deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'master' into v-tea-CI-103303-04

Browse Source
This commit is contained in:
Teresa-Motiv 2019-06-25 08:40:39 -07:00
commit b24aa7ed48
22 changed files with 166 additions and 101 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.openpublishing.redirection.json
View File

@ -15038,6 +15038,11 @@
"redirect_document_id": true
},
{
"source_path": "windows/deployment/windows-10-architecture-posters.md",
"redirect_url": "/windows/deployment/windows-10-deployment-scenarios",
"redirect_document_id": true
},
{
"source_path": "windows/device-security/index.md",
"redirect_url": "/windows/security/threat-protection",
"redirect_document_id": true

6
devices/surface-hub/surface-hub-2s-manage-intune.md
View File

@ -35,11 +35,11 @@ Select Windows 10 Team for preset device restriction settings for Surface Hub an
![Set device restrictions for Surface Hub 2S.](images/sh2-set-intune3.png) <br>
These settings include user experience and app behavior, Azure Log Analytics registration, Maintenance windows configuration, Session settings, and Miracast settings. For a complete list of configuration service providers (CSPs) for the Windows 10 Team operating system, see [Surface Hub CSPs in Windows 10](https://docs.microsoft.com/windows/client-management/mdm/surfacehub-csp)
These settings include user experience and app behavior, Azure Log Analytics registration, Maintenance windows configuration, Session settings, and Miracast settings. For a complete list of available Windows 10 Team settings, see [SurfaceHub CSP](https://docs.microsoft.com/windows/client-management/mdm/surfacehub-csp).
## Additional supported configuration service providers
## Additional supported configuration service providers (CSPs)
For addtional supported CSPs, see [SurfaceHub CSP](https://docs.microsoft.com/en-us/windows/client-management/mdm/configuration-service-provider-reference#surfacehubcspsuppor).
For additional supported CSPs, see [Surface Hub CSPs in Windows 10](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#surfacehubcspsupport).
## Quality of Service (QoS) settings

4
education/docfx.json
View File

@ -14,7 +14,9 @@
"resource": [
{
"files": [
"**/images/**"
"**/*.png",
"**/*.jpg",
"**/*.svg"
],
"exclude": [
"**/obj/**"

BIN
education/images/data-streamer.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.9 KiB

2
education/images/education-partner-aep-2.svg
View File

@ -1,4 +1,4 @@
<svg id="ICONS" xmlns="https://www.w3.org/2000/svg" viewBox="0 0 400 140">
<svg id="ICONS" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 400 140">
<defs>
<style>
.cls-1 {

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 3.7 KiB

After

Width:  |  Height:  |  Size: 3.7 KiB

2
education/images/education-partner-directory-3.svg
View File

@ -1,4 +1,4 @@
<svg id="ICONS" xmlns="https://www.w3.org/2000/svg" viewBox="0 0 400 140">
<svg id="ICONS" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 400 140">
<defs>
<style>
.cls-1 {

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 3.7 KiB

After

Width:  |  Height:  |  Size: 3.7 KiB

2
education/images/education-partner-mepn-1.svg
View File

@ -1,4 +1,4 @@
<svg id="ICONS" xmlns="https://www.w3.org/2000/svg" viewBox="0 0 400 140">
<svg id="ICONS" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 400 140">
<defs>
<style>
.cls-1 {

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 5.5 KiB

After

Width:  |  Height:  |  Size: 5.5 KiB

2
education/images/education-partner-yammer.svg
View File

@ -1,4 +1,4 @@
<svg id="ICONS" xmlns="https://www.w3.org/2000/svg" viewBox="0 0 400 140">
<svg id="ICONS" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 400 140">
<defs>
<style>
.cls-1 {

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.7 KiB

After

Width:  |  Height:  |  Size: 2.7 KiB

25
education/index.md
View File

@ -144,7 +144,7 @@ ms.prod: w10
<div class="card">
<div class="cardImageOuter">
<div class="cardImage bgdAccent1">
<img src="/media/hubs/education/education-developers-uwp-apps.svg" alt="" />
<img src="https://docs.microsoft.com/media/hubs/education/education-developers-uwp-apps.svg" alt="" />
</div>
</div>
<div class="cardText">
@ -163,7 +163,7 @@ ms.prod: w10
<div class="card">
<div class="cardImageOuter">
<div class="cardImage bgdAccent1">
<img src="/media/hubs/education/education-developers-api-test.svg" alt="" />
<img src="https://docs.microsoft.com/media/hubs/education/education-developers-api-test.svg" alt="" />
</div>
</div>
<div class="cardText">
@ -182,7 +182,7 @@ ms.prod: w10
<div class="card">
<div class="cardImageOuter">
<div class="cardImage bgdAccent1">
<img src="/media/hubs/education/education-developers-office-education.svg" alt="" />
<img src="https://docs.microsoft.com/media/hubs/education/education-developers-office-education.svg" alt="" />
</div>
</div>
<div class="cardText">
@ -194,6 +194,25 @@ ms.prod: w10
</div>
</a>
</li>
<li>
<a href="/microsoft-365/education/data-streamer">
<div class="cardSize">
<div class="cardPadding">
<div class="card">
<div class="cardImageOuter">
<div class="cardImage bgdAccent1">
<img src="images/data-streamer.png" alt="" />
</div>
</div>
<div class="cardText">
<h3>Data Streamer</h3>
<p>Bring new STEM experiences into the classroom with real-time data in Excel using Data Streamer. Data Streamer can send data to Excel from a sensor or application.</p>
</div>
</div>
</div>
</div>
</a>
</li>
</ul>
</li>
</ul>

10
windows/client-management/mdm/policy-configuration-service-provider.md
View File

@ -738,10 +738,10 @@ The following diagram shows the Policy configuration service provider in tree fo
<dl>
<dd>
<a href="./policy-csp-cryptography.md#cryptographyallowfipsalgorithmpolicy" id="cryptographyallowfipsalgorithmpolicy">Cryptography/AllowFipsAlgorithmPolicy</a>
<a href="./policy-csp-cryptography.md#cryptography-allowfipsalgorithmpolicy" id="cryptography-allowfipsalgorithmpolicy">Cryptography/AllowFipsAlgorithmPolicy</a>
</dd>
<dd>
<a href="./policy-csp-cryptography.md#cryptographytlsciphersuites" id="cryptographytlsciphersuites">Cryptography/TLSCipherSuites</a>
<a href="./policy-csp-cryptography.md#cryptography-tlsciphersuites" id="cryptography-tlsciphersuites">Cryptography/TLSCipherSuites</a>
</dd>
</dl>
@ -4395,7 +4395,7 @@ The following diagram shows the Policy configuration service provider in tree fo
- [CredentialsDelegation/RemoteHostAllowsDelegationOfNonExportableCredentials](./policy-csp-credentialsdelegation.md#credentialsdelegation-remotehostallowsdelegationofnonexportablecredentials)
- [CredentialsUI/DisablePasswordReveal](./policy-csp-credentialsui.md#credentialsui-disablepasswordreveal)
- [CredentialsUI/EnumerateAdministrators](./policy-csp-credentialsui.md#credentialsui-enumerateadministrators)
- [Cryptography/AllowFipsAlgorithmPolicy](./policy-csp-cryptography.md#cryptographyallowfipsalgorithmpolicy)
- [Cryptography/AllowFipsAlgorithmPolicy](./policy-csp-cryptography.md#cryptography-allowfipsalgorithmpolicy)
- [DataUsage/SetCost4G](./policy-csp-datausage.md#datausage-setcost4g)
- [Defender/AllowArchiveScanning](./policy-csp-defender.md#defender-allowarchivescanning)
- [Defender/AllowBehaviorMonitoring](./policy-csp-defender.md#defender-allowbehaviormonitoring)
@ -5260,8 +5260,8 @@ The following diagram shows the Policy configuration service provider in tree fo
- [Camera/AllowCamera](#camera-allowcamera)
- [Cellular/ShowAppCellularAccessUI](#cellular-showappcellularaccessui)
- [Cryptography/AllowFipsAlgorithmPolicy](#cryptographyallowfipsalgorithmpolicy)
- [Cryptography/TLSCipherSuites](#cryptographytlsciphersuites)
- [Cryptography/AllowFipsAlgorithmPolicy](#cryptography-allowfipsalgorithmpolicy)
- [Cryptography/TLSCipherSuites](#cryptography-tlsciphersuites)
- [Defender/AllowArchiveScanning](#defender-allowarchivescanning)
- [Defender/AllowBehaviorMonitoring](#defender-allowbehaviormonitoring)
- [Defender/AllowCloudProtection](#defender-allowcloudprotection)

138
windows/client-management/mdm/policy-csp-cryptography.md
View File

@ -6,43 +6,56 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 05/14/2018
ms.date: 06/19/2019
ms.reviewer:
manager: dansimp
---
# Policy CSP - Cryptography
<hr/>
<!--Policies-->
## Cryptography policies
<dl>
<dd>
<a href="#cryptography-allowfipsalgorithmpolicy">Cryptography/AllowFipsAlgorithmPolicy</a>
</dd>
<dd>
<a href="#cryptography-tlsciphersuites">Cryptography/TLSCipherSuites</a>
</dd>
</dl>
<<<<<<< HEAD
* [Cryptography/AllowFipsAlgorithmPolicy](#CryptographyAllowFipsAlgorithmPolicy)
* [Cryptography/TLSCipherSuites](#CryptographyTLSCipherSuites)
=======
* [Cryptography/AllowFipsAlgorithmPolicy](#cryptographyallowfipsalgorithmpolicy)
* [Cryptography/TLSCipherSuites](#cryptographytlsciphersuites)
>>>>>>> master
* [Cryptography/Microsoft Surface Hub](#cryptography-policies-supported-by-microsoft-surface-hub)
<hr/>
<!--Policy-->
<<<<<<< HEAD
## <a id="CryptographyAllowFipsAlgorithmPolicy" />Cryptography/AllowFipsAlgorithmPolicy
=======
## Cryptography/AllowFipsAlgorithmPolicy
>>>>>>> master
<a href="" id="cryptography-allowfipsalgorithmpolicy"></a>**Cryptography/AllowFipsAlgorithmPolicy**
<!--SupportedSKUs-->
|Home|Pro|Business |Enterprise |Education |Mobile |Mobile Enterprise |
| :---: | :---: | :---: | :---: | :---: | :---: | :---: |
|![][x] | ![][check] | ![][check] | ![][check] | ![][check] | ![][check] | ![][check]|
<table>
<tr>
<th>Home</th>
<th>Pro</th>
<th>Business</th>
<th>Enterprise</th>
<th>Education</th>
<th>Mobile</th>
<th>Mobile Enterprise</th>
</tr>
<tr>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
</tr>
</table>
<!--/SupportedSKUs-->
<!--Scope-->
@ -58,36 +71,53 @@ manager: dansimp
Allows or disallows the Federal Information Processing Standard (FIPS) policy.
<!--/Description-->
<!--RegistryMapped-->
GP Info:
<!--ADMXMapped-->
ADMX Info:
- GP English name: *System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing*
- GP path: *Windows Settings/Security Settings/Local Policies/Security Options*
<!--/RegistryMapped-->
<!--/ADMXMapped-->
<!--SupportedValues-->
The following list shows the supported values:
- 0 (default) Not allowed.
- 1 Allowed.
<!--/SupportedValues-->
<!--Example-->
<!--/Example-->
<!--Validation-->
<!--/Validation-->
<!--/Policy-->
<hr/>
<!--Policy-->
<<<<<<< HEAD
## <a id="CryptographyTLSCipherSuites" />Cryptography/TLSCipherSuites
=======
## Cryptography/TLSCipherSuites
>>>>>>> master
<a href="" id="cryptography-tlsciphersuites"></a>**Cryptography/TLSCipherSuites**
<!--SupportedSKUs-->
|Home|Pro|Business |Enterprise |Education |Mobile |Mobile Enterprise |
| :---: | :---: | :---: | :---: | :---: | :---: | :---: |
|![][x] | ![][check] | ![][check] | ![][check] | ![][check] | ![][check] | ![][check]|
<table>
<tr>
<th>Home</th>
<th>Pro</th>
<th>Business</th>
<th>Enterprise</th>
<th>Education</th>
<th>Mobile</th>
<th>Mobile Enterprise</th>
</tr>
<tr>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
</tr>
</table>
<!--/SupportedSKUs-->
<!--Scope-->
@ -103,26 +133,36 @@ The following list shows the supported values:
Lists the Cryptographic Cipher Algorithms allowed for SSL connections. Format is a semicolon delimited list. Last write win.
<!--/Description-->
<!--ADMXMapped-->
<!--/ADMXMapped-->
<!--SupportedValues-->
<!--/SupportedValues-->
<!--Example-->
<!--/Example-->
<!--Validation-->
<!--/Validation-->
<!--/Policy-->
<hr/>
Footnote:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
<!--/Policies-->
<!--StartSurfaceHub-->
## Cryptography policies supported by Microsoft Surface Hub
## <a href="" id="surfacehubpolicies"></a>Cryptography policies supported by Microsoft Surface Hub
- [Cryptography/AllowFipsAlgorithmPolicy](#CryptographyAllowFipsAlgorithmPolicy)
- [Cryptography/TLSCipherSuites](#CryptographyTLSCipherSuites)
<!--EndSurfaceHub-->
- [Cryptography/AllowFipsAlgorithmPolicy](#cryptography-allowfipsalgorithmpolicy)
- [Cryptography/TLSCipherSuites](#cryptography-tlsciphersuites)
<!--EndSurfaceHub-->
<hr/>
Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
[check]: images/checkmark.png "Check"
[x]: images/crossmark.png "X"

1
windows/deployment/TOC.md
View File

@ -1,5 +1,4 @@
# [Deploy and update Windows 10](https://docs.microsoft.com/windows/deployment)
## [Architectural planning posters for Windows 10](windows-10-architecture-posters.md)
## [Deploy Windows 10 with Microsoft 365](deploy-m365.md)
## [What's new in Windows 10 deployment](deploy-whats-new.md)
## [Windows 10 deployment scenarios](windows-10-deployment-scenarios.md)

27
windows/deployment/windows-10-architecture-posters.md
View File

@ -1,27 +0,0 @@
---
title: Deploy Windows 10 - architectural posters
description: Provides architural planning posters for Windows 10 in the enterprise
ms.prod: w10
ms.author: greg-lindsay
author: greg-lindsay
ms.date: 09/28/2017
ms.reviewer:
manager: laurawi
ms.tgt_pltfrm: na
ms.topic: article
ms.localizationpriority: medium
---
# Architectural planning posters for Windows 10
You can download the following posters for architectural information about deploying Windows 10 in the enterprise.
- [Deploy Windows 10 - Clean installation](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/master/windows/media/ModernSecureDeployment/Deploy-CleanInstallation.pdf)
Learn about the options and steps for a new installation of Windows 10.
- [Deploy Windows 10 - In-place upgrade](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/master/windows/media/ModernSecureDeployment/Deploy-InplaceUpgrade.pdf)
Learn about the steps to upgrade from a previous version of Windows.
- [Deploy Windows 10 - Windows Autopilot](https://github.com/MicrosoftDocs/windows-itpro-docs/blob/master/windows/media/ModernSecureDeployment/Deploy-WindowsAutoPilot.pdf)
Learn how you can set up and pre-configure Windows 10 devices.
- [Deploy Windows 10 - Windows servicing](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/master/windows/media/ModernSecureDeployment/WindowsServicing.pdf)
Learn how to keep Windows up to date.
- [Deploy Windows 10 - Protection solutions](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/master/windows/media/ModernSecureDeployment/ProtectionSolutions.pdf)
Learn about the two tiers of protection available for Windows 10 devices.

2
windows/release-information/resolved-issues-windows-server-2012.yml
View File

@ -32,6 +32,7 @@ sections:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
<tr><td><div id='514msg'></div><b>Some devices and generation 2 Hyper-V VMs may have issues installing updates</b><br>Some devices and generation 2 Hyper-V virtual machines (VMs) may have issues installing some updates when Secure Boot is enabled.<br><br><a href = '#514msgdesc'>See details ></a></td><td>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503285' target='_blank'>KB4503285</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503295' target='_blank'>KB4503295</a></td><td>June 21, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='512msg'></div><b>IE11 may stop working when loading or interacting with Power BI reports</b><br>Power BI reports that contain line charts with markers may cause Internet Explorer 11 to stop working.<br><br><a href = '#512msgdesc'>See details ></a></td><td>May 14, 2019<br><a href ='https://support.microsoft.com/help/4499171' target='_blank'>KB4499171</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503295' target='_blank'>KB4503295</a></td><td>June 21, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='510msg'></div><b>Event Viewer may close or you may receive an error when using Custom Views</b><br>When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.<br><br><a href = '#510msgdesc'>See details ></a></td><td>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503285' target='_blank'>KB4503285</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503295' target='_blank'>KB4503295</a></td><td>June 20, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='487msg'></div><b>Issue using PXE to start a device from WDS</b><br>There may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension.<br><br><a href = '#487msgdesc'>See details ></a></td><td>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489891' target='_blank'>KB4489891</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503285' target='_blank'>KB4503285</a></td><td>June 11, 2019 <br>10:00 AM PT</td></tr>
@ -64,6 +65,7 @@ sections:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='514msgdesc'></div><b>Some devices and generation 2 Hyper-V VMs may have issues installing updates</b><div>Some devices and generation 2 Hyper-V virtual machines (VMs) may have issues installing <a href='https://support.microsoft.com/help/4503285' target='_blank'>KB4503285</a> or later updates when Secure Boot is enabled.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Server: Windows Server 2012</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4503295' target='_blank'>KB4503295</a>. If your device is using Security Only updates, this issue was resolved in&nbsp;<a href=\"https://support.microsoft.com/help/4508776\" target=\"_blank\" style=\"\">KB4508776</a>.</div><br><a href ='#514msg'>Back to top</a></td><td>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503285' target='_blank'>KB4503285</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503295' target='_blank'>KB4503295</a></td><td>Resolved:<br>June 21, 2019 <br>02:00 PM PT<br><br>Opened:<br>June 19, 2019 <br>04:57 PM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='512msgdesc'></div><b>IE11 may stop working when loading or interacting with Power BI reports</b><div>Internet Explorer 11 may stop working when loading or interacting with Power BI reports that have line charts with markers. This issue may also occur when viewing other content that contains Scalable Vector Graphics (SVG) markers.</div><div><br></div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1; Windows 8.1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2</li></ul><div></div><div><br></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in&nbsp;Preview Rollup <a href='https://support.microsoft.com/help/4503295' target='_blank'>KB4503295</a>. If you are using the Internet Explorer cumulative updates, this issue was resolved in <a href=\"https://support.microsoft.com/help/4508646\" target=\"_blank\">KB4508646</a>.</div><br><a href ='#512msg'>Back to top</a></td><td>May 14, 2019<br><a href ='https://support.microsoft.com/help/4499171' target='_blank'>KB4499171</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503295' target='_blank'>KB4503295</a></td><td>Resolved:<br>June 21, 2019 <br>02:00 PM PT<br><br>Opened:<br>June 07, 2019 <br>02:57 PM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='510msgdesc'></div><b>Event Viewer may close or you may receive an error when using Custom Views</b><div>When trying to expand, view, or create&nbsp;<strong>Custom Views&nbsp;</strong>in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using&nbsp;<strong>Filter Current Log</strong>&nbsp;in the&nbsp;<strong>Action&nbsp;</strong>menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4503295' target='_blank'>KB4503295</a>. If you are using Security Only updates, see <a href=\"https://support.microsoft.com/help/4508640\" target=\"_blank\" style=\"\">KB4508640</a> for resolving KB for your platform.</div><br><a href ='#510msg'>Back to top</a></td><td>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503285' target='_blank'>KB4503285</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503295' target='_blank'>KB4503295</a></td><td>Resolved:<br>June 20, 2019 <br>02:00 PM PT<br><br>Opened:<br>June 12, 2019 <br>11:11 AM PT</td></tr>
</table>

4
windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
View File

@ -61,8 +61,8 @@ sections:
text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
<tr><td><div id='513msg'></div><b>Difficulty connecting to some iSCSI-based SANs</b><br>Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.<br><br><a href = '#513msgdesc'>See details ></a></td><td>OS Build 14393.2999<br><br>May 23, 2019<br><a href ='https://support.microsoft.com/help/4499177' target='_blank'>KB4499177</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>June 21, 2019 <br>10:08 AM PT</td></tr>
<tr><td><div id='515msg'></div><b>Devices with Hyper-V enabled may see BitLocker error 0xC0210000</b><br>Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000<br><br><a href = '#515msgdesc'>See details ></a></td><td>OS Build 14393.2969<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>June 21, 2019 <br>05:23 PM PT</td></tr>
<tr><td><div id='474msg'></div><b>Some applications may fail to run as expected on clients of AD FS 2016</b><br>Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016)<br><br><a href = '#474msgdesc'>See details ></a></td><td>OS Build 14393.2941<br><br>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493473' target='_blank'>KB4493473</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>June 07, 2019 <br>04:25 PM PT</td></tr>
<tr><td><div id='451msg'></div><b>Devices running Windows Server 2016 with Hyper-V seeing Bitlocker error 0xC0210000</b><br>Some devices running Windows Server with Hyper-V enabled may start into Bitlocker recovery with error 0xC0210000<br><br><a href = '#451msgdesc'>See details ></a></td><td>OS Build 14393.2969<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 23, 2019 <br>09:57 AM PT</td></tr>
<tr><td><div id='135msg'></div><b>Cluster service may fail if the minimum password length is set to greater than 14</b><br>The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.<br><br><a href = '#135msgdesc'>See details ></a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='149msg'></div><b>SCVMM cannot enumerate and manage logical switches deployed on the host</b><br>For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host.<br><br><a href = '#149msgdesc'>See details ></a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='322msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".<br><br><a href = '#322msgdesc'>See details ></a></td><td>OS Build 14393.2724<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480961' target='_blank'>KB4480961</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
@ -98,7 +98,7 @@ sections:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='451msgdesc'></div><b>Devices running Windows Server 2016 with Hyper-V seeing Bitlocker error 0xC0210000</b><div>Some devices running Windows Server 2016 with Hyper-V enabled may enter Bitlocker recovery mode and receive an error, \"0xC0210000\" after installing <a href='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a> and restarting.</div><div><br></div><div><strong>Note </strong>Windows 10, version 1607 may also be affected when Bitlocker and Hyper-V are both enabled.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround: </strong>If your device is already in this state, you can successfully start Windows after suspending Bitlocker from the Windows Recovery Environment (WinRE) using the following steps:</div><ol><li>Retrieve the 48 digit Bitlocker recovery password for the OS volume from your organization's portal or from wherever the key was stored when Bitlocker was first enabled.</li><li>From the recovery screen, press the enter key and enter the recovery password when prompted.</li><li>If your device starts in the Windows Recovery Environment and asks for recovery key again, select <strong>Skip the drive</strong> to continue to WinRE.</li><li>select <strong>Advanced options</strong> then <strong>Troubleshoot</strong> then <strong>Advanced options</strong> then <strong>Command Prompt.</strong></li><li>Unlock OS drive using the command: <strong>Manage-bde -unlock c: -rp &lt;48 digit numerical recovery password separated by “-“ in 6 digit group&gt;</strong></li><li>Suspend Bitlocker using the command: <strong>Manage-bde -protectors -disable c:</strong></li><li>Exit the command window using the command: <strong>exit</strong></li><li>Select <strong>Continue</strong> from recovery environment.</li><li>The device should now start Windows.</li><li>Once started, launch an Administrator Command Prompt and resume the Bitlocker to ensure the system remains protected, using the command: Manage-bde -protectors -enable c:</li></ol><div><strong>Note</strong> The workaround needs to be followed on every system restart unless Bitlocker is suspended before restarting.</div><div><br></div><div>To prevent this issue, execute the following command to temporarily suspend Bitlocker just before restarting the system: <strong>Manage-bde -protectors -disable c: -rc 1</strong></div><div><strong>Note</strong> This command will suspend Bitlocker for 1 restart of the device (-rc 1 option only works inside OS and does not work from recovery environment).</div><div><br></div><div><strong>Next steps: </strong>Microsoft is presently investigating this issue and will provide an update when available.</div><br><a href ='#451msg'>Back to top</a></td><td>OS Build 14393.2969<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 23, 2019 <br>09:57 AM PT<br><br>Opened:<br>May 21, 2019 <br>08:50 AM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='515msgdesc'></div><b>Devices with Hyper-V enabled may see BitLocker error 0xC0210000</b><div>Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing <a href='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a> and restarting.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround: </strong>If your device is already in this state, you can successfully start Windows after suspending BitLocker from the Windows Recovery Environment (WinRE) using the following steps:</div><ol><li>Retrieve the 48 digit BitLocker recovery password for the OS volume from your organization's portal or from wherever the key was stored when BitLocker was first enabled.</li><li>From the recovery screen, press the enter key and enter the recovery password when prompted.</li><li>If your device starts in the Windows Recovery Environment and asks for recovery key again, select <strong>Skip the drive</strong> to continue to WinRE.</li><li>select <strong>Advanced options</strong> then <strong>Troubleshoot</strong> then <strong>Advanced options</strong> then <strong>Command Prompt.</strong></li><li>Unlock OS drive using the command: <strong>Manage-bde -unlock c: -rp &lt;48 digit numerical recovery password separated by “-“ in 6 digit group&gt;</strong></li><li>Suspend BitLocker using the command: <strong>Manage-bde -protectors -disable c:</strong></li><li>Exit the command window using the command: <strong>exit</strong></li><li>Select <strong>Continue</strong> from recovery environment.</li><li>The device should now start Windows.</li><li>Once started, launch an Administrator Command Prompt and resume the BitLocker to ensure the system remains protected, using the command: Manage-bde -protectors -enable c:</li></ol><div><strong>Note</strong> The workaround needs to be followed on every system restart unless BitLocker is suspended before restarting.</div><div><br></div><div>To prevent this issue, execute the following command to temporarily suspend BitLocker just before restarting the system: <strong>Manage-bde -protectors -disable c: -rc 1</strong></div><div><strong>Note</strong> This command will suspend BitLocker for 1 restart of the device (-rc 1 option only works inside OS and does not work from recovery environment).</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#515msg'>Back to top</a></td><td>OS Build 14393.2969<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>June 21, 2019 <br>05:23 PM PT<br><br>Opened:<br>May 21, 2019 <br>08:50 AM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='457msgdesc'></div><b>Update not showing as applicable through WSUS or SCCM or when manually installed</b><div><a href='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a> or later updates may not show as applicable through WSUS or SCCM to the affected platforms. When manually installing the standalone update from Microsoft Update Catalog, it may fail to install with the error, \"The update is not applicable to your computer.\"</div><div><br></div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607</li><li>Server: Windows Server 2016</li></ul><div></div><div><br></div><div><strong>Resolution: </strong>The servicing stack update (SSU) (<a href='https://support.microsoft.com/help/4498947' target='_blank'>KB4498947</a>) must be installed before installing the latest cumulative update (LCU). The&nbsp;LCU will not be reported as applicable until the SSU is installed.&nbsp;For more information, see&nbsp;<a href=\"https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date\" target=\"_blank\">Servicing stack updates</a>.</div><br><a href ='#457msg'>Back to top</a></td><td>OS Build 14393.2969<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4498947' target='_blank'>KB4498947</a></td><td>Resolved:<br>May 14, 2019 <br>10:00 AM PT<br><br>Opened:<br>May 24, 2019 <br>04:20 PM PT</td></tr>
</table>
"

10
windows/release-information/status-windows-10-1703.yml
View File

@ -61,6 +61,7 @@ sections:
text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
<tr><td><div id='513msg'></div><b>Difficulty connecting to some iSCSI-based SANs</b><br>Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.<br><br><a href = '#513msgdesc'>See details ></a></td><td>OS Build 15063.1839<br><br>May 28, 2019<br><a href ='https://support.microsoft.com/help/4499162' target='_blank'>KB4499162</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>June 21, 2019 <br>10:08 AM PT</td></tr>
<tr><td><div id='515msg'></div><b>Devices with Hyper-V enabled may see BitLocker error 0xC0210000</b><br>Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000<br><br><a href = '#515msgdesc'>See details ></a></td><td>OS Build 15063.1805<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4499181' target='_blank'>KB4499181</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>June 21, 2019 <br>05:23 PM PT</td></tr>
<tr><td><div id='321msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".<br><br><a href = '#321msgdesc'>See details ></a></td><td>OS Build 15063.1563<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480973' target='_blank'>KB4480973</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='503msg'></div><b>Event Viewer may close or you may receive an error when using Custom Views</b><br>When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.<br><br><a href = '#503msgdesc'>See details ></a></td><td>OS Build 15063.1868<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503279' target='_blank'>KB4503279</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503289' target='_blank'>KB4503289</a></td><td>June 18, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='488msg'></div><b>Opening Internet Explorer 11 may fail</b><br>Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.<br><br><a href = '#488msgdesc'>See details ></a></td><td>OS Build 15063.1839<br><br>May 28, 2019<br><a href ='https://support.microsoft.com/help/4499162' target='_blank'>KB4499162</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503279' target='_blank'>KB4503279</a></td><td>June 11, 2019 <br>10:00 AM PT</td></tr>
@ -85,6 +86,15 @@ sections:
</table>
"
- title: May 2019
- items:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='515msgdesc'></div><b>Devices with Hyper-V enabled may see BitLocker error 0xC0210000</b><div>Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing <a href='https://support.microsoft.com/help/4499181' target='_blank'>KB4499181</a> and restarting.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround: </strong>If your device is already in this state, you can successfully start Windows after suspending BitLocker from the Windows Recovery Environment (WinRE) using the following steps:</div><ol><li>Retrieve the 48 digit BitLocker recovery password for the OS volume from your organization's portal or from wherever the key was stored when BitLocker was first enabled.</li><li>From the recovery screen, press the enter key and enter the recovery password when prompted.</li><li>If your device starts in the Windows Recovery Environment and asks for recovery key again, select <strong>Skip the drive</strong> to continue to WinRE.</li><li>select <strong>Advanced options</strong> then <strong>Troubleshoot</strong> then <strong>Advanced options</strong> then <strong>Command Prompt.</strong></li><li>Unlock OS drive using the command: <strong>Manage-bde -unlock c: -rp &lt;48 digit numerical recovery password separated by “-“ in 6 digit group&gt;</strong></li><li>Suspend BitLocker using the command: <strong>Manage-bde -protectors -disable c:</strong></li><li>Exit the command window using the command: <strong>exit</strong></li><li>Select <strong>Continue</strong> from recovery environment.</li><li>The device should now start Windows.</li><li>Once started, launch an Administrator Command Prompt and resume the BitLocker to ensure the system remains protected, using the command: Manage-bde -protectors -enable c:</li></ol><div><strong>Note</strong> The workaround needs to be followed on every system restart unless BitLocker is suspended before restarting.</div><div><br></div><div>To prevent this issue, execute the following command to temporarily suspend BitLocker just before restarting the system: <strong>Manage-bde -protectors -disable c: -rc 1</strong></div><div><strong>Note</strong> This command will suspend BitLocker for 1 restart of the device (-rc 1 option only works inside OS and does not work from recovery environment).</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#515msg'>Back to top</a></td><td>OS Build 15063.1805<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4499181' target='_blank'>KB4499181</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>June 21, 2019 <br>05:23 PM PT<br><br>Opened:<br>May 21, 2019 <br>08:50 AM PT</td></tr>
</table>
"
- title: January 2019
- items:
- type: markdown

4
windows/release-information/status-windows-server-2012.yml
View File

@ -60,9 +60,9 @@ sections:
- type: markdown
text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
<tr><td><div id='505msg'></div><b>Some devices and generation 2 Hyper-V VMs may have issues installing updates</b><br>Some devices and generation 2 Hyper-V virtual machines (VMs) may have issues installing some updates when Secure Boot is enabled.<br><br><a href = '#505msgdesc'>See details ></a></td><td>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503285' target='_blank'>KB4503285</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>June 19, 2019 <br>04:57 PM PT</td></tr>
<tr><td><div id='378msg'></div><b>Japanese IME doesn't show the new Japanese Era name as a text input option</b><br>If previous dictionary updates are installed, the Japanese input method editor (IME) doesn't show the new Japanese Era name as a text input option.<br><br><a href = '#378msgdesc'>See details ></a></td><td>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493462' target='_blank'>KB4493462</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 15, 2019 <br>05:53 PM PT</td></tr>
<tr><td><div id='314msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.<br><br><a href = '#314msgdesc'>See details ></a></td><td>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480975' target='_blank'>KB4480975</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='514msg'></div><b>Some devices and generation 2 Hyper-V VMs may have issues installing updates</b><br>Some devices and generation 2 Hyper-V virtual machines (VMs) may have issues installing some updates when Secure Boot is enabled.<br><br><a href = '#514msgdesc'>See details ></a></td><td>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503285' target='_blank'>KB4503285</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503295' target='_blank'>KB4503295</a></td><td>June 21, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='512msg'></div><b>IE11 may stop working when loading or interacting with Power BI reports</b><br>Power BI reports that contain line charts with markers may cause Internet Explorer 11 to stop working.<br><br><a href = '#512msgdesc'>See details ></a></td><td>May 14, 2019<br><a href ='https://support.microsoft.com/help/4499171' target='_blank'>KB4499171</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503295' target='_blank'>KB4503295</a></td><td>June 21, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='510msg'></div><b>Event Viewer may close or you may receive an error when using Custom Views</b><br>When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.<br><br><a href = '#510msgdesc'>See details ></a></td><td>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503285' target='_blank'>KB4503285</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503295' target='_blank'>KB4503295</a></td><td>June 20, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='487msg'></div><b>Issue using PXE to start a device from WDS</b><br>There may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension.<br><br><a href = '#487msgdesc'>See details ></a></td><td>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489891' target='_blank'>KB4489891</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503285' target='_blank'>KB4503285</a></td><td>June 11, 2019 <br>10:00 AM PT</td></tr>
@ -81,7 +81,7 @@ sections:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='505msgdesc'></div><b>Some devices and generation 2 Hyper-V VMs may have issues installing updates</b><div>Some devices and generation 2 Hyper-V virtual machines (VMs) may have issues installing <a href='https://support.microsoft.com/help/4503285' target='_blank'>KB4503285</a> or later updates when Secure Boot is enabled.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Server: Windows Server 2012</li></ul><div></div><div><strong>Workaround:</strong> Disabling Secure Boot should allow the update to install as expected. You can enable Secure Boot again after installation is complete.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#505msg'>Back to top</a></td><td>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503285' target='_blank'>KB4503285</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>June 19, 2019 <br>04:57 PM PT<br><br>Opened:<br>June 19, 2019 <br>04:57 PM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='514msgdesc'></div><b>Some devices and generation 2 Hyper-V VMs may have issues installing updates</b><div>Some devices and generation 2 Hyper-V virtual machines (VMs) may have issues installing <a href='https://support.microsoft.com/help/4503285' target='_blank'>KB4503285</a> or later updates when Secure Boot is enabled.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Server: Windows Server 2012</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4503295' target='_blank'>KB4503295</a>. If your device is using Security Only updates, this issue was resolved in&nbsp;<a href=\"https://support.microsoft.com/help/4508776\" target=\"_blank\" style=\"\">KB4508776</a>.</div><br><a href ='#514msg'>Back to top</a></td><td>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503285' target='_blank'>KB4503285</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503295' target='_blank'>KB4503295</a></td><td>Resolved:<br>June 21, 2019 <br>02:00 PM PT<br><br>Opened:<br>June 19, 2019 <br>04:57 PM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='512msgdesc'></div><b>IE11 may stop working when loading or interacting with Power BI reports</b><div>Internet Explorer 11 may stop working when loading or interacting with Power BI reports that have line charts with markers. This issue may also occur when viewing other content that contains Scalable Vector Graphics (SVG) markers.</div><div><br></div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1; Windows 8.1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2</li></ul><div></div><div><br></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in&nbsp;Preview Rollup <a href='https://support.microsoft.com/help/4503295' target='_blank'>KB4503295</a>. If you are using the Internet Explorer cumulative updates, this issue was resolved in <a href=\"https://support.microsoft.com/help/4508646\" target=\"_blank\">KB4508646</a>.</div><br><a href ='#512msg'>Back to top</a></td><td>May 14, 2019<br><a href ='https://support.microsoft.com/help/4499171' target='_blank'>KB4499171</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503295' target='_blank'>KB4503295</a></td><td>Resolved:<br>June 21, 2019 <br>02:00 PM PT<br><br>Opened:<br>June 07, 2019 <br>02:57 PM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='510msgdesc'></div><b>Event Viewer may close or you may receive an error when using Custom Views</b><div>When trying to expand, view, or create&nbsp;<strong>Custom Views&nbsp;</strong>in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using&nbsp;<strong>Filter Current Log</strong>&nbsp;in the&nbsp;<strong>Action&nbsp;</strong>menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4503295' target='_blank'>KB4503295</a>. If you are using Security Only updates, see <a href=\"https://support.microsoft.com/help/4508640\" target=\"_blank\" style=\"\">KB4508640</a> for resolving KB for your platform.</div><br><a href ='#510msg'>Back to top</a></td><td>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503285' target='_blank'>KB4503285</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503295' target='_blank'>KB4503295</a></td><td>Resolved:<br>June 20, 2019 <br>02:00 PM PT<br><br>Opened:<br>June 12, 2019 <br>11:11 AM PT</td></tr>
</table>

3
windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md
View File

@ -66,6 +66,9 @@ After a successful key registration, Windows creates a certificate request using
The AD FS registration authority verifies the key used in the certificate request matches the key that was previously registered. On a successful match, the AD FS registration authority signs the certificate request using its enrollment agent certificate and sends it to the certificate authority.
> [!NOTE]
> In order for AD FS to verify the key used in the certificate request, it needs to be able to access the https://enterpriseregistration.windows.net endpoint.
The certificate authority validates the certificate was signed by the registration authority. On successful validation of the signature, it issues a certificate based on the request and returns the certificate to the AD FS registration authority. The registration authority returns the certificate to Windows where it then installs the certificate in the current users certificate store. Once this process completes, the Windows Hello for Business provisioning workflow informs the user that they can use their PIN to sign-in through the Windows Action Center.
<br><br>

3
windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-adfs.md
View File

@ -28,6 +28,9 @@ The Windows Server 2016 Active Directory Federation Server Certificate Registrat
The Windows Hello for Business Authentication certificate template is configured to only issue certificates to certificate requests that have been signed with an enrollment agent certificate.
> [!NOTE]
> In order for AD FS to verify user certificate requests for Windows Hello for Business, it needs to be able to access the https://enterpriseregistration.windows.net endpoint.
### Configure the Registration Authority
Sign-in the AD FS server with *Domain Admin* equivalent credentials.

6
windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md
View File

@ -55,7 +55,7 @@ Sign-in a certificate authority or management workstations with _Domain Admin_ e
7. On the **Cryptography** tab, select **Key Storage Provider** from the **Provider Category** list. Select **RSA** from the **Algorithm name** list. Type **2048** in the **Minimum key size** text box. Select **SHA256** from the **Request hash** list. Click **OK**.
8. Close the console.
#### Configure Certificate Suspeding for the Domain Controller Authentication (Kerberos) Certificate Template
#### Configure Certificate Superseding for the Domain Controller Authentication (Kerberos) Certificate Template
Many domain controllers may have an existing domain controller certificate. The Active Directory Certificate Services provides a default certificate template for domain controllers--the domain controller certificate template. Later releases provided a new certificate template--the domain controller authentication certificate template. These certificate templates were provided prior to update of the Kerberos specification that stated Key Distribution Centers (KDCs) performing certificate authentication needed to include the **KDC Authentication** extension.
@ -77,6 +77,9 @@ Sign-in a certificate authority or management workstations with _Enterprise Admi
The certificate template is configured to supersede all the certificate templates provided in the certificate templates superseded templates list. However, the certificate template and the superseding of certificate templates is not active until you publish the certificate template to one or more certificate authorities.
>[!NOTE]
>The Domain Controller Certificate must be present in the NTAuth store. By default, Microsoft Enterprise CAs are added to the NTAuth store. If you are using a 3rd party CA, this may not be done by default. If the Domain Controller Certificate is not present in the NTAuth store, user authentication will fail.
### Enrollment Agent certificate template
Active Directory Federation Server used for Windows Hello for Business certificate enrollment performs its own certificate life-cycle management. Once the registration authority is configured with the proper certificate template, the AD FS server attempts to enroll the certificate on the first certificate request or when the service first starts.
@ -183,6 +186,7 @@ Sign-in to the certificate authority or management workstation with _Enterprise
4. Right-click the **Domain Controller** certificate template in the content pane and select **Delete**. Click **Yes** on the **Disable certificate templates** window.
5. Repeat step 4 for the **Domain Controller Authentication** and **Kerberos Authentication** certificate templates.
### Section Review
> [!div class="checklist"]
> * Domain Controller certificate template

2
windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md
View File

@ -77,6 +77,8 @@ Sign-in a certificate authority or management workstations with _Enterprise Admi
The certificate template is configured to supersede all the certificate templates provided in the certificate templates superseded templates list. However, the certificate template and the superseding of certificate templates is not active until you publish the certificate template to one or more certificate authorities.
>[!NOTE]
>The Domain Controller Certificate must be present in the NTAuth store. By default, Microsoft Enterprise CAs are added to the NTAuth store. If you are using a 3rd party CA, this may not be done by default. If the Domain Controller Certificate is not present in the NTAuth store, user authentication will fail.
### Publish Certificate Templates to a Certificate Authority

9
windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md
View File

@ -11,7 +11,6 @@ ms.pagetype: security
ms.localizationpriority: medium
author: dansimp
ms.author: dansimp
ms.date: 09/03/2018
ms.reviewer:
manager: dansimp
---
@ -22,7 +21,9 @@ manager: dansimp
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
When you use [Windows Analytics Update Compliance to obtain reporting into the protection status of machines or endpoints](/windows/deployment/update/update-compliance-using#wdav-assessment) in your network that are using Windows Defender Antivirus, you may encounter problems or issues.
You can use Windows Defender Antivirus with Update Compliance. Youll see status for E3, B, F1, VL, and Pro licenses. However, for E5 licenses, you need to use the [Microsoft Defender ATP portal](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints). To learn more about licensing options, see [Windows 10 product licensing options](https://www.microsoft.com/licensing/product-licensing/windows10.aspx).
When you use [Windows Analytics Update Compliance to obtain reporting into the protection status of devices or endpoints](/windows/deployment/update/update-compliance-using#wdav-assessment) in your network that are using Windows Defender Antivirus, you might encounter problems or issues.
Typically, the most common indicators of a problem are:
- You only see a small number or subset of all the devices you were expecting to see
@ -52,7 +53,9 @@ In order for devices to properly show up in Update Compliance, you have to meet
> - If the endpoint is running Windows 10 version 1607 or earlier, [Windows 10 diagnostic data must be set to the Enhanced level](https://docs.microsoft.com/windows/configuration/configure-windows-diagnostic-data-in-your-organization#enhanced-level).
> - It has been 3 days since all requirements have been met
If the above pre-requisites have all been met, you may need to proceed to the next step to collect diagnostic information and send it to us.
“You can use Windows Defender Antivirus with Update Compliance. Youll see status for E3, B, F1, VL, and Pro licenses. However, for E5 licenses, you need to use the Microsoft Defender ATP portal (https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints). To learn more about licensing options, see Windows 10 product licensing options"
If the above pre-requisites have all been met, you might need to proceed to the next step to collect diagnostic information and send it to us.
> [!div class="nextstepaction"]
> [Collect diagnostic data for Update Compliance troubleshooting](collect-diagnostic-data-update-compliance.md)