version 1703 and above): **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps run in the background** and set the **Select a setting** box to **Force Deny**.
-or-
-- Apply the Group Policy (only applicable for Windows 10, version 1703): **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps run in the background**
-
- - Set the **Select a setting** box to **Force Deny**.
+- Create a REG_DWORD registry setting named **LetAppsRunInBackground** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**
-or-
-- Apply the Privacy/LetAppsRunInBackground MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessruninbackground), where:
-
- - **0**. User in control
- - **1**. Force allow
- - **2**. Force deny
+- Set the Privacy/LetAppsRunInBackground MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessruninbackground) to **2 Force Deny**.
> [!NOTE]
> Some apps, including Cortana and Search, might not function as expected if you set **Let apps run in the background** to **Force Deny**.
@@ -1654,19 +1623,20 @@ To turn off **Let Windows and your apps use your motion data and collect motion
-or-
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access motion**
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access motion** and set the **Default for all apps** to **Force Deny**
+
+ -or-
+
+- Create a REG_DWORD registry setting named **LetAppsAccessMotion** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**.
-or-
- Apply the Privacy/LetAppsAccessMotion MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessmotion), where:
- - **0**. User in control
- - **1**. Force allow
- - **2**. Force deny
+ - **0**. User in control
+ - **1**. Force allow
+ - **2**. Force deny
- -or-
-
-- Create a REG\_DWORD registry setting named **LetAppsAccessMotion** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
### 18.19 Tasks
@@ -1678,17 +1648,19 @@ To turn this off:
-or-
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access Tasks**
+- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access Tasks**. Set the **Select a setting** box to **Force Deny**.
- - Set the **Select a setting** box to **Force Deny**.
+ -or-
+
+- Create a REG_DWORD registry setting named **LetAppsAccessTasks** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**.
-or-
- Apply the Privacy/LetAppsAccessTasks MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccesstasks), where:
- - **0**. User in control
- - **1**. Force allow
- - **2**. Force deny
+ - **0**. User in control
+ - **1**. Force allow
+ - **2**. Force deny
### 18.20 App Diagnostics
@@ -1700,59 +1672,117 @@ To turn this off:
-or-
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access dignostic information about other apps**
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access dignostic information about other apps**
-or-
-- Apply the Privacy/LetAppsGetDiagnosticInfo MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsgetdiagnosticinfo), where:
+- Create a REG_DWORD registry setting named **LetAppsGetDiagnosticInfo** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**.
- - **0**. User in control
- - **1**. Force allow
- - **2**. Force deny
+ -or-
+- Set the Privacy/LetAppsGetDiagnosticInfo MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsgetdiagnosticinfo) to **2**. Force deny
+
+
+### 18.21 Inking & Typing
+
+In the **Inking & Typing** area you can configure the functionality as such:
+
+To turn off Inking & Typing data collection (note: there is no Group Policy for this setting):
+
+ - In the UI go to **Settings -> Privacy -> Diagnostics & Feedback -> Inking and typing** and turn **Improve inking & typing** to **Off**
+
+ -or-
+
+ - Set **RestrictImplicitTextCollection** registry REG_DWORD setting in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\InputPersonalization** to a **value of 1 (one)**
+
+ -or-
+
+ - Set the Privacy\AllowInputPersonalization MDM Policy from the Policy CSP.
+ [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) to **0** (not allowed). This policy setting controls the ability to send inking and typing data to Microsoft to improve the language recognition and suggestion capabilities of apps and services running on Windows.
+
+
+If you're running at least Windows 10, version 1703, you can turn off updates to the speech recognition and speech synthesis models:
+
+ **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Speech** > **Allow automatic update of Speech Data**
+
+ -or-
+
+ - Create a REG_DWORD registry setting named **AllowSpeechModelUpdate** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Speech** with a **value of 0 (zero)**
+
+ -or-
+
+ - Set the Speech/AllowSpeechModelUpdate MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962(v=vs.85).aspx#Speech_AllowSpeechModelUpdate) to **0**
+
+
+> [!NOTE]
+> Releases 1803 and earlier support **Speech, Inking, & Typing** as a combined settings area. For customizing those setting please follow the below instructions. For 1809 and above **Speech** and **Inking & Typing** are separate settings pages, please see the specific section (18.6 Speech or 18.21 Inking and Typing) above for those areas.
+
+In the **Speech, Inking, & Typing** area, you can let Windows and Cortana better understand your employee's voice and written input by sampling their voice and writing, and by comparing verbal and written input to contact names and calendar entrees.
+
+ For more info on how to disable Cortana in your enterprise, see [Cortana](#bkmk-cortana) in this article.
+
+ To turn off the functionality:
+
+ - Click the **Stop getting to know me** button, and then click **Turn off**.
+
+ -or-
+
+ - Enable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Regional and Language Options** > **Handwriting personalization** > **Turn off automatic learning**
+
+ -or-
+
+ - Create a REG_DWORD registry setting named **RestrictImplicitInkCollection** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\InputPersonalization** with a value of 1 (one).
+
+ -or-
+
+ - Create a REG_DWORD registry setting named **AcceptedPrivacyPolicy** in **HKEY_CURRENT_USER\\Software\\Microsoft\\Personalization\\Settings** with a value of 0 (zero).
+
+ -and-
+
+ - Create a REG_DWORD registry setting named **HarvestContacts** in **HKEY_CURRENT_USER\\Software\\Microsoft\\InputPersonalization\\TrainedDataStore** with a value of **0 (zero)**.
### 19. Software Protection Platform
-Enterprise customers can manage their Windows activation status with volume licensing using an on-premises Key Management Server. You can opt out of sending KMS client activation data to Microsoft automatically by doing one of the following:
+ Enterprise customers can manage their Windows activation status with volume licensing using an on-premises Key Management Server. You can opt out of sending KMS client activation data to Microsoft automatically by doing one of the following:
-For Windows 10:
+ **For Windows 10:**
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Software Protection Platform** > **Turn off KMS Client Online AVS Validation**
+ - **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Software Protection Platform** > **Turn off KMS Client Online AVS Validation**
-or-
-- Apply the Licensing/DisallowKMSClientOnlineAVSValidation MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where 0 is disabled (default) and 1 is enabled.
+ - Apply the Licensing/DisallowKMSClientOnlineAVSValidation MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) and **set the value to 1 (Enabled)**.
-or-
-- Create a REG\_DWORD registry setting named **NoGenTicket** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a value of 1 (one).
+ - Create a REG_DWORD registry setting named **NoGenTicket** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a **value of 1 (one)**.
-For Windows Server 2019 or later:
+**For Windows Server 2019 or later:**
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Software Protection Platform** > **Turn off KMS Client Online AVS Validation**
+ - **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Software Protection Platform** > **Turn off KMS Client Online AVS Validation**
-or-
-- Create a REG\_DWORD registry setting named **NoGenTicket** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a value of 1 (one).
+ - Create a REG_DWORD registry setting named **NoGenTicket** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a value of 1 (one).
-For Windows Server 2016:
-- Create a REG\_DWORD registry setting named **NoAcquireGT** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a value of 1 (one).
+**For Windows Server 2016:**
->[!NOTE]
->Due to a known issue the **Turn off KMS Client Online AVS Validation** group policy does not work as intended on Windows Server 2016, the **NoAcquireGT** value needs to be set instead.
+ - Create a REG_DWORD registry setting named **NoAcquireGT** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a value of 1 (one).
-The Windows activation status will be valid for a rolling period of 180 days with weekly activation status checks to the KMS.
+ >[!NOTE]
+ >Due to a known issue the **Turn off KMS Client Online AVS Validation** group policy does not work as intended on Windows Server 2016, the **NoAcquireGT** value needs to be set instead.
+ >The Windows activation status will be valid for a rolling period of 180 days with weekly activation status checks to the KMS.
### 20. Storage health
Enterprise customers can manage updates to the Disk Failure Prediction Model.
For Windows 10:
-- Disable this Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Storage Health** > **Allow downloading updates to the Disk Failure Prediction Model**
+- **Disable** this Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Storage Health** > **Allow downloading updates to the Disk Failure Prediction Model**
-or-
-- Create a REG\_DWORD registry setting named **AllowDiskHealthModelUpdates** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\StorageHealth** with a value of 0.
+- Create a REG_DWORD registry setting named **AllowDiskHealthModelUpdates** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\StorageHealth** with a value of 0.
### 21. Sync your settings
@@ -1762,28 +1792,24 @@ You can control if your settings are synchronized:
-or-
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Sync your settings** > **Do not sync**
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Sync your settings** > **Do not sync**. Leave the "Allow users to turn syncing on" checkbox **unchecked**.
-or-
-- Create a REG\_DWORD registry setting named **DisableSettingSync** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\SettingSync** with a value of 2 (two) and another named **DisableSettingSyncUserOverride** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\SettingSync** with a value of 1 (one).
+- Create a REG_DWORD registry setting named **DisableSettingSync** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\SettingSync** with a value of 2 (two) and another named **DisableSettingSyncUserOverride** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\SettingSync** with a value of 1 (one).
-or-
-- Apply the Experience/AllowSyncMySettings MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where 0 is not allowed and 1 is allowed.
+- Apply the Experience/AllowSyncMySettings MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) and **set the value to 0 (not allowed)**.
- -or-
-
-- Create a provisioning package, using **Runtime settings** > **Policies** > **Experience** > **AllowSyncMySettings**, where
-
- - **No**. Settings are not synchronized.
-
- - **Yes**. Settings are synchronized. (default)
To turn off Messaging cloud sync:
-- Set the Group Policy Allow Message Service Cloud to Disable. The Group Policy path is Computer Configuration\Administrative templates\Windows Components\Messaging\Allow Message Service Cloud
-- Create a REG\_DWORD registry setting named **CloudServiceSyncEnabled** in **HKEY\_CURRENT\_USER\\SOFTWARE\\Microsoft\\Messaging** with a value of 0 (zero).
+- Note: There is no Group Policy corresponding to this registry key.
+
+ -or-
+
+- Create a REG_DWORD registry setting named **CloudServiceSyncEnabled** in **HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Messaging** and set to a **value of 0 (zero)**.
### 22. Teredo
@@ -1792,11 +1818,11 @@ You can disable Teredo by using Group Policy or by using the netsh.exe command.
>[!NOTE]
>If you disable Teredo, some XBOX gaming features and Windows Update Delivery Optimization will not work.
-- Enable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Network** > **TCPIP Settings** > **IPv6 Transition Technologies** > **Set Teredo State** and set it to **Disabled State**.
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Network** > **TCPIP Settings** > **IPv6 Transition Technologies** > **Set Teredo State** and set it to **Disabled State**.
-or-
-- Create a new REG\_SZ registry setting named **Teredo_State** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\TCPIP\\v6Transition** with a value of **Disabled**.
+- Create a new REG_SZ registry setting named **Teredo_State** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\TCPIP\\v6Transition** with a value of **Disabled**.
-or-
@@ -1811,23 +1837,23 @@ Wi-Fi Sense automatically connects devices to known hotspots and to the wireless
To turn off **Connect to suggested open hotspots** and **Connect to networks shared by my contacts**:
-- Turn off the feature in the UI.
+- Turn off the feature in the UI in Settings > Network & Internet > Wi-Fi
-or-
-- Disable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Network** > **WLAN Service** > **WLAN Settings** > **Allow Windows to automatically connect to suggested open hotspots, to networks shared by contacts, and to hotspots offering paid services**.
+- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Network** > **WLAN Service** > **WLAN Settings** > **Allow Windows to automatically connect to suggested open hotspots, to networks shared by contacts, and to hotspots offering paid services**.
-or-
-- Create a new REG\_DWORD registry setting named **AutoConnectAllowedOEM** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\WcmSvc\\wifinetworkmanager\\config** with a value of 0 (zero).
+- Create a new REG_DWORD registry setting named **AutoConnectAllowedOEM** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\WcmSvc\\wifinetworkmanager\\config** with a **value of 0 (zero)**.
-or-
-- Change the Windows Provisioning setting, WiFISenseAllowed, to 0 (zero). For more info, see the Windows Provisioning Settings reference doc, [WiFiSenseAllowed](https://go.microsoft.com/fwlink/p/?LinkId=620909).
+- Change the Windows Provisioning setting, WiFISenseAllowed, to **0 (zero)**. For more info, see the Windows Provisioning Settings reference doc, [WiFiSenseAllowed](https://go.microsoft.com/fwlink/p/?LinkId=620909).
-or-
-- Use the Unattended settings to set the value of WiFiSenseAllowed to 0 (zero). For more info, see the Unattended Windows Setup reference doc, [WiFiSenseAllowed](https://go.microsoft.com/fwlink/p/?LinkId=620910).
+- Use the Unattended settings to set the value of WiFiSenseAllowed to **0 (zero)**. For more info, see the Unattended Windows Setup reference doc, [WiFiSenseAllowed](https://go.microsoft.com/fwlink/p/?LinkId=620910).
When turned off, the Wi-Fi Sense settings still appear on the Wi-Fi Settings screen, but they’re non-functional and they can’t be controlled by the employee.
@@ -1835,67 +1861,79 @@ When turned off, the Wi-Fi Sense settings still appear on the Wi-Fi Settings scr
You can disconnect from the Microsoft Antimalware Protection Service.
-- Disable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **MAPS** > **Join Microsoft MAPS**
+- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **MAPS** > **Join Microsoft MAPS** and then select **Disabled** from the drop down box named **Join Microsoft MAPS**
-or-
-- Delete the registry setting **named** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\Updates**.
+- Use the registry to set the REG_DWORD value **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows Defender\\Spynet\\SpyNetReporting** to **0 (zero)**.
+
+ -or-
+
+- Delete the registry setting **named** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Updates**.
-or-
- For Windows 10 only, apply the Defender/AllowClouldProtection MDM policy from the [Defender CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx).
- -or-
-
-- Use the registry to set the REG\_DWORD value **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows Defender\\Spynet\\SpyNetReporting** to 0 (zero).
-
-and-
From an elevated Windows PowerShell prompt, run **set-mppreference -Mapsreporting 0**
You can stop sending file samples back to Microsoft.
-- Set the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **MAPS** > **Send file samples when further analysis is required** to **Always Prompt** or **Never Send**.
+- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **MAPS** > **Send file samples when further analysis is required** to **Never Send**.
-or-
-- For Windows 10 only, apply the Defender/SubmitSamplesConsent MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender), where:
-
- - **0**. Always prompt.
-
- - **1**. (default) Send safe samples automatically.
-
- - **2**. Never send.
-
- - **3**. Send all samples automatically.
+- For Windows 10 only, apply the Defender/SubmitSamplesConsent MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender) to **2 (two) for Never Send**.
-or-
-- Use the registry to set the REG\_DWORD value **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows Defender\\Spynet\\SubmitSamplesConsent** to 0 (zero) to always prompt or 2 to never send.
+- Use the registry to set the REG_DWORD value **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows Defender\\Spynet\\SubmitSamplesConsent** to **2 (two) for Never Send**.
-You can stop downloading definition updates:
-- Enable the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Signature Updates** > **Define the order of sources for downloading definition updates** and set it to **FileShares**.
+You can stop downloading **Definition Updates**:
+
+- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Signature Updates** > **Define the order of sources for downloading definition updates** and set it to **FileShares**.
-and-
-- Disable the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Signature Updates** > **Define file shares for downloading definition updates** and set it to nothing.
+- **Disable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Signature Updates** > **Define file shares for downloading definition updates** and set it to **Nothing**.
-or-
-- Create a new REG\_SZ registry setting named **FallbackOrder** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\Updates** with a value of **FileShares**.
+- Create a new REG_SZ registry setting named **FallbackOrder** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Signature Updates** with a value of **FileShares**.
-For Windows 10 only, you can stop Enhanced Notifications:
+ -and-
-- Turn off the feature in the UI.
+- **Remove** the **DefinitionUpdateFileSharesSources** reg value if it exists under **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Signature Updates**
+
+
+You can turn off **Malicious Software Reporting Tool diagnostic data**:
+
+- Set the REG_DWORD value **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\MRT\\DontReportInfectionInformation** to **1**.
+
+**Note:** There is no Group Policy to turn off the Malicious Software Reporting Tool diagnostic data.
+
+
+You can turn off **Enhanced Notifications** as follows:
+
+- Set in the UI: Settings -> Update & Security -> Windows Security -> Virus & Threat Protection -> Virus & Threat Protection Manage Settings -> scroll to bottom for Notifications, click Change Notifications Settings -> Notifications -> click Manage Notifications -> Turn off General Notifications
+
+ -or-
+
+- **Enable** the Group Policy **Turn off enhanced notifications** under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Reporting**.
+
+ -or-
+
+- Create a new REG_SZ registry setting named **DisableEnhancedNotifications** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\Reporting** to a value of **1**.
-You can also use the registry to turn off Malicious Software Reporting Tool diagnostic data by setting the REG\_DWORD value **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\MRT\\DontReportInfectionInformation** to 1.
### 24.1 Windows Defender SmartScreen
To disable Windows Defender Smartscreen:
-- In Group Policy, configure - **Computer Configuration > Administrative Templates > Windows Components > Windows Defender SmartScreen > Explorer > Configure Windows Defender SmartScreen** : **Disable**
+- In Group Policy, configure - **Computer Configuration > Administrative Templates > Windows Components > Windows Defender SmartScreen > Explorer > Configure Windows Defender SmartScreen** to be **Disabled**
-and-
@@ -1903,137 +1941,148 @@ To disable Windows Defender Smartscreen:
-and-
-- **Computer Configuration > Administrative Templates > Windows Components > Windows Defender SmartScreen > Explorer > Configure app install control** : **Enable**
+- **Computer Configuration > Administrative Templates > Windows Components > Windows Defender SmartScreen > Explorer > Configure app install control** : **Enable**, and select **Turn off app recommendations**
- -or-
+-OR-
-- Create a REG_DWORD registry setting named **EnableSmartScreen** in **HKEY_LOCAL_MACHINE\Sofware\Policies\Microsoft\Windows\System** with a value of 0 (zero).
+- Create a REG_DWORD registry setting named **EnableSmartScreen** in **HKEY_LOCAL_MACHINE\\Sofware\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
-and-
-- Create a REG_DWORD registry setting named **ConfigureAppInstallControlEnabled** in **HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen** with a value of 1.
-
+- Create a REG_DWORD registry setting named **ConfigureAppInstallControlEnabled** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\SmartScreen** with a **value of 1**.
+
-and-
-- Create a SZ registry setting named **ConfigureAppInstallControl** in **HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen** with a value of **Anywhere**.
+- Create a SZ registry setting named **ConfigureAppInstallControl** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\SmartScreen** with a value of **Anywhere**.
- -or-
+-OR-
-- Apply the Browser/AllowSmartScreen MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where 0 is turned off and 1 is turned on.
+- Set the Browser/AllowSmartScreen MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) to **0 (turned Off)**.
-### 25. Windows Media Player
-To remove Windows Media Player on Windows 10:
-
-- From the **Programs and Features** control panel, click **Turn Windows features on or off**, under **Media Features**, clear the **Windows Media Player** check box, and then click **OK**.
-
- -or-
-
-- Run the following DISM command from an elevated command prompt: **dism /online /Disable-Feature /FeatureName:WindowsMediaPlayer**
-
-To remove Windows Media Player on Windows Server 2016:
-
-- Run the following DISM command from an elevated command prompt: **dism /online /Disable-Feature /FeatureName:WindowsMediaPlayer**
-
-### 26. Windows Spotlight
+### 25. Windows Spotlight
Windows Spotlight provides features such as different background images and text on the lock screen, suggested apps, Microsoft account notifications, and Windows tips. You can control it by using the user interface, MDM policy, or through Group Policy.
-If you're running Windows 10, version 1607 or later, you only need to enable the following Group Policy:
+If you're running Windows 10, version 1607 or later, you need to:
-- **User Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Turn off all Windows spotlight features**
+- **Enable** the following Group Policy **User Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Turn off all Windows spotlight features**
> [!NOTE]
> This must be done within 15 minutes after Windows 10 is installed. Alternatively, you can create an image with this setting.
- -or-
+ -or-
- For Windows 10 only, apply the Experience/AllowWindowsSpotlight MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience), with a value of 0 (zero).
- -or-
+ -or-
-- Create a new REG\_DWORD registry setting named **DisableWindowsSpotlightFeatures** in **HKEY\_CURRENT\_USER\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a value of 1 (one).
+- Create a new REG_DWORD registry setting named **DisableWindowsSpotlightFeatures** in **HKEY_CURRENT_USER\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a value of 1 (one).
--and-
+-AND-
-- **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Personalization** > **Do not display the Lock Screen**
+- Enable the following Group Policy **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Personalization** > **Do not display the Lock Screen**
- -or-
+ -or-
-- Create a new REG\_DWORD registry setting named **NoLockScreen** in **HKEY\Local\Machine\\SOFTWARE\\Policies\\Microsoft\\Windows\\Personalization** with a value of 1 (one).
+- Create a new REG_DWORD registry setting named **NoLockScreen** in **HKEY_Local_Machine\\SOFTWARE\\Policies\\Microsoft\\Windows\\Personalization** with a **value of 1 (one)**
-If you're not running Windows 10, version 1607 or later, you can use the other options in this section.
-- Configure the following in **Settings**:
+-AND-
- - **Personalization** > **Lock screen** > **Background** > **Windows spotlight**, select a different background, and turn off **Get fun facts, tips, tricks and more on your lock screen**.
- - **Personalization** > **Start** > **Occasionally show suggestions in Start**.
+- Configure the following in **Settings** UI:
- - **System** > **Notifications & actions** > **Show me tips about Windows**.
+ - **Personalization** > **Lock screen** > **Background** > **Windows spotlight**, select a different background, and turn off **Get fun facts, tips, tricks and more on your lock screen**
- -or-
+ - **Personalization** > **Start** > **Occasionally show suggestions in Start**
+
+ - **System** > **Notifications & actions** > **Show me tips about Windows**
+
+ -or-
- Apply the Group Policies:
- - **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Personalization** > **Force a specific default lock screen image**.
- - Add a location in the **Path to local lock screen image** box.
+ - **Enable** the **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Personalization** > **Force a specific default lock screen image and logon image** Group Policy.
+ - Add **C:\\windows\\web\\screen\\lockscreen.jpg** as the location in the **Path to local lock screen image** box.
- - Set the **Turn off fun facts, tips, tricks, and more on lock screen** check box.
+ - Check the **Turn off fun facts, tips, tricks, and more on lock screen** check box.
> [!NOTE]
- > This will only take effect if the policy is applied before the first logon. If you cannot apply the **Force a specific default lock screen image** policy before the first logon to the device, you can apply this policy: **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Personalization** > **Do not display the lock screen**. Alternatively, you can create a new REG\_SZ registry setting named **LockScreenImage** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Personalization** with a value of **C:\\windows\\web\\screen\\lockscreen.jpg** and create a new REG\_DWORD registry setting named **LockScreenOverlaysDisabled** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Personalization** with a value of 1 (one).
+ > This will only take effect if the policy is applied before the first logon.
+ > If you cannot apply the **Force a specific default lock screen image** policy before the first logon to the device,
+ > you can **Enable** the **Do not display the lock screen** policy under **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Personalization**
+
+ > Alternatively, you can create a new REG_SZ registry setting named **LockScreenImage** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Personalization**
+ > with a value of **C:\\windows\\web\\screen\\lockscreen.jpg** and create a new REG_DWORD registry setting named **LockScreenOverlaysDisabled** in
+ > **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Personalization** with a value of **1 (one)**.
+
+ > The Group Policy for the **LockScreenOverlaysDisabled** regkey is **Force a specific default lock screen and logon image** that is under **Control Panel** **Personalization**.
- - **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Do not show Windows tips**.
+-AND-
- -or-
- - Create a new REG\_DWORD registry setting named **DisableSoftLanding** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a value of 1 (one).
+ - Set the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Do not show Windows tips** to **Enabled**
- - **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Turn off Microsoft consumer experiences**.
+ -or-
- -or-
+ - Create a new REG_DWORD registry setting named **DisableSoftLanding** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a **value of 1 (one)**
- - Create a new REG\_DWORD registry setting named **DisableWindowsConsumerFeatures** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a value of 1 (one).
- - This policy setting controls whether the lock screen appears for users. The Do not display the lock screen Group Policy should be set to Enable to prevent the lock screen from being displayed. The Group Computer Configuration\Administrative templates\Control Panel\Personalization!Do not display the lock screen.
+-AND-
- - If you enable this policy setting, users that are not required to press CTRL + ALT + DEL before signing in will see their selected tile after locking their PC.
- - If you disable or do not configure this policy setting, users that are not required to press CTRL + ALT + DEL before signing in will see a lock screen after locking their PC. They must dismiss the lock screen using touch, the keyboard, or by dragging it with the mouse.
+ - Set the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Turn off Microsoft consumer experiences** to **Enabled**
+
+ -or-
+
+ - Create a new REG_DWORD registry setting named **DisableWindowsConsumerFeatures** in **HKEY_LOCAL_MACHINE\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a **value of 1 (one)**
+
+
+This policy setting controls whether the lock screen appears for users. The Do not display the lock screen Group Policy should be set to Enable to prevent the lock screen from being displayed. The Group Computer Configuration\Administrative templates\Control Panel\Personalization!Do not display the lock screen.
+
+If you enable this policy setting, users that are not required to press CTRL + ALT + DEL before signing in will see their selected tile after locking their PC.
+
+If you disable or do not configure this policy setting, users that are not required to press CTRL + ALT + DEL before signing in will see a lock screen after locking their PC. They must dismiss the lock screen using touch, the keyboard, or by dragging it with the mouse.
For more info, see [Windows Spotlight on the lock screen](/windows/configuration/windows-spotlight).
-### 27. Microsoft Store
+### 26. Microsoft Store
You can turn off the ability to launch apps from the Microsoft Store that were preinstalled or downloaded.
This will also turn off automatic app updates, and the Microsoft Store will be disabled.
In addition, new email accounts cannot be created by clicking **Settings** > **Accounts** > **Email & app accounts** > **Add an account**.
On Windows Server 2016, this will block Microsoft Store calls from Universal Windows Apps.
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Store** > **Disable all apps from Microsoft Store**.
+- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Store** > **Disable all apps from Microsoft Store**.
-or-
- - Create a new REG\_DWORD registry setting named **DisableStoreApps** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsStore** with a value of 1 (one).
+- Create a new REG_DWORD registry setting named **DisableStoreApps** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsStore** with a value of 1 (one).
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Store** > **Turn off Automatic Download and Install of updates**.
+-AND-
+
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Store** > **Turn off Automatic Download and Install of updates**.
-or-
- - Create a new REG\_DWORD registry setting named **AutoDownload** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsStore** with a value of 2 (two).
+- Create a new REG_DWORD registry setting named **AutoDownload** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsStore** with a value of 2 (two).
-### 27.1 Apps for websites
+### 26.1 Apps for websites
You can turn off apps for websites, preventing customers who visit websites that are registered with their associated app from directly launching the app.
-Disable the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Group Policy** > **Configure web-to-app linking with URI handlers**
+**Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Group Policy** > **Configure web-to-app linking with URI handlers**
-### 28. Windows Update Delivery Optimization
+ -or-
+
+- Create a new REG_DWORD registry setting named **EnableAppUriHandlers** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
+
+### 27. Windows Update Delivery Optimization
Windows Update Delivery Optimization lets you get Windows updates and Microsoft Store apps from sources in addition to Microsoft, which not only helps when you have a limited or unreliable Internet connection, but can also help you reduce the amount of bandwidth needed to keep all of your organization's PCs up-to-date. If you have Delivery Optimization turned on, PCs on your network may send and receive updates and apps to other PCs on your local network, if you choose, or to PCs on the Internet.
@@ -2041,33 +2090,39 @@ By default, PCs running Windows 10 Enterprise and Windows 10 Education will only
Use the UI, Group Policy, MDM policies, or Windows Provisioning to set up Delivery Optimization.
-In Windows 10, version 1607, you can stop network traffic related to Windows Update Delivery Optimization by setting **Download Mode** to **Simple** (99) or **Bypass** (100), as described below.
+In Windows 10 version 1607 and above you can stop network traffic related to Windows Update Delivery Optimization by setting **Download Mode** to **Bypass** (100), as described below.
-### 28.1 Settings > Update & security
+### 27.1 Settings > Update & security
You can set up Delivery Optimization from the **Settings** UI.
- Go to **Settings** > **Update & security** > **Windows Update** > **Advanced options** > **Choose how updates are delivered**.
-### 28.2 Delivery Optimization Group Policies
+### 27.2 Delivery Optimization Group Policies
You can find the Delivery Optimization Group Policy objects under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Delivery Optimization**.
| Policy | Description |
|---------------------------|-----------------------------------------------------------------------------------------------------|
-| Download Mode | Lets you choose where Delivery Optimization gets or sends updates and apps, including None. Turns off Delivery Optimization.
Group. Gets or sends updates and apps to PCs on the same local network domain.
Internet. Gets or sends updates and apps to PCs on the Internet.
LAN. Gets or sends updates and apps to PCs on the same NAT only.
Simple. Simple download mode with no peering.
Bypass. Use BITS instead of Windows Update Delivery Optimization.Set to Bypass to restrict traffic.
|
+| Download Mode | Lets you choose where Delivery Optimization gets or sends updates and apps, including None. Turns off Delivery Optimization.
Group. Gets or sends updates and apps to PCs on the same local network domain.
Internet. Gets or sends updates and apps to PCs on the Internet.
LAN. Gets or sends updates and apps to PCs on the same NAT only.
Simple. Simple download mode with no peering.
Bypass. Use BITS instead of Windows Update Delivery Optimization. **Set to Bypass** to restrict traffic.
|
| Group ID | Lets you provide a Group ID that limits which PCs can share apps and updates.
**Note:** This ID must be a GUID.|
| Max Cache Age | Lets you specify the maximum time (in seconds) that a file is held in the Delivery Optimization cache.
The default value is 259200 seconds (3 days).|
| Max Cache Size | Lets you specify the maximum cache size as a percentage of disk size.
The default value is 20, which represents 20% of the disk.|
| Max Upload Bandwidth | Lets you specify the maximum upload bandwidth (in KB/second) that a device uses across all concurrent upload activity.
The default value is 0, which means unlimited possible bandwidth.|
-Set the Delivery Optimization Group Policy to "Bypass" to prevent traffic. Alternatively, you can set the **Download Mode** policy by creating a new REG\_DWORD registry setting named **DODownloadMode** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\DeliveryOptimization** to a value of 100 (one hundred).
+### 27.3 Delivery Optimization
-### 28.3 Delivery Optimization MDM policies
+- **Enable** the **Download Mode** Group Policy under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Delivery Optimization** and set the **Download Mode** to **"Bypass"** to prevent traffic.
+
+-or-
+
+- Create a new REG_DWORD registry setting named **DODownloadMode** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\DeliveryOptimization** to a value of **100 (one hundred)**.
+
+### 27.4 Delivery Optimization MDM policies
The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx).
-| Policy | Description |
+| MDM Policy | Description |
|---------------------------|-----------------------------------------------------------------------------------------------------|
| DeliveryOptimization/DODownloadMode | Lets you choose where Delivery Optimization gets or sends updates and apps, including 0. Turns off Delivery Optimization.
1. Gets or sends updates and apps to PCs on the same NAT only.
2. Gets or sends updates and apps to PCs on the same local network domain.
3. Gets or sends updates and apps to PCs on the Internet.
99. Simple download mode with no peering.
100. Use BITS instead of Windows Update Delivery Optimization.
|
| DeliveryOptimization/DOGroupID | Lets you provide a Group ID that limits which PCs can share apps and updates.
**Note** This ID must be a GUID.|
@@ -2076,52 +2131,54 @@ The following Delivery Optimization MDM policies are available in the [Policy CS
| DeliveryOptimization/DOMaxUploadBandwidth | Lets you specify the maximum upload bandwidth (in KB/second) that a device uses across all concurrent upload activity.
The default value is 0, which means unlimited possible bandwidth.|
-### 28.4 Delivery Optimization Windows Provisioning
-
-If you don't have an MDM server in your enterprise, you can use Windows Provisioning to configure the Delivery Optimization policies
-
-Use Windows ICD, included with the [Windows Assessment and Deployment Kit (Windows ADK)](https://go.microsoft.com/fwlink/p/?LinkId=526803), to create a provisioning package for Delivery Optimization.
-
-1. Open Windows ICD, and then click **New provisioning package**.
-
-2. In the **Name** box, type a name for the provisioning package, and then click **Next.**
-
-3. Click the **Common to all Windows editions** option, click **Next**, and then click **Finish**.
-
-4. Go to **Runtime settings** > **Policies** > **DeliveryOptimization** to configure the policies.
-
For more info about Delivery Optimization in general, see [Windows Update Delivery Optimization: FAQ](https://go.microsoft.com/fwlink/p/?LinkId=730684).
-### 29. Windows Update
+### 28. Windows Update
You can turn off Windows Update by setting the following registry entries:
-- Add a REG\_DWORD value named **DoNotConnectToWindowsUpdateInternetLocations** to **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\WindowsUpdate** and set the value to 1.
+- Add a REG_DWORD value named **DoNotConnectToWindowsUpdateInternetLocations** to **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\WindowsUpdate** and set the value to 1.
-and-
-- Add a REG\_DWORD value named **DisableWindowsUpdateAccess** to **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\WindowsUpdate** and set the value to 1.
+- Add a REG_DWORD value named **DisableWindowsUpdateAccess** to **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\WindowsUpdate** and set the value to 1.
-and-
-- Add a REG\_DWORD value named **UseWUServer** to **HKEY\_LOCAL\_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU** and set the value to 1.
-
- -or-
-
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Update** > **Do not connect to any Windows Update Internet locations**.
+- Add a REG_SZ value named **WUServer** to **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\WindowsUpdate** and ensure it is blank with a space character **" "**.
-and-
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Internet Communication Management** > **Internet Communication Settings** > **Turn off access to all Windows Update features**.
+- Add a REG_SZ value named **WUStatusServer** to **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\WindowsUpdate** and ensure it is blank with a space character **" "**.
-and-
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Update** > **Specify intranet Microsoft update service location** and set the **Set the alternate download server** to " ".
+- Add a REG_SZ value named **UpdateServiceUrlAlternate** to **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\WindowsUpdate** and ensure it is blank with a space character **" "**.
+
+ -and-
+
+- Add a REG_DWORD value named **UseWUServer** to **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\WindowsUpdate\\AU** and set the value to 1.
+
+-OR-
+
+- Set the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Update** > **Do not connect to any Windows Update Internet locations** to **Enabled**
+
+ -and-
+
+- Set the Group Policy **Computer Configuration** > **Administrative Templates** > **System** > **Internet Communication Management** > **Internet Communication Settings** > **Turn off access to all Windows Update features** to **Enabled**
+
+ -and-
+
+- Set the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Update** > **Specify intranet Microsoft update service location** to **Enabled** and ensure all Option settings (Intranet Update Service, Intranet Statistics Server, Alternate Download Server) are set to **" "**
+
+ -and-
+
+- Set the Group Policy **User Configuration** > **Administrative Templates** > **Windows Components** > **Windows Update** > **Remove access to use all Windows Update features** to **Enabled** and then set **Computer Configurations** to **0 (zero)**.
You can turn off automatic updates by doing one of the following. This is not recommended.
-- Add a REG\_DWORD value named **AutoDownload** to **HKEY\_LOCAL\_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\WindowsStore\\WindowsUpdate** and set the value to 5.
+- Add a REG_DWORD value named **AutoDownload** to **HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\WindowsStore\\WindowsUpdate** and set the value to 5.
-or-
@@ -2139,5 +2196,12 @@ You can turn off automatic updates by doing one of the following. This is not re
- **5**. Turn off automatic updates.
+For China releases of Windows 10 there is one additional Regkey to be set to prevent traffic:
+
+- Add a REG_DWORD value named **HapDownloadEnabled** to **HKEY_LOCAL_MACHINE\\Software\\Microsoft\\LexiconUpdate\\loc_0804** and set the value to 0.
+
+
+
+
To learn more, see [Device update management](https://msdn.microsoft.com/library/windows/hardware/dn957432.aspx) and [Configure Automatic Updates by using Group Policy](https://technet.microsoft.com/library/cc720539.aspx).
diff --git a/windows/privacy/manage-windows-1709-endpoints.md b/windows/privacy/manage-windows-1709-endpoints.md
index a3e6817d6a..3c4c5afdbb 100644
--- a/windows/privacy/manage-windows-1709-endpoints.md
+++ b/windows/privacy/manage-windows-1709-endpoints.md
@@ -405,52 +405,21 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper
|----------------|----------|------------|
| svchost | HTTPS | *.prod.do.dsp.mp.microsoft.com |
-The following endpoints are used to download operating system patches and updates.
+The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store.
If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not be able to download updates for the operating system.
| Source process | Protocol | Destination |
|----------------|----------|------------|
| svchost | HTTP | *.windowsupdate.com |
-| | HTTP | fg.download.windowsupdate.com.c.footprint.net |
-
-The following endpoint is used by the Highwinds Content Delivery Network to perform Windows updates.
-If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not perform updates.
-
-| Source process | Protocol | Destination |
-|----------------|----------|------------|
-| | | cds.d2s7q6s2.hwcdn.net |
-
-The following endpoints are used by the Verizon Content Delivery Network to perform Windows updates.
-If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not perform updates.
-
-| Source process | Protocol | Destination |
-|----------------|----------|------------|
-| | HTTP | *wac.phicdn.net |
-| | | *wac.edgecastcdn.net |
-
-The following endpoint is used to download apps and Windows Insider Preview builds from the Microsoft Store. Time Limited URL (TLU) is a mechanism for protecting the content. For example, it prevents someone from copying the URL and then getting access to the app that the person has not acquired).
-If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the updating functionality on this device is essentially in a disabled state, resulting in user unable to get apps from the Store, get latest version of Windows, and so on.
-
-| Source process | Protocol | Destination |
-|----------------|----------|------------|
-| svchost | | *.tlu.dl.delivery.mp.microsoft.com.c.footprint.net |
-
-The following endpoint is used to download apps from the Microsoft Store. It's used as part of calculating the right ranges for apps.
-If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), users of the device will not able to get apps from the Microsoft Store.
-
-| Source process | Protocol | Destination |
-|----------------|----------|------------|
-| svchost | | emdl.ws.microsoft.com |
+| svchost | HTTP | *.dl.delivery.mp.microsoft.com |
The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store.
If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not be able to connect to Windows Update and Microsoft Update to help keep the device secure. Also, the device will not be able to acquire and update apps from the Store.
| Source process | Protocol | Destination |
|----------------|----------|------------|
-| svchost | HTTPS | fe2.update.microsoft.com |
-| svchost | | fe3.delivery.mp.microsoft.com |
-| | | fe3.delivery.dsp.mp.microsoft.com.nsatc.net |
-| svchost | HTTPS | sls.update.microsoft.com |
+| svchost | HTTPS | *.update.microsoft.com |
+| svchost | HTTPS | *.delivery.mp.microsoft.com |
The following endpoint is used for content regulation.
If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the Windows Update Agent will be unable to contact the endpoint and fallback behavior will be used. This may result in content being either incorrectly downloaded or not downloaded at all.
@@ -459,14 +428,6 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper
|----------------|----------|------------|
| svchost | HTTPS | tsfe.trafficshaping.dsp.mp.microsoft.com |
-The following endpoints are used to download content.
-If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), you will block any content from being downloaded.
-
-| Source process | Protocol | Destination |
-|----------------|----------|------------|
-| | | a122.dscd.akamai.net |
-| | | a1621.g.akamai.net |
-
## Microsoft forward link redirection service (FWLink)
The following endpoint is used by the Microsoft forward link redirection service (FWLink) to redirect permanent web links to their actual, sometimes transitory, URL. FWlinks are similar to URL shorteners, just longer.
@@ -490,4 +451,4 @@ To view endpoints for non-Enterprise Windows 10 editions, see:
## Related links
- [Office 365 URLs and IP address ranges](https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US)
-- [Network infrastructure requirements for Microsoft Intune](https://docs.microsoft.com/intune/get-started/network-infrastructure-requirements-for-microsoft-intune)
\ No newline at end of file
+- [Network infrastructure requirements for Microsoft Intune](https://docs.microsoft.com/intune/get-started/network-infrastructure-requirements-for-microsoft-intune)
diff --git a/windows/privacy/manage-windows-1803-endpoints.md b/windows/privacy/manage-windows-1803-endpoints.md
index c23ac04672..44e5f88ceb 100644
--- a/windows/privacy/manage-windows-1803-endpoints.md
+++ b/windows/privacy/manage-windows-1803-endpoints.md
@@ -410,53 +410,21 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper
|----------------|----------|------------|
| svchost | HTTPS | *.prod.do.dsp.mp.microsoft.com |
-The following endpoints are used to download operating system patches and updates.
+The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store.
If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not be able to download updates for the operating system.
| Source process | Protocol | Destination |
|----------------|----------|------------|
| svchost | HTTP | *.windowsupdate.com |
-| | HTTP | fg.download.windowsupdate.com.c.footprint.net |
-
-The following endpoint is used by the Highwinds Content Delivery Network to perform Windows updates.
-If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not perform updates.
-
-| Source process | Protocol | Destination |
-|----------------|----------|------------|
-| | | cds.d2s7q6s2.hwcdn.net |
-
-The following endpoints are used by the Verizon Content Delivery Network to perform Windows updates.
-If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not perform updates.
-
-| Source process | Protocol | Destination |
-|----------------|----------|------------|
-| | HTTP | *wac.phicdn.net |
-| | | *wac.edgecastcdn.net |
-
-The following endpoint is used to download apps and Windows Insider Preview builds from the Microsoft Store. Time Limited URL (TLU) is a mechanism for protecting the content. For example, it prevents someone from copying the URL and then getting access to the app that the person has not acquired).
-If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the updating functionality on this device is essentially in a disabled state, resulting in user unable to get apps from the Store, get latest version of Windows, and so on.
-
-| Source process | Protocol | Destination |
-|----------------|----------|------------|
-| svchost | | *.tlu.dl.delivery.mp.microsoft.com.c.footprint.net |
-
-The following endpoint is used to download apps from the Microsoft Store. It's used as part of calculating the right ranges for apps.
-If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), users of the device will not able to get apps from the Microsoft Store.
-
-| Source process | Protocol | Destination |
-|----------------|----------|------------|
-| svchost | | emdl.ws.microsoft.com |
+| svchost | HTTP | *.dl.delivery.mp.microsoft.com |
The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store.
If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not be able to connect to Windows Update and Microsoft Update to help keep the device secure. Also, the device will not be able to acquire and update apps from the Store.
| Source process | Protocol | Destination |
|----------------|----------|------------|
-| svchost | HTTPS | fe2.update.microsoft.com |
-| svchost | | fe3.delivery.mp.microsoft.com |
-| | | fe3.delivery.dsp.mp.microsoft.com.nsatc.net |
-| svchost | HTTPS | sls.update.microsoft.com |
-| | HTTP | *.dl.delivery.mp.microsoft.com |
+| svchost | HTTPS | *.update.microsoft.com |
+| svchost | HTTPS | *.delivery.mp.microsoft.com |
The following endpoint is used for content regulation.
If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the Windows Update Agent will be unable to contact the endpoint and fallback behavior will be used. This may result in content being either incorrectly downloaded or not downloaded at all.
@@ -465,14 +433,6 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper
|----------------|----------|------------|
| svchost | HTTPS | tsfe.trafficshaping.dsp.mp.microsoft.com |
-The following endpoints are used to download content.
-If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), you will block any content from being downloaded.
-
-| Source process | Protocol | Destination |
-|----------------|----------|------------|
-| | | a122.dscd.akamai.net |
-| | | a1621.g.akamai.net |
-
## Microsoft forward link redirection service (FWLink)
The following endpoint is used by the Microsoft forward link redirection service (FWLink) to redirect permanent web links to their actual, sometimes transitory, URL. FWlinks are similar to URL shorteners, just longer.
@@ -496,4 +456,4 @@ To view endpoints for non-Enterprise Windows 10 editions, see:
## Related links
- [Office 365 URLs and IP address ranges](https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US)
-- [Network infrastructure requirements for Microsoft Intune](https://docs.microsoft.com/intune/get-started/network-infrastructure-requirements-for-microsoft-intune)
\ No newline at end of file
+- [Network infrastructure requirements for Microsoft Intune](https://docs.microsoft.com/intune/get-started/network-infrastructure-requirements-for-microsoft-intune)
diff --git a/windows/privacy/manage-windows-1809-endpoints.md b/windows/privacy/manage-windows-1809-endpoints.md
index 74fa377991..33042b0ada 100644
--- a/windows/privacy/manage-windows-1809-endpoints.md
+++ b/windows/privacy/manage-windows-1809-endpoints.md
@@ -440,53 +440,21 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper
|----------------|----------|------------|
| svchost | HTTPS | *.prod.do.dsp.mp.microsoft.com |
-The following endpoints are used to download operating system patches and updates.
+The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store.
If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not be able to download updates for the operating system.
| Source process | Protocol | Destination |
|----------------|----------|------------|
| svchost | HTTP | *.windowsupdate.com |
-| | HTTP | fg.download.windowsupdate.com.c.footprint.net |
-
-The following endpoint is used by the Highwinds Content Delivery Network to perform Windows updates.
-If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not perform updates.
-
-| Source process | Protocol | Destination |
-|----------------|----------|------------|
-| | | cds.d2s7q6s2.hwcdn.net |
-
-The following endpoints are used by the Verizon Content Delivery Network to perform Windows updates.
-If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not perform updates.
-
-| Source process | Protocol | Destination |
-|----------------|----------|------------|
-| | HTTP | *wac.phicdn.net |
-| | | *wac.edgecastcdn.net |
-
-The following endpoint is used to download apps and Windows Insider Preview builds from the Microsoft Store. Time Limited URL (TLU) is a mechanism for protecting the content. For example, it prevents someone from copying the URL and then getting access to the app that the person has not acquired).
-If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the updating functionality on this device is essentially in a disabled state, resulting in user unable to get apps from the Store, get latest version of Windows, and so on.
-
-| Source process | Protocol | Destination |
-|----------------|----------|------------|
-| svchost | | *.tlu.dl.delivery.mp.microsoft.com.c.footprint.net |
-
-The following endpoint is used to download apps from the Microsoft Store. It's used as part of calculating the right ranges for apps.
-If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), users of the device will not able to get apps from the Microsoft Store.
-
-| Source process | Protocol | Destination |
-|----------------|----------|------------|
-| svchost | | emdl.ws.microsoft.com |
+| svchost | HTTP | *.dl.delivery.mp.microsoft.com |
The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store.
If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not be able to connect to Windows Update and Microsoft Update to help keep the device secure. Also, the device will not be able to acquire and update apps from the Store.
| Source process | Protocol | Destination |
|----------------|----------|------------|
-| svchost | HTTPS | fe2.update.microsoft.com |
-| svchost | | fe3.delivery.mp.microsoft.com |
-| | | fe3.delivery.dsp.mp.microsoft.com.nsatc.net |
-| svchost | HTTPS | sls.update.microsoft.com |
-| | HTTP | *.dl.delivery.mp.microsoft.com |
+| svchost | HTTPS | *.update.microsoft.com |
+| svchost | HTTPS | *.delivery.mp.microsoft.com |
The following endpoint is used for content regulation.
If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the Windows Update Agent will be unable to contact the endpoint and fallback behavior will be used. This may result in content being either incorrectly downloaded or not downloaded at all.
@@ -495,13 +463,6 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper
|----------------|----------|------------|
| svchost | HTTPS | tsfe.trafficshaping.dsp.mp.microsoft.com |
-The following endpoints are used to download content.
-If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), you will block any content from being downloaded.
-
-| Source process | Protocol | Destination |
-|----------------|----------|------------|
-| | | a122.dscd.akamai.net |
-| | | a1621.g.akamai.net |
## Microsoft forward link redirection service (FWLink)
@@ -528,4 +489,4 @@ To view endpoints for non-Enterprise Windows 10 editions, see:
## Related links
- [Office 365 URLs and IP address ranges](https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US)
-- [Network infrastructure requirements for Microsoft Intune](https://docs.microsoft.com/intune/get-started/network-infrastructure-requirements-for-microsoft-intune)
\ No newline at end of file
+- [Network infrastructure requirements for Microsoft Intune](https://docs.microsoft.com/intune/get-started/network-infrastructure-requirements-for-microsoft-intune)
diff --git a/windows/privacy/windows-diagnostic-data.md b/windows/privacy/windows-diagnostic-data.md
index 2b73716da2..dcf4d2be83 100644
--- a/windows/privacy/windows-diagnostic-data.md
+++ b/windows/privacy/windows-diagnostic-data.md
@@ -22,13 +22,13 @@ Applies to:
- Windows 10, version 1803
- Windows 10, version 1709
-Microsoft uses Windows diagnostic data to keep Windows secure and up-to-date, troubleshoot problems, and make product improvements. For users who have turned on "Tailored experiences", it can also be used to offer you personalized tips, ads, and recommendations to enhance Microsoft products and services for your needs. This article describes all types of diagnostic data collected by Windows at the Full level (inclusive of data collected at Basic), with comprehensive examples of data we collect per each type. For additional, detailed technical descriptions of Basic data items, see [Windows 10, version 1803 Basic level diagnostic events and fields](https://docs.microsoft.com/windows/configuration/basic-level-windows-diagnostic-events-and-fields).
+Microsoft uses Windows diagnostic data to keep Windows secure and up-to-date, troubleshoot problems, and make product improvements. For users who have turned on "Tailored experiences", it can also be used to offer you personalized tips, ads, and recommendations to enhance Microsoft products and services for your needs. This article describes all types of diagnostic data collected by Windows at the Full level (inclusive of data collected at Basic), with comprehensive examples of data we collect per each type. For additional, detailed technical descriptions of Basic data items, see [Windows 10, version 1809 Basic level diagnostic events and fields](https://docs.microsoft.com/windows/configuration/basic-level-windows-diagnostic-events-and-fields).
In addition, this article provides references to equivalent definitions for the data types and examples from [ISO/IEC 19944:2017 Information technology -- Cloud computing -- Cloud services and devices: Data flow, data categories and data use](https://www.iso.org/standard/66674.html). Each data type also has a Data Use statement, for diagnostics and for Tailored experiences on the device, using the terms as defined by the standard. These Data Use statements define the purposes for which Microsoft processes each type of Windows diagnostic data, using a uniform set of definitions referenced at the end of this document and based on the ISO standard. Reference to the ISO standard provides additional clarity about the information collected, and allows easy comparison with other services or guidance that also references the standard.
The data covered in this article is grouped into the following types:
-- Common data (diagnostic header information)
+- Common data extensions (diagnostic header information)
- Device, Connectivity, and Configuration data
- Product and Service Usage data
- Product and Service Performance data
@@ -36,15 +36,15 @@ The data covered in this article is grouped into the following types:
- Browsing History data
- Inking, Typing, and Speech Utterance data
-## Common data
+## Common data extensions
Most diagnostic events contain a header of common data. In each example, the info in parentheses provides the equivalent definition for ISO/IEC 19944:2017.
-**Data Use for Common data**
+**Data Use for Common data extensions**
Header data supports the use of data associated with all diagnostic events. Therefore, Common data is used to [provide](#provide) Windows 10, and may be used to [improve](#improve), [personalize](#personalize), [recommend](#recommend), [offer](#offer), or [promote](#promote) Microsoft and third-party products and services, depending on the uses described in the **Data Use** statements for each data category.
-### Data Description for Common data type
+### Data Description for Common data extensions type
-#### Common data type
+#### Common data extensions type
Information that is added to most diagnostic events, if relevant and available:
@@ -506,6 +506,6 @@ Use of the specified data categories to promote a product or service in or on a
Here are the list of data identification qualifiers and the ISO/IEC 19944:2017 reference:
-- **Pseudonymized Data** 8.3.3 Pseudonymized data. Microsoft usage notes are as defined.
-- **Anonymized Data** 8.3.5 Anonymized data. Microsoft usage notes are as defined.
-- **Aggregated Data** 8.3.6 Aggregated data. Microsoft usage notes are as defined.
\ No newline at end of file
+- **Pseudonymized Data** 8.3.3 Pseudonymized data. Microsoft usage notes are as defined.
+- **Anonymized Data** 8.3.5 Anonymized data. Microsoft usage notes are as defined.
+- **Aggregated Data** 8.3.6 Aggregated data. Microsoft usage notes are as defined.
\ No newline at end of file
diff --git a/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md
index 370860330f..b6be3b5acd 100644
--- a/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md
+++ b/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md
@@ -40,52 +40,52 @@ We used the following methodology to derive these network endpoints:
| **Destination** | **Protocol** | **Description** |
| --- | --- | --- |
-|*.aria.microsoft.com* | HTTPS | Office Telemetry
-|*.dl.delivery.mp.microsoft.com* | HTTP | Enables connections to Windows Update.
-|*.download.windowsupdate.com* | HTTP | Used to download operating system patches and updates.
-|*.g.akamai.net | HTTPS | Used to check for updates to maps that have been downloaded for offline use.
-|*.msn.com* |TLSv1.2/HTTPS | Windows Spotlight related traffic
-|*.Skype.com | HTTP/HTTPS | Skype related traffic
-|*.smartscreen.microsoft.com* | HTTPS | Windows Defender Smartscreen related traffic
-|*.telecommand.telemetry.microsoft.com* | HTTPS | Used by Windows Error Reporting.
-|*cdn.onenote.net* | HTTP | OneNote related traffic
-|*displaycatalog.mp.microsoft.com* | HTTPS | Used to communicate with Microsoft Store.
-|*emdl.ws.microsoft.com* | HTTP | Windows Update related traffic
-|*geo-prod.do.dsp.mp.microsoft.com* |TLSv1.2/HTTPS | Enables connections to Windows Update.
-|*hwcdn.net* | HTTP | Used by the Highwinds Content Delivery Network to perform Windows updates.
-|*img-prod-cms-rt-microsoft-com.akamaized.net* | HTTPS | Used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps).
-|*maps.windows.com* | HTTPS | Related to Maps application.
-|*msedge.net* | HTTPS | Used by OfficeHub to get the metadata of Office apps.
-|*nexusrules.officeapps.live.com* | HTTPS | Office Telemetry
-|*photos.microsoft.com* | HTTPS | Photos App related traffic
-|*prod.do.dsp.mp.microsoft.com* |TLSv1.2/HTTPS | Used for Windows Update downloads of apps and OS updates.
-|*wac.phicdn.net* | HTTP | Windows Update related traffic
-|*windowsupdate.com* | HTTP | Windows Update related traffic
-|*wns.windows.com* | HTTPS, TLSv1.2 | Used for the Windows Push Notification Services (WNS).
-|*wpc.v0cdn.net* | | Windows Telemetry related traffic
+|\*.aria.microsoft.com\* | HTTPS | Office Telemetry
+|\*.dl.delivery.mp.microsoft.com\* | HTTP | Enables connections to Windows Update.
+|\*.download.windowsupdate.com\* | HTTP | Used to download operating system patches and updates.
+|\*.g.akamai.net | HTTPS | Used to check for updates to maps that have been downloaded for offline use.
+|\*.msn.com\* |TLSv1.2/HTTPS | Windows Spotlight related traffic
+|\*.Skype.com | HTTP/HTTPS | Skype related traffic
+|\*.smartscreen.microsoft.com\* | HTTPS | Windows Defender Smartscreen related traffic
+|\*.telecommand.telemetry.microsoft.com\* | HTTPS | Used by Windows Error Reporting.
+|\*cdn.onenote.net* | HTTP | OneNote related traffic
+|\*displaycatalog.mp.microsoft.com\* | HTTPS | Used to communicate with Microsoft Store.
+|\*emdl.ws.microsoft.com\* | HTTP | Windows Update related traffic
+|\*geo-prod.do.dsp.mp.microsoft.com\* |TLSv1.2/HTTPS | Enables connections to Windows Update.
+|\*hwcdn.net* | HTTP | Used by the Highwinds Content Delivery Network to perform Windows updates.
+|\*img-prod-cms-rt-microsoft-com.akamaized.net* | HTTPS | Used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps).
+|\*maps.windows.com\* | HTTPS | Related to Maps application.
+|\*msedge.net* | HTTPS | Used by OfficeHub to get the metadata of Office apps.
+|\*nexusrules.officeapps.live.com\* | HTTPS | Office Telemetry
+|\*photos.microsoft.com\* | HTTPS | Photos App related traffic
+|\*prod.do.dsp.mp.microsoft.com\* |TLSv1.2/HTTPS | Used for Windows Update downloads of apps and OS updates.
+|\*wac.phicdn.net* | HTTP | Windows Update related traffic
+|\*windowsupdate.com\* | HTTP | Windows Update related traffic
+|\*wns.windows.com\* | HTTPS, TLSv1.2 | Used for the Windows Push Notification Services (WNS).
+|\*wpc.v0cdn.net* | | Windows Telemetry related traffic
|auth.gfx.ms/16.000.27934.1/OldConvergedLogin_PCore.js | | MSA related
|evoke-windowsservices-tas.msedge* | HTTPS | The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office Online. To turn off traffic for this endpoint, either uninstall the Photos app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.
-|fe2.update.microsoft.com* |TLSv1.2/HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store.
-|fe3.*.mp.microsoft.com.* |TLSv1.2/HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store.
+|fe2.update.microsoft.com\* |TLSv1.2/HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store.
+|fe3.\*.mp.microsoft.com.\* |TLSv1.2/HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store.
|fs.microsoft.com | | Font Streaming (in ENT traffic)
-|g.live.com* | HTTPS | Used by OneDrive
+|g.live.com\* | HTTPS | Used by OneDrive
|iriscoremetadataprod.blob.core.windows.net | HTTPS | Windows Telemetry
-|mscrl.micorosoft.com | | Certificate Revocation List related traffic.
-|ocsp.digicert.com* | HTTP | CRL and OCSP checks to the issuing certificate authorities.
+|mscrl.microsoft.com | | Certificate Revocation List related traffic.
+|ocsp.digicert.com\* | HTTP | CRL and OCSP checks to the issuing certificate authorities.
|officeclient.microsoft.com | HTTPS | Office related traffic.
|oneclient.sfx.ms* | HTTPS | Used by OneDrive for Business to download and verify app updates.
-|purchase.mp.microsoft.com* | HTTPS | Used to communicate with Microsoft Store.
-|query.prod.cms.rt.microsoft.com* | HTTPS | Used to retrieve Windows Spotlight metadata.
-|ris.api.iris.microsoft.com* |TLSv1.2/HTTPS | Used to retrieve Windows Spotlight metadata.
+|purchase.mp.microsoft.com\* | HTTPS | Used to communicate with Microsoft Store.
+|query.prod.cms.rt.microsoft.com\* | HTTPS | Used to retrieve Windows Spotlight metadata.
+|ris.api.iris.microsoft.com\* |TLSv1.2/HTTPS | Used to retrieve Windows Spotlight metadata.
|ris-prod-atm.trafficmanager.net | HTTPS | Azure traffic manager
-|settings.data.microsoft.com* | HTTPS | Used for Windows apps to dynamically update their configuration.
-|settings-win.data.microsoft.com* | HTTPS | Used for Windows apps to dynamically update their configuration.
-|sls.update.microsoft.com* |TLSv1.2/HTTPS | Enables connections to Windows Update.
-|store*.dsx.mp.microsoft.com* | HTTPS | Used to communicate with Microsoft Store.
-|storecatalogrevocation.storequality.microsoft.com* | HTTPS | Used to revoke licenses for malicious apps on the Microsoft Store.
-|store-images.s-microsoft.com* | HTTP | Used to get images that are used for Microsoft Store suggestions.
-|tile-service.weather.microsoft.com* | HTTP | Used to download updates to the Weather app Live Tile.
-|tsfe.trafficshaping.dsp.mp.microsoft.com* |TLSv1.2 | Used for content regulation.
+|settings.data.microsoft.com\* | HTTPS | Used for Windows apps to dynamically update their configuration.
+|settings-win.data.microsoft.com\* | HTTPS | Used for Windows apps to dynamically update their configuration.
+|sls.update.microsoft.com\* |TLSv1.2/HTTPS | Enables connections to Windows Update.
+|store*.dsx.mp.microsoft.com\* | HTTPS | Used to communicate with Microsoft Store.
+|storecatalogrevocation.storequality.microsoft.com\* | HTTPS | Used to revoke licenses for malicious apps on the Microsoft Store.
+|store-images.s-microsoft.com\* | HTTP | Used to get images that are used for Microsoft Store suggestions.
+|tile-service.weather.microsoft.com\* | HTTP | Used to download updates to the Weather app Live Tile.
+|tsfe.trafficshaping.dsp.mp.microsoft.com\* |TLSv1.2 | Used for content regulation.
|v10.events.data.microsoft.com | HTTPS | Diagnostic Data
|wdcp.microsoft.* |TLSv1.2 | Used for Windows Defender when Cloud-based Protection is enabled.
|wd-prod-cp-us-west-1-fe.westus.cloudapp.azure.com | HTTPS | Windows Defender related traffic.
@@ -111,7 +111,7 @@ We used the following methodology to derive these network endpoints:
| ipv4.login.msa.akadns6.net | HTTPS | Used for Microsoft accounts to sign in. |
| location-inference-westus.cloudapp.net | HTTPS | Used for location data. |
| modern.watson.data.microsoft.com.akadns.net | HTTPS | Used by Windows Error Reporting. |
-| ocsp.digicert.com* | HTTP | CRL and OCSP checks to the issuing certificate authorities. |
+| ocsp.digicert.com\* | HTTP | CRL and OCSP checks to the issuing certificate authorities. |
| ris.api.iris.microsoft.com.akadns.net | HTTPS | Used to retrieve Windows Spotlight metadata. |
| tile-service.weather.microsoft.com/* | HTTP | Used to download updates to the Weather app Live Tile. |
| tsfe.trafficshaping.dsp.mp.microsoft.com | HTTPS | Used for content regulation. |
@@ -127,10 +127,10 @@ We used the following methodology to derive these network endpoints:
| *.g.akamaiedge.net | HTTPS | Used to check for updates to maps that have been downloaded for offline use. |
| *.s-msedge.net | HTTPS | Used by OfficeHub to get the metadata of Office apps. |
| *.telecommand.telemetry.microsoft.com.akadns.net | HTTPS | Used by Windows Error Reporting. |
-| *.tlu.dl.delivery.mp.microsoft.com* | HTTP | Enables connections to Windows Update. |
-| *.windowsupdate.com* | HTTP | Enables connections to Windows Update. |
+| *.tlu.dl.delivery.mp.microsoft.com\* | HTTP | Enables connections to Windows Update. |
+| *.windowsupdate.com\* | HTTP | Enables connections to Windows Update. |
| *geo-prod.do.dsp.mp.microsoft.com | HTTPS | Enables connections to Windows Update. |
-| au.download.windowsupdate.com* | HTTP | Enables connections to Windows Update. |
+| au.download.windowsupdate.com\* | HTTP | Enables connections to Windows Update. |
| cdn.onenote.net/livetile/* | HTTPS | Used for OneNote Live Tile. |
| client-office365-tas.msedge.net/* | HTTPS | Used to connect to the Office 365 portal’s shared infrastructure, including Office Online. |
| config.edge.skype.com/* | HTTPS | Used to retrieve Skype configuration values. |
@@ -151,7 +151,7 @@ We used the following methodology to derive these network endpoints:
| maps.windows.com/windows-app-web-link | HTTPS | Link to Maps application |
| modern.watson.data.microsoft.com.akadns.net | HTTPS | Used by Windows Error Reporting. |
| ocos-office365-s2s.msedge.net/* | HTTPS | Used to connect to the Office 365 portal's shared infrastructure. |
-| ocsp.digicert.com* | HTTP | CRL and OCSP checks to the issuing certificate authorities. |
+| ocsp.digicert.com\* | HTTP | CRL and OCSP checks to the issuing certificate authorities. |
| oneclient.sfx.ms/* | HTTPS | Used by OneDrive for Business to download and verify app updates. |
| settings-win.data.microsoft.com/settings/* | HTTPS | Used as a way for apps to dynamically update their configuration. |
| sls.update.microsoft.com/* | HTTPS | Enables connections to Windows Update. |
diff --git a/windows/release-information/TOC.md b/windows/release-information/TOC.md
new file mode 100644
index 0000000000..188c87f7a3
--- /dev/null
+++ b/windows/release-information/TOC.md
@@ -0,0 +1,23 @@
+# [Windows 10 release information](index.md)
+## [Message center](windows-message-center.yml)
+## [Version 1809 and Windows Server 2019](status-windows-10-1809-and-windows-server-2019.yml)
+### [Resolved issues](resolved-issues-windows-10-1809-and-windows-server-2019.yml)
+## [Version 1803](status-windows-10-1803.yml)
+### [Resolved issues](resolved-issues-windows-10-1803.yml)
+## [Version 1709](status-windows-10-1709.yml)
+### [Resolved issues](resolved-issues-windows-10-1709.yml)
+## [Version 1703](status-windows-10-1703.yml)
+### [Resolved issues](resolved-issues-windows-10-1703.yml)
+## [Version 1607 and Windows Server 2016](status-windows-10-1607-and-windows-server-2016.yml)
+### [Resolved issues](resolved-issues-windows-10-1607.yml)
+## [Version 1507](status-windows-10-1507.yml)
+### [Resolved issues](resolved-issues-windows-10-1507.yml)
+## Previous versions
+### [Windows 8.1 and Windows Server 2012 R2](status-windows-8.1-and-windows-server-2012-r2.yml)
+####[Resolved issues](resolved-issues-windows-8.1-and-windows-server-2012-r2.yml)
+### [Windows Server 2012](status-windows-server-2012.yml)
+####[Resolved issues](resolved-issues-windows-server-2012.yml)
+### [Windows 7 and Windows Server 2008 R2](status-windows-7-and-windows-server-2008-r2-sp1.yml)
+####[Resolved issues](resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml)
+### [Windows Server 2008 SP2](status-windows-server-2008-sp2.yml)
+####[Resolved issues](resolved-issues-windows-server-2008-sp2.yml)
\ No newline at end of file
diff --git a/windows/release-information/breadcrumb/toc.yml b/windows/release-information/breadcrumb/toc.yml
new file mode 100644
index 0000000000..61d8fca61e
--- /dev/null
+++ b/windows/release-information/breadcrumb/toc.yml
@@ -0,0 +1,3 @@
+- name: Docs
+ tocHref: /
+ topicHref: /
\ No newline at end of file
diff --git a/windows/release-information/docfx.json b/windows/release-information/docfx.json
new file mode 100644
index 0000000000..a91619d79b
--- /dev/null
+++ b/windows/release-information/docfx.json
@@ -0,0 +1,50 @@
+{
+ "build": {
+ "content": [
+ {
+ "files": [
+ "**/*.md",
+ "**/*.yml"
+ ],
+ "exclude": [
+ "**/obj/**",
+ "**/includes/**",
+ "_themes/**",
+ "_themes.pdf/**",
+ "README.md",
+ "LICENSE",
+ "LICENSE-CODE",
+ "ThirdPartyNotices"
+ ]
+ }
+ ],
+ "resource": [
+ {
+ "files": [
+ "**/*.png",
+ "**/*.jpg"
+ ],
+ "exclude": [
+ "**/obj/**",
+ "**/includes/**",
+ "_themes/**",
+ "_themes.pdf/**"
+ ]
+ }
+ ],
+ "overwrite": [],
+ "externalReference": [],
+ "globalMetadata": {
+ "breadcrumb_path": "/windows/windows-10/breadcrumb/toc.json",
+ "ms.prod": "w10",
+ "ms.date": "4/30/2019",
+ "titleSuffix": "Windows Release Information",
+ "extendBreadcrumb": true,
+ "feedback_system": "None"
+ },
+ "fileMetadata": {},
+ "template": [],
+ "dest": "release-information",
+ "markdownEngineName": "markdig"
+ }
+}
diff --git a/windows/release-information/index.md b/windows/release-information/index.md
new file mode 100644
index 0000000000..2aa38be1de
--- /dev/null
+++ b/windows/release-information/index.md
@@ -0,0 +1,30 @@
+---
+title: Windows 10 - release information
+description: Learn release information for Windows 10 releases
+keywords: ["Windows 10", "Windows 10 October 2018 Update"]
+ms.prod: w10
+layout: LandingPage
+ms.topic: landing-page
+ms.mktglfcycl: deploy
+ms.sitesec: library
+author: lizap
+ms.author: elizapo
+ms.localizationpriority: high
+---
+# Windows 10 release information
+
+Feature updates for Windows 10 are released twice a year, targeting March and September, via the Semi-Annual Channel (SAC) and will be serviced with monthly quality updates for 18 months from the date of the release. We recommend that you begin deployment of each SAC release immediately to devices selected for early adoption and ramp up to full deployment at your discretion. This will enable you to gain access to new features, experiences, and integrated security as soon as possible.
+
+Starting with Windows 10, version 1809, feature updates for Windows 10 Enterprise and Education editions with a targeted release month of September will be serviced for 30 months from their release date. For information about servicing timelines, see the [Windows lifecycle fact sheet](https://support.microsoft.com/help/13853).
+
+>[!NOTE]
+>If you are not using Windows Update for Business today, the "Semi-Annual Channel (Targeted)" servicing option has no impact on when your devices will be updated. It merely reflects a milestone for the semi-annual release, the period of time during which Microsoft recommends that your IT team make the release available to specific, "targeted" devices for the purpose of validating and generating data in order to get to a broad deployment decision. For more information, see [this blog post](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-Update-for-Business-and-the-retirement-of-SAC-T/ba-p/339523).
+
+
+
+
+
diff --git a/windows/release-information/resolved-issues-windows-10-1507.yml b/windows/release-information/resolved-issues-windows-10-1507.yml
new file mode 100644
index 0000000000..380ff97270
--- /dev/null
+++ b/windows/release-information/resolved-issues-windows-10-1507.yml
@@ -0,0 +1,105 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Resolved issues in Windows 10, version 1507
+metadata:
+ document_id:
+ title: Resolved issues in Windows 10, version 1507
+ description: Resolved issues in Windows 10, version 1507
+ keywords: ["Resolved issues in Windows 10", "Windows 10", "Windows 10, version 1507"]
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ See a list of known issues that have been resolved for Windows 10, version 1507 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page.
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Resolved issues
+- items:
+ - type: markdown
+ text: "
+ | Summary | Originating update | Status | Date resolved |
+ MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | OS Build 10240.18094
January 08, 2019
KB4480962 | Resolved
KB4493475 | April 09, 2019
10:00 AM PT |
+ Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | OS Build 10240.18158
March 12, 2019
KB4489872 | Resolved
KB4493475 | April 09, 2019
10:00 AM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4493475 | April 09, 2019
10:00 AM PT |
+ Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
See details > | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4489872 | March 12, 2019
10:00 AM PT |
+ Error 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.
See details > | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4489872 | March 12, 2019
10:00 AM PT |
+ First character of Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details > | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4489872 | March 12, 2019
10:00 AM PT |
+ Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
See details > | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4491101 | February 21, 2019
02:00 PM PT |
+ Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.
See details > | OS Build 10240.18094
January 08, 2019
KB4480962 | Resolved
KB4487018 | February 12, 2019
10:00 AM PT |
+ Unable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.
See details > | OS Build 10240.18094
January 08, 2019
KB4480962 | Resolved
KB4487018 | February 12, 2019
10:00 AM PT |
+ Unable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details > | OS Build 10240.18005
October 09, 2018
KB4462922 | Resolved
KB4471323 | December 11, 2018
10:00 AM PT |
+ Guest VMs running Unicast NLB fail to respond after restart
All guest virtual machines running Unicast NLB fail to respond to NLB requests after the virtual machines restart.
See details > | OS Build 10240.17976
September 11, 2018
KB4457132 | Resolved
KB4462922 | October 09, 2018
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Custom URI schemes may not start corresponding applicationAfter installing KB4489872, Custom URI Schemes for Application Protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue was resolved in KB4493475.
Back to top | OS Build 10240.18158
March 12, 2019
KB4489872 | Resolved
KB4493475 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493475.
Back to top | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4493475 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ | Applications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489872.
Back to top | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4489872 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ Error 1309 when installing/uninstalling MSI or MSP filesAfter installing KB4487018, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489872.
Back to top | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4489872 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ First character of Japanese era name not recognizedAfter installing KB4487018, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489872.
Back to top | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4489872 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ Internet Explorer may fail to load imagesAfter installing KB4487018, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4491101.
Back to top | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4491101 | Resolved:
February 21, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ MSXML6 may cause applications to stop responding After installing KB4480962, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493475.
Back to top | OS Build 10240.18094
January 08, 2019
KB4480962 | Resolved
KB4493475 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ | Applications using Microsoft Jet database fail to open Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, \"Unrecognized Database Format\".
Affected platforms: - Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487018.
Back to top | OS Build 10240.18094
January 08, 2019
KB4480962 | Resolved
KB4487018 | Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Unable to access hotspots with third-party applicationsAfter installing KB4480962, third-party applications may have difficulty authenticating hotspots.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4487018.
Back to top | OS Build 10240.18094
January 08, 2019
KB4480962 | Resolved
KB4487018 | Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
+
+- title: October 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Unable to use Seek bar in Windows Media PlayerAfter installing KB4462922, users may not be able to use the Seek bar in Windows Media Player when playing specific files. This issue does not affect normal playback.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471323.
Back to top | OS Build 10240.18005
October 09, 2018
KB4462922 | Resolved
KB4471323 | Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT |
+
+ "
+
+- title: September 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Guest VMs running Unicast NLB fail to respond after restart All guest virtual machines running Unicast NLB fail to respond to NLB requests after the virtual machines restart.
Affected platforms: - Client: Windows 10, version 1803; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015
- Server: Windows Server, version 1803
Resolution: This issue is resolved in KB4462922.
Back to top | OS Build 10240.17976
September 11, 2018
KB4457132 | Resolved
KB4462922 | Resolved:
October 09, 2018
10:00 AM PT
Opened:
September 11, 2018
10:00 AM PT |
+
+ "
diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml
new file mode 100644
index 0000000000..72407b6ba9
--- /dev/null
+++ b/windows/release-information/resolved-issues-windows-10-1607.yml
@@ -0,0 +1,135 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Resolved issues in Windows 10, version 1607 and Windows Server 2016
+metadata:
+ document_id:
+ title: Resolved issues in Windows 10, version 1607 and Windows Server 2016
+ description: Resolved issues in Windows 10, version 1607
+ keywords: ["Resolved issues in Windows 10", "Windows 10", "Windows 10, version 1607"]
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ See a list of known issues that have been resolved for Windows 10, version 1607 and Windows Server 2016 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page.
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Resolved issues
+- items:
+ - type: markdown
+ text: "
+ | Summary | Originating update | Status | Date resolved |
+ Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | OS Build 14393.2848
March 12, 2019
KB4489882 | Resolved
KB4493473 | April 25, 2019
02:00 PM PT |
+ End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup.
See details > | OS Build 14393.2879
March 19, 2019
KB4489889 | Resolved
KB4493470 | April 09, 2019
10:00 AM PT |
+ Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details > | OS Build 14393.2724
January 08, 2019
KB4480961 | Resolved
KB4493470 | April 09, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | OS Build 14393.2724
January 08, 2019
KB4480961 | Resolved
KB4493470 | April 09, 2019
10:00 AM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | OS Build 14393.2791
February 12, 2019
KB4487026 | Resolved
KB4493470 | April 09, 2019
10:00 AM PT |
+ Issue hosting multiple terminal server sessions and a user logs off on Windows Server
In some cases, Windows Server will stop working and restart when hosting multiple terminal server sessions and a user logs off.
See details > | OS Build 14393.2828
February 19, 2019
KB4487006 | Resolved
KB4489882 | March 12, 2019
10:00 AM PT |
+ Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
See details > | OS Build 14393.2791
February 12, 2019
KB4487026 | Resolved
KB4489882 | March 12, 2019
10:00 AM PT |
+ Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
See details > | OS Build 14393.2791
February 12, 2019
KB4487026 | Resolved
KB4487006 | February 19, 2019
02:00 PM PT |
+ First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details > | OS Build 14393.2759
January 17, 2019
KB4480977 | Resolved
KB4487006 | February 19, 2019
02:00 PM PT |
+ Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
See details > | OS Build 14393.2791
February 12, 2019
KB4487026 | Resolved
KB4487006 | February 19, 2019
02:00 PM PT |
+ Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.
See details > | OS Build 14393.2724
January 08, 2019
KB4480961 | Resolved
KB4487026 | February 12, 2019
10:00 AM PT |
+ Instant search in Microsoft Outlook fails on Windows Server 2016
Instant search in Microsoft Outlook clients fail with the error, \"Outlook cannot perform the search\" on Windows Server 2016.
See details > | OS Build 14393.2639
November 27, 2018
KB4467684 | Resolved
KB4487026 | February 12, 2019
10:00 AM PT |
+ SqlConnection instantiation exception on .NET 4.6 and later
Instantiation of SqlConnection can throw an exception after certain updates have been installed.
See details > | OS Build 14393.2457
August 30, 2018
KB4343884 | Resolved
KB4480977 | January 17, 2019
02:00 PM PT |
+ Unable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.
See details > | OS Build 14393.2724
January 08, 2019
KB4480961 | Resolved
KB4480977 | January 17, 2019
02:00 PM PT |
+ System becomes unresponsive when end-user-defined characters (EUDC) are used
When features related to end-user-defined characters (EUDC) are used, the entire system may become unresponsive.
See details > | OS Build 14393.2639
November 27, 2018
KB4467684 | Resolved
KB4471321 | December 11, 2018
10:00 AM PT |
+ Unable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details > | OS Build 14393.2551
October 09, 2018
KB4462917 | Resolved
KB4471321 | December 11, 2018
10:00 AM PT |
+ Issues with install and activation of Key Management Service (KMS) (CSVLK) host keys
Installation and client activation of Windows Server 2019 and 1809 LTSC Key Management Service (KMS) (CSVLK) host keys do not work as expected.
See details > | OS Build 14393.2457
August 30, 2018
KB4343884 | Resolved
KB4467684 | November 27, 2018
10:00 AM PT |
+ Promotions that create non-root domains fail with optional features enabled
Windows Server 2016 promotions that create non-root domains fail in forests in which optional features like Active Directory recycle have been enabled.
See details > | OS Build 14393.2515
September 20, 2018
KB4457127 | Resolved
KB4467684 | November 27, 2018
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Custom URI schemes may not start corresponding applicationAfter installing KB4489882, Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493473.
Back to top | OS Build 14393.2848
March 12, 2019
KB4489882 | Resolved
KB4493473 | Resolved:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PT |
+ | End-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493470.
Back to top | OS Build 14393.2879
March 19, 2019
KB4489889 | Resolved
KB4493470 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 19, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493470.
Back to top | OS Build 14393.2791
February 12, 2019
KB4487026 | Resolved
KB4493470 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ | Issue hosting multiple terminal server sessions and a user logs off on Windows Server In some cases, Windows Server will stop working and restart when hosting multiple terminal server sessions and a user logs off. The faulting driver is win32kbase.sys.
Affected platforms: - Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server 2016
Resolution: This issue is resolved in KB4489882.
Back to top | OS Build 14393.2828
February 19, 2019
KB4487006 | Resolved
KB4489882 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 19, 2019
02:00 PM PT |
+ Error 1309 when installing/uninstalling MSI or MSP filesAfter installing KB4487026, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489882.
Back to top | OS Build 14393.2791
February 12, 2019
KB4487026 | Resolved
KB4489882 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ | Applications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487006.
Back to top | OS Build 14393.2791
February 12, 2019
KB4487026 | Resolved
KB4487006 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT |
+ Internet Explorer may fail to load imagesAfter installing KB4487026, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4487006.
Back to top | OS Build 14393.2791
February 12, 2019
KB4487026 | Resolved
KB4487006 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Internet Explorer 11 authentication issue with multiple concurrent logonsAfter installing KB4480961, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to: - Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue was resolved in KB4493470.
Back to top | OS Build 14393.2724
January 08, 2019
KB4480961 | Resolved
KB4493470 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding After installing KB4480961, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493470.
Back to top | OS Build 14393.2724
January 08, 2019
KB4480961 | Resolved
KB4493470 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ First character of the Japanese era name not recognized as an abbreviationAfter installing KB4480977, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487006.
Back to top | OS Build 14393.2759
January 17, 2019
KB4480977 | Resolved
KB4487006 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 17, 2019
02:00 PM PT |
+ | Applications using Microsoft Jet database fail to open Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, “Unrecognized Database Format”.
Affected platforms: - Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487026.
Back to top | OS Build 14393.2724
January 08, 2019
KB4480961 | Resolved
KB4487026 | Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Unable to access hotspots with third-party applicationsAfter installing KB4480961, third-party applications may have difficulty authenticating hotspots.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4480977.
Back to top | OS Build 14393.2724
January 08, 2019
KB4480961 | Resolved
KB4480977 | Resolved:
January 17, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
+
+- title: November 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Instant search in Microsoft Outlook fails on Windows Server 2016After installing KB4467684 on Windows Server 2016, instant search in Microsoft Outlook clients fail with the error, \"Outlook cannot perform the search\".
Affected platforms: - Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server 2016
Resolution: This issue is resolved in KB4487026.
Back to top | OS Build 14393.2639
November 27, 2018
KB4467684 | Resolved
KB4487026 | Resolved:
February 12, 2019
10:00 AM PT
Opened:
November 27, 2018
10:00 AM PT |
+ | System becomes unresponsive when end-user-defined characters (EUDC) are used When features related to end-user-defined characters (EUDC) are used, the entire system may become unresponsive.
Affected platforms: - Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server 2016
Resolution: This issue is resolved in KB4471321.
Back to top | OS Build 14393.2639
November 27, 2018
KB4467684 | Resolved
KB4471321 | Resolved:
December 11, 2018
10:00 AM PT
Opened:
November 27, 2018
10:00 AM PT |
+
+ "
+
+- title: October 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Unable to use Seek bar in Windows Media PlayerAfter installing KB4462917, users may not be able to use the Seek bar in Windows Media Player when playing specific files. This issue does not affect normal playback.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471321.
Back to top | OS Build 14393.2551
October 09, 2018
KB4462917 | Resolved
KB4471321 | Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT |
+
+ "
+
+- title: September 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Promotions that create non-root domains fail with optional features enabledAfter installing KB4457127, Windows Server 2016 promotions that create non-root domains fail in forests in which optional features like Active Directory recycle have been enabled. The error is, “The replication operation encountered a database error.”
Affected platforms: - Server: Windows Server 2016
Resolution: This issue is resolved in KB4467684.
Back to top | OS Build 14393.2515
September 20, 2018
KB4457127 | Resolved
KB4467684 | Resolved:
November 27, 2018
10:00 AM PT
Opened:
September 20, 2018
10:00 AM PT |
+
+ "
+
+- title: August 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | SqlConnection instantiation exception on .NET 4.6 and later
For more information about this issue, see the following article in the Microsoft Knowledge Base: 4470809, SqlConnection instantiation exception on .NET 4.6 and later after August-September 2018 .NET Framework updates.
Affected platforms: - Client: Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue is resolved in KB4480977.
Back to top | OS Build 14393.2457
August 30, 2018
KB4343884 | Resolved
KB4480977 | Resolved:
January 17, 2019
02:00 PM PT
Opened:
August 30, 2018
05:00 PM PT |
+ Issues with install and activation of Key Management Service (KMS) (CSVLK) host keysAfter installing KB4343884, installation and client activation of Windows Server 2019 and Windows 10 Enterprise 2019 LTSC Key Management Service (KMS) CSVLK host keys do not work as expected.
Affected platforms: - Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server 2016
Resolution: This issue is resolved in KB4467684.
Back to top | OS Build 14393.2457
August 30, 2018
KB4343884 | Resolved
KB4467684 | Resolved:
November 27, 2018
10:00 AM PT
Opened:
August 30, 2018
05:00 PM PT |
+
+ "
diff --git a/windows/release-information/resolved-issues-windows-10-1703.yml b/windows/release-information/resolved-issues-windows-10-1703.yml
new file mode 100644
index 0000000000..a32bfe383c
--- /dev/null
+++ b/windows/release-information/resolved-issues-windows-10-1703.yml
@@ -0,0 +1,113 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Resolved issues in Windows 10, version 1703
+metadata:
+ document_id:
+ title: Resolved issues in Windows 10, version 1703
+ description: Resolved issues in Windows 10, version 1703
+ keywords: ["Resolved issues in Windows 10", "Windows 10", "Windows 10, version 1703"]
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ See a list of known issues that have been resolved for Windows 10, version 1703 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page.
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Resolved issues
+- items:
+ - type: markdown
+ text: "
+ | Summary | Originating update | Status | Date resolved |
+ Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | OS Build 15063.1689
March 12, 2019
KB4489871 | Resolved
KB4493436 | April 25, 2019
02:00 PM PT |
+ End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details > | OS Build 15063.1716
March 19, 2019
KB4489888 | Resolved
KB4493474 | April 09, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | OS Build 15063.1563
January 08, 2019
KB4480973 | Resolved
KB4493474 | April 09, 2019
10:00 AM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | OS Build 15063.1631
February 12, 2019
KB4487020 | Resolved
KB4493474 | April 09, 2019
10:00 AM PT |
+ Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
See details > | OS Build 15063.1659
February 19, 2019
KB4487011 | Resolved
KB4489871 | March 12, 2019
10:00 AM PT |
+ First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details > | OS Build 15063.1596
January 15, 2019
KB4480959 | Resolved
KB4487011 | February 19, 2019
02:00 PM PT |
+ Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
See details > | OS Build 15063.1631
February 12, 2019
KB4487020 | Resolved
KB4487011 | February 19, 2019
02:00 PM PT |
+ Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
See details > | OS Build 15063.1631
February 12, 2019
KB4487020 | Resolved
KB4487011 | February 19, 2019
10:00 AM PT |
+ Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.
See details > | OS Build 15063.1563
January 08, 2019
KB4480973 | Resolved
KB4487020 | February 12, 2019
10:00 AM PT |
+ Webpages become unresponsive in Microsoft Edge
Microsoft Edge users report difficulty browsing and loading webpages.
See details > | OS Build 15063.1563
January 08, 2019
KB4480973 | Resolved
KB4487020 | February 12, 2019
10:00 AM PT |
+ SqlConnection instantiation exception on .NET 4.6 and later
Instantiation of SqlConnection can throw an exception after certain updates have been installed.
See details > | OS Build 15063.1292
August 30, 2018
KB4343889 | Resolved
KB4480959 | January 15, 2019
10:00 AM PT |
+ Unable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.
See details > | OS Build 15063.1563
January 08, 2019
KB4480973 | Resolved
KB4480959 | January 15, 2019
10:00 AM PT |
+ Unable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details > | OS Build 15063.1387
October 09, 2018
KB4462937 | Resolved
KB4471327 | December 11, 2018
10:00 AM PT |
+ LongonUI.exe stops working intermittently
LongonUI.exe stops working intermittently.
See details > | OS Build 15063.1387
October 09, 2018
KB4462937 | Resolved
KB4467699 | November 27, 2018
10:00 AM PT |
+ Error message beginning with “Hosted by…” when launching Microsoft Edge
Some users may encounter an error message beginning with “Hosted by…” when launching Microsoft Edge.
See details > | OS Build 15063.1387
October 09, 2018
KB4462937 | Resolved
KB4462939 | October 18, 2018
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Custom URI schemes may not start corresponding applicationAfter installing KB4489871, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493436.
Back to top | OS Build 15063.1689
March 12, 2019
KB4489871 | Resolved
KB4493436 | Resolved:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PT |
+ | End-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493474.
Back to top | OS Build 15063.1716
March 19, 2019
KB4489888 | Resolved
KB4493474 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 19, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493474.
Back to top | OS Build 15063.1631
February 12, 2019
KB4487020 | Resolved
KB4493474 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ Error 1309 when installing/uninstalling MSI or MSP filesAfter installing KB4487011, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489871.
Back to top | OS Build 15063.1659
February 19, 2019
KB4487011 | Resolved
KB4489871 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 19, 2019
02:00 PM PT |
+ Internet Explorer may fail to load imagesAfter installing KB4487020, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4487011.
Back to top | OS Build 15063.1631
February 12, 2019
KB4487020 | Resolved
KB4487011 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT |
+ | Applications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487011.
Back to top | OS Build 15063.1631
February 12, 2019
KB4487020 | Resolved
KB4487011 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ MSXML6 may cause applications to stop responding After installing KB4480973, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493474.
Back to top | OS Build 15063.1563
January 08, 2019
KB4480973 | Resolved
KB4493474 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ First character of the Japanese era name not recognized as an abbreviationAfter installing KB4480959, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487011.
Back to top | OS Build 15063.1596
January 15, 2019
KB4480959 | Resolved
KB4487011 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 15, 2019
10:00 AM PT |
+ | Applications using Microsoft Jet database fail to open Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, “Unrecognized Database Format”.
Affected platforms: - Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487020.
Back to top | OS Build 15063.1563
January 08, 2019
KB4480973 | Resolved
KB4487020 | Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Webpages become unresponsive in Microsoft EdgeAfter installing KB4480973, some Microsoft Edge users report that they: - Cannot load web pages using a local IP address.
- Cannot load web pages on the Internet using a VPN connection.
Browsing fails or the web page may become unresponsive.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue is resolved in KB4486996.
Back to top | OS Build 15063.1563
January 08, 2019
KB4480973 | Resolved
KB4487020 | Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Unable to access hotspots with third-party applicationsAfter installing KB4480973, third-party applications may have difficulty authenticating hotspots.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4480959.
Back to top | OS Build 15063.1563
January 08, 2019
KB4480973 | Resolved
KB4480959 | Resolved:
January 15, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
+
+- title: October 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Unable to use Seek bar in Windows Media PlayerAfter installing KB4462937, users may not be able to use the Seek bar in Windows Media Player when playing specific files. This issue does not affect normal playback.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471327.
Back to top | OS Build 15063.1387
October 09, 2018
KB4462937 | Resolved
KB4471327 | Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT |
+ LongonUI.exe stops working intermittentlyAfter installing KB4462937, LogonUI.exe stops working intermittently.
Affected platforms: Resolution: This issue is resolved in KB4467699.
Back to top | OS Build 15063.1387
October 09, 2018
KB4462937 | Resolved
KB4467699 | Resolved:
November 27, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT |
+ Error message beginning with “Hosted by…” when launching Microsoft EdgeAfter installing KB4462937, some users may see a dialog box with a non-applicable message beginning with the words “Hosted by...” when first starting Microsoft Edge.
This dialog will only appear once if they have turned on “Block only third-party cookies” in Microsoft Edge and applied certain language packs before installing this update.
Affected platforms: - Client: Windows 10, version 1709; Windows 10, version 1703
- Server: Windows Server, version 1709
Resolution: This issue is resolved in KB4462939.
Back to top | OS Build 15063.1387
October 09, 2018
KB4462937 | Resolved
KB4462939 | Resolved:
October 18, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT |
+
+ "
+
+- title: August 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | SqlConnection instantiation exception on .NET 4.6 and later
For more information about this issue, see the following article in the Microsoft Knowledge Base: 4470809 SqlConnection instantiation exception on .NET 4.6 and later after August-September 2018 .NET Framework updates.
Affected platforms: - Client: Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue is resolved in KB4480959.
Back to top | OS Build 15063.1292
August 30, 2018
KB4343889 | Resolved
KB4480959 | Resolved:
January 15, 2019
10:00 AM PT
Opened:
August 30, 2018
05:00 PM PT |
+
+ "
diff --git a/windows/release-information/resolved-issues-windows-10-1709.yml b/windows/release-information/resolved-issues-windows-10-1709.yml
new file mode 100644
index 0000000000..e030af13f9
--- /dev/null
+++ b/windows/release-information/resolved-issues-windows-10-1709.yml
@@ -0,0 +1,113 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Resolved issues in Windows 10, version 1709 and Windows Server, vesion 1709
+metadata:
+ document_id:
+ title: Resolved issues in Windows 10, version 1709 and Windows Server, vesion 1709
+ description: Resolved issues in Windows 10, version 1709 and Windows Server 1709
+ keywords: ["Resolved issues in Windows 10", "Windows 10", "Windows 10, version 1709"]
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ See a list of known issues that have been resolved for Windows 10, version 1709 and Windows Server, version 1709 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page.
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Resolved issues
+- items:
+ - type: markdown
+ text: "
+ | Summary | Originating update | Status | Date resolved |
+ Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | OS Build 16299.1029
March 12, 2019
KB4489886 | Resolved
KB4493440 | April 25, 2019
02:00 PM PT |
+ End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details > | OS Build 16299.1059
March 19, 2019
KB4489890 | Resolved
KB4493441 | April 09, 2019
10:00 AM PT |
+ MSXML6 causes applications to stop responding if an exception was thrown
MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | OS Build 16299.904
January 08, 2019
KB4480978 | Resolved
KB4493441 | April 09, 2019
10:00 AM PT |
+ Stop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.
See details > | OS Build 16299.1029
March 12, 2019
KB4489886 | Resolved
KB4493441 | April 09, 2019
10:00 AM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | OS Build 16299.967
February 12, 2019
KB4486996 | Resolved
KB4493441 | April 09, 2019
10:00 AM PT |
+ Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
See details > | OS Build 16299.967
February 12, 2019
KB4486996 | Resolved
KB4489886 | March 12, 2019
10:00 AM PT |
+ Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
See details > | OS Build 16299.967
February 12, 2019
KB4486996 | Resolved
KB4487021 | February 19, 2019
02:00 PM PT |
+ First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details > | OS Build 16299.936
January 15, 2019
KB4480967 | Resolved
KB4487021 | February 19, 2019
02:00 PM PT |
+ Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
See details > | OS Build 16299.967
February 12, 2019
KB4486996 | Resolved
KB4487021 | February 19, 2019
02:00 PM PT |
+ Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.
See details > | OS Build 16299.904
January 08, 2019
KB4480978 | Resolved
KB4486996 | February 12, 2019
10:00 AM PT |
+ Webpages become unresponsive in Microsoft Edge
Microsoft Edge users report difficulty browsing and loading webpages.
See details > | OS Build 16299.904
January 08, 2019
KB4480978 | Resolved
KB4486996 | February 12, 2019
10:00 AM PT |
+ SqlConnection instantiation exception on .NET 4.6 and later
Instantiation of SqlConnection can throw an exception after certain updates have been installed.
See details > | OS Build 16299.637
August 30, 2018
KB4343893 | Resolved
KB4480967 | January 15, 2019
10:00 AM PT |
+ Unable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.
See details > | OS Build 16299.904
January 08, 2019
KB4480978 | Resolved
KB4480967 | January 15, 2019
10:00 AM PT |
+ Unable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details > | OS Build 16299.726
October 09, 2018
KB4462918 | Resolved
KB4471329 | December 11, 2018
10:00 AM PT |
+ Error message beginning with “Hosted by…” when launching Microsoft Edge
Some users may encounter an error message beginning with “Hosted by…” when launching Microsoft Edge.
See details > | OS Build 16299.726
October 09, 2018
KB4462918 | Resolved
KB4462932 | October 18, 2018
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Custom URI schemes may not start corresponding applicationAfter installing KB4489886, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493440.
Back to top | OS Build 16299.1029
March 12, 2019
KB4489886 | Resolved
KB4493440 | Resolved:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PT |
+ | End-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue is resolved in KB4493441.
Back to top | OS Build 16299.1059
March 19, 2019
KB4489890 | Resolved
KB4493441 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 19, 2019
10:00 AM PT |
+ Stop error when attempting to start SSH from WSLAfter applying KB4489886, a stop error occurs when attempting to start the Secure Shell (SSH) client program from Windows Subsystem for Linux (WSL) with agent forwarding enabled using a command line switch (ssh –A) or a configuration setting.
Affected platforms: - Client: Windows 10, version 1803; Windows 10, version 1709
- Server: Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue is resolved in KB4493441.
Back to top | OS Build 16299.1029
March 12, 2019
KB4489886 | Resolved
KB4493441 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493441.
Back to top | OS Build 16299.967
February 12, 2019
KB4486996 | Resolved
KB4493441 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ Error 1309 when installing/uninstalling MSI or MSP filesAfter installing KB4486996, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489886.
Back to top | OS Build 16299.967
February 12, 2019
KB4486996 | Resolved
KB4489886 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ | Applications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487021.
Back to top | OS Build 16299.967
February 12, 2019
KB4486996 | Resolved
KB4487021 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT |
+ Internet Explorer may fail to load imagesAfter installing KB4486996, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4487021.
Back to top | OS Build 16299.967
February 12, 2019
KB4486996 | Resolved
KB4487021 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ MSXML6 causes applications to stop responding if an exception was thrownAfter installing KB4480978, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493441.
Back to top | OS Build 16299.904
January 08, 2019
KB4480978 | Resolved
KB4493441 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ First character of the Japanese era name not recognized as an abbreviationAfter installing KB4480967, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487021.
Back to top | OS Build 16299.936
January 15, 2019
KB4480967 | Resolved
KB4487021 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 15, 2019
10:00 AM PT |
+ | Applications using Microsoft Jet database fail to open Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, “Unrecognized Database Format.”
Affected platforms: - Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4486996.
Back to top | OS Build 16299.904
January 08, 2019
KB4480978 | Resolved
KB4486996 | Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Webpages become unresponsive in Microsoft EdgeAfter installing KB4480978, some Microsoft Edge users report that they: - Cannot load web pages using a local IP address.
- Cannot load web pages on the Internet using a VPN connection.
Browsing fails or the web page may become unresponsive.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue is resolved in KB4486996.
Back to top | OS Build 16299.904
January 08, 2019
KB4480978 | Resolved
KB4486996 | Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Unable to access hotspots with third-party applicationsAfter installing KB4480978, third-party applications may have difficulty authenticating hotspots.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4480967.
Back to top | OS Build 16299.904
January 08, 2019
KB4480978 | Resolved
KB4480967 | Resolved:
January 15, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
+
+- title: October 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Unable to use Seek bar in Windows Media PlayerAfter installing KB4462918, users may not be able to use the Seek Bar in Windows Media Player when playing specific files. This issue does not affect normal playback.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471329.
Back to top | OS Build 16299.726
October 09, 2018
KB4462918 | Resolved
KB4471329 | Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT |
+ Error message beginning with “Hosted by…” when launching Microsoft EdgeAfter installing KB4462918, some users may see a dialog box with a non-applicable message beginning with the words “Hosted by...” when first starting Microsoft Edge.
This dialog will only appear once if they have turned on “Block only third-party cookies” in Microsoft Edge and applied certain language packs before installing this update.
Affected platforms: - Client: Windows 10, version 1709; Windows 10, version 1703
- Server: Windows Server, version 1709
Resolution: This issue is resolved in KB4462932.
Back to top | OS Build 16299.726
October 09, 2018
KB4462918 | Resolved
KB4462932 | Resolved:
October 18, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT |
+
+ "
+
+- title: August 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | SqlConnection instantiation exception on .NET 4.6 and later
For more information about this issue, see the following article in the Microsoft Knowledge Base: 4470809 SqlConnection instantiation exception on .NET 4.6 and later after August-September 2018 .NET Framework updates.
Affected platforms: - Client: Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue is resolved in KB4480967.
Back to top | OS Build 16299.637
August 30, 2018
KB4343893 | Resolved
KB4480967 | Resolved:
January 15, 2019
10:00 AM PT
Opened:
August 30, 2018
05:00 PM PT |
+
+ "
diff --git a/windows/release-information/resolved-issues-windows-10-1803.yml b/windows/release-information/resolved-issues-windows-10-1803.yml
new file mode 100644
index 0000000000..8eaaa3f3c9
--- /dev/null
+++ b/windows/release-information/resolved-issues-windows-10-1803.yml
@@ -0,0 +1,147 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Resolved issues in Windows 10, version 1803
+metadata:
+ document_id:
+ title: Resolved issues in Windows 10, version 1803
+ description: Resolved issues in Windows 10, version 1803
+ keywords: ["Resolved issues in Windows 10", "Windows 10", "Windows 10, version 1803"]
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ See a list of known issues that have been resolved for Windows 10, version 1803 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page.
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Resolved issues
+- items:
+ - type: markdown
+ text: "
+ | Summary | Originating update | Status | Date resolved |
+ Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | OS Build 17134.648
March 12, 2019
KB4489868 | Resolved
KB4493437 | April 25, 2019
02:00 PM PT |
+ End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details > | OS Build 17134.677
March 19, 2019
KB4489894 | Resolved
KB4493464 | April 09, 2019
10:00 AM PT |
+ First character of the Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details > | OS Build 17134.556
January 15, 2019
KB4480976 | Resolved
KB4487029 | April 09, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | OS Build 17134.523
January 08, 2019
KB4480966 | Resolved
KB4493464 | April 09, 2019
10:00 AM PT |
+ Stop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.
See details > | OS Build 17134.648
March 12, 2019
KB4489868 | Resolved
KB4493464 | April 09, 2019
10:00 AM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | OS Build 17134.590
February 12, 2019
KB4487017 | Resolved
KB4493464 | April 09, 2019
10:00 AM PT |
+ Error 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.
See details > | OS Build 17134.590
February 12, 2019
KB4487017 | Resolved
KB4489868 | March 12, 2019
10:00 AM PT |
+ Cannot pin a web link on the Start menu or the taskbar
Some users cannot pin a web link on the Start menu or the taskbar.
See details > | OS Build 17134.471
December 11, 2018
KB4471324 | Resolved
KB4487029 | February 19, 2019
02:00 PM PT |
+ Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
See details > | OS Build 17134.590
February 12, 2019
KB4487017 | Resolved
KB4487029 | February 19, 2019
02:00 PM PT |
+ Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
See details > | OS Build 17134.523
January 08, 2019
KB4480966 | Resolved
KB4487017 | February 12, 2019
10:00 AM PT |
+ Webpages become unresponsive in Microsoft Edge
Microsoft Edge users report difficulty browsing and loading webpages.
See details > | OS Build 17134.523
January 08, 2019
KB4480966 | Resolved
KB4487017 | February 12, 2019
10:00 AM PT |
+ SqlConnection instantiation exception on .NET 4.6 and later
After you install the August Preview of Quality Rollup or the September 11, 2018 .NET Framework update, instantiation of SqlConnection can throw an exception.
See details > | OS Build 17134.285
September 11, 2018
KB4457128 | Resolved
KB4480976 | January 15, 2019
10:00 AM PT |
+ Unable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.
See details > | OS Build 17134.523
January 08, 2019
KB4480966 | Resolved
KB4480976 | January 15, 2019
10:00 AM PT |
+ Blue or black screen with \"System thread exception not handled\" error
Some users may get a blue or black screen with the error code, “System thread exception not handled.”
See details > | OS Build 17134.441
November 27, 2018
KB4467682 | Resolved
KB4471324 | December 11, 2018
10:00 AM PT |
+ Custom Start menu layouts display incorrectly
Custom Start menu layouts may display incorrectly.
See details > | OS Build 17134.441
November 27, 2018
KB4467682 | Resolved
KB4471324 | December 11, 2018
10:00 AM PT |
+ Unable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details > | OS Build 17134.345
October 09, 2018
KB4462919 | Resolved
KB4471324 | December 11, 2018
10:00 AM PT |
+ Users cannot set Win32 program defaults
Some users cannot set Win32 program defaults for certain app and file type combinations.
See details > | OS Build 17134.320
September 26, 2018
KB4458469 | Resolved
KB4467682 | November 27, 2018
10:00 AM PT |
+ Developer Tools (F12) fail to start in Microsoft Edge
Developer Tools (F12) may fail to start in Microsoft Edge.
See details > | OS Build 17134.376
October 24, 2018
KB4462933 | Resolved
KB4467702 | November 13, 2018
10:00 AM PT |
+ Guest VMs running Unicast NLB fail to respond after restart
All guest virtual machines running Unicast NLB fail to respond to NLB requests after the virtual machines restart.
See details > | OS Build 17134.285
September 11, 2018
KB4457128 | Resolved
KB4458469 | September 26, 2018
10:00 AM PT |
+ Microsoft Intune takes a long time to deliver user profiles
Windows no longer recognizes the Personal Information exchange (PFX) certificate used for Wi-Fi or VPN authentication, causing delays in Microsoft Intune delivering user profiles.
See details > | OS Build 17134.191
July 24, 2018
KB4340917 | Resolved
KB4464218 | September 17, 2018
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Custom URI schemes may not start corresponding applicationAfter installing KB4489868, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493437.
Back to top | OS Build 17134.648
March 12, 2019
KB4489868 | Resolved
KB4493437 | Resolved:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PT |
+ | End-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493464.
Back to top | OS Build 17134.677
March 19, 2019
KB4489894 | Resolved
KB4493464 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 19, 2019
10:00 AM PT |
+ Stop error when attempting to start SSH from WSLAfter applying KB4489868, a stop error occurs when attempting to start the Secure Shell (SSH) client program from Windows Subsystem for Linux (WSL) with agent forwarding enabled using a command line switch (ssh -A) or a configuration setting.
Affected platforms: - Client: Windows 10, version 1803; Windows 10, version 1709
- Server: Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue was resolved in KB4493464.
Back to top | OS Build 17134.648
March 12, 2019
KB4489868 | Resolved
KB4493464 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493464.
Back to top | OS Build 17134.590
February 12, 2019
KB4487017 | Resolved
KB4493464 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ Error 1309 when installing/uninstalling MSI or MSP filesAfter installing KB4487017, users may received \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489868.
Back to top | OS Build 17134.590
February 12, 2019
KB4487017 | Resolved
KB4489868 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ Internet Explorer may fail to load imagesAfter installing KB4487017, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4487029.
Back to top | OS Build 17134.590
February 12, 2019
KB4487017 | Resolved
KB4487029 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ First character of the Japanese era name not recognizedAfter installing KB4480976, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487029.
Back to top | OS Build 17134.556
January 15, 2019
KB4480976 | Resolved
KB4487029 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding After installing KB4480966, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493464.
Back to top | OS Build 17134.523
January 08, 2019
KB4480966 | Resolved
KB4493464 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ | Applications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487017.
Back to top | OS Build 17134.523
January 08, 2019
KB4480966 | Resolved
KB4487017 | Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Webpages become unresponsive in Microsoft EdgeAfter installing KB4480966, some Microsoft Edge users report that they: - Cannot load web pages using a local IP address.
- Cannot load web pages on the Internet using a VPN connection.
Browsing fails or the web page may become unresponsive.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue is resolved in KB4487017.
Back to top | OS Build 17134.523
January 08, 2019
KB4480966 | Resolved
KB4487017 | Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Unable to access hotspots with third-party applicationsAfter installing KB4480966, third-party applications may have difficulty authenticating hotspots.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4480976.
Back to top | OS Build 17134.523
January 08, 2019
KB4480966 | Resolved
KB4480976 | Resolved:
January 15, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
+
+- title: December 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Cannot pin a web link on the Start menu or the taskbarAfter installing KB4471324, some users cannot pin a web link on the Start menu or the taskbar.
Affected platforms: - Client: Windows 10, version 1803
- Server: Windows Server, version 1803
Resolution: This issue is resolved in KB4487029.
Back to top | OS Build 17134.471
December 11, 2018
KB4471324 | Resolved
KB4487029 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
December 11, 2018
10:00 AM PT |
+
+ "
+
+- title: November 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Blue or black screen with \"System thread exception not handled\" errorAfter installing KB4467682, an optional update, some users may get a blue or black screen with the error code, \"System thread exception not handled.\"
Affected platforms: - Client: Windows 10, version 1803
- Server: Windows Server, version 1803
Resolution: This issue is resolved in KB4471324.
Back to top | OS Build 17134.441
November 27, 2018
KB4467682 | Resolved
KB4471324 | Resolved:
December 11, 2018
10:00 AM PT
Opened:
November 27, 2018
10:00 AM PT |
+ Custom Start menu layouts display incorrectlyAfter installing KB4467682, custom Start menu layouts may display incorrectly.
Affected platforms: - Client: Windows 10, version 1803
- Server: Windows Server, version 1803
Resolution: This issue is resolved in KB4471324.
Back to top | OS Build 17134.441
November 27, 2018
KB4467682 | Resolved
KB4471324 | Resolved:
December 11, 2018
10:00 AM PT
Opened:
November 27, 2018
10:00 AM PT |
+
+ "
+
+- title: October 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Unable to use Seek bar in Windows Media PlayerAfter installing KB4462919, users may not be able to use the Seek bar in Windows Media Player when playing specific files. This issue does not affect normal playback.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471324.
Back to top | OS Build 17134.345
October 09, 2018
KB4462919 | Resolved
KB4471324 | Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT |
+ | Developer Tools (F12) fail to start in Microsoft Edge Developer Tools (F12) may fail to start in Microsoft Edge.
Affected platforms: - Client: Windows 10, version 1803
- Server: Windows Server, version 1803
Resolution: This issue is resolved in KB4467702.
Back to top | OS Build 17134.376
October 24, 2018
KB4462933 | Resolved
KB4467702 | Resolved:
November 13, 2018
10:00 AM PT
Opened:
October 24, 2018
02:00 PM PT |
+
+ "
+
+- title: September 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | SqlConnection instantiation exception on .NET 4.6 and later
For more information about this issue, see the following article in the Microsoft Knowledge Base: 4470809, SqlConnection instantiation exception on .NET 4.6 and later after August-September 2018 .NET Framework updates.
Affected platforms: - Client: Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue is resolved in KB4480976.
Back to top | OS Build 17134.285
September 11, 2018
KB4457128 | Resolved
KB4480976 | Resolved:
January 15, 2019
10:00 AM PT
Opened:
September 11, 2018
10:00 AM PT |
+ Users cannot set Win32 program defaultsAfter installing KB4458469, some users cannot set Win32 program defaults for certain app and file type combinations using the Open with... command or Settings > Apps > Default apps. In some cases, Microsoft Notepad or other Win32 programs cannot be set as the default.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803
Resolution: This issue is resolved in KB4467682.
Back to top | OS Build 17134.320
September 26, 2018
KB4458469 | Resolved
KB4467682 | Resolved:
November 27, 2018
10:00 AM PT
Opened:
September 26, 2018
02:00 PM PT |
+ | Guest VMs running Unicast NLB fail to respond after restart All guest virtual machines running Unicast NLB fail to respond to NLB requests after the virtual machines restart.
Affected platforms: - Client: Windows 10, version 1803; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015
- Server: Windows Server, version 1803
Resolution: This issue is resolved in KB4458469.
Back to top | OS Build 17134.285
September 11, 2018
KB4457128 | Resolved
KB4458469 | Resolved:
September 26, 2018
10:00 AM PT
Opened:
September 11, 2018
10:00 AM PT |
+
+ "
+
+- title: July 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Microsoft Intune takes a long time to deliver user profilesAfter installing KB4457128, Windows no longer recognizes the Personal Information exchange (PFX) certificate that's used for authenticating to a Wi-Fi or VPN connection. As a result, Microsoft Intune takes a long time to deliver user profiles because it doesn't recognize that the required certificate is on the device.
Affected platforms: - Client: Windows 10, version 1803
- Server: Windows Server, version 1803
Resolution: This issue is resolved in KB4464218.
Back to top | OS Build 17134.191
July 24, 2018
KB4340917 | Resolved
KB4464218 | Resolved:
September 17, 2018
10:00 AM PT
Opened:
July 24, 2018
10:00 AM PT |
+
+ "
diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
new file mode 100644
index 0000000000..9e6e80d5cc
--- /dev/null
+++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
@@ -0,0 +1,137 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Resolved issues in Windows 10, version 1809 and Windows Server 2019
+metadata:
+ document_id:
+ title: Resolved issues in Windows 10, version 1809 and Windows Server 2019
+ description: Resolved issues in Windows 10, version 1809 or Windows Server 2019
+ keywords: ["Resolved issues in Windows 10", "Windows 10", "Windows 10 1809"]
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ See a list of known issues that have been resolved for Windows 10, version 1809 and Windows Server 2019 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page.
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Resolved issues
+- items:
+ - type: markdown
+ text: "
+ | Summary | Originating update | Status | Date resolved |
+ End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details > | OS Build 17763.404
April 02, 2019
KB4490481 | Resolved
KB4493509 | April 09, 2019
10:00 AM PT |
+ Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details > | OS Build 17763.253
January 08, 2019
KB4480116 | Resolved
KB4493509 | April 09, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | OS Build 17763.253
January 08, 2019
KB4480116 | Resolved
KB4493509 | April 09, 2019
10:00 AM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4493509 | April 09, 2019
10:00 AM PT |
+ Apps may stop working after selecting an audio output device other than the default
Users with multiple audio devices that select an audio output device different from the \"Default Audio Device\" may find certain applications stop working unexpectedly.
See details > | OS Build 17763.348
March 01, 2019
KB4482887 | Resolved
KB4490481 | April 02, 2019
10:00 AM PT |
+ Error 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.
See details > | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4489899 | March 12, 2019
10:00 AM PT |
+ Global DNS outage affects Windows Update customers
Windows Update customers were recently affected by a network infrastructure event caused by an external DNS service provider's global outage.
See details > | N/A
| Resolved
| March 08, 2019
11:15 AM PT |
+ Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
See details > | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4482887 | March 01, 2019
10:00 AM PT |
+ Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 9 file format may randomly stop working.
See details > | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4482887 | March 01, 2019
10:00 AM PT |
+ First character of the Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details > | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4482887 | March 01, 2019
10:00 AM PT |
+ Shared albums may not sync with iCloud for Windows
Upgrade block: Apple has identified an incompatibility with iCloud for Windows (version 7.7.0.27) where users may experience issues updating or synching Shared Albums.
See details > | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
KB4482887 | March 01, 2019
10:00 AM PT |
+ Intel Audio Display (intcdaud.sys) notification during Windows 10 Setup
Upgrade block: Users may see an Intel Audio Display (intcdaud.sys) notification during setup for devices with certain Intel Display Audio Drivers.
See details > | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
KB4482887 | March 01, 2019
10:00 AM PT |
+ F5 VPN clients losing network connectivity
Upgrade block: After updating to Window 10, version 1809, F5 VPN clients may lose network connectivity when the VPN service is in a split tunnel configuration.
See details > | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
KB4482887 | March 01, 2019
10:00 AM PT |
+ Webpages become unresponsive in Microsoft Edge
Microsoft Edge users report difficulty browsing and loading webpages.
See details > | OS Build 17763.253
January 08, 2019
KB4480116 | Resolved
KB4487044 | February 12, 2019
10:00 AM PT |
+ Issues with lock screen and Microsoft Edge tabs for certain AMD Radeon video cards
Upgrade block: Devices utilizing AMD Radeon HD2000 or HD4000 series video cards may experience issues with the lock screen and Microsoft Edge tabs.
See details > | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
KB4487044 | February 12, 2019
10:00 AM PT |
+ Trend Micro OfficeScan and Worry-Free Business Security AV software not compatible
Upgrade block: Microsoft and Trend Micro identified a compatibility issue with the Trend Micro business endpoint security solutions OfficeScan and Worry-Free Business Security.
See details > | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
| February 01, 2019
09:00 AM PT |
+ Unable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.
See details > | OS Build 17763.253
January 08, 2019
KB4480116 | Resolved
KB4476976 | January 22, 2019
02:00 PM PT |
+ Unable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details > | OS Build 17763.55
October 09, 2018
KB4464330 | Resolved
KB4471332 | December 11, 2018
10:00 AM PT |
+ Audio stops working after installing Intel audio driver
Upgrade block: Windows 10 audio stops working after installing Intel Smart Sound Technology driver (version 09.21.00.3755).
See details > | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
KB4468550 | December 07, 2018
10:00 AM PT |
+ Office apps (32-bit) unable to use 'Save As…' function
Upgrade block: Devices using Morphisec Protector (or other application that uses the Morphisec SDK) may be unable to save documents when using 32-bit Microsoft Office apps.
See details > | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
| December 06, 2018
12:00 PM PT |
+ Users cannot set Win32 program defaults
Some users cannot set Win32 program defaults for certain app and file type combinations.
See details > | OS Build 17763.55
October 09, 2018
KB4464330 | Resolved
KB4469342 | December 05, 2018
02:00 PM PT |
+ Mapped drives fail to reconnect after login
Upgrade block: Mapped drives may fail to reconnect after booting and logging on to a Windows device.
See details > | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
KB4469342 | December 05, 2018
02:00 PM PT |
+ Microsoft Edge may crash or hang while playing video
Following an nVidia driver update, Microsoft Edge may crash or hang while playing video.
See details > | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
| December 05, 2018
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: April 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | End-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493509.
Back to top | OS Build 17763.404
April 02, 2019
KB4490481 | Resolved
KB4493509 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
April 02, 2019
10:00 AM PT |
+
+ "
+
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Apps may stop working after selecting an audio output device other than the defaultAfter installing KB4482887 on machines that have multiple audio devices, applications that provide advanced options for internal or external audio output devices may stop working unexpectedly. This issue occurs for users that select an audio output device different from the \"Default Audio Device\". Examples of applications that may stop working include: - Windows Media Player
- Realtek HD Audio Manager
- Sound Blaster Control Panel
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4490481.
Back to top | OS Build 17763.348
March 01, 2019
KB4482887 | Resolved
KB4490481 | Resolved:
April 02, 2019
10:00 AM PT
Opened:
March 01, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493509.
Back to top | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4493509 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ Error 1309 when installing/uninstalling MSI or MSP filesAfter installing KB4487044, users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489899.
Back to top | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4489899 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ Internet Explorer may fail to load imagesAfter installing KB4487044, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4482887.
Back to top | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4482887 | Resolved:
March 01, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ | Applications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4482887.
Back to top | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4482887 | Resolved:
March 01, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ First character of the Japanese era name not recognizedAfter installing KB4487044, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4482887.
Back to top | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4482887 | Resolved:
March 01, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Internet Explorer 11 authentication issue with multiple concurrent logonsAfter installing KB4480116, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to: - Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue was resolved in KB4493509.
Back to top | OS Build 17763.253
January 08, 2019
KB4480116 | Resolved
KB4493509 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding After installing KB4480116, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode(). The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493509.
Back to top | OS Build 17763.253
January 08, 2019
KB4480116 | Resolved
KB4493509 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ | Global DNS outage affects Windows Update customers Windows Update customers were affected by a network infrastructure event on January 29, 2019 (21:00 UTC), caused by an external DNS service provider's global outage. A software update to the external provider's DNS servers resulted in the distribution of corrupted DNS records that affected connectivity to the Windows Update service. The DNS records were restored by January 30, 2019 (00:10 UTC), and the majority of local Internet Service Providers (ISP) have refreshed their DNS servers and customer services have been restored. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
While this was not an issue with Microsoft's services, we take any service disruption for our customers seriously. We will work with partners to better understand this so we can provide higher quality service in the future even across diverse global network providers. If you are still unable to connect to Windows Update services due to this problem, please contact your local ISP or network administrator. You can also refer to our new KB4493784 for more information to determine if your network is affected, and to provide your local ISP or network administrator with additional information to assist you.
Back to top | N/A
| Resolved
| Resolved:
March 08, 2019
11:15 AM PT
Opened:
January 29, 2019
02:00 PM PT |
+ Webpages become unresponsive in Microsoft EdgeAfter installing KB4480116, some Microsoft Edge users report that they: - Cannot load web pages using a local IP address.
- Cannot load web pages on the Internet using a VPN connection.
Browsing fails or the web page may become unresponsive.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue is resolved in KB4487020.
Back to top | OS Build 17763.253
January 08, 2019
KB4480116 | Resolved
KB4487044 | Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Unable to access hotspots with third-party applicationsAfter installing KB4480116, third-party applications may have difficulty authenticating hotspots.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4476976.
Back to top | OS Build 17763.253
January 08, 2019
KB4480116 | Resolved
KB4476976 | Resolved:
January 22, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
+
+- title: November 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Shared albums may not sync with iCloud for Windows Upgrade block: Users who attempt to install iCloud for Windows (version 7.7.0.27) will see a message displayed that this version iCloud for Windows isn't supported and the install will fail.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
To ensure a seamless experience, Microsoft is blocking devices with iCloud for Windows (version 7.7.0.27) software installed from being offered Window 10, version 1809 until this issue has been resolved.
We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool from the Microsoft software download website until this issue is resolved. Resolution: Apple has released an updated version of iCloud for Windows (version 7.8.1) that resolves compatibility issues encountered when updating or synching Shared Albums after updating to Windows 10, version 1809. We recommend that you update your iCloud for Windows to version 7.8.1 when prompted before attempting to upgrade to Windows 10, version 1809. You can also manually download the latest version of iCloud for Windows by visiting https://support.apple.com/HT204283.
Back to top | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
KB4482887 | Resolved:
March 01, 2019
10:00 AM PT
Opened:
November 13, 2018
10:00 AM PT |
+ | Intel Audio Display (intcdaud.sys) notification during Windows 10 Setup Upgrade block: Microsoft and Intel have identified a compatibility issue with a range of Intel Display Audio device drivers (intcdaud.sys, versions 10.25.0.3 - 10.25.0.8) that may result in excessive processor demand and reduced battery life. As a result, the update process to the Windows 10 October 2018 Update (Windows 10, version 1809) will fail and affected devices will automatically revert to the previous working configuration.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
If you see a \"What needs your attention\" notification during installation of the October 2018 Update, you have one of these affected drivers on your system. On the notification, click Back to remain on your current version of Windows 10. To ensure a seamless experience, we are blocking devices from being offered the October 2018 Update until updated Intel device drivers are installed on your current operating system. We recommend that you do not attempt to manually update to Windows 10, version 1809, using the Update Now button or the Media Creation Tool from the Microsoft Software Download Center until newer Intel device drivers are available with the update. You can either wait for newer drivers to be installed automatically through Windows Update or check with your computer manufacturer for the latest device driver software availability and installation procedures. For more information about this issue, see Intel's customer support guidance. Resolution: This issue was resolved in KB4482887 and the upgrade block removed.
Back to top | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
KB4482887 | Resolved:
March 01, 2019
10:00 AM PT
Opened:
November 13, 2018
10:00 AM PT |
+ | F5 VPN clients losing network connectivity Upgrade block: After updating to Window 10, version 1809, F5 VPN clients may lose network connectivity when the VPN service is in a split tunnel configuration.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4482887 and the upgrade block removed.
Back to top | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
KB4482887 | Resolved:
March 01, 2019
10:00 AM PT
Opened:
November 13, 2018
10:00 AM PT |
+ | Issues with lock screen and Microsoft Edge tabs for certain AMD Radeon video cards Note: AMD no longer supports Radeon HD2000 and HD4000 series graphic processor units (GPUs). Upgrade block: After updating to Window 10, version 1809, Microsoft Edge tabs may stop working when a device is configured with AMD Radeon HD2000 or HD4000 series video cards. Customers may get the following error code: \"INVALID_POINTER_READ_c0000005_atidxx64.dll\". Some users may also experience performance issues with the lock screen or the ShellExperienceHost. (The lock screen hosts widgets, and the ShellExperienceHost is responsible for assorted shell functionality.)
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4487044, and the block was removed.
Back to top | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
KB4487044 | Resolved:
February 12, 2019
10:00 AM PT
Opened:
November 13, 2018
10:00 AM PT |
+ | Trend Micro OfficeScan and Worry-Free Business Security AV software not compatible Upgrade block: Microsoft and Trend Micro have identified a compatibility issue with Trend Micro's OfficeScan and Worry-Free Business Security software when attempting to update to Windows 10, version 1809.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Once you have updated your version of Trend Micro's OfficeScan or Worry-Free Business Security software, you will be offered Windows 10, version 1809 automatically.
Back to top | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
| Resolved:
February 01, 2019
09:00 AM PT
Opened:
November 13, 2018
10:00 AM PT |
+ | Audio stops working after installing Intel audio driver Upgrade block: Intel unintentionally released version 9.21.00.3755 of the Intel Smart Sound Technology (ISST) Driver through Windows Update and inadvertently offered it to a range of devices running Window 10, version 1709, 1803, and 1809. If a device contained a compatible audio driver, the new driver overrode it and caused audio to stop working.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4468550 and the upgrade block removed.
Back to top | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
KB4468550 | Resolved:
December 07, 2018
10:00 AM PT
Opened:
November 13, 2018
10:00 AM PT |
+ | Office apps (32-bit) unable to use 'Save As…' function Upgrade block: Microsoft and Morphisec have identified an issue on devices that have installed Morphisec Protector or another application that uses the Morphisec Software Development Kit (SDK) including Cisco AMP for Endpoints. These applications may impact customers' ability to use the 'Save As.'dialog when saving documents in 32-bit versions of Microsoft Office applications. Saving of files is not impacted.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Resolution: Morphisec and Cisco have released updated versions of their applications to address this issue. We recommend customers update to these minimum versions before attempting to attempting to upgrade to Windows 10, version 1809: - Morphisec Protector version 2.4.8
- Cisco AMP for Endpoints version 6.2.3.10814
An upgrade block remains in place for earlier versions of the applications than those listed above.
Back to top | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
| Resolved:
December 06, 2018
12:00 PM PT
Opened:
November 13, 2018
10:00 AM PT |
+ | Mapped drives fail to reconnect after login Upgrade block: Network drives may fail to reconnect after booting and logging on to a Windows device. Symptoms include: - In Windows Explorer, a red X appears on the mapped network drives.
- Mapped network drives show as Unavailable when you run the net use command from a command prompt.
- In the notification area, a notification displays the following message, \"Could not reconnect all network drives.\"
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4469342 and the upgrade block removed.
Back to top | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
KB4469342 | Resolved:
December 05, 2018
02:00 PM PT
Opened:
November 13, 2018
10:00 AM PT |
+ | Microsoft Edge may crash or hang while playing video nVidia has notified Microsoft of an issue where Microsoft Edge may crash or hang while playing video. This issue occurs following an nVidia driver update.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Resolution: nVidia has released an updated driver to address this issue. Please follow the instructions found in nVidia's support article.
Back to top | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
| Resolved:
December 05, 2018
10:00 AM PT
Opened:
November 13, 2018
10:00 AM PT |
+
+ "
+
+- title: October 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Unable to use Seek bar in Windows Media PlayerAfter installing KB4464330, users may not be able to use the Seek bar in Windows Media Player when playing specific files. This issue does not affect normal playback.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471332.
Back to top | OS Build 17763.55
October 09, 2018
KB4464330 | Resolved
KB4471332 | Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT |
+ Users cannot set Win32 program defaults After installing KB4464330, some users cannot set Win32 program defaults for certain app and file type combinations using the Open with... command or Settings > Apps > Default apps. In some cases, Microsoft Notepad or other Win32 programs cannot be set as the default.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803
Resolution: This issue is resolved in KB4469342.
Back to top | OS Build 17763.55
October 09, 2018
KB4464330 | Resolved
KB4469342 | Resolved:
December 05, 2018
02:00 PM PT
Opened:
October 09, 2018
10:00 AM PT |
+
+ "
diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
new file mode 100644
index 0000000000..d034127b65
--- /dev/null
+++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -0,0 +1,109 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Resolved issues in Windows 7 and Windows Server 2008 R2 SP1
+metadata:
+ document_id:
+ title: Resolved issues in Windows 7 and Windows Server 2008 R2 SP1
+ description: Resolved issues in Windows 7 and Windows Server 2008 R2 SP1
+ keywords: ["Resolved issues in Windows 7", "Windows 7", "Windows Server 2008 R2 SP1"]
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ See a list of known issues that have been resolved for Windows 7 and Windows Server 2008 R2 SP1 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page.
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Resolved issues
+- items:
+ - type: markdown
+ text: "
+ | Summary | Originating update | Status | Date resolved |
+ Devices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.
See details > | April 09, 2019
KB4493472 | Resolved
| April 25, 2019
02:00 PM PT |
+ Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details > | January 08, 2019
KB4480970 | Resolved
KB4493472 | April 09, 2019
10:00 AM PT |
+ Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | March 12, 2019
KB4489878 | Resolved
KB4493472 | April 09, 2019
10:00 AM PT |
+ NETDOM.EXE fails to run
NETDOM.EXE fails to run and the error, “The command failed to complete successfully.” appears on screen.
See details > | March 12, 2019
KB4489878 | Resolved
KB4493472 | April 09, 2019
10:00 AM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | February 12, 2019
KB4486563 | Resolved
KB4493472 | April 09, 2019
10:00 AM PT |
+ Event Viewer may not show some event descriptions for network interface cards
The Event Viewer may not show some event descriptions for network interface cards (NIC).
See details > | October 18, 2018
KB4462927 | Resolved
KB4489878 | March 12, 2019
10:00 AM PT |
+ Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.
See details > | January 08, 2019
KB4480970 | Resolved
KB4490511 | February 19, 2019
02:00 PM PT |
+ First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details > | January 17, 2019
KB4480955 | Resolved
KB4486565 | February 19, 2019
02:00 PM PT |
+ Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
See details > | February 12, 2019
KB4486563 | Resolved
KB4486565 | February 19, 2019
02:00 PM PT |
+ Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
See details > | February 12, 2019
KB4486563 | Resolved
KB4486565 | February 19, 2019
02:00 PM PT |
+ Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.
See details > | January 08, 2019
KB4480970 | Resolved
KB4486563 | February 12, 2019
10:00 AM PT |
+ Local Administrators unable to remotely access shares
Local users who are part of the local Administrators group may not be able to remotely access shares on Windows Server 2008 R2 and Windows 7 machines.
See details > | January 08, 2019
KB4480970 | Resolved
KB4487345 | January 11, 2019
02:00 PM PT |
+ Unable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details > | October 09, 2018
KB4462923 | Resolved
KB4471318 | December 11, 2018
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: April 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Devices may not respond at login or Welcome screen if running certain Avast softwareMicrosoft and Avast have identified an issue on devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software after you install KB4493472 and restart. Devices may become unresponsive at the login or Welcome screen. Additionally, you may be unable to log in or log in after an extended period of time.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: Avast has released emergency updates to address this issue. For more information and AV update schedule, see the Avast support KB article.
Back to top | April 09, 2019
KB4493472 | Resolved
| Resolved:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT |
+
+ "
+
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Custom URI schemes may not start corresponding applicationAfter installing KB4489878, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493472.
Back to top | March 12, 2019
KB4489878 | Resolved
KB4493472 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
+ NETDOM.EXE fails to runAfter installing KB4489878, NETDOM.EXE fails to run, and the on-screen error, “The command failed to complete successfully.” appears.
Affected platforms: - Client: Windows 7 SP1
- Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493472.
Back to top | March 12, 2019
KB4489878 | Resolved
KB4493472 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493472.
Back to top | February 12, 2019
KB4486563 | Resolved
KB4493472 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ Internet Explorer may fail to load imagesAfter installing KB4486563, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4486565.
Back to top | February 12, 2019
KB4486563 | Resolved
KB4486565 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT |
+ | Applications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4486565.
Back to top | February 12, 2019
KB4486563 | Resolved
KB4486565 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Internet Explorer 11 authentication issue with multiple concurrent logonsAfter installing KB4480970, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to: - Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493472.
Back to top | January 08, 2019
KB4480970 | Resolved
KB4493472 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Virtual machines fail to restoreAfter installing KB4480970, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”
This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490511.
Back to top | January 08, 2019
KB4480970 | Resolved
KB4490511 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT |
+ First character of the Japanese era name not recognized as an abbreviationAfter installing KB4480955, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4486565.
Back to top | January 17, 2019
KB4480955 | Resolved
KB4486565 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 17, 2019
10:00 AM PT |
+ | Applications using Microsoft Jet database fail to open Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, “Unrecognized Database Format”.
Affected Platforms: - Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4486563.
Back to top | January 08, 2019
KB4480970 | Resolved
KB4486563 | Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Local Administrators unable to remotely access sharesLocal users who are part of the local Administrators group may not be able to remotely access shares on Windows Server 2008 R2 and Windows 7 machines after installing KB4480970. This does not affect domain accounts in the local Administrators group. Affected platforms: - Client: Windows 7 SP1
- Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487345.
Back to top | January 08, 2019
KB4480970 | Resolved
KB4487345 | Resolved:
January 11, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
+
+- title: October 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Event Viewer may not show some event descriptions for network interface cardsAfter installing KB4462927, the Event Viewer may not show some event descriptions for network interface cards (NICs).
Affected Platforms: - Client: Windows 7 SP1
- Server: Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4489878.
Back to top | October 18, 2018
KB4462927 | Resolved
KB4489878 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
October 18, 2018
10:00 AM PT |
+ Unable to use Seek bar in Windows Media PlayerAfter installing KB4462923, users may not be able to use the Seek bar in Windows Media Player when playing specific files. This issue does not affect normal playback.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471318.
Back to top | October 09, 2018
KB4462923 | Resolved
KB4471318 | Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT |
+
+ "
diff --git a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml
new file mode 100644
index 0000000000..1ef62bfe75
--- /dev/null
+++ b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml
@@ -0,0 +1,109 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Resolved issues in Windows 8.1 and Windows Server 2012 R2
+metadata:
+ document_id:
+ title: Resolved issues in Windows 8.1 and Windows Server 2012 R2
+ description: Resolved issues in Windows 8.1 and Windows Server 2012 R2
+ keywords: ["Resolved issues in Windows 8.1", "Windows 8.1", "Windows Server 2012 R2"]
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ See a list of known issues that have been resolved for Windows 8.1 and Windows Server 2012 R2 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page.
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Resolved issues
+- items:
+ - type: markdown
+ text: "
+ | Summary | Originating update | Status | Date resolved |
+ Devices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.
See details > | April 09, 2019
KB4493446 | Resolved
| April 25, 2019
02:00 PM PT |
+ Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details > | January 08, 2019
KB4480963 | Resolved
KB4493446 | April 09, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding.
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | January 08, 2019
KB4480963 | Resolved
KB4493446 | April 09, 2019
10:00 AM PT |
+ Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | March 12, 2019
KB4489881 | Resolved
KB4493446 | April 09, 2019
10:00 AM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | February 12, 2019
KB4487000 | Resolved
KB4493446 | April 09, 2019
10:00 AM PT |
+ Devices with winsock kernel client may receive error
Devices with a winsock kernel client may receive D1, FC, and other errors.
See details > | March 12, 2019
KB4489881 | Resolved
KB4489893 | March 19, 2019
10:00 AM PT |
+ Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
See details > | February 19, 2019
KB4487016 | Resolved
KB4489881 | March 12, 2019
10:00 AM PT |
+ Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.
See details > | January 08, 2019
KB4480963 | Resolved
KB4490512 | February 19, 2019
02:00 PM PT |
+ First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details > | January 15, 2019
KB4480969 | Resolved
KB4487016 | February 19, 2019
02:00 PM PT |
+ Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
See details > | February 12, 2019
KB4487000 | Resolved
KB4487016 | February 19, 2019
02:00 PM PT |
+ Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.
See details > | January 08, 2019
KB4480963 | Resolved
KB4487000 | February 12, 2019
10:00 AM PT |
+ Unable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.
See details > | January 08, 2019
KB4480963 | Resolved
KB4480969 | January 15, 2019
10:00 AM PT |
+ Unable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details > | October 09, 2018
KB4462926 | Resolved
KB4471320 | December 11, 2018
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: April 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Devices may not respond at login or Welcome screen if running certain Avast softwareMicrosoft and Avast have identified an issue on devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software after you install KB4493446 and restart. Devices may become unresponsive at the login or Welcome screen. Additionally, you may be unable to log in or log in after an extended period of time.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: Avast has released emergency updates to address this issue. For more information and AV update schedule, see the Avast support KB article.
Back to top | April 09, 2019
KB4493446 | Resolved
| Resolved:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT |
+
+ "
+
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Custom URI schemes may not start corresponding applicationAfter installing KB4489881, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493446.
Back to top | March 12, 2019
KB4489881 | Resolved
KB4493446 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
+ Devices with winsock kernel client may receive errorAfter installing KB4489881, devices with a winsock kernel client may receive D1, FC, and other errors. Additionally, systems that run the Skype for Business or Lync Server Edge Transport role may be affected by this issue.
Affected platforms: - Client: Windows 8.1
- Server: Windows Server 2012 R2
Resolution: This issue is resolved in KB4489893.
Back to top | March 12, 2019
KB4489881 | Resolved
KB4489893 | Resolved:
March 19, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.
Affected platforms - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493446.
Back to top | February 12, 2019
KB4487000 | Resolved
KB4493446 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ Error 1309 when installing/uninstalling MSI or MSP filesAfter installing KB4487016, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489881.
Back to top | February 19, 2019
KB4487016 | Resolved
KB4489881 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 19, 2019
02:00 PM PT |
+ Internet Explorer may fail to load imagesAfter installing KB4487000, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4487016.
Back to top | February 12, 2019
KB4487000 | Resolved
KB4487016 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Internet Explorer 11 authentication issue with multiple concurrent logonsAfter installing KB4480963, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to: - Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493446.
Back to top | January 08, 2019
KB4480963 | Resolved
KB4493446 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding.After installing KB4480963, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493446.
Back to top | January 08, 2019
KB4480963 | Resolved
KB4493446 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Virtual machines fail to restoreAfter installing KB4480963, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”
This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490512.
Back to top | January 08, 2019
KB4480963 | Resolved
KB4490512 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT |
+ First character of the Japanese era name not recognized as an abbreviationAfter installing KB4480969, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487016.
Back to top | January 15, 2019
KB4480969 | Resolved
KB4487016 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 15, 2019
10:00 AM PT |
+ | Applications using Microsoft Jet database fail to open Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, “Unrecognized Database Format”.
Affected platforms: - Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487000.
Back to top | January 08, 2019
KB4480963 | Resolved
KB4487000 | Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Unable to access hotspots with third-party applicationsAfter installing KB4480963, third-party applications may have difficulty authenticating hotspots.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4480969.
Back to top | January 08, 2019
KB4480963 | Resolved
KB4480969 | Resolved:
January 15, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
+
+- title: October 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Unable to use Seek bar in Windows Media PlayerAfter installing KB4462926, users may not be able to use the Seek bar in Windows Media Player when playing specific files. This issue does not affect normal playback.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471320.
Back to top | October 09, 2018
KB4462926 | Resolved
KB4471320 | Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT |
+
+ "
diff --git a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
new file mode 100644
index 0000000000..fe19c4b36e
--- /dev/null
+++ b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
@@ -0,0 +1,91 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Resolved issues in Windows Server 2008 SP2
+metadata:
+ document_id:
+ title: Resolved issues in Windows Server 2008 SP2
+ description: Resolved issues in Windows Server 2008 SP2
+ keywords: ["Resolved issues in Windows Server 2008 SP2", "Windows Server 2008 SP2"]
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ See a list of known issues that have been resolved for Windows Server 2008 SP2 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page.
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Resolved issues
+- items:
+ - type: markdown
+ text: "
+ | Summary | Originating update | Status | Date resolved |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | February 12, 2019
KB4487023 | Resolved
KB4493471 | April 09, 2019
10:00 AM PT |
+ NETDOM.EXE fails to run
NETDOM.EXE fails to run and the error, “The command failed to complete successfully.” appears on screen.
See details > | March 12, 2019
KB4489880 | Resolved
KB4493471 | April 09, 2019
10:00 AM PT |
+ First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details > | January 17, 2019
KB4480974 | Resolved
KB4489880 | March 12, 2019
10:00 AM PT |
+ Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.
See details > | January 08, 2019
KB4480968 | Resolved
KB4490514 | February 19, 2019
02:00 PM PT |
+ Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
See details > | February 12, 2019
KB4487023 | Resolved
KB4487022 | February 19, 2019
02:00 PM PT |
+ Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.
See details > | January 08, 2019
KB4480968 | Resolved
KB4487023 | February 12, 2019
10:00 AM PT |
+ Local Administrators unable to remotely access shares
Local users who are part of the local Administrators group may not be able to remotely access shares on Windows Server 2008 R2 and Windows 7 machines.
See details > | January 08, 2019
KB4480968 | Resolved
KB4487354 | January 11, 2019
02:00 PM PT |
+ Unable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details > | October 09, 2018
KB4463097 | Resolved
KB4471325 | December 11, 2018
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ NETDOM.EXE fails to runAfter installing KB4489880, NETDOM.EXE fails to run, and the on-screen error, “The command failed to complete successfully.” appears.
Affected platforms: - Client: Windows 7 SP1
- Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493471.
Back to top | March 12, 2019
KB4489880 | Resolved
KB4493471 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.
Affected platforms - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493471.
Back to top | February 12, 2019
KB4487023 | Resolved
KB4493471 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ | Applications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487022.
Back to top | February 12, 2019
KB4487023 | Resolved
KB4487022 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ First character of the Japanese era name not recognized as an abbreviationAfter installing KB4480974, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489880.
Back to top | January 17, 2019
KB4480974 | Resolved
KB4489880 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
January 17, 2019
10:00 AM PT |
+ Virtual machines fail to restoreAfter installing KB4480968, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”
This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490514.
Back to top | January 08, 2019
KB4480968 | Resolved
KB4490514 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT |
+ | Applications using Microsoft Jet database fail to open Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, “Unrecognized Database Format”.
Affected platforms: - Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487023.
Back to top | January 08, 2019
KB4480968 | Resolved
KB4487023 | Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Local Administrators unable to remotely access sharesLocal users who are part of the local Administrators group may not be able to remotely access shares on Windows Server 2008 R2 and Windows 7 machines after installing KB4480968. This does not affect domain accounts in the local Administrators group.
Affected platforms: - Client: Windows 7 SP1
- Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487354.
Back to top | January 08, 2019
KB4480968 | Resolved
KB4487354 | Resolved:
January 11, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
+
+- title: October 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Unable to use Seek bar in Windows Media PlayerAfter installing KB4463097, users may not be able to use the Seek bar in Windows Media Player when playing specific files. This issue does not affect normal playback.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471325.
Back to top | October 09, 2018
KB4463097 | Resolved
KB4471325 | Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT |
+
+ "
diff --git a/windows/release-information/resolved-issues-windows-server-2012.yml b/windows/release-information/resolved-issues-windows-server-2012.yml
new file mode 100644
index 0000000000..b2a7ce07c1
--- /dev/null
+++ b/windows/release-information/resolved-issues-windows-server-2012.yml
@@ -0,0 +1,97 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Resolved issues in Windows Server 2012
+metadata:
+ document_id:
+ title: Resolved issues in Windows Server 2012
+ description: Resolved issues in Windows Server 2012
+ keywords: ["Resolved issues in Windows Server 2012", "Windows Server 2012"]
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ See a list of known issues that have been resolved for Windows Server 2012 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page.
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Resolved issues
+- items:
+ - type: markdown
+ text: "
+ | Summary | Originating update | Status | Date resolved |
+ Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details > | January 08, 2019
KB4480975 | Resolved
KB4493451 | April 09, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | January 08, 2019
KB4480975 | Resolved
KB4493451 | April 09, 2019
10:00 AM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | February 12, 2019
KB4487025 | Resolved
KB4493451 | April 09, 2019
10:00 AM PT |
+ Event Viewer may not show some event descriptions for network interface cards
The Event Viewer may not show some event descriptions for network interface cards (NIC).
See details > | September 11, 2018
KB4457135 | Resolved
KB4489891 | March 12, 2019
10:00 AM PT |
+ Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
See details > | February 12, 2019
KB4487025 | Resolved
KB4489891 | March 12, 2019
10:00 AM PT |
+ Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.
See details > | January 08, 2019
KB4480975 | Resolved
KB4490516 | February 19, 2019
02:00 PM PT |
+ First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details > | January 15, 2019
KB4480971 | Resolved
KB4487024 | February 19, 2019
02:00 PM PT |
+ Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
See details > | February 12, 2019
KB4487025 | Resolved
KB4487024 | February 19, 2019
02:00 PM PT |
+ Applications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.
See details > | January 08, 2019
KB4480975 | Resolved
KB4487025 | February 12, 2019
10:00 AM PT |
+ Unable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.
See details > | January 08, 2019
KB4480975 | Resolved
KB4480971 | January 15, 2019
10:00 AM PT |
+ Unable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details > | October 09, 2018
KB4462929 | Resolved
KB4471330 | December 11, 2018
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.
Affected platforms - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493451.
Back to top | February 12, 2019
KB4487025 | Resolved
KB4493451 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ Error 1309 when installing/uninstalling MSI or MSP filesAfter installing KB4487025, users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489891.
Back to top | February 12, 2019
KB4487025 | Resolved
KB4489891 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+ | Applications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487024.
Back to top | February 12, 2019
KB4487025 | Resolved
KB4487024 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Internet Explorer 11 authentication issue with multiple concurrent logonsAfter installing KB4480975, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to: - Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493451.
Back to top | January 08, 2019
KB4480975 | Resolved
KB4493451 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding After installing KB4480975, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493451.
Back to top | January 08, 2019
KB4480975 | Resolved
KB4493451 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Virtual machines fail to restoreAfter installing KB4480975, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, \"Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).\"
This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490516.
Back to top | January 08, 2019
KB4480975 | Resolved
KB4490516 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT |
+ First character of the Japanese era name not recognized as an abbreviationAfter installing KB4480971, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487024.
Back to top | January 15, 2019
KB4480971 | Resolved
KB4487024 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 15, 2019
10:00 AM PT |
+ | Applications using Microsoft Jet database fail to open Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, \"Unrecognized Database Format\".
Affected platforms: - Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487025.
Back to top | January 08, 2019
KB4480975 | Resolved
KB4487025 | Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Unable to access hotspots with third-party applicationsAfter installing KB4480975, third-party applications may have difficulty authenticating hotspots.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4480971.
Back to top | January 08, 2019
KB4480975 | Resolved
KB4480971 | Resolved:
January 15, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
+
+- title: October 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Unable to use Seek bar in Windows Media PlayerAfter installing KB4462929, users may not be able to use the Seek bar in Windows Media Player when playing specific files. This issue does not affect normal playback.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471330.
Back to top | October 09, 2018
KB4462929 | Resolved
KB4471330 | Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT |
+
+ "
+
+- title: September 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Event Viewer may not show some event descriptions for network interface cardsAfter installing KB4457135, the Event Viewer may not show some event descriptions for network interface cards (NICs).
Affected Platforms: - Client: Windows 7 SP1
- Server: Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4489891.
Back to top | September 11, 2018
KB4457135 | Resolved
KB4489891 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
September 11, 2018
10:00 AM PT |
+
+ "
diff --git a/windows/release-information/status-windows-10-1507.yml b/windows/release-information/status-windows-10-1507.yml
new file mode 100644
index 0000000000..3cab3fb9e9
--- /dev/null
+++ b/windows/release-information/status-windows-10-1507.yml
@@ -0,0 +1,103 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Windows 10, version 1507
+metadata:
+ document_id:
+ title: Windows 10, version 1507
+ description: View annoucements and review known issues and fixes for Windows 10 version 1507
+ keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ Find information on known issues for Windows 10, version 1507. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
+
+ "
+
+- items:
+ - type: list
+ style: cards
+ className: cardsM
+ columns: 3
+ items:
+
+ - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540
+ html: Read the announcement >
+ image:
+ src: https://docs.microsoft.com//media/common/i_deploy.svg
+ title: Windows 10, version 1809 designated for broad deployment
+ - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency
+ html: Find out more >
+ image:
+ src: https://docs.microsoft.com/media/common/i_whats-new.svg
+ title: Improvements to the Windows 10 update experience are coming
+ - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience
+ html: Learn about our approach >
+ image:
+ src: https://docs.microsoft.com/media/common/i_investigate.svg
+ title: How do we measure and improve the quality of Windows?
+- items:
+ - type: markdown
+ text: "
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Known issues
+- items:
+ - type: markdown
+ text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+ | Summary | Originating update | Status | Last updated |
+ Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details > | OS Build 10240.18094
January 08, 2019
KB4480962 | Mitigated
| April 25, 2019
02:00 PM PT |
+ MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | OS Build 10240.18094
January 08, 2019
KB4480962 | Resolved
KB4493475 | April 09, 2019
10:00 AM PT |
+ Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | OS Build 10240.18158
March 12, 2019
KB4489872 | Resolved
KB4493475 | April 09, 2019
10:00 AM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4493475 | April 09, 2019
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Custom URI schemes may not start corresponding applicationAfter installing KB4489872, Custom URI Schemes for Application Protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue was resolved in KB4493475.
Back to top | OS Build 10240.18158
March 12, 2019
KB4489872 | Resolved
KB4493475 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493475.
Back to top | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4493475 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Certain operations performed on a Cluster Shared Volume may fail Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: Do one of the following: - Perform the operation from a process that has administrator privilege.
- Perform the operation from a node that doesn’t have CSV ownership.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 10240.18094
January 08, 2019
KB4480962 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding After installing KB4480962, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493475.
Back to top | OS Build 10240.18094
January 08, 2019
KB4480962 | Resolved
KB4493475 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
new file mode 100644
index 0000000000..b22aced938
--- /dev/null
+++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
@@ -0,0 +1,134 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Windows 10, version 1607 and Windows Server 2016
+metadata:
+ document_id:
+ title: Windows 10, version 1607 and Windows Server 2016
+ description: View annoucements and review known issues and fixes for Windows 10 version 1607 and Windows Server 2016
+ keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ Find information on known issues for Windows 10, version 1607 and Windows Server 2016. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
+
+ "
+
+- items:
+ - type: list
+ style: cards
+ className: cardsM
+ columns: 3
+ items:
+
+ - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540
+ html: Read the announcement >
+ image:
+ src: https://docs.microsoft.com//media/common/i_deploy.svg
+ title: Windows 10, version 1809 designated for broad deployment
+ - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency
+ html: Find out more >
+ image:
+ src: https://docs.microsoft.com/media/common/i_whats-new.svg
+ title: Improvements to the Windows 10 update experience are coming
+ - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience
+ html: Learn about our approach >
+ image:
+ src: https://docs.microsoft.com/media/common/i_investigate.svg
+ title: How do we measure and improve the quality of Windows?
+- items:
+ - type: markdown
+ text: "
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Known issues
+- items:
+ - type: markdown
+ text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+ | Summary | Originating update | Status | Last updated |
+ Zone transfers over TCP may fail
Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.
See details > | OS Build 14393.2941
April 25, 2019
KB4493473 | Investigating
| April 25, 2019
02:00 PM PT |
+ Cluster service may fail if the minimum password length is set to greater than 14
The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.
See details > | OS Build 14393.2639
November 27, 2018
KB4467684 | Mitigated
| April 25, 2019
02:00 PM PT |
+ Issue using PXE to start a device from WDS
There may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension.
See details > | OS Build 14393.2848
March 12, 2019
KB4489882 | Mitigated
| April 25, 2019
02:00 PM PT |
+ SCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host.
See details > | OS Build 14393.2639
November 27, 2018
KB4467684 | Mitigated
| April 25, 2019
02:00 PM PT |
+ Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details > | OS Build 14393.2724
January 08, 2019
KB4480961 | Mitigated
| April 25, 2019
02:00 PM PT |
+ Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.
See details > | OS Build 14393.2608
November 13, 2018
KB4467691 | Mitigated
| February 19, 2019
10:00 AM PT |
+ Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | OS Build 14393.2848
March 12, 2019
KB4489882 | Resolved
KB4493473 | April 25, 2019
02:00 PM PT |
+ End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup.
See details > | OS Build 14393.2879
March 19, 2019
KB4489889 | Resolved
KB4493470 | April 09, 2019
10:00 AM PT |
+ Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details > | OS Build 14393.2724
January 08, 2019
KB4480961 | Resolved
KB4493470 | April 09, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | OS Build 14393.2724
January 08, 2019
KB4480961 | Resolved
KB4493470 | April 09, 2019
10:00 AM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | OS Build 14393.2791
February 12, 2019
KB4487026 | Resolved
KB4493470 | April 09, 2019
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: April 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Zone transfers over TCP may failZone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail after installing KB4493473. Affected platforms: - Client: Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 14393.2941
April 25, 2019
KB4493473 | Investigating
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 25, 2019
02:00 PM PT |
+
+ "
+
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Issue using PXE to start a device from WDSAfter installing KB4489882, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options:
Option 1: Open an Administrator Command prompt and type the following: Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No
+
Option 2: Use the Windows Deployment Services UI to make the following adjustment: - Open Windows Deployment Services from Windows Administrative Tools.
- Expand Servers and right-click a WDS server.
- Open its properties and clear the Enable Variable Window Extension box on the TFTP tab.
Option 3: Set the following registry value to 0: HKLM\\System\\CurrentControlSet\\Services\\WDSServer\\Providers\\WDSTFTP\\EnableVariableWindowExtension
Restart the WDSServer service after disabling the Variable Window Extension.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 14393.2848
March 12, 2019
KB4489882 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PT |
+ Custom URI schemes may not start corresponding applicationAfter installing KB4489882, Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493473.
Back to top | OS Build 14393.2848
March 12, 2019
KB4489882 | Resolved
KB4493473 | Resolved:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PT |
+ | End-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493470.
Back to top | OS Build 14393.2879
March 19, 2019
KB4489889 | Resolved
KB4493470 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 19, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493470.
Back to top | OS Build 14393.2791
February 12, 2019
KB4487026 | Resolved
KB4493470 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Certain operations performed on a Cluster Shared Volume may fail Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: Do one of the following: - Perform the operation from a process that has administrator privilege.
- Perform the operation from a node that doesn’t have CSV ownership.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 14393.2724
January 08, 2019
KB4480961 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Internet Explorer 11 authentication issue with multiple concurrent logonsAfter installing KB4480961, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to: - Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue was resolved in KB4493470.
Back to top | OS Build 14393.2724
January 08, 2019
KB4480961 | Resolved
KB4493470 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding After installing KB4480961, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493470.
Back to top | OS Build 14393.2724
January 08, 2019
KB4480961 | Resolved
KB4493470 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
+
+- title: November 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Cluster service may fail if the minimum password length is set to greater than 14After installing KB4467684, the cluster service may fail to start with the error \"2245 (NERR_PasswordTooShort)\" if the Group Policy \"Minimum Password Length\" is configured with greater than 14 characters.
Affected platforms: - Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server 2016
Workaround: Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 14393.2639
November 27, 2018
KB4467684 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
November 27, 2018
10:00 AM PT |
+ SCVMM cannot enumerate and manage logical switches deployed on the hostFor hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host after installing KB4467684.
Additionally, if you do not follow the best practices, a stop error may occur in vfpext.sys on the hosts.
Affected platforms: - Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server 2016
Workaround: Run mofcomp on the following mof files on the affected host: - Scvmmswitchportsettings.mof
- VMMDHCPSvr.mof
Follow the best practices while patching to avoid a stop error in vfpext.sys in an SDN v2 environment (NC managed hosts).
Back to top | OS Build 14393.2639
November 27, 2018
KB4467684 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
November 27, 2018
10:00 AM PT |
+ Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAMAfter installing KB4467691, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.
Affected platforms: - Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server 2016
Workaround: Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.
If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.
Next steps: Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.
Back to top | OS Build 14393.2608
November 13, 2018
KB4467691 | Mitigated
| Last updated:
February 19, 2019
10:00 AM PT
Opened:
November 13, 2018
10:00 AM PT |
+
+ "
diff --git a/windows/release-information/status-windows-10-1703.yml b/windows/release-information/status-windows-10-1703.yml
new file mode 100644
index 0000000000..10d69d6cc5
--- /dev/null
+++ b/windows/release-information/status-windows-10-1703.yml
@@ -0,0 +1,105 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Windows 10, version 1703
+metadata:
+ document_id:
+ title: Windows 10, version 1703
+ description: View annoucements and review known issues and fixes for Windows 10 version 1703
+ keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ Find information on known issues for Windows 10, version 1703. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
+
+ "
+
+- items:
+ - type: list
+ style: cards
+ className: cardsM
+ columns: 3
+ items:
+
+ - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540
+ html: Read the announcement >
+ image:
+ src: https://docs.microsoft.com//media/common/i_deploy.svg
+ title: Windows 10, version 1809 designated for broad deployment
+ - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency
+ html: Find out more >
+ image:
+ src: https://docs.microsoft.com/media/common/i_whats-new.svg
+ title: Improvements to the Windows 10 update experience are coming
+ - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience
+ html: Learn about our approach >
+ image:
+ src: https://docs.microsoft.com/media/common/i_investigate.svg
+ title: How do we measure and improve the quality of Windows?
+- items:
+ - type: markdown
+ text: "
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Known issues
+- items:
+ - type: markdown
+ text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+ | Summary | Originating update | Status | Last updated |
+ Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details > | OS Build 15063.1563
January 08, 2019
KB4480973 | Mitigated
| April 25, 2019
02:00 PM PT |
+ Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | OS Build 15063.1689
March 12, 2019
KB4489871 | Resolved
KB4493436 | April 25, 2019
02:00 PM PT |
+ End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details > | OS Build 15063.1716
March 19, 2019
KB4489888 | Resolved
KB4493474 | April 09, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | OS Build 15063.1563
January 08, 2019
KB4480973 | Resolved
KB4493474 | April 09, 2019
10:00 AM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | OS Build 15063.1631
February 12, 2019
KB4487020 | Resolved
KB4493474 | April 09, 2019
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Custom URI schemes may not start corresponding applicationAfter installing KB4489871, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493436.
Back to top | OS Build 15063.1689
March 12, 2019
KB4489871 | Resolved
KB4493436 | Resolved:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PT |
+ | End-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493474.
Back to top | OS Build 15063.1716
March 19, 2019
KB4489888 | Resolved
KB4493474 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 19, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493474.
Back to top | OS Build 15063.1631
February 12, 2019
KB4487020 | Resolved
KB4493474 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Certain operations performed on a Cluster Shared Volume may fail Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: Do one of the following: - Perform the operation from a process that has administrator privilege.
- Perform the operation from a node that doesn’t have CSV ownership.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 15063.1563
January 08, 2019
KB4480973 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding After installing KB4480973, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493474.
Back to top | OS Build 15063.1563
January 08, 2019
KB4480973 | Resolved
KB4493474 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml
new file mode 100644
index 0000000000..45e3ada4b8
--- /dev/null
+++ b/windows/release-information/status-windows-10-1709.yml
@@ -0,0 +1,117 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Windows 10, version 1709 and Windows Server, version 1709
+metadata:
+ document_id:
+ title: Windows 10, version 1709 and Windows Server, version 1709
+ description: View annoucements and review known issues and fixes for Windows 10 version 1709 and Windows Server 1709
+ keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ Find information on known issues for Windows 10, version 1709 and Windows Server, version 1709. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
+
+ "
+
+- items:
+ - type: list
+ style: cards
+ className: cardsM
+ columns: 3
+ items:
+
+ - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540
+ html: Read the announcement >
+ image:
+ src: https://docs.microsoft.com//media/common/i_deploy.svg
+ title: Windows 10, version 1809 designated for broad deployment
+ - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency
+ html: Find out more >
+ image:
+ src: https://docs.microsoft.com/media/common/i_whats-new.svg
+ title: Improvements to the Windows 10 update experience are coming
+ - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience
+ html: Learn about our approach >
+ image:
+ src: https://docs.microsoft.com/media/common/i_investigate.svg
+ title: How do we measure and improve the quality of Windows?
+- items:
+ - type: markdown
+ text: "
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Known issues
+- items:
+ - type: markdown
+ text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+ | Summary | Originating update | Status | Last updated |
+ Zone transfers over TCP may fail
Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.
See details > | OS Build 16299.1127
April 25, 2019
KB4493440 | Investigating
| April 25, 2019
02:00 PM PT |
+ Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details > | OS Build 16299.904
January 08, 2019
KB4480978 | Mitigated
| April 25, 2019
02:00 PM PT |
+ Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | OS Build 16299.1029
March 12, 2019
KB4489886 | Resolved
KB4493440 | April 25, 2019
02:00 PM PT |
+ End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details > | OS Build 16299.1059
March 19, 2019
KB4489890 | Resolved
KB4493441 | April 09, 2019
10:00 AM PT |
+ MSXML6 causes applications to stop responding if an exception was thrown
MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | OS Build 16299.904
January 08, 2019
KB4480978 | Resolved
KB4493441 | April 09, 2019
10:00 AM PT |
+ Stop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.
See details > | OS Build 16299.1029
March 12, 2019
KB4489886 | Resolved
KB4493441 | April 09, 2019
10:00 AM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | OS Build 16299.967
February 12, 2019
KB4486996 | Resolved
KB4493441 | April 09, 2019
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: April 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Zone transfers over TCP may failZone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail after installing KB4493440. Affected platforms: - Client: Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 16299.1127
April 25, 2019
KB4493440 | Investigating
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 25, 2019
02:00 PM PT |
+
+ "
+
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Custom URI schemes may not start corresponding applicationAfter installing KB4489886, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493440.
Back to top | OS Build 16299.1029
March 12, 2019
KB4489886 | Resolved
KB4493440 | Resolved:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PT |
+ | End-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue is resolved in KB4493441.
Back to top | OS Build 16299.1059
March 19, 2019
KB4489890 | Resolved
KB4493441 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 19, 2019
10:00 AM PT |
+ Stop error when attempting to start SSH from WSLAfter applying KB4489886, a stop error occurs when attempting to start the Secure Shell (SSH) client program from Windows Subsystem for Linux (WSL) with agent forwarding enabled using a command line switch (ssh –A) or a configuration setting.
Affected platforms: - Client: Windows 10, version 1803; Windows 10, version 1709
- Server: Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue is resolved in KB4493441.
Back to top | OS Build 16299.1029
March 12, 2019
KB4489886 | Resolved
KB4493441 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493441.
Back to top | OS Build 16299.967
February 12, 2019
KB4486996 | Resolved
KB4493441 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Certain operations performed on a Cluster Shared Volume may fail Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: Do one of the following: - Perform the operation from a process that has administrator privilege.
- Perform the operation from a node that doesn’t have CSV ownership.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 16299.904
January 08, 2019
KB4480978 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT |
+ MSXML6 causes applications to stop responding if an exception was thrownAfter installing KB4480978, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493441.
Back to top | OS Build 16299.904
January 08, 2019
KB4480978 | Resolved
KB4493441 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml
new file mode 100644
index 0000000000..3e58d9c048
--- /dev/null
+++ b/windows/release-information/status-windows-10-1803.yml
@@ -0,0 +1,122 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Windows 10, version 1803
+metadata:
+ document_id:
+ title: Windows 10, version 1803
+ description: View annoucements and review known issues and fixes for Windows 10 version 1803
+ keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ Find information on known issues for Windows 10, version 1803. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
+
+ "
+
+- items:
+ - type: list
+ style: cards
+ className: cardsM
+ columns: 3
+ items:
+
+ - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540
+ html: Read the announcement >
+ image:
+ src: https://docs.microsoft.com//media/common/i_deploy.svg
+ title: Windows 10, version 1809 designated for broad deployment
+ - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency
+ html: Find out more >
+ image:
+ src: https://docs.microsoft.com/media/common/i_whats-new.svg
+ title: Improvements to the Windows 10 update experience are coming
+ - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience
+ html: Learn about our approach >
+ image:
+ src: https://docs.microsoft.com/media/common/i_investigate.svg
+ title: How do we measure and improve the quality of Windows?
+- items:
+ - type: markdown
+ text: "
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Known issues
+- items:
+ - type: markdown
+ text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+ | Summary | Originating update | Status | Last updated |
+ Zone transfers over TCP may fail
Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.
See details > | OS Build 17134.753
April 25, 2019
KB4493437 | Investigating
| April 25, 2019
02:00 PM PT |
+ Issue using PXE to start a device from WDS
Using PXE to start a device from a WDS server configured to use Variable Window Extension may cause the connection to the WDS server to terminate prematurely.
See details > | OS Build 17134.648
March 12, 2019
KB4489868 | Mitigated
| April 25, 2019
02:00 PM PT |
+ Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details > | OS Build 17134.523
January 08, 2019
KB4480966 | Mitigated
| April 25, 2019
02:00 PM PT |
+ Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | OS Build 17134.648
March 12, 2019
KB4489868 | Resolved
KB4493437 | April 25, 2019
02:00 PM PT |
+ End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details > | OS Build 17134.677
March 19, 2019
KB4489894 | Resolved
KB4493464 | April 09, 2019
10:00 AM PT |
+ First character of the Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details > | OS Build 17134.556
January 15, 2019
KB4480976 | Resolved
KB4487029 | April 09, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | OS Build 17134.523
January 08, 2019
KB4480966 | Resolved
KB4493464 | April 09, 2019
10:00 AM PT |
+ Stop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.
See details > | OS Build 17134.648
March 12, 2019
KB4489868 | Resolved
KB4493464 | April 09, 2019
10:00 AM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | OS Build 17134.590
February 12, 2019
KB4487017 | Resolved
KB4493464 | April 09, 2019
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: April 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Zone transfers over TCP may failZone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail after installing KB4493437. Affected platforms: - Client: Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 17134.753
April 25, 2019
KB4493437 | Investigating
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 25, 2019
02:00 PM PT |
+
+ "
+
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Issue using PXE to start a device from WDSAfter installing KB4489868, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options:
Option 1: Open an Administrator Command prompt and type the following: Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No
+
Option 2: Use the Windows Deployment Services UI to make the following adjustment: - Open Windows Deployment Services from Windows Administrative Tools.
- Expand Servers and right-click a WDS server.
- Open its properties and clear the Enable Variable Window Extension box on the TFTP tab.
Option 3: Set the following registry value to 0: HKLM\\System\\CurrentControlSet\\Services\\WDSServer\\Providers\\WDSTFTP\\EnableVariableWindowExtension
Restart the WDSServer service after disabling the Variable Window Extension. Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 17134.648
March 12, 2019
KB4489868 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PT |
+ Custom URI schemes may not start corresponding applicationAfter installing KB4489868, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493437.
Back to top | OS Build 17134.648
March 12, 2019
KB4489868 | Resolved
KB4493437 | Resolved:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PT |
+ | End-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493464.
Back to top | OS Build 17134.677
March 19, 2019
KB4489894 | Resolved
KB4493464 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 19, 2019
10:00 AM PT |
+ Stop error when attempting to start SSH from WSLAfter applying KB4489868, a stop error occurs when attempting to start the Secure Shell (SSH) client program from Windows Subsystem for Linux (WSL) with agent forwarding enabled using a command line switch (ssh -A) or a configuration setting.
Affected platforms: - Client: Windows 10, version 1803; Windows 10, version 1709
- Server: Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue was resolved in KB4493464.
Back to top | OS Build 17134.648
March 12, 2019
KB4489868 | Resolved
KB4493464 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493464.
Back to top | OS Build 17134.590
February 12, 2019
KB4487017 | Resolved
KB4493464 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Certain operations performed on a Cluster Shared Volume may fail Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: Do one of the following: - Perform the operation from a process that has administrator privilege.
- Perform the operation from a node that doesn’t have CSV ownership.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 17134.523
January 08, 2019
KB4480966 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT |
+ First character of the Japanese era name not recognizedAfter installing KB4480976, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487029.
Back to top | OS Build 17134.556
January 15, 2019
KB4480976 | Resolved
KB4487029 | Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding After installing KB4480966, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493464.
Back to top | OS Build 17134.523
January 08, 2019
KB4480966 | Resolved
KB4493464 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
new file mode 100644
index 0000000000..82bcf3314f
--- /dev/null
+++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
@@ -0,0 +1,137 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Windows 10, version 1809 and Windows Server 2019
+metadata:
+ document_id:
+ title: Windows 10, version 1809 and Windows Server 2019
+ description: View annoucements and review known issues and fixes for Windows 10 version 1809 and Windows Server 2019
+ keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ Find information on known issues and the status of the rollout for Windows 10, version 1809 and Windows Server 2019. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
+
+
+Current status:
+ Windows 10, version 1809 is designated for broad deployment and available for any user who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.
+ |
+
+ "
+
+- items:
+ - type: list
+ style: cards
+ className: cardsM
+ columns: 3
+ items:
+
+ - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540
+ html: Read the announcement >
+ image:
+ src: https://docs.microsoft.com//media/common/i_deploy.svg
+ title: Windows 10, version 1809 designated for broad deployment
+ - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency
+ html: Find out more >
+ image:
+ src: https://docs.microsoft.com/media/common/i_whats-new.svg
+ title: Improvements to the Windows 10 update experience are coming
+ - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience
+ html: Learn about our approach >
+ image:
+ src: https://docs.microsoft.com/media/common/i_investigate.svg
+ title: How do we measure and improve the quality of Windows?
+- items:
+ - type: markdown
+ text: "
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Known issues
+- items:
+ - type: markdown
+ text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+ | Summary | Originating update | Status | Last updated |
+ System may be unresponsive after restart if ArcaBit antivirus software installed
Devices with ArcaBit antivirus software installed may become unresponsive upon restart.
See details > | OS Build 17763.437
April 09, 2019
KB4493509 | Mitigated
| April 25, 2019
02:00 PM PT |
+ Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | OS Build 17763.379
March 12, 2019
KB4489899 | Mitigated
| April 09, 2019
10:00 AM PT |
+ Issue using PXE to start a device from WDS
Using PXE to start a device from a WDS server configured to use Variable Window Extension may cause the connection to the WDS server to terminate prematurely.
See details > | OS Build 17763.379
March 12, 2019
KB4489899 | Mitigated
| April 09, 2019
10:00 AM PT |
+ Audio not working on monitors or TV connected to a PC via HDMI, USB, or DisplayPort
Upgrade block: Microsoft has identified issues with certain new Intel display drivers, which accidentally turn on unsupported features in Windows.
See details > | OS Build 17763.134
November 13, 2018
KB4467708 | Mitigated
| March 15, 2019
12:00 PM PT |
+ Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details > | OS Build 17763.253
January 08, 2019
KB4480116 | Mitigated
| January 08, 2019
10:00 AM PT |
+ End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details > | OS Build 17763.404
April 02, 2019
KB4490481 | Resolved
KB4493509 | April 09, 2019
10:00 AM PT |
+ Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details > | OS Build 17763.253
January 08, 2019
KB4480116 | Resolved
KB4493509 | April 09, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | OS Build 17763.253
January 08, 2019
KB4480116 | Resolved
KB4493509 | April 09, 2019
10:00 AM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4493509 | April 09, 2019
10:00 AM PT |
+ Apps may stop working after selecting an audio output device other than the default
Users with multiple audio devices that select an audio output device different from the \"Default Audio Device\" may find certain applications stop working unexpectedly.
See details > | OS Build 17763.348
March 01, 2019
KB4482887 | Resolved
KB4490481 | April 02, 2019
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: April 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ System may be unresponsive after restart if ArcaBit antivirus software installedMicrosoft and ArcaBit have identified an issue on devices with ArcaBit antivirus software installed that may cause the system to become unresponsive upon restart after installing KB4493509. Microsoft has temporarily blocked devices from receiving this update if ArcaBit antivirus software is installed.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Workaround: ArcaBit has released an update to address this issue. For more information, see the Arcabit support article.
Back to top | OS Build 17763.437
April 09, 2019
KB4493509 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT |
+ | End-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493509.
Back to top | OS Build 17763.404
April 02, 2019
KB4490481 | Resolved
KB4493509 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
April 02, 2019
10:00 AM PT |
+
+ "
+
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Custom URI schemes may not start corresponding applicationAfter installing KB4489899, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Workaround: Right-click the URL link to open it in a new window or tab, or enable Protected Mode in Internet Explorer for local intranet and trusted sites - Go to Tools > Internet options > Security.
- Within Select a zone to view of change security settings, select Local intranet and then select Enable Protected Mode.
- Select Trusted Sites and then select Enable Protected Mode.
- Select OK.
You must restart the browser after making these changes. Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 17763.379
March 12, 2019
KB4489899 | Mitigated
| Last updated:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
+ Issue using PXE to start a device from WDSAfter installing KB4489899, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options:
Option 1: Open an Administrator Command prompt and type the following: Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No
+
Option 2: Use the Windows Deployment Services UI to make the following adjustment: - Open Windows Deployment Services from Windows Administrative Tools.
- Expand Servers and right-click a WDS server.
- Open its properties and clear the Enable Variable Window Extension box on the TFTP tab.
Option 3: Set the following registry value to 0: HKLM\\System\\CurrentControlSet\\Services\\WDSServer\\Providers\\WDSTFTP\\EnableVariableWindowExtension
Restart the WDSServer service after disabling the Variable Window Extension.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 17763.379
March 12, 2019
KB4489899 | Mitigated
| Last updated:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
+ Apps may stop working after selecting an audio output device other than the defaultAfter installing KB4482887 on machines that have multiple audio devices, applications that provide advanced options for internal or external audio output devices may stop working unexpectedly. This issue occurs for users that select an audio output device different from the \"Default Audio Device\". Examples of applications that may stop working include: - Windows Media Player
- Realtek HD Audio Manager
- Sound Blaster Control Panel
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4490481.
Back to top | OS Build 17763.348
March 01, 2019
KB4482887 | Resolved
KB4490481 | Resolved:
April 02, 2019
10:00 AM PT
Opened:
March 01, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493509.
Back to top | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4493509 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Certain operations performed on a Cluster Shared Volume may fail Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: Do one of the following: - Perform the operation from a process that has administrator privilege.
- Perform the operation from a node that doesn’t have CSV ownership.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 17763.253
January 08, 2019
KB4480116 | Mitigated
| Last updated:
January 08, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Internet Explorer 11 authentication issue with multiple concurrent logonsAfter installing KB4480116, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to: - Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue was resolved in KB4493509.
Back to top | OS Build 17763.253
January 08, 2019
KB4480116 | Resolved
KB4493509 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding After installing KB4480116, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode(). The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493509.
Back to top | OS Build 17763.253
January 08, 2019
KB4480116 | Resolved
KB4493509 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
+
+- title: November 2018
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Audio not working on monitors or TV connected to a PC via HDMI, USB, or DisplayPort Upgrade block: Microsoft has identified issues with certain new Intel display drivers. Intel inadvertently released versions of its display driver (versions 24.20.100.6344, 24.20.100.6345) to OEMs that accidentally turned on unsupported features in Windows. As a result, after updating to Windows 10, version 1809, audio playback from a monitor or television connected to a PC via HDMI, USB-C, or a DisplayPort may not function correctly on devices with these drivers.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Next steps: Intel has released updated drivers to OEM device manufacturers. OEMs need to make the updated driver available via Windows Update.
Note: This Intel display driver issue is different from the Intel Smart Sound Technology driver (version 09.21.00.3755) audio issue previously documented.
Back to top | OS Build 17763.134
November 13, 2018
KB4467708 | Mitigated
| Last updated:
March 15, 2019
12:00 PM PT
Opened:
November 13, 2018
10:00 AM PT |
+
+ "
diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
new file mode 100644
index 0000000000..9c9b11c520
--- /dev/null
+++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -0,0 +1,123 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Windows 7 and Windows Server 2008 R2 SP1
+metadata:
+ document_id:
+ title: Windows 7 and Windows Server 2008 R2 SP1
+ description: View annoucements and review known issues and fixes for Windows 7 and Windows Server 2008 R2 SP1
+ keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ Find information on known issues for Windows 7 and Windows Server 2008 R2 SP1. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
+
+ "
+
+- items:
+ - type: list
+ style: cards
+ className: cardsM
+ columns: 3
+ items:
+
+ - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540
+ html: Read the announcement >
+ image:
+ src: https://docs.microsoft.com//media/common/i_deploy.svg
+ title: Windows 10, version 1809 designated for broad deployment
+ - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency
+ html: Find out more >
+ image:
+ src: https://docs.microsoft.com/media/common/i_whats-new.svg
+ title: Improvements to the Windows 10 update experience are coming
+ - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience
+ html: Learn about our approach >
+ image:
+ src: https://docs.microsoft.com/media/common/i_investigate.svg
+ title: How do we measure and improve the quality of Windows?
+- items:
+ - type: markdown
+ text: "
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Known issues
+- items:
+ - type: markdown
+ text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+ | Summary | Originating update | Status | Last updated |
+ System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.
See details > | April 09, 2019
KB4493472 | Investigating
| April 25, 2019
02:00 PM PT |
+ Authentication may fail for services after the Kerberos ticket expires
Authentication may fail for services that require unconstrained delegation after the Kerberos ticket expires.
See details > | March 12, 2019
KB4489878 | Mitigated
| April 25, 2019
02:00 PM PT |
+ System unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.
See details > | April 09, 2019
KB4493472 | Mitigated
| April 25, 2019
02:00 PM PT |
+ System may be unresponsive after restart if ArcaBit antivirus software installed
Devices with ArcaBit antivirus software installed may become unresponsive upon restart.
See details > | April 09, 2019
KB4493472 | Mitigated
| April 25, 2019
02:00 PM PT |
+ System may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.
See details > | April 09, 2019
KB4493472 | Mitigated
| April 25, 2019
02:00 PM PT |
+ Devices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.
See details > | April 09, 2019
KB4493472 | Resolved
| April 25, 2019
02:00 PM PT |
+ Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details > | January 08, 2019
KB4480970 | Resolved
KB4493472 | April 09, 2019
10:00 AM PT |
+ Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | March 12, 2019
KB4489878 | Resolved
KB4493472 | April 09, 2019
10:00 AM PT |
+ NETDOM.EXE fails to run
NETDOM.EXE fails to run and the error, “The command failed to complete successfully.” appears on screen.
See details > | March 12, 2019
KB4489878 | Resolved
KB4493472 | April 09, 2019
10:00 AM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | February 12, 2019
KB4486563 | Resolved
KB4493472 | April 09, 2019
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: April 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ System may be unresponsive after restart if Avira antivirus software installedMicrosoft and Avira have identified an issue on devices with Avira antivirus software installed that may cause the system to become unresponsive upon restart after installing KB4493472.
Microsoft has temporarily blocked devices from receiving this update if Avira antivirus software is installed.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Next steps: We are presently investigating this issue with Avira and will provide an update when available.
Back to top | April 09, 2019
KB4493472 | Investigating
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT |
+ System unresponsive after restart if Sophos Endpoint Protection installedMicrosoft and Sophos have identified an issue on devices with Sophos Endpoint Protection installed and managed by either Sophos Central or Sophos Enterprise Console (SEC) that may cause the system to become unresponsive upon restart after installing KB4493472.
Microsoft has temporarily blocked devices from receiving this update if the Sophos Endpoint is installed until a solution is available.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Guidance for Sophos Endpoint and Sophos Enterprise Console customers can be found in the Sophos support article.
Back to top | April 09, 2019
KB4493472 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT |
+ System may be unresponsive after restart if ArcaBit antivirus software installedMicrosoft and ArcaBit have identified an issue on devices with ArcaBit antivirus software installed that may cause the system to become unresponsive upon restart after installing KB4493472.
Microsoft has temporarily blocked devices from receiving this update if ArcaBit antivirus software is installed.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Workaround: ArcaBit has released an update to address this issue. For more information, see the Arcabit support article.
Back to top | April 09, 2019
KB4493472 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT |
+ | System may be unresponsive after restart with certain McAfee antivirus products Microsoft and McAfee have identified an issue on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or McAfee VirusScan Enterprise (VSE) 8.8 installed. It may cause the system to have slow startup or become unresponsive at restart after installing this update.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1
Workaround: Guidance for McAfee customers can be found in the following McAfee support articles: Next steps: We are presently investigating this issue with McAfee. We will provide an update once we have more information.
Back to top | April 09, 2019
KB4493472 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT |
+ Devices may not respond at login or Welcome screen if running certain Avast softwareMicrosoft and Avast have identified an issue on devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software after you install KB4493472 and restart. Devices may become unresponsive at the login or Welcome screen. Additionally, you may be unable to log in or log in after an extended period of time.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: Avast has released emergency updates to address this issue. For more information and AV update schedule, see the Avast support KB article.
Back to top | April 09, 2019
KB4493472 | Resolved
| Resolved:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT |
+
+ "
+
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Authentication may fail for services after the Kerberos ticket expiresAfter installing KB4489878, some customers report that authentication fails for services that require unconstrained delegation after the Kerberos ticket expires (the default is 10 hours). For example, the SQL server service fails.
Affected platforms: - Client: Windows 7 SP1
- Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Workaround: To mitigate this issue, use one of the following options: - Option 1: Purge the Kerberos tickets on the application server. After the Kerberos ticket expires, the issue will occur again, and you must purge the tickets again.
- Option 2: If purging does not mitigate the issue, restart the application; for example, restart the Internet Information Services (IIS) app pool associated with the SQL server.
- Option 3: Use constrained delegation.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | March 12, 2019
KB4489878 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PT |
+ Custom URI schemes may not start corresponding applicationAfter installing KB4489878, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493472.
Back to top | March 12, 2019
KB4489878 | Resolved
KB4493472 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
+ NETDOM.EXE fails to runAfter installing KB4489878, NETDOM.EXE fails to run, and the on-screen error, “The command failed to complete successfully.” appears.
Affected platforms: - Client: Windows 7 SP1
- Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493472.
Back to top | March 12, 2019
KB4489878 | Resolved
KB4493472 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493472.
Back to top | February 12, 2019
KB4486563 | Resolved
KB4493472 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Internet Explorer 11 authentication issue with multiple concurrent logonsAfter installing KB4480970, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to: - Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493472.
Back to top | January 08, 2019
KB4480970 | Resolved
KB4493472 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
diff --git a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml
new file mode 100644
index 0000000000..4a94eba224
--- /dev/null
+++ b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml
@@ -0,0 +1,126 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Windows 8.1 and Windows Server 2012 R2
+metadata:
+ document_id:
+ title: Windows 8.1 and Windows Server 2012 R2
+ description: View annoucements and review known issues and fixes for Windows 8.1 and Windows Server 2012 R2
+ keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ Find information on known issues for Windows 8.1 and Windows Server 2012 R2. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
+
+ "
+
+- items:
+ - type: list
+ style: cards
+ className: cardsM
+ columns: 3
+ items:
+
+ - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540
+ html: Read the announcement >
+ image:
+ src: https://docs.microsoft.com//media/common/i_deploy.svg
+ title: Windows 10, version 1809 designated for broad deployment
+ - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency
+ html: Find out more >
+ image:
+ src: https://docs.microsoft.com/media/common/i_whats-new.svg
+ title: Improvements to the Windows 10 update experience are coming
+ - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience
+ html: Learn about our approach >
+ image:
+ src: https://docs.microsoft.com/media/common/i_investigate.svg
+ title: How do we measure and improve the quality of Windows?
+- items:
+ - type: markdown
+ text: "
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Known issues
+- items:
+ - type: markdown
+ text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+ | Summary | Originating update | Status | Last updated |
+ System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.
See details > | April 09, 2019
KB4493446 | Investigating
| April 25, 2019
02:00 PM PT |
+ Issue using PXE to start a device from WDS
There may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension.
See details > | March 12, 2019
KB4489881 | Mitigated
| April 25, 2019
02:00 PM PT |
+ System unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.
See details > | April 09, 2019
KB4493446 | Mitigated
| April 25, 2019
02:00 PM PT |
+ System may be unresponsive after restart if ArcaBit antivirus software installed
Devices with ArcaBit antivirus software installed may become unresponsive upon restart.
See details > | April 09, 2019
KB4493446 | Mitigated
| April 25, 2019
02:00 PM PT |
+ Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.
See details > | January 08, 2019
KB4480963 | Mitigated
| April 25, 2019
02:00 PM PT |
+ System may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.
See details > | April 09, 2019
KB4493446 | Mitigated
| April 18, 2019
05:00 PM PT |
+ Devices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.
See details > | April 09, 2019
KB4493446 | Resolved
| April 25, 2019
02:00 PM PT |
+ Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details > | January 08, 2019
KB4480963 | Resolved
KB4493446 | April 09, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding.
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | January 08, 2019
KB4480963 | Resolved
KB4493446 | April 09, 2019
10:00 AM PT |
+ Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | March 12, 2019
KB4489881 | Resolved
KB4493446 | April 09, 2019
10:00 AM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | February 12, 2019
KB4487000 | Resolved
KB4493446 | April 09, 2019
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: April 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ System may be unresponsive after restart if Avira antivirus software installedMicrosoft and Avira have identified an issue on devices with Avira antivirus software installed that may cause the system to become unresponsive upon restart after installing KB4493446.
Microsoft has temporarily blocked devices from receiving this update if Avira antivirus software is installed.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Next steps: We are presently investigating this issue with Avira and will provide an update when available.
Back to top | April 09, 2019
KB4493446 | Investigating
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT |
+ System unresponsive after restart if Sophos Endpoint Protection installedMicrosoft and Sophos have identified an issue on devices with Sophos Endpoint Protection installed and managed by either Sophos Central or Sophos Enterprise Console (SEC) that may cause the system to become unresponsive upon restart after installing KB4493446.
Microsoft has temporarily blocked devices from receiving this update if the Sophos Endpoint is installed until a solution is available.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Guidance for Sophos Endpoint and Sophos Enterprise Console customers can be found in the Sophos support article.
Back to top | April 09, 2019
KB4493446 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT |
+ System may be unresponsive after restart if ArcaBit antivirus software installedMicrosoft and ArcaBit have identified an issue on devices with ArcaBit antivirus software installed that may cause the system to become unresponsive upon restart after installing KB4493446.
Microsoft has temporarily blocked devices from receiving this update if ArcaBit antivirus software is installed.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Workaround: ArcaBit has released an update to address this issue. For more information, see the Arcabit support article.
Back to top | April 09, 2019
KB4493446 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT |
+ | System may be unresponsive after restart with certain McAfee antivirus products Microsoft and McAfee have identified an issue on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or McAfee VirusScan Enterprise (VSE) 8.8 installed. It may cause the system to have slow startup or become unresponsive at restart after installing this update.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1
Workaround: Guidance for McAfee customers can be found in the following McAfee support articles: Next steps: We are presently investigating this issue with McAfee. We will provide an update once we have more information.
Back to top | April 09, 2019
KB4493446 | Mitigated
| Last updated:
April 18, 2019
05:00 PM PT
Opened:
April 09, 2019
10:00 AM PT |
+ Devices may not respond at login or Welcome screen if running certain Avast softwareMicrosoft and Avast have identified an issue on devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software after you install KB4493446 and restart. Devices may become unresponsive at the login or Welcome screen. Additionally, you may be unable to log in or log in after an extended period of time.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: Avast has released emergency updates to address this issue. For more information and AV update schedule, see the Avast support KB article.
Back to top | April 09, 2019
KB4493446 | Resolved
| Resolved:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT |
+
+ "
+
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Issue using PXE to start a device from WDSAfter installing KB4489881, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options:
Option 1: Open an Administrator Command prompt and type the following: Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No
+
Option 2: Use the Windows Deployment Services UI to make the following adjustment: - Open Windows Deployment Services from Windows Administrative Tools.
- Expand Servers and right-click a WDS server.
- Open its properties and clear the Enable Variable Window Extension box on the TFTP tab.
Option 3: Set the following registry value to 0: HKLM\\System\\CurrentControlSet\\Services\\WDSServer\\Providers\\WDSTFTP\\EnableVariableWindowExtension
Restart the WDSServer service after disabling the Variable Window Extension.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | March 12, 2019
KB4489881 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PT |
+ Custom URI schemes may not start corresponding applicationAfter installing KB4489881, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493446.
Back to top | March 12, 2019
KB4489881 | Resolved
KB4493446 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.
Affected platforms - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493446.
Back to top | February 12, 2019
KB4487000 | Resolved
KB4493446 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Certain operations performed on a Cluster Shared Volume may fail Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: Do one of the following: - Perform the operation from a process that has administrator privilege.
- Perform the operation from a node that doesn’t have CSV ownership.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | January 08, 2019
KB4480963 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Internet Explorer 11 authentication issue with multiple concurrent logonsAfter installing KB4480963, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to: - Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493446.
Back to top | January 08, 2019
KB4480963 | Resolved
KB4493446 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding.After installing KB4480963, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493446.
Back to top | January 08, 2019
KB4480963 | Resolved
KB4493446 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml
new file mode 100644
index 0000000000..40672e97b4
--- /dev/null
+++ b/windows/release-information/status-windows-server-2008-sp2.yml
@@ -0,0 +1,105 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Windows Server 2008 SP2
+metadata:
+ document_id:
+ title: Windows Server 2008 SP2
+ description: View annoucements and review known issues and fixes for Windows Server 2008 SP2
+ keywords: Windows, Windows 10, issues, fixes, announcements, Windows Server, advisories
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ Find information on known issues for Windows Server 2008 SP2. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
+
+ "
+
+- items:
+ - type: list
+ style: cards
+ className: cardsM
+ columns: 3
+ items:
+
+ - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540
+ html: Read the announcement >
+ image:
+ src: https://docs.microsoft.com//media/common/i_deploy.svg
+ title: Windows 10, version 1809 designated for broad deployment
+ - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency
+ html: Find out more >
+ image:
+ src: https://docs.microsoft.com/media/common/i_whats-new.svg
+ title: Improvements to the Windows 10 update experience are coming
+ - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience
+ html: Learn about our approach >
+ image:
+ src: https://docs.microsoft.com/media/common/i_investigate.svg
+ title: How do we measure and improve the quality of Windows?
+- items:
+ - type: markdown
+ text: "
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Known issues
+- items:
+ - type: markdown
+ text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+ | Summary | Originating update | Status | Last updated |
+ System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.
See details > | April 09, 2019
KB4493471 | Investigating
| April 25, 2019
02:00 PM PT |
+ System unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.
See details > | April 09, 2019
KB4493471 | Mitigated
| April 25, 2019
02:00 PM PT |
+ Authentication may fail for services after the Kerberos ticket expires
Authentication may fail for services that require unconstrained delegation after the Kerberos ticket expires.
See details > | March 12, 2019
KB4489880 | Mitigated
| April 25, 2019
02:00 PM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | February 12, 2019
KB4487023 | Resolved
KB4493471 | April 09, 2019
10:00 AM PT |
+ NETDOM.EXE fails to run
NETDOM.EXE fails to run and the error, “The command failed to complete successfully.” appears on screen.
See details > | March 12, 2019
KB4489880 | Resolved
KB4493471 | April 09, 2019
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: April 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ System may be unresponsive after restart if Avira antivirus software installedMicrosoft and Avira have identified an issue on devices with Avira antivirus software installed that may cause the system to become unresponsive upon restart after installing KB4493471.
Microsoft has temporarily blocked devices from receiving this update if Avira antivirus software is installed.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Next steps: We are presently investigating this issue with Avira and will provide an update when available.
Back to top | April 09, 2019
KB4493471 | Investigating
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT |
+ System unresponsive after restart if Sophos Endpoint Protection installedMicrosoft and Sophos have identified an issue on devices with Sophos Endpoint Protection installed and managed by either Sophos Central or Sophos Enterprise Console (SEC) that may cause the system to become unresponsive upon restart after installing KB4493471.
Microsoft has temporarily blocked devices from receiving this update if the Sophos Endpoint is installed until a solution is available.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Guidance for Sophos Endpoint and Sophos Enterprise Console customers can be found in the Sophos support article.
Back to top | April 09, 2019
KB4493471 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT |
+
+ "
+
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Authentication may fail for services after the Kerberos ticket expiresAfter installing KB4489880, some customers report that authentication fails for services that require unconstrained delegation after the Kerberos ticket expires (the default is 10 hours). For example, the SQL server service fails.
Affected platforms: - Client: Windows 7 SP1
- Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Workaround: To mitigate this issue, use one of the following options: - Option 1: Purge the Kerberos tickets on the application server. After the Kerberos ticket expires, the issue will occur again, and you must purge the tickets again.
- Option 2: If purging does not mitigate the issue, restart the application; for example, restart the Internet Information Services (IIS) app pool associated with the SQL server.
- Option 3: Use constrained delegation.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | March 12, 2019
KB4489880 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PT |
+ NETDOM.EXE fails to runAfter installing KB4489880, NETDOM.EXE fails to run, and the on-screen error, “The command failed to complete successfully.” appears.
Affected platforms: - Client: Windows 7 SP1
- Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493471.
Back to top | March 12, 2019
KB4489880 | Resolved
KB4493471 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.
Affected platforms - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493471.
Back to top | February 12, 2019
KB4487023 | Resolved
KB4493471 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
diff --git a/windows/release-information/status-windows-server-2012.yml b/windows/release-information/status-windows-server-2012.yml
new file mode 100644
index 0000000000..046f75de26
--- /dev/null
+++ b/windows/release-information/status-windows-server-2012.yml
@@ -0,0 +1,118 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Windows Server 2012
+metadata:
+ document_id:
+ title: Windows Server 2012
+ description: View annoucements and review known issues and fixes for Windows Server 2012
+ keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ Find information on known issues for Windows Server 2012. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
+
+ "
+
+- items:
+ - type: list
+ style: cards
+ className: cardsM
+ columns: 3
+ items:
+
+ - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540
+ html: Read the announcement >
+ image:
+ src: https://docs.microsoft.com//media/common/i_deploy.svg
+ title: Windows 10, version 1809 designated for broad deployment
+ - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency
+ html: Find out more >
+ image:
+ src: https://docs.microsoft.com/media/common/i_whats-new.svg
+ title: Improvements to the Windows 10 update experience are coming
+ - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience
+ html: Learn about our approach >
+ image:
+ src: https://docs.microsoft.com/media/common/i_investigate.svg
+ title: How do we measure and improve the quality of Windows?
+- items:
+ - type: markdown
+ text: "
+
+ "
+- items:
+ - type: markdown
+ text: "
+
+ "
+
+- title: Known issues
+- items:
+ - type: markdown
+ text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+ | Summary | Originating update | Status | Last updated |
+ System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.
See details > | April 09, 2019
KB4493451 | Investigating
| April 25, 2019
02:00 PM PT |
+ Issue using PXE to start a device from WDS
There may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension.
See details > | March 12, 2019
KB4489891 | Mitigated
| April 25, 2019
02:00 PM PT |
+ System unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.
See details > | April 09, 2019
KB4493451 | Mitigated
| April 25, 2019
02:00 PM PT |
+ Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.
See details > | January 08, 2019
KB4480975 | Mitigated
| April 25, 2019
02:00 PM PT |
+ Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details > | January 08, 2019
KB4480975 | Resolved
KB4493451 | April 09, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | January 08, 2019
KB4480975 | Resolved
KB4493451 | April 09, 2019
10:00 AM PT |
+ Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | February 12, 2019
KB4487025 | Resolved
KB4493451 | April 09, 2019
10:00 AM PT |
+
+ "
+
+- title: Issue details
+- items:
+ - type: markdown
+ text: "
+
+
+ "
+- title: April 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ System may be unresponsive after restart if Avira antivirus software installedMicrosoft and Avira have identified an issue on devices with Avira antivirus software installed that may cause the system to become unresponsive upon restart after installing KB4493451.
Microsoft has temporarily blocked devices from receiving this update if Avira antivirus software is installed.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Next steps: We are presently investigating this issue with Avira and will provide an update when available.
Back to top | April 09, 2019
KB4493451 | Investigating
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT |
+ System unresponsive after restart if Sophos Endpoint Protection installedMicrosoft and Sophos have identified an issue on devices with Sophos Endpoint Protection installed and managed by either Sophos Central or Sophos Enterprise Console (SEC) that may cause the system to become unresponsive upon restart after installing KB4493451.
Microsoft has temporarily blocked devices from receiving this update if the Sophos Endpoint is installed until a solution is available.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Guidance for Sophos Endpoint and Sophos Enterprise Console customers can be found in the Sophos support article.
Back to top | April 09, 2019
KB4493451 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT |
+
+ "
+
+- title: March 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Issue using PXE to start a device from WDSAfter installing KB4489891, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options:
Option 1: Open an Administrator Command prompt and type the following: Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No
+
Option 2: Use the Windows Deployment Services UI to make the following adjustment: - Open Windows Deployment Services from Windows Administrative Tools.
- Expand Servers and right-click a WDS server.
- Open its properties and clear the Enable Variable Window Extension box on the TFTP tab.
Option 3: Set the following registry value to 0: HKLM\\System\\CurrentControlSet\\Services\\WDSServer\\Providers\\WDSTFTP\\EnableVariableWindowExtension
Restart the WDSServer service after disabling the Variable Window Extension.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | March 12, 2019
KB4489891 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PT |
+
+ "
+
+- title: February 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.
Affected platforms - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493451.
Back to top | February 12, 2019
KB4487025 | Resolved
KB4493451 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
+
+ "
+
+- title: January 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Certain operations performed on a Cluster Shared Volume may fail Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: Do one of the following: - Perform the operation from a process that has administrator privilege.
- Perform the operation from a node that doesn’t have CSV ownership.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | January 08, 2019
KB4480975 | Mitigated
| Last updated:
April 25, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT |
+ Internet Explorer 11 authentication issue with multiple concurrent logonsAfter installing KB4480975, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to: - Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493451.
Back to top | January 08, 2019
KB4480975 | Resolved
KB4493451 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+ MSXML6 may cause applications to stop responding After installing KB4480975, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493451.
Back to top | January 08, 2019
KB4480975 | Resolved
KB4493451 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
+
+ "
diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml
new file mode 100644
index 0000000000..2a4ba41456
--- /dev/null
+++ b/windows/release-information/windows-message-center.yml
@@ -0,0 +1,97 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Windows 10 message center
+metadata:
+ document_id:
+ title: Windows 10 message center
+ description: Windows 10 message center
+ keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories
+ ms.localizationpriority: high
+ author: greg-lindsay
+ ms.author: greglin
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+
+- items:
+ - type: list
+ style: cards
+ className: cardsM
+ columns: 2
+ items:
+
+ - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540
+ html: Read the announcement >
+ image:
+ src: https://docs.microsoft.com//media/common/i_deploy.svg
+ title: Windows 10, version 1809 designated for broad deployment
+ - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency
+ html: Find out more >
+ image:
+ src: https://docs.microsoft.com/media/common/i_whats-new.svg
+ title: Improvements to the Windows 10 update experience are coming
+ - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience
+ html: Learn about our approach >
+ image:
+ src: https://docs.microsoft.com/media/common/i_investigate.svg
+ title: How do we measure and improve the quality of Windows?
+ - href: https://docs.microsoft.com/windows/windows-10/release-information
+ html: Visit the Windows 10 release information page >
+ image:
+ src: https://docs.microsoft.com/media/common/i_download-monitor.svg
+ title: Find a list of currently supported versions and previous releases
+
+- title: Recent announcements
+- items:
+ - type: markdown
+ text: "
+ | Message | Date |
+
+ Take action: Install servicing stack update for Windows Server 2008 SP2 for SHA-2 code sign support
A standalone update, KB4493730, that introduce SHA-2 code sign support for the servicing stack (SSU) was released today as a security update. | April 19, 2019
10:00 AM PT |
+ The benefits of Windows 10 Dynamic Update
Dynamic Update can help organizations and end users alike ensure that their Windows 10 devices have the latest feature update content (as part of an in-place upgrade)—and preserve precious features on demand (FODs) and language packs (LPs) that may have been previously installed.
+
+Find out which components are updated by Dynamic Update, how Dynamic Update is initiated, and how to enable or disable it. | April 17, 2019
11:26 AM PT |
+ Improvements to the Windows 10 update experience are coming
Find out about the changes coming to the Windows update process that will improve the experience, offer users more control, and improve the quality of Windows updates. | April 04, 2019
09:00 AM PT |
+ Take action: review your Windows Update for Business deferral values
If devices under your management are still running Windows 10 Pro or Windows 10 Pro for Workstations, version 1709, your devices will reach end of service on April 9, 2019 if you have configured both of the following Windows Update for Business policies:
+
+- Branch readiness is configured as Semi-Annual Channel (SAC)
+- Feature update deferral is configured as 274 days or more
+
+In order avoid this, you need to set your feature update deferral policy to 273 days or less. | April 03, 2019
05:47 PM PT |
+ Find a list of currently supported versions and previous releases
Every Windows product has a lifecycle. The lifecycle begins when a product is released and ends when it is no longer serviced or supported. Knowing key dates in this lifecycle helps you make informed decisions about when to update, upgrade, or make other changes to your software. Check out the updated Windows 10 release information page for a list of current versions by servicing option as well as end of service dates. | March 28, 2019
02:00 PM PT |
+ Windows 10, version 1809 designated for broad deployment
Based on the data and the feedback we’ve received from consumers, OEMs, ISVs, partners, and commercial customers, Windows 10, version 1809 has transitioned to broad deployment. With this, the Windows 10 release information page will now reflect Semi-Annual Channel (SAC) for version 1809. | March 28, 2019
10:00 AM PT |
+ Reminder: Additional servicing for the Windows 10 Enterprise, Education, and IoT Enterprise, version 1607 ends April 9, 2019
The additional servicing for Windows 10 Enterprise, Education, and IoT Enterprise editions ends on April 9, 2019 and doesn't extend beyond this date. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.
Devices running Windows 10 Enterprise 2016 LTSB will continue to receive updates until October 2026 per the Fixed Lifecycle Policy. Windows 10, version 1607 devices running the Intel “Clovertrail” chipset will continue to receive updates until January 2023. | March 12, 2019
10:00 AM PT |
+ Reminder: Windows 10 Home, Pro, Pro for Workstations, and IoT Core, version 1709 will reach end of service on April 9, 2019
Windows 10, version 1709, will reach end of service on April 9, 2019 for devices running Windows 10 Home, Pro, Pro for Workstations, and IoT Core editions. These devices will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.
Windows 10 Enterprise, Education, and IoT Enterprise editions will continue to receive servicing for 12 months at no cost per the lifecycle announcement on October 2018. | March 12, 2019
10:00 AM PT |
+ Take action: Install standalone security updates to introduce SHA-2 code sign support for Windows 7 amd Windows Server 2008 R2
A standalone SHA-2 code signing support update for Windows Server 2008 R2 and Windows 7 is now available, as is a servicing stack update for Windows 7 SP1 and Windows Server 2008 R2 SP1 that includes the SHA-2 code signing support update. | March 12, 2019
10:00 AM PT |
+ Take action: Install standalone update for WSUS 3.0 SP2 to support the delivery of SHA-2 signed updates
A standalone update, KB4484071 is available on Windows Update Catalog for WSUS 3.0 SP2 that supports delivering SHA-2 signed updates. For those customers using WSUS 3.0 SP2, this update should be manually installed no later than June 18, 2019. | March 12, 2019
10:00 AM PT |
+ Reminder: Final Delta update for Windows 10, version 1607, 1703, 1709, and 1803 will be April 9, 2019
March 12th and April 9th will be the last two Delta updates for Windows 10, version 1607, 1703, 1709, and 1803. Security and quality updates will continue to be available via the express and full cumulative update packages. | March 12, 2019
10:00 AM PT |
+ How do we measure and improve the quality of Windows?
Measuring the quality of Windows is a complex undertaking that requires gathering a variety of diagnostic signals from millions of devices within the Windows ecosystem. In addition to rigorous internal testing, we rely heavily on the feedback provided through diagnostic data to detect and fix problems before we release new updates of Windows to the general population, and to monitor the impact of those updates after each release.
+
+Get insight into some of the practices we employ to measure and improve the quality of Windows. | March 06, 2019
10:23 AM PT |
+ Getting to know the Windows update history pages
Windows update history pages offer detailed information about each Windows update: the type of update, which operating systems it affects, the improvements and fixes included, and how to get the update. See how simple it is to use this important resource to access information for Windows 10, Windows Server 2019, and earlier versions of the Windows and Windows Server operating systems. | February 21, 2019
06:37 PM PT |
+ Share your feedback: Windows update history
We read every comment you leave on our update history pages, and are always looking to improve these pages and the monthly knowledge base (KB) articles that accompany each monthly update. Take our survey and let us know how we can improve our transparency further and make these more compelling and useful to you and your organization. | February 21, 2019
12:00 PM PT |
+ Plan for change: Windows Update for Business and the retirement of SAC-T
Beginning with Windows 10, version 1903 (the next feature update for Windows 10), the Windows 10 release information page will no longer list SAC-T information for version 1903 and future feature updates. Instead, you will find a single entry for each new SAC release. In addition, if you are using Windows Update for Business, you will see new UI and behavior to reflect that there is only one release date for each SAC release. If you use System Center Configuration Manager, Windows Server Update Services (WSUS), or other management tools, there will now only be one feature update published to WSUS, and this will occur at the time of release. Learn how this change will affect Windows Business for Update customers. | February 14, 2019
12:00 PM PT |
+ Champs corner: Classifying Windows updates in common deployment tools
If you utilize automated update deployment tools, such as Windows Server Update Services (WSUS) or System Center Configuration Manager, you likely use automatic rules to streamline the approval and deployment of Windows updates. Using the correct update classification is, therefore, an important component of your organization’s device update process. Explore the options available and how to approach it in a WSUS or Configuration Manager environment. | February 05, 2019
10:34 AM PT |
+ Update: Delta updates for Windows 10, version 1607, 1703, 1709, and 1803 will be available until April 9, 2019
Based on customer feedback, we are extending Delta update publication for Windows 10 versions 1607, 1703, 1709, and 1803. We will continue to provide Delta updates via the Microsoft Update Catalog through April 9th, 2019, which will be the last delta update available. | February 05, 2019
09:00 AM PT |
+ Global DNS outage affecting Windows Update customers
Windows Update customers were affected by a network infrastructure event on January 29, 2019 (21:00 UTC), caused by an external DNS service provider’s global outage. A software update to the external provider’s DNS servers resulted in the distribution of corrupted DNS records that affected connectivity to the Windows Update service. The DNS records were restored by January 30, 2019 (00:10 UTC), and the majority of local Internet Service Providers (ISP) have refreshed their DNS servers and customer services have been restored.
+
+While this was not an issue with Microsoft’s services, we take any service disruption for our customers seriously. We will work with partners to better understand this so we can provide higher quality service in the future even across diverse global network providers.
+
+If you are still unable to connect to Windows Update services due to this problem, please contact your local ISP or network administrator. You can also refer to our new KB4493784 for more information to determine if your network is affected, and to provide your local ISP or network administrator with additional information to assist you. | January 29, 2019
04:15 PM PT |
+ Application compatibility in the Windows ecosystem
Our application ecosystem is incredibly diverse, encompassing tens of millions of applications (apps) with numerous versions, languages, architectures, services and configuration options. While our ecosystem is complex, our vision is simple. All apps on Windows devices should just work! Explore the various programs and technologies we use to improve application compatibility. | January 15, 2019
10:00 AM PT |
+ Modern desktop servicing: the year in review
2018 was a pivotal year for the modern desktop and the servicing transformation journey we have been taking with you and your organization. In this post, John Wilcox takes a look back and recaps the progress that has been made, highlighting significant events, and provideing nsight into what 2019 has in store. | December 19, 2018
02:20 PM PT |
+ Driver quality in the Windows ecosystem
Ensuring Windows 10 works great with all the devices and accessories our customers use is a top priority. We work closely with this broad mix of partners to test new drivers, monitor health characteristics over time, and make Windows and our ecosystem more resilient architecturally. Our goal is to ensure that all the updates and drivers we deliver to non-Insider populations are validated and at production quality (including monthly optional releases) before pushing drivers broadly to all. Explore the driver distribution chain and learn how we measure driver quality and prevent conflicts. | December 19, 2018
10:04 AM PT |
+ Introducing the Modern Desktop podcast series
In this new podcast series, we'll explore the good, the bad, and, yes, the ugly of servicing and delivery for Windows 10 and Office 365 ProPlus. We'll talk about modern desktop management through Enterprise Mobility, security, and cloud-attached and co-managed environments. Listen to the first episode, in which we discuss monthly quality updates fpr Windows 10, the Microsoft 365 Stay Current pilot program, and interview a real customer to see how they ingest monthly updates in their organization. | December 18, 2018
01:00 PM PT |
+ Measuring Delivery Optimization and its impact to your network
If you've familiarized yourself with the configuration options for Delivery Optimization in Windows 10, and have started to configure the settings you feel will be the best fit for your organization’s network topology, now is the time to see how well those settings are working. This article provides tips on how evaluate performance at the device level or organization level. | December 13, 2018
03:48 PM PT |
+ Windows monthly security and quality updates overview
Today’s global cybersecurity threats are both dynamic and sophisticated, and new vulnerabilities are discovered almost every day. We focus on protecting customers from these security threats by providing security updates on a timely basis and with high quality. Find out how how we deliver these critical updates on a massive scale as a key component of our ongoing Windows as a service effort. | December 10, 2018
10:00 AM PT |
+ LTSC: What is it, and when should it be used?
With the Semi-Annual Channel, devices receive two feature updates per year, and benefit from the best performance, user experience, security, and stability. This servicing option continues to be our recommendation for managing Windows 10 updates; however, we acknowledge that certain devices and use cases (e.g. medical systems and industrial process controllers) dictate that functionality and features don’t change over time. Find out how we designed the Long-Term Servicing Channel (LTSC) with these types of use cases in mind, and what is offered through the LTSC. | November 29, 2018
07:02 PM PT |
+ Plan for change: Local Experience Packs: What are they and when should you use them?
When we released Windows 10, version 1803, we introduced Local Experience Packs (LXPs), which are modern language packs delivered through the Microsoft Store or Microsoft Store for Business. Learn about the biggest advantage to LXPs, and the retirement of legacy language packs (lp.cab) for all Language Interface Packs (LIP). | November 14, 2018
11:10 AM PT |
+ Windows 10 Quality approach for a complex ecosystem
While our measurements of quality show improving trends on aggregate for each successive Windows 10 release, if a single customer experiences an issue with any of our updates, we take it seriously. In this blog post, Windows CVP Mike Fortin shares an overview of how we work to continuously improve the quality of Windows and our Windows as a service approach. This blog will be the first in a series of more in-depth explanations of the work we do to deliver quality in our Windows releases. | November 13, 2018
10:00 AM PT |
+ Windows 10, version 1809 rollout resumes; now available on VLSC
Today we are resuming the rollout of the latest Windows 10 feature update—Windows 10, version 1809—via the Software Download Center (via Update Assistant or the Media Creation Tool), Windows Server Update Services (WSUS), and Windows Update for Business. Windows 10, version 1809 is also now available on the Volume Licensing Service Center (VLSC). | November 13, 2018
10:00 AM PT |
+ Express updates for Windows Server 2016 re-enabled for November 2018 update
Starting with the November 13, 2018 Update Tuesday release, Windows will again publish Express updates for Windows Server 2016. That means that system administrators for WSUS and System Center Configuration Manager will once again see two packages for the Windows Server 2016 update: a Full update and an Express update. Read this article for more details. | November 12, 2018
03:00 PM PT |
+ Plan for change: 2019 SHA-2 code signing support requirement for Windows and WSUS
To protect your security, Windows operating system updates are dual-signed using both the SHA-1 and SHA-2 hash algorithms to authenticate that updates come directly from Microsoft and were not tampered with during delivery. Due to weaknesses in the SHA-1 algorithm and to align to industry standards Microsoft will only sign Windows updates using the more secure SHA-2 algorithm exclusively. Customers running legacy OS versions (Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Server 2008 SP2) will be required to have SHA-2 code signing support installed on their devices by July 2019. Any devices without SHA-2 support will not be offered Windows updates after July 2019. To help prepare you for this change, we will release support for SHA-2 signing in 2019. Windows Server Update Services (WSUS) 3.0 SP2 will receive SHA-2 support to properly deliver SHA-2 signed updates. Please make note of the dates in the migration timeline and plan accordingly. | November 09, 2018
10:00 AM PT |
+
+ "
diff --git a/windows/security/docfx.json b/windows/security/docfx.json
index 018d611769..961279662e 100644
--- a/windows/security/docfx.json
+++ b/windows/security/docfx.json
@@ -38,12 +38,18 @@
"ms.topic": "article",
"feedback_system": "GitHub",
"feedback_github_repo": "MicrosoftDocs/windows-itpro-docs",
- "feedback_product_url": "https://support.microsoft.com/help/4021566/windows-10-send-feedback-to-microsoft-with-feedback-hub-app",
- "ms.author": "justinha"
+ "feedback_product_url": "https://support.microsoft.com/help/4021566/windows-10-send-feedback-to-microsoft-with-feedback-hub-app",
+ "ms.author": "justinha",
+ "_op_documentIdPathDepotMapping": {
+ "./": {
+ "depot_name": "MSDN.security",
+ "folder_relative_path_in_docset": "./"
+ }
+ }
},
"fileMetadata": {},
"template": [],
"dest": "security",
"markdownEngineName": "dfm"
}
-}
\ No newline at end of file
+}
diff --git a/windows/security/identity-protection/access-control/active-directory-security-groups.md b/windows/security/identity-protection/access-control/active-directory-security-groups.md
index 0b2f989db7..3b7f39ee7e 100644
--- a/windows/security/identity-protection/access-control/active-directory-security-groups.md
+++ b/windows/security/identity-protection/access-control/active-directory-security-groups.md
@@ -258,279 +258,286 @@ The following tables provide descriptions of the default groups that are located
Yes |
