**Get ready for Surface Hub**
Explore the steps you'll need to take to set up Surface Hub.
Surface Hub Site Readiness Guide (PDF, 1.48 MB)
Unpacking guides
**Assembly for Surface Hub**
Learn how to assemble your Surface Hub.
Surface Hub Setup Guide (PDF, 1.43 MB)
Mounting and assembling guides
**Prepare your environment**
Learn about setup dependencies and account requirements.
Prepare your environment
Create and test a device account
**Get ready for Surface Hub** Explore the steps you'll need to take to set up Surface Hub. Surface Hub Site Readiness Guide (PDF, 1.48 MB) Unpacking guides | **Assembly for Surface Hub** Learn how to assemble your Surface Hub. Surface Hub Setup Guide (PDF, 1.43 MB) Mounting and assembling guides | **Prepare your environment** Learn about setup dependencies and account requirements. Prepare your environment Create and test a device account |
Option: Range of 0-100 percent of screen b | Inactivity Timeout| Default: 30 seconds
Option: Any numeric value
Data Type: Integer
Type: REG_DWORD | This setting allows you to manage the period of inactivity before dimming the device. If you do not configure this setting, the inactivity timeout is 30 seconds.| | Telemetry Enabled | Default: 01
Option: 01, 00
Type: REG_BINARY | This setting allows you to manage the sharing of app usage information to improve software and provide better user experience. To disable telemetry, set the value to 00. If you do not configure this setting, telemetry information is shared with Microsoft in accordance with the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement). | +## Changes and updates + +### Version 1.12.239.0 +*Release Date: 26 April 2019*
+This version of Surface Brightness Control adds support for the following: +- Touch delay fixes. ## Related topics - [Battery limit setting](battery-limit.md) - diff --git a/devices/surface/surface-diagnostic-toolkit-business.md b/devices/surface/surface-diagnostic-toolkit-business.md index 0a73499333..1623b7fd0b 100644 --- a/devices/surface/surface-diagnostic-toolkit-business.md +++ b/devices/surface/surface-diagnostic-toolkit-business.md @@ -27,13 +27,11 @@ Specifically, SDT for Business enables you to: To run SDT for Business, download the components listed in the following table. ->[!NOTE] ->In contrast to the way you typically install MSI packages, the SDT distributable MSI package can only be created by running Windows Installer (msiexec.exe) at a command prompt and setting the custom flag `ADMINMODE = 1`. For details, see [Run Surface Diagnostic Toolkit using commands](surface-diagnostic-toolkit-command-line.md). Mode | Primary scenarios | Download | Learn more --- | --- | --- | --- Desktop mode | Assist users in running SDT on their Surface devices to troubleshoot issues.
Create a custom package to deploy on one or more Surface devices allowing users to select specific logs to collect and analyze. | SDT distributable MSI package:
Microsoft Surface Diagnostic Toolkit for Business Installer
[Surface Tools for IT](https://www.microsoft.com/download/details.aspx?id=46703) | [Use Surface Diagnostic Toolkit in desktop mode](surface-diagnostic-toolkit-desktop-mode.md) -Command line | Directly troubleshoot Surface devices remotely without user interaction, using standard tools such as Configuration Manager. It includes the following commands:
`-DataCollector` collects all log files
`-bpa` runs health diagnostics using Best Practice Analyzer.
`-windowsupdate` checks Windows update for missing firmware or driver updates.
**Note:** Support for the ability to confirm warranty information will be available via the command `-warranty` | SDT console app:
Microsoft Surface Diagnostics App Console
[Surface Tools for IT](https://www.microsoft.com/download/details.aspx?id=46703) | [Run Surface Diagnostic Toolkit using commands](surface-diagnostic-toolkit-command-line.md) +Command line | Directly troubleshoot Surface devices remotely without user interaction, using standard tools such as Configuration Manager. It includes the following commands:
`-DataCollector` collects all log files
`-bpa` runs health diagnostics using Best Practice Analyzer.
`-windowsupdate` checks Windows update for missing firmware or driver updates.
`-warranty` checks warranty information.
| SDT console app:
Microsoft Surface Diagnostics App Console
[Surface Tools for IT](https://www.microsoft.com/download/details.aspx?id=46703) | [Run Surface Diagnostic Toolkit using commands](surface-diagnostic-toolkit-command-line.md) ## Supported devices @@ -57,16 +55,40 @@ SDT for Business is supported on Surface 3 and later devices, including: ## Installing Surface Diagnostic Toolkit for Business -To create an SDT package that you can distribute to users in your organization, you first need to install SDT at a command prompt and set a custom flag to install the tool in admin mode. SDT contains the following install option flags: +To create an SDT package that you can distribute to users in your organization: + +1. Sign in to your Surface device using the Administrator account. +2. Download SDT Windows Installer Package (.msi) from the [Surface Tools for IT download page](https://www.microsoft.com/download/details.aspx?id=46703) and copy it to a preferred location on your Surface device, such as Desktop. +3. The SDT setup wizard appears, as shown in figure 1. Click **Next**. + + >[!NOTE] + >If the setup wizard does not appear, ensure that you are signed into the Administrator account on your computer. + +  + + *Figure 1. Surface Diagnostic Toolkit setup wizard* + +4. When the SDT setup wizard appears, click **Next**, accept the End User License Agreement (EULA) + +5. On the Install Options screen, change the default install location if desired. +6. Under Setup Type, select **Advanced**. + + >[!NOTE] + >The standard option allows users to run the diagnostic tool directly on their Surface device provided they are signed into their device using an Administrator account. + +  + +7. Click **Next** and then click **Install**. + +## Installing using the command line +If desired, you can install SDT at a command prompt and set a custom flag to install the tool in admin mode. SDT contains the following install option flags: - `SENDTELEMETRY` sends telemetry data to Microsoft. The flag accepts `0` for disabled or `1` for enabled. The default value is `1` to send telemetry. - `ADMINMODE` configures the tool to be installed in admin mode. The flag accepts `0` for client mode or `1` for IT Administrator mode. The default value is `0`. -**To install SDT in ADMINMODE:** +### To install SDT from the command line: -1. Sign in to your Surface device using the Administrator account. -2. Download SDT Windows Installer Package (.msi) from the [Surface Tools for IT download page](https://www.microsoft.com/download/details.aspx?id=46703) and copy it to a preferred location on your Surface device, such as Desktop. -3. Open a command prompt and enter: +1. Open a command prompt and enter: ``` msiexec.exe /i
+This version of Surface Diagnostic Toolkit for Business adds support for the following: +- Advanced Setup option to unlock admin capabilities through the installer UI, without requiring command line configuration. +- Accessibility improvements. +- Surface brightness control settings included in logs. +- External monitor compatibility support link in report generator. diff --git a/devices/surface/surface-enterprise-management-mode.md b/devices/surface/surface-enterprise-management-mode.md index e42a925b72..0f888bcc93 100644 --- a/devices/surface/surface-enterprise-management-mode.md +++ b/devices/surface/surface-enterprise-management-mode.md @@ -154,7 +154,7 @@ Packages created with the Microsoft Surface UEFI Configurator tool are signed wi * **Key Length** – 2048 * **Hash Algorithm** – SHA-256 * **Type** – SSL Server Authentication -* **Key Usage** – Key Encipherment +* **Key Usage** – Digital signature, Key Encipherment * **Provider** – Microsoft Enhanced RSA and AES Cryptographic Provider * **Expiration Date** – 15 Months from certificate creation * **Key Export Policy** – Exportable diff --git a/devices/surface/windows-autopilot-and-surface-devices.md b/devices/surface/windows-autopilot-and-surface-devices.md index baef69db7c..f1fcb46348 100644 --- a/devices/surface/windows-autopilot-and-surface-devices.md +++ b/devices/surface/windows-autopilot-and-surface-devices.md @@ -7,7 +7,6 @@ ms.mktglfcycl: deploy ms.pagetype: surface, devices ms.sitesec: library author: brecords -ms.date: 09/12/2018 ms.author: jdecker ms.topic: article --- @@ -41,11 +40,16 @@ Support for broad deployments of Surface devices using Windows Autopilot, includ ### Surface device support Surface devices with support for out-of-box deployment with Windows Autopilot, enrolled during the purchase process with a Surface partner, include the following devices, where the devices ship from the factory with Windows 10 Version 1709: -* Surface Pro (Model 1796) + +* Surface Pro (5th gen) +* Surface Laptop(1st gen) +* Surface Studio (1st gen) +* Surface Pro 6 * Surface Book 2 -* Surface Laptop -* Surface Studio +* Surface Laptop 2 +* Surface Studio 2 * Surface Go +* Surface Go with LTE Advanced ## Surface partners enabled for Windows Autopilot Enrolling Surface devices in Windows Autopilot at the time of purchase is a capability provided by select Surface partners that are enabled with the capability to identify individual Surface devices during the purchase process and perform enrollment on an organization’s behalf. Devices enrolled by a Surface partner at time of purchase can be shipped directly to users and configured entirely through the zero-touch process of Windows Autopilot, Azure Active Directory, and Mobile Device Management. diff --git a/education/docfx.json b/education/docfx.json index 87d94a2065..aed16babee 100644 --- a/education/docfx.json +++ b/education/docfx.json @@ -26,7 +26,8 @@ "feedback_product_url": "https://support.microsoft.com/help/4021566/windows-10-send-feedback-to-microsoft-with-feedback-hub-app", "_op_documentIdPathDepotMapping": { "./": { - "depot_name": "Win.education" + "depot_name": "Win.education", + "folder_relative_path_in_docset": "./" } } }, diff --git a/education/get-started/get-started-with-microsoft-education.md b/education/get-started/get-started-with-microsoft-education.md index 6df81f8b27..c57aa58776 100644 --- a/education/get-started/get-started-with-microsoft-education.md +++ b/education/get-started/get-started-with-microsoft-education.md @@ -32,7 +32,7 @@ Hello, IT administrators! In this walkthrough, we'll show you how you can quickl - **Microsoft Teams** to bring conversations, content, and apps together in one place and create collaborate classrooms, connect in professional learning communities, and communicate with school staff - **Learning Tools** are moving beyond the OneNote desktop app and is now available in Office Lens, OneNote Online, Word Online, and Word desktop - **Whiteboard** to create interactive lessons on the big screen, share and collaborate real-time by connecting to Class Notebook and Classroom -- **Windows 10, version 1703 (Creators Update)** which brings 3D for everyone and other new and updated Windows features +- **Windows 10, version 1703 or later** which brings 3D for everyone and other new and updated Windows features - **Minecraft: Education Edition** which provides an open and immersive environment to promote creativity, collaboration, and problem-solving With Microsoft Education, schools can: @@ -60,11 +60,11 @@ Click the link to watch the video or follow the step-by-step guidance for each. ## Prerequisites Complete these tasks before you start the walkthrough: -- Make sure all the devices that you want to configure, such as student PCs, have the latest Windows 10, version 1703 image installed. +- Make sure all the devices that you want to configure, such as student PCs, have Windows 10 (version 1703 or later) image installed. - We recommend Windows 10, version 1703 to take advantage of all the new features and functionality that Windows supports. This version of Windows is also compatible with the latest version of the Set up School PCs app and the versions must match in order for Set up School PCs to provision the devices. + We recommend Windows 10, version 1703 or later, to take advantage of all the new features and functionality that Windows supports. This version of Windows is also compatible with the latest version of the Set up School PCs app and the versions must match in order for Set up School PCs to provision the devices. - If you don't have Windows 10, version 1703 installed on your devices, we recommend upgrading. This process takes a while so start this task before proceeding with this walkthrough. + If you don't have Windows 10, version 1703 or later, installed on your devices, we recommend upgrading. This process takes a while so start this task before proceeding with this walkthrough. - Have an education-verified tenant to qualify for an Office 365 for Education subscription. You also need to be education-verified to use School Data Sync and Intune for Education. diff --git a/it-client b/it-client new file mode 160000 index 0000000000..61e0a21977 --- /dev/null +++ b/it-client @@ -0,0 +1 @@ +Subproject commit 61e0a21977430f3c0eef1c32e398999dc090c332 diff --git a/mdop/docfx.json b/mdop/docfx.json index 38b354ec49..60c7cbf596 100644 --- a/mdop/docfx.json +++ b/mdop/docfx.json @@ -27,7 +27,8 @@ "feedback_product_url": "https://support.microsoft.com/help/4021566/windows-10-send-feedback-to-microsoft-with-feedback-hub-app", "_op_documentIdPathDepotMapping": { "./": { - "depot_name": "Win.mdop" + "depot_name": "Win.mdop", + "folder_relative_path_in_docset": "./" } } }, @@ -37,4 +38,4 @@ "dest": "mdop", "markdownEngineName": "dfm" } -} \ No newline at end of file +} diff --git a/mdop/mbam-v25/client-event-logs.md b/mdop/mbam-v25/client-event-logs.md index f8d2dc07c4..8f25a56a05 100644 --- a/mdop/mbam-v25/client-event-logs.md +++ b/mdop/mbam-v25/client-event-logs.md @@ -13,7 +13,7 @@ ms.date: 06/16/2016 # Client Event Logs - +MBAM Client event logs are located in Event Viewer – Applications and Services Logs – Microsoft – Windows – MBAM - Operational path. The following table contains event IDs that can occur on the MBAM Client.
Data type is integer. Supported operations are Add, Get, Replace, and Delete.
**EncryptionMethodByDriveType** -Allows you to set the default encrytion method for each of the different drive types. This setting is a direct mapping to the Bitlocker Group Policy "Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later)".
+Allows you to set the default encrytion method for each of the different drive types: operating system drives, fixed data drives, and removable data drives. Hidden, system and recovery partitions are skipped from encryption. This setting is a direct mapping to the Bitlocker Group Policy "Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later)".
| Home | @@ -429,7 +429,7 @@ The following diagram shows the BitLocker configuration service provider in tree||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
-? |
+Displays the Help for the Sdbinst.exe tool. +For example, +
|
+|||||||||
-p |
+Allows SDBs installation with Patches +For example, +
|
+|||||||||
-q |
Performs a silent installation with no visible window, status, or warning information. Fatal errors appear only in Event Viewer (Eventvwr.exe). For example, @@ -72,18 +103,6 @@ The following table describes the available command-line options.For example,
|
|||||||||
-? |
-Displays the Help for the Sdbinst.exe tool. -For example, -
|
-|||||||||
-p |
-Allows SDBs installation with Patches -For example, -
|
-
-
+
- Improving the Windows 10 update experience with control, quality and transparency - April 4, 2019 +
- Call to action: review your Windows Update for Business deferral values - April 3, 2019
- Windows 10, version 1809 designated for broad deployment - March 28, 2019
- Data, insights and listening to improve the customer experience - March 6, 2019
- Getting to know the Windows update history pages - February 21, 2019 diff --git a/windows/deployment/update/windows-update-logs.md b/windows/deployment/update/windows-update-logs.md index b65bcc0c93..df6c14cfbf 100644 --- a/windows/deployment/update/windows-update-logs.md +++ b/windows/deployment/update/windows-update-logs.md @@ -141,3 +141,5 @@ There are different identifiers for the same update in different contexts. It’ - Small integers (especially in Datastore) can be local IDs  +## Windows Setup log files analysis using SetupDiag tool +SetupDiag is a diagnostic tool that can be used for analysis of logs related to installation of Windows Updates. For detailed information, see [SetupDiag](https://docs.microsoft.com/windows/deployment/upgrade/setupdiag). diff --git a/windows/deployment/update/windows-update-resources.md b/windows/deployment/update/windows-update-resources.md index 66befc0f13..0066e48950 100644 --- a/windows/deployment/update/windows-update-resources.md +++ b/windows/deployment/update/windows-update-resources.md @@ -106,7 +106,7 @@ The following resources provide additional information about using Windows Updat - regsvr32.exe wuwebv.dll 7. Reset Winsock. To do this, type the following command at a command prompt, and then press ENTER: ``` - netsh reset winsock + netsh winsock reset ``` 8. If you are running Windows XP or Windows Server 2003, you have to set the proxy settings. To do this, type the following command at a command prompt, and then press ENTER: ``` diff --git a/windows/deployment/update/windows-update-troubleshooting.md b/windows/deployment/update/windows-update-troubleshooting.md index 5f09b45f16..4c56170e4d 100644 --- a/windows/deployment/update/windows-update-troubleshooting.md +++ b/windows/deployment/update/windows-update-troubleshooting.md @@ -20,7 +20,8 @@ If you run into problems when using Windows Update, start with the following ste 1. Run the built-in Windows Update troubleshooter to fix common issues. Navigate to **Settings > Update & Security > Troubleshoot > Windows Update**. 2. Install the most recent Servicing Stack Update (SSU) that matches your version of Windows from the Microsoft Update Catalog. See [Servicing stack updates](servicing-stack-updates.md) for more details on SSU. 3. Make sure that you install the latest Windows updates, cumulative updates, and rollup updates. To verify the update status, refer to the appropriate update history for your system: - + + - [Windows 10, version 1809 and Windows Server 2019](https://support.microsoft.com/help/4464619/windows-10-update-history) - [Windows 10, version 1803](https://support.microsoft.com/help/4099479/windows-10-update-history) - [Windows 10, version 1709](https://support.microsoft.com/help/4043454) - [Windows 10, version 1703](https://support.microsoft.com/help/4018124) diff --git a/windows/deployment/upgrade/log-files.md b/windows/deployment/upgrade/log-files.md index 1e62227e0d..a966f7ad8e 100644 --- a/windows/deployment/upgrade/log-files.md +++ b/windows/deployment/upgrade/log-files.md @@ -55,7 +55,7 @@ Event logs: Generic rollbacks (0xC1900101) or unexpected reboots. ## Log entry structure -A setupact.log or setuperr.log entry includes the following elements: +A setupact.log or setuperr.log entry (files are located at C:\Windows) includes the following elements:
- The date and time - 2016-09-08 09:20:05.
diff --git a/windows/deployment/upgrade/upgrade-readiness-data-sharing.md b/windows/deployment/upgrade/upgrade-readiness-data-sharing.md
index 9753f76d40..3eff878d63 100644
--- a/windows/deployment/upgrade/upgrade-readiness-data-sharing.md
+++ b/windows/deployment/upgrade/upgrade-readiness-data-sharing.md
@@ -12,16 +12,7 @@ ms.collection: M365-analytics
# Upgrade Readiness data sharing
-To enable data sharing with the Upgrade Readiness solution, the following endpoints must be accessible:
-
-
-| **Endpoint** | **Function** |
-|---------------------------------------------------------|-----------|
-| `https://v10.vortex-win.data.microsoft.com/collect/v1`
`https://Vortex-win.data.microsoft.com/health/keepalive` | Connected User Experiences and Telemetry component endpoint. User computers send data to Microsoft through this endpoint. | -| `https://settings.data.microsoft.com/qos` | Enables the compatibility update KB to send data to Microsoft. | -| `https://go.microsoft.com/fwlink/?LinkID=544713`
`https://compatexchange1.trafficmanager.net/CompatibilityExchangeService.svc` | This service provides driver information about whether there will be a driver available post-upgrade for the hardware on the system. | - -Whitelist these endpoints on your network. This might require working with your organizations's network security group. +To enable data sharing with the Upgrade Readiness solution, double-check the endpoints list in [Enrolling devices in Windows Analytics](../update/windows-analytics-get-started.md#enable-data-sharing) to be sure they are whitelisted. ## Connectivity to the Internet diff --git a/windows/deployment/upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md b/windows/deployment/upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md index 5b149323f8..e3ad02a8ae 100644 --- a/windows/deployment/upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md +++ b/windows/deployment/upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md @@ -12,6 +12,9 @@ ms.topic: article # Use Upgrade Readiness to manage Windows upgrades +>[!IMPORTANT] +>>**The OMS portal has been deprecated, so you need to switch to the [Azure portal](https://portal.azure.com) now.** The two portals offer the same experience, with some key differences. Learn how to use [Windows Analytics in the Azure Portal](../update/windows-analytics-azure-portal.md). Find out more about the [OMS portal moving to Azure](https://docs.microsoft.com/azure/log-analytics/log-analytics-oms-portal-transition), or jump right in and [Get started with Upgrade Readiness](https://docs.microsoft.com/windows/deployment/upgrade/upgrade-readiness-get-started). + You can use Upgrade Readiness to prioritize and work through application and driver issues, assign and track issue resolution status, and identify computers that are ready to upgrade. Upgrade Readiness enables you to deploy Windows with confidence, knowing that you’ve addressed potential blocking issues. - Based on diagnostic data from user computers, Upgrade Readiness identifies application and driver compatibility issues that may block Windows upgrades, allowing you to make data-driven decisions about your organization’s upgrade readiness. diff --git a/windows/deployment/usmt/usmt-migrate-user-accounts.md b/windows/deployment/usmt/usmt-migrate-user-accounts.md index 9fb4c1f48f..94224b2a0c 100644 --- a/windows/deployment/usmt/usmt-migrate-user-accounts.md +++ b/windows/deployment/usmt/usmt-migrate-user-accounts.md @@ -25,7 +25,7 @@ By default, all users are migrated. The only way to specify which users to inclu - [To migrate two domain accounts (User1 and User2) and move User1 from the Contoso domain to the Fabrikam domain](#bkmk-migratemoveuserone) ## To migrate all user accounts and user settings - +Links to detailed explanations of commands are available in the Related Topics section. 1. Log on to the source computer as an administrator, and specify the following in a **Command-Prompt** window: @@ -49,7 +49,7 @@ By default, all users are migrated. The only way to specify which users to inclu ## To migrate two domain accounts (User1 and User2) - +Links to detailed explanations of commands are available in the Related Topics section. 1. Log on to the source computer as an administrator, and specify: @@ -62,7 +62,7 @@ By default, all users are migrated. The only way to specify which users to inclu `loadstate \\server\share\migration\mystore /i:migdocs.xml /i:migapp.xml` ## To migrate two domain accounts (User1 and User2) and move User1 from the Contoso domain to the Fabrikam domain - +Links to detailed explanations of commands are available in the Related Topics section. 1. Log on to the source computer as an administrator, and type the following at the command-line prompt: diff --git a/windows/deployment/usmt/usmt-scanstate-syntax.md b/windows/deployment/usmt/usmt-scanstate-syntax.md index ca8aab7167..3090160049 100644 --- a/windows/deployment/usmt/usmt-scanstate-syntax.md +++ b/windows/deployment/usmt/usmt-scanstate-syntax.md @@ -89,7 +89,7 @@ To create an encrypted store using the Config.xml file and the default migrationStorePath
Indicates a folder where files and settings will be saved. Note that StorePath cannot be c:\. You must specify the StorePath option in the ScanState command, except when using the /genconfig option. You cannot specify more than one StorePath location.
Indicates a folder where files and settings will be saved. Note that StorePath cannot be C:\. You must specify the StorePath option in the ScanState command, except when using the /genconfig option. You cannot specify more than one StorePath location.
/apps
-See additional prerequisites in the [Windows Autopilot overview topic](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-autopilot#prerequisites). +## Procedures -## Create your Virtual Machine +A summary of the sections and procedures in the lab is provided below. Follow each section in the order it is presented, skipping the sections that do not apply to you. Optional procedures are provided in the appendix. -### Enable Hyper-V -The first thing to do, is to enable the Hyper-V feature on your device. ->[!IMPORTANT] ->If you already have Hyper-V enabled, skip this step. +[Verify support for Hyper-V](#verify-support-for-hyper-v) +Windows 10 installation media Windows 10 Professional or Enterprise (ISO file), version 1703 or later is required. If you do not already have an ISO to use, a link is provided to download an [evaluation version of Windows 10 Enterprise](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise). Internet access If you are behind a firewall, see the detailed [networking requirements](windows-autopilot-requirements-network.md). Otherwise, just ensure that you have a connection to the Internet. Hyper-V or a physical device running Windows 10 The guide assumes that you will use a Hyper-V VM, and provides instructions to install and configure Hyper-V if needed. To use a physical device, skip the steps to install and configure Hyper-V. A Premium Intune account This guide will describe how to obtain a free 30-day trial premium account that can be used to complete the lab.
[Enable Hyper-V](#enable-hyper-v) +
[Create a demo VM](#create-a-demo-vm) +
[Set ISO file location](#set-iso-file-location) +
[Determine network adapter name](#determine-network-adapter-name) +
[Use Windows PowerShell to create the demo VM](#use-windows-powershell-to-create-the-demo-vm) +
[Install Windows 10](#install-windows-10) +
[Capture the hardware ID](#capture-the-hardware-id) +
[Reset the VM back to Out-Of-Box-Experience (OOBE)](#reset-the-vm-back-to-out-of-box-experience-oobe) +
[Verify subscription level](#verify-subscription-level) +
[Configure company branding](#configure-company-branding) +
[Configure Microsoft Intune auto-enrollment](#configure-microsoft-intune-auto-enrollment) +
[Register your VM](#register-your-vm) +
[Autopilot registration using Intune](#autopilot-registration-using-intune) +
[Autopilot registration using MSfB](#autopilot-registration-using-msfb) +
[Create and assign a Windows Autopilot deployment profile](#create-and-assign-a-windows-autopilot-deployment-profile) +
[Create a Windows Autopilot deployment profile using Intune](#create-a-windows-autopilot-deployment-profile-using-intune) +
[Assign the profile](#assign-the-profile) +
[Create a Windows Autopilot deployment profile using MSfB](#create-a-windows-autopilot-deployment-profile-using-msfb) +
[See Windows Autopilot in action](#see-windows-autopilot-in-action) +
[Remove devices from Autopilot](#remove-devices-from-autopilot) +
[Delete (deregister) Autopilot device](#delete-deregister-autopilot-device) +
[Appendix A: Verify support for Hyper-V](#appendix-a-verify-support-for-hyper-v) +
[Appendix B: Adding apps to your profile](#appendix-b-adding-apps-to-your-profile) +
[Add a Win32 app](#add-a-win32-app) +
[Prepare the app for Intune](#prepare-the-app-for-intune) +
[Create app in Intune](#create-app-in-intune) +
[Assign the app to your Intune profile](#assign-the-app-to-your-intune-profile) +
[Add Office 365](#add-office-365) +
[Create app in Intune](#create-app-in-intune) +
[Assign the app to your Intune profile](#assign-the-app-to-your-intune-profile) +
[Glossary](#glossary) + +## Verify support for Hyper-V + +If you don't already have Hyper-V, we must first enable this on a computer running Windows 10 or Windows Server (2012 R2 or later). + +>If you already have Hyper-V enabled, skip to the [create a demo VM](#create-a-demo-vm) step. If you are using a physical device instead of a VM, skip to [Install Windows 10](#install-windows-10). + +If you are not sure that your device supports Hyper-V, or you have problems installing Hyper-V, see [appendix A](#appendix-a-verify-support-for-hyper-v) below for details on verifying that Hyper-V can be successfully installed. + +## Enable Hyper-V + +To enable Hyper-V, open an elevated Windows PowerShell prompt and run the following command: -Open a PowerShell prompt **as an administrator** and run the following: ```powershell Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V -All ``` -You will be prompted to restart your device, so save all your work and restart it before you continue. +This command works on all operating systems that support Hyper-V, but on Windows Server operating systems you must type an additional command (below) to add the Hyper-V Windows PowerShell module and the Hyper-V Manager console. The following command will also install Hyper-V if it isn't already installed, so if you're using Windows Server, you can just type the following command instead of using the Enable-WindowsOptionalFeature command: -### Create and start your demo Virtual Machine - -Now that Hyper-V is enabled, proceed to create your Virtual Machine. - -Open a PowerShell prompt **as an administrator** and run the following: ```powershell -New-VMSwitch -Name AutopilotExternal -NetAdapterName-AllowManagementOS $true +Install-WindowsFeature -Name Hyper-V -IncludeManagementTools +``` + +When you are prompted to restart the computer, choose **Yes**. The computer might restart more than once. + +>Alternatively, you can install Hyper-V using the Control Panel in Windows under **Turn Windows features on or off** for a client operating system, or using Server Manager's **Add Roles and Features Wizard** on a server operating system, as shown below: + +  + +  + + If you choose to install Hyper-V using Server Manager, accept all default selections. Also be sure to install both items under **Role Administration Tools\Hyper-V Management Tools**. + +After installation is complete, open Hyper-V Manager by typing **virtmgmt.msc** at an elevated command prompt, or by typing **Hyper-V** in the Start menu search box. + +To read more about Hyper-V, see [Introduction to Hyper-V on Windows 10](https://docs.microsoft.com/virtualization/hyper-v-on-windows/about/) and [Hyper-V on Windows Server](https://docs.microsoft.com/windows-server/virtualization/hyper-v/hyper-v-on-windows-server). + +## Create a demo VM + +Now that Hyper-V is enabled, we need to create a VM running Windows 10. We can [create a VM](https://docs.microsoft.com/virtualization/hyper-v-on-windows/quick-start/create-virtual-machine) and [virtual network](https://docs.microsoft.com/virtualization/hyper-v-on-windows/quick-start/connect-to-network) using Hyper-V Manager, but it is simpler to use Windows PowerShell. + +To use Windows Powershell we just need to know two things: + +1. The location of the Windows 10 ISO file. + - In the example, we assume the location is **c:\iso\win10-eval.iso**. +2. The name of the network interface that connects to the Internet. + - In the example, we use a Windows PowerShell command to determine this automatically. + +After we have set the ISO file location and determined the name of the appropriate network interface, we can install Windows 10. + +### Set ISO file location + +You can download an ISO file for an evaluation version of the latest release of Windows 10 Enterprise [here](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise). +- When asked to select a platform, choose **64 bit**. + +After you download this file, the name will be extremely long (ex: 17763.107.101029-1455.rs5_release_svc_refresh_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us.iso). + +1. So that it is easier to type and remember, rename the file to **win10-eval.iso**. +2. Create a directory on your computer named **c:\iso** and move the **win10-eval.iso** file there, so the path to the file is **c:\iso\win10-eval.iso**. +3. If you wish to use a different name and location for the file, you must modify the Windows PowerShell commands below to use your custom name and directory. + +### Determine network adapter name + +The Get-NetAdaper cmdlet is used below to automatically find the network adapter that is most likely to be the one you use to connect to the Internet. You should test this command first by running the following at an elevated Windows PowerShell prompt: + +```powershell +(Get-NetAdapter |?{$_.Status -eq "Up" -and !$_.Virtual}).Name +``` + +The output of this command should be the name of the network interface you use to connect to the Internet. Verify that this is the correct interface name. If it is not the correct interface name, you'll need to edit the first command below to use your network interface name. + +For example, if the command above displays Ethernet but you wish to use Ethernet2, then the first command below would be New-VMSwitch -Name AutopilotExternal -AllowManagementOS $true -NetAdapterName **Ethernet2**. + +### Use Windows PowerShell to create the demo VM + +All VM data will be created under the current path in your PowerShell prompt. Consider navigating into a new folder before running the following commands. + +>[!IMPORTANT] +>**VM switch**: a VM switch is how Hyper-V connects VMs to a network.
If you have previously enabled Hyper-V and your Internet-connected network interface is already bound to a VM switch, then the PowerShell commands below will fail. In this case, you can either delete the existing VM switch (so that the commands below can create one), or you can reuse this VM switch by skipping the first command below and either modifying the second command to replace the switch name **AutopilotExternal** with the name of your switch, or by renaming your existing switch to "AutopilotExternal."
If you have never created an external VM switch before, then just run the commands below. + +```powershell +New-VMSwitch -Name AutopilotExternal -AllowManagementOS $true -NetAdapterName (Get-NetAdapter |?{$_.Status -eq "Up" -and !$_.Virtual}).Name New-VM -Name WindowsAutopilot -MemoryStartupBytes 2GB -BootDevice VHD -NewVHDPath .\VMs\WindowsAutopilot.vhdx -Path .\VMData -NewVHDSizeBytes 80GB -Generation 2 -Switch AutopilotExternal -Add-VMDvdDrive -Path-VMName WindowsAutopilot +Add-VMDvdDrive -Path c:\iso\win10-eval.iso -VMName WindowsAutopilot Start-VM -VMName WindowsAutopilot ``` ->[!IMPORTANT] ->Make sure to replace <*Name of Network Adapter with internet access*> and <*Path to Windows 10 ISO*> with the appropriate values. ->Additionally, note that all Virtual Machine related data will be created under the current path in your PowerShell prompt. Consider navigating into a new folder before running the above. +After entering these commands, connect to the VM that you just created and wait for a prompt to press a key and boot from the DVD. You can connect to the VM by double-clicking it in Hyper-V Manager. + +See the sample output below. In this sample, the VM is created under the **c:\autopilot** directory and the vmconnect.exe command is used (which is only available on Windows Server). If you installed Hyper-V on Windows 10, use Hyper-V Manager to connect to your VM. + + +PS C:\autopilot> dir c:\iso + + + Directory: C:\iso + + +Mode LastWriteTime Length Name +---- ------------- ------ ---- +-a---- 3/12/2019 2:46 PM 4627343360 win10-eval.iso + +PS C:\autopilot> (Get-NetAdapter |?{$_.Status -eq "Up" -and !$_.Virtual}).Name +Ethernet +PS C:\autopilot> New-VMSwitch -Name AutopilotExternal -AllowManagementOS $true -NetAdapterName (Get-NetAdapter |?{$_.Status -eq "Up" -and !$_.Virtual}).Name + +Name SwitchType NetAdapterInterfaceDescription +---- ---------- ------------------------------ +AutopilotExternal External Intel(R) Ethernet Connection (2) I218-LM + +PS C:\autopilot> New-VM -Name WindowsAutopilot -MemoryStartupBytes 2GB -BootDevice VHD -NewVHDPath .\VMs\WindowsAutopilot.vhdx -Path .\VMData -NewVHDSizeBytes 80GB -Generation 2 -Switch AutopilotExternal + +Name State CPUUsage(%) MemoryAssigned(M) Uptime Status Version +---- ----- ----------- ----------------- ------ ------ ------- +WindowsAutopilot Off 0 0 00:00:00 Operating normally 8.0 + +PS C:\autopilot> Add-VMDvdDrive -Path c:\iso\win10-eval.iso -VMName WindowsAutopilot +PS C:\autopilot> Start-VM -VMName WindowsAutopilot +PS C:\autopilot> vmconnect.exe localhost WindowsAutopilot +PS C:\autopilot> dir + + Directory: C:\autopilot + +Mode LastWriteTime Length Name +---- ------------- ------ ---- +d----- 3/12/2019 3:15 PM VMData +d----- 3/12/2019 3:42 PM VMs + +PS C:\autopilot> +### Install Windows 10 -Now that the Virtual Machine was created and started, open **Hyper-V Manager** and connect to the **WindowsAutopilot** Virtual Machine. -Make sure the Virtual Machine booted from the installation media you've provided and complete the Windows installation process. +Ensure the VM booted from the installation ISO, click **Next** then click **Install now** and complete the Windows installation process. See the following examples: -Once the installation is complete, create a checkpoint. You will create multiple checkpoints throughout this process, which you can later use to go through the process again. +  +  +  +  +  +  + +>After the VM restarts, during OOBE, it’s fine to select **Set up for personal use** or **Domain join instead** and then choose an offline account on the **Sign in** screen. This will offer the fastest way to the desktop. For example: + +  + +Once the installation is complete, sign in and verify that you are at the Windows 10 desktop, then create your first Hyper-V checkpoint. Checkpoints are used to restore the VM to a previous state. You will create multiple checkpoints throughout this lab, which can be used later to go through the process again. + +  + +To create your first checkpoint, open an elevated Windows PowerShell prompt on the computer running Hyper-V (not on the VM) and run the following: -To create the checkpoint, open a PowerShell prompt **as an administrator** and run the following: ```powershell Checkpoint-VM -Name WindowsAutopilot -SnapshotName "Finished Windows install" ``` -## Capture your Virtual Machine's hardware ID +Click on the **WindowsAutopilot** VM in Hyper-V Manager and verify that you see **Finished Windows Install** listed in the Checkpoints pane. -On the newly created Virtual Machine, open a PowerShell prompt **as an administrator** and run the following: -```powershell -md c:\HWID -Set-Location c:\HWID -Set-ExecutionPolicy Unrestricted -Install-Script -Name Get-WindowsAutopilotInfo -Get-WindowsAutopilotInfo.ps1 -OutputFile AutopilotHWID.csv -``` +## Capture the hardware ID + +>NOTE: Normally, the Device ID is captured by the OEM as they run the OA3 Tool on each device in the factory. The OEM then submits the 4K HH created by the OA3 Tool to Microsoft by submitting it with a Computer Build Report (CBR). For purposes of this lab, you are acting as the OEM (capturing the 4K HH), but you’re not going to use the OA3 Tool to capture the full 4K HH for various reasons (you’d have to install the OA3 tool, your device couldn’t have a volume license version of Windows, it’s a more complicated process than using a PS script, etc.). Instead, you’ll simulate running the OA3 tool by running a PowerShell script, which captures the device 4K HH just like the OA3 tool. + +Follow these steps to run the PS script: + +1. Open an elevated Windows PowerShell prompt and run the following commands. These commands are the same regardless of whether you are using a VM or a physical device: + + ```powershell + md c:\HWID + Set-Location c:\HWID + Set-ExecutionPolicy -Scope Process -ExecutionPolicy Unrestricted -Force + Install-Script -Name Get-WindowsAutopilotInfo -Force + $env:Path += ";C:\Program Files\WindowsPowerShell\Scripts" + Get-WindowsAutopilotInfo.ps1 -OutputFile AutopilotHWID.csv + ``` + +When you are prompted to install the NuGet package, choose **Yes**. + +See the sample output below. + ++PS C:\> md c:\HWID + + Directory: C:\ + +Mode LastWriteTime Length Name +---- ------------- ------ ---- +d----- 3/14/2019 11:33 AM HWID + +PS C:\> Set-Location c:\HWID +PS C:\HWID> Set-ExecutionPolicy -Scope Process -ExecutionPolicy Unrestricted -Force +PS C:\HWID> Install-Script -Name Get-WindowsAutopilotInfo -Force + +NuGet provider is required to continue +PowerShellGet requires NuGet provider version '2.8.5.201' or newer to interact with NuGet-based repositories. The NuGet + provider must be available in 'C:\Program Files\PackageManagement\ProviderAssemblies' or +'C:\Users\user1\AppData\Local\PackageManagement\ProviderAssemblies'. You can also install the NuGet provider by running + 'Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force'. Do you want PowerShellGet to install and +import the NuGet provider now? +[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): Y +PS C:\HWID> $env:Path += ";C:\Program Files\WindowsPowerShell\Scripts" +PS C:\HWID> Get-WindowsAutopilotInfo.ps1 -OutputFile AutopilotHWID.csv +PS C:\HWID> dir + + Directory: C:\HWID + +Mode LastWriteTime Length Name +---- ------------- ------ ---- +-a---- 3/14/2019 11:33 AM 8184 AutopilotHWID.csv + +PS C:\HWID> +
+ +Verify that there is an **AutopilotHWID.csv** file in the **c:\HWID** directory that is about 8 KB in size. This file contains the complete 4K HH. + +**Note**: Although the .csv extension might be associated with Microsoft Excel, you cannot view the file properly by double-clicking it. To correctly parse the comma delimiters and view the file in Excel, you must use the **Data** > **From Text/CSV** function in Excel to import the appropriate data columns. You don't need to view the file in Excel unless you are curious. The file format will be validated when it is imported into Autopilot. An example of the data in this file is shown below. + + + +You will need to upload this data into Intune to register your device for Autopilot, so it needs to be transferred to the computer you will use to access the Azure portal. If you are using a physical device instead of a VM, you can copy the file to a USB stick. If you’re using a VM, you can right-click the AutopilotHWID.csv file and copy it, then right-click and paste the file to your desktop (outside the VM). + +If you have trouble copying and pasting the file, just view the contents in Notepad on the VM and copy the text into Notepad outside the VM. Do not use another text editor to do this. >[!NOTE] ->Accept all prompts while running the above cmdlets. +>When copying and pasting to or from VMs, avoid clicking other things with your mouse cursor between the copy and paste process as this can empty or overwrite the clipboard and require that you start over. Go directly from copy to paste. -### Mount the Virtual Hard Drive (VHD) +## Reset the VM back to Out-Of-Box-Experience (OOBE) -To gain access to the AutopilotHWID.csv that contains the hardware ID, stop the Virtual Machine to unlock the Virtual Hard Drive. - -To do that, on your device (**not** on the Virtual Machine), open a PowerShell prompt **as an administrator** and run the following: -```powershell -Stop-VM -VMName WindowsAutopilot -``` - -Once the Virtual Machine has stopped, create a checkpoint: -```powershell -Checkpoint-VM -Name WindowsAutopilot -SnapshotName "HWID captured" -``` - -With the checkpoint created, continue to mount the VHD: -```powershell -Mount-VHD -path (Get-VMHardDiskDrive -VMName WindowsAutopilot).Path -``` - -Once mounted, navigate to the new drive and copy **AutopilotHWID.csv** to a location on your device. - -Before you proceed, unmount the VHD to unlock it and start the Virtual Machine: -```powershell -Dismount-VHD -path (Get-VMHardDiskDrive -VMName WindowsAutopilot).Path -Start-VM -VMName WindowsAutopilot -``` - -## Reset Virtual Machine back to Out-Of-Box-Experience (OOBE) - -With the hardware ID captured, prepare your Virtual Machine for Windows Autopilot deployment by resetting it back to OOBE. +With the hardware ID captured in a file, prepare your Virtual Machine for Windows Autopilot deployment by resetting it back to OOBE. On the Virtual Machine, go to **Settings > Update & Security > Recovery** and click on **Get started** under **Reset this PC**. Select **Remove everything** and **Just remove my files**. Finally, click on **Reset**.  -Resetting your Virtual Machine can take a while. Proceed to the next steps while your Virtual Machine is resetting. +Resetting the VM or device can take a while. Proceed to the next step (verify subscription level) during the reset process.  +## Verify subscription level + +For this lab, you need an AAD Premium subscription. You can tell if you have a Premium subscription by navigating to the [MDM enrollment configuration](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Mobility) blade. See the following example: + +**Azure Active Directory** > **Mobility (MDM and MAM)** > **Microsoft Intune** + + + +If the configuration blade shown above does not appear, it’s likely that you don’t have a **Premium** subscription. Auto-enrollment is a feature only available in AAD Premium. + +To convert your Intune trial account to a free Premium trial account, navigate to **Azure Active Directory** > **Licenses** > **All products** > **Try / Buy** and select **Free trial** for Azure AD Premium, or EMS E5. + + + ## Configure company branding ->[!IMPORTANT] ->If you already have company branding configured in Azure Active Directory, you can skip this step. - -Navigate to [Company branding in Azure Active Directory](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/LoginTenantBranding). +If you already have company branding configured in Azure Active Directory, you can skip this step. >[!IMPORTANT] >Make sure to sign-in with a Global Administrator account. -Click on **Configure** and configure any type of company branding you'd like to see during the OOBE. +Navigate to [Company branding in Azure Active Directory](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/LoginTenantBranding), click on **Configure** and configure any type of company branding you'd like to see during the OOBE. - + -Once finished, click **Save**. +When you are finished, click **Save**. >[!NOTE] >Changes to company branding can take up to 30 minutes to apply. - ## Configure Microsoft Intune auto-enrollment ->[!IMPORTANT] ->If you already have MDM auto-enrollment configured in Azure Active Directory, you can skip this step. +If you already have MDM auto-enrollment configured in Azure Active Directory, you can skip this step. -Navigate to [Mobility (MDM and MAM) in Azure Active Directory](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Mobility) and select **Microsoft Intune**. +Open [Mobility (MDM and MAM) in Azure Active Directory](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Mobility) and select **Microsoft Intune**. If you do not see Microsoft Intune, click **Add application** and choose **Intune**. For the purposes of this demo, select **All** under the **MDM user scope** and click **Save**. - + -## Register your Virtual Machine to your organization +## Register your VM -Navigate to [Microsoft Store for Business device management](https://businessstore.microsoft.com/en-us/manage/devices). Click on **Add devices** and select the **AutopilotHWID.csv** you've saved earlier. A message will appear indicating your request is being processed. Wait a few moments before refreshing to see your Virtual Machine added. +Your VM (or device) can be registered either via Intune or Microsoft Store for Business (MSfB). Both processes are shown here, but only pick one for purposes of this lab. We highly recommend using Intune rather than MSfB. - +### Autopilot registration using Intune + +1. In Intune in the Azure portal, choose **Device enrollment** > **Windows enrollment** > **Devices** > **Import**. + +  + + >[!NOTE] + >If menu items like **Windows enrollment** are not active for you, then look to the far-right blade in the UI. You might need to provide Intune configuration privileges in a challenge window that appeared. + +2. Under **Add Windows Autopilot devices** in the far right pane, browse to the **AutopilotHWID.csv** file you previously copied to your local computer. The file should contain the serial number and 4K HH of your VM (or device). It’s okay if other fields (Windows Product ID) are left blank. + +  + + You should receive confirmation that the file is formatted correctly before uploading it, as shown above. + +3. Click **Import** and wait until the import process completes. This can take up to 15 minutes. + +4. Click **Sync** to sync the device you just registered. Wait a few moments before refreshing to verify your VM or device has been added. See the following example. + +  + +### Autopilot registration using MSfB + +>[!IMPORTANT] +>If you've already registered your VM (or device) using Intune, then skip this step. + +Optional: see the following video for an overview of the process. + + + +> [!video https://www.youtube.com/embed/IpLIZU_j7Z0] + +First, you need a MSfB account. You can use the same one you created above for Intune, or follow [these instructions](https://docs.microsoft.com/en-us/microsoft-store/windows-store-for-business-overview) to create a new one. + +Next, sign in to [Microsoft Store for Business](https://businessstore.microsoft.com/en-us/store) using your test account by clicking **Sign in** in the upper-right-corner of the main page. + +Select **Manage** from the top menu, then click the **Windows Autopilot Deployment Program** link under the **Devices** card. See the following example: + + + +Click the **Add devices** link to upload your CSV file. A message will appear indicating your request is being processed. Wait a few moments before refreshing to see your new device has been added. + + ## Create and assign a Windows Autopilot deployment profile -Navigate to [Windows enrollment in Microsoft Intune](https://portal.azure.com/#blade/Microsoft_Intune_Enrollment/OverviewBlade/windowsEnrollment). +>[!IMPORTANT] +>Autopilot profiles can be created and assigned to your registered VM or device either through Intune or MSfB. Both processes are shown here, but only pick one for purposes of this lab: -Make sure to sync the device you've just registered, by clicking on **Devices** under **Windows Autopilot Deployment Program (Preview)** and selecting **Sync**. Wait a few moments before refreshing to see your Virtual Machine added. +Pick one: +- [Create profiles using Intune](#create-a-windows-autopilot-deployment-profile-using-intune) +- [Create profiles using MSfB](#create-a-windows-autopilot-deployment-profile-using-msfb) - +### Create a Windows Autopilot deployment profile using Intune -### Create a Windows Autopilot deployment profile +>[!NOTE] +>Even if you registered your device in MSfB, it will still appear in Intune, though you might have to **sync** and then **refresh** your device list first: -Click on **Deployment profiles** under **Windows Autopilot Deployment Program (Preview)** and select **Create profile**. + - +>The example above lists both a physical device and a VM. Your list should only include only one of these. -In the **Create profile** blade, set the name to **Autopilot Intune Demo**, click on **Out-of-box experience (OOBE)** and configure the following: -| Setting name | Value | +To create a Windows Autopilot profile, select **Device enrollment** > **Windows enrollment** > **Deployment profiles** + + + +Click on **Create profile**. + + + +On the **Create profile** blade, use the following values: + +| Setting | Value | |---|---| -|Privacy Settings|Hide| -|End user license agreement (EULA)|Hide| -|User account type|Standard| +| Name | Autopilot Lab profile | +| Description | blank | +| Convert all targeted devices to Autopilot | No | +| Deployment mode | User-driven | +| Join to Azure AD as | Azure AD joined | -Click on **Save** and **Create**. +Click on **Out-of-box experience (OOBE)** and configure the following settings: - +| Setting | Value | +|---|---| +| EULA | Hide | +| Privacy Settings | Hide | +| Hide change account options | Hide | +| User account type | Standard | +| Apply device name template | No | -### Assign a Windows Autopilot deployment profile +See the following example: -With the deployment profile created, go back to **Devices** under **Windows Autopilot Deployment Program (Preview)** and select your Virtual Machine. Click on **Assign profile** and in the **Assign Profile** blade select **Autopilot Intune Demo** under the **Autopilot profile**. Click on **Assign**. + - +Click on **OK** and then click on **Create**. -Wait a few minutes for all changes to apply. +>If you want to add an app to your profile via Intune, the OPTIONAL steps for doing so can be found in [Appendix B: Adding apps to your profile](#appendix-b-adding-apps-to-your-profile). + +#### Assign the profile + +Profiles can only be assigned to Groups, so first you must create a group that contains the devices to which the profile should be applied. This guide will provide simple instructions to assign a profile, for more detailed instructions, see [Create an Autopilot device group](https://docs.microsoft.com/intune/enrollment-autopilot#create-an-autopilot-device-group) and [Assign an Autopilot deployment profile to a device group](https://docs.microsoft.com/en-us/intune/enrollment-autopilot#assign-an-autopilot-deployment-profile-to-a-device-group), as optional reading. + +To create a Group, open the Azure Portal and select **Azure Active Directory** > **Groups** > **All groups**: + + + +Select New group from the Groups blade to open the new groups UI. Select the “Security” group type, name the group, and select the “Assigned” membership type: + +Before clicking **Create**, expand the **Members** panel, click your device's serial number (it will then appear under **Selected members**) and then click **Select** to add that device to this group. + + + +Now click **Create** to finish creating the new group. + +Click on **All groups** and click **Refresh** to verify that your new group has been successfully created. + +With a group created containing your device, you can now go back and assign your profile to that group. Navigate back to the Intune page in the Azure portal (one way is to type **Intune** in the top banner search bar and select **Intune** from the results). + +From Intune, select **Device enrollment** > **Windows enrollment** > **Deployment Profiles** to open the profile blade. Click on the name of the profile you previously created (Autopilot Lab profile) to open the details blade for that profile: + + + +Under **Manage**, click **Assignments**, and then with the **Include** tab highlighted, expand the **Select groups** blade and click **AP Lab Group 1** (the group will appear under **Selected members**). + + + +Click **Select** and then click **Save**. + + + +It’s also possible to assign specific users to a profile, but we will not cover this scenario in the lab. For more detailed information, see [Enroll Windows devices in Intune by using Windows Autopilot](https://docs.microsoft.com/intune/enrollment-autopilot). + +### Create a Windows Autopilot deployment profile using MSfB + +If you have already created and assigned a profile via Intune by using the steps immediately above, then skip this section. + +A [video](https://www.youtube.com/watch?v=IpLIZU_j7Z0) is available that covers the steps required to create and assign profiles in MSfB. These steps are also summarized below. + +First, sign in to the [Microsoft Store for Business](https://businessstore.microsoft.com/manage/dashboard) using the Intune account you initially created for this lab. + +Click **Manage** from the top menu, then click **Devices** from the left navigation tree. + + + +Click the **Windows Autopilot Deployment Program** link in the **Devices** tile. + +To CREATE the profile: + +Select your device from the **Devices** list: + + + +On the Autopilot deployment dropdown menu, select **Create new profile**: + + + +Name the profile, choose your desired settings, and then click **Create**: + + + +The new profile is added to the Autopilot deployment list. + +To ASSIGN the profile: + +To assign (or reassign) the profile to a device, select the checkboxes next to the device you registered for this lab, then select the profile you want to assign from the **Autopilot deployment** dropdown menu as shown: + + + +Confirm the profile was successfully assigned to the intended device by checking the contents of the **Profile** column: + + + +>[!IMPORTANT] +>The new profile will only be applied if the device has not been started, and gone through OOBE. Settings from a different profile can't be applied when another profile has been applied. Windows would need to be reinstalled on the device for the second profile to be applied to the device. ## See Windows Autopilot in action -By now, your Virtual Machine should be back to OOBE. Make sure to wait at least 30 minutes from the time you've [configured company branding](#configure-company-branding) -, otherwise those changes might not show up. +If you shut down your VM after the last reset, it’s time to start it back up again, so it can progress through the Autopilot OOBE experience but do not attempt to start your device again until the **PROFILE STATUS** for your device in Intune has changed from **Not assigned** to **Assigning** and finally **Assigned**: + + + +Also, make sure to wait at least 30 minutes from the time you've [configured company branding](#configure-company-branding), otherwise these changes might not show up. + +>[!TIP] +>If you reset your device previously after collecting the 4K HH info, and then let it restart back to the first OOBE screen, then you might need to restart the device again to ensure the device is recognized as an Autopilot device and displays the Autopilot OOBE experience you’re expecting. If you do not see the Autopilot OOBE experience, then reset the device again (Settings > Update & Security > Recovery and click on Get started. Under Reset this PC, select Remove everything and Just remove my files. Click on Reset). + +- Ensure your device has an internet connection. +- Turn on the device +- Verify that the appropriate OOBE screens (with appropriate Company Branding) appear. You should see the region selection screen, the keyboard selection screen, and the second keyboard selection screen (which you can skip). + + + +Soon after reaching the desktop, the device should show up in Intune as an **enabled** Autopilot device. Go into the Intune Azure portal, and select **Devices > All devices**, then **Refresh** the data to verify that your device has changed from disabled to enabled, and the name of the device is updated. + + Once you select a language and a keyboard layout, your company branded sign-in screen should appear. Provide your Azure Active Directory credentials and you're all done. - +Windows Autopilot will now take over to automatically join your device into Azure Active Directory and enroll it to Microsoft Intune. Use the checkpoints you've created to go through this process again with different settings. -Windows Autopilot will now take over to automatically join your Virtual Machine into Azure Active Directory and enroll it to Microsoft Intune. Use the checkpoints you've created to go through this process again with different settings. +## Remove devices from Autopilot +To use the device (or VM) for other purposes after completion of this lab, you will need to remove (deregister) it from Autopilot via either Intune or MSfB, and then reset it. Instructions for deregistering devices can be found [here](https://docs.microsoft.com/en-us/intune/enrollment-autopilot#create-an-autopilot-device-group) and [here](https://docs.microsoft.com/en-us/intune/devices-wipe#delete-devices-from-the-azure-active-directory-portal) and below. + +### Delete (deregister) Autopilot device + +You need to delete (or retire, or factory reset) the device from Intune before deregistering the device from Autopilot. To delete the device from Intune (not Azure Active Directory), log into your Intune Azure portal, then navigate to **Intune > Devices > All Devices**. Select the checkbox next to the device you want to delete, then click the Delete button along the top menu. + + + +Click **X** when challenged to complete the operation: + + + +This will remove the device from Intune management, and it will disappear from **Intune > Devices > All devices**. But this does not yet deregister the device from Autopilot, so the device should still appear under **Intune > Device Enrollment > Windows Enrollment > Windows Autopilot Deployment Program > Devices**. + + + +The **Intune > Devices > All Devices** list and the **Intune > Device Enrollment > Windows Enrollment > Windows Autopilot Deployment Program > Devices** list mean different things and are two completely separate datastores. The former (All devices) is the list of devices currently enrolled into Intune. Note: A device will only appear in the All devices list once it has booted. The latter (Windows Autopilot Deployment Program > Devices) is the list of devices currently registered from that Intune account into the Autopilot program - which may or may not be enrolled to Intune. + +To remove the device from the Autopilot program, select the device and click Delete. + + + +A warning message appears reminding you to first remove the device from Intune, which we previously did. + + + +At this point, your device has been unenrolled from Intune and also deregistered from Autopilot. After several minutes, click the **Sync** button, followed by the **Refresh** button to confirm the device is no longer listed in the Autopilot program: + + + +Once the device no longer appears, you are free to reuse it for other purposes. + +If you also (optionally) want to remove your device from AAD, navigate to **Azure Active Directory > Devices > All Devices**, select your device, and click the delete button: + + + +## Appendix A: Verify support for Hyper-V + +Starting with Windows 8, the host computer’s microprocessor must support second level address translation (SLAT) to install Hyper-V. See [Hyper-V: List of SLAT-Capable CPUs for Hosts](https://social.technet.microsoft.com/wiki/contents/articles/1401.hyper-v-list-of-slat-capable-cpus-for-hosts.aspx) for more information. + +To verify your computer supports SLAT, open an administrator command prompt, type **systeminfo**, press ENTER, scroll down, and review the section displayed at the bottom of the output, next to Hyper-V Requirements. See the following example: + ++C:\>systeminfo + +... +Hyper-V Requirements: VM Monitor Mode Extensions: Yes + Virtualization Enabled In Firmware: Yes + Second Level Address Translation: Yes + Data Execution Prevention Available: Yes +
+ +In this example, the computer supports SLAT and Hyper-V. + +>If one or more requirements are evaluated as **No** then the computer does not support installing Hyper-V. However, if only the virtualization setting is incompatible, you might be able to enable virtualization in the BIOS and change the **Virtualization Enabled In Firmware** setting from **No** to **Yes**. The location of this setting will depend on the manufacturer and BIOS version, but is typically found associated with the BIOS security settings. + +You can also identify Hyper-V support using [tools](https://blogs.msdn.microsoft.com/taylorb/2008/06/19/hyper-v-will-my-computer-run-hyper-v-detecting-intel-vt-and-amd-v/) provided by the processor manufacturer, the [msinfo32](https://technet.microsoft.com/library/cc731397.aspx) tool, or you can download the [coreinfo](https://technet.microsoft.com/sysinternals/cc835722) utility and run it, as shown in the following example: + ++C:\>coreinfo -v + +Coreinfo v3.31 - Dump information on system CPU and memory topology +Copyright (C) 2008-2014 Mark Russinovich +Sysinternals - www.sysinternals.com + +Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz +Intel64 Family 6 Model 42 Stepping 7, GenuineIntel +Microcode signature: 0000001B +HYPERVISOR - Hypervisor is present +VMX * Supports Intel hardware-assisted virtualization +EPT * Supports Intel extended page tables (SLAT) +
+ +Note: A 64-bit operating system is required to run Hyper-V. + +## Appendix B: Adding apps to your profile + +### Add a Win32 app + +#### Prepare the app for Intune + +Before we can pull an application into Intune to make it part of our AP profile, we need to “package” the application for delivery using the [IntuneWinAppUtil.exe command-line tool](https://github.com/Microsoft/Intune-Win32-App-Packaging-Tool). After downloading the tool, gather the following three bits of information to use the tool: + +1. The source folder for your application +2. The name of the setup executable file +3. The output folder for the new file + +For the purposes of this lab, we’ll use the Notepad++ tool as our Win32 app. + +Download the Notepad++ msi package [here](https://www.hass.de/content/notepad-msi-package-enterprise-deployment-available) and then opy the file to a known location, such as C:\Notepad++msi. + +Run the IntuneWinAppUtil tool, supplying answers to the three questions, for example: + + + +After the tool finishes running, you should have an .intunewin file in the Output folder, which you can now upload into Intune using the following steps. + +#### Create app in Intune + +Log into the Azure portal and select **Intune**. + +Navigate to **Intune > Clients apps > Apps**, and then click the **Add** button to create a new app package. + + + +Under **App Type**, select **Windows app (Win32)**: + + + +On the **App package file** blade, browse to the **npp.7.6.3.installer.x64.intunewin** file in your output folder, open it, then click **OK**: + + + +On the **App Information Configure** blade, provide a friendly name, description, and publisher, such as: + + + +On the **Program Configuration** blade, supply the install and uninstall commands: + +Install: msiexec /i "npp.7.6.3.installer.x64.msi" /q +Uninstall: msiexec /x "{F188A506-C3C6-4411-BE3A-DA5BF1EA6737}" /q + +NOTE: Likely, you do not have to write the install and uninstall commands yourself because the [IntuneWinAppUtil.exe command-line tool](https://github.com/Microsoft/Intune-Win32-App-Packaging-Tool) automatically generated them when it converted the .msi file into a .intunewin file. + + + +Simply using an install command like “notepad++.exe /S” will not actually install Notepad++; it will only launch the app. To actually install the program, we need to use the .msi file instead. Notepad++ doesn’t actually have an .msi version of their program, but we got an .msi version from a [third party provider](https://www.hass.de/content/notepad-msi-package-enterprise-deployment-available). + +Click **OK** to save your input and activate the **Requirements** blade. + +On the **Requirements Configuration** blade, specify the **OS architecture** and the **Minimum OS version**: + + + +Next, configure the **Detection rules**. For our purposes, we will select manual format: + + + +Click **Add** to define the rule properties. For **Rule type**, select **MSI**, which will automatically import the right MSI product code into the rule: + + + +Click **OK** twice to save, as you back out to the main **Add app** blade again for the final configuration. + +**Return codes**: For our purposes, leave the return codes at their default values: + + + +Click **OK** to exit. + +You may skip configuring the final **Scope (Tags)** blade. + +Click the **Add** button to finalize and save your app package. + +Once the indicator message says the addition has completed. + + + +You will be able to find your app in your app list: + + + +#### Assign the app to your Intune profile + +**NOTE**: The following steps only work if you previously [created a GROUP in Intune and assigned a profile to it](#assign-the-profile). If you have not done that, please return to the main part of the lab and complete those steps before returning here. + +In the **Intune > Client Apps > Apps** pane, select the app package you already created to reveal its properties blade. Then click **Assignments** from the menu: + + + +Select **Add Group** to open the **Add group** pane that is related to the app. + +For our purposes, select *8Required** from the **Assignment type** dropdown menu: + +>**Available for enrolled devices** means users install the app from the Company Portal app or Company Portal website. + +Select **Included Groups** and assign the groups you previously created that will use this app: + + + + + +In the **Select groups** pane, click the **Select** button. + +In the **Assign group** pane, select **OK**. + +In the **Add group** pane, select **OK**. + +In the app **Assignments** pane, select **Save**. + + + +At this point, you have completed steps to add a Win32 app to Intune. + +For more information on adding adds to Intune, see [Intune Standalone - Win32 app management](https://docs.microsoft.com/en-us/intune/apps-win32-app-management). + +### Add Office 365 + +#### Create app in Intune + +Log into the Azure portal and select **Intune**. + +Navigate to **Intune > Clients apps > Apps**, and then click the **Add** button to create a new app package. + + + +Under **App Type**, select **Office 365 Suite > Windows 10**: + + + +Under the **Configure App Suite** pane, select the Office apps you want to install. For the purposes of this labe we have only selected Excel: + + + +Click **OK**. + +In the **App Suite Information** pane, enter a unique suite name, and a suitable description. + +>Enter the name of the app suite as it is displayed in the company portal. Make sure that all suite names that you use are unique. If the same app suite name exists twice, only one of the apps is displayed to users in the company portal. + + + +Click **OK**. + +In the **App Suite Settings** pane, select **Monthly** for the **Update channel** (any selection would be fine for the purposes of this lab). Also select **Yes** for **Automatically accept the app end user license agreement**: + + + +Click **OK** and then click **Add**. + +#### Assign the app to your Intune profile + +**NOTE**: The following steps only work if you previously [created a GROUP in Intune and assigned a profile to it](#assign-the-profile). If you have not done that, please return to the main part of the lab and complete those steps before returning here. + +In the **Intune > Client Apps > Apps** pane, select the Office package you already created to reveal its properties blade. Then click **Assignments** from the menu: + + + +Select **Add Group** to open the **Add group** pane that is related to the app. + +For our purposes, select **Required** from the **Assignment type** dropdown menu: + +>**Available for enrolled devices** means users install the app from the Company Portal app or Company Portal website. + +Select **Included Groups** and assign the groups you previously created that will use this app: + + + + + +In the **Select groups** pane, click the **Select** button. + +In the **Assign group** pane, select **OK**. + +In the **Add group** pane, select **OK**. + +In the app **Assignments** pane, select **Save**. + + + +At this point, you have completed steps to add Office to Intune. + +For more information on adding Office apps to Intune, see [Assign Office 365 apps to Windows 10 devices with Microsoft Intune](https://docs.microsoft.com/en-us/intune/apps-add-office365). + +If you installed both the win32 app (Notepad++) and Office (just Excel) per the instructions in this lab, your VM will show them in the apps list, although it could take several minutes to populate: + + + +## Glossary + ++
diff --git a/windows/deployment/windows-autopilot/existing-devices.md b/windows/deployment/windows-autopilot/existing-devices.md index 643cfeb6bd..0996810392 100644 --- a/windows/deployment/windows-autopilot/existing-devices.md +++ b/windows/deployment/windows-autopilot/existing-devices.md @@ -20,7 +20,7 @@ ms.topic: article Modern desktop management with Windows Autopilot enables you to easily deploy the latest version of Windows 10 to your existing devices. The apps you need for work can be automatically installed. Your work profile is synchronized, so you can resume working right away. -This topic describes how to convert Windows 7 domain-joined computers to Azure Active Directory-joined computers running Windows 10 by using Windows Autopilot. +This topic describes how to convert Windows 7 or Windows 8.1 domain-joined computers to Azure Active Directory-joined computers running Windows 10 by using Windows Autopilot. ## Prerequisites @@ -278,7 +278,7 @@ Next, ensure that all content required for the task sequence is deployed to dist ### Complete the client installation process -1. Open the Software Center on the target Windows 7 client computer. You can do this by clicking Start and then typing **software** in the search box, or by typing the following at a Windows PowerShell or command prompt: +1. Open the Software Center on the target Windows 7 or Windows 8.1 client computer. You can do this by clicking Start and then typing **software** in the search box, or by typing the following at a Windows PowerShell or command prompt: ``` C:\Windows\CCM\SCClient.exe diff --git a/windows/deployment/windows-autopilot/images/aad-lic1.png b/windows/deployment/windows-autopilot/images/aad-lic1.png new file mode 100644 index 0000000000..569d601066 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/aad-lic1.png differ diff --git a/windows/deployment/windows-autopilot/images/all-groups.png b/windows/deployment/windows-autopilot/images/all-groups.png new file mode 100644 index 0000000000..6ae904ed62 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/all-groups.png differ diff --git a/windows/deployment/windows-autopilot/images/app01.png b/windows/deployment/windows-autopilot/images/app01.png new file mode 100644 index 0000000000..f551c5ca68 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app01.png differ diff --git a/windows/deployment/windows-autopilot/images/app02.png b/windows/deployment/windows-autopilot/images/app02.png new file mode 100644 index 0000000000..e5036043cc Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app02.png differ diff --git a/windows/deployment/windows-autopilot/images/app03.png b/windows/deployment/windows-autopilot/images/app03.png new file mode 100644 index 0000000000..63ef76b3f8 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app03.png differ diff --git a/windows/deployment/windows-autopilot/images/app04.png b/windows/deployment/windows-autopilot/images/app04.png new file mode 100644 index 0000000000..bd307c4a46 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app04.png differ diff --git a/windows/deployment/windows-autopilot/images/app05.png b/windows/deployment/windows-autopilot/images/app05.png new file mode 100644 index 0000000000..83861dcd51 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app05.png differ diff --git a/windows/deployment/windows-autopilot/images/app06.png b/windows/deployment/windows-autopilot/images/app06.png new file mode 100644 index 0000000000..9563e0514c Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app06.png differ diff --git a/windows/deployment/windows-autopilot/images/app07.png b/windows/deployment/windows-autopilot/images/app07.png new file mode 100644 index 0000000000..59025e69fa Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app07.png differ diff --git a/windows/deployment/windows-autopilot/images/app08.png b/windows/deployment/windows-autopilot/images/app08.png new file mode 100644 index 0000000000..cea5edfc57 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app08.png differ diff --git a/windows/deployment/windows-autopilot/images/app09.png b/windows/deployment/windows-autopilot/images/app09.png new file mode 100644 index 0000000000..250c85dd8a Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app09.png differ diff --git a/windows/deployment/windows-autopilot/images/app10.png b/windows/deployment/windows-autopilot/images/app10.png new file mode 100644 index 0000000000..8d5af2ece1 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app10.png differ diff --git a/windows/deployment/windows-autopilot/images/app11.png b/windows/deployment/windows-autopilot/images/app11.png new file mode 100644 index 0000000000..9ca5bc10eb Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app11.png differ diff --git a/windows/deployment/windows-autopilot/images/app12.png b/windows/deployment/windows-autopilot/images/app12.png new file mode 100644 index 0000000000..3f82bf78a9 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app12.png differ diff --git a/windows/deployment/windows-autopilot/images/app13.png b/windows/deployment/windows-autopilot/images/app13.png new file mode 100644 index 0000000000..2b499f4ec2 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app13.png differ diff --git a/windows/deployment/windows-autopilot/images/app14.png b/windows/deployment/windows-autopilot/images/app14.png new file mode 100644 index 0000000000..e809db6134 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app14.png differ diff --git a/windows/deployment/windows-autopilot/images/app15.png b/windows/deployment/windows-autopilot/images/app15.png new file mode 100644 index 0000000000..b85a96bf9e Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app15.png differ diff --git a/windows/deployment/windows-autopilot/images/app16.png b/windows/deployment/windows-autopilot/images/app16.png new file mode 100644 index 0000000000..f22f74a091 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app16.png differ diff --git a/windows/deployment/windows-autopilot/images/app17.png b/windows/deployment/windows-autopilot/images/app17.png new file mode 100644 index 0000000000..5adfc9218f Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app17.png differ diff --git a/windows/deployment/windows-autopilot/images/app18.png b/windows/deployment/windows-autopilot/images/app18.png new file mode 100644 index 0000000000..24c4b9f331 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app18.png differ diff --git a/windows/deployment/windows-autopilot/images/app19.png b/windows/deployment/windows-autopilot/images/app19.png new file mode 100644 index 0000000000..281ba9fb40 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app19.png differ diff --git a/windows/deployment/windows-autopilot/images/app20.png b/windows/deployment/windows-autopilot/images/app20.png new file mode 100644 index 0000000000..a5a066b45e Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app20.png differ diff --git a/windows/deployment/windows-autopilot/images/app21.png b/windows/deployment/windows-autopilot/images/app21.png new file mode 100644 index 0000000000..d2e23f2db4 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app21.png differ diff --git a/windows/deployment/windows-autopilot/images/app22.png b/windows/deployment/windows-autopilot/images/app22.png new file mode 100644 index 0000000000..4541a69204 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app22.png differ diff --git a/windows/deployment/windows-autopilot/images/app23.png b/windows/deployment/windows-autopilot/images/app23.png new file mode 100644 index 0000000000..19b951c653 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app23.png differ diff --git a/windows/deployment/windows-autopilot/images/app24.png b/windows/deployment/windows-autopilot/images/app24.png new file mode 100644 index 0000000000..aa77e4083f Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app24.png differ diff --git a/windows/deployment/windows-autopilot/images/app25.png b/windows/deployment/windows-autopilot/images/app25.png new file mode 100644 index 0000000000..544d1ae37a Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app25.png differ diff --git a/windows/deployment/windows-autopilot/images/app26.png b/windows/deployment/windows-autopilot/images/app26.png new file mode 100644 index 0000000000..e210faa31b Binary files /dev/null and b/windows/deployment/windows-autopilot/images/app26.png differ diff --git a/windows/deployment/windows-autopilot/images/autopilot-aad-mdm.png b/windows/deployment/windows-autopilot/images/autopilot-aad-mdm.png new file mode 100644 index 0000000000..1533f68c7c Binary files /dev/null and b/windows/deployment/windows-autopilot/images/autopilot-aad-mdm.png differ diff --git a/windows/deployment/windows-autopilot/images/branding.png b/windows/deployment/windows-autopilot/images/branding.png new file mode 100644 index 0000000000..46dd37bc4a Binary files /dev/null and b/windows/deployment/windows-autopilot/images/branding.png differ diff --git a/windows/deployment/windows-autopilot/images/create-profile.png b/windows/deployment/windows-autopilot/images/create-profile.png new file mode 100644 index 0000000000..52f087721d Binary files /dev/null and b/windows/deployment/windows-autopilot/images/create-profile.png differ diff --git a/windows/deployment/windows-autopilot/images/delete-device1.png b/windows/deployment/windows-autopilot/images/delete-device1.png new file mode 100644 index 0000000000..e73f929fbd Binary files /dev/null and b/windows/deployment/windows-autopilot/images/delete-device1.png differ diff --git a/windows/deployment/windows-autopilot/images/delete-device2.png b/windows/deployment/windows-autopilot/images/delete-device2.png new file mode 100644 index 0000000000..ed764ac1ed Binary files /dev/null and b/windows/deployment/windows-autopilot/images/delete-device2.png differ diff --git a/windows/deployment/windows-autopilot/images/delete-device3.png b/windows/deployment/windows-autopilot/images/delete-device3.png new file mode 100644 index 0000000000..a2daa1c39a Binary files /dev/null and b/windows/deployment/windows-autopilot/images/delete-device3.png differ diff --git a/windows/deployment/windows-autopilot/images/delete-device4.png b/windows/deployment/windows-autopilot/images/delete-device4.png new file mode 100644 index 0000000000..c0119fbc39 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/delete-device4.png differ diff --git a/windows/deployment/windows-autopilot/images/delete-device5.png b/windows/deployment/windows-autopilot/images/delete-device5.png new file mode 100644 index 0000000000..33b539d33c Binary files /dev/null and b/windows/deployment/windows-autopilot/images/delete-device5.png differ diff --git a/windows/deployment/windows-autopilot/images/delete-device6.png b/windows/deployment/windows-autopilot/images/delete-device6.png new file mode 100644 index 0000000000..23cbcb7c44 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/delete-device6.png differ diff --git a/windows/deployment/windows-autopilot/images/delete-device7.png b/windows/deployment/windows-autopilot/images/delete-device7.png new file mode 100644 index 0000000000..dcdeee5205 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/delete-device7.png differ diff --git a/windows/deployment/windows-autopilot/images/deployment-profiles.png b/windows/deployment/windows-autopilot/images/deployment-profiles.png new file mode 100644 index 0000000000..7888da55d1 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/deployment-profiles.png differ diff --git a/windows/deployment/windows-autopilot/images/deployment-profiles2.png b/windows/deployment/windows-autopilot/images/deployment-profiles2.png new file mode 100644 index 0000000000..6ff9fbb89e Binary files /dev/null and b/windows/deployment/windows-autopilot/images/deployment-profiles2.png differ diff --git a/windows/deployment/windows-autopilot/images/device-import.png b/windows/deployment/windows-autopilot/images/device-import.png new file mode 100644 index 0000000000..3be4cff996 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/device-import.png differ diff --git a/windows/deployment/windows-autopilot/images/device-status.png b/windows/deployment/windows-autopilot/images/device-status.png new file mode 100644 index 0000000000..5a78973ce5 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/device-status.png differ diff --git a/windows/deployment/windows-autopilot/images/enabled-device.png b/windows/deployment/windows-autopilot/images/enabled-device.png new file mode 100644 index 0000000000..96dc935309 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/enabled-device.png differ diff --git a/windows/deployment/windows-autopilot/images/hwid-csv.png b/windows/deployment/windows-autopilot/images/hwid-csv.png new file mode 100644 index 0000000000..ac177e0b5a Binary files /dev/null and b/windows/deployment/windows-autopilot/images/hwid-csv.png differ diff --git a/windows/deployment/windows-autopilot/images/hwid.png b/windows/deployment/windows-autopilot/images/hwid.png new file mode 100644 index 0000000000..fcc73fa0b0 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/hwid.png differ diff --git a/windows/deployment/windows-autopilot/images/import-vm.png b/windows/deployment/windows-autopilot/images/import-vm.png new file mode 100644 index 0000000000..5fb97cda5d Binary files /dev/null and b/windows/deployment/windows-autopilot/images/import-vm.png differ diff --git a/windows/deployment/windows-autopilot/images/include-group.png b/windows/deployment/windows-autopilot/images/include-group.png new file mode 100644 index 0000000000..fb7bca7efa Binary files /dev/null and b/windows/deployment/windows-autopilot/images/include-group.png differ diff --git a/windows/deployment/windows-autopilot/images/include-group2.png b/windows/deployment/windows-autopilot/images/include-group2.png new file mode 100644 index 0000000000..585d006bac Binary files /dev/null and b/windows/deployment/windows-autopilot/images/include-group2.png differ diff --git a/windows/deployment/windows-autopilot/images/intune-devices.png b/windows/deployment/windows-autopilot/images/intune-devices.png new file mode 100644 index 0000000000..bc29c76511 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/intune-devices.png differ diff --git a/windows/deployment/windows-autopilot/images/mdm-intune.png b/windows/deployment/windows-autopilot/images/mdm-intune.png new file mode 100644 index 0000000000..db9b144fad Binary files /dev/null and b/windows/deployment/windows-autopilot/images/mdm-intune.png differ diff --git a/windows/deployment/windows-autopilot/images/mdm-intune2.png b/windows/deployment/windows-autopilot/images/mdm-intune2.png new file mode 100644 index 0000000000..d464863f37 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/mdm-intune2.png differ diff --git a/windows/deployment/windows-autopilot/images/msfb-assign1.png b/windows/deployment/windows-autopilot/images/msfb-assign1.png new file mode 100644 index 0000000000..c1e8e27e21 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb-assign1.png differ diff --git a/windows/deployment/windows-autopilot/images/msfb-assign2.png b/windows/deployment/windows-autopilot/images/msfb-assign2.png new file mode 100644 index 0000000000..fd3be16853 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb-assign2.png differ diff --git a/windows/deployment/windows-autopilot/images/msfb-create1.png b/windows/deployment/windows-autopilot/images/msfb-create1.png new file mode 100644 index 0000000000..f76aa82991 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb-create1.png differ diff --git a/windows/deployment/windows-autopilot/images/msfb-create2.png b/windows/deployment/windows-autopilot/images/msfb-create2.png new file mode 100644 index 0000000000..ec6c260fcd Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb-create2.png differ diff --git a/windows/deployment/windows-autopilot/images/msfb-create3.png b/windows/deployment/windows-autopilot/images/msfb-create3.png new file mode 100644 index 0000000000..a6241fb5ea Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb-create3.png differ diff --git a/windows/deployment/windows-autopilot/images/msfb-device.png b/windows/deployment/windows-autopilot/images/msfb-device.png new file mode 100644 index 0000000000..d338056013 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb-device.png differ diff --git a/windows/deployment/windows-autopilot/images/msfb-manage.png b/windows/deployment/windows-autopilot/images/msfb-manage.png new file mode 100644 index 0000000000..9bf684d844 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb-manage.png differ diff --git a/windows/deployment/windows-autopilot/images/msfb-manage2.png b/windows/deployment/windows-autopilot/images/msfb-manage2.png new file mode 100644 index 0000000000..406aaf5948 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb-manage2.png differ diff --git a/windows/deployment/windows-autopilot/images/msfb-manage3.png b/windows/deployment/windows-autopilot/images/msfb-manage3.png new file mode 100644 index 0000000000..bf5fb1ccf9 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb-manage3.png differ diff --git a/windows/deployment/windows-autopilot/images/msfb.png b/windows/deployment/windows-autopilot/images/msfb.png new file mode 100644 index 0000000000..af937c2c5f Binary files /dev/null and b/windows/deployment/windows-autopilot/images/msfb.png differ diff --git a/windows/deployment/windows-autopilot/images/new-group.png b/windows/deployment/windows-autopilot/images/new-group.png new file mode 100644 index 0000000000..c18c1865f6 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/new-group.png differ diff --git a/windows/deployment/windows-autopilot/images/profile.png b/windows/deployment/windows-autopilot/images/profile.png new file mode 100644 index 0000000000..40cf26bee2 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/profile.png differ diff --git a/windows/deployment/windows-autopilot/images/winsetup1.png b/windows/deployment/windows-autopilot/images/winsetup1.png new file mode 100644 index 0000000000..c8048256c4 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/winsetup1.png differ diff --git a/windows/deployment/windows-autopilot/images/winsetup2.png b/windows/deployment/windows-autopilot/images/winsetup2.png new file mode 100644 index 0000000000..43db844334 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/winsetup2.png differ diff --git a/windows/deployment/windows-autopilot/images/winsetup3.png b/windows/deployment/windows-autopilot/images/winsetup3.png new file mode 100644 index 0000000000..dbea3969de Binary files /dev/null and b/windows/deployment/windows-autopilot/images/winsetup3.png differ diff --git a/windows/deployment/windows-autopilot/images/winsetup4.png b/windows/deployment/windows-autopilot/images/winsetup4.png new file mode 100644 index 0000000000..1121b1dff5 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/winsetup4.png differ diff --git a/windows/deployment/windows-autopilot/images/winsetup5.png b/windows/deployment/windows-autopilot/images/winsetup5.png new file mode 100644 index 0000000000..2757253097 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/winsetup5.png differ diff --git a/windows/deployment/windows-autopilot/images/winsetup6.png b/windows/deployment/windows-autopilot/images/winsetup6.png new file mode 100644 index 0000000000..e91843e1ff Binary files /dev/null and b/windows/deployment/windows-autopilot/images/winsetup6.png differ diff --git a/windows/deployment/windows-autopilot/images/winsetup7.png b/windows/deployment/windows-autopilot/images/winsetup7.png new file mode 100644 index 0000000000..dadf85485e Binary files /dev/null and b/windows/deployment/windows-autopilot/images/winsetup7.png differ diff --git a/windows/deployment/windows-autopilot/images/winsetup8.png b/windows/deployment/windows-autopilot/images/winsetup8.png new file mode 100644 index 0000000000..9d7a499db0 Binary files /dev/null and b/windows/deployment/windows-autopilot/images/winsetup8.png differ diff --git a/windows/deployment/windows-autopilot/user-driven-hybrid.md b/windows/deployment/windows-autopilot/user-driven-hybrid.md index c084916d3e..d69c5869ba 100644 --- a/windows/deployment/windows-autopilot/user-driven-hybrid.md +++ b/windows/deployment/windows-autopilot/user-driven-hybrid.md @@ -32,7 +32,7 @@ To perform a user-driven hybrid AAD joined deployment using Windows Autopilot: - The device must be connected to the Internet and have access to an Active Directory domain controller. - The Intune Connector for Active Directory must be installed. - Note: The Intune Connector will perform an on-prem AD join, therefore users do not need on-prem AD-join permission, assuming the Connector is [configured to perform this action](https://docs.microsoft.com/intune/windows-autopilot-hybrid#increase-the-computer-account-limit-in-the-organizational-unit) on the user's behalf. -- If using Proxy, WDAP Proxy settings option must be enabled and configured. +- If using Proxy, WPAD Proxy settings option must be enabled and configured. **AAD device join**: The hybrid AAD join process uses the system context to perform device AAD join, therefore it is not affected by user based AAD join permission settings. In addition, all users are enabled to join devices to AAD by default. diff --git a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md index fc304b4020..358e9fefd8 100644 --- a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md +++ b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md @@ -22,16 +22,26 @@ Windows Autopilot depends on specific capabilities available in Windows 10, Azur - Windows 10 version 1703 (semi-annual channel) or higher is required. - The following editions are supported: - - Pro - - Pro Education - - Pro for Workstations - - Enterprise - - Education + - Windows 10 Pro + - Windows 10 Pro Education + - Windows 10 Pro for Workstations + - Windows 10 Enterprise + - Windows 10 Education + - Windows 10 Enterprise 2019 LTSC + + - If you're using Autopilot for Surface devices, note that only the following Surface devices support Autopilot: + - Surface Go + - Surface Go with LTE Advanced + - Surface Pro (5th gen) + - Surface Pro with LTE Advanced (5th gen) + - Surface Pro 6 + - Surface Laptop (1st gen) + - Surface Laptop 2 + - Surface Studio (1st gen) + - Surface Studio 2 + - Surface Book 2 -- Windows 10 Enterprise 2019 LTSC is also supported. - -See the following topics for details on licensing, network, and configuration requirements: -- [Licensing requirements](windows-autopilot-requirements-licensing.md) +See the following topics for details on network and configuration requirements: - [Networking requirements](windows-autopilot-requirements-network.md) - [Configuration requirements](windows-autopilot-requirements-configuration.md) - For details about specific configuration requirements to enable user-driven Hybrid Azure Active Directory join for Windows Autopilot, see [Intune Connector (preview) language requirements](intune-connector.md). This requirement is a temporary workaround, and will be removed in the next release of Intune Connector. diff --git a/windows/deployment/windows-autopilot/windows-autopilot-reset-remote.md b/windows/deployment/windows-autopilot/windows-autopilot-reset-remote.md index 30fb733eb0..7e67c7eca1 100644 --- a/windows/deployment/windows-autopilot/windows-autopilot-reset-remote.md +++ b/windows/deployment/windows-autopilot/windows-autopilot-reset-remote.md @@ -21,7 +21,7 @@ ms.topic: article When performing a remote Windows Autopilot Reset, an MDM service such an Microsoft Intune can be used to initiate the reset process, avoiding the need for IT staff or other administrators to visit each machine to initiate the process. -To enable a device for a remote Windows Autopilot Reset, the device must be MDM managed, joined to Azure AD, and configured to use the [enrollment status page](enrollment-status.md). +To enable a device for a remote Windows Autopilot Reset, the device must be MDM managed, joined to Azure AD, and configured to use the [enrollment status page](enrollment-status.md). This feature is not supported on devices that were enrolled using [Autopilot self deploying mode](self-deploying.md). ## Triggering a remote Windows Autopilot Reset @@ -34,5 +34,8 @@ To trigger a remote Windows Autopilot Reset via Intune, follow these steps: >[!NOTE] >The Autopilot Reset option will not be enabled in Microsoft Intune for devices not running Windows 10 build 17672 or higher. +>[!IMPORTANT] +>The feature for Autopilot Reset (preview) will stay grayed out, **unless** you reset the device using Autopilot (either using Fresh Reset or manually sysprep the device). + Once the reset is complete, the device is again ready for use. - \ No newline at end of file + diff --git a/windows/deployment/windows-autopilot/windows-autopilot-reset.md b/windows/deployment/windows-autopilot/windows-autopilot-reset.md index 1a5c9e982d..78eca0eb39 100644 --- a/windows/deployment/windows-autopilot/windows-autopilot-reset.md +++ b/windows/deployment/windows-autopilot/windows-autopilot-reset.md @@ -33,6 +33,9 @@ Windows Autopilot Reset will block the user from accessing the desktop until thi >[!IMPORTANT] >To reestablish Wi-Fi connectivity after reset, make sure the **Connect automatically** box is checked for the device's wireless network connection. +>[!NOTE] +>The Autopilot Reset does not support Hybrid Azure AD joined devices. + ## Scenarios Windows Autopilot Reset supports two scenarios: diff --git a/windows/device-security/docfx.json b/windows/device-security/docfx.json index acfa4df08b..bac00186ea 100644 --- a/windows/device-security/docfx.json +++ b/windows/device-security/docfx.json @@ -39,7 +39,8 @@ "ms.date": "04/05/2017", "_op_documentIdPathDepotMapping": { "./": { - "depot_name": "MSDN.win-device-security" + "depot_name": "MSDN.win-device-security", + "folder_relative_path_in_docset": "./" } } }, @@ -47,4 +48,4 @@ "template": [], "dest": "win-device-security" } -} \ No newline at end of file +} diff --git a/windows/hub/TOC.md b/windows/hub/TOC.md index 1883594880..a811ff7119 100644 --- a/windows/hub/TOC.md +++ b/windows/hub/TOC.md @@ -1,6 +1,6 @@ # [Windows 10 and Windows 10 Mobile](index.md) ## [What's new](/windows/whats-new) -## [Release information](release-information.md) +## [Release information](/windows/release-information) ## [Deployment](/windows/deployment) ## [Configuration](/windows/configuration) ## [Client management](/windows/client-management) diff --git a/windows/hub/breadcrumb/toc.yml b/windows/hub/breadcrumb/toc.yml index 4539d3b751..a28aaa3b77 100644 --- a/windows/hub/breadcrumb/toc.yml +++ b/windows/hub/breadcrumb/toc.yml @@ -25,9 +25,9 @@ - name: Mobile Device Management tocHref: /windows/client-management/mdm/ topicHref: /windows/client-management/mdm/index - - name: Known issues - tocHref: /windows/known-issues/ - topicHref: /windows/known-issues/index + - name: Release information + tocHref: /windows/release-information/ + topicHref: /windows/release-information/index - name: Privacy tocHref: /windows/privacy/ topicHref: /windows/privacy/index diff --git a/windows/hub/docfx.json b/windows/hub/docfx.json index a44aea3b51..292438cfe3 100644 --- a/windows/hub/docfx.json +++ b/windows/hub/docfx.json @@ -44,7 +44,8 @@ "feedback_product_url": "https://support.microsoft.com/help/4021566/windows-10-send-feedback-to-microsoft-with-feedback-hub-app", "_op_documentIdPathDepotMapping": { "./": { - "depot_name": "MSDN.windows-hub" + "depot_name": "MSDN.windows-hub", + "folder_relative_path_in_docset": "./" } } }, @@ -53,4 +54,4 @@ "dest": "windows-hub", "markdownEngineName": "dfm" } -} \ No newline at end of file +} diff --git a/windows/keep-secure/docfx.json b/windows/keep-secure/docfx.json index c69d3e3f49..e7c4c32d2a 100644 --- a/windows/keep-secure/docfx.json +++ b/windows/keep-secure/docfx.json @@ -32,7 +32,8 @@ "globalMetadata": { "_op_documentIdPathDepotMapping": { "./": { - "depot_name": "MSDN.keep-secure" + "depot_name": "MSDN.keep-secure", + "folder_relative_path_in_docset": "./" } } }, @@ -40,4 +41,4 @@ "template": [], "dest": "keep-secure" } -} \ No newline at end of file +} diff --git a/windows/manage/docfx.json b/windows/manage/docfx.json index eee8740627..36d3bfc69c 100644 --- a/windows/manage/docfx.json +++ b/windows/manage/docfx.json @@ -32,7 +32,8 @@ "globalMetadata": { "_op_documentIdPathDepotMapping": { "./": { - "depot_name": "MSDN.windows-manage" + "depot_name": "MSDN.windows-manage", + "folder_relative_path_in_docset": "./" } } }, @@ -40,4 +41,4 @@ "template": [], "dest": "windows-manage" } -} \ No newline at end of file +} diff --git a/windows/plan/docfx.json b/windows/plan/docfx.json index 4a303a21bc..1a52d12cc9 100644 --- a/windows/plan/docfx.json +++ b/windows/plan/docfx.json @@ -32,7 +32,8 @@ "globalMetadata": { "_op_documentIdPathDepotMapping": { "./": { - "depot_name": "MSDN.windows-plan" + "depot_name": "MSDN.windows-plan", + "folder_relative_path_in_docset": "./" } } }, @@ -40,4 +41,4 @@ "template": [], "dest": "windows-plan" } -} \ No newline at end of file +} diff --git a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md index da571eeaf2..3d87b25a9b 100644 --- a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md +++ b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md @@ -155,14 +155,18 @@ The following table defines the endpoints for Connected User Experiences and Tel Windows release | Endpoint --- | --- -Windows 10, versions 1703 and 1709 | Diagnostics data: v10.vortex-win.data.microsoft.com/collect/v1Functional: v20.vortex-win.data.microsoft.com/collect/v1Windows Advanced Threat Protection is country specific and the prefix changes by country for example: **de**.vortex-win.data.microsoft.com/collect/v1settings-win.data.microsoft.com -Windows 10, version 1607 | v10.vortex-win.data.microsoft.comsettings-win.data.microsoft.com +Windows 10, versions 1703 or later, with the 2018-09 cumulative update installed| Diagnostics data: v10c.vortex-win.data.microsoft.comFunctional: v20.vortex-win.data.microsoft.comWindows Advanced Threat Protection is country specific and the prefix changes by country for example: **de**.vortex-win.data.microsoft.comsettings-win.data.microsoft.com +Windows 10, versions 1803 or later, without the 2018-09 cumulative update installed | Diagnostics data: v10.events.data.microsoft.comFunctional: v20.vortex-win.data.microsoft.comWindows Advanced Threat Protection is country specific and the prefix changes by country for example: **de**.vortex-win.data.microsoft.comsettings-win.data.microsoft.com +Windows 10, version 1709 or earlier | Diagnostics data: v10.vortex-win.data.microsoft.comFunctional: v20.vortex-win.data.microsoft.comWindows Advanced Threat Protection is country specific and the prefix changes by country for example: **de**.vortex-win.data.microsoft.comsettings-win.data.microsoft.com +Windows 7 and Windows 8.1 | vortex-win.data.microsoft.com The following table defines the endpoints for other diagnostic data services: | Service | Endpoint | | - | - | | [Windows Error Reporting](https://msdn.microsoft.com/library/windows/desktop/bb513641.aspx) | watson.telemetry.microsoft.com | +| | umwatsonc.events.data.microsoft.com | +| | kmwatsonc.events.data.microsoft.com | | | ceuswatcab01.blob.core.windows.net | | | ceuswatcab02.blob.core.windows.net | | | eaus2watcab01.blob.core.windows.net | @@ -170,7 +174,7 @@ The following table defines the endpoints for other diagnostic data services: | | weus2watcab01.blob.core.windows.net | | | weus2watcab02.blob.core.windows.net | | [Online Crash Analysis](https://msdn.microsoft.com/library/windows/desktop/ee416349.aspx) | oca.telemetry.microsoft.com | -| OneDrive app for Windows 10 | vortex.data.microsoft.com/collect/v1 | +| OneDrive app for Windows 10 | vortex.data.microsoft.com | ### Data use and access @@ -356,9 +360,9 @@ You can turn on or turn off System Center diagnostic data gathering. The default The lowest diagnostic data setting level supported through management policies is **Security**. The lowest diagnostic data setting supported through the Settings UI is **Basic**. The default diagnostic data setting for Windows Server 2016 is **Enhanced**. -### Configure the operating system diagnostic data level +## Configure the operating system diagnostic data level -You can configure your operating system diagnostic data settings using the management tools you’re already using, such as Group Policy, MDM, or Windows Provisioning. You can also manually change your settings using Registry Editor. Setting your diagnostic data levels through a management policy sets the upper level for diagnostic data on the device. +You can configure your operating system diagnostic data settings using the management tools you’re already using, such as **Group Policy, MDM, or Windows Provisioning.** You can also manually change your settings using Registry Editor. Setting your diagnostic data levels through a management policy sets the upper level for diagnostic data on the device. Use the appropriate value in the table below when you configure the management policy. @@ -388,7 +392,7 @@ Use the [Policy Configuration Service Provider (CSP)](https://msdn.microsoft.com ### Use Registry Editor to set the diagnostic data level -Use Registry Editor to manually set the registry level on each device in your organization or you can write a script to edit the registry. If a management policy already exists, such as Group Policy or MDM, it will override this registry setting. +Use Registry Editor to manually set the registry level on the devices in your organization, or you can write a script to edit the registry. If a management policy already exists, such as Group Policy or MDM, the policy will replace the manually set registry level. 1. Open Registry Editor, and go to **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\DataCollection**. diff --git a/windows/privacy/diagnostic-data-viewer-overview.md b/windows/privacy/diagnostic-data-viewer-overview.md index 2f7c2c256d..ec17064fc8 100644 --- a/windows/privacy/diagnostic-data-viewer-overview.md +++ b/windows/privacy/diagnostic-data-viewer-overview.md @@ -21,17 +21,17 @@ ms.date: 01/17/2018 **Applies to** - Windows 10, version 1809 -- Windows 10, version 1803 +- Windows 10, version 1803 ## Introduction -The Diagnostic Data Viewer is a Windows app that lets you review the diagnostic data your device is sending to Microsoft, grouping the info into simple categories based on how it's used by Microsoft. +The Diagnostic Data Viewer is a Windows app that lets you review the Windows diagnostic data your device is sending to Microsoft, grouping the info into simple categories based on how it's used by Microsoft. ## Install and Use the Diagnostic Data Viewer -You must turn on data viewing and download the app before you can use the Diagnostic Data Viewer to review your device's diagnostic data. +You must download the app before you can use the Diagnostic Data Viewer to review your device's diagnostic data. ### Turn on data viewing -Before you can use this tool, you must turn on data viewing in the **Settings** panel. Turning on data viewing lets Windows store your device's diagnostic data until you turn it off. Turning off data viewing stops Windows from collecting your diagnostic data and clears the existing diagnostic data from your device. +Before you can use this tool for viewing Windows diagnostic data, you must turn on data viewing in the **Settings** panel. Turning on data viewing lets Windows store your device's diagnostic data until you turn it off. Turning off data viewing stops Windows from collecting your diagnostic data and clears the existing diagnostic data from your device. Note that this setting does not affect your Office data viewing or history. **To turn on data viewing** 1. Go to **Start**, select **Settings** > **Privacy** > **Diagnostics & feedback**. @@ -44,7 +44,7 @@ Before you can use this tool, you must turn on data viewing in the **Settings** Download the app from the [Microsoft Store Diagnostic Data Viewer](https://www.microsoft.com/en-us/store/p/diagnostic-data-viewer/9n8wtrrsq8f7?rtc=1) page. ### Start the Diagnostic Data Viewer -You must start this app from the **Settings** panel. +You can start this app from the **Settings** panel. **To start the Diagnostic Data Viewer** 1. Go to **Start**, select **Settings** > **Privacy** > **Diagnostics & feedback**. @@ -58,29 +58,25 @@ You must start this app from the **Settings** panel. 3. Close the Diagnostic Data Viewer app, use your device as you normally would for a few days, and then open Diagnostic Data Viewer again to review the updated list of diagnostic data. >[!Important] - >Turning on data viewing can use up to 1GB of disk space on your system drive. We strongly recommend that your turn off data viewing when you're done using the Diagnostic Data Viewer. For info about turning off data viewing, see the [Turn off data viewing](#turn-off-data-viewing) section in this article. + >Turning on data viewing can use up to 1GB (by default) of disk space on your system drive. We strongly recommend that you turn off data viewing when you're done using the Diagnostic Data Viewer. For info about turning off data viewing, see the [Turn off data viewing](#turn-off-data-viewing) section in this article. ### Use the Diagnostic Data Viewer The Diagnostic Data Viewer provides you with the following features to view and filter your device's diagnostic data. -- **View your diagnostic events.** In the left column, you can review your diagnostic events. These events reflect activities that occurred and were sent to Microsoft. +- **View your Windows diagnostic events.** In the left column, you can review your diagnostic events. These events reflect activities that occurred and were sent to Microsoft. Selecting an event opens the detailed JSON view, which provides the exact details uploaded to Microsoft. Microsoft uses this info to continually improve the Windows operating system. - + >[!Important] >Seeing an event does not necessarily mean it has been uploaded yet. It’s possible that some events are still queued and will be uploaded at a later time. - -  + +  - **Search your diagnostic events.** The **Search** box at the top of the screen lets you search amongst all of the diagnostic event details. The returned search results include any diagnostic event that contains the matching text. Selecting an event opens the detailed JSON view, with the matching text highlighted. -- **Filter your diagnostic event categories.** The apps Menu button opens the detailed menu. In here, you'll find a list of diagnostic event categories, which define how the events are used by Microsoft. - - Selecting a check box lets you filter between the diagnostic event categories. - -  +- **Filter your diagnostic event categories.** The app's **Menu** button opens the detailed menu. In here, you'll find a list of diagnostic event categories, which define how the events are used by Microsoft. Selecting a check box lets you filter between the diagnostic event categories. - **Help to make your Windows experience better.** Microsoft only needs diagnostic data from a small amount of devices to make big improvements to the Windows operating system and ultimately, your experience. If you’re a part of this small device group and you experience issues, Microsoft will collect the associated event diagnostic data, allowing your info to potentially help fix the issue for others. @@ -93,8 +89,20 @@ The Diagnostic Data Viewer provides you with the following features to view and >[!Important] >All content in the Feedback Hub is publicly viewable. Therefore, make sure you don't put any personal info into your feedback comments. +- **View a summary of the data you've shared with us over time.** Available for users on build 19H1+, 'About my data' in Diagnostic Data Viewer lets you see an overview of the Windows data you've shared with Microsoft. + + Through this feature, you can checkout how much data you send on average each day, the breakdown of your data by category, the top components and services that have sent data, and more. + + >[!Important] + >This content is a reflection of the history of Windows data the app has stored. If you'd like to have extended analyses, please modify the storage capacity of Diagnostic Data Viewer. + +  + +## View Office Diagnostic Data +By default, Diagnostic Data Viewer shows you Windows data. You can also view Office diagnostic data by enabling the feature in the app settings page. To learn more about how to view Office diagnostic data, please visit this [page](https://go.microsoft.com/fwlink/?linkid=2023830). + ## Turn off data viewing -When you're done reviewing your diagnostic data, you should turn of data viewing. +When you're done reviewing your diagnostic data, you should turn of data viewing. This will also remove your Windows data history. Note that this setting does not affect your Office data viewing or history. **To turn off data viewing** 1. Go to **Start**, select **Settings** > **Privacy** > **Diagnostics & feedback**. @@ -103,8 +111,24 @@ When you're done reviewing your diagnostic data, you should turn of data viewing  +## Modifying the size of your data history +By default, Diagnostic Data Viewer shows you up to 1GB or 30 days of data (whichever comes first) for Windows diagnostic data. Once either the time or space limit is reached, the data is incrementally dropped with the oldest data points dropped first. + + >[!Important] + >Note that if you have [Office diagnostic data viewing enabled](#view-office-diagnostic-data), the Office data history is fixed at 1 GB and cannot be modified. + +**Modify the size of your data history** + + To make changes to the size of your Windows diagnostic data history, visit the **app settings**, located at the bottom of the navigation menu. Data will be incrementally dropped with the oldest data points first once your chosen size or time limit is reached. + + >[!Important] + >Decreasing the maximum amount of diagnostic data viewable through the tool will remove all data history and requires a reboot of your device. Additionally, increasing the maximum amount of diagnostic data viewable by the tool may come with performance impacts to your machine. + +  + ## View additional diagnostic data in the View problem reports tool Available on Windows 1809 and higher, you can review additional Windows Error Reporting diagnostic data in the **View problem reports** page within the Diagnostic Data Viewer. + This page provides you with a summary of various crash reports that are sent to Microsoft as part of Windows Error Reporting. We use this data to find and fix specific issues that are hard to replicate and to improve the Windows operating system. @@ -112,7 +136,7 @@ You can also use the Windows Error Reporting tool available in the Control Panel **To view your Windows Error Reporting diagnostic data using the Diagnostic Data Viewer** -Starting with Windows 1809 and higher, you can review Windows Error Reporting diagnostic data in the Diagnostic Data Viewer. +Starting with Windows 1809 and higher, you can review Windows Error Reporting diagnostic data in the Diagnostic Data Viewer.  @@ -123,3 +147,4 @@ Go to **Start** and search for _Problem Reports_. The **Review problem reports** tool opens, showing you your Windows Error Reporting reports, along with a status about whether it was sent to Microsoft.  + diff --git a/windows/privacy/docfx.json b/windows/privacy/docfx.json index 98296c6b76..9221109b4d 100644 --- a/windows/privacy/docfx.json +++ b/windows/privacy/docfx.json @@ -36,13 +36,19 @@ "breadcrumb_path": "/windows/windows-10/breadcrumb/toc.json", "ms.technology": "windows", "ms.topic": "article", - "feedback_system": "GitHub", + "feedback_system": "GitHub", "feedback_github_repo": "MicrosoftDocs/windows-itpro-docs", - "feedback_product_url": "https://support.microsoft.com/help/4021566/windows-10-send-feedback-to-microsoft-with-feedback-hub-app" + "feedback_product_url": "https://support.microsoft.com/help/4021566/windows-10-send-feedback-to-microsoft-with-feedback-hub-app", + "_op_documentIdPathDepotMapping": { + "./": { + "depot_name": "MSDN.privacy", + "folder_relative_path_in_docset": "./" + } + } }, "fileMetadata": {}, "template": [], "dest": "privacy", "markdownEngineName": "markdig" } -} \ No newline at end of file +} diff --git a/windows/privacy/images/ddv-analytics.png b/windows/privacy/images/ddv-analytics.png new file mode 100644 index 0000000000..499a541b00 Binary files /dev/null and b/windows/privacy/images/ddv-analytics.png differ diff --git a/windows/privacy/images/ddv-event-view.jpg b/windows/privacy/images/ddv-event-view.jpg new file mode 100644 index 0000000000..0a6c2ef113 Binary files /dev/null and b/windows/privacy/images/ddv-event-view.jpg differ diff --git a/windows/privacy/images/ddv-event-view.png b/windows/privacy/images/ddv-event-view.png deleted file mode 100644 index 264add2d9c..0000000000 Binary files a/windows/privacy/images/ddv-event-view.png and /dev/null differ diff --git a/windows/privacy/images/ddv-problem-reports.png b/windows/privacy/images/ddv-problem-reports.png index 49ae0fffc0..bd3dc7ba7d 100644 Binary files a/windows/privacy/images/ddv-problem-reports.png and b/windows/privacy/images/ddv-problem-reports.png differ diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index 0cbf266f2a..923bfedcb3 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -1,4 +1,4 @@ ---- +--- title: Manage connections from Windows operating system components to Microsoft services (Windows 10) description: If you want to minimize connections from Windows to Microsoft services, or configure particular privacy settings, this article covers the settings that you could consider. ms.assetid: ACCEB0DD-BC6F-41B1-B359-140B242183D9 @@ -133,7 +133,7 @@ The following table lists management options for each setting, beginning with Wi | [18.3 Camera](#bkmk-priv-camera) |  |  |  |  | | | [18.4 Microphone](#bkmk-priv-microphone) |  |  |  |  | | | [18.5 Notifications](#bkmk-priv-notifications) |  |  | |  | | -| [18.6 Speech, inking, & typing](#bkmk-priv-speech) |  |  |  |  | | +| [18.6 Speech](#bkmk-priv-speech) |  |  |  |  | | | [18.7 Account info](#bkmk-priv-accounts) |  |  |  |  | | | [18.8 Contacts](#bkmk-priv-contacts) |  |  |  |  | | | [18.9 Calendar](#bkmk-priv-calendar) |  |  |  |  | | @@ -148,6 +148,7 @@ The following table lists management options for each setting, beginning with Wi | [18.18 Motion](#bkmk-priv-motion) |  |  |  |  | | | [18.19 Tasks](#bkmk-priv-tasks) |  |  |  |  | | | [18.20 App Diagnostics](#bkmk-priv-diag) |  |  |  |  | | +| [18.21 Inking & Typing](#bkmk-priv-ink) |  | |  |  | | | [19. Software Protection Platform](#bkmk-spp) | |  |  |  | | | [20. Storage Health](#bkmk-storage-health) | |  | | | | | [21. Sync your settings](#bkmk-syncsettings) |  |  |  |  | | @@ -155,12 +156,11 @@ The following table lists management options for each setting, beginning with Wi | [23. Wi-Fi Sense](#bkmk-wifisense) |  |  | |  | | | [24. Windows Defender](#bkmk-defender) | |  |  |  | | | [24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | |  |  |  | | -| [25. Windows Media Player](#bkmk-wmp) |  | | | |  | -| [26. Windows Spotlight](#bkmk-spotlight) |  |  |  |  | | -| [27. Microsoft Store](#bkmk-windowsstore) | |  | |  | | +| [25. Windows Spotlight](#bkmk-spotlight) |  |  |  |  | | +| [26. Microsoft Store](#bkmk-windowsstore) | |  | |  | | | [27.1 Apps for websites](#bkmk-apps-for-websites) | |  | | | -| [28. Windows Update Delivery Optimization](#bkmk-updates) |  |  |  |  | | -| [29. Windows Update](#bkmk-wu) |  |  |  | | | +| [27. Windows Update Delivery Optimization](#bkmk-updates) |  |  |  |  | | +| [28. Windows Update](#bkmk-wu) |  |  |  | | | ### Settings for Windows Server 2016 with Desktop Experience @@ -185,10 +185,9 @@ See the following table for a summary of the management settings for Windows Ser | [19. Software Protection Platform](#bkmk-spp) | |  |  | | | [20. Teredo](#bkmk-teredo) | |  |  |  | | [24. Windows Defender](#bkmk-defender) | |  |  | | -| [25. Windows Media Player](#bkmk-wmp) | | | |  | -| [27. Microsoft Store](#bkmk-windowsstore) | |  |  | | +| [26. Microsoft Store](#bkmk-windowsstore) | |  |  | | | [27.1 Apps for websites](#bkmk-apps-for-websites) | |  | | | -| [29. Windows Update](#bkmk-wu) | |  |  | | +| [28. Windows Update](#bkmk-wu) | |  |  | | ### Settings for Windows Server 2016 Server Core @@ -203,7 +202,7 @@ See the following table for a summary of the management settings for Windows Ser | [19. Software Protection Platform](#bkmk-spp) |  | | | | [22. Teredo](#bkmk-teredo) |  | |  | | [24. Windows Defender](#bkmk-defender) |  |  | | -| [29. Windows Update](#bkmk-wu) |  |  | | +| [28. Windows Update](#bkmk-wu) |  |  | | ### Settings for Windows Server 2016 Nano Server @@ -214,7 +213,7 @@ See the following table for a summary of the management settings for Windows Ser | [1. Automatic Root Certificates Update](#automatic-root-certificates-update) |  | | | [3. Date & Time](#bkmk-datetime) |  | | | [22. Teredo](#bkmk-teredo) | |  | -| [29. Windows Update](#bkmk-wu) |  | | +| [28. Windows Update](#bkmk-wu) |  | | ### Settings for Windows Server 2019 @@ -244,7 +243,7 @@ See the following table for a summary of the management settings for Windows Ser | [18.3 Camera](#bkmk-priv-camera) |  |  |  |  | | | [18.4 Microphone](#bkmk-priv-microphone) |  |  |  |  | | | [18.5 Notifications](#bkmk-priv-notifications) |  |  | |  | | -| [18.6 Speech, inking, & typing](#bkmk-priv-speech) |  |  |  |  | | +| [18.6 Speech](#bkmk-priv-speech) |  |  |  |  | | | [18.7 Account info](#bkmk-priv-accounts) |  |  |  |  | | | [18.8 Contacts](#bkmk-priv-contacts) |  |  |  |  | | | [18.9 Calendar](#bkmk-priv-calendar) |  |  |  |  | | @@ -259,6 +258,7 @@ See the following table for a summary of the management settings for Windows Ser | [18.18 Motion](#bkmk-priv-motion) |  |  |  |  | | | [18.19 Tasks](#bkmk-priv-tasks) |  |  |  |  | | | [18.20 App Diagnostics](#bkmk-priv-diag) |  |  |  |  | | +| [18.21 Inking & Typing](#bkmk-priv-ink) | | |  |  | | | [19. Software Protection Platform](#bkmk-spp) | |  |  |  | | | [20. Storage Health](#bkmk-storage-health) | |  | | | | | [21. Sync your settings](#bkmk-syncsettings) |  |  |  |  | | @@ -266,12 +266,11 @@ See the following table for a summary of the management settings for Windows Ser | [23. Wi-Fi Sense](#bkmk-wifisense) |  |  | |  | | | [24. Windows Defender](#bkmk-defender) | |  |  |  | | | [24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | |  |  |  | | -| [25. Windows Media Player](#bkmk-wmp) |  | | | |  | -| [26. Windows Spotlight](#bkmk-spotlight) |  |  |  |  | | -| [27. Microsoft Store](#bkmk-windowsstore) | |  | |  | | +| [25. Windows Spotlight](#bkmk-spotlight) |  |  |  |  | | +| [26. Microsoft Store](#bkmk-windowsstore) | |  | |  | | | [27.1 Apps for websites](#bkmk-apps-for-websites) | |  | | | -| [28. Windows Update Delivery Optimization](#bkmk-updates) |  |  |  |  | | -| [29. Windows Update](#bkmk-wu) |  |  |  | | | +| [27. Windows Update Delivery Optimization](#bkmk-updates) |  |  |  |  | | +| [28. Windows Update](#bkmk-wu) |  |  |  | | | ## How to configure each setting @@ -299,7 +298,7 @@ For Windows 10, Windows Server 2016 with Desktop Experience, and Windows Server -or- -- Create the registry path **HKEY\_LOCAL\_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\AuthRoot** and then add a REG\_DWORD registry setting, named **DisableRootAutoUpdate**, with a value of 1. +- Create the registry path **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\SystemCertificates\\AuthRoot** and then add a REG_DWORD registry setting, named **DisableRootAutoUpdate**, with a value of 1. -and- @@ -311,7 +310,7 @@ For Windows 10, Windows Server 2016 with Desktop Experience, and Windows Server On Windows Server 2016 Nano Server: -- Create the registry path **HKEY\_LOCAL\_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\AuthRoot** and then add a REG\_DWORD registry setting, named **DisableRootAutoUpdate**, with a value of 1. +- Create the registry path **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\SystemCertificates\\AuthRoot** and then add a REG_DWORD registry setting, named **DisableRootAutoUpdate**, with a value of 1. >[!NOTE] >CRL and OCSP network traffic is currently whitelisted and will still show up in network traces. CRL and OCSP checks are made to the issuing certificate authorities. Microsoft is one of them, but there are many others, such as DigiCert, Thawte, Google, Symantec, and VeriSign. @@ -326,26 +325,26 @@ Find the Cortana Group Policy objects under **Computer Configuration** > **Ad | Policy | Description | |------------------------------------------------------|---------------------------------------------------------------------------------------| -| Allow Cortana | Choose whether to let Cortana install and run on the device.OEM Original Equipment Manufacturer CSV Comma Separated Values MPC Microsoft Partner Center CSP Cloud Solution Provider MSfB Microsoft Store for Business AAD Azure Active Directory 4K HH 4K Hardware Hash CBR Computer Build Report EC Enterprise Commerce (server) DDS Device Directory Service OOBE Out of the Box Experience VM Virtual Machine
Disable this policy to turn off Cortana. | -| Allow search and Cortana to use location | Choose whether Cortana and Search can provide location-aware search results.
Disable this policy to block access to location information for Cortana. | -| Do not allow web search | Choose whether to search the web from Windows Desktop Search.
Enable this policy to remove the option to search the Internet from Cortana. | -| Don't search the web or display web results in Search| Choose whether to search the web from Cortana.
Enable this policy to stop web queries and results from showing in Search. | -| Set what information is shared in Search | Control what information is shared with Bing in Search.
If you enable this policy and set it to **Anonymous info**, usage information will be shared but not search history, Microsoft Account information, or specific location. | +| Allow Cortana | Choose whether to let Cortana install and run on the device.
**Disable** this policy to turn off Cortana. | +| Allow search and Cortana to use location | Choose whether Cortana and Search can provide location-aware search results.
**Disable** this policy to block access to location information for Cortana. | +| Do not allow web search | Choose whether to search the web from Windows Desktop Search.
**Enable** this policy to remove the option to search the Internet from Cortana. | +| Don't search the web or display web results in Search| Choose whether to search the web from Cortana.
**Enable** this policy to stop web queries and results from showing in Search. | +| Set what information is shared in Search | Control what information is shared with Bing in Search.
If you **enable** this policy and set it to **Anonymous info**, usage information will be shared but not search history, Microsoft Account information, or specific location. | You can also apply the Group Policies using the following registry keys: | Policy | Registry Path | |------------------------------------------------------|---------------------------------------------------------------------------------------| -| Allow Cortana | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: AllowCortana
Value: 0| -| Allow search and Cortana to use location | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: AllowSearchToUseLocation
Value: 0 | -| Do not allow web search | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: DisableWebSearch
Value: 1 | -| Don't search the web or display web results in Search| HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: ConnectedSearchUseWeb
Value: 0 | -| Set what information is shared in Search | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: ConnectedSearchPrivacy
Value: 3 | +| Allow Cortana | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: AllowCortana
Value: 0| +| Allow search and Cortana to use location | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: AllowSearchToUseLocation
Value: 0 | +| Do not allow web search | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: DisableWebSearch
Value: 1 | +| Don't search the web or display web results in Search| HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: ConnectedSearchUseWeb
Value: 0 | +| Set what information is shared in Search | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: ConnectedSearchPrivacy
Value: 3 | >[!IMPORTANT] ->These steps are not required for devices running Windows 10, version 1607 or Windows Server 2016. +> Using the Group Policy editor these steps are required for all supported versions of Windows 10, however they are not required for devices running Windows 10, version 1607 or Windows Server 2016. -1. Expand **Computer Configuration** > **Windows Settings** > **Security Settings** > **Windows Firewall with Advanced Security** > **Windows Firewall with Advanced Security - <LDAP name>**, and then click **Outbound Rules**. +1. Expand **Computer Configuration** > **Windows Settings** > **Security Settings** > **Windows Defender Firewall with Advanced Security** > **Windows Defender Firewall with Advanced Security - <LDAP name>**, and then click **Outbound Rules**. 2. Right-click **Outbound Rules**, and then click **New Rule**. The **New Outbound Rule Wizard** starts. @@ -363,12 +362,15 @@ You can also apply the Group Policies using the following registry keys: 9. Configure the **Protocols and Ports** page with the following info, and then click **OK**. - - For **Protocol type**, choose **TCP**. + - For **Protocol type**, choose **TCP**. - - For **Local port**, choose **All Ports**. + - For **Local port**, choose **All Ports**. - - For **Remote port**, choose **All ports**. + - For **Remote port**, choose **All ports**. +-or- + +- Create a new REG_SZ registry setting named **{0DE40C8E-C126-4A27-9371-A27DAB1039F7}** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\FirewallRules** and set it to a value of **v2.25|Action=Block|Active=TRUE|Dir=Out|Protocol=6|App=%windir%\\SystemApps\\Microsoft.Windows.Cortana_cw5n1h2txyewy\\searchUI.exe|Name=Block outbound Cortana|** If your organization tests network traffic, do not use a network proxy as Windows Firewall does not block proxy traffic. Instead, use a network traffic analyzer. Based on your needs, there are many network traffic analyzers available at no cost. @@ -389,29 +391,26 @@ You can prevent Windows from setting the time automatically. -or- -- Create a REG\_SZ registry setting in **HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\W32Time\\Parameters\\Type** with a value of **NoSync**. +- Create a REG_SZ registry setting in **HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\W32Time\\Parameters\\Type** with a value of **NoSync**. After that, configure the following: -- Disable the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Enable Windows NTP Server** > **Windows Time Service** > **Configure Windows NTP Client** +- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Windows Time Service** > **Time Providers** > **Enable Windows NTP Client** - > [!NOTE] - > This is only available on Windows 10, version 1703 and later. If you're using Windows 10, version 1607, the Group Policy setting is **Computer Configuration** > **Administrative Templates** > **System** > **Windows Time Service** > **Time Providers** > **Enable Windows NTP Client** + -or- - -or - - -- Create a new REG\_DWORD registry setting named **Enabled** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\W32time\\TimeProviders\\NtpClient** and set it to 0 (zero). +- Create a new REG_DWORD registry setting named **Enabled** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\W32time\\TimeProviders\\NtpClient** and set it to **0 (zero)**. ### 4. Device metadata retrieval To prevent Windows from retrieving device metadata from the Internet: -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Device Installation** > **Prevent device metadata retrieval from the Internet**. +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Device Installation** > **Prevent device metadata retrieval from the Internet**. -or - -- Create a new REG\_DWORD registry setting named **PreventDeviceMetadataFromNetwork** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Device Metadata** and set it to 1 (one). +- Create a new REG_DWORD registry setting named **PreventDeviceMetadataFromNetwork** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Device Metadata** and set it to 1 (one). -or - @@ -421,13 +420,15 @@ To prevent Windows from retrieving device metadata from the Internet: To turn off Find My Device: -- Turn off the feature in the UI +- Turn **Off** the feature in the UI by going to **Settings -> Update & Security -> Find My Device**, click the Change button, and set the value to **Off** -or- -- Disable the Group Policy: **Computer Configuration** > **Administrative Template** > **Windows Components** > **Find My Device** > **Turn On/Off Find My Device** +- **Disable** the Group Policy: **Computer Configuration** > **Administrative Template** > **Windows Components** > **Find My Device** > **Turn On/Off Find My Device** -You can also create a new REG\_DWORD registry setting **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FindMyDevice\\AllowFindMyDevice** to 0 (zero). + -or- + +- You can also create a new REG_DWORD registry setting **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FindMyDevice\\AllowFindMyDevice** to **0 (zero)**. ### 6. Font streaming @@ -435,15 +436,19 @@ Fonts that are included in Windows but that are not stored on the local device c If you're running Windows 10, version 1607, Windows Server 2016, or later: -- Disable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Network** > **Fonts** > **Enable Font Providers**. +- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Network** > **Fonts** > **Enable Font Providers**. -- Create a new REG\_DWORD registry setting **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\System\\EnableFontProviders** to 0 (zero). + -or- + +- Create a new REG_DWORD registry setting **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\System\\EnableFontProviders** to **0 (zero)**. + + -or- - In Windows 10, version 1703, you can apply the System/AllowFontProviders MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where: - - **false**. Font streaming is disabled. + - **False**. Font streaming is Disabled. - - **true**. Font streaming is enabled. + - **True**. Font streaming is Enabled. > [!NOTE] > After you apply this policy, you must restart the device for it to take effect. @@ -451,8 +456,7 @@ If you're running Windows 10, version 1607, Windows Server 2016, or later: ### 7. Insider Preview builds -The Windows Insider Preview program lets you help shape the future of Windows, be part of the community, and get early access to releases of Windows 10. -This setting stops communication with the Windows Insider Preview service that checks for new builds. +The Windows Insider Preview program lets you help shape the future of Windows, be part of the community, and get early access to releases of Windows 10. This setting stops communication with the Windows Insider Preview service that checks for new builds. Windows Insider Preview builds only apply to Windows 10 and are not available for Windows Server 2016. @@ -461,7 +465,7 @@ Windows Insider Preview builds only apply to Windows 10 and are not available fo To turn off Insider Preview builds for a released version of Windows 10: -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Data Collection and Preview Builds** > **Toggle user control over Insider builds**. +- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Data Collection and Preview Builds** > **Toggle user control over Insider builds**. To turn off Insider Preview builds for Windows 10: @@ -472,11 +476,11 @@ To turn off Insider Preview builds for Windows 10: -or- -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Data Collection and Preview Builds** > **Toggle user control over Insider builds**. +- **Enable** the Group Policy **Toggle user control over Insider builds** under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Data Collection and Preview Builds** - -or - + -or- -- Create a new REG\_DWORD registry setting named **AllowBuildPreview** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\PreviewBuilds** with a vlue of 0 (zero) +- Create a new REG_DWORD registry setting named **AllowBuildPreview** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\PreviewBuilds** with a **value of 0 (zero)** -or- @@ -488,63 +492,70 @@ To turn off Insider Preview builds for Windows 10: - **2**. (default) Not configured. Users can make their devices available for download and installing preview software. - -or- - -- Create a provisioning package: **Runtime settings** > **Policies** > **System** > **AllowBuildPreview**, where: - - - **0**. Users cannot make their devices available for downloading and installing preview software. - - - **1**. Users can make their devices available for downloading and installing preview software. - - - **2**. (default) Not configured. Users can make their devices available for download and installing preview software. ### 8. Internet Explorer - -Use Group Policy to manage settings for Internet Explorer. You can find the Internet Explorer Group Policy objects under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer**. +> [!NOTE] +> The following Group Policies and Registry Keys are for user interactive scenarios rather then the typical idle traffic scenario. Find the Internet Explorer Group Policy objects under **Computer Configuration > Administrative Templates > Windows Components > Internet Explorer** and make these settings: | Policy | Description | |------------------------------------------------------|-----------------------------------------------------------------------------------------------------| -| Turn on Suggested Sites| Choose whether an employee can configure Suggested Sites.
Default: Enabled
You can also turn this off in the UI by clearing the **Internet Options** > **Advanced** > **Enable Suggested Sites** check box.| -| Allow Microsoft services to provide enhanced suggestions as the user types in the Address Bar | Choose whether an employee can configure enhanced suggestions, which are presented to the employee as they type in the Address Bar.
Default: Enabled| -| Turn off the auto-complete feature for web addresses | Choose whether auto-complete suggests possible matches when employees are typing web address in the Address Bar.
Default: Disabled You can also turn this off in the UI by clearing the Internet Options > **Advanced** > **Use inline AutoComplete in the Internet Explorer Address Bar and Open Dialog** check box.| -| Turn off browser geolocation | Choose whether websites can request location data from Internet Explorer.
Default: Disabled| -| Prevent managing SmartScreen filter | Choose whether employees can manage the SmartScreen Filter in Internet Explorer.
Default: Disabled | +| Turn on Suggested Sites| Choose whether an employee can configure Suggested Sites.
**Set Value to: Disabled**
You can also turn this off in the UI by clearing the **Internet Options** > **Advanced** > **Enable Suggested Sites** check box.| +| Allow Microsoft services to provide enhanced suggestions as the user types in the Address Bar | Choose whether an employee can configure enhanced suggestions, which are presented to the employee as they type in the Address Bar.
**Set Value to: Disabled**| +| Turn off the auto-complete feature for web addresses | Choose whether auto-complete suggests possible matches when employees are typing web address in the Address Bar.
**Set Value to: Enabled** You can also turn this off in the UI by clearing the Internet Options > **Advanced** > **Use inline AutoComplete in the Internet Explorer Address Bar and Open Dialog** check box.| +| Turn off browser geolocation | Choose whether websites can request location data from Internet Explorer.
**Set Value to: Enabled**| +| Prevent managing SmartScreen filter | Choose whether employees can manage the SmartScreen Filter in Internet Explorer.
**Set Value to: Enabled** and then set **Select SmartScreen filtering mode** to **Off**.| -Alternatively, you could use the registry to set the Group Policies. -| Policy | Registry path | +| Registry Key | Registry path | |------------------------------------------------------|-----------------------------------------------------------------------------------------------------| -| Turn on Suggested Sites| HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Suggested Sites
REG_DWORD: Enabled
Value: 0| -| Allow Microsoft services to provide enhanced suggestions as the user types in the Address Bar | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer
REG_DWORD: AllowServicePoweredQSA
Value: 0| -| Turn off the auto-complete feature for web addresses | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\AutoComplete
REG_SZ: AutoSuggest
Value: **No** | -| Turn off browser geolocation | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Geolocation
REG_DWORD: PolicyDisableGeolocation
Value: 1 | -| Prevent managing SmartScreen filter | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\PhishingFilter
REG_DWORD: EnabledV9
Value: 0 | +| Turn on Suggested Sites| HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Suggested Sites
REG_DWORD: Enabled
**Set Value to: 0**| +| Allow Microsoft services to provide enhanced suggestions as the user types in the Address Bar | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer
REG_DWORD: AllowServicePoweredQSA
**Set Value to: 0**| +| Turn off the auto-complete feature for web addresses | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\CurrentVersion\\Explorer\\AutoComplete
REG_SZ: AutoSuggest
Set Value to: **no** | +| Turn off browser geolocation | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Geolocation
REG_DWORD: PolicyDisableGeolocation
**Set Value to: 1** | +| Prevent managing SmartScreen filter | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\PhishingFilter
REG_DWORD: EnabledV9
**Set Value to: 0** | There are more Group Policy objects that are used by Internet Explorer: | Path | Policy | Description | | - | - | - | -| **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Compatibility View** > **Turn off Compatibility View** | Choose whether employees can configure Compatibility View. | Choose whether an employee can swipe across a screen or click forward to go to the next pre-loaded page of a website.
Default: Disabled | -| **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Internet Control Panel** > **Advanced Page** | Turn off the flip ahead with page prediction feature | Choose whether an employee can swipe across a screen or click forward to go to the next pre-loaded page of a website.
Default: Enabled | -| **Computer Configuration** > **Administrative Templates** > **Windows Components** > **RSS Feeds** | Turn off background synchronization for feeds and Web Slices | Choose whether to have background synchronization for feeds and Web Slices.
Default: Enabled | -| **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Allow Online Tips** | Allow Online Tips | Enables or disables the retrieval of online tips and help for the Settings app.
Set to : Disabled | +| **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Compatibility View** > **Turn off Compatibility View** | Choose whether employees can configure Compatibility View. | Choose whether an employee can fix website display problems that he or she may encounter while browsing.
**Set to: Enabled** | +| **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Internet Control Panel** > **Advanced Page** | Turn off the flip ahead with page prediction feature | Choose whether an employee can swipe across a screen or click forward to go to the next pre-loaded page of a website.
**Set to: Enabled** | +| **Computer Configuration** > **Administrative Templates** > **Windows Components** > **RSS Feeds** | Turn off background synchronization for feeds and Web Slices | Choose whether to have background synchronization for feeds and Web Slices.
**Set to: Enabled** | +| **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Allow Online Tips** | Allow Online Tips | Enables or disables the retrieval of online tips and help for the Settings app.
**Set to: Disabled** | -You can also use registry entries to set these Group Policies. +You can also use Registry keys to set these policies. -| Policy | Registry path | +| Registry Key | Registry path | |------------------------------------------------------|-----------------------------------------------------------------------------------------------------| -| Choose whether employees can configure Compatibility View. | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\BrowserEmulation
REG_DWORD: MSCompatibilityMode
Value: 0| -| Turn off the flip ahead with page prediction feature | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\FlipAhead
REG_DWORD: Enabled
Value: 0| -| Turn off background synchronization for feeds and Web Slices | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Feeds
REG_DWORD: BackgroundSyncStatus
Value: 0| -| Turn off Online Tips | HKEY\_LOCAL\_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer
REG_DWORD: AllowOnlineTips
Value: 0| +| Choose whether employees can configure Compatibility View. | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\BrowserEmulation
REG_DWORD: DisableSiteListEditing
**Set Value to 1**| +| Turn off the flip ahead with page prediction feature | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\FlipAhead
REG_DWORD: Enabled
**Set Value to 0**| +| Turn off background synchronization for feeds and Web Slices | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Feeds
REG_DWORD: BackgroundSyncStatus
**Set Value to 0**| +| Allow Online Tips | HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer
REG_DWORD: AllowOnlineTips
**Set Value to 0 (zero)**| + +To turn off the home page, **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Disable changing home page settings**, and set it to **about:blank**. + + -or - + +- Create a new REG_SZ registry setting named **Start Page** in **HKEY_Current_User\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Main** with a **about:blank** + + -and - + +- Create a new REG_DWORD registry setting named **HomePage** in **HKEY_Current_User\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Control Panel** with a **1 (one)** +To configure the First Run Wizard, **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Prevent running First Run wizard**, and set it to **Go directly to home page**. -To turn off the home page, enable the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Disable changing home page settings**, and set it to **about:blank**. + -or - -To configure the First Run Wizard, enable the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Prevent running First Run wizard**, and set it to **Go directly to home page**. +- Create a new REG_DWORD registry setting named **DisableFirstRunCustomize** in **HKEY_Current_User\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Main** with a **1 (one)** + + +To configure the behavior for a new tab, **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Specify default behavior for a new tab**, and set it to **about:blank**. + + -or - + +- Create a new REG_DWORD registry setting named **NewTabPageShow** in **HKEY_Current_User\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\TabbedBrowsing** with a **0 (zero)** -To configure the behavior for a new tab, enable the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Specify default behavior for a new tab**, and set it to **about:blank**. ### 8.1 ActiveX control blocking @@ -552,11 +563,11 @@ ActiveX control blocking periodically downloads a new list of out-of-date Active You can turn this off by: -- Apply the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Security Features** > **Add-on Management** > **Turn off Automatic download of the ActiveX VersionList** +- **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Security Features** > **Add-on Management** > **Turn off Automatic download of the ActiveX VersionList** -or - -- Changing the REG\_DWORD registry setting **HKEY\_CURRENT\_USER\\Software\\Microsoft\\Internet Explorer\\VersionManager\\DownloadVersionList** to 0 (zero). +- Changing the REG_DWORD registry setting **HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\VersionManager\\DownloadVersionList** to **0 (zero)**. For more info, see [Out-of-date ActiveX control blocking](https://technet.microsoft.com/library/dn761713.aspx). @@ -564,7 +575,7 @@ For more info, see [Out-of-date ActiveX control blocking](https://technet.micros You can turn off License Manager related traffic by setting the following registry entry: -- Add a REG\_DWORD value named **Start** to **HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Services\\LicenseManager** and set the value to 4 +- Add a REG_DWORD value named **Start** to **HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\LicenseManager** and set the **value to 4** - The value 4 is to disable the service. Here are the available options to set the registry: @@ -582,11 +593,11 @@ You can turn off License Manager related traffic by setting the following regist To turn off Live Tiles: -- Apply the Group Policy: **User Configuration** > **Administrative Templates** > **Start Menu and Taskbar** > **Notifications** > **Turn Off notifications network usage** +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Start Menu and Taskbar** > **Notifications** > **Turn Off notifications network usage** -or- -- Create a REG\_DWORD registry setting named **NoCloudApplicationNotification** in **HKEY\_CURRENT\_USER\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications** with a value of 1 (one). +- Create a REG_DWORD registry setting named **NoCloudApplicationNotification** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications** with a **value of 1 (one)** In Windows 10 Mobile, you must also unpin all tiles that are pinned to Start. @@ -606,28 +617,24 @@ To turn off mail synchronization for Microsoft Accounts that are configured on a To turn off the Windows Mail app: -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Mail** > **Turn off Windows Mail application** - - -or- - -- Create a REG\_DWORD registry setting named **ManualLaunchAllowed** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Mail** with a value of 0 (zero). +- Create a REG_DWORD registry setting named **ManualLaunchAllowed** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Mail** with a **value of 0 (zero)**. ### 12. Microsoft Account To prevent communication to the Microsoft Account cloud authentication service. Many apps and system components that depend on Microsoft Account authentication may lose functionality. Some of them could be in unexpected ways. For example, Windows Update will no longer offer feature updates to devices running Windows 10 1709 or higher. See [Feature updates are not being offered while other updates are](https://docs.microsoft.com/windows/deployment/update/windows-update-troubleshooting#feature-updates-are-not-being-offered-while-other-updates-are). -- Apply the Group Policy: **Computer Configuration** > **Windows Settings** > **Security Settings** > **Local Policies** > **Security Options** > **Accounts: Block Microsoft Accounts** and set it to **Users can't add Microsoft accounts**. +- **Enable** the Group Policy: **Computer Configuration** > **Windows Settings** > **Security Settings** > **Local Policies** > **Security Options** > **Accounts: Block Microsoft Accounts** and set it to **Users can't add Microsoft accounts**. -or- -- Create a REG\_DWORD registry setting named **NoConnectedUser** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System** with a value of 3. +- Create a REG_DWORD registry setting named **NoConnectedUser** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System** with a **value of 3**. To disable the Microsoft Account Sign-In Assistant: - Apply the Accounts/AllowMicrosoftAccountSignInAssistant MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where 0 is turned off and 1 is turned on. -- Change the Start REG\_DWORD registry setting in **HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Services\\wlidsvc** to a value of **4**. +- Change the **Start** REG_DWORD registry setting in **HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\wlidsvc** to a value of **4**. ### 13. Microsoft Edge @@ -640,30 +647,33 @@ Find the Microsoft Edge Group Policy objects under **Computer Configuration** &g | Policy | Description | |------------------------------------------------------|-----------------------------------------------------------------------------------------------------| -| Allow configuration updates for the Books Library | Choose whether configuration updates are done for the Books Library.
Default: Enabled | -| Configure Autofill | Choose whether employees can use autofill on websites.
Default: Enabled | -| Configure Do Not Track | Choose whether employees can send Do Not Track headers.
Default: Disabled | -| Configure Password Manager | Choose whether employees can save passwords locally on their devices.
Default: Enabled | -| Configure search suggestions in Address Bar | Choose whether the Address Bar shows search suggestions.
Default: Enabled | -| Configure Windows Defender SmartScreen (Windows 10, version 1703) | Choose whether Windows Defender SmartScreen is turned on or off.
Default: Enabled | -| Allow web content on New Tab page | Choose whether a new tab page appears.
Default: Enabled | -| Configure Start pages | Choose the Start page for domain-joined devices.
Set this to **\
Set to: Enable | +| Allow Address bar drop-down list suggestions | Choose whether to show the address bar drop-down list
**Set to Disabled** | +| Allow configuration updates for the Books Library | Choose whether configuration updates are done for the Books Library.
**Set to Disabled** | +| Configure Autofill | Choose whether employees can use autofill on websites.
**Set to Disabled** | +| Configure Do Not Track | Choose whether employees can send Do Not Track headers.
**Set to Enabled** | +| Configure Password Manager | Choose whether employees can save passwords locally on their devices.
**Set to Disabled** | +| Configure search suggestions in Address Bar | Choose whether the Address Bar shows search suggestions.
**Set to Disabled** | +| Configure Windows Defender SmartScreen (Windows 10, version 1703) | Choose whether Windows Defender SmartScreen is turned on or off.
**Set to Disabled** | +| Allow web content on New Tab page | Choose whether a new tab page appears.
**Set to Disabled** | +| Configure Start pages | Choose the Start page for domain-joined devices.
**Enabled** and **Set this to <
**Set to: Enable** | +| Allow Microsoft Compatibility List | Choose whether to use the Microsoft Compatibility List in Microsoft Edge.
**Set to: Disabled** | -Alternatively, you can configure the Microsoft Group Policies using the following registry entries: +Alternatively, you can configure the these Registry keys as described: -| Policy | Registry path | +| Registry Key | Registry path | | - | - | -| Allow Address Bar drop-down list suggestions | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\ServiceUI
REG_DWORD name: ShowOneBox
Value: 0| -| Allow configuration updates for the Books Library | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\BooksLibrary
REG_DWORD name: AllowConfigurationUpdateForBooksLibrary
Value: 1| -| Configure Autofill | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main
REG_SZ name: Use FormSuggest
Value : **no** | -| Configure Do Not Track | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main
REG_DWORD name: DoNotTrack
REG_DWORD: 1 | -| Configure Password Manager | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main
REG_SZ name: FormSuggest Passwords
REG_SZ: **no** | -| Configure search suggestions in Address Bar | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\SearchScopes
REG_DWORD name: ShowSearchSuggestionsGlobal
Value: 0| -| Configure Windows Defender SmartScreen Filter (Windows 10, version 1703) | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\PhishingFilter
REG_DWORD name: EnabledV9
Value: 0 | -| Allow web content on New Tab page | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\SearchScopes
REG_DWORD name: AllowWebContentOnNewTabPage
Value: 0 | -| Configure corporate Home pages | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\ServiceUI
REG_DWORD name: ProvisionedHomePages
Value: 0| -| Prevent the First Run webpage from opening on Microsoft Edge | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main
REG_DWORD name: PreventFirstRunPage
Value: 1| +| Allow Address Bar drop-down list suggestions | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\ServiceUI
REG_DWORD name: ShowOneBox
Set to **0**| +| Allow configuration updates for the Books Library | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\BooksLibrary
REG_DWORD name: AllowConfigurationUpdateForBooksLibrary
Set to **0**| +| Configure Autofill | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main
REG_SZ name: Use FormSuggest
Value : **No** | +| Configure Do Not Track | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main
REG_DWORD name: DoNotTrack
REG_DWORD: **1** | +| Configure Password Manager | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main
REG_SZ name: FormSuggest Passwords
REG_SZ: **No** | +| Configure search suggestions in Address Bar | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\SearchScopes
REG_DWORD name: ShowSearchSuggestionsGlobal
Value: **0**| +| Configure Windows Defender SmartScreen Filter (Windows 10, version 1703) | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\PhishingFilter
REG_DWORD name: EnabledV9
Value: **0** | +| Allow web content on New Tab page | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\ServiceUI
REG_DWORD name: AllowWebContentOnNewTabPage
Value: **0** | +| Configure corporate Home pages | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Internet Settings
REG_SZ name: ProvisionedHomePages
Value: **<
REG_DWORD name: PreventFirstRunPage
Value: **1**| +| Choose whether employees can configure Compatibility View. | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\BrowserEmulation
REG_DWORD: MSCompatibilityMode
Value: **0**| ### 13.2 Microsoft Edge MDM policies @@ -672,13 +682,13 @@ The following Microsoft Edge MDM policies are available in the [Policy CSP](http | Policy | Description | |------------------------------------------------------|-----------------------------------------------------------------------------------------------------| -| Browser/AllowAutoFill | Choose whether employees can use autofill on websites.
Default: Allowed | -| Browser/AllowDoNotTrack | Choose whether employees can send Do Not Track headers.
Default: Not allowed | -| Browser/AllowMicrosoftCompatbilityList | Specify the Microsoft compatibility list in Microsoft Edge.
Default: Enabled | -| Browser/AllowPasswordManager | Choose whether employees can save passwords locally on their devices.
Default: Allowed | -| Browser/AllowSearchSuggestionsinAddressBar | Choose whether the Address Bar shows search suggestions..
Default: Allowed | -| Browser/AllowSmartScreen | Choose whether SmartScreen is turned on or off.
Default: Allowed | -| Browser/FirstRunURL | Choose the home page for Microsoft Edge on Windows Mobile 10.
Default: blank | +| Browser/AllowAutoFill | Choose whether employees can use autofill on websites.
**Set to: Not Allowed** | +| Browser/AllowDoNotTrack | Choose whether employees can send Do Not Track headers.
**Set to: Allowed** | +| Browser/AllowMicrosoftCompatbilityList | Specify the Microsoft compatibility list in Microsoft Edge.
**Set to: Not Allowed** | +| Browser/AllowPasswordManager | Choose whether employees can save passwords locally on their devices.
**Set to: Not Allowed** | +| Browser/AllowSearchSuggestionsinAddressBar | Choose whether the Address Bar shows search suggestions..
**Set to: Not Allowed** | +| Browser/AllowSmartScreen | Choose whether SmartScreen is turned on or off.
**Set to: Not Allowed** | +| Browser/FirstRunURL | Choose the home page for Microsoft Edge on Windows Mobile 10.
**Set to:** blank | For a complete list of the Microsoft Edge policies, see [Available policies for Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/available-policies). @@ -691,7 +701,7 @@ In versions of Windows 10 prior to Windows 10, version 1607 and Windows Server 2 You can turn off NCSI by doing one of the following: -- Enable the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Internet Communication Management** > **Internet Communication Settings** > **Turn off Windows Network Connectivity Status Indicator active tests** +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Internet Communication Management** > **Internet Communication Settings** > **Turn off Windows Network Connectivity Status Indicator active tests** - In Windows 10, version 1703 and later, apply the Connectivity/DisallowNetworkConnectivityActiveTests MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) with a value of 1. @@ -700,49 +710,49 @@ You can turn off NCSI by doing one of the following: -or- -- Create a REG\_DWORD registry setting named **NoActiveProbe** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\NetworkConnectivityStatusIndicator** with a value of 1 (one). +- Create a REG_DWORD registry setting named **NoActiveProbe** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\NetworkConnectivityStatusIndicator** with a value of 1 (one). ### 15. Offline maps You can turn off the ability to download and update offline maps. -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Maps** > **Turn off Automatic Download and Update of Map Data** +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Maps** > **Turn off Automatic Download and Update of Map Data** -or- -- Create a REG\_DWORD registry setting named **AutoDownloadAndUpdateMapData** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Maps** with a value of 0 (zero). +- Create a REG_DWORD registry setting named **AutoDownloadAndUpdateMapData** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Maps** with a **value of 0 (zero)**. -or- -- In Windows 10, version 1607 and later, apply the Maps/EnableOfflineMapsAutoUpdate MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate) with a value of 0. +- In Windows 10, version 1607 and later, apply the Maps/EnableOfflineMapsAutoUpdate MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate) with a **value of 0**. -and- -- In Windows 10, version 1607 and later, apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Maps** > **Turn off unsolicited network traffic on the Offline Maps settings page** +- In Windows 10, version 1607 and later, **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Maps** > **Turn off unsolicited network traffic on the Offline Maps settings page** -or- -- Create a REG\_DWORD registry setting named **AllowUntriggeredNetworkTrafficOnSettingsPage** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Maps** with a value of 0 (zero). +- Create a REG_DWORD registry setting named **AllowUntriggeredNetworkTrafficOnSettingsPage** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Maps** with a value of 0 (zero). ### 16. OneDrive To turn off OneDrive in your organization: -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **OneDrive** > **Prevent the usage of OneDrive for file storage** +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **OneDrive** > **Prevent the usage of OneDrive for file storage** -or- -- Create a REG\_DWORD registry setting named **DisableFileSyncNGSC** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\OneDrive** with a value of 1 (one). +- Create a REG_DWORD registry setting named **DisableFileSyncNGSC** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\OneDrive** with a value of 1 (one). -and- -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **OneDrive** > **Prevent OneDrive from generating network traffic until the user signs in to OneDrive (Enable)** +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **OneDrive** > **Prevent OneDrive from generating network traffic until the user signs in to OneDrive (Enable)** -or- -- Create a REG\_DWORD registry setting named **PreventNetworkTrafficPreUserSignIn** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\OneDrive** with a value of 1 (one). +- Create a REG_DWORD registry setting named **PreventNetworkTrafficPreUserSignIn** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\OneDrive** with a **value of 1 (one)** - -or- +-or- - Set the System/DisableOneDriveFileSync MDM policy from the [Policy CSP](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync) to True (value 1) to disable OneDrive File Sync. @@ -881,7 +891,7 @@ Use Settings > Privacy to configure some settings that may be important to yo - [18.5 Notifications](#bkmk-priv-notifications) -- [18.6 Speech, inking, & typing](#bkmk-priv-speech) +- [18.6 Speech](#bkmk-priv-speech) - [18.7 Account info](#bkmk-priv-accounts) @@ -895,19 +905,23 @@ Use Settings > Privacy to configure some settings that may be important to yo - [18.12 Messaging](#bkmk-priv-messaging) -- [18.13 Radios](#bkmk-priv-radios) +- [18.13 Phone Calls](#bkmk-priv-phone-calls) -- [18.14 Other devices](#bkmk-priv-other-devices) +- [18.14 Radios](#bkmk-priv-radios) -- [18.15 Feedback & diagnostics](#bkmk-priv-feedback) +- [18.15 Other devices](#bkmk-priv-other-devices) -- [18.16 Background apps](#bkmk-priv-background) +- [18.16 Feedback & diagnostics](#bkmk-priv-feedback) -- [18.17 Motion](#bkmk-priv-motion) +- [18.17 Background apps](#bkmk-priv-background) -- [18.18 Tasks](#bkmk-priv-tasks) +- [18.18 Motion](#bkmk-priv-motion) -- [18.19 App Diagnostics](#bkmk-priv-diag) +- [18.19 Tasks](#bkmk-priv-tasks) + +- [18.20 App Diagnostics](#bkmk-priv-diag) + +- [18.21 Inking & Typing](#bkmk-priv-ink) ### 18.1 General @@ -924,15 +938,15 @@ To turn off **Let apps use advertising ID to make ads more interesting to you ba -or- -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **User Profiles** > **Turn off the advertising ID**. +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **User Profiles** > **Turn off the advertising ID**. -or- -- Create a REG\_DWORD registry setting named **Enabled** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\AdvertisingInfo** with a value of 0 (zero). +- Create a REG_DWORD registry setting named **Enabled** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\AdvertisingInfo** with a value of 0 (zero). - -or- + -and- -- Create a REG\_DWORD registry setting named **DisabledByGroupPolicy** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\AdvertisingInfo** with a value of 1 (one). +- Create a REG_DWORD registry setting named **DisabledByGroupPolicy** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\AdvertisingInfo** with a value of 1 (one). To turn off **Let websites provide locally relevant content by accessing my language list**: @@ -940,7 +954,7 @@ To turn off **Let websites provide locally relevant content by accessing my lang -or- -- Create a new REG\_DWORD registry setting named **HttpAcceptLanguageOptOut** in **HKEY\_CURRENT\_USER\\Control Panel\\International\\User Profile** with a value of 1. +- Create a new REG_DWORD registry setting named **HttpAcceptLanguageOptOut** in **HKEY_CURRENT_USER\\Control Panel\\International\\User Profile** with a value of 1. To turn off **Let Windows track app launches to improve Start and search results**: @@ -948,7 +962,7 @@ To turn off **Let Windows track app launches to improve Start and search results -or- -- Create a REG_DWORD registry setting named **Start_TrackProgs** in **HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced** with value of 0 (zero). +- Create a REG_DWORD registry setting named **Start_TrackProgs** in **HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced** with value of 0 (zero). #### Windows Server 2016 and Windows 10, version 1607 and earlier options @@ -961,15 +975,15 @@ To turn off **Let apps use my advertising ID for experiences across apps (turnin -or- -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **User Profiles** > **Turn off the advertising ID**. +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **User Profiles** > **Turn off the advertising ID**. + + -or- + +- Create a REG_DWORD registry setting named **Enabled** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\AdvertisingInfo** with a value of 0 (zero). -or- -- Create a REG\_DWORD registry setting named **Enabled** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\AdvertisingInfo** with a value of 0 (zero). - - -or- - -- Create a REG\_DWORD registry setting named **DisabledByGroupPolicy** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\AdvertisingInfo** with a value of 1 (one). +- Create a REG_DWORD registry setting named **DisabledByGroupPolicy** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\AdvertisingInfo** with a value of 1 (one). To turn off **Turn on SmartScreen Filter to check web content (URLs) that Microsoft Store apps use**: @@ -977,30 +991,22 @@ To turn off **Turn on SmartScreen Filter to check web content (URLs) that Micros -or- -- Create a provisioning package, using: - - For Internet Explorer: **Runtime settings > Policies > Browser > AllowSmartScreen** - - For Microsoft Edge: **Runtime settings > Policies > MicrosoftEdge > AllowSmartScreen** - - -or- - -- Create a REG_DWORD registry setting named **EnableWebContentEvaluation** in **HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost** with a value of 0 (zero). +- Create a REG_DWORD registry setting named **EnableWebContentEvaluation** in **HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\AppHost** with a value of 0 (zero). To turn off **Send Microsoft info about how I write to help us improve typing and writing in the future**: > [!NOTE] > If the diagnostic data level is set to either **Basic** or **Security**, this is turned off automatically. - - - Turn off the feature in the UI. -or- - Apply the TextInput/AllowLinguisticDataCollection MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where: - - **0**. Not allowed + - **0**. Not allowed - - **1**. Allowed (default) + - **1**. Allowed (default) To turn off **Let websites provide locally relevant content by accessing my language list**: @@ -1008,7 +1014,7 @@ To turn off **Let websites provide locally relevant content by accessing my lang -or- -- Create a new REG\_DWORD registry setting named **HttpAcceptLanguageOptOut** in **HKEY\_CURRENT\_USER\\Control Panel\\International\\User Profile** with a value of 1. +- Create a new REG_DWORD registry setting named **HttpAcceptLanguageOptOut** in **HKEY_CURRENT_USER\\Control Panel\\International\\User Profile** with a value of 1. To turn off **Let apps on my other devices open apps and continue experiences on this devices**: @@ -1020,7 +1026,7 @@ To turn off **Let apps on my other devices open apps and continue experiences on -or- -- Create a REG\_DWORD registry setting named **EnableCdp** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a value of 0 (zero). +- Create a REG_DWORD registry setting named **EnableCdp** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a value of 0 (zero). To turn off **Let apps on my other devices use Bluetooth to open apps and continue experiences on this device**: @@ -1036,46 +1042,39 @@ To turn off **Location for this device**: -or- -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Location and Sensors** > **Turn off location**. +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Location and Sensors** > **Turn off location**. -or- -- Create a REG\_DWORD registry setting named **LetAppsAccessLocation** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). +- Create a REG_DWORD registry setting named **LetAppsAccessLocation** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**. -or- - Apply the System/AllowLocation MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx), where: - - **0**. Turned off and the employee can't turn it back on. + - **0**. Turned off and the employee can't turn it back on. - - **1**. Turned on, but lets the employee choose whether to use it. (default) + - **1**. Turned on, but lets the employee choose whether to use it. (default) - - **2**. Turned on and the employee can't turn it off. + - **2**. Turned on and the employee can't turn it off. > [!NOTE] > You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). - -or- - -- Create a provisioning package, using **Runtime settings** > **Policies** > **System** > **AllowLocation**, where - - - **No**. Turns off location service. - - - **Yes**. Turns on location service. (default) - To turn off **Location**: - Turn off the feature in the UI. - -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access location** + + -or- + +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access location** - Set the **Select a setting** box to **Force Deny**. -or- -- Create a REG\_DWORD registry setting named **DisableLocation** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\LocationAndSensors** with a value of 1 (one). +- Create a REG_DWORD registry setting named **DisableLocation** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\LocationAndSensors** with a value of 1 (one). - -or- To turn off **Location history**: @@ -1101,26 +1100,19 @@ To turn off **Let apps use my camera**: -or- -- Create a REG\_DWORD registry setting named **LetAppsAccessCamera** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). +- Create a REG_DWORD registry setting named **LetAppsAccessCamera** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). -or- - Apply the Camera/AllowCamera MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx), where: - - **0**. Apps can't use the camera. + - **0**. Apps can't use the camera. - - **1**. Apps can use the camera. + - **1**. Apps can use the camera. > [!NOTE] > You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). - -or- - -- Create a provisioning package with use Windows ICD, using **Runtime settings** > **Policies** > **Camera** > **AllowCamera**, where: - - - **0**. Apps can't use the camera. - - - **1**. Apps can use the camera. To turn off **Choose apps that can use your camera**: @@ -1144,13 +1136,13 @@ To turn off **Let apps use my microphone**: - Apply the Privacy/LetAppsAccessMicrophone MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessmicrophone), where: - - **0**. User in control - - **1**. Force allow - - **2**. Force deny + - **0**. User in control + - **1**. Force allow + - **2**. Force deny -or- -- Create a REG\_DWORD registry setting named **LetAppsAccessMicrophone** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two) +- Create a REG_DWORD registry setting named **LetAppsAccessMicrophone** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two) To turn off **Choose apps that can use your microphone**: @@ -1169,15 +1161,15 @@ To turn off notifications network usage: -or- -- Create a REG\_DWORD registry setting named **NoCloudApplicationNotification** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications** with a value of 1 (one) +- Create a REG_DWORD registry setting named **NoCloudApplicationNotification** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications** with a value of 1 (one) -or- - Apply the Notifications/DisallowCloudNotification MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-notifications#notifications-disallowcloudnotification), where: - - **0**. WNS notifications allowed - - **1**. No WNS notifications allowed + - **0**. WNS notifications allowed + - **1**. No WNS notifications allowed In the **Notifications** area, you can also choose which apps have access to notifications. @@ -1195,55 +1187,33 @@ To turn off **Let apps access my notifications**: - Apply the Privacy/LetAppsAccessNotifications MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessnotifications), where: - - **0**. User in control - - **1**. Force allow - - **2**. Force deny + - **0**. User in control + - **1**. Force allow + - **2**. Force deny -or- -- Create a REG\_DWORD registry setting named **LetAppsAccessNotifications** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two) +- Create a REG_DWORD registry setting named **LetAppsAccessNotifications** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two) -### 18.6 Speech, inking, & typing +### 18.6 Speech -In the **Speech, Inking, & Typing** area, you can let Windows and Cortana better understand your employee's voice and written input by sampling their voice and writing, and by comparing verbal and written input to contact names and calendar entrees. +In the **Speech** area, you can configure the functionality as such: -> [!NOTE] -> For more info on how to disable Cortana in your enterprise, see [Cortana](#bkmk-cortana) in this article. +To turn off streaming audio to Microsoft Speech services, -To turn off the functionality: - -- Click the **Stop getting to know me** button, and then click **Turn off**. +- Toggle the Settings -> Privacy -> Speech -> **Online speech recognition** switch to **Off** -or- -- Enable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Regional and Language Options** > **Handwriting personalization** > **Turn off automatic learning** +- **Disable** the Group Policy: **Computer Configuration > Administrative Templates > Control Panel > Regional and Language Options > Allow users to enable online speech recognition services** -or- -- Create a REG\_DWORD registry setting named **RestrictImplicitInkCollection** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\InputPersonalization** with a value of 1 (one). +- Set the Privacy\AllowInputPersonalization MDM Policy from the Policy CSP to **0 - Not allowed** -or- -- Create a REG\_DWORD registry setting named **AcceptedPrivacyPolicy** in **HKEY\_CURRENT\_USER\\Software\\Microsoft\\Personalization\\Settings** with a value of 0 (zero). - - -and- - -- Create a REG\_DWORD registry setting named **HarvestContacts** in **HKEY\_CURRENT\_USER\\Software\\Microsoft\\InputPersonalization\\TrainedDataStore** with a value of 0 (zero). - -If you're running at least Windows 10, version 1703, you can turn off updates to the speech recognition and speech synthesis models: - -- Disable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Speech** > **Allow automatically update of Speech Data** - -If you're running at least Windows 10, version 1607, you can turn off updates to the speech recognition and speech synthesis models: - -Apply the Speech/AllowSpeechModelUpdate MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962(v=vs.85).aspx#Speech_AllowSpeechModelUpdate), where: - -- **0** (default). Not allowed. -- **1**. Allowed. - - -or- - -- Create a REG\_DWORD registry setting named **ModelDownloadAllowed** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Speech_OneCore\\Preferences** with a value of 0 (zero). +- Create a REG_DWORD registry setting named **HasAccepted** in **HKEY_CURRENT_USER\\Software\\Microsoft\\Speech_OneCore\\Settings\\OnlineSpeechPrivacy** with a **value of 0 (zero)** ### 18.7 Account info @@ -1263,13 +1233,15 @@ To turn off **Let apps access my name, picture, and other account info**: - Apply the Privacy/LetAppsAccessAccountInfo MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessaccountinfo), where: - - **0**. User in control - - **1**. Force allow - - **2**. Force deny + - **0**. User in control + - **1**. Force allow + - **2**. Force deny -or- -- Create a REG\_DWORD registry setting named **LetAppsAccessAccountInfo** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). +- Create a REG_DWORD registry setting named **LetAppsAccessAccountInfo** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). + + To turn off **Choose the apps that can access your account info**: @@ -1293,13 +1265,13 @@ To turn off **Choose apps that can access contacts**: - Apply the Privacy/LetAppsAccessContacts MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccesscontacts), where: - - **0**. User in control - - **1**. Force allow - - **2**. Force deny + - **0**. User in control + - **1**. Force allow + - **2**. Force deny -or- -- Create a REG\_DWORD registry setting named **LetAppsAccessContacts** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). +- Create a REG_DWORD registry setting named **LetAppsAccessContacts** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). ### 18.9 Calendar @@ -1319,13 +1291,13 @@ To turn off **Let apps access my calendar**: - Apply the Privacy/LetAppsAccessCalendar MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccesscalendar), where: - - **0**. User in control - - **1**. Force allow - - **2**. Force deny + - **0**. User in control + - **1**. Force allow + - **2**. Force deny -or- -- Create a REG\_DWORD registry setting named **LetAppsAccessCalendar** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). +- Create a REG_DWORD registry setting named **LetAppsAccessCalendar** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). To turn off **Choose apps that can access calendar**: @@ -1349,13 +1321,13 @@ To turn off **Let apps access my call history**: - Apply the Privacy/LetAppsAccessCallHistory MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccesscallhistory), where: - - **0**. User in control - - **1**. Force allow - - **2**. Force deny + - **0**. User in control + - **1**. Force allow + - **2**. Force deny -or- -- Create a REG\_DWORD registry setting named **LetAppsAccessCallHistory** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). +- Create a REG_DWORD registry setting named **LetAppsAccessCallHistory** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). ### 18.11 Email @@ -1381,7 +1353,7 @@ To turn off **Let apps access and send email**: -or- -- Create a REG\_DWORD registry setting named **LetAppsAccessEmail** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). +- Create a REG_DWORD registry setting named **LetAppsAccessEmail** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). ### 18.12 Messaging @@ -1401,13 +1373,13 @@ To turn off **Let apps read or send messages (text or MMS)**: - Apply the Privacy/LetAppsAccessMessaging MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessmessaging), where: - - **0**. User in control - - **1**. Force allow - - **2**. Force deny + - **0**. User in control + - **1**. Force allow + - **2**. Force deny -or- -- Create a REG\_DWORD registry setting named **LetAppsAccessMessaging** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). +- Create a REG_DWORD registry setting named **LetAppsAccessMessaging** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). To turn off **Choose apps that can read or send messages**: @@ -1415,13 +1387,13 @@ To turn off **Choose apps that can read or send messages**: **To turn off Message Sync** -- Create a REG\_DWORD registry setting named **AllowMessageSync** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\Messaging and set the value to 0. +- Create a REG_DWORD registry setting named **AllowMessageSync** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\Messaging** and set the **value to 0 (zero)**. -or- - Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Messaging** - - Set the **Allow Message Service Cloud** to **Disable**. + - Set the **Allow Message Service Cloud Sync** to **Disable**. ### 18.13 Phone calls @@ -1441,13 +1413,13 @@ To turn off **Let apps make phone calls**: - Apply the Privacy/LetAppsAccessPhone MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone), where: - - **0**. User in control - - **1**. Force allow - - **2**. Force deny + - **0**. User in control + - **1**. Force allow + - **2**. Force deny -or- -- Create a REG\_DWORD registry setting named **LetAppsAccessPhone** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). +- Create a REG_DWORD registry setting named **LetAppsAccessPhone** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). To turn off **Choose apps that can make phone calls**: @@ -1478,7 +1450,7 @@ To turn off **Let apps control radios**: -or- -- Create a REG\_DWORD registry setting named **LetAppsAccessRadios** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). +- Create a REG_DWORD registry setting named **LetAppsAccessRadios** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). To turn off **Choose apps that can control radios**: @@ -1491,23 +1463,19 @@ In the **Other Devices** area, you can choose whether devices that aren't paired To turn off **Let apps automatically share and sync info with wireless devices that don't explicitly pair with your PC, tablet, or phone**: -- Turn off the feature in the UI. +- Turn off the feature in the UI by going to Settings > Privacy > Other devices > "Communicate with unpaired devices. Let apps automatically share and sync info with wireless devices that don't explicitly pair with your PC, tablet, or phone" and **Turn it OFF**. -or- -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps sync with devices** +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps communicate with unpaired devices** and set the **Select a setting** box to **Force Deny**. -or- -- Apply the Privacy/LetAppsSyncWithDevices MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappssyncwithdevices), where: - - - **0**. User in control - - **1**. Force allow - - **2**. Force deny +- Set the Privacy/LetAppsSyncWithDevices MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappssyncwithdevices) to **2**. Force deny -or- -- Create a REG\_DWORD registry setting named **LetAppsSyncWithDevices** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). +- Create a REG_DWORD registry setting named **LetAppsSyncWithDevices** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**. To turn off **Let your apps use your trusted devices (hardware you've already connected, or comes with your PC, tablet, or phone)**: @@ -1515,9 +1483,11 @@ To turn off **Let your apps use your trusted devices (hardware you've already co -or- -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access trusted devices** +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access trusted devices** and set the **Select a setting** box to **Force Deny**. -- Set the **Select a setting** box to **Force Deny**. + -or- + +- Create a REG_DWORD registry setting named **LetAppsAccessTrustedDevices** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**. -or- @@ -1538,24 +1508,23 @@ To change how frequently **Windows should ask for my feedback**: > Feedback frequency only applies to user-generated feedback, not diagnostic and usage data sent from the device. - - To change from **Automatically (Recommended)**, use the drop-down list in the UI. -or- -- Enable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Data Collection and Preview Builds** > **Do not show feedback notifications** +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Data Collection and Preview Builds** > **Do not show feedback notifications** -or- -- Create a REG\_DWORD registry setting named **DoNotShowFeedbackNotifications** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\DataCollection** with a value of 1 (one). +- Create a REG_DWORD registry setting named **DoNotShowFeedbackNotifications** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\DataCollection** with a value of 1 (one). -or- -- Create the registry keys (REG\_DWORD type): +- Create the registry keys (REG_DWORD type): - - HKEY\_CURRENT\_USER\\Software\\Microsoft\\Siuf\\Rules\\PeriodInNanoSeconds + - HKEY_CURRENT_USER\\Software\\Microsoft\\Siuf\\Rules\\PeriodInNanoSeconds - - HKEY\_CURRENT\_USER\\Software\\Microsoft\\Siuf\\Rules\\NumberOfSIUFInPeriod + - HKEY_CURRENT_USER\\Software\\Microsoft\\Siuf\\Rules\\NumberOfSIUFInPeriod Based on these settings: @@ -1574,11 +1543,11 @@ To change the level of diagnostic and usage data sent when you **Send your devic -or- -- Apply the Group Policy: **Computer Configuration\\Administrative Templates\\Windows Components\\Data Collection And Preview Builds\\Allow Telemetry** and select the appropriate option for your deployment. +- **Enable** the Group Policy: **Computer Configuration\\Administrative Templates\\Windows Components\\Data Collection And Preview Builds\\Allow Telemetry** and **set it to a value of 0**. -or- -- Create a REG\_DWORD registry setting in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\DataCollection\\AllowTelemetry** with a value of 0-3, as appropriate for your deployment (see below for the values for each level). +- Create a REG_DWORD registry setting in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\DataCollection\\AllowTelemetry** with a **value of 0**. > [!NOTE] > If the **Security** option is configured by using Group Policy or the Registry, the value will not be reflected in the UI. The **Security** option is only available in Windows 10 Enterprise edition. @@ -1587,25 +1556,14 @@ To change the level of diagnostic and usage data sent when you **Send your devic - Apply the System/AllowTelemetry MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx), where: - - **0**. Maps to the **Security** level. + - **0**. Maps to the **Security** level. - - **1**. Maps to the **Basic** level. + - **1**. Maps to the **Basic** level. - - **2**. Maps to the **Enhanced** level. + - **2**. Maps to the **Enhanced** level. - - **3**. Maps to the **Full** level. - - -or- - -- Create a provisioning package, using **Runtime settings** > **Policies** > **System** > **AllowTelemetry**, where: - - - **0**. Maps to the **Security** level. - - - **1**. Maps to the **Basic** level. - - - **2**. Maps to the **Enhanced** level. - - - **3**. Maps to the **Full** level. + - **3**. Maps to the **Full** level. + To turn off tailored experiences with relevant tips and recommendations by using your diagnostics data: @@ -1613,7 +1571,20 @@ To turn off tailored experiences with relevant tips and recommendations by using -or- -- Apply the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Do not use diagnostic data for tailored experiences** +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Turn off Microsoft consumer experiences** + + -or- + +- Create a REG_DWORD registry setting named **DisableWindowsConsumerFeatures** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a value of **1** + + -and- + +- **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Do not use diagnostic data for tailored experiences** + + -or- + +- Create a REG_DWORD registry setting named **DisableTailoredExperiencesWithDiagnosticData** in **HKEY_Current_User\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a value of **1** + ### 18.17 Background apps @@ -1621,25 +1592,23 @@ In the **Background Apps** area, you can choose which apps can run in the backgr To turn off **Let apps run in the background**: -- In **Background apps**, set **Let apps run in the background** to **Off**. +- In the **Background apps** settings page, set **Let apps run in the background** to **Off**. -or- -- In **Background apps**, turn off the feature for each app. +- In the **Background apps** settings page, turn off the feature for each app. + + -or- + +- **Enable** the Group Policy (only applicable for Windows 10 version 1703 and above): **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps run in the background** and set the **Select a setting** box to **Force Deny**. -or- -- Apply the Group Policy (only applicable for Windows 10, version 1703): **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps run in the background** - - - Set the **Select a setting** box to **Force Deny**. +- Create a REG_DWORD registry setting named **LetAppsRunInBackground** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)** -or- -- Apply the Privacy/LetAppsRunInBackground MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessruninbackground), where: - - - **0**. User in control - - **1**. Force allow - - **2**. Force deny +- Set the Privacy/LetAppsRunInBackground MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessruninbackground) to **2 Force Deny**. > [!NOTE] > Some apps, including Cortana and Search, might not function as expected if you set **Let apps run in the background** to **Force Deny**. @@ -1654,19 +1623,20 @@ To turn off **Let Windows and your apps use your motion data and collect motion -or- -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access motion** +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access motion** and set the **Default for all apps** to **Force Deny** + + -or- + +- Create a REG_DWORD registry setting named **LetAppsAccessMotion** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**. -or- - Apply the Privacy/LetAppsAccessMotion MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessmotion), where: - - **0**. User in control - - **1**. Force allow - - **2**. Force deny + - **0**. User in control + - **1**. Force allow + - **2**. Force deny - -or- - -- Create a REG\_DWORD registry setting named **LetAppsAccessMotion** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). ### 18.19 Tasks @@ -1678,17 +1648,19 @@ To turn this off: -or- -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access Tasks** +- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access Tasks**. Set the **Select a setting** box to **Force Deny**. - - Set the **Select a setting** box to **Force Deny**. + -or- + +- Create a REG_DWORD registry setting named **LetAppsAccessTasks** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**. -or- - Apply the Privacy/LetAppsAccessTasks MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccesstasks), where: - - **0**. User in control - - **1**. Force allow - - **2**. Force deny + - **0**. User in control + - **1**. Force allow + - **2**. Force deny ### 18.20 App Diagnostics @@ -1700,59 +1672,117 @@ To turn this off: -or- -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access dignostic information about other apps** +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access dignostic information about other apps** -or- -- Apply the Privacy/LetAppsGetDiagnosticInfo MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsgetdiagnosticinfo), where: +- Create a REG_DWORD registry setting named **LetAppsGetDiagnosticInfo** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**. - - **0**. User in control - - **1**. Force allow - - **2**. Force deny + -or- +- Set the Privacy/LetAppsGetDiagnosticInfo MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsgetdiagnosticinfo) to **2**. Force deny + + +### 18.21 Inking & Typing + +In the **Inking & Typing** area you can configure the functionality as such: + +To turn off Inking & Typing data collection (note: there is no Group Policy for this setting): + + - In the UI go to **Settings -> Privacy -> Diagnostics & Feedback -> Inking and typing** and turn **Improve inking & typing** to **Off** + + -or- + + - Set **RestrictImplicitTextCollection** registry REG_DWORD setting in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\InputPersonalization** to a **value of 1 (one)** + + -or- + + - Set the Privacy\AllowInputPersonalization MDM Policy from the Policy CSP. + [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) to **0** (not allowed). This policy setting controls the ability to send inking and typing data to Microsoft to improve the language recognition and suggestion capabilities of apps and services running on Windows. + + +If you're running at least Windows 10, version 1703, you can turn off updates to the speech recognition and speech synthesis models: + + **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Speech** > **Allow automatic update of Speech Data** + + -or- + + - Create a REG_DWORD registry setting named **AllowSpeechModelUpdate** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Speech** with a **value of 0 (zero)** + + -or- + + - Set the Speech/AllowSpeechModelUpdate MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962(v=vs.85).aspx#Speech_AllowSpeechModelUpdate) to **0** + + +> [!NOTE] +> Releases 1803 and earlier support **Speech, Inking, & Typing** as a combined settings area. For customizing those setting please follow the below instructions. For 1809 and above **Speech** and **Inking & Typing** are separate settings pages, please see the specific section (18.6 Speech or 18.21 Inking and Typing) above for those areas. + +In the **Speech, Inking, & Typing** area, you can let Windows and Cortana better understand your employee's voice and written input by sampling their voice and writing, and by comparing verbal and written input to contact names and calendar entrees. + + For more info on how to disable Cortana in your enterprise, see [Cortana](#bkmk-cortana) in this article. + + To turn off the functionality: + + - Click the **Stop getting to know me** button, and then click **Turn off**. + + -or- + + - Enable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Regional and Language Options** > **Handwriting personalization** > **Turn off automatic learning** + + -or- + + - Create a REG_DWORD registry setting named **RestrictImplicitInkCollection** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\InputPersonalization** with a value of 1 (one). + + -or- + + - Create a REG_DWORD registry setting named **AcceptedPrivacyPolicy** in **HKEY_CURRENT_USER\\Software\\Microsoft\\Personalization\\Settings** with a value of 0 (zero). + + -and- + + - Create a REG_DWORD registry setting named **HarvestContacts** in **HKEY_CURRENT_USER\\Software\\Microsoft\\InputPersonalization\\TrainedDataStore** with a value of **0 (zero)**. ### 19. Software Protection Platform -Enterprise customers can manage their Windows activation status with volume licensing using an on-premises Key Management Server. You can opt out of sending KMS client activation data to Microsoft automatically by doing one of the following: + Enterprise customers can manage their Windows activation status with volume licensing using an on-premises Key Management Server. You can opt out of sending KMS client activation data to Microsoft automatically by doing one of the following: -For Windows 10: + **For Windows 10:** -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Software Protection Platform** > **Turn off KMS Client Online AVS Validation** + - **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Software Protection Platform** > **Turn off KMS Client Online AVS Validation** -or- -- Apply the Licensing/DisallowKMSClientOnlineAVSValidation MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where 0 is disabled (default) and 1 is enabled. + - Apply the Licensing/DisallowKMSClientOnlineAVSValidation MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) and **set the value to 1 (Enabled)**. -or- -- Create a REG\_DWORD registry setting named **NoGenTicket** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a value of 1 (one). + - Create a REG_DWORD registry setting named **NoGenTicket** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a **value of 1 (one)**. -For Windows Server 2019 or later: +**For Windows Server 2019 or later:** -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Software Protection Platform** > **Turn off KMS Client Online AVS Validation** + - **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Software Protection Platform** > **Turn off KMS Client Online AVS Validation** -or- -- Create a REG\_DWORD registry setting named **NoGenTicket** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a value of 1 (one). + - Create a REG_DWORD registry setting named **NoGenTicket** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a value of 1 (one). -For Windows Server 2016: -- Create a REG\_DWORD registry setting named **NoAcquireGT** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a value of 1 (one). +**For Windows Server 2016:** ->[!NOTE] ->Due to a known issue the **Turn off KMS Client Online AVS Validation** group policy does not work as intended on Windows Server 2016, the **NoAcquireGT** value needs to be set instead. + - Create a REG_DWORD registry setting named **NoAcquireGT** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a value of 1 (one). -The Windows activation status will be valid for a rolling period of 180 days with weekly activation status checks to the KMS. + >[!NOTE] + >Due to a known issue the **Turn off KMS Client Online AVS Validation** group policy does not work as intended on Windows Server 2016, the **NoAcquireGT** value needs to be set instead. + >The Windows activation status will be valid for a rolling period of 180 days with weekly activation status checks to the KMS. ### 20. Storage health Enterprise customers can manage updates to the Disk Failure Prediction Model. For Windows 10: -- Disable this Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Storage Health** > **Allow downloading updates to the Disk Failure Prediction Model** +- **Disable** this Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Storage Health** > **Allow downloading updates to the Disk Failure Prediction Model** -or- -- Create a REG\_DWORD registry setting named **AllowDiskHealthModelUpdates** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\StorageHealth** with a value of 0. +- Create a REG_DWORD registry setting named **AllowDiskHealthModelUpdates** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\StorageHealth** with a value of 0. ### 21. Sync your settings @@ -1762,28 +1792,24 @@ You can control if your settings are synchronized: -or- -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Sync your settings** > **Do not sync** +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Sync your settings** > **Do not sync**. Leave the "Allow users to turn syncing on" checkbox **unchecked**. -or- -- Create a REG\_DWORD registry setting named **DisableSettingSync** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\SettingSync** with a value of 2 (two) and another named **DisableSettingSyncUserOverride** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\SettingSync** with a value of 1 (one). +- Create a REG_DWORD registry setting named **DisableSettingSync** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\SettingSync** with a value of 2 (two) and another named **DisableSettingSyncUserOverride** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\SettingSync** with a value of 1 (one). -or- -- Apply the Experience/AllowSyncMySettings MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where 0 is not allowed and 1 is allowed. +- Apply the Experience/AllowSyncMySettings MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) and **set the value to 0 (not allowed)**. - -or- - -- Create a provisioning package, using **Runtime settings** > **Policies** > **Experience** > **AllowSyncMySettings**, where - - - **No**. Settings are not synchronized. - - - **Yes**. Settings are synchronized. (default) To turn off Messaging cloud sync: -- Set the Group Policy Allow Message Service Cloud to Disable. The Group Policy path is Computer Configuration\Administrative templates\Windows Components\Messaging\Allow Message Service Cloud -- Create a REG\_DWORD registry setting named **CloudServiceSyncEnabled** in **HKEY\_CURRENT\_USER\\SOFTWARE\\Microsoft\\Messaging** with a value of 0 (zero). +- Note: There is no Group Policy corresponding to this registry key. + + -or- + +- Create a REG_DWORD registry setting named **CloudServiceSyncEnabled** in **HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Messaging** and set to a **value of 0 (zero)**. ### 22. Teredo @@ -1792,15 +1818,12 @@ You can disable Teredo by using Group Policy or by using the netsh.exe command. >[!NOTE] >If you disable Teredo, some XBOX gaming features and Windows Update Delivery Optimization will not work. -- Enable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Network** > **TCPIP Settings** > **IPv6 Transition Technologies** > **Set Teredo State** and set it to **Disabled State**. +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Network** > **TCPIP Settings** > **IPv6 Transition Technologies** > **Set Teredo State** and set it to **Disabled State**. -or- -- Create a new REG\_SZ registry setting named **Teredo_State** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\TCPIP\\v6Transition** with a value of **Disabled**. +- Create a new REG_SZ registry setting named **Teredo_State** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\TCPIP\\v6Transition** with a value of **Disabled**. - -or- - -- From an elevated command prompt, run **netsh interface teredo set state disabled** ### 23. Wi-Fi Sense @@ -1811,23 +1834,16 @@ Wi-Fi Sense automatically connects devices to known hotspots and to the wireless To turn off **Connect to suggested open hotspots** and **Connect to networks shared by my contacts**: -- Turn off the feature in the UI. +- Turn off the feature in the UI in Settings > Network & Internet > Wi-Fi -or- -- Disable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Network** > **WLAN Service** > **WLAN Settings** > **Allow Windows to automatically connect to suggested open hotspots, to networks shared by contacts, and to hotspots offering paid services**. +- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Network** > **WLAN Service** > **WLAN Settings** > **Allow Windows to automatically connect to suggested open hotspots, to networks shared by contacts, and to hotspots offering paid services**. -or- -- Create a new REG\_DWORD registry setting named **AutoConnectAllowedOEM** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\WcmSvc\\wifinetworkmanager\\config** with a value of 0 (zero). +- Create a new REG_DWORD registry setting named **AutoConnectAllowedOEM** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\WcmSvc\\wifinetworkmanager\\config** with a **value of 0 (zero)**. - -or- - -- Change the Windows Provisioning setting, WiFISenseAllowed, to 0 (zero). For more info, see the Windows Provisioning Settings reference doc, [WiFiSenseAllowed](https://go.microsoft.com/fwlink/p/?LinkId=620909). - - -or- - -- Use the Unattended settings to set the value of WiFiSenseAllowed to 0 (zero). For more info, see the Unattended Windows Setup reference doc, [WiFiSenseAllowed](https://go.microsoft.com/fwlink/p/?LinkId=620910). When turned off, the Wi-Fi Sense settings still appear on the Wi-Fi Settings screen, but they’re non-functional and they can’t be controlled by the employee. @@ -1835,67 +1851,76 @@ When turned off, the Wi-Fi Sense settings still appear on the Wi-Fi Settings scr You can disconnect from the Microsoft Antimalware Protection Service. -- Disable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **MAPS** > **Join Microsoft MAPS** +- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **MAPS** > **Join Microsoft MAPS** and then select **Disabled** from the drop down box named **Join Microsoft MAPS** - -or- +-OR- -- Delete the registry setting **named** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\Updates**. +- Use the registry to set the REG_DWORD value **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows Defender\\Spynet\\SpyNetReporting** to **0 (zero)**. - -or- + -and- + +- Delete the registry setting **named** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Updates**. + +-OR- - For Windows 10 only, apply the Defender/AllowClouldProtection MDM policy from the [Defender CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). - -or- - -- Use the registry to set the REG\_DWORD value **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows Defender\\Spynet\\SpyNetReporting** to 0 (zero). - - -and- - - From an elevated Windows PowerShell prompt, run **set-mppreference -Mapsreporting 0** You can stop sending file samples back to Microsoft. -- Set the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **MAPS** > **Send file samples when further analysis is required** to **Always Prompt** or **Never Send**. +- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **MAPS** > **Send file samples when further analysis is required** to **Never Send**. -or- -- For Windows 10 only, apply the Defender/SubmitSamplesConsent MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender), where: - - - **0**. Always prompt. - - - **1**. (default) Send safe samples automatically. - - - **2**. Never send. - - - **3**. Send all samples automatically. +- For Windows 10 only, apply the Defender/SubmitSamplesConsent MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender) to **2 (two) for Never Send**. -or- -- Use the registry to set the REG\_DWORD value **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows Defender\\Spynet\\SubmitSamplesConsent** to 0 (zero) to always prompt or 2 to never send. +- Use the registry to set the REG_DWORD value **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows Defender\\Spynet\\SubmitSamplesConsent** to **2 (two) for Never Send**. -You can stop downloading definition updates: -- Enable the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Signature Updates** > **Define the order of sources for downloading definition updates** and set it to **FileShares**. +You can stop downloading **Definition Updates**: + +- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Signature Updates** > **Define the order of sources for downloading definition updates** and set it to **FileShares**. -and- -- Disable the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Signature Updates** > **Define file shares for downloading definition updates** and set it to nothing. +- **Disable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Signature Updates** > **Define file shares for downloading definition updates** and set it to **Nothing**. -or- -- Create a new REG\_SZ registry setting named **FallbackOrder** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\Updates** with a value of **FileShares**. +- Create a new REG_SZ registry setting named **FallbackOrder** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Signature Updates** with a value of **FileShares**. -For Windows 10 only, you can stop Enhanced Notifications: + -and- -- Turn off the feature in the UI. +- **Remove** the **DefinitionUpdateFileSharesSources** reg value if it exists under **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Signature Updates** + + +You can turn off **Malicious Software Reporting Tool diagnostic data**: + +- Set the REG_DWORD value **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\MRT\\DontReportInfectionInformation** to **1**. + +**Note:** There is no Group Policy to turn off the Malicious Software Reporting Tool diagnostic data. + + +You can turn off **Enhanced Notifications** as follows: + +- Set in the UI: Settings -> Update & Security -> Windows Security -> Virus & Threat Protection -> Virus & Threat Protection Manage Settings -> scroll to bottom for Notifications, click Change Notifications Settings -> Notifications -> click Manage Notifications -> Turn off General Notifications + + -or- + +- **Enable** the Group Policy **Turn off enhanced notifications** under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Reporting**. + + -or- + +- Create a new REG_SZ registry setting named **DisableEnhancedNotifications** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\Reporting** to a value of **1**. -You can also use the registry to turn off Malicious Software Reporting Tool diagnostic data by setting the REG\_DWORD value **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\MRT\\DontReportInfectionInformation** to 1. ### 24.1 Windows Defender SmartScreen To disable Windows Defender Smartscreen: -- In Group Policy, configure - **Computer Configuration > Administrative Templates > Windows Components > Windows Defender SmartScreen > Explorer > Configure Windows Defender SmartScreen** : **Disable** +- In Group Policy, configure - **Computer Configuration > Administrative Templates > Windows Components > Windows Defender SmartScreen > Explorer > Configure Windows Defender SmartScreen** to be **Disabled** -and- @@ -1903,137 +1928,148 @@ To disable Windows Defender Smartscreen: -and- -- **Computer Configuration > Administrative Templates > Windows Components > Windows Defender SmartScreen > Explorer > Configure app install control** : **Enable** +- **Computer Configuration > Administrative Templates > Windows Components > Windows Defender SmartScreen > Explorer > Configure app install control** : **Enable**, and select **Turn off app recommendations** - -or- +-OR- -- Create a REG_DWORD registry setting named **EnableSmartScreen** in **HKEY_LOCAL_MACHINE\Sofware\Policies\Microsoft\Windows\System** with a value of 0 (zero). +- Create a REG_DWORD registry setting named **EnableSmartScreen** in **HKEY_LOCAL_MACHINE\\Sofware\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**. -and- -- Create a REG_DWORD registry setting named **ConfigureAppInstallControlEnabled** in **HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen** with a value of 1. - +- Create a REG_DWORD registry setting named **ConfigureAppInstallControlEnabled** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\SmartScreen** with a **value of 1**. + -and- -- Create a SZ registry setting named **ConfigureAppInstallControl** in **HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen** with a value of **Anywhere**. +- Create a SZ registry setting named **ConfigureAppInstallControl** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\SmartScreen** with a value of **Anywhere**. - -or- +-OR- -- Apply the Browser/AllowSmartScreen MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where 0 is turned off and 1 is turned on. +- Set the Browser/AllowSmartScreen MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) to **0 (turned Off)**. -### 25. Windows Media Player -To remove Windows Media Player on Windows 10: - -- From the **Programs and Features** control panel, click **Turn Windows features on or off**, under **Media Features**, clear the **Windows Media Player** check box, and then click **OK**. - - -or- - -- Run the following DISM command from an elevated command prompt: **dism /online /Disable-Feature /FeatureName:WindowsMediaPlayer** - -To remove Windows Media Player on Windows Server 2016: - -- Run the following DISM command from an elevated command prompt: **dism /online /Disable-Feature /FeatureName:WindowsMediaPlayer** - -### 26. Windows Spotlight +### 25. Windows Spotlight Windows Spotlight provides features such as different background images and text on the lock screen, suggested apps, Microsoft account notifications, and Windows tips. You can control it by using the user interface, MDM policy, or through Group Policy. -If you're running Windows 10, version 1607 or later, you only need to enable the following Group Policy: +If you're running Windows 10, version 1607 or later, you need to: -- **User Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Turn off all Windows spotlight features** +- **Enable** the following Group Policy **User Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Turn off all Windows spotlight features** > [!NOTE] > This must be done within 15 minutes after Windows 10 is installed. Alternatively, you can create an image with this setting. - -or- + -or- - For Windows 10 only, apply the Experience/AllowWindowsSpotlight MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience), with a value of 0 (zero). - -or- + -or- -- Create a new REG\_DWORD registry setting named **DisableWindowsSpotlightFeatures** in **HKEY\_CURRENT\_USER\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a value of 1 (one). +- Create a new REG_DWORD registry setting named **DisableWindowsSpotlightFeatures** in **HKEY_CURRENT_USER\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a value of 1 (one). --and- +-AND- -- **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Personalization** > **Do not display the Lock Screen** +- Enable the following Group Policy **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Personalization** > **Do not display the Lock Screen** - -or- + -or- -- Create a new REG\_DWORD registry setting named **NoLockScreen** in **HKEY\Local\Machine\\SOFTWARE\\Policies\\Microsoft\\Windows\\Personalization** with a value of 1 (one). +- Create a new REG_DWORD registry setting named **NoLockScreen** in **HKEY_Local_Machine\\SOFTWARE\\Policies\\Microsoft\\Windows\\Personalization** with a **value of 1 (one)** -If you're not running Windows 10, version 1607 or later, you can use the other options in this section. -- Configure the following in **Settings**: +-AND- - - **Personalization** > **Lock screen** > **Background** > **Windows spotlight**, select a different background, and turn off **Get fun facts, tips, tricks and more on your lock screen**. - - **Personalization** > **Start** > **Occasionally show suggestions in Start**. +- Configure the following in **Settings** UI: - - **System** > **Notifications & actions** > **Show me tips about Windows**. + - **Personalization** > **Lock screen** > **Background** > **Windows spotlight**, select a different background, and turn off **Get fun facts, tips, tricks and more on your lock screen** - -or- + - **Personalization** > **Start** > **Occasionally show suggestions in Start** + + - **System** > **Notifications & actions** > **Show me tips about Windows** + + -or- - Apply the Group Policies: - - **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Personalization** > **Force a specific default lock screen image**. - - Add a location in the **Path to local lock screen image** box. + - **Enable** the **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Personalization** > **Force a specific default lock screen image and logon image** Group Policy. + - Add **C:\\windows\\web\\screen\\lockscreen.jpg** as the location in the **Path to local lock screen image** box. - - Set the **Turn off fun facts, tips, tricks, and more on lock screen** check box. + - Check the **Turn off fun facts, tips, tricks, and more on lock screen** check box. > [!NOTE] - > This will only take effect if the policy is applied before the first logon. If you cannot apply the **Force a specific default lock screen image** policy before the first logon to the device, you can apply this policy: **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Personalization** > **Do not display the lock screen**. Alternatively, you can create a new REG\_SZ registry setting named **LockScreenImage** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Personalization** with a value of **C:\\windows\\web\\screen\\lockscreen.jpg** and create a new REG\_DWORD registry setting named **LockScreenOverlaysDisabled** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Personalization** with a value of 1 (one). + > This will only take effect if the policy is applied before the first logon. + > If you cannot apply the **Force a specific default lock screen image** policy before the first logon to the device, + > you can **Enable** the **Do not display the lock screen** policy under **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Personalization** + + > Alternatively, you can create a new REG_SZ registry setting named **LockScreenImage** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Personalization** + > with a value of **C:\\windows\\web\\screen\\lockscreen.jpg** and create a new REG_DWORD registry setting named **LockScreenOverlaysDisabled** in + > **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Personalization** with a value of **1 (one)**. + + > The Group Policy for the **LockScreenOverlaysDisabled** regkey is **Force a specific default lock screen and logon image** that is under **Control Panel** **Personalization**. - - **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Do not show Windows tips**. +-AND- - -or- - - Create a new REG\_DWORD registry setting named **DisableSoftLanding** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a value of 1 (one). + - Set the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Do not show Windows tips** to **Enabled** - - **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Turn off Microsoft consumer experiences**. + -or- - -or- + - Create a new REG_DWORD registry setting named **DisableSoftLanding** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a **value of 1 (one)** - - Create a new REG\_DWORD registry setting named **DisableWindowsConsumerFeatures** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a value of 1 (one). - - This policy setting controls whether the lock screen appears for users. The Do not display the lock screen Group Policy should be set to Enable to prevent the lock screen from being displayed. The Group Computer Configuration\Administrative templates\Control Panel\Personalization!Do not display the lock screen. +-AND- - - If you enable this policy setting, users that are not required to press CTRL + ALT + DEL before signing in will see their selected tile after locking their PC. - - If you disable or do not configure this policy setting, users that are not required to press CTRL + ALT + DEL before signing in will see a lock screen after locking their PC. They must dismiss the lock screen using touch, the keyboard, or by dragging it with the mouse. + - Set the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Turn off Microsoft consumer experiences** to **Enabled** + + -or- + + - Create a new REG_DWORD registry setting named **DisableWindowsConsumerFeatures** in **HKEY_LOCAL_MACHINE\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a **value of 1 (one)** + + +This policy setting controls whether the lock screen appears for users. The Do not display the lock screen Group Policy should be set to Enable to prevent the lock screen from being displayed. The Group Computer Configuration\Administrative templates\Control Panel\Personalization!Do not display the lock screen. + +If you enable this policy setting, users that are not required to press CTRL + ALT + DEL before signing in will see their selected tile after locking their PC. + +If you disable or do not configure this policy setting, users that are not required to press CTRL + ALT + DEL before signing in will see a lock screen after locking their PC. They must dismiss the lock screen using touch, the keyboard, or by dragging it with the mouse. For more info, see [Windows Spotlight on the lock screen](/windows/configuration/windows-spotlight). -### 27. Microsoft Store +### 26. Microsoft Store You can turn off the ability to launch apps from the Microsoft Store that were preinstalled or downloaded. This will also turn off automatic app updates, and the Microsoft Store will be disabled. In addition, new email accounts cannot be created by clicking **Settings** > **Accounts** > **Email & app accounts** > **Add an account**. On Windows Server 2016, this will block Microsoft Store calls from Universal Windows Apps. -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Store** > **Disable all apps from Microsoft Store**. +- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Store** > **Disable all apps from Microsoft Store**. -or- - - Create a new REG\_DWORD registry setting named **DisableStoreApps** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsStore** with a value of 1 (one). +- Create a new REG_DWORD registry setting named **DisableStoreApps** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsStore** with a value of 1 (one). -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Store** > **Turn off Automatic Download and Install of updates**. +-AND- + +- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Store** > **Turn off Automatic Download and Install of updates**. -or- - - Create a new REG\_DWORD registry setting named **AutoDownload** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsStore** with a value of 2 (two). +- Create a new REG_DWORD registry setting named **AutoDownload** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsStore** with a value of 2 (two). -### 27.1 Apps for websites +### 26.1 Apps for websites You can turn off apps for websites, preventing customers who visit websites that are registered with their associated app from directly launching the app. -Disable the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Group Policy** > **Configure web-to-app linking with URI handlers** +- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Group Policy** > **Configure web-to-app linking with URI handlers** -### 28. Windows Update Delivery Optimization + -or- + +- Create a new REG_DWORD registry setting named **EnableAppUriHandlers** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**. + +### 27. Windows Update Delivery Optimization Windows Update Delivery Optimization lets you get Windows updates and Microsoft Store apps from sources in addition to Microsoft, which not only helps when you have a limited or unreliable Internet connection, but can also help you reduce the amount of bandwidth needed to keep all of your organization's PCs up-to-date. If you have Delivery Optimization turned on, PCs on your network may send and receive updates and apps to other PCs on your local network, if you choose, or to PCs on the Internet. @@ -2041,33 +2077,39 @@ By default, PCs running Windows 10 Enterprise and Windows 10 Education will only Use the UI, Group Policy, MDM policies, or Windows Provisioning to set up Delivery Optimization. -In Windows 10, version 1607, you can stop network traffic related to Windows Update Delivery Optimization by setting **Download Mode** to **Simple** (99) or **Bypass** (100), as described below. +In Windows 10 version 1607 and above you can stop network traffic related to Windows Update Delivery Optimization by setting **Download Mode** to **Bypass** (100), as described below. -### 28.1 Settings > Update & security +### 27.1 Settings > Update & security You can set up Delivery Optimization from the **Settings** UI. - Go to **Settings** > **Update & security** > **Windows Update** > **Advanced options** > **Choose how updates are delivered**. -### 28.2 Delivery Optimization Group Policies +### 27.2 Delivery Optimization Group Policies You can find the Delivery Optimization Group Policy objects under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Delivery Optimization**. | Policy | Description | |---------------------------|-----------------------------------------------------------------------------------------------------| -| Download Mode | Lets you choose where Delivery Optimization gets or sends updates and apps, includingNone. Turns off Delivery Optimization.
Group. Gets or sends updates and apps to PCs on the same local network domain.
Internet. Gets or sends updates and apps to PCs on the Internet.
LAN. Gets or sends updates and apps to PCs on the same NAT only.
Simple. Simple download mode with no peering.
Bypass. Use BITS instead of Windows Update Delivery Optimization.Set to Bypass to restrict traffic.
None. Turns off Delivery Optimization.
Group. Gets or sends updates and apps to PCs on the same local network domain.
Internet. Gets or sends updates and apps to PCs on the Internet.
LAN. Gets or sends updates and apps to PCs on the same NAT only.
Simple. Simple download mode with no peering.
Bypass. Use BITS instead of Windows Update Delivery Optimization. **Set to Bypass** to restrict traffic.
**Note:** This ID must be a GUID.| | Max Cache Age | Lets you specify the maximum time (in seconds) that a file is held in the Delivery Optimization cache.
The default value is 259200 seconds (3 days).| | Max Cache Size | Lets you specify the maximum cache size as a percentage of disk size.
The default value is 20, which represents 20% of the disk.| | Max Upload Bandwidth | Lets you specify the maximum upload bandwidth (in KB/second) that a device uses across all concurrent upload activity.
The default value is 0, which means unlimited possible bandwidth.| -Set the Delivery Optimization Group Policy to "Bypass" to prevent traffic. Alternatively, you can set the **Download Mode** policy by creating a new REG\_DWORD registry setting named **DODownloadMode** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\DeliveryOptimization** to a value of 100 (one hundred). +### 27.3 Delivery Optimization -### 28.3 Delivery Optimization MDM policies +- **Enable** the **Download Mode** Group Policy under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Delivery Optimization** and set the **Download Mode** to **"Bypass"** to prevent traffic. + +-or- + +- Create a new REG_DWORD registry setting named **DODownloadMode** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\DeliveryOptimization** to a value of **100 (one hundred)**. + +### 27.4 Delivery Optimization MDM policies The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). -| Policy | Description | +| MDM Policy | Description | |---------------------------|-----------------------------------------------------------------------------------------------------| | DeliveryOptimization/DODownloadMode | Lets you choose where Delivery Optimization gets or sends updates and apps, including0. Turns off Delivery Optimization.
1. Gets or sends updates and apps to PCs on the same NAT only.
2. Gets or sends updates and apps to PCs on the same local network domain.
3. Gets or sends updates and apps to PCs on the Internet.
99. Simple download mode with no peering.
100. Use BITS instead of Windows Update Delivery Optimization.
**Note** This ID must be a GUID.| @@ -2076,52 +2118,54 @@ The following Delivery Optimization MDM policies are available in the [Policy CS | DeliveryOptimization/DOMaxUploadBandwidth | Lets you specify the maximum upload bandwidth (in KB/second) that a device uses across all concurrent upload activity.
The default value is 0, which means unlimited possible bandwidth.| -### 28.4 Delivery Optimization Windows Provisioning - -If you don't have an MDM server in your enterprise, you can use Windows Provisioning to configure the Delivery Optimization policies - -Use Windows ICD, included with the [Windows Assessment and Deployment Kit (Windows ADK)](https://go.microsoft.com/fwlink/p/?LinkId=526803), to create a provisioning package for Delivery Optimization. - -1. Open Windows ICD, and then click **New provisioning package**. - -2. In the **Name** box, type a name for the provisioning package, and then click **Next.** - -3. Click the **Common to all Windows editions** option, click **Next**, and then click **Finish**. - -4. Go to **Runtime settings** > **Policies** > **DeliveryOptimization** to configure the policies. - For more info about Delivery Optimization in general, see [Windows Update Delivery Optimization: FAQ](https://go.microsoft.com/fwlink/p/?LinkId=730684). -### 29. Windows Update +### 28. Windows Update You can turn off Windows Update by setting the following registry entries: -- Add a REG\_DWORD value named **DoNotConnectToWindowsUpdateInternetLocations** to **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\WindowsUpdate** and set the value to 1. +- Add a REG_DWORD value named **DoNotConnectToWindowsUpdateInternetLocations** to **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\WindowsUpdate** and set the value to 1. -and- -- Add a REG\_DWORD value named **DisableWindowsUpdateAccess** to **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\WindowsUpdate** and set the value to 1. +- Add a REG_DWORD value named **DisableWindowsUpdateAccess** to **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\WindowsUpdate** and set the value to 1. -and- -- Add a REG\_DWORD value named **UseWUServer** to **HKEY\_LOCAL\_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU** and set the value to 1. - - -or- - -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Update** > **Do not connect to any Windows Update Internet locations**. +- Add a REG_SZ value named **WUServer** to **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\WindowsUpdate** and ensure it is blank with a space character **" "**. -and- -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Internet Communication Management** > **Internet Communication Settings** > **Turn off access to all Windows Update features**. +- Add a REG_SZ value named **WUStatusServer** to **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\WindowsUpdate** and ensure it is blank with a space character **" "**. -and- -- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Update** > **Specify intranet Microsoft update service location** and set the **Set the alternate download server** to " ". +- Add a REG_SZ value named **UpdateServiceUrlAlternate** to **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\WindowsUpdate** and ensure it is blank with a space character **" "**. + + -and- + +- Add a REG_DWORD value named **UseWUServer** to **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\WindowsUpdate\\AU** and set the value to 1. + +-OR- + +- Set the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Update** > **Do not connect to any Windows Update Internet locations** to **Enabled** + + -and- + +- Set the Group Policy **Computer Configuration** > **Administrative Templates** > **System** > **Internet Communication Management** > **Internet Communication Settings** > **Turn off access to all Windows Update features** to **Enabled** + + -and- + +- Set the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Update** > **Specify intranet Microsoft update service location** to **Enabled** and ensure all Option settings (Intranet Update Service, Intranet Statistics Server, Alternate Download Server) are set to **" "** + + -and- + +- Set the Group Policy **User Configuration** > **Administrative Templates** > **Windows Components** > **Windows Update** > **Remove access to use all Windows Update features** to **Enabled** and then set **Computer Configurations** to **0 (zero)**. You can turn off automatic updates by doing one of the following. This is not recommended. -- Add a REG\_DWORD value named **AutoDownload** to **HKEY\_LOCAL\_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\WindowsStore\\WindowsUpdate** and set the value to 5. +- Add a REG_DWORD value named **AutoDownload** to **HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\WindowsStore\\WindowsUpdate** and set the value to 5. -or- @@ -2139,5 +2183,12 @@ You can turn off automatic updates by doing one of the following. This is not re - **5**. Turn off automatic updates. +For China releases of Windows 10 there is one additional Regkey to be set to prevent traffic: + +- Add a REG_DWORD value named **HapDownloadEnabled** to **HKEY_LOCAL_MACHINE\\Software\\Microsoft\\LexiconUpdate\\loc_0804** and set the value to 0. + + + + To learn more, see [Device update management](https://msdn.microsoft.com/library/windows/hardware/dn957432.aspx) and [Configure Automatic Updates by using Group Policy](https://technet.microsoft.com/library/cc720539.aspx). diff --git a/windows/privacy/manage-windows-1709-endpoints.md b/windows/privacy/manage-windows-1709-endpoints.md index a3e6817d6a..3c4c5afdbb 100644 --- a/windows/privacy/manage-windows-1709-endpoints.md +++ b/windows/privacy/manage-windows-1709-endpoints.md @@ -405,52 +405,21 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper |----------------|----------|------------| | svchost | HTTPS | *.prod.do.dsp.mp.microsoft.com | -The following endpoints are used to download operating system patches and updates. +The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store. If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not be able to download updates for the operating system. | Source process | Protocol | Destination | |----------------|----------|------------| | svchost | HTTP | *.windowsupdate.com | -| | HTTP | fg.download.windowsupdate.com.c.footprint.net | - -The following endpoint is used by the Highwinds Content Delivery Network to perform Windows updates. -If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not perform updates. - -| Source process | Protocol | Destination | -|----------------|----------|------------| -| | | cds.d2s7q6s2.hwcdn.net | - -The following endpoints are used by the Verizon Content Delivery Network to perform Windows updates. -If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not perform updates. - -| Source process | Protocol | Destination | -|----------------|----------|------------| -| | HTTP | *wac.phicdn.net | -| | | *wac.edgecastcdn.net | - -The following endpoint is used to download apps and Windows Insider Preview builds from the Microsoft Store. Time Limited URL (TLU) is a mechanism for protecting the content. For example, it prevents someone from copying the URL and then getting access to the app that the person has not acquired). -If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the updating functionality on this device is essentially in a disabled state, resulting in user unable to get apps from the Store, get latest version of Windows, and so on. - -| Source process | Protocol | Destination | -|----------------|----------|------------| -| svchost | | *.tlu.dl.delivery.mp.microsoft.com.c.footprint.net | - -The following endpoint is used to download apps from the Microsoft Store. It's used as part of calculating the right ranges for apps. -If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), users of the device will not able to get apps from the Microsoft Store. - -| Source process | Protocol | Destination | -|----------------|----------|------------| -| svchost | | emdl.ws.microsoft.com | +| svchost | HTTP | *.dl.delivery.mp.microsoft.com | The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store. If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not be able to connect to Windows Update and Microsoft Update to help keep the device secure. Also, the device will not be able to acquire and update apps from the Store. | Source process | Protocol | Destination | |----------------|----------|------------| -| svchost | HTTPS | fe2.update.microsoft.com | -| svchost | | fe3.delivery.mp.microsoft.com | -| | | fe3.delivery.dsp.mp.microsoft.com.nsatc.net | -| svchost | HTTPS | sls.update.microsoft.com | +| svchost | HTTPS | *.update.microsoft.com | +| svchost | HTTPS | *.delivery.mp.microsoft.com | The following endpoint is used for content regulation. If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the Windows Update Agent will be unable to contact the endpoint and fallback behavior will be used. This may result in content being either incorrectly downloaded or not downloaded at all. @@ -459,14 +428,6 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper |----------------|----------|------------| | svchost | HTTPS | tsfe.trafficshaping.dsp.mp.microsoft.com | -The following endpoints are used to download content. -If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), you will block any content from being downloaded. - -| Source process | Protocol | Destination | -|----------------|----------|------------| -| | | a122.dscd.akamai.net | -| | | a1621.g.akamai.net | - ## Microsoft forward link redirection service (FWLink) The following endpoint is used by the Microsoft forward link redirection service (FWLink) to redirect permanent web links to their actual, sometimes transitory, URL. FWlinks are similar to URL shorteners, just longer. @@ -490,4 +451,4 @@ To view endpoints for non-Enterprise Windows 10 editions, see: ## Related links - [Office 365 URLs and IP address ranges](https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US) -- [Network infrastructure requirements for Microsoft Intune](https://docs.microsoft.com/intune/get-started/network-infrastructure-requirements-for-microsoft-intune) \ No newline at end of file +- [Network infrastructure requirements for Microsoft Intune](https://docs.microsoft.com/intune/get-started/network-infrastructure-requirements-for-microsoft-intune) diff --git a/windows/privacy/manage-windows-1803-endpoints.md b/windows/privacy/manage-windows-1803-endpoints.md index c23ac04672..44e5f88ceb 100644 --- a/windows/privacy/manage-windows-1803-endpoints.md +++ b/windows/privacy/manage-windows-1803-endpoints.md @@ -410,53 +410,21 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper |----------------|----------|------------| | svchost | HTTPS | *.prod.do.dsp.mp.microsoft.com | -The following endpoints are used to download operating system patches and updates. +The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store. If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not be able to download updates for the operating system. | Source process | Protocol | Destination | |----------------|----------|------------| | svchost | HTTP | *.windowsupdate.com | -| | HTTP | fg.download.windowsupdate.com.c.footprint.net | - -The following endpoint is used by the Highwinds Content Delivery Network to perform Windows updates. -If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not perform updates. - -| Source process | Protocol | Destination | -|----------------|----------|------------| -| | | cds.d2s7q6s2.hwcdn.net | - -The following endpoints are used by the Verizon Content Delivery Network to perform Windows updates. -If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not perform updates. - -| Source process | Protocol | Destination | -|----------------|----------|------------| -| | HTTP | *wac.phicdn.net | -| | | *wac.edgecastcdn.net | - -The following endpoint is used to download apps and Windows Insider Preview builds from the Microsoft Store. Time Limited URL (TLU) is a mechanism for protecting the content. For example, it prevents someone from copying the URL and then getting access to the app that the person has not acquired). -If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the updating functionality on this device is essentially in a disabled state, resulting in user unable to get apps from the Store, get latest version of Windows, and so on. - -| Source process | Protocol | Destination | -|----------------|----------|------------| -| svchost | | *.tlu.dl.delivery.mp.microsoft.com.c.footprint.net | - -The following endpoint is used to download apps from the Microsoft Store. It's used as part of calculating the right ranges for apps. -If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), users of the device will not able to get apps from the Microsoft Store. - -| Source process | Protocol | Destination | -|----------------|----------|------------| -| svchost | | emdl.ws.microsoft.com | +| svchost | HTTP | *.dl.delivery.mp.microsoft.com | The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store. If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not be able to connect to Windows Update and Microsoft Update to help keep the device secure. Also, the device will not be able to acquire and update apps from the Store. | Source process | Protocol | Destination | |----------------|----------|------------| -| svchost | HTTPS | fe2.update.microsoft.com | -| svchost | | fe3.delivery.mp.microsoft.com | -| | | fe3.delivery.dsp.mp.microsoft.com.nsatc.net | -| svchost | HTTPS | sls.update.microsoft.com | -| | HTTP | *.dl.delivery.mp.microsoft.com | +| svchost | HTTPS | *.update.microsoft.com | +| svchost | HTTPS | *.delivery.mp.microsoft.com | The following endpoint is used for content regulation. If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the Windows Update Agent will be unable to contact the endpoint and fallback behavior will be used. This may result in content being either incorrectly downloaded or not downloaded at all. @@ -465,14 +433,6 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper |----------------|----------|------------| | svchost | HTTPS | tsfe.trafficshaping.dsp.mp.microsoft.com | -The following endpoints are used to download content. -If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), you will block any content from being downloaded. - -| Source process | Protocol | Destination | -|----------------|----------|------------| -| | | a122.dscd.akamai.net | -| | | a1621.g.akamai.net | - ## Microsoft forward link redirection service (FWLink) The following endpoint is used by the Microsoft forward link redirection service (FWLink) to redirect permanent web links to their actual, sometimes transitory, URL. FWlinks are similar to URL shorteners, just longer. @@ -496,4 +456,4 @@ To view endpoints for non-Enterprise Windows 10 editions, see: ## Related links - [Office 365 URLs and IP address ranges](https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US) -- [Network infrastructure requirements for Microsoft Intune](https://docs.microsoft.com/intune/get-started/network-infrastructure-requirements-for-microsoft-intune) \ No newline at end of file +- [Network infrastructure requirements for Microsoft Intune](https://docs.microsoft.com/intune/get-started/network-infrastructure-requirements-for-microsoft-intune) diff --git a/windows/privacy/manage-windows-1809-endpoints.md b/windows/privacy/manage-windows-1809-endpoints.md index 74fa377991..33042b0ada 100644 --- a/windows/privacy/manage-windows-1809-endpoints.md +++ b/windows/privacy/manage-windows-1809-endpoints.md @@ -440,53 +440,21 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper |----------------|----------|------------| | svchost | HTTPS | *.prod.do.dsp.mp.microsoft.com | -The following endpoints are used to download operating system patches and updates. +The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store. If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not be able to download updates for the operating system. | Source process | Protocol | Destination | |----------------|----------|------------| | svchost | HTTP | *.windowsupdate.com | -| | HTTP | fg.download.windowsupdate.com.c.footprint.net | - -The following endpoint is used by the Highwinds Content Delivery Network to perform Windows updates. -If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not perform updates. - -| Source process | Protocol | Destination | -|----------------|----------|------------| -| | | cds.d2s7q6s2.hwcdn.net | - -The following endpoints are used by the Verizon Content Delivery Network to perform Windows updates. -If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not perform updates. - -| Source process | Protocol | Destination | -|----------------|----------|------------| -| | HTTP | *wac.phicdn.net | -| | | *wac.edgecastcdn.net | - -The following endpoint is used to download apps and Windows Insider Preview builds from the Microsoft Store. Time Limited URL (TLU) is a mechanism for protecting the content. For example, it prevents someone from copying the URL and then getting access to the app that the person has not acquired). -If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the updating functionality on this device is essentially in a disabled state, resulting in user unable to get apps from the Store, get latest version of Windows, and so on. - -| Source process | Protocol | Destination | -|----------------|----------|------------| -| svchost | | *.tlu.dl.delivery.mp.microsoft.com.c.footprint.net | - -The following endpoint is used to download apps from the Microsoft Store. It's used as part of calculating the right ranges for apps. -If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), users of the device will not able to get apps from the Microsoft Store. - -| Source process | Protocol | Destination | -|----------------|----------|------------| -| svchost | | emdl.ws.microsoft.com | +| svchost | HTTP | *.dl.delivery.mp.microsoft.com | The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store. If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the device will not be able to connect to Windows Update and Microsoft Update to help keep the device secure. Also, the device will not be able to acquire and update apps from the Store. | Source process | Protocol | Destination | |----------------|----------|------------| -| svchost | HTTPS | fe2.update.microsoft.com | -| svchost | | fe3.delivery.mp.microsoft.com | -| | | fe3.delivery.dsp.mp.microsoft.com.nsatc.net | -| svchost | HTTPS | sls.update.microsoft.com | -| | HTTP | *.dl.delivery.mp.microsoft.com | +| svchost | HTTPS | *.update.microsoft.com | +| svchost | HTTPS | *.delivery.mp.microsoft.com | The following endpoint is used for content regulation. If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), the Windows Update Agent will be unable to contact the endpoint and fallback behavior will be used. This may result in content being either incorrectly downloaded or not downloaded at all. @@ -495,13 +463,6 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper |----------------|----------|------------| | svchost | HTTPS | tsfe.trafficshaping.dsp.mp.microsoft.com | -The following endpoints are used to download content. -If you [turn off traffic for these endpoints](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-wu), you will block any content from being downloaded. - -| Source process | Protocol | Destination | -|----------------|----------|------------| -| | | a122.dscd.akamai.net | -| | | a1621.g.akamai.net | ## Microsoft forward link redirection service (FWLink) @@ -528,4 +489,4 @@ To view endpoints for non-Enterprise Windows 10 editions, see: ## Related links - [Office 365 URLs and IP address ranges](https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US) -- [Network infrastructure requirements for Microsoft Intune](https://docs.microsoft.com/intune/get-started/network-infrastructure-requirements-for-microsoft-intune) \ No newline at end of file +- [Network infrastructure requirements for Microsoft Intune](https://docs.microsoft.com/intune/get-started/network-infrastructure-requirements-for-microsoft-intune) diff --git a/windows/privacy/windows-diagnostic-data.md b/windows/privacy/windows-diagnostic-data.md index 2b73716da2..dcf4d2be83 100644 --- a/windows/privacy/windows-diagnostic-data.md +++ b/windows/privacy/windows-diagnostic-data.md @@ -22,13 +22,13 @@ Applies to: - Windows 10, version 1803 - Windows 10, version 1709 -Microsoft uses Windows diagnostic data to keep Windows secure and up-to-date, troubleshoot problems, and make product improvements. For users who have turned on "Tailored experiences", it can also be used to offer you personalized tips, ads, and recommendations to enhance Microsoft products and services for your needs. This article describes all types of diagnostic data collected by Windows at the Full level (inclusive of data collected at Basic), with comprehensive examples of data we collect per each type. For additional, detailed technical descriptions of Basic data items, see [Windows 10, version 1803 Basic level diagnostic events and fields](https://docs.microsoft.com/windows/configuration/basic-level-windows-diagnostic-events-and-fields). +Microsoft uses Windows diagnostic data to keep Windows secure and up-to-date, troubleshoot problems, and make product improvements. For users who have turned on "Tailored experiences", it can also be used to offer you personalized tips, ads, and recommendations to enhance Microsoft products and services for your needs. This article describes all types of diagnostic data collected by Windows at the Full level (inclusive of data collected at Basic), with comprehensive examples of data we collect per each type. For additional, detailed technical descriptions of Basic data items, see [Windows 10, version 1809 Basic level diagnostic events and fields](https://docs.microsoft.com/windows/configuration/basic-level-windows-diagnostic-events-and-fields). In addition, this article provides references to equivalent definitions for the data types and examples from [ISO/IEC 19944:2017 Information technology -- Cloud computing -- Cloud services and devices: Data flow, data categories and data use](https://www.iso.org/standard/66674.html). Each data type also has a Data Use statement, for diagnostics and for Tailored experiences on the device, using the terms as defined by the standard. These Data Use statements define the purposes for which Microsoft processes each type of Windows diagnostic data, using a uniform set of definitions referenced at the end of this document and based on the ISO standard. Reference to the ISO standard provides additional clarity about the information collected, and allows easy comparison with other services or guidance that also references the standard. The data covered in this article is grouped into the following types: -- Common data (diagnostic header information) +- Common data extensions (diagnostic header information) - Device, Connectivity, and Configuration data - Product and Service Usage data - Product and Service Performance data @@ -36,15 +36,15 @@ The data covered in this article is grouped into the following types: - Browsing History data - Inking, Typing, and Speech Utterance data -## Common data +## Common data extensions Most diagnostic events contain a header of common data. In each example, the info in parentheses provides the equivalent definition for ISO/IEC 19944:2017. -**Data Use for Common data** +**Data Use for Common data extensions** Header data supports the use of data associated with all diagnostic events. Therefore, Common data is used to [provide](#provide) Windows 10, and may be used to [improve](#improve), [personalize](#personalize), [recommend](#recommend), [offer](#offer), or [promote](#promote) Microsoft and third-party products and services, depending on the uses described in the **Data Use** statements for each data category. -### Data Description for Common data type +### Data Description for Common data extensions type -#### Common data type +#### Common data extensions type Information that is added to most diagnostic events, if relevant and available: @@ -506,6 +506,6 @@ Use of the specified data categories to promote a product or service in or on a Here are the list of data identification qualifiers and the ISO/IEC 19944:2017 reference: -- **Pseudonymized Data** 8.3.3 Pseudonymized data. Microsoft usage notes are as defined. -- **Anonymized Data** 8.3.5 Anonymized data. Microsoft usage notes are as defined. -- **Aggregated Data** 8.3.6 Aggregated data. Microsoft usage notes are as defined. \ No newline at end of file +- **Pseudonymized Data** 8.3.3 Pseudonymized data. Microsoft usage notes are as defined. +- **Anonymized Data** 8.3.5 Anonymized data. Microsoft usage notes are as defined. +- **Aggregated Data** 8.3.6 Aggregated data. Microsoft usage notes are as defined. \ No newline at end of file diff --git a/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md index 370860330f..b6be3b5acd 100644 --- a/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md @@ -40,52 +40,52 @@ We used the following methodology to derive these network endpoints: | **Destination** | **Protocol** | **Description** | | --- | --- | --- | -|*.aria.microsoft.com* | HTTPS | Office Telemetry -|*.dl.delivery.mp.microsoft.com* | HTTP | Enables connections to Windows Update. -|*.download.windowsupdate.com* | HTTP | Used to download operating system patches and updates. -|*.g.akamai.net | HTTPS | Used to check for updates to maps that have been downloaded for offline use. -|*.msn.com* |TLSv1.2/HTTPS | Windows Spotlight related traffic -|*.Skype.com | HTTP/HTTPS | Skype related traffic -|*.smartscreen.microsoft.com* | HTTPS | Windows Defender Smartscreen related traffic -|*.telecommand.telemetry.microsoft.com* | HTTPS | Used by Windows Error Reporting. -|*cdn.onenote.net* | HTTP | OneNote related traffic -|*displaycatalog.mp.microsoft.com* | HTTPS | Used to communicate with Microsoft Store. -|*emdl.ws.microsoft.com* | HTTP | Windows Update related traffic -|*geo-prod.do.dsp.mp.microsoft.com* |TLSv1.2/HTTPS | Enables connections to Windows Update. -|*hwcdn.net* | HTTP | Used by the Highwinds Content Delivery Network to perform Windows updates. -|*img-prod-cms-rt-microsoft-com.akamaized.net* | HTTPS | Used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps). -|*maps.windows.com* | HTTPS | Related to Maps application. -|*msedge.net* | HTTPS | Used by OfficeHub to get the metadata of Office apps. -|*nexusrules.officeapps.live.com* | HTTPS | Office Telemetry -|*photos.microsoft.com* | HTTPS | Photos App related traffic -|*prod.do.dsp.mp.microsoft.com* |TLSv1.2/HTTPS | Used for Windows Update downloads of apps and OS updates. -|*wac.phicdn.net* | HTTP | Windows Update related traffic -|*windowsupdate.com* | HTTP | Windows Update related traffic -|*wns.windows.com* | HTTPS, TLSv1.2 | Used for the Windows Push Notification Services (WNS). -|*wpc.v0cdn.net* | | Windows Telemetry related traffic +|\*.aria.microsoft.com\* | HTTPS | Office Telemetry +|\*.dl.delivery.mp.microsoft.com\* | HTTP | Enables connections to Windows Update. +|\*.download.windowsupdate.com\* | HTTP | Used to download operating system patches and updates. +|\*.g.akamai.net | HTTPS | Used to check for updates to maps that have been downloaded for offline use. +|\*.msn.com\* |TLSv1.2/HTTPS | Windows Spotlight related traffic +|\*.Skype.com | HTTP/HTTPS | Skype related traffic +|\*.smartscreen.microsoft.com\* | HTTPS | Windows Defender Smartscreen related traffic +|\*.telecommand.telemetry.microsoft.com\* | HTTPS | Used by Windows Error Reporting. +|\*cdn.onenote.net* | HTTP | OneNote related traffic +|\*displaycatalog.mp.microsoft.com\* | HTTPS | Used to communicate with Microsoft Store. +|\*emdl.ws.microsoft.com\* | HTTP | Windows Update related traffic +|\*geo-prod.do.dsp.mp.microsoft.com\* |TLSv1.2/HTTPS | Enables connections to Windows Update. +|\*hwcdn.net* | HTTP | Used by the Highwinds Content Delivery Network to perform Windows updates. +|\*img-prod-cms-rt-microsoft-com.akamaized.net* | HTTPS | Used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps). +|\*maps.windows.com\* | HTTPS | Related to Maps application. +|\*msedge.net* | HTTPS | Used by OfficeHub to get the metadata of Office apps. +|\*nexusrules.officeapps.live.com\* | HTTPS | Office Telemetry +|\*photos.microsoft.com\* | HTTPS | Photos App related traffic +|\*prod.do.dsp.mp.microsoft.com\* |TLSv1.2/HTTPS | Used for Windows Update downloads of apps and OS updates. +|\*wac.phicdn.net* | HTTP | Windows Update related traffic +|\*windowsupdate.com\* | HTTP | Windows Update related traffic +|\*wns.windows.com\* | HTTPS, TLSv1.2 | Used for the Windows Push Notification Services (WNS). +|\*wpc.v0cdn.net* | | Windows Telemetry related traffic |auth.gfx.ms/16.000.27934.1/OldConvergedLogin_PCore.js | | MSA related |evoke-windowsservices-tas.msedge* | HTTPS | The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office Online. To turn off traffic for this endpoint, either uninstall the Photos app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them. -|fe2.update.microsoft.com* |TLSv1.2/HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. -|fe3.*.mp.microsoft.com.* |TLSv1.2/HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. +|fe2.update.microsoft.com\* |TLSv1.2/HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. +|fe3.\*.mp.microsoft.com.\* |TLSv1.2/HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. |fs.microsoft.com | | Font Streaming (in ENT traffic) -|g.live.com* | HTTPS | Used by OneDrive +|g.live.com\* | HTTPS | Used by OneDrive |iriscoremetadataprod.blob.core.windows.net | HTTPS | Windows Telemetry -|mscrl.micorosoft.com | | Certificate Revocation List related traffic. -|ocsp.digicert.com* | HTTP | CRL and OCSP checks to the issuing certificate authorities. +|mscrl.microsoft.com | | Certificate Revocation List related traffic. +|ocsp.digicert.com\* | HTTP | CRL and OCSP checks to the issuing certificate authorities. |officeclient.microsoft.com | HTTPS | Office related traffic. |oneclient.sfx.ms* | HTTPS | Used by OneDrive for Business to download and verify app updates. -|purchase.mp.microsoft.com* | HTTPS | Used to communicate with Microsoft Store. -|query.prod.cms.rt.microsoft.com* | HTTPS | Used to retrieve Windows Spotlight metadata. -|ris.api.iris.microsoft.com* |TLSv1.2/HTTPS | Used to retrieve Windows Spotlight metadata. +|purchase.mp.microsoft.com\* | HTTPS | Used to communicate with Microsoft Store. +|query.prod.cms.rt.microsoft.com\* | HTTPS | Used to retrieve Windows Spotlight metadata. +|ris.api.iris.microsoft.com\* |TLSv1.2/HTTPS | Used to retrieve Windows Spotlight metadata. |ris-prod-atm.trafficmanager.net | HTTPS | Azure traffic manager -|settings.data.microsoft.com* | HTTPS | Used for Windows apps to dynamically update their configuration. -|settings-win.data.microsoft.com* | HTTPS | Used for Windows apps to dynamically update their configuration. -|sls.update.microsoft.com* |TLSv1.2/HTTPS | Enables connections to Windows Update. -|store*.dsx.mp.microsoft.com* | HTTPS | Used to communicate with Microsoft Store. -|storecatalogrevocation.storequality.microsoft.com* | HTTPS | Used to revoke licenses for malicious apps on the Microsoft Store. -|store-images.s-microsoft.com* | HTTP | Used to get images that are used for Microsoft Store suggestions. -|tile-service.weather.microsoft.com* | HTTP | Used to download updates to the Weather app Live Tile. -|tsfe.trafficshaping.dsp.mp.microsoft.com* |TLSv1.2 | Used for content regulation. +|settings.data.microsoft.com\* | HTTPS | Used for Windows apps to dynamically update their configuration. +|settings-win.data.microsoft.com\* | HTTPS | Used for Windows apps to dynamically update their configuration. +|sls.update.microsoft.com\* |TLSv1.2/HTTPS | Enables connections to Windows Update. +|store*.dsx.mp.microsoft.com\* | HTTPS | Used to communicate with Microsoft Store. +|storecatalogrevocation.storequality.microsoft.com\* | HTTPS | Used to revoke licenses for malicious apps on the Microsoft Store. +|store-images.s-microsoft.com\* | HTTP | Used to get images that are used for Microsoft Store suggestions. +|tile-service.weather.microsoft.com\* | HTTP | Used to download updates to the Weather app Live Tile. +|tsfe.trafficshaping.dsp.mp.microsoft.com\* |TLSv1.2 | Used for content regulation. |v10.events.data.microsoft.com | HTTPS | Diagnostic Data |wdcp.microsoft.* |TLSv1.2 | Used for Windows Defender when Cloud-based Protection is enabled. |wd-prod-cp-us-west-1-fe.westus.cloudapp.azure.com | HTTPS | Windows Defender related traffic. @@ -111,7 +111,7 @@ We used the following methodology to derive these network endpoints: | ipv4.login.msa.akadns6.net | HTTPS | Used for Microsoft accounts to sign in. | | location-inference-westus.cloudapp.net | HTTPS | Used for location data. | | modern.watson.data.microsoft.com.akadns.net | HTTPS | Used by Windows Error Reporting. | -| ocsp.digicert.com* | HTTP | CRL and OCSP checks to the issuing certificate authorities. | +| ocsp.digicert.com\* | HTTP | CRL and OCSP checks to the issuing certificate authorities. | | ris.api.iris.microsoft.com.akadns.net | HTTPS | Used to retrieve Windows Spotlight metadata. | | tile-service.weather.microsoft.com/* | HTTP | Used to download updates to the Weather app Live Tile. | | tsfe.trafficshaping.dsp.mp.microsoft.com | HTTPS | Used for content regulation. | @@ -127,10 +127,10 @@ We used the following methodology to derive these network endpoints: | *.g.akamaiedge.net | HTTPS | Used to check for updates to maps that have been downloaded for offline use. | | *.s-msedge.net | HTTPS | Used by OfficeHub to get the metadata of Office apps. | | *.telecommand.telemetry.microsoft.com.akadns.net | HTTPS | Used by Windows Error Reporting. | -| *.tlu.dl.delivery.mp.microsoft.com* | HTTP | Enables connections to Windows Update. | -| *.windowsupdate.com* | HTTP | Enables connections to Windows Update. | +| *.tlu.dl.delivery.mp.microsoft.com\* | HTTP | Enables connections to Windows Update. | +| *.windowsupdate.com\* | HTTP | Enables connections to Windows Update. | | *geo-prod.do.dsp.mp.microsoft.com | HTTPS | Enables connections to Windows Update. | -| au.download.windowsupdate.com* | HTTP | Enables connections to Windows Update. | +| au.download.windowsupdate.com\* | HTTP | Enables connections to Windows Update. | | cdn.onenote.net/livetile/* | HTTPS | Used for OneNote Live Tile. | | client-office365-tas.msedge.net/* | HTTPS | Used to connect to the Office 365 portal’s shared infrastructure, including Office Online. | | config.edge.skype.com/* | HTTPS | Used to retrieve Skype configuration values. | @@ -151,7 +151,7 @@ We used the following methodology to derive these network endpoints: | maps.windows.com/windows-app-web-link | HTTPS | Link to Maps application | | modern.watson.data.microsoft.com.akadns.net | HTTPS | Used by Windows Error Reporting. | | ocos-office365-s2s.msedge.net/* | HTTPS | Used to connect to the Office 365 portal's shared infrastructure. | -| ocsp.digicert.com* | HTTP | CRL and OCSP checks to the issuing certificate authorities. | +| ocsp.digicert.com\* | HTTP | CRL and OCSP checks to the issuing certificate authorities. | | oneclient.sfx.ms/* | HTTPS | Used by OneDrive for Business to download and verify app updates. | | settings-win.data.microsoft.com/settings/* | HTTPS | Used as a way for apps to dynamically update their configuration. | | sls.update.microsoft.com/* | HTTPS | Enables connections to Windows Update. | diff --git a/windows/release-information/TOC.md b/windows/release-information/TOC.md new file mode 100644 index 0000000000..188c87f7a3 --- /dev/null +++ b/windows/release-information/TOC.md @@ -0,0 +1,23 @@ +# [Windows 10 release information](index.md) +## [Message center](windows-message-center.yml) +## [Version 1809 and Windows Server 2019](status-windows-10-1809-and-windows-server-2019.yml) +### [Resolved issues](resolved-issues-windows-10-1809-and-windows-server-2019.yml) +## [Version 1803](status-windows-10-1803.yml) +### [Resolved issues](resolved-issues-windows-10-1803.yml) +## [Version 1709](status-windows-10-1709.yml) +### [Resolved issues](resolved-issues-windows-10-1709.yml) +## [Version 1703](status-windows-10-1703.yml) +### [Resolved issues](resolved-issues-windows-10-1703.yml) +## [Version 1607 and Windows Server 2016](status-windows-10-1607-and-windows-server-2016.yml) +### [Resolved issues](resolved-issues-windows-10-1607.yml) +## [Version 1507](status-windows-10-1507.yml) +### [Resolved issues](resolved-issues-windows-10-1507.yml) +## Previous versions +### [Windows 8.1 and Windows Server 2012 R2](status-windows-8.1-and-windows-server-2012-r2.yml) +####[Resolved issues](resolved-issues-windows-8.1-and-windows-server-2012-r2.yml) +### [Windows Server 2012](status-windows-server-2012.yml) +####[Resolved issues](resolved-issues-windows-server-2012.yml) +### [Windows 7 and Windows Server 2008 R2](status-windows-7-and-windows-server-2008-r2-sp1.yml) +####[Resolved issues](resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml) +### [Windows Server 2008 SP2](status-windows-server-2008-sp2.yml) +####[Resolved issues](resolved-issues-windows-server-2008-sp2.yml) \ No newline at end of file diff --git a/windows/release-information/breadcrumb/toc.yml b/windows/release-information/breadcrumb/toc.yml new file mode 100644 index 0000000000..61d8fca61e --- /dev/null +++ b/windows/release-information/breadcrumb/toc.yml @@ -0,0 +1,3 @@ +- name: Docs + tocHref: / + topicHref: / \ No newline at end of file diff --git a/windows/release-information/docfx.json b/windows/release-information/docfx.json new file mode 100644 index 0000000000..a91619d79b --- /dev/null +++ b/windows/release-information/docfx.json @@ -0,0 +1,50 @@ +{ + "build": { + "content": [ + { + "files": [ + "**/*.md", + "**/*.yml" + ], + "exclude": [ + "**/obj/**", + "**/includes/**", + "_themes/**", + "_themes.pdf/**", + "README.md", + "LICENSE", + "LICENSE-CODE", + "ThirdPartyNotices" + ] + } + ], + "resource": [ + { + "files": [ + "**/*.png", + "**/*.jpg" + ], + "exclude": [ + "**/obj/**", + "**/includes/**", + "_themes/**", + "_themes.pdf/**" + ] + } + ], + "overwrite": [], + "externalReference": [], + "globalMetadata": { + "breadcrumb_path": "/windows/windows-10/breadcrumb/toc.json", + "ms.prod": "w10", + "ms.date": "4/30/2019", + "titleSuffix": "Windows Release Information", + "extendBreadcrumb": true, + "feedback_system": "None" + }, + "fileMetadata": {}, + "template": [], + "dest": "release-information", + "markdownEngineName": "markdig" + } +} diff --git a/windows/hub/release-information.md b/windows/release-information/index.md similarity index 100% rename from windows/hub/release-information.md rename to windows/release-information/index.md diff --git a/windows/release-information/resolved-issues-windows-10-1507.yml b/windows/release-information/resolved-issues-windows-10-1507.yml new file mode 100644 index 0000000000..380ff97270 --- /dev/null +++ b/windows/release-information/resolved-issues-windows-10-1507.yml @@ -0,0 +1,105 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Resolved issues in Windows 10, version 1507 +metadata: + document_id: + title: Resolved issues in Windows 10, version 1507 + description: Resolved issues in Windows 10, version 1507 + keywords: ["Resolved issues in Windows 10", "Windows 10", "Windows 10, version 1507"] + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + See a list of known issues that have been resolved for Windows 10, version 1507 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page. + + " +- items: + - type: markdown + text: " +
+ " + +- title: Resolved issues +- items: + - type: markdown + text: " +
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Date resolved MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details >OS Build 10240.18094
January 08, 2019
KB4480962Resolved
KB4493475April 09, 2019
10:00 AM PTCustom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details >OS Build 10240.18158
March 12, 2019
KB4489872Resolved
KB4493475April 09, 2019
10:00 AM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >OS Build 10240.18132
February 12, 2019
KB4487018Resolved
KB4493475April 09, 2019
10:00 AM PTApplications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
See details >OS Build 10240.18132
February 12, 2019
KB4487018Resolved
KB4489872March 12, 2019
10:00 AM PTError 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.
See details >OS Build 10240.18132
February 12, 2019
KB4487018Resolved
KB4489872March 12, 2019
10:00 AM PTFirst character of Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details >OS Build 10240.18132
February 12, 2019
KB4487018Resolved
KB4489872March 12, 2019
10:00 AM PTInternet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
See details >OS Build 10240.18132
February 12, 2019
KB4487018Resolved
KB4491101February 21, 2019
02:00 PM PTApplications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.
See details >OS Build 10240.18094
January 08, 2019
KB4480962Resolved
KB4487018February 12, 2019
10:00 AM PTUnable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.
See details >OS Build 10240.18094
January 08, 2019
KB4480962Resolved
KB4487018February 12, 2019
10:00 AM PTUnable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details >OS Build 10240.18005
October 09, 2018
KB4462922Resolved
KB4471323December 11, 2018
10:00 AM PTGuest VMs running Unicast NLB fail to respond after restart
All guest virtual machines running Unicast NLB fail to respond to NLB requests after the virtual machines restart.
See details >OS Build 10240.17976
September 11, 2018
KB4457132Resolved
KB4462922October 09, 2018
10:00 AM PT++ " +- title: March 2019 +- items: + - type: markdown + text: " +
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Custom URI schemes may not start corresponding application After installing KB4489872, Custom URI Schemes for Application Protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue was resolved in KB4493475.
Back to topOS Build 10240.18158
March 12, 2019
KB4489872Resolved
KB4493475Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493475.
Back to topOS Build 10240.18132
February 12, 2019
KB4487018Resolved
KB4493475Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTApplications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489872.
Back to topOS Build 10240.18132
February 12, 2019
KB4487018Resolved
KB4489872Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTError 1309 when installing/uninstalling MSI or MSP files After installing KB4487018, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489872.
Back to topOS Build 10240.18132
February 12, 2019
KB4487018Resolved
KB4489872Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTFirst character of Japanese era name not recognized After installing KB4487018, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489872.
Back to topOS Build 10240.18132
February 12, 2019
KB4487018Resolved
KB4489872Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTInternet Explorer may fail to load images After installing KB4487018, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4491101.
Back to topOS Build 10240.18132
February 12, 2019
KB4487018Resolved
KB4491101Resolved:
February 21, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT
+ " + +- title: October 2018 +- items: + - type: markdown + text: " +Details Originating update Status History MSXML6 may cause applications to stop responding After installing KB4480962, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493475.
Back to topOS Build 10240.18094
January 08, 2019
KB4480962Resolved
KB4493475Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTApplications using Microsoft Jet database fail to open Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, \"Unrecognized Database Format\".Affected platforms:- Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487018.
Back to topOS Build 10240.18094
January 08, 2019
KB4480962Resolved
KB4487018Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTUnable to access hotspots with third-party applications After installing KB4480962, third-party applications may have difficulty authenticating hotspots.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4487018.
Back to topOS Build 10240.18094
January 08, 2019
KB4480962Resolved
KB4487018Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT
+ " + +- title: September 2018 +- items: + - type: markdown + text: " +Details Originating update Status History Unable to use Seek bar in Windows Media Player After installing KB4462922, users may not be able to use the Seek bar in Windows Media Player when playing specific files. This issue does not affect normal playback.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471323.
Back to topOS Build 10240.18005
October 09, 2018
KB4462922Resolved
KB4471323Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT
+ " diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml new file mode 100644 index 0000000000..72407b6ba9 --- /dev/null +++ b/windows/release-information/resolved-issues-windows-10-1607.yml @@ -0,0 +1,135 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Resolved issues in Windows 10, version 1607 and Windows Server 2016 +metadata: + document_id: + title: Resolved issues in Windows 10, version 1607 and Windows Server 2016 + description: Resolved issues in Windows 10, version 1607 + keywords: ["Resolved issues in Windows 10", "Windows 10", "Windows 10, version 1607"] + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + See a list of known issues that have been resolved for Windows 10, version 1607 and Windows Server 2016 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page. + + " +- items: + - type: markdown + text: " +Details Originating update Status History Guest VMs running Unicast NLB fail to respond after restart All guest virtual machines running Unicast NLB fail to respond to NLB requests after the virtual machines restart.Affected platforms:- Client: Windows 10, version 1803; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015
- Server: Windows Server, version 1803
Resolution: This issue is resolved in KB4462922.
Back to topOS Build 10240.17976
September 11, 2018
KB4457132Resolved
KB4462922Resolved:
October 09, 2018
10:00 AM PT
Opened:
September 11, 2018
10:00 AM PT
+ " + +- title: Resolved issues +- items: + - type: markdown + text: " +
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Date resolved Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details >OS Build 14393.2848
March 12, 2019
KB4489882Resolved
KB4493473April 25, 2019
02:00 PM PTEnd-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup.
See details >OS Build 14393.2879
March 19, 2019
KB4489889Resolved
KB4493470April 09, 2019
10:00 AM PTInternet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details >OS Build 14393.2724
January 08, 2019
KB4480961Resolved
KB4493470April 09, 2019
10:00 AM PTMSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details >OS Build 14393.2724
January 08, 2019
KB4480961Resolved
KB4493470April 09, 2019
10:00 AM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >OS Build 14393.2791
February 12, 2019
KB4487026Resolved
KB4493470April 09, 2019
10:00 AM PTIssue hosting multiple terminal server sessions and a user logs off on Windows Server
In some cases, Windows Server will stop working and restart when hosting multiple terminal server sessions and a user logs off.
See details >OS Build 14393.2828
February 19, 2019
KB4487006Resolved
KB4489882March 12, 2019
10:00 AM PTError 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
See details >OS Build 14393.2791
February 12, 2019
KB4487026Resolved
KB4489882March 12, 2019
10:00 AM PTApplications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
See details >OS Build 14393.2791
February 12, 2019
KB4487026Resolved
KB4487006February 19, 2019
02:00 PM PTFirst character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details >OS Build 14393.2759
January 17, 2019
KB4480977Resolved
KB4487006February 19, 2019
02:00 PM PTInternet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
See details >OS Build 14393.2791
February 12, 2019
KB4487026Resolved
KB4487006February 19, 2019
02:00 PM PTApplications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.
See details >OS Build 14393.2724
January 08, 2019
KB4480961Resolved
KB4487026February 12, 2019
10:00 AM PTInstant search in Microsoft Outlook fails on Windows Server 2016
Instant search in Microsoft Outlook clients fail with the error, \"Outlook cannot perform the search\" on Windows Server 2016.
See details >OS Build 14393.2639
November 27, 2018
KB4467684Resolved
KB4487026February 12, 2019
10:00 AM PTSqlConnection instantiation exception on .NET 4.6 and later
Instantiation of SqlConnection can throw an exception after certain updates have been installed.
See details >OS Build 14393.2457
August 30, 2018
KB4343884Resolved
KB4480977January 17, 2019
02:00 PM PTUnable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.
See details >OS Build 14393.2724
January 08, 2019
KB4480961Resolved
KB4480977January 17, 2019
02:00 PM PTSystem becomes unresponsive when end-user-defined characters (EUDC) are used
When features related to end-user-defined characters (EUDC) are used, the entire system may become unresponsive.
See details >OS Build 14393.2639
November 27, 2018
KB4467684Resolved
KB4471321December 11, 2018
10:00 AM PTUnable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details >OS Build 14393.2551
October 09, 2018
KB4462917Resolved
KB4471321December 11, 2018
10:00 AM PTIssues with install and activation of Key Management Service (KMS) (CSVLK) host keys
Installation and client activation of Windows Server 2019 and 1809 LTSC Key Management Service (KMS) (CSVLK) host keys do not work as expected.
See details >OS Build 14393.2457
August 30, 2018
KB4343884Resolved
KB4467684November 27, 2018
10:00 AM PTPromotions that create non-root domains fail with optional features enabled
Windows Server 2016 promotions that create non-root domains fail in forests in which optional features like Active Directory recycle have been enabled.
See details >OS Build 14393.2515
September 20, 2018
KB4457127Resolved
KB4467684November 27, 2018
10:00 AM PT++ " +- title: March 2019 +- items: + - type: markdown + text: " +
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Custom URI schemes may not start corresponding application After installing KB4489882, Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493473.
Back to topOS Build 14393.2848
March 12, 2019
KB4489882Resolved
KB4493473Resolved:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PTEnd-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493470.
Back to topOS Build 14393.2879
March 19, 2019
KB4489889Resolved
KB4493470Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 19, 2019
10:00 AM PT
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493470.
Back to topOS Build 14393.2791
February 12, 2019
KB4487026Resolved
KB4493470Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTIssue hosting multiple terminal server sessions and a user logs off on Windows Server In some cases, Windows Server will stop working and restart when hosting multiple terminal server sessions and a user logs off. The faulting driver is win32kbase.sys.Affected platforms:- Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server 2016
Resolution: This issue is resolved in KB4489882.
Back to topOS Build 14393.2828
February 19, 2019
KB4487006Resolved
KB4489882Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 19, 2019
02:00 PM PTError 1309 when installing/uninstalling MSI or MSP files After installing KB4487026, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489882.
Back to topOS Build 14393.2791
February 12, 2019
KB4487026Resolved
KB4489882Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTApplications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487006.
Back to topOS Build 14393.2791
February 12, 2019
KB4487026Resolved
KB4487006Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PTInternet Explorer may fail to load images After installing KB4487026, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4487006.
Back to topOS Build 14393.2791
February 12, 2019
KB4487026Resolved
KB4487006Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT
+ " + +- title: November 2018 +- items: + - type: markdown + text: " +Details Originating update Status History Internet Explorer 11 authentication issue with multiple concurrent logons After installing KB4480961, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:- Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue was resolved in KB4493470.
Back to topOS Build 14393.2724
January 08, 2019
KB4480961Resolved
KB4493470Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTMSXML6 may cause applications to stop responding After installing KB4480961, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493470.
Back to topOS Build 14393.2724
January 08, 2019
KB4480961Resolved
KB4493470Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTFirst character of the Japanese era name not recognized as an abbreviation After installing KB4480977, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487006.
Back to topOS Build 14393.2759
January 17, 2019
KB4480977Resolved
KB4487006Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 17, 2019
02:00 PM PTApplications using Microsoft Jet database fail to open Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, “Unrecognized Database Format”.Affected platforms:- Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487026.
Back to topOS Build 14393.2724
January 08, 2019
KB4480961Resolved
KB4487026Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTUnable to access hotspots with third-party applications After installing KB4480961, third-party applications may have difficulty authenticating hotspots.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4480977.
Back to topOS Build 14393.2724
January 08, 2019
KB4480961Resolved
KB4480977Resolved:
January 17, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT
+ " + +- title: October 2018 +- items: + - type: markdown + text: " +Details Originating update Status History Instant search in Microsoft Outlook fails on Windows Server 2016 After installing KB4467684 on Windows Server 2016, instant search in Microsoft Outlook clients fail with the error, \"Outlook cannot perform the search\".Affected platforms:- Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server 2016
Resolution: This issue is resolved in KB4487026.
Back to topOS Build 14393.2639
November 27, 2018
KB4467684Resolved
KB4487026Resolved:
February 12, 2019
10:00 AM PT
Opened:
November 27, 2018
10:00 AM PTSystem becomes unresponsive when end-user-defined characters (EUDC) are used When features related to end-user-defined characters (EUDC) are used, the entire system may become unresponsive.Affected platforms:- Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server 2016
Resolution: This issue is resolved in KB4471321.
Back to topOS Build 14393.2639
November 27, 2018
KB4467684Resolved
KB4471321Resolved:
December 11, 2018
10:00 AM PT
Opened:
November 27, 2018
10:00 AM PT
+ " + +- title: September 2018 +- items: + - type: markdown + text: " +Details Originating update Status History Unable to use Seek bar in Windows Media Player After installing KB4462917, users may not be able to use the Seek bar in Windows Media Player when playing specific files. This issue does not affect normal playback.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471321.
Back to topOS Build 14393.2551
October 09, 2018
KB4462917Resolved
KB4471321Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT
+ " + +- title: August 2018 +- items: + - type: markdown + text: " +Details Originating update Status History Promotions that create non-root domains fail with optional features enabled After installing KB4457127, Windows Server 2016 promotions that create non-root domains fail in forests in which optional features like Active Directory recycle have been enabled. The error is, “The replication operation encountered a database error.”Affected platforms:- Server: Windows Server 2016
Resolution: This issue is resolved in KB4467684.
Back to topOS Build 14393.2515
September 20, 2018
KB4457127Resolved
KB4467684Resolved:
November 27, 2018
10:00 AM PT
Opened:
September 20, 2018
10:00 AM PT
+ " diff --git a/windows/release-information/resolved-issues-windows-10-1703.yml b/windows/release-information/resolved-issues-windows-10-1703.yml new file mode 100644 index 0000000000..a32bfe383c --- /dev/null +++ b/windows/release-information/resolved-issues-windows-10-1703.yml @@ -0,0 +1,113 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Resolved issues in Windows 10, version 1703 +metadata: + document_id: + title: Resolved issues in Windows 10, version 1703 + description: Resolved issues in Windows 10, version 1703 + keywords: ["Resolved issues in Windows 10", "Windows 10", "Windows 10, version 1703"] + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + See a list of known issues that have been resolved for Windows 10, version 1703 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page. + + " +- items: + - type: markdown + text: " +Details Originating update Status History SqlConnection instantiation exception on .NET 4.6 and later After you install the August Preview of Quality Rollup or September 11, 2018 .NET Framework update, instantiation of SqlConnection can throw an exception.For more information about this issue, see the following article in the Microsoft Knowledge Base: 4470809, SqlConnection instantiation exception on .NET 4.6 and later after August-September 2018 .NET Framework updates.Affected platforms:- Client: Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue is resolved in KB4480977.
Back to topOS Build 14393.2457
August 30, 2018
KB4343884Resolved
KB4480977Resolved:
January 17, 2019
02:00 PM PT
Opened:
August 30, 2018
05:00 PM PTIssues with install and activation of Key Management Service (KMS) (CSVLK) host keys After installing KB4343884, installation and client activation of Windows Server 2019 and Windows 10 Enterprise 2019 LTSC Key Management Service (KMS) CSVLK host keys do not work as expected.Affected platforms:- Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server 2016
Resolution: This issue is resolved in KB4467684.
Back to topOS Build 14393.2457
August 30, 2018
KB4343884Resolved
KB4467684Resolved:
November 27, 2018
10:00 AM PT
Opened:
August 30, 2018
05:00 PM PT
+ " + +- title: Resolved issues +- items: + - type: markdown + text: " +
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Date resolved Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details >OS Build 15063.1689
March 12, 2019
KB4489871Resolved
KB4493436April 25, 2019
02:00 PM PTEnd-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details >OS Build 15063.1716
March 19, 2019
KB4489888Resolved
KB4493474April 09, 2019
10:00 AM PTMSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details >OS Build 15063.1563
January 08, 2019
KB4480973Resolved
KB4493474April 09, 2019
10:00 AM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >OS Build 15063.1631
February 12, 2019
KB4487020Resolved
KB4493474April 09, 2019
10:00 AM PTError 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
See details >OS Build 15063.1659
February 19, 2019
KB4487011Resolved
KB4489871March 12, 2019
10:00 AM PTFirst character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details >OS Build 15063.1596
January 15, 2019
KB4480959Resolved
KB4487011February 19, 2019
02:00 PM PTInternet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
See details >OS Build 15063.1631
February 12, 2019
KB4487020Resolved
KB4487011February 19, 2019
02:00 PM PTApplications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
See details >OS Build 15063.1631
February 12, 2019
KB4487020Resolved
KB4487011February 19, 2019
10:00 AM PTApplications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.
See details >OS Build 15063.1563
January 08, 2019
KB4480973Resolved
KB4487020February 12, 2019
10:00 AM PTWebpages become unresponsive in Microsoft Edge
Microsoft Edge users report difficulty browsing and loading webpages.
See details >OS Build 15063.1563
January 08, 2019
KB4480973Resolved
KB4487020February 12, 2019
10:00 AM PTSqlConnection instantiation exception on .NET 4.6 and later
Instantiation of SqlConnection can throw an exception after certain updates have been installed.
See details >OS Build 15063.1292
August 30, 2018
KB4343889Resolved
KB4480959January 15, 2019
10:00 AM PTUnable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.
See details >OS Build 15063.1563
January 08, 2019
KB4480973Resolved
KB4480959January 15, 2019
10:00 AM PTUnable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details >OS Build 15063.1387
October 09, 2018
KB4462937Resolved
KB4471327December 11, 2018
10:00 AM PTLongonUI.exe stops working intermittently
LongonUI.exe stops working intermittently.
See details >OS Build 15063.1387
October 09, 2018
KB4462937Resolved
KB4467699November 27, 2018
10:00 AM PTError message beginning with “Hosted by…” when launching Microsoft Edge
Some users may encounter an error message beginning with “Hosted by…” when launching Microsoft Edge.
See details >OS Build 15063.1387
October 09, 2018
KB4462937Resolved
KB4462939October 18, 2018
10:00 AM PT++ " +- title: March 2019 +- items: + - type: markdown + text: " +
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Custom URI schemes may not start corresponding application After installing KB4489871, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493436.
Back to topOS Build 15063.1689
March 12, 2019
KB4489871Resolved
KB4493436Resolved:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PTEnd-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493474.
Back to topOS Build 15063.1716
March 19, 2019
KB4489888Resolved
KB4493474Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 19, 2019
10:00 AM PT
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493474.
Back to topOS Build 15063.1631
February 12, 2019
KB4487020Resolved
KB4493474Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTError 1309 when installing/uninstalling MSI or MSP files After installing KB4487011, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489871.
Back to topOS Build 15063.1659
February 19, 2019
KB4487011Resolved
KB4489871Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 19, 2019
02:00 PM PTInternet Explorer may fail to load images After installing KB4487020, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4487011.
Back to topOS Build 15063.1631
February 12, 2019
KB4487020Resolved
KB4487011Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PTApplications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487011.
Back to topOS Build 15063.1631
February 12, 2019
KB4487020Resolved
KB4487011Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT
+ " + +- title: October 2018 +- items: + - type: markdown + text: " +Details Originating update Status History MSXML6 may cause applications to stop responding After installing KB4480973, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493474.
Back to topOS Build 15063.1563
January 08, 2019
KB4480973Resolved
KB4493474Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTFirst character of the Japanese era name not recognized as an abbreviation After installing KB4480959, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487011.
Back to topOS Build 15063.1596
January 15, 2019
KB4480959Resolved
KB4487011Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 15, 2019
10:00 AM PTApplications using Microsoft Jet database fail to open Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, “Unrecognized Database Format”.Affected platforms:- Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487020.
Back to topOS Build 15063.1563
January 08, 2019
KB4480973Resolved
KB4487020Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTWebpages become unresponsive in Microsoft Edge After installing KB4480973, some Microsoft Edge users report that they:- Cannot load web pages using a local IP address.
- Cannot load web pages on the Internet using a VPN connection.
Browsing fails or the web page may become unresponsive.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue is resolved in KB4486996.
Back to topOS Build 15063.1563
January 08, 2019
KB4480973Resolved
KB4487020Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTUnable to access hotspots with third-party applications After installing KB4480973, third-party applications may have difficulty authenticating hotspots.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4480959.
Back to topOS Build 15063.1563
January 08, 2019
KB4480973Resolved
KB4480959Resolved:
January 15, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT
+ " + +- title: August 2018 +- items: + - type: markdown + text: " +Details Originating update Status History Unable to use Seek bar in Windows Media Player After installing KB4462937, users may not be able to use the Seek bar in Windows Media Player when playing specific files. This issue does not affect normal playback.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471327.
Back to topOS Build 15063.1387
October 09, 2018
KB4462937Resolved
KB4471327Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PTLongonUI.exe stops working intermittently After installing KB4462937, LogonUI.exe stops working intermittently.Affected platforms:- Windows 10, version 1703
Resolution: This issue is resolved in KB4467699.
Back to topOS Build 15063.1387
October 09, 2018
KB4462937Resolved
KB4467699Resolved:
November 27, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PTError message beginning with “Hosted by…” when launching Microsoft Edge After installing KB4462937, some users may see a dialog box with a non-applicable message beginning with the words “Hosted by...” when first starting Microsoft Edge.This dialog will only appear once if they have turned on “Block only third-party cookies” in Microsoft Edge and applied certain language packs before installing this update.Affected platforms:- Client: Windows 10, version 1709; Windows 10, version 1703
- Server: Windows Server, version 1709
Resolution: This issue is resolved in KB4462939.
Back to topOS Build 15063.1387
October 09, 2018
KB4462937Resolved
KB4462939Resolved:
October 18, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT
+ " diff --git a/windows/release-information/resolved-issues-windows-10-1709.yml b/windows/release-information/resolved-issues-windows-10-1709.yml new file mode 100644 index 0000000000..2893c090ed --- /dev/null +++ b/windows/release-information/resolved-issues-windows-10-1709.yml @@ -0,0 +1,113 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Resolved issues in Windows 10, version 1709 and Windows Server, vesion 1709 +metadata: + document_id: + title: Resolved issues in Windows 10, version 1709 and Windows Server, vesion 1709 + description: Resolved issues in Windows 10, version 1709 and Windows Server 1709 + keywords: ["Resolved issues in Windows 10", "Windows 10", "Windows 10, version 1709"] + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + See a list of known issues that have been resolved for Windows 10, version 1709 and Windows Server, version 1709 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page. + + " +- items: + - type: markdown + text: " +Details Originating update Status History SqlConnection instantiation exception on .NET 4.6 and later After you install the August Preview of Quality Rollup or September 11, 2018 .NET Framework update, instantiation of SqlConnection can throw an exception.For more information about this issue, see the following article in the Microsoft Knowledge Base:4470809 SqlConnection instantiation exception on .NET 4.6 and later after August-September 2018 .NET Framework updates.Affected platforms:- Client: Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue is resolved in KB4480959.
Back to topOS Build 15063.1292
August 30, 2018
KB4343889Resolved
KB4480959Resolved:
January 15, 2019
10:00 AM PT
Opened:
August 30, 2018
05:00 PM PT
+ " + +- title: Resolved issues +- items: + - type: markdown + text: " +
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Date resolved Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details >OS Build 16299.1029
March 12, 2019
KB4489886Resolved
KB4493440April 25, 2019
02:00 PM PTEnd-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details >OS Build 16299.1059
March 19, 2019
KB4489890Resolved
KB4493441April 09, 2019
10:00 AM PTMSXML6 causes applications to stop responding if an exception was thrown
MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details >OS Build 16299.904
January 08, 2019
KB4480978Resolved
KB4493441April 09, 2019
10:00 AM PTStop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.
See details >OS Build 16299.1029
March 12, 2019
KB4489886Resolved
KB4493441April 09, 2019
10:00 AM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >OS Build 16299.967
February 12, 2019
KB4486996Resolved
KB4493441April 09, 2019
10:00 AM PTError 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
See details >OS Build 16299.967
February 12, 2019
KB4486996Resolved
KB4489886March 12, 2019
10:00 AM PTApplications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
See details >OS Build 16299.967
February 12, 2019
KB4486996Resolved
KB4487021February 19, 2019
02:00 PM PTFirst character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details >OS Build 16299.936
January 15, 2019
KB4480967Resolved
KB4487021February 19, 2019
02:00 PM PTInternet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
See details >OS Build 16299.967
February 12, 2019
KB4486996Resolved
KB4487021February 19, 2019
02:00 PM PTApplications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.
See details >OS Build 16299.904
January 08, 2019
KB4480978Resolved
KB4486996February 12, 2019
10:00 AM PTWebpages become unresponsive in Microsoft Edge
Microsoft Edge users report difficulty browsing and loading webpages.
See details >OS Build 16299.904
January 08, 2019
KB4480978Resolved
KB4486996February 12, 2019
10:00 AM PTSqlConnection instantiation exception on .NET 4.6 and later
Instantiation of SqlConnection can throw an exception after certain updates have been installed.
See details >OS Build 16299.637
August 30, 2018
KB4343893Resolved
KB4480967January 15, 2019
10:00 AM PTUnable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.
See details >OS Build 16299.904
January 08, 2019
KB4480978Resolved
KB4480967January 15, 2019
10:00 AM PTUnable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details >OS Build 16299.726
October 09, 2018
KB4462918Resolved
KB4471329December 11, 2018
10:00 AM PTError message beginning with “Hosted by…” when launching Microsoft Edge
Some users may encounter an error message beginning with “Hosted by…” when launching Microsoft Edge.
See details >OS Build 16299.726
October 09, 2018
KB4462918Resolved
KB4462932October 18, 2018
10:00 AM PT++ " +- title: March 2019 +- items: + - type: markdown + text: " +
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Custom URI schemes may not start corresponding application After installing KB4489886, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493440.
Back to topOS Build 16299.1029
March 12, 2019
KB4489886Resolved
KB4493440Resolved:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PTEnd-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue is resolved in KB4493441.
Back to topOS Build 16299.1059
March 19, 2019
KB4489890Resolved
KB4493441Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 19, 2019
10:00 AM PTStop error when attempting to start SSH from WSL After applying KB4489886, a stop error occurs when attempting to start the Secure Shell (SSH) client program from Windows Subsystem for Linux (WSL) with agent forwarding enabled using a command line switch (ssh –A) or a configuration setting.Affected platforms:- Client: Windows 10, version 1803; Windows 10, version 1709
- Server: Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue is resolved in KB4493441.
Back to topOS Build 16299.1029
March 12, 2019
KB4489886Resolved
KB4493441Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493441.
Back to topOS Build 16299.967
February 12, 2019
KB4486996Resolved
KB4493441Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTError 1309 when installing/uninstalling MSI or MSP files After installing KB4486996, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489886.
Back to topOS Build 16299.967
February 12, 2019
KB4486996Resolved
KB4489886Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTApplications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487021.
Back to topOS Build 16299.967
February 12, 2019
KB4486996Resolved
KB4487021Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PTInternet Explorer may fail to load images After installing KB4486996, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4487021.
Back to topOS Build 16299.967
February 12, 2019
KB4486996Resolved
KB4487021Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT
+ " + +- title: October 2018 +- items: + - type: markdown + text: " +Details Originating update Status History MSXML6 causes applications to stop responding if an exception was thrown After installing KB4480978, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493441.
Back to topOS Build 16299.904
January 08, 2019
KB4480978Resolved
KB4493441Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTFirst character of the Japanese era name not recognized as an abbreviation After installing KB4480967, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487021.
Back to topOS Build 16299.936
January 15, 2019
KB4480967Resolved
KB4487021Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 15, 2019
10:00 AM PTApplications using Microsoft Jet database fail to open Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, “Unrecognized Database Format.”Affected platforms:- Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4486996.
Back to topOS Build 16299.904
January 08, 2019
KB4480978Resolved
KB4486996Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTWebpages become unresponsive in Microsoft Edge After installing KB4480978, some Microsoft Edge users report that they:- Cannot load web pages using a local IP address.
- Cannot load web pages on the Internet using a VPN connection.
Browsing fails or the web page may become unresponsive.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue is resolved in KB4486996.
Back to topOS Build 16299.904
January 08, 2019
KB4480978Resolved
KB4486996Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTUnable to access hotspots with third-party applications After installing KB4480978, third-party applications may have difficulty authenticating hotspots.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4480967.
Back to topOS Build 16299.904
January 08, 2019
KB4480978Resolved
KB4480967Resolved:
January 15, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT
+ " + +- title: August 2018 +- items: + - type: markdown + text: " +Details Originating update Status History Unable to use Seek bar in Windows Media Player After installing KB4462918, users may not be able to use the Seek Bar in Windows Media Player when playing specific files. This issue does not affect normal playback.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471329.
Back to topOS Build 16299.726
October 09, 2018
KB4462918Resolved
KB4471329Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PTError message beginning with “Hosted by…” when launching Microsoft Edge After installing KB4462918, some users may see a dialog box with a non-applicable message beginning with the words “Hosted by...” when first starting Microsoft Edge.This dialog will only appear once if they have turned on “Block only third-party cookies” in Microsoft Edge and applied certain language packs before installing this update.Affected platforms:- Client: Windows 10, version 1709; Windows 10, version 1703
- Server: Windows Server, version 1709
Resolution: This issue is resolved in KB4462932.
Back to topOS Build 16299.726
October 09, 2018
KB4462918Resolved
KB4462932Resolved:
October 18, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT
+ " diff --git a/windows/release-information/resolved-issues-windows-10-1803.yml b/windows/release-information/resolved-issues-windows-10-1803.yml new file mode 100644 index 0000000000..8eaaa3f3c9 --- /dev/null +++ b/windows/release-information/resolved-issues-windows-10-1803.yml @@ -0,0 +1,147 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Resolved issues in Windows 10, version 1803 +metadata: + document_id: + title: Resolved issues in Windows 10, version 1803 + description: Resolved issues in Windows 10, version 1803 + keywords: ["Resolved issues in Windows 10", "Windows 10", "Windows 10, version 1803"] + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + See a list of known issues that have been resolved for Windows 10, version 1803 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page. + + " +- items: + - type: markdown + text: " +Details Originating update Status History SqlConnection instantiation exception on .NET 4.6 and later After you install the August Preview of Quality Rollup or September 11, 2018 .NET Framework update, instantiation of SqlConnection can throw an exception.For more information about this issue, see the following article in the Microsoft Knowledge Base:4470809 SqlConnection instantiation exception on .NET 4.6 and later after August-September 2018 .NET Framework updates.Affected platforms:- Client: Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue is resolved in KB4480967.
Back to topOS Build 16299.637
August 30, 2018
KB4343893Resolved
KB4480967Resolved:
January 15, 2019
10:00 AM PT
Opened:
August 30, 2018
05:00 PM PT
+ " + +- title: Resolved issues +- items: + - type: markdown + text: " +
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Date resolved Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details >OS Build 17134.648
March 12, 2019
KB4489868Resolved
KB4493437April 25, 2019
02:00 PM PTEnd-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details >OS Build 17134.677
March 19, 2019
KB4489894Resolved
KB4493464April 09, 2019
10:00 AM PTFirst character of the Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details >OS Build 17134.556
January 15, 2019
KB4480976Resolved
KB4487029April 09, 2019
10:00 AM PTMSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details >OS Build 17134.523
January 08, 2019
KB4480966Resolved
KB4493464April 09, 2019
10:00 AM PTStop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.
See details >OS Build 17134.648
March 12, 2019
KB4489868Resolved
KB4493464April 09, 2019
10:00 AM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >OS Build 17134.590
February 12, 2019
KB4487017Resolved
KB4493464April 09, 2019
10:00 AM PTError 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.
See details >OS Build 17134.590
February 12, 2019
KB4487017Resolved
KB4489868March 12, 2019
10:00 AM PTCannot pin a web link on the Start menu or the taskbar
Some users cannot pin a web link on the Start menu or the taskbar.
See details >OS Build 17134.471
December 11, 2018
KB4471324Resolved
KB4487029February 19, 2019
02:00 PM PTInternet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
See details >OS Build 17134.590
February 12, 2019
KB4487017Resolved
KB4487029February 19, 2019
02:00 PM PTApplications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
See details >OS Build 17134.523
January 08, 2019
KB4480966Resolved
KB4487017February 12, 2019
10:00 AM PTWebpages become unresponsive in Microsoft Edge
Microsoft Edge users report difficulty browsing and loading webpages.
See details >OS Build 17134.523
January 08, 2019
KB4480966Resolved
KB4487017February 12, 2019
10:00 AM PTSqlConnection instantiation exception on .NET 4.6 and later
After you install the August Preview of Quality Rollup or the September 11, 2018 .NET Framework update, instantiation of SqlConnection can throw an exception.
See details >OS Build 17134.285
September 11, 2018
KB4457128Resolved
KB4480976January 15, 2019
10:00 AM PTUnable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.
See details >OS Build 17134.523
January 08, 2019
KB4480966Resolved
KB4480976January 15, 2019
10:00 AM PTBlue or black screen with \"System thread exception not handled\" error
Some users may get a blue or black screen with the error code, “System thread exception not handled.”
See details >OS Build 17134.441
November 27, 2018
KB4467682Resolved
KB4471324December 11, 2018
10:00 AM PTCustom Start menu layouts display incorrectly
Custom Start menu layouts may display incorrectly.
See details >OS Build 17134.441
November 27, 2018
KB4467682Resolved
KB4471324December 11, 2018
10:00 AM PTUnable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details >OS Build 17134.345
October 09, 2018
KB4462919Resolved
KB4471324December 11, 2018
10:00 AM PTUsers cannot set Win32 program defaults
Some users cannot set Win32 program defaults for certain app and file type combinations.
See details >OS Build 17134.320
September 26, 2018
KB4458469Resolved
KB4467682November 27, 2018
10:00 AM PTDeveloper Tools (F12) fail to start in Microsoft Edge
Developer Tools (F12) may fail to start in Microsoft Edge.
See details >OS Build 17134.376
October 24, 2018
KB4462933Resolved
KB4467702November 13, 2018
10:00 AM PTGuest VMs running Unicast NLB fail to respond after restart
All guest virtual machines running Unicast NLB fail to respond to NLB requests after the virtual machines restart.
See details >OS Build 17134.285
September 11, 2018
KB4457128Resolved
KB4458469September 26, 2018
10:00 AM PTMicrosoft Intune takes a long time to deliver user profiles
Windows no longer recognizes the Personal Information exchange (PFX) certificate used for Wi-Fi or VPN authentication, causing delays in Microsoft Intune delivering user profiles.
See details >OS Build 17134.191
July 24, 2018
KB4340917Resolved
KB4464218September 17, 2018
10:00 AM PT++ " +- title: March 2019 +- items: + - type: markdown + text: " +
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Custom URI schemes may not start corresponding application After installing KB4489868, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493437.
Back to topOS Build 17134.648
March 12, 2019
KB4489868Resolved
KB4493437Resolved:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PTEnd-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493464.
Back to topOS Build 17134.677
March 19, 2019
KB4489894Resolved
KB4493464Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 19, 2019
10:00 AM PTStop error when attempting to start SSH from WSL After applying KB4489868, a stop error occurs when attempting to start the Secure Shell (SSH) client program from Windows Subsystem for Linux (WSL) with agent forwarding enabled using a command line switch (ssh -A) or a configuration setting.Affected platforms:- Client: Windows 10, version 1803; Windows 10, version 1709
- Server: Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue was resolved in KB4493464.
Back to topOS Build 17134.648
March 12, 2019
KB4489868Resolved
KB4493464Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493464.
Back to topOS Build 17134.590
February 12, 2019
KB4487017Resolved
KB4493464Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTError 1309 when installing/uninstalling MSI or MSP files After installing KB4487017, users may received \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489868.
Back to topOS Build 17134.590
February 12, 2019
KB4487017Resolved
KB4489868Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTInternet Explorer may fail to load images After installing KB4487017, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4487029.
Back to topOS Build 17134.590
February 12, 2019
KB4487017Resolved
KB4487029Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT
+ " + +- title: December 2018 +- items: + - type: markdown + text: " +Details Originating update Status History First character of the Japanese era name not recognized After installing KB4480976, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487029.
Back to topOS Build 17134.556
January 15, 2019
KB4480976Resolved
KB4487029Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PTMSXML6 may cause applications to stop responding After installing KB4480966, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493464.
Back to topOS Build 17134.523
January 08, 2019
KB4480966Resolved
KB4493464Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTApplications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487017.
Back to topOS Build 17134.523
January 08, 2019
KB4480966Resolved
KB4487017Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTWebpages become unresponsive in Microsoft Edge After installing KB4480966, some Microsoft Edge users report that they:- Cannot load web pages using a local IP address.
- Cannot load web pages on the Internet using a VPN connection.
Browsing fails or the web page may become unresponsive.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue is resolved in KB4487017.
Back to topOS Build 17134.523
January 08, 2019
KB4480966Resolved
KB4487017Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTUnable to access hotspots with third-party applications After installing KB4480966, third-party applications may have difficulty authenticating hotspots.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4480976.
Back to topOS Build 17134.523
January 08, 2019
KB4480966Resolved
KB4480976Resolved:
January 15, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT
+ " + +- title: November 2018 +- items: + - type: markdown + text: " +Details Originating update Status History Cannot pin a web link on the Start menu or the taskbar After installing KB4471324, some users cannot pin a web link on the Start menu or the taskbar.Affected platforms:- Client: Windows 10, version 1803
- Server: Windows Server, version 1803
Resolution: This issue is resolved in KB4487029.
Back to topOS Build 17134.471
December 11, 2018
KB4471324Resolved
KB4487029Resolved:
February 19, 2019
02:00 PM PT
Opened:
December 11, 2018
10:00 AM PT
+ " + +- title: October 2018 +- items: + - type: markdown + text: " +Details Originating update Status History Blue or black screen with \"System thread exception not handled\" error After installing KB4467682, an optional update, some users may get a blue or black screen with the error code, \"System thread exception not handled.\"Affected platforms:- Client: Windows 10, version 1803
- Server: Windows Server, version 1803
Resolution: This issue is resolved in KB4471324.
Back to topOS Build 17134.441
November 27, 2018
KB4467682Resolved
KB4471324Resolved:
December 11, 2018
10:00 AM PT
Opened:
November 27, 2018
10:00 AM PTCustom Start menu layouts display incorrectly After installing KB4467682, custom Start menu layouts may display incorrectly.Affected platforms:- Client: Windows 10, version 1803
- Server: Windows Server, version 1803
Resolution: This issue is resolved in KB4471324.
Back to topOS Build 17134.441
November 27, 2018
KB4467682Resolved
KB4471324Resolved:
December 11, 2018
10:00 AM PT
Opened:
November 27, 2018
10:00 AM PT
+ " + +- title: September 2018 +- items: + - type: markdown + text: " +Details Originating update Status History Unable to use Seek bar in Windows Media Player After installing KB4462919, users may not be able to use the Seek bar in Windows Media Player when playing specific files. This issue does not affect normal playback.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471324.
Back to topOS Build 17134.345
October 09, 2018
KB4462919Resolved
KB4471324Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PTDeveloper Tools (F12) fail to start in Microsoft Edge Developer Tools (F12) may fail to start in Microsoft Edge.Affected platforms:- Client: Windows 10, version 1803
- Server: Windows Server, version 1803
Resolution: This issue is resolved in KB4467702.
Back to topOS Build 17134.376
October 24, 2018
KB4462933Resolved
KB4467702Resolved:
November 13, 2018
10:00 AM PT
Opened:
October 24, 2018
02:00 PM PT
+ " + +- title: July 2018 +- items: + - type: markdown + text: " +Details Originating update Status History SqlConnection instantiation exception on .NET 4.6 and later After you install the August Preview of Quality Rollup or September 11, 2018 .NET Framework update, instantiation of SqlConnection can throw an exception.For more information about this issue, see the following article in the Microsoft Knowledge Base: 4470809, SqlConnection instantiation exception on .NET 4.6 and later after August-September 2018 .NET Framework updates.Affected platforms:- Client: Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue is resolved in KB4480976.
Back to topOS Build 17134.285
September 11, 2018
KB4457128Resolved
KB4480976Resolved:
January 15, 2019
10:00 AM PT
Opened:
September 11, 2018
10:00 AM PTUsers cannot set Win32 program defaults After installing KB4458469, some users cannot set Win32 program defaults for certain app and file type combinations using the Open with... command or Settings > Apps > Default apps.In some cases, Microsoft Notepad or other Win32 programs cannot be set as the default.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803
Resolution: This issue is resolved in KB4467682.
Back to topOS Build 17134.320
September 26, 2018
KB4458469Resolved
KB4467682Resolved:
November 27, 2018
10:00 AM PT
Opened:
September 26, 2018
02:00 PM PTGuest VMs running Unicast NLB fail to respond after restart All guest virtual machines running Unicast NLB fail to respond to NLB requests after the virtual machines restart.Affected platforms:- Client: Windows 10, version 1803; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015
- Server: Windows Server, version 1803
Resolution: This issue is resolved in KB4458469.
Back to topOS Build 17134.285
September 11, 2018
KB4457128Resolved
KB4458469Resolved:
September 26, 2018
10:00 AM PT
Opened:
September 11, 2018
10:00 AM PT
+ " diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml new file mode 100644 index 0000000000..e3ea1030dd --- /dev/null +++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml @@ -0,0 +1,139 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Resolved issues in Windows 10, version 1809 and Windows Server 2019 +metadata: + document_id: + title: Resolved issues in Windows 10, version 1809 and Windows Server 2019 + description: Resolved issues in Windows 10, version 1809 or Windows Server 2019 + keywords: ["Resolved issues in Windows 10", "Windows 10", "Windows 10 1809"] + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + See a list of known issues that have been resolved for Windows 10, version 1809 and Windows Server 2019 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page. + + " +- items: + - type: markdown + text: " +Details Originating update Status History Microsoft Intune takes a long time to deliver user profiles After installing KB4457128, Windows no longer recognizes the Personal Information exchange (PFX) certificate that's used for authenticating to a Wi-Fi or VPN connection. As a result, Microsoft Intune takes a long time to deliver user profiles because it doesn't recognize that the required certificate is on the device.Affected platforms:- Client: Windows 10, version 1803
- Server: Windows Server, version 1803
Resolution: This issue is resolved in KB4464218.
Back to topOS Build 17134.191
July 24, 2018
KB4340917Resolved
KB4464218Resolved:
September 17, 2018
10:00 AM PT
Opened:
July 24, 2018
10:00 AM PT
+ " + +- title: Resolved issues +- items: + - type: markdown + text: " +
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Date resolved Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details >OS Build 17763.379
March 12, 2019
KB4489899Resolved
KB4495667May 03, 2019
12:40 PM PTEnd-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details >OS Build 17763.404
April 02, 2019
KB4490481Resolved
KB4493509April 09, 2019
10:00 AM PTInternet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details >OS Build 17763.253
January 08, 2019
KB4480116Resolved
KB4493509April 09, 2019
10:00 AM PTMSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details >OS Build 17763.253
January 08, 2019
KB4480116Resolved
KB4493509April 09, 2019
10:00 AM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >OS Build 17763.316
February 12, 2019
KB4487044Resolved
KB4493509April 09, 2019
10:00 AM PTApps may stop working after selecting an audio output device other than the default
Users with multiple audio devices that select an audio output device different from the \"Default Audio Device\" may find certain applications stop working unexpectedly.
See details >OS Build 17763.348
March 01, 2019
KB4482887Resolved
KB4490481April 02, 2019
10:00 AM PTError 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.
See details >OS Build 17763.316
February 12, 2019
KB4487044Resolved
KB4489899March 12, 2019
10:00 AM PTGlobal DNS outage affects Windows Update customers
Windows Update customers were recently affected by a network infrastructure event caused by an external DNS service provider's global outage.
See details >N/A Resolved March 08, 2019
11:15 AM PTInternet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
See details >OS Build 17763.316
February 12, 2019
KB4487044Resolved
KB4482887March 01, 2019
10:00 AM PTApplications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 9 file format may randomly stop working.
See details >OS Build 17763.316
February 12, 2019
KB4487044Resolved
KB4482887March 01, 2019
10:00 AM PTFirst character of the Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details >OS Build 17763.316
February 12, 2019
KB4487044Resolved
KB4482887March 01, 2019
10:00 AM PTShared albums may not sync with iCloud for Windows
Upgrade block: Apple has identified an incompatibility with iCloud for Windows (version 7.7.0.27) where users may experience issues updating or synching Shared Albums.
See details >OS Build 17763.134
November 13, 2018
KB4467708Resolved
KB4482887March 01, 2019
10:00 AM PTIntel Audio Display (intcdaud.sys) notification during Windows 10 Setup
Upgrade block: Users may see an Intel Audio Display (intcdaud.sys) notification during setup for devices with certain Intel Display Audio Drivers.
See details >OS Build 17763.134
November 13, 2018
KB4467708Resolved
KB4482887March 01, 2019
10:00 AM PTF5 VPN clients losing network connectivity
Upgrade block: After updating to Window 10, version 1809, F5 VPN clients may lose network connectivity when the VPN service is in a split tunnel configuration.
See details >OS Build 17763.134
November 13, 2018
KB4467708Resolved
KB4482887March 01, 2019
10:00 AM PTWebpages become unresponsive in Microsoft Edge
Microsoft Edge users report difficulty browsing and loading webpages.
See details >OS Build 17763.253
January 08, 2019
KB4480116Resolved
KB4487044February 12, 2019
10:00 AM PTIssues with lock screen and Microsoft Edge tabs for certain AMD Radeon video cards
Upgrade block: Devices utilizing AMD Radeon HD2000 or HD4000 series video cards may experience issues with the lock screen and Microsoft Edge tabs.
See details >OS Build 17763.134
November 13, 2018
KB4467708Resolved
KB4487044February 12, 2019
10:00 AM PTTrend Micro OfficeScan and Worry-Free Business Security AV software not compatible
Upgrade block: Microsoft and Trend Micro identified a compatibility issue with the Trend Micro business endpoint security solutions OfficeScan and Worry-Free Business Security.
See details >OS Build 17763.134
November 13, 2018
KB4467708Resolved February 01, 2019
09:00 AM PTUnable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.
See details >OS Build 17763.253
January 08, 2019
KB4480116Resolved
KB4476976January 22, 2019
02:00 PM PTUnable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details >OS Build 17763.55
October 09, 2018
KB4464330Resolved
KB4471332December 11, 2018
10:00 AM PTAudio stops working after installing Intel audio driver
Upgrade block: Windows 10 audio stops working after installing Intel Smart Sound Technology driver (version 09.21.00.3755).
See details >OS Build 17763.134
November 13, 2018
KB4467708Resolved
KB4468550December 07, 2018
10:00 AM PTOffice apps (32-bit) unable to use 'Save As…' function
Upgrade block: Devices using Morphisec Protector (or other application that uses the Morphisec SDK) may be unable to save documents when using 32-bit Microsoft Office apps.
See details >OS Build 17763.134
November 13, 2018
KB4467708Resolved December 06, 2018
12:00 PM PTUsers cannot set Win32 program defaults
Some users cannot set Win32 program defaults for certain app and file type combinations.
See details >OS Build 17763.55
October 09, 2018
KB4464330Resolved
KB4469342December 05, 2018
02:00 PM PTMapped drives fail to reconnect after login
Upgrade block: Mapped drives may fail to reconnect after booting and logging on to a Windows device.
See details >OS Build 17763.134
November 13, 2018
KB4467708Resolved
KB4469342December 05, 2018
02:00 PM PTMicrosoft Edge may crash or hang while playing video
Following an nVidia driver update, Microsoft Edge may crash or hang while playing video.
See details >OS Build 17763.134
November 13, 2018
KB4467708Resolved December 05, 2018
10:00 AM PT++ " +- title: April 2019 +- items: + - type: markdown + text: " +
+ " + +- title: March 2019 +- items: + - type: markdown + text: " +Details Originating update Status History End-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493509.
Back to topOS Build 17763.404
April 02, 2019
KB4490481Resolved
KB4493509Resolved:
April 09, 2019
10:00 AM PT
Opened:
April 02, 2019
10:00 AM PT
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Custom URI schemes may not start corresponding application After installing KB4489899, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Workaround: Right-click the URL link to open it in a new window or tab, or enable Protected Mode in Internet Explorer for local intranet and trusted sites- Go to Tools > Internet options > Security.
- Within Select a zone to view of change security settings, select Local intranet and then select Enable Protected Mode.
- Select Trusted Sites and then select Enable Protected Mode.
- Select OK.
You must restart the browser after making these changes.Resolution: This issue is resolved in KB4495667.
Back to topOS Build 17763.379
March 12, 2019
KB4489899Resolved
KB4495667Resolved:
May 03, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PTApps may stop working after selecting an audio output device other than the default After installing KB4482887 on machines that have multiple audio devices, applications that provide advanced options for internal or external audio output devices may stop working unexpectedly. This issue occurs for users that select an audio output device different from the \"Default Audio Device\". Examples of applications that may stop working include:- Windows Media Player
- Realtek HD Audio Manager
- Sound Blaster Control Panel
Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4490481.
Back to topOS Build 17763.348
March 01, 2019
KB4482887Resolved
KB4490481Resolved:
April 02, 2019
10:00 AM PT
Opened:
March 01, 2019
10:00 AM PT
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493509.
Back to topOS Build 17763.316
February 12, 2019
KB4487044Resolved
KB4493509Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTError 1309 when installing/uninstalling MSI or MSP files After installing KB4487044, users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489899.
Back to topOS Build 17763.316
February 12, 2019
KB4487044Resolved
KB4489899Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTInternet Explorer may fail to load images After installing KB4487044, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4482887.
Back to topOS Build 17763.316
February 12, 2019
KB4487044Resolved
KB4482887Resolved:
March 01, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTApplications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4482887.
Back to topOS Build 17763.316
February 12, 2019
KB4487044Resolved
KB4482887Resolved:
March 01, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTFirst character of the Japanese era name not recognized After installing KB4487044, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4482887.
Back to topOS Build 17763.316
February 12, 2019
KB4487044Resolved
KB4482887Resolved:
March 01, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT
+ " + +- title: November 2018 +- items: + - type: markdown + text: " +Details Originating update Status History Internet Explorer 11 authentication issue with multiple concurrent logons After installing KB4480116, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:- Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue was resolved in KB4493509.
Back to topOS Build 17763.253
January 08, 2019
KB4480116Resolved
KB4493509Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTMSXML6 may cause applications to stop responding After installing KB4480116, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493509.
Back to topOS Build 17763.253
January 08, 2019
KB4480116Resolved
KB4493509Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTGlobal DNS outage affects Windows Update customers Windows Update customers were affected by a network infrastructure event on January 29, 2019 (21:00 UTC), caused by an external DNS service provider's global outage. A software update to the external provider's DNS servers resulted in the distribution of corrupted DNS records that affected connectivity to the Windows Update service. The DNS records were restored by January 30, 2019 (00:10 UTC), and the majority of local Internet Service Providers (ISP) have refreshed their DNS servers and customer services have been restored.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
While this was not an issue with Microsoft's services, we take any service disruption for our customers seriously. We will work with partners to better understand this so we can provide higher quality service in the future even across diverse global network providers.If you are still unable to connect to Windows Update services due to this problem, please contact your local ISP or network administrator. You can also refer to our new KB4493784 for more information to determine if your network is affected, and to provide your local ISP or network administrator with additional information to assist you.
Back to topN/A Resolved Resolved:
March 08, 2019
11:15 AM PT
Opened:
January 29, 2019
02:00 PM PTWebpages become unresponsive in Microsoft Edge After installing KB4480116, some Microsoft Edge users report that they:- Cannot load web pages using a local IP address.
- Cannot load web pages on the Internet using a VPN connection.
Browsing fails or the web page may become unresponsive.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue is resolved in KB4487020.
Back to topOS Build 17763.253
January 08, 2019
KB4480116Resolved
KB4487044Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTUnable to access hotspots with third-party applications After installing KB4480116, third-party applications may have difficulty authenticating hotspots.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4476976.
Back to topOS Build 17763.253
January 08, 2019
KB4480116Resolved
KB4476976Resolved:
January 22, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT
+ " + +- title: October 2018 +- items: + - type: markdown + text: " +Details Originating update Status History Shared albums may not sync with iCloud for Windows Upgrade block: Users who attempt to install iCloud for Windows (version 7.7.0.27) will see a message displayed that this version iCloud for Windows isn't supported and the install will fail.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
To ensure a seamless experience, Microsoft is blocking devices with iCloud for Windows (version 7.7.0.27) software installed from being offered Window 10, version 1809 until this issue has been resolved.We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool from the Microsoft software download website until this issue is resolved.Resolution: Apple has released an updated version of iCloud for Windows (version 7.8.1) that resolves compatibility issues encountered when updating or synching Shared Albums after updating to Windows 10, version 1809. We recommend that you update your iCloud for Windows to version 7.8.1 when prompted before attempting to upgrade to Windows 10, version 1809. You can also manually download the latest version of iCloud for Windows by visiting https://support.apple.com/HT204283.
Back to topOS Build 17763.134
November 13, 2018
KB4467708Resolved
KB4482887Resolved:
March 01, 2019
10:00 AM PT
Opened:
November 13, 2018
10:00 AM PTIntel Audio Display (intcdaud.sys) notification during Windows 10 Setup Upgrade block: Microsoft and Intel have identified a compatibility issue with a range of Intel Display Audio device drivers (intcdaud.sys, versions 10.25.0.3 - 10.25.0.8) that may result in excessive processor demand and reduced battery life. As a result, the update process to the Windows 10 October 2018 Update (Windows 10, version 1809) will fail and affected devices will automatically revert to the previous working configuration.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
If you see a \"What needs your attention\" notification during installation of the October 2018 Update, you have one of these affected drivers on your system. On the notification, click Back to remain on your current version of Windows 10.To ensure a seamless experience, we are blocking devices from being offered the October 2018 Update until updated Intel device drivers are installed on your current operating system. We recommend that you do not attempt to manually update to Windows 10, version 1809, using the Update Now button or the Media Creation Tool from the Microsoft Software Download Center until newer Intel device drivers are available with the update. You can either wait for newer drivers to be installed automatically through Windows Update or check with your computer manufacturer for the latest device driver software availability and installation procedures. For more information about this issue, see Intel's customer support guidance.Resolution: This issue was resolved in KB4482887 and the upgrade block removed.
Back to topOS Build 17763.134
November 13, 2018
KB4467708Resolved
KB4482887Resolved:
March 01, 2019
10:00 AM PT
Opened:
November 13, 2018
10:00 AM PTF5 VPN clients losing network connectivity Upgrade block: After updating to Window 10, version 1809, F5 VPN clients may lose network connectivity when the VPN service is in a split tunnel configuration.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4482887 and the upgrade block removed.
Back to topOS Build 17763.134
November 13, 2018
KB4467708Resolved
KB4482887Resolved:
March 01, 2019
10:00 AM PT
Opened:
November 13, 2018
10:00 AM PTIssues with lock screen and Microsoft Edge tabs for certain AMD Radeon video cards Note: AMD no longer supports Radeon HD2000 and HD4000 series graphic processor units (GPUs).Upgrade block: After updating to Window 10, version 1809, Microsoft Edge tabs may stop working when a device is configured with AMD Radeon HD2000 or HD4000 series video cards. Customers may get the following error code: \"INVALID_POINTER_READ_c0000005_atidxx64.dll\".Some users may also experience performance issues with the lock screen or the ShellExperienceHost. (The lock screen hosts widgets, and the ShellExperienceHost is responsible for assorted shell functionality.)Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4487044, and the block was removed.
Back to topOS Build 17763.134
November 13, 2018
KB4467708Resolved
KB4487044Resolved:
February 12, 2019
10:00 AM PT
Opened:
November 13, 2018
10:00 AM PTTrend Micro OfficeScan and Worry-Free Business Security AV software not compatible Upgrade block: Microsoft and Trend Micro have identified a compatibility issue with Trend Micro's OfficeScan and Worry-Free Business Security software when attempting to update to Windows 10, version 1809.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Resolution: Trend Micro has released a new version of these products that resolves the issue. To download them, please visit the Trend Micro Business Support Portal.Once you have updated your version of Trend Micro's OfficeScan or Worry-Free Business Security software, you will be offered Windows 10, version 1809 automatically.
Back to topOS Build 17763.134
November 13, 2018
KB4467708Resolved Resolved:
February 01, 2019
09:00 AM PT
Opened:
November 13, 2018
10:00 AM PTAudio stops working after installing Intel audio driver Upgrade block: Intel unintentionally released version 9.21.00.3755 of the Intel Smart Sound Technology (ISST) Driver through Windows Update and inadvertently offered it to a range of devices running Window 10, version 1709, 1803, and 1809. If a device contained a compatible audio driver, the new driver overrode it and caused audio to stop working.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4468550 and the upgrade block removed.
Back to topOS Build 17763.134
November 13, 2018
KB4467708Resolved
KB4468550Resolved:
December 07, 2018
10:00 AM PT
Opened:
November 13, 2018
10:00 AM PTOffice apps (32-bit) unable to use 'Save As…' function Upgrade block: Microsoft and Morphisec have identified an issue on devices that have installed Morphisec Protector or another application that uses the Morphisec Software Development Kit (SDK) including Cisco AMP for Endpoints. These applications may impact customers' ability to use the 'Save As.'dialog when saving documents in 32-bit versions of Microsoft Office applications. Saving of files is not impacted.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Resolution: Morphisec and Cisco have released updated versions of their applications to address this issue. We recommend customers update to these minimum versions before attempting to attempting to upgrade to Windows 10, version 1809:- Morphisec Protector version 2.4.8
- Cisco AMP for Endpoints version 6.2.3.10814
An upgrade block remains in place for earlier versions of the applications than those listed above.
Back to topOS Build 17763.134
November 13, 2018
KB4467708Resolved Resolved:
December 06, 2018
12:00 PM PT
Opened:
November 13, 2018
10:00 AM PTMapped drives fail to reconnect after login Upgrade block: Network drives may fail to reconnect after booting and logging on to a Windows device. Symptoms include:- In Windows Explorer, a red X appears on the mapped network drives.
- Mapped network drives show as Unavailable when you run the net use command from a command prompt.
- In the notification area, a notification displays the following message, \"Could not reconnect all network drives.\"
Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4469342 and the upgrade block removed.
Back to topOS Build 17763.134
November 13, 2018
KB4467708Resolved
KB4469342Resolved:
December 05, 2018
02:00 PM PT
Opened:
November 13, 2018
10:00 AM PTMicrosoft Edge may crash or hang while playing video nVidia has notified Microsoft of an issue where Microsoft Edge may crash or hang while playing video. This issue occurs following an nVidia driver update.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Resolution: nVidia has released an updated driver to address this issue. Please follow the instructions found in nVidia's support article.
Back to topOS Build 17763.134
November 13, 2018
KB4467708Resolved Resolved:
December 05, 2018
10:00 AM PT
Opened:
November 13, 2018
10:00 AM PT
+ " diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml new file mode 100644 index 0000000000..d034127b65 --- /dev/null +++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml @@ -0,0 +1,109 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Resolved issues in Windows 7 and Windows Server 2008 R2 SP1 +metadata: + document_id: + title: Resolved issues in Windows 7 and Windows Server 2008 R2 SP1 + description: Resolved issues in Windows 7 and Windows Server 2008 R2 SP1 + keywords: ["Resolved issues in Windows 7", "Windows 7", "Windows Server 2008 R2 SP1"] + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + See a list of known issues that have been resolved for Windows 7 and Windows Server 2008 R2 SP1 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page. + + " +- items: + - type: markdown + text: " +Details Originating update Status History Unable to use Seek bar in Windows Media Player After installing KB4464330, users may not be able to use the Seek bar in Windows Media Player when playing specific files. This issue does not affect normal playback.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471332.
Back to topOS Build 17763.55
October 09, 2018
KB4464330Resolved
KB4471332Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PTUsers cannot set Win32 program defaults After installing KB4464330, some users cannot set Win32 program defaults for certain app and file type combinations using the Open with... command or Settings > Apps > Default apps.In some cases, Microsoft Notepad or other Win32 programs cannot be set as the default.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803
Resolution: This issue is resolved in KB4469342.
Back to topOS Build 17763.55
October 09, 2018
KB4464330Resolved
KB4469342Resolved:
December 05, 2018
02:00 PM PT
Opened:
October 09, 2018
10:00 AM PT
+ " + +- title: Resolved issues +- items: + - type: markdown + text: " +
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Date resolved Devices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.
See details >April 09, 2019
KB4493472Resolved April 25, 2019
02:00 PM PTInternet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details >January 08, 2019
KB4480970Resolved
KB4493472April 09, 2019
10:00 AM PTCustom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details >March 12, 2019
KB4489878Resolved
KB4493472April 09, 2019
10:00 AM PTNETDOM.EXE fails to run
NETDOM.EXE fails to run and the error, “The command failed to complete successfully.” appears on screen.
See details >March 12, 2019
KB4489878Resolved
KB4493472April 09, 2019
10:00 AM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >February 12, 2019
KB4486563Resolved
KB4493472April 09, 2019
10:00 AM PTEvent Viewer may not show some event descriptions for network interface cards
The Event Viewer may not show some event descriptions for network interface cards (NIC).
See details >October 18, 2018
KB4462927Resolved
KB4489878March 12, 2019
10:00 AM PTVirtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.
See details >January 08, 2019
KB4480970Resolved
KB4490511February 19, 2019
02:00 PM PTFirst character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details >January 17, 2019
KB4480955Resolved
KB4486565February 19, 2019
02:00 PM PTInternet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
See details >February 12, 2019
KB4486563Resolved
KB4486565February 19, 2019
02:00 PM PTApplications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
See details >February 12, 2019
KB4486563Resolved
KB4486565February 19, 2019
02:00 PM PTApplications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.
See details >January 08, 2019
KB4480970Resolved
KB4486563February 12, 2019
10:00 AM PTLocal Administrators unable to remotely access shares
Local users who are part of the local Administrators group may not be able to remotely access shares on Windows Server 2008 R2 and Windows 7 machines.
See details >January 08, 2019
KB4480970Resolved
KB4487345January 11, 2019
02:00 PM PTUnable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details >October 09, 2018
KB4462923Resolved
KB4471318December 11, 2018
10:00 AM PT++ " +- title: April 2019 +- items: + - type: markdown + text: " +
+ " + +- title: March 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Devices may not respond at login or Welcome screen if running certain Avast software Microsoft and Avast have identified an issue on devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software after you install KB4493472 and restart. Devices may become unresponsive at the login or Welcome screen. Additionally, you may be unable to log in or log in after an extended period of time.Affected platforms:- Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: Avast has released emergency updates to address this issue. For more information and AV update schedule, see the Avast support KB article.
Back to topApril 09, 2019
KB4493472Resolved Resolved:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Custom URI schemes may not start corresponding application After installing KB4489878, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493472.
Back to topMarch 12, 2019
KB4489878Resolved
KB4493472Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PTNETDOM.EXE fails to run After installing KB4489878, NETDOM.EXE fails to run, and the on-screen error, “The command failed to complete successfully.” appears.Affected platforms:- Client: Windows 7 SP1
- Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493472.
Back to topMarch 12, 2019
KB4489878Resolved
KB4493472Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493472.
Back to topFebruary 12, 2019
KB4486563Resolved
KB4493472Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTInternet Explorer may fail to load images After installing KB4486563, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4486565.
Back to topFebruary 12, 2019
KB4486563Resolved
KB4486565Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PTApplications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4486565.
Back to topFebruary 12, 2019
KB4486563Resolved
KB4486565Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT
+ " + +- title: October 2018 +- items: + - type: markdown + text: " +Details Originating update Status History Internet Explorer 11 authentication issue with multiple concurrent logons After installing KB4480970, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:- Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493472.
Back to topJanuary 08, 2019
KB4480970Resolved
KB4493472Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTVirtual machines fail to restore After installing KB4480970, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.Affected platforms:- Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490511.
Back to topJanuary 08, 2019
KB4480970Resolved
KB4490511Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PTFirst character of the Japanese era name not recognized as an abbreviation After installing KB4480955, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4486565.
Back to topJanuary 17, 2019
KB4480955Resolved
KB4486565Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 17, 2019
10:00 AM PTApplications using Microsoft Jet database fail to open Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, “Unrecognized Database Format”.Affected Platforms:- Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4486563.
Back to topJanuary 08, 2019
KB4480970Resolved
KB4486563Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTLocal Administrators unable to remotely access shares Local users who are part of the local Administrators group may not be able to remotely access shares on Windows Server 2008 R2 and Windows 7 machines after installing KB4480970. This does not affect domain accounts in the local Administrators group.Affected platforms:- Client: Windows 7 SP1
- Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487345.
Back to topJanuary 08, 2019
KB4480970Resolved
KB4487345Resolved:
January 11, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT
+ " diff --git a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml new file mode 100644 index 0000000000..1ef62bfe75 --- /dev/null +++ b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml @@ -0,0 +1,109 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Resolved issues in Windows 8.1 and Windows Server 2012 R2 +metadata: + document_id: + title: Resolved issues in Windows 8.1 and Windows Server 2012 R2 + description: Resolved issues in Windows 8.1 and Windows Server 2012 R2 + keywords: ["Resolved issues in Windows 8.1", "Windows 8.1", "Windows Server 2012 R2"] + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + See a list of known issues that have been resolved for Windows 8.1 and Windows Server 2012 R2 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page. + + " +- items: + - type: markdown + text: " +Details Originating update Status History Event Viewer may not show some event descriptions for network interface cards After installing KB4462927, the Event Viewer may not show some event descriptions for network interface cards (NICs).Affected Platforms:- Client: Windows 7 SP1
- Server: Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4489878.
Back to topOctober 18, 2018
KB4462927Resolved
KB4489878Resolved:
March 12, 2019
10:00 AM PT
Opened:
October 18, 2018
10:00 AM PTUnable to use Seek bar in Windows Media Player After installing KB4462923, users may not be able to use the Seek bar in Windows Media Player when playing specific files. This issue does not affect normal playback.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471318.
Back to topOctober 09, 2018
KB4462923Resolved
KB4471318Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT
+ " + +- title: Resolved issues +- items: + - type: markdown + text: " +
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Date resolved Devices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.
See details >April 09, 2019
KB4493446Resolved April 25, 2019
02:00 PM PTInternet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details >January 08, 2019
KB4480963Resolved
KB4493446April 09, 2019
10:00 AM PTMSXML6 may cause applications to stop responding.
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details >January 08, 2019
KB4480963Resolved
KB4493446April 09, 2019
10:00 AM PTCustom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details >March 12, 2019
KB4489881Resolved
KB4493446April 09, 2019
10:00 AM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >February 12, 2019
KB4487000Resolved
KB4493446April 09, 2019
10:00 AM PTDevices with winsock kernel client may receive error
Devices with a winsock kernel client may receive D1, FC, and other errors.
See details >March 12, 2019
KB4489881Resolved
KB4489893March 19, 2019
10:00 AM PTError 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
See details >February 19, 2019
KB4487016Resolved
KB4489881March 12, 2019
10:00 AM PTVirtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.
See details >January 08, 2019
KB4480963Resolved
KB4490512February 19, 2019
02:00 PM PTFirst character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details >January 15, 2019
KB4480969Resolved
KB4487016February 19, 2019
02:00 PM PTInternet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
See details >February 12, 2019
KB4487000Resolved
KB4487016February 19, 2019
02:00 PM PTApplications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.
See details >January 08, 2019
KB4480963Resolved
KB4487000February 12, 2019
10:00 AM PTUnable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.
See details >January 08, 2019
KB4480963Resolved
KB4480969January 15, 2019
10:00 AM PTUnable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details >October 09, 2018
KB4462926Resolved
KB4471320December 11, 2018
10:00 AM PT++ " +- title: April 2019 +- items: + - type: markdown + text: " +
+ " + +- title: March 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Devices may not respond at login or Welcome screen if running certain Avast software Microsoft and Avast have identified an issue on devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software after you install KB4493446 and restart. Devices may become unresponsive at the login or Welcome screen. Additionally, you may be unable to log in or log in after an extended period of time.Affected platforms:- Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: Avast has released emergency updates to address this issue. For more information and AV update schedule, see the Avast support KB article.
Back to topApril 09, 2019
KB4493446Resolved Resolved:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Custom URI schemes may not start corresponding application After installing KB4489881, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493446.
Back to topMarch 12, 2019
KB4489881Resolved
KB4493446Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PTDevices with winsock kernel client may receive error After installing KB4489881, devices with a winsock kernel client may receive D1, FC, and other errors. Additionally, systems that run the Skype for Business or Lync Server Edge Transport role may be affected by this issue.Affected platforms:- Client: Windows 8.1
- Server: Windows Server 2012 R2
Resolution: This issue is resolved in KB4489893.
Back to topMarch 12, 2019
KB4489881Resolved
KB4489893Resolved:
March 19, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493446.
Back to topFebruary 12, 2019
KB4487000Resolved
KB4493446Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTError 1309 when installing/uninstalling MSI or MSP files After installing KB4487016, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489881.
Back to topFebruary 19, 2019
KB4487016Resolved
KB4489881Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 19, 2019
02:00 PM PTInternet Explorer may fail to load images After installing KB4487000, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4487016.
Back to topFebruary 12, 2019
KB4487000Resolved
KB4487016Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT
+ " + +- title: October 2018 +- items: + - type: markdown + text: " +Details Originating update Status History Internet Explorer 11 authentication issue with multiple concurrent logons After installing KB4480963, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:- Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493446.
Back to topJanuary 08, 2019
KB4480963Resolved
KB4493446Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTMSXML6 may cause applications to stop responding. After installing KB4480963, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493446.
Back to topJanuary 08, 2019
KB4480963Resolved
KB4493446Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTVirtual machines fail to restore After installing KB4480963, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.Affected platforms:- Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490512.
Back to topJanuary 08, 2019
KB4480963Resolved
KB4490512Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PTFirst character of the Japanese era name not recognized as an abbreviation After installing KB4480969, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487016.
Back to topJanuary 15, 2019
KB4480969Resolved
KB4487016Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 15, 2019
10:00 AM PTApplications using Microsoft Jet database fail to open Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, “Unrecognized Database Format”.Affected platforms:- Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487000.
Back to topJanuary 08, 2019
KB4480963Resolved
KB4487000Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTUnable to access hotspots with third-party applications After installing KB4480963, third-party applications may have difficulty authenticating hotspots.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4480969.
Back to topJanuary 08, 2019
KB4480963Resolved
KB4480969Resolved:
January 15, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT
+ " diff --git a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml new file mode 100644 index 0000000000..fe19c4b36e --- /dev/null +++ b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml @@ -0,0 +1,91 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Resolved issues in Windows Server 2008 SP2 +metadata: + document_id: + title: Resolved issues in Windows Server 2008 SP2 + description: Resolved issues in Windows Server 2008 SP2 + keywords: ["Resolved issues in Windows Server 2008 SP2", "Windows Server 2008 SP2"] + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + See a list of known issues that have been resolved for Windows Server 2008 SP2 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page. + + " +- items: + - type: markdown + text: " +Details Originating update Status History Unable to use Seek bar in Windows Media Player After installing KB4462926, users may not be able to use the Seek bar in Windows Media Player when playing specific files. This issue does not affect normal playback.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471320.
Back to topOctober 09, 2018
KB4462926Resolved
KB4471320Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT
+ " + +- title: Resolved issues +- items: + - type: markdown + text: " +
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Date resolved Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >February 12, 2019
KB4487023Resolved
KB4493471April 09, 2019
10:00 AM PTNETDOM.EXE fails to run
NETDOM.EXE fails to run and the error, “The command failed to complete successfully.” appears on screen.
See details >March 12, 2019
KB4489880Resolved
KB4493471April 09, 2019
10:00 AM PTFirst character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details >January 17, 2019
KB4480974Resolved
KB4489880March 12, 2019
10:00 AM PTVirtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.
See details >January 08, 2019
KB4480968Resolved
KB4490514February 19, 2019
02:00 PM PTApplications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
See details >February 12, 2019
KB4487023Resolved
KB4487022February 19, 2019
02:00 PM PTApplications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.
See details >January 08, 2019
KB4480968Resolved
KB4487023February 12, 2019
10:00 AM PTLocal Administrators unable to remotely access shares
Local users who are part of the local Administrators group may not be able to remotely access shares on Windows Server 2008 R2 and Windows 7 machines.
See details >January 08, 2019
KB4480968Resolved
KB4487354January 11, 2019
02:00 PM PTUnable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details >October 09, 2018
KB4463097Resolved
KB4471325December 11, 2018
10:00 AM PT++ " +- title: March 2019 +- items: + - type: markdown + text: " +
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History NETDOM.EXE fails to run After installing KB4489880, NETDOM.EXE fails to run, and the on-screen error, “The command failed to complete successfully.” appears.Affected platforms:- Client: Windows 7 SP1
- Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493471.
Back to topMarch 12, 2019
KB4489880Resolved
KB4493471Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493471.
Back to topFebruary 12, 2019
KB4487023Resolved
KB4493471Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTApplications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487022.
Back to topFebruary 12, 2019
KB4487023Resolved
KB4487022Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT
+ " + +- title: October 2018 +- items: + - type: markdown + text: " +Details Originating update Status History First character of the Japanese era name not recognized as an abbreviation After installing KB4480974, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489880.
Back to topJanuary 17, 2019
KB4480974Resolved
KB4489880Resolved:
March 12, 2019
10:00 AM PT
Opened:
January 17, 2019
10:00 AM PTVirtual machines fail to restore After installing KB4480968, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.Affected platforms:- Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490514.
Back to topJanuary 08, 2019
KB4480968Resolved
KB4490514Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PTApplications using Microsoft Jet database fail to open Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, “Unrecognized Database Format”.Affected platforms:- Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487023.
Back to topJanuary 08, 2019
KB4480968Resolved
KB4487023Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTLocal Administrators unable to remotely access shares Local users who are part of the local Administrators group may not be able to remotely access shares on Windows Server 2008 R2 and Windows 7 machines after installing KB4480968. This does not affect domain accounts in the local Administrators group.Affected platforms:- Client: Windows 7 SP1
- Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487354.
Back to topJanuary 08, 2019
KB4480968Resolved
KB4487354Resolved:
January 11, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PT
+ " diff --git a/windows/release-information/resolved-issues-windows-server-2012.yml b/windows/release-information/resolved-issues-windows-server-2012.yml new file mode 100644 index 0000000000..b2a7ce07c1 --- /dev/null +++ b/windows/release-information/resolved-issues-windows-server-2012.yml @@ -0,0 +1,97 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Resolved issues in Windows Server 2012 +metadata: + document_id: + title: Resolved issues in Windows Server 2012 + description: Resolved issues in Windows Server 2012 + keywords: ["Resolved issues in Windows Server 2012", "Windows Server 2012"] + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + See a list of known issues that have been resolved for Windows Server 2012 over the last six months. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s) to search the page. + + " +- items: + - type: markdown + text: " +Details Originating update Status History Unable to use Seek bar in Windows Media Player After installing KB4463097, users may not be able to use the Seek bar in Windows Media Player when playing specific files. This issue does not affect normal playback.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471325.
Back to topOctober 09, 2018
KB4463097Resolved
KB4471325Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT
+ " + +- title: Resolved issues +- items: + - type: markdown + text: " +
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Date resolved Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details >January 08, 2019
KB4480975Resolved
KB4493451April 09, 2019
10:00 AM PTMSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details >January 08, 2019
KB4480975Resolved
KB4493451April 09, 2019
10:00 AM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >February 12, 2019
KB4487025Resolved
KB4493451April 09, 2019
10:00 AM PTEvent Viewer may not show some event descriptions for network interface cards
The Event Viewer may not show some event descriptions for network interface cards (NIC).
See details >September 11, 2018
KB4457135Resolved
KB4489891March 12, 2019
10:00 AM PTError 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
See details >February 12, 2019
KB4487025Resolved
KB4489891March 12, 2019
10:00 AM PTVirtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.
See details >January 08, 2019
KB4480975Resolved
KB4490516February 19, 2019
02:00 PM PTFirst character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details >January 15, 2019
KB4480971Resolved
KB4487024February 19, 2019
02:00 PM PTApplications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
See details >February 12, 2019
KB4487025Resolved
KB4487024February 19, 2019
02:00 PM PTApplications using Microsoft Jet database fail to open
Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if column names are greater than 32 characters.
See details >January 08, 2019
KB4480975Resolved
KB4487025February 12, 2019
10:00 AM PTUnable to access hotspots with third-party applications
Third-party applications may have difficulty authenticating hotspots.
See details >January 08, 2019
KB4480975Resolved
KB4480971January 15, 2019
10:00 AM PTUnable to use Seek bar in Windows Media Player
Users may not be able to use the Seek bar in Windows Media Player when playing specific files.
See details >October 09, 2018
KB4462929Resolved
KB4471330December 11, 2018
10:00 AM PT++ " +- title: February 2019 +- items: + - type: markdown + text: " +
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493451.
Back to topFebruary 12, 2019
KB4487025Resolved
KB4493451Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTError 1309 when installing/uninstalling MSI or MSP files After installing KB4487025, users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489891.
Back to topFebruary 12, 2019
KB4487025Resolved
KB4489891Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PTApplications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487024.
Back to topFebruary 12, 2019
KB4487025Resolved
KB4487024Resolved:
February 19, 2019
02:00 PM PT
Opened:
February 12, 2019
10:00 AM PT
+ " + +- title: October 2018 +- items: + - type: markdown + text: " +Details Originating update Status History Internet Explorer 11 authentication issue with multiple concurrent logons After installing KB4480975, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:- Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493451.
Back to topJanuary 08, 2019
KB4480975Resolved
KB4493451Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTMSXML6 may cause applications to stop responding After installing KB4480975, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493451.
Back to topJanuary 08, 2019
KB4480975Resolved
KB4493451Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTVirtual machines fail to restore After installing KB4480975, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, \"Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).\"This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.Affected platforms:- Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490516.
Back to topJanuary 08, 2019
KB4480975Resolved
KB4490516Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PTFirst character of the Japanese era name not recognized as an abbreviation After installing KB4480971, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487024.
Back to topJanuary 15, 2019
KB4480971Resolved
KB4487024Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 15, 2019
10:00 AM PTApplications using Microsoft Jet database fail to open Applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will fail to open with the error, \"Unrecognized Database Format\".Affected platforms:- Client: Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487025.
Back to topJanuary 08, 2019
KB4480975Resolved
KB4487025Resolved:
February 12, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTUnable to access hotspots with third-party applications After installing KB4480975, third-party applications may have difficulty authenticating hotspots.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4480971.
Back to topJanuary 08, 2019
KB4480975Resolved
KB4480971Resolved:
January 15, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT
+ " + +- title: September 2018 +- items: + - type: markdown + text: " +Details Originating update Status History Unable to use Seek bar in Windows Media Player After installing KB4462929, users may not be able to use the Seek bar in Windows Media Player when playing specific files. This issue does not affect normal playback.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4471330.
Back to topOctober 09, 2018
KB4462929Resolved
KB4471330Resolved:
December 11, 2018
10:00 AM PT
Opened:
October 09, 2018
10:00 AM PT
+ " diff --git a/windows/release-information/status-windows-10-1507.yml b/windows/release-information/status-windows-10-1507.yml new file mode 100644 index 0000000000..3cab3fb9e9 --- /dev/null +++ b/windows/release-information/status-windows-10-1507.yml @@ -0,0 +1,103 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Windows 10, version 1507 +metadata: + document_id: + title: Windows 10, version 1507 + description: View annoucements and review known issues and fixes for Windows 10 version 1507 + keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + Find information on known issues for Windows 10, version 1507. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s). + + " + +- items: + - type: list + style: cards + className: cardsM + columns: 3 + items: + + - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540 + html: Read the announcement > + image: + src: https://docs.microsoft.com//media/common/i_deploy.svg + title: Windows 10, version 1809 designated for broad deployment + - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency + html: Find out more > + image: + src: https://docs.microsoft.com/media/common/i_whats-new.svg + title: Improvements to the Windows 10 update experience are coming + - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience + html: Learn about our approach > + image: + src: https://docs.microsoft.com/media/common/i_investigate.svg + title: How do we measure and improve the quality of Windows? +- items: + - type: markdown + text: " + + " +- items: + - type: markdown + text: " +Details Originating update Status History Event Viewer may not show some event descriptions for network interface cards After installing KB4457135, the Event Viewer may not show some event descriptions for network interface cards (NICs).Affected Platforms:- Client: Windows 7 SP1
- Server: Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4489891.
Back to topSeptember 11, 2018
KB4457135Resolved
KB4489891Resolved:
March 12, 2019
10:00 AM PT
Opened:
September 11, 2018
10:00 AM PT
+ " + +- title: Known issues +- items: + - type: markdown + text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Last updated Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details >OS Build 10240.18094
January 08, 2019
KB4480962Mitigated April 25, 2019
02:00 PM PTMSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details >OS Build 10240.18094
January 08, 2019
KB4480962Resolved
KB4493475April 09, 2019
10:00 AM PTCustom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details >OS Build 10240.18158
March 12, 2019
KB4489872Resolved
KB4493475April 09, 2019
10:00 AM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >OS Build 10240.18132
February 12, 2019
KB4487018Resolved
KB4493475April 09, 2019
10:00 AM PT++ " +- title: March 2019 +- items: + - type: markdown + text: " +
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Custom URI schemes may not start corresponding application After installing KB4489872, Custom URI Schemes for Application Protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue was resolved in KB4493475.
Back to topOS Build 10240.18158
March 12, 2019
KB4489872Resolved
KB4493475Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493475.
Back to topOS Build 10240.18132
February 12, 2019
KB4487018Resolved
KB4493475Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT
+ " diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml new file mode 100644 index 0000000000..b22aced938 --- /dev/null +++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml @@ -0,0 +1,134 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Windows 10, version 1607 and Windows Server 2016 +metadata: + document_id: + title: Windows 10, version 1607 and Windows Server 2016 + description: View annoucements and review known issues and fixes for Windows 10 version 1607 and Windows Server 2016 + keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + Find information on known issues for Windows 10, version 1607 and Windows Server 2016. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s). + + " + +- items: + - type: list + style: cards + className: cardsM + columns: 3 + items: + + - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540 + html: Read the announcement > + image: + src: https://docs.microsoft.com//media/common/i_deploy.svg + title: Windows 10, version 1809 designated for broad deployment + - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency + html: Find out more > + image: + src: https://docs.microsoft.com/media/common/i_whats-new.svg + title: Improvements to the Windows 10 update experience are coming + - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience + html: Learn about our approach > + image: + src: https://docs.microsoft.com/media/common/i_investigate.svg + title: How do we measure and improve the quality of Windows? +- items: + - type: markdown + text: " + + " +- items: + - type: markdown + text: " +Details Originating update Status History Certain operations performed on a Cluster Shared Volume may fail Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: Do one of the following:- Perform the operation from a process that has administrator privilege.
- Perform the operation from a node that doesn’t have CSV ownership.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topOS Build 10240.18094
January 08, 2019
KB4480962Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PTMSXML6 may cause applications to stop responding After installing KB4480962, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493475.
Back to topOS Build 10240.18094
January 08, 2019
KB4480962Resolved
KB4493475Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT
+ " + +- title: Known issues +- items: + - type: markdown + text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Last updated Zone transfers over TCP may fail
Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.
See details >OS Build 14393.2941
April 25, 2019
KB4493473Investigating April 25, 2019
02:00 PM PTCluster service may fail if the minimum password length is set to greater than 14
The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.
See details >OS Build 14393.2639
November 27, 2018
KB4467684Mitigated April 25, 2019
02:00 PM PTIssue using PXE to start a device from WDS
There may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension.
See details >OS Build 14393.2848
March 12, 2019
KB4489882Mitigated April 25, 2019
02:00 PM PTSCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host.
See details >OS Build 14393.2639
November 27, 2018
KB4467684Mitigated April 25, 2019
02:00 PM PTCertain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details >OS Build 14393.2724
January 08, 2019
KB4480961Mitigated April 25, 2019
02:00 PM PTWindows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.
See details >OS Build 14393.2608
November 13, 2018
KB4467691Mitigated February 19, 2019
10:00 AM PTCustom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details >OS Build 14393.2848
March 12, 2019
KB4489882Resolved
KB4493473April 25, 2019
02:00 PM PTEnd-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup.
See details >OS Build 14393.2879
March 19, 2019
KB4489889Resolved
KB4493470April 09, 2019
10:00 AM PTInternet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details >OS Build 14393.2724
January 08, 2019
KB4480961Resolved
KB4493470April 09, 2019
10:00 AM PTMSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details >OS Build 14393.2724
January 08, 2019
KB4480961Resolved
KB4493470April 09, 2019
10:00 AM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >OS Build 14393.2791
February 12, 2019
KB4487026Resolved
KB4493470April 09, 2019
10:00 AM PT++ " +- title: April 2019 +- items: + - type: markdown + text: " +
+ " + +- title: March 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Zone transfers over TCP may fail Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail after installing KB4493473.Affected platforms:- Client: Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topOS Build 14393.2941
April 25, 2019
KB4493473Investigating Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 25, 2019
02:00 PM PT
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Issue using PXE to start a device from WDS After installing KB4489882, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options:Option 1:Open an Administrator Command prompt and type the following:Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No +
Option 2:Use the Windows Deployment Services UI to make the following adjustment:- Open Windows Deployment Services from Windows Administrative Tools.
- Expand Servers and right-click a WDS server.
- Open its properties and clear the Enable Variable Window Extension box on the TFTP tab.
Option 3:Set the following registry value to 0:HKLM\\System\\CurrentControlSet\\Services\\WDSServer\\Providers\\WDSTFTP\\EnableVariableWindowExtensionRestart the WDSServer service after disabling the Variable Window Extension.Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topOS Build 14393.2848
March 12, 2019
KB4489882Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PTCustom URI schemes may not start corresponding application After installing KB4489882, Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493473.
Back to topOS Build 14393.2848
March 12, 2019
KB4489882Resolved
KB4493473Resolved:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PTEnd-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493470.
Back to topOS Build 14393.2879
March 19, 2019
KB4489889Resolved
KB4493470Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 19, 2019
10:00 AM PT
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493470.
Back to topOS Build 14393.2791
February 12, 2019
KB4487026Resolved
KB4493470Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT
+ " + +- title: November 2018 +- items: + - type: markdown + text: " +Details Originating update Status History Certain operations performed on a Cluster Shared Volume may fail Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: Do one of the following:- Perform the operation from a process that has administrator privilege.
- Perform the operation from a node that doesn’t have CSV ownership.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topOS Build 14393.2724
January 08, 2019
KB4480961Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PTInternet Explorer 11 authentication issue with multiple concurrent logons After installing KB4480961, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:- Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue was resolved in KB4493470.
Back to topOS Build 14393.2724
January 08, 2019
KB4480961Resolved
KB4493470Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTMSXML6 may cause applications to stop responding After installing KB4480961, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493470.
Back to topOS Build 14393.2724
January 08, 2019
KB4480961Resolved
KB4493470Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT
+ " diff --git a/windows/release-information/status-windows-10-1703.yml b/windows/release-information/status-windows-10-1703.yml new file mode 100644 index 0000000000..10d69d6cc5 --- /dev/null +++ b/windows/release-information/status-windows-10-1703.yml @@ -0,0 +1,105 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Windows 10, version 1703 +metadata: + document_id: + title: Windows 10, version 1703 + description: View annoucements and review known issues and fixes for Windows 10 version 1703 + keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + Find information on known issues for Windows 10, version 1703. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s). + + " + +- items: + - type: list + style: cards + className: cardsM + columns: 3 + items: + + - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540 + html: Read the announcement > + image: + src: https://docs.microsoft.com//media/common/i_deploy.svg + title: Windows 10, version 1809 designated for broad deployment + - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency + html: Find out more > + image: + src: https://docs.microsoft.com/media/common/i_whats-new.svg + title: Improvements to the Windows 10 update experience are coming + - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience + html: Learn about our approach > + image: + src: https://docs.microsoft.com/media/common/i_investigate.svg + title: How do we measure and improve the quality of Windows? +- items: + - type: markdown + text: " + + " +- items: + - type: markdown + text: " +Details Originating update Status History Cluster service may fail if the minimum password length is set to greater than 14 After installing KB4467684, the cluster service may fail to start with the error \"2245 (NERR_PasswordTooShort)\" if the Group Policy \"Minimum Password Length\" is configured with greater than 14 characters.Affected platforms:- Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server 2016
Workaround: Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topOS Build 14393.2639
November 27, 2018
KB4467684Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
November 27, 2018
10:00 AM PTSCVMM cannot enumerate and manage logical switches deployed on the host For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host after installing KB4467684.Additionally, if you do not follow the best practices, a stop error may occur in vfpext.sys on the hosts.Affected platforms:- Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server 2016
Workaround:Run mofcomp on the following mof files on the affected host:- Scvmmswitchportsettings.mof
- VMMDHCPSvr.mof
Follow the best practices while patching to avoid a stop error in vfpext.sys in an SDN v2 environment (NC managed hosts).
Back to topOS Build 14393.2639
November 27, 2018
KB4467684Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
November 27, 2018
10:00 AM PTWindows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM After installing KB4467691, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.Affected platforms:- Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server 2016
Workaround: Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.Next steps: Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.
Back to topOS Build 14393.2608
November 13, 2018
KB4467691Mitigated Last updated:
February 19, 2019
10:00 AM PT
Opened:
November 13, 2018
10:00 AM PT
+ " + +- title: Known issues +- items: + - type: markdown + text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Last updated Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details >OS Build 15063.1563
January 08, 2019
KB4480973Mitigated April 25, 2019
02:00 PM PTCustom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details >OS Build 15063.1689
March 12, 2019
KB4489871Resolved
KB4493436April 25, 2019
02:00 PM PTEnd-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details >OS Build 15063.1716
March 19, 2019
KB4489888Resolved
KB4493474April 09, 2019
10:00 AM PTMSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details >OS Build 15063.1563
January 08, 2019
KB4480973Resolved
KB4493474April 09, 2019
10:00 AM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >OS Build 15063.1631
February 12, 2019
KB4487020Resolved
KB4493474April 09, 2019
10:00 AM PT++ " +- title: March 2019 +- items: + - type: markdown + text: " +
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Custom URI schemes may not start corresponding application After installing KB4489871, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493436.
Back to topOS Build 15063.1689
March 12, 2019
KB4489871Resolved
KB4493436Resolved:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PTEnd-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493474.
Back to topOS Build 15063.1716
March 19, 2019
KB4489888Resolved
KB4493474Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 19, 2019
10:00 AM PT
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493474.
Back to topOS Build 15063.1631
February 12, 2019
KB4487020Resolved
KB4493474Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT
+ " diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml new file mode 100644 index 0000000000..abdaf311b0 --- /dev/null +++ b/windows/release-information/status-windows-10-1709.yml @@ -0,0 +1,117 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Windows 10, version 1709 and Windows Server, version 1709 +metadata: + document_id: + title: Windows 10, version 1709 and Windows Server, version 1709 + description: View annoucements and review known issues and fixes for Windows 10 version 1709 and Windows Server 1709 + keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + Find information on known issues for Windows 10, version 1709 and Windows Server, version 1709. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s). + + " + +- items: + - type: list + style: cards + className: cardsM + columns: 3 + items: + + - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540 + html: Read the announcement > + image: + src: https://docs.microsoft.com//media/common/i_deploy.svg + title: Windows 10, version 1809 designated for broad deployment + - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency + html: Find out more > + image: + src: https://docs.microsoft.com/media/common/i_whats-new.svg + title: Improvements to the Windows 10 update experience are coming + - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience + html: Learn about our approach > + image: + src: https://docs.microsoft.com/media/common/i_investigate.svg + title: How do we measure and improve the quality of Windows? +- items: + - type: markdown + text: " + + " +- items: + - type: markdown + text: " +Details Originating update Status History Certain operations performed on a Cluster Shared Volume may fail Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: Do one of the following:- Perform the operation from a process that has administrator privilege.
- Perform the operation from a node that doesn’t have CSV ownership.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topOS Build 15063.1563
January 08, 2019
KB4480973Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PTMSXML6 may cause applications to stop responding After installing KB4480973, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493474.
Back to topOS Build 15063.1563
January 08, 2019
KB4480973Resolved
KB4493474Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT
+ " + +- title: Known issues +- items: + - type: markdown + text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Last updated Zone transfers over TCP may fail
Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.
See details >OS Build 16299.1127
April 25, 2019
KB4493440Investigating April 25, 2019
02:00 PM PTCertain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details >OS Build 16299.904
January 08, 2019
KB4480978Mitigated April 25, 2019
02:00 PM PTCustom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details >OS Build 16299.1029
March 12, 2019
KB4489886Resolved
KB4493440April 25, 2019
02:00 PM PTEnd-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details >OS Build 16299.1059
March 19, 2019
KB4489890Resolved
KB4493441April 09, 2019
10:00 AM PTMSXML6 causes applications to stop responding if an exception was thrown
MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details >OS Build 16299.904
January 08, 2019
KB4480978Resolved
KB4493441April 09, 2019
10:00 AM PTStop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.
See details >OS Build 16299.1029
March 12, 2019
KB4489886Resolved
KB4493441April 09, 2019
10:00 AM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >OS Build 16299.967
February 12, 2019
KB4486996Resolved
KB4493441April 09, 2019
10:00 AM PT++ " +- title: April 2019 +- items: + - type: markdown + text: " +
+ " + +- title: March 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Zone transfers over TCP may fail Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail after installing KB4493440.Affected platforms:- Client: Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topOS Build 16299.1127
April 25, 2019
KB4493440Investigating Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 25, 2019
02:00 PM PT
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Custom URI schemes may not start corresponding application After installing KB4489886, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493440.
Back to topOS Build 16299.1029
March 12, 2019
KB4489886Resolved
KB4493440Resolved:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PTEnd-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue is resolved in KB4493441.
Back to topOS Build 16299.1059
March 19, 2019
KB4489890Resolved
KB4493441Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 19, 2019
10:00 AM PTStop error when attempting to start SSH from WSL After applying KB4489886, a stop error occurs when attempting to start the Secure Shell (SSH) client program from Windows Subsystem for Linux (WSL) with agent forwarding enabled using a command line switch (ssh –A) or a configuration setting.Affected platforms:- Client: Windows 10, version 1803; Windows 10, version 1709
- Server: Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue is resolved in KB4493441.
Back to topOS Build 16299.1029
March 12, 2019
KB4489886Resolved
KB4493441Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493441.
Back to topOS Build 16299.967
February 12, 2019
KB4486996Resolved
KB4493441Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT
+ " diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml new file mode 100644 index 0000000000..3e58d9c048 --- /dev/null +++ b/windows/release-information/status-windows-10-1803.yml @@ -0,0 +1,122 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Windows 10, version 1803 +metadata: + document_id: + title: Windows 10, version 1803 + description: View annoucements and review known issues and fixes for Windows 10 version 1803 + keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + Find information on known issues for Windows 10, version 1803. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s). + + " + +- items: + - type: list + style: cards + className: cardsM + columns: 3 + items: + + - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540 + html: Read the announcement > + image: + src: https://docs.microsoft.com//media/common/i_deploy.svg + title: Windows 10, version 1809 designated for broad deployment + - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency + html: Find out more > + image: + src: https://docs.microsoft.com/media/common/i_whats-new.svg + title: Improvements to the Windows 10 update experience are coming + - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience + html: Learn about our approach > + image: + src: https://docs.microsoft.com/media/common/i_investigate.svg + title: How do we measure and improve the quality of Windows? +- items: + - type: markdown + text: " + + " +- items: + - type: markdown + text: " +Details Originating update Status History Certain operations performed on a Cluster Shared Volume may fail Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: Do one of the following:- Perform the operation from a process that has administrator privilege.
- Perform the operation from a node that doesn’t have CSV ownership.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topOS Build 16299.904
January 08, 2019
KB4480978Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PTMSXML6 causes applications to stop responding if an exception was thrown After installing KB4480978, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493441.
Back to topOS Build 16299.904
January 08, 2019
KB4480978Resolved
KB4493441Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT
+ " + +- title: Known issues +- items: + - type: markdown + text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Last updated Zone transfers over TCP may fail
Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.
See details >OS Build 17134.753
April 25, 2019
KB4493437Investigating April 25, 2019
02:00 PM PTIssue using PXE to start a device from WDS
Using PXE to start a device from a WDS server configured to use Variable Window Extension may cause the connection to the WDS server to terminate prematurely.
See details >OS Build 17134.648
March 12, 2019
KB4489868Mitigated April 25, 2019
02:00 PM PTCertain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details >OS Build 17134.523
January 08, 2019
KB4480966Mitigated April 25, 2019
02:00 PM PTCustom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details >OS Build 17134.648
March 12, 2019
KB4489868Resolved
KB4493437April 25, 2019
02:00 PM PTEnd-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details >OS Build 17134.677
March 19, 2019
KB4489894Resolved
KB4493464April 09, 2019
10:00 AM PTFirst character of the Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details >OS Build 17134.556
January 15, 2019
KB4480976Resolved
KB4487029April 09, 2019
10:00 AM PTMSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details >OS Build 17134.523
January 08, 2019
KB4480966Resolved
KB4493464April 09, 2019
10:00 AM PTStop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.
See details >OS Build 17134.648
March 12, 2019
KB4489868Resolved
KB4493464April 09, 2019
10:00 AM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >OS Build 17134.590
February 12, 2019
KB4487017Resolved
KB4493464April 09, 2019
10:00 AM PT++ " +- title: April 2019 +- items: + - type: markdown + text: " +
+ " + +- title: March 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Zone transfers over TCP may fail Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail after installing KB4493437.Affected platforms:- Client: Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topOS Build 17134.753
April 25, 2019
KB4493437Investigating Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 25, 2019
02:00 PM PT
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Issue using PXE to start a device from WDS After installing KB4489868, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options:Option 1:Open an Administrator Command prompt and type the following:Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No +
Option 2:Use the Windows Deployment Services UI to make the following adjustment:- Open Windows Deployment Services from Windows Administrative Tools.
- Expand Servers and right-click a WDS server.
- Open its properties and clear the Enable Variable Window Extension box on the TFTP tab.
Option 3:Set the following registry value to 0:HKLM\\System\\CurrentControlSet\\Services\\WDSServer\\Providers\\WDSTFTP\\EnableVariableWindowExtensionRestart the WDSServer service after disabling the Variable Window Extension.Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topOS Build 17134.648
March 12, 2019
KB4489868Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PTCustom URI schemes may not start corresponding application After installing KB4489868, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493437.
Back to topOS Build 17134.648
March 12, 2019
KB4489868Resolved
KB4493437Resolved:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PTEnd-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493464.
Back to topOS Build 17134.677
March 19, 2019
KB4489894Resolved
KB4493464Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 19, 2019
10:00 AM PTStop error when attempting to start SSH from WSL After applying KB4489868, a stop error occurs when attempting to start the Secure Shell (SSH) client program from Windows Subsystem for Linux (WSL) with agent forwarding enabled using a command line switch (ssh -A) or a configuration setting.Affected platforms:- Client: Windows 10, version 1803; Windows 10, version 1709
- Server: Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue was resolved in KB4493464.
Back to topOS Build 17134.648
March 12, 2019
KB4489868Resolved
KB4493464Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493464.
Back to topOS Build 17134.590
February 12, 2019
KB4487017Resolved
KB4493464Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT
+ " diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml new file mode 100644 index 0000000000..bc2c08ed65 --- /dev/null +++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml @@ -0,0 +1,149 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Windows 10, version 1809 and Windows Server 2019 +metadata: + document_id: + title: Windows 10, version 1809 and Windows Server 2019 + description: View annoucements and review known issues and fixes for Windows 10 version 1809 and Windows Server 2019 + keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + Find information on known issues and the status of the rollout for Windows 10, version 1809 and Windows Server 2019. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s). + +Details Originating update Status History Certain operations performed on a Cluster Shared Volume may fail Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: Do one of the following:- Perform the operation from a process that has administrator privilege.
- Perform the operation from a node that doesn’t have CSV ownership.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topOS Build 17134.523
January 08, 2019
KB4480966Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PTFirst character of the Japanese era name not recognized After installing KB4480976, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487029.
Back to topOS Build 17134.556
January 15, 2019
KB4480976Resolved
KB4487029Resolved:
February 19, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PTMSXML6 may cause applications to stop responding After installing KB4480966, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493464.
Back to topOS Build 17134.523
January 08, 2019
KB4480966Resolved
KB4493464Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT
+ + " + +- items: + - type: list + style: cards + className: cardsM + columns: 3 + items: + + - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540 + html: Read the announcement > + image: + src: https://docs.microsoft.com//media/common/i_deploy.svg + title: Windows 10, version 1809 designated for broad deployment + - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency + html: Find out more > + image: + src: https://docs.microsoft.com/media/common/i_whats-new.svg + title: Improvements to the Windows 10 update experience are coming + - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience + html: Learn about our approach > + image: + src: https://docs.microsoft.com/media/common/i_investigate.svg + title: How do we measure and improve the quality of Windows? +- items: + - type: markdown + text: " + + " +- items: + - type: markdown + text: " ++ Current status:
+ Windows 10, version 1809 is designated for broad deployment and available for any user who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel. +
+ " + +- title: Known issues +- items: + - type: markdown + text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Last updated Latest cumulative update (KB 4495667) installs automatically
Reports that the optional cumulative update (KB 4495667) installs automatically.
See details >OS Build 17763.475
May 03, 2019
KB4495667Mitigated May 05, 2019
12:01 PM PTDevices with some Asian language packs installed may receive an error
After installing the KB4493509 devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_F
See details >OS Build 17763.437
April 09, 2019
KB4493509Mitigated May 03, 2019
10:59 AM PTPrinting from Microsoft Edge or other UWP apps, you may receive the error 0x80070007
Attempting to print from Microsoft Edge or other Universal Windows Platform (UWP) applications, you may receive an error.
See details >OS Build 17763.379
March 12, 2019
KB4489899Mitigated May 02, 2019
04:47 PM PTSystem may be unresponsive after restart if ArcaBit antivirus software installed
Devices with ArcaBit antivirus software installed may become unresponsive upon restart.
See details >OS Build 17763.437
April 09, 2019
KB4493509Mitigated April 25, 2019
02:00 PM PTIssue using PXE to start a device from WDS
Using PXE to start a device from a WDS server configured to use Variable Window Extension may cause the connection to the WDS server to terminate prematurely.
See details >OS Build 17763.379
March 12, 2019
KB4489899Mitigated April 09, 2019
10:00 AM PTCertain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details >OS Build 17763.253
January 08, 2019
KB4480116Mitigated April 09, 2019
10:00 AM PTAudio not working on monitors or TV connected to a PC via HDMI, USB, or DisplayPort
Upgrade block: Microsoft has identified issues with certain new Intel display drivers, which accidentally turn on unsupported features in Windows.
See details >OS Build 17763.134
November 13, 2018
KB4467708Mitigated March 15, 2019
12:00 PM PTCustom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details >OS Build 17763.379
March 12, 2019
KB4489899Resolved
KB4495667May 03, 2019
12:40 PM PTEnd-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details >OS Build 17763.404
April 02, 2019
KB4490481Resolved
KB4493509April 09, 2019
10:00 AM PTInternet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details >OS Build 17763.253
January 08, 2019
KB4480116Resolved
KB4493509April 09, 2019
10:00 AM PTMSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details >OS Build 17763.253
January 08, 2019
KB4480116Resolved
KB4493509April 09, 2019
10:00 AM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >OS Build 17763.316
February 12, 2019
KB4487044Resolved
KB4493509April 09, 2019
10:00 AM PT++ " +- title: May 2019 +- items: + - type: markdown + text: " +
+ " + +- title: April 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Latest cumulative update (KB 4495667) installs automatically Due to a servicing side issue some users were offered 4495667 (optional update) automatically. This issue has been mitigated.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Next steps: This issue has been mitigated on the servicing side to prevent auto installing of this update. Customers do not need to take any action.
Back to topOS Build 17763.475
May 03, 2019
KB4495667Mitigated Last updated:
May 05, 2019
12:01 PM PT
Opened:
May 05, 2019
12:01 PM PTDevices with some Asian language packs installed may receive an error After installing the April 2019 Cumulative Update (KB4493509), devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\"Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Workaround:- Uninstall and reinstall any recently added language packs. For instructions, see \"Manage the input and display language settings in Windows 10\".
- Click Check for Updates and install the April 2019 Cumulative Update. For instructions, see \"Update Windows 10\".
Note: If reinstalling the language pack does not mitigate the issue, reset your PC as follows:- Go to Settings app -> Recovery.
- Click on Get Started under \"Reset this PC\" recovery option.
- Select \"Keep my Files\".
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topOS Build 17763.437
April 09, 2019
KB4493509Mitigated Last updated:
May 03, 2019
10:59 AM PT
Opened:
May 02, 2019
04:36 PM PTPrinting from Microsoft Edge or other UWP apps, you may receive the error 0x80070007 When attempting to print from Microsoft Edge or other Universal Windows Platform (UWP) applications you may receive the error, \"Your printer has experienced an unexpected configuration problem. 0x80070007e.\"Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Workaround: You can use another browser, such as Internet Explorer to print your documents.Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topOS Build 17763.379
March 12, 2019
KB4489899Mitigated Last updated:
May 02, 2019
04:47 PM PT
Opened:
May 02, 2019
04:47 PM PT
+ " + +- title: March 2019 +- items: + - type: markdown + text: " +Details Originating update Status History System may be unresponsive after restart if ArcaBit antivirus software installed Microsoft and ArcaBit have identified an issue on devices with ArcaBit antivirus software installed that may cause the system to become unresponsive upon restart after installing KB4493509.Microsoft has temporarily blocked devices from receiving this update if ArcaBit antivirus software is installed.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Workaround: ArcaBit has released an update to address this issue. For more information, see the Arcabit support article.
Back to topOS Build 17763.437
April 09, 2019
KB4493509Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PTEnd-user-defined characters (EUDC) may cause blue screen at startup If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup. This is not a common setting in non-Asian regions.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016
Resolution: This issue was resolved in KB4493509.
Back to topOS Build 17763.404
April 02, 2019
KB4490481Resolved
KB4493509Resolved:
April 09, 2019
10:00 AM PT
Opened:
April 02, 2019
10:00 AM PT
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Issue using PXE to start a device from WDS After installing KB4489899, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options:Option 1:Open an Administrator Command prompt and type the following:Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No +
Option 2:Use the Windows Deployment Services UI to make the following adjustment:- Open Windows Deployment Services from Windows Administrative Tools.
- Expand Servers and right-click a WDS server.
- Open its properties and clear the Enable Variable Window Extension box on the TFTP tab.
Option 3:Set the following registry value to 0:HKLM\\System\\CurrentControlSet\\Services\\WDSServer\\Providers\\WDSTFTP\\EnableVariableWindowExtensionRestart the WDSServer service after disabling the Variable Window Extension.Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topOS Build 17763.379
March 12, 2019
KB4489899Mitigated Last updated:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PTCustom URI schemes may not start corresponding application After installing KB4489899, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Workaround: Right-click the URL link to open it in a new window or tab, or enable Protected Mode in Internet Explorer for local intranet and trusted sites- Go to Tools > Internet options > Security.
- Within Select a zone to view of change security settings, select Local intranet and then select Enable Protected Mode.
- Select Trusted Sites and then select Enable Protected Mode.
- Select OK.
You must restart the browser after making these changes.Resolution: This issue is resolved in KB4495667.
Back to topOS Build 17763.379
March 12, 2019
KB4489899Resolved
KB4495667Resolved:
May 03, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493509.
Back to topOS Build 17763.316
February 12, 2019
KB4487044Resolved
KB4493509Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT
+ " + +- title: November 2018 +- items: + - type: markdown + text: " +Details Originating update Status History Certain operations performed on a Cluster Shared Volume may fail Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: Do one of the following:- Perform the operation from a process that has administrator privilege.
- Perform the operation from a node that doesn’t have CSV ownership.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topOS Build 17763.253
January 08, 2019
KB4480116Mitigated Last updated:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTInternet Explorer 11 authentication issue with multiple concurrent logons After installing KB4480116, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:- Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue was resolved in KB4493509.
Back to topOS Build 17763.253
January 08, 2019
KB4480116Resolved
KB4493509Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTMSXML6 may cause applications to stop responding After installing KB4480116, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493509.
Back to topOS Build 17763.253
January 08, 2019
KB4480116Resolved
KB4493509Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT
+ " diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml new file mode 100644 index 0000000000..a15923a007 --- /dev/null +++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml @@ -0,0 +1,123 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Windows 7 and Windows Server 2008 R2 SP1 +metadata: + document_id: + title: Windows 7 and Windows Server 2008 R2 SP1 + description: View annoucements and review known issues and fixes for Windows 7 and Windows Server 2008 R2 SP1 + keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + Find information on known issues for Windows 7 and Windows Server 2008 R2 SP1. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s). + + " + +- items: + - type: list + style: cards + className: cardsM + columns: 3 + items: + + - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540 + html: Read the announcement > + image: + src: https://docs.microsoft.com//media/common/i_deploy.svg + title: Windows 10, version 1809 designated for broad deployment + - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency + html: Find out more > + image: + src: https://docs.microsoft.com/media/common/i_whats-new.svg + title: Improvements to the Windows 10 update experience are coming + - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience + html: Learn about our approach > + image: + src: https://docs.microsoft.com/media/common/i_investigate.svg + title: How do we measure and improve the quality of Windows? +- items: + - type: markdown + text: " + + " +- items: + - type: markdown + text: " +Details Originating update Status History Audio not working on monitors or TV connected to a PC via HDMI, USB, or DisplayPort Upgrade block: Microsoft has identified issues with certain new Intel display drivers. Intel inadvertently released versions of its display driver (versions 24.20.100.6344, 24.20.100.6345) to OEMs that accidentally turned on unsupported features in Windows.As a result, after updating to Windows 10, version 1809, audio playback from a monitor or television connected to a PC via HDMI, USB-C, or a DisplayPort may not function correctly on devices with these drivers.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Next steps: Intel has released updated drivers to OEM device manufacturers. OEMs need to make the updated driver available via Windows Update.For more information, see the Intel Customer Support article.Note: This Intel display driver issue is different from the Intel Smart Sound Technology driver (version 09.21.00.3755) audio issue previously documented.
Back to topOS Build 17763.134
November 13, 2018
KB4467708Mitigated Last updated:
March 15, 2019
12:00 PM PT
Opened:
November 13, 2018
10:00 AM PT
+ " + +- title: Known issues +- items: + - type: markdown + text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Last updated System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.
See details >April 09, 2019
KB4493472Mitigated May 03, 2019
08:50 AM PTAuthentication may fail for services after the Kerberos ticket expires
Authentication may fail for services that require unconstrained delegation after the Kerberos ticket expires.
See details >March 12, 2019
KB4489878Mitigated April 25, 2019
02:00 PM PTSystem unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.
See details >April 09, 2019
KB4493472Mitigated April 25, 2019
02:00 PM PTSystem may be unresponsive after restart if ArcaBit antivirus software installed
Devices with ArcaBit antivirus software installed may become unresponsive upon restart.
See details >April 09, 2019
KB4493472Mitigated April 25, 2019
02:00 PM PTSystem may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.
See details >April 09, 2019
KB4493472Mitigated April 25, 2019
02:00 PM PTDevices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.
See details >April 09, 2019
KB4493472Resolved April 25, 2019
02:00 PM PTInternet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details >January 08, 2019
KB4480970Resolved
KB4493472April 09, 2019
10:00 AM PTCustom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details >March 12, 2019
KB4489878Resolved
KB4493472April 09, 2019
10:00 AM PTNETDOM.EXE fails to run
NETDOM.EXE fails to run and the error, “The command failed to complete successfully.” appears on screen.
See details >March 12, 2019
KB4489878Resolved
KB4493472April 09, 2019
10:00 AM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >February 12, 2019
KB4486563Resolved
KB4493472April 09, 2019
10:00 AM PT++ " +- title: April 2019 +- items: + - type: markdown + text: " +
+ " + +- title: March 2019 +- items: + - type: markdown + text: " +Details Originating update Status History System may be unresponsive after restart if Avira antivirus software installed Microsoft and Avira have identified an issue on devices with Avira antivirus software installed that may cause the system to become unresponsive upon restart after installing KB4493472.Microsoft has temporarily blocked devices from receiving this update if Avira antivirus software is installed.Affected platforms:- Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Next steps: Avira has released an automatic update to address this issue. Guidance for Avira customers can be found in the Avira support article.
Back to topApril 09, 2019
KB4493472Mitigated Last updated:
May 03, 2019
08:50 AM PT
Opened:
April 09, 2019
10:00 AM PTSystem unresponsive after restart if Sophos Endpoint Protection installed Microsoft and Sophos have identified an issue on devices with Sophos Endpoint Protection installed and managed by either Sophos Central or Sophos Enterprise Console (SEC) that may cause the system to become unresponsive upon restart after installing KB4493472.Microsoft has temporarily blocked devices from receiving this update if the Sophos Endpoint is installed until a solution is available.Affected platforms:- Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Guidance for Sophos Endpoint and Sophos Enterprise Console customers can be found in the Sophos support article.
Back to topApril 09, 2019
KB4493472Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PTSystem may be unresponsive after restart if ArcaBit antivirus software installed Microsoft and ArcaBit have identified an issue on devices with ArcaBit antivirus software installed that may cause the system to become unresponsive upon restart after installing KB4493472.Microsoft has temporarily blocked devices from receiving this update if ArcaBit antivirus software is installed.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Workaround: ArcaBit has released an update to address this issue. For more information, see the Arcabit support article.
Back to topApril 09, 2019
KB4493472Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PTSystem may be unresponsive after restart with certain McAfee antivirus products Microsoft and McAfee have identified an issue on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or McAfee VirusScan Enterprise (VSE) 8.8 installed. It may cause the system to have slow startup or become unresponsive at restart after installing this update.Affected platforms:- Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1
Workaround: Guidance for McAfee customers can be found in the following McAfee support articles:- McAfee Security (ENS) Threat Prevention 10.x
- McAfee Host Intrusion Prevention (Host IPS) 8.0
- McAfee VirusScan Enterprise (VSE) 8.8
Next steps: We are presently investigating this issue with McAfee. We will provide an update once we have more information.
Back to topApril 09, 2019
KB4493472Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PTDevices may not respond at login or Welcome screen if running certain Avast software Microsoft and Avast have identified an issue on devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software after you install KB4493472 and restart. Devices may become unresponsive at the login or Welcome screen. Additionally, you may be unable to log in or log in after an extended period of time.Affected platforms:- Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: Avast has released emergency updates to address this issue. For more information and AV update schedule, see the Avast support KB article.
Back to topApril 09, 2019
KB4493472Resolved Resolved:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Authentication may fail for services after the Kerberos ticket expires After installing KB4489878, some customers report that authentication fails for services that require unconstrained delegation after the Kerberos ticket expires (the default is 10 hours). For example, the SQL server service fails.Affected platforms:- Client: Windows 7 SP1
- Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Workaround: To mitigate this issue, use one of the following options:- Option 1: Purge the Kerberos tickets on the application server. After the Kerberos ticket expires, the issue will occur again, and you must purge the tickets again.
- Option 2: If purging does not mitigate the issue, restart the application; for example, restart the Internet Information Services (IIS) app pool associated with the SQL server.
- Option 3: Use constrained delegation.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topMarch 12, 2019
KB4489878Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PTCustom URI schemes may not start corresponding application After installing KB4489878, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493472.
Back to topMarch 12, 2019
KB4489878Resolved
KB4493472Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PTNETDOM.EXE fails to run After installing KB4489878, NETDOM.EXE fails to run, and the on-screen error, “The command failed to complete successfully.” appears.Affected platforms:- Client: Windows 7 SP1
- Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493472.
Back to topMarch 12, 2019
KB4489878Resolved
KB4493472Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493472.
Back to topFebruary 12, 2019
KB4486563Resolved
KB4493472Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT
+ " diff --git a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml new file mode 100644 index 0000000000..75805707fb --- /dev/null +++ b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml @@ -0,0 +1,126 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Windows 8.1 and Windows Server 2012 R2 +metadata: + document_id: + title: Windows 8.1 and Windows Server 2012 R2 + description: View annoucements and review known issues and fixes for Windows 8.1 and Windows Server 2012 R2 + keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + Find information on known issues for Windows 8.1 and Windows Server 2012 R2. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s). + + " + +- items: + - type: list + style: cards + className: cardsM + columns: 3 + items: + + - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540 + html: Read the announcement > + image: + src: https://docs.microsoft.com//media/common/i_deploy.svg + title: Windows 10, version 1809 designated for broad deployment + - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency + html: Find out more > + image: + src: https://docs.microsoft.com/media/common/i_whats-new.svg + title: Improvements to the Windows 10 update experience are coming + - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience + html: Learn about our approach > + image: + src: https://docs.microsoft.com/media/common/i_investigate.svg + title: How do we measure and improve the quality of Windows? +- items: + - type: markdown + text: " + + " +- items: + - type: markdown + text: " +Details Originating update Status History Internet Explorer 11 authentication issue with multiple concurrent logons After installing KB4480970, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:- Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493472.
Back to topJanuary 08, 2019
KB4480970Resolved
KB4493472Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT
+ " + +- title: Known issues +- items: + - type: markdown + text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Last updated System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.
See details >April 09, 2019
KB4493446Mitigated May 03, 2019
08:50 AM PTIssue using PXE to start a device from WDS
There may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension.
See details >March 12, 2019
KB4489881Mitigated April 25, 2019
02:00 PM PTSystem unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.
See details >April 09, 2019
KB4493446Mitigated April 25, 2019
02:00 PM PTSystem may be unresponsive after restart if ArcaBit antivirus software installed
Devices with ArcaBit antivirus software installed may become unresponsive upon restart.
See details >April 09, 2019
KB4493446Mitigated April 25, 2019
02:00 PM PTCertain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.
See details >January 08, 2019
KB4480963Mitigated April 25, 2019
02:00 PM PTSystem may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.
See details >April 09, 2019
KB4493446Mitigated April 18, 2019
05:00 PM PTDevices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.
See details >April 09, 2019
KB4493446Resolved April 25, 2019
02:00 PM PTInternet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details >January 08, 2019
KB4480963Resolved
KB4493446April 09, 2019
10:00 AM PTMSXML6 may cause applications to stop responding.
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details >January 08, 2019
KB4480963Resolved
KB4493446April 09, 2019
10:00 AM PTCustom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details >March 12, 2019
KB4489881Resolved
KB4493446April 09, 2019
10:00 AM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >February 12, 2019
KB4487000Resolved
KB4493446April 09, 2019
10:00 AM PT++ " +- title: April 2019 +- items: + - type: markdown + text: " +
+ " + +- title: March 2019 +- items: + - type: markdown + text: " +Details Originating update Status History System may be unresponsive after restart if Avira antivirus software installed Microsoft and Avira have identified an issue on devices with Avira antivirus software installed that may cause the system to become unresponsive upon restart after installing KB4493446.Microsoft has temporarily blocked devices from receiving this update if Avira antivirus software is installed.Affected platforms:- Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Next steps: Avira has released an automatic update to address this issue. Guidance for Avira customers can be found in the Avira support article.
Back to topApril 09, 2019
KB4493446Mitigated Last updated:
May 03, 2019
08:50 AM PT
Opened:
April 09, 2019
10:00 AM PTSystem unresponsive after restart if Sophos Endpoint Protection installed Microsoft and Sophos have identified an issue on devices with Sophos Endpoint Protection installed and managed by either Sophos Central or Sophos Enterprise Console (SEC) that may cause the system to become unresponsive upon restart after installing KB4493446.Microsoft has temporarily blocked devices from receiving this update if the Sophos Endpoint is installed until a solution is available.Affected platforms:- Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Guidance for Sophos Endpoint and Sophos Enterprise Console customers can be found in the Sophos support article.
Back to topApril 09, 2019
KB4493446Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PTSystem may be unresponsive after restart if ArcaBit antivirus software installed Microsoft and ArcaBit have identified an issue on devices with ArcaBit antivirus software installed that may cause the system to become unresponsive upon restart after installing KB4493446.Microsoft has temporarily blocked devices from receiving this update if ArcaBit antivirus software is installed.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Workaround: ArcaBit has released an update to address this issue. For more information, see the Arcabit support article.
Back to topApril 09, 2019
KB4493446Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PTSystem may be unresponsive after restart with certain McAfee antivirus products Microsoft and McAfee have identified an issue on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or McAfee VirusScan Enterprise (VSE) 8.8 installed. It may cause the system to have slow startup or become unresponsive at restart after installing this update.Affected platforms:- Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1
Workaround: Guidance for McAfee customers can be found in the following McAfee support articles:- McAfee Security (ENS) Threat Prevention 10.x
- McAfee Host Intrusion Prevention (Host IPS) 8.0
- McAfee VirusScan Enterprise (VSE) 8.8
Next steps: We are presently investigating this issue with McAfee. We will provide an update once we have more information.
Back to topApril 09, 2019
KB4493446Mitigated Last updated:
April 18, 2019
05:00 PM PT
Opened:
April 09, 2019
10:00 AM PTDevices may not respond at login or Welcome screen if running certain Avast software Microsoft and Avast have identified an issue on devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software after you install KB4493446 and restart. Devices may become unresponsive at the login or Welcome screen. Additionally, you may be unable to log in or log in after an extended period of time.Affected platforms:- Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: Avast has released emergency updates to address this issue. For more information and AV update schedule, see the Avast support KB article.
Back to topApril 09, 2019
KB4493446Resolved Resolved:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Issue using PXE to start a device from WDS After installing KB4489881, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options:Option 1:Open an Administrator Command prompt and type the following:Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No +
Option 2:Use the Windows Deployment Services UI to make the following adjustment:- Open Windows Deployment Services from Windows Administrative Tools.
- Expand Servers and right-click a WDS server.
- Open its properties and clear the Enable Variable Window Extension box on the TFTP tab.
Option 3:Set the following registry value to 0:HKLM\\System\\CurrentControlSet\\Services\\WDSServer\\Providers\\WDSTFTP\\EnableVariableWindowExtensionRestart the WDSServer service after disabling the Variable Window Extension.Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topMarch 12, 2019
KB4489881Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PTCustom URI schemes may not start corresponding application After installing KB4489881, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493446.
Back to topMarch 12, 2019
KB4489881Resolved
KB4493446Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493446.
Back to topFebruary 12, 2019
KB4487000Resolved
KB4493446Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT
+ " diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml new file mode 100644 index 0000000000..102f665769 --- /dev/null +++ b/windows/release-information/status-windows-server-2008-sp2.yml @@ -0,0 +1,105 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Windows Server 2008 SP2 +metadata: + document_id: + title: Windows Server 2008 SP2 + description: View annoucements and review known issues and fixes for Windows Server 2008 SP2 + keywords: Windows, Windows 10, issues, fixes, announcements, Windows Server, advisories + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + Find information on known issues for Windows Server 2008 SP2. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s). + + " + +- items: + - type: list + style: cards + className: cardsM + columns: 3 + items: + + - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540 + html: Read the announcement > + image: + src: https://docs.microsoft.com//media/common/i_deploy.svg + title: Windows 10, version 1809 designated for broad deployment + - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency + html: Find out more > + image: + src: https://docs.microsoft.com/media/common/i_whats-new.svg + title: Improvements to the Windows 10 update experience are coming + - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience + html: Learn about our approach > + image: + src: https://docs.microsoft.com/media/common/i_investigate.svg + title: How do we measure and improve the quality of Windows? +- items: + - type: markdown + text: " + + " +- items: + - type: markdown + text: " +Details Originating update Status History Certain operations performed on a Cluster Shared Volume may fail Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: Do one of the following:- Perform the operation from a process that has administrator privilege.
- Perform the operation from a node that doesn’t have CSV ownership.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topJanuary 08, 2019
KB4480963Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PTInternet Explorer 11 authentication issue with multiple concurrent logons After installing KB4480963, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:- Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493446.
Back to topJanuary 08, 2019
KB4480963Resolved
KB4493446Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTMSXML6 may cause applications to stop responding. After installing KB4480963, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493446.
Back to topJanuary 08, 2019
KB4480963Resolved
KB4493446Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT
+ " + +- title: Known issues +- items: + - type: markdown + text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Last updated System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.
See details >April 09, 2019
KB4493471Mitigated May 03, 2019
08:51 AM PTSystem unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.
See details >April 09, 2019
KB4493471Mitigated April 25, 2019
02:00 PM PTAuthentication may fail for services after the Kerberos ticket expires
Authentication may fail for services that require unconstrained delegation after the Kerberos ticket expires.
See details >March 12, 2019
KB4489880Mitigated April 25, 2019
02:00 PM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >February 12, 2019
KB4487023Resolved
KB4493471April 09, 2019
10:00 AM PTNETDOM.EXE fails to run
NETDOM.EXE fails to run and the error, “The command failed to complete successfully.” appears on screen.
See details >March 12, 2019
KB4489880Resolved
KB4493471April 09, 2019
10:00 AM PT++ " +- title: April 2019 +- items: + - type: markdown + text: " +
+ " + +- title: March 2019 +- items: + - type: markdown + text: " +Details Originating update Status History System may be unresponsive after restart if Avira antivirus software installed Microsoft and Avira have identified an issue on devices with Avira antivirus software installed that may cause the system to become unresponsive upon restart after installing KB4493471.Microsoft has temporarily blocked devices from receiving this update if Avira antivirus software is installed.Affected platforms:- Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Next steps: Avira has released an automatic update to address this issue. Guidance for Avira customers can be found in the Avira support article
Back to topApril 09, 2019
KB4493471Mitigated Last updated:
May 03, 2019
08:51 AM PT
Opened:
April 09, 2019
10:00 AM PTSystem unresponsive after restart if Sophos Endpoint Protection installed Microsoft and Sophos have identified an issue on devices with Sophos Endpoint Protection installed and managed by either Sophos Central or Sophos Enterprise Console (SEC) that may cause the system to become unresponsive upon restart after installing KB4493471.Microsoft has temporarily blocked devices from receiving this update if the Sophos Endpoint is installed until a solution is available.Affected platforms:- Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Guidance for Sophos Endpoint and Sophos Enterprise Console customers can be found in the Sophos support article.
Back to topApril 09, 2019
KB4493471Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Authentication may fail for services after the Kerberos ticket expires After installing KB4489880, some customers report that authentication fails for services that require unconstrained delegation after the Kerberos ticket expires (the default is 10 hours). For example, the SQL server service fails.Affected platforms:- Client: Windows 7 SP1
- Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Workaround: To mitigate this issue, use one of the following options:- Option 1: Purge the Kerberos tickets on the application server. After the Kerberos ticket expires, the issue will occur again, and you must purge the tickets again.
- Option 2: If purging does not mitigate the issue, restart the application; for example, restart the Internet Information Services (IIS) app pool associated with the SQL server.
- Option 3: Use constrained delegation.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topMarch 12, 2019
KB4489880Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PTNETDOM.EXE fails to run After installing KB4489880, NETDOM.EXE fails to run, and the on-screen error, “The command failed to complete successfully.” appears.Affected platforms:- Client: Windows 7 SP1
- Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493471.
Back to topMarch 12, 2019
KB4489880Resolved
KB4493471Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT
+ " diff --git a/windows/release-information/status-windows-server-2012.yml b/windows/release-information/status-windows-server-2012.yml new file mode 100644 index 0000000000..831a726f86 --- /dev/null +++ b/windows/release-information/status-windows-server-2012.yml @@ -0,0 +1,118 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Windows Server 2012 +metadata: + document_id: + title: Windows Server 2012 + description: View annoucements and review known issues and fixes for Windows Server 2012 + keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: +- items: + - type: markdown + text: " + Find information on known issues for Windows Server 2012. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s). + + " + +- items: + - type: list + style: cards + className: cardsM + columns: 3 + items: + + - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540 + html: Read the announcement > + image: + src: https://docs.microsoft.com//media/common/i_deploy.svg + title: Windows 10, version 1809 designated for broad deployment + - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency + html: Find out more > + image: + src: https://docs.microsoft.com/media/common/i_whats-new.svg + title: Improvements to the Windows 10 update experience are coming + - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience + html: Learn about our approach > + image: + src: https://docs.microsoft.com/media/common/i_investigate.svg + title: How do we measure and improve the quality of Windows? +- items: + - type: markdown + text: " + + " +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493471.
Back to topFebruary 12, 2019
KB4487023Resolved
KB4493471Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT
+ " + +- title: Known issues +- items: + - type: markdown + text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
+
+ " + +- title: Issue details +- items: + - type: markdown + text: " +Summary Originating update Status Last updated System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.
See details >April 09, 2019
KB4493451Mitigated May 03, 2019
08:51 AM PTIssue using PXE to start a device from WDS
There may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension.
See details >March 12, 2019
KB4489891Mitigated April 25, 2019
02:00 PM PTSystem unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.
See details >April 09, 2019
KB4493451Mitigated April 25, 2019
02:00 PM PTCertain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.
See details >January 08, 2019
KB4480975Mitigated April 25, 2019
02:00 PM PTInternet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details >January 08, 2019
KB4480975Resolved
KB4493451April 09, 2019
10:00 AM PTMSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details >January 08, 2019
KB4480975Resolved
KB4493451April 09, 2019
10:00 AM PTEmbedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details >February 12, 2019
KB4487025Resolved
KB4493451April 09, 2019
10:00 AM PT++ " +- title: April 2019 +- items: + - type: markdown + text: " +
+ " + +- title: March 2019 +- items: + - type: markdown + text: " +Details Originating update Status History System may be unresponsive after restart if Avira antivirus software installed Microsoft and Avira have identified an issue on devices with Avira antivirus software installed that may cause the system to become unresponsive upon restart after installing KB4493451.Microsoft has temporarily blocked devices from receiving this update if Avira antivirus software is installed.Affected platforms:- Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Next steps: Avira has released an automatic update to address this issue. Guidance for Avira customers can be found in the Avira support article.
Back to topApril 09, 2019
KB4493451Mitigated Last updated:
May 03, 2019
08:51 AM PT
Opened:
April 09, 2019
10:00 AM PTSystem unresponsive after restart if Sophos Endpoint Protection installed Microsoft and Sophos have identified an issue on devices with Sophos Endpoint Protection installed and managed by either Sophos Central or Sophos Enterprise Console (SEC) that may cause the system to become unresponsive upon restart after installing KB4493451.Microsoft has temporarily blocked devices from receiving this update if the Sophos Endpoint is installed until a solution is available.Affected platforms:- Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Guidance for Sophos Endpoint and Sophos Enterprise Console customers can be found in the Sophos support article.
Back to topApril 09, 2019
KB4493451Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
April 09, 2019
10:00 AM PT
+ " + +- title: February 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Issue using PXE to start a device from WDS After installing KB4489891, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options:Option 1:Open an Administrator Command prompt and type the following:Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No +
Option 2:Use the Windows Deployment Services UI to make the following adjustment:- Open Windows Deployment Services from Windows Administrative Tools.
- Expand Servers and right-click a WDS server.
- Open its properties and clear the Enable Variable Window Extension box on the TFTP tab.
Option 3:Set the following registry value to 0:HKLM\\System\\CurrentControlSet\\Services\\WDSServer\\Providers\\WDSTFTP\\EnableVariableWindowExtensionRestart the WDSServer service after disabling the Variable Window Extension.Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topMarch 12, 2019
KB4489891Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
March 12, 2019
10:00 AM PT
+ " + +- title: January 2019 +- items: + - type: markdown + text: " +Details Originating update Status History Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.Affected platforms- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493451.
Back to topFebruary 12, 2019
KB4487025Resolved
KB4493451Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT
+ " diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml new file mode 100644 index 0000000000..2a4ba41456 --- /dev/null +++ b/windows/release-information/windows-message-center.yml @@ -0,0 +1,97 @@ +### YamlMime:YamlDocument + +documentType: LandingData +title: Windows 10 message center +metadata: + document_id: + title: Windows 10 message center + description: Windows 10 message center + keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories + ms.localizationpriority: high + author: greg-lindsay + ms.author: greglin + manager: dougkim + ms.topic: article + ms.devlang: na + +sections: + +- items: + - type: list + style: cards + className: cardsM + columns: 2 + items: + + - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540 + html: Read the announcement > + image: + src: https://docs.microsoft.com//media/common/i_deploy.svg + title: Windows 10, version 1809 designated for broad deployment + - href: https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency + html: Find out more > + image: + src: https://docs.microsoft.com/media/common/i_whats-new.svg + title: Improvements to the Windows 10 update experience are coming + - href: https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience + html: Learn about our approach > + image: + src: https://docs.microsoft.com/media/common/i_investigate.svg + title: How do we measure and improve the quality of Windows? + - href: https://docs.microsoft.com/windows/windows-10/release-information + html: Visit the Windows 10 release information page > + image: + src: https://docs.microsoft.com/media/common/i_download-monitor.svg + title: Find a list of currently supported versions and previous releases + +- title: Recent announcements +- items: + - type: markdown + text: " +Details Originating update Status History Certain operations performed on a Cluster Shared Volume may fail Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: Do one of the following:- Perform the operation from a process that has administrator privilege.
- Perform the operation from a node that doesn’t have CSV ownership.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to topJanuary 08, 2019
KB4480975Mitigated Last updated:
April 25, 2019
02:00 PM PT
Opened:
January 08, 2019
10:00 AM PTInternet Explorer 11 authentication issue with multiple concurrent logons After installing KB4480975, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:- Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493451.
Back to topJanuary 08, 2019
KB4480975Resolved
KB4493451Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PTMSXML6 may cause applications to stop responding After installing KB4480975, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.Affected platforms:- Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493451.
Back to topJanuary 08, 2019
KB4480975Resolved
KB4493451Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT
+ " diff --git a/windows/security/docfx.json b/windows/security/docfx.json index 018d611769..961279662e 100644 --- a/windows/security/docfx.json +++ b/windows/security/docfx.json @@ -38,12 +38,18 @@ "ms.topic": "article", "feedback_system": "GitHub", "feedback_github_repo": "MicrosoftDocs/windows-itpro-docs", - "feedback_product_url": "https://support.microsoft.com/help/4021566/windows-10-send-feedback-to-microsoft-with-feedback-hub-app", - "ms.author": "justinha" + "feedback_product_url": "https://support.microsoft.com/help/4021566/windows-10-send-feedback-to-microsoft-with-feedback-hub-app", + "ms.author": "justinha", + "_op_documentIdPathDepotMapping": { + "./": { + "depot_name": "MSDN.security", + "folder_relative_path_in_docset": "./" + } + } }, "fileMetadata": {}, "template": [], "dest": "security", "markdownEngineName": "dfm" } -} \ No newline at end of file +} diff --git a/windows/security/identity-protection/access-control/active-directory-security-groups.md b/windows/security/identity-protection/access-control/active-directory-security-groups.md index 0b2f989db7..3b7f39ee7e 100644 --- a/windows/security/identity-protection/access-control/active-directory-security-groups.md +++ b/windows/security/identity-protection/access-control/active-directory-security-groups.md @@ -258,279 +258,286 @@ The following tables provide descriptions of the default groups that are locatedMessage Date Take action: Install servicing stack update for Windows Server 2008 SP2 for SHA-2 code sign support
A standalone update, KB4493730, that introduce SHA-2 code sign support for the servicing stack (SSU) was released today as a security update.April 19, 2019
10:00 AM PTThe benefits of Windows 10 Dynamic Update Dynamic Update can help organizations and end users alike ensure that their Windows 10 devices have the latest feature update content (as part of an in-place upgrade)—and preserve precious features on demand (FODs) and language packs (LPs) that may have been previously installed.
+ +Find out which components are updated by Dynamic Update, how Dynamic Update is initiated, and how to enable or disable it.April 17, 2019
11:26 AM PTImprovements to the Windows 10 update experience are coming
Find out about the changes coming to the Windows update process that will improve the experience, offer users more control, and improve the quality of Windows updates.April 04, 2019
09:00 AM PTTake action: review your Windows Update for Business deferral values If devices under your management are still running Windows 10 Pro or Windows 10 Pro for Workstations, version 1709, your devices will reach end of service on April 9, 2019 if you have configured both of the following Windows Update for Business policies:
+-
+
- Branch readiness is configured as Semi-Annual Channel (SAC) +
- Feature update deferral is configured as 274 days or more +
April 03, 2019
05:47 PM PTFind a list of currently supported versions and previous releases
Every Windows product has a lifecycle. The lifecycle begins when a product is released and ends when it is no longer serviced or supported. Knowing key dates in this lifecycle helps you make informed decisions about when to update, upgrade, or make other changes to your software. Check out the updated Windows 10 release information page for a list of current versions by servicing option as well as end of service dates.March 28, 2019
02:00 PM PTWindows 10, version 1809 designated for broad deployment
Based on the data and the feedback we’ve received from consumers, OEMs, ISVs, partners, and commercial customers, Windows 10, version 1809 has transitioned to broad deployment. With this, the Windows 10 release information page will now reflect Semi-Annual Channel (SAC) for version 1809.March 28, 2019
10:00 AM PTReminder: Additional servicing for the Windows 10 Enterprise, Education, and IoT Enterprise, version 1607 ends April 9, 2019 The additional servicing for Windows 10 Enterprise, Education, and IoT Enterprise editions ends on April 9, 2019 and doesn't extend beyond this date. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.Devices running Windows 10 Enterprise 2016 LTSB will continue to receive updates until October 2026 per the Fixed Lifecycle Policy. Windows 10, version 1607 devices running the Intel “Clovertrail” chipset will continue to receive updates until January 2023.March 12, 2019
10:00 AM PTReminder: Windows 10 Home, Pro, Pro for Workstations, and IoT Core, version 1709 will reach end of service on April 9, 2019 Windows 10, version 1709, will reach end of service on April 9, 2019 for devices running Windows 10 Home, Pro, Pro for Workstations, and IoT Core editions. These devices will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.Windows 10 Enterprise, Education, and IoT Enterprise editions will continue to receive servicing for 12 months at no cost per the lifecycle announcement on October 2018.March 12, 2019
10:00 AM PTTake action: Install standalone security updates to introduce SHA-2 code sign support for Windows 7 amd Windows Server 2008 R2
A standalone SHA-2 code signing support update for Windows Server 2008 R2 and Windows 7 is now available, as is a servicing stack update for Windows 7 SP1 and Windows Server 2008 R2 SP1 that includes the SHA-2 code signing support update.March 12, 2019
10:00 AM PTTake action: Install standalone update for WSUS 3.0 SP2 to support the delivery of SHA-2 signed updates
A standalone update, KB4484071 is available on Windows Update Catalog for WSUS 3.0 SP2 that supports delivering SHA-2 signed updates. For those customers using WSUS 3.0 SP2, this update should be manually installed no later than June 18, 2019.March 12, 2019
10:00 AM PTReminder: Final Delta update for Windows 10, version 1607, 1703, 1709, and 1803 will be April 9, 2019
March 12th and April 9th will be the last two Delta updates for Windows 10, version 1607, 1703, 1709, and 1803. Security and quality updates will continue to be available via the express and full cumulative update packages.March 12, 2019
10:00 AM PTHow do we measure and improve the quality of Windows? Measuring the quality of Windows is a complex undertaking that requires gathering a variety of diagnostic signals from millions of devices within the Windows ecosystem. In addition to rigorous internal testing, we rely heavily on the feedback provided through diagnostic data to detect and fix problems before we release new updates of Windows to the general population, and to monitor the impact of those updates after each release.
+ +Get insight into some of the practices we employ to measure and improve the quality of Windows.March 06, 2019
10:23 AM PTGetting to know the Windows update history pages Windows update history pages offer detailed information about each Windows update: the type of update, which operating systems it affects, the improvements and fixes included, and how to get the update. See how simple it is to use this important resource to access information for Windows 10, Windows Server 2019, and earlier versions of the Windows and Windows Server operating systems.February 21, 2019
06:37 PM PTShare your feedback: Windows update history
We read every comment you leave on our update history pages, and are always looking to improve these pages and the monthly knowledge base (KB) articles that accompany each monthly update. Take our survey and let us know how we can improve our transparency further and make these more compelling and useful to you and your organization.February 21, 2019
12:00 PM PTPlan for change: Windows Update for Business and the retirement of SAC-T
Beginning with Windows 10, version 1903 (the next feature update for Windows 10), the Windows 10 release information page will no longer list SAC-T information for version 1903 and future feature updates. Instead, you will find a single entry for each new SAC release. In addition, if you are using Windows Update for Business, you will see new UI and behavior to reflect that there is only one release date for each SAC release. If you use System Center Configuration Manager, Windows Server Update Services (WSUS), or other management tools, there will now only be one feature update published to WSUS, and this will occur at the time of release. Learn how this change will affect Windows Business for Update customers.February 14, 2019
12:00 PM PTChamps corner: Classifying Windows updates in common deployment tools
If you utilize automated update deployment tools, such as Windows Server Update Services (WSUS) or System Center Configuration Manager, you likely use automatic rules to streamline the approval and deployment of Windows updates. Using the correct update classification is, therefore, an important component of your organization’s device update process. Explore the options available and how to approach it in a WSUS or Configuration Manager environment.February 05, 2019
10:34 AM PTUpdate: Delta updates for Windows 10, version 1607, 1703, 1709, and 1803 will be available until April 9, 2019
Based on customer feedback, we are extending Delta update publication for Windows 10 versions 1607, 1703, 1709, and 1803. We will continue to provide Delta updates via the Microsoft Update Catalog through April 9th, 2019, which will be the last delta update available.February 05, 2019
09:00 AM PTGlobal DNS outage affecting Windows Update customers
Windows Update customers were affected by a network infrastructure event on January 29, 2019 (21:00 UTC), caused by an external DNS service provider’s global outage. A software update to the external provider’s DNS servers resulted in the distribution of corrupted DNS records that affected connectivity to the Windows Update service. The DNS records were restored by January 30, 2019 (00:10 UTC), and the majority of local Internet Service Providers (ISP) have refreshed their DNS servers and customer services have been restored.+ +While this was not an issue with Microsoft’s services, we take any service disruption for our customers seriously. We will work with partners to better understand this so we can provide higher quality service in the future even across diverse global network providers.+ +If you are still unable to connect to Windows Update services due to this problem, please contact your local ISP or network administrator. You can also refer to our new KB4493784 for more information to determine if your network is affected, and to provide your local ISP or network administrator with additional information to assist you.January 29, 2019
04:15 PM PTApplication compatibility in the Windows ecosystem
Our application ecosystem is incredibly diverse, encompassing tens of millions of applications (apps) with numerous versions, languages, architectures, services and configuration options. While our ecosystem is complex, our vision is simple. All apps on Windows devices should just work! Explore the various programs and technologies we use to improve application compatibility.January 15, 2019
10:00 AM PTModern desktop servicing: the year in review
2018 was a pivotal year for the modern desktop and the servicing transformation journey we have been taking with you and your organization. In this post, John Wilcox takes a look back and recaps the progress that has been made, highlighting significant events, and provideing nsight into what 2019 has in store.December 19, 2018
02:20 PM PTDriver quality in the Windows ecosystem
Ensuring Windows 10 works great with all the devices and accessories our customers use is a top priority. We work closely with this broad mix of partners to test new drivers, monitor health characteristics over time, and make Windows and our ecosystem more resilient architecturally. Our goal is to ensure that all the updates and drivers we deliver to non-Insider populations are validated and at production quality (including monthly optional releases) before pushing drivers broadly to all. Explore the driver distribution chain and learn how we measure driver quality and prevent conflicts.December 19, 2018
10:04 AM PTIntroducing the Modern Desktop podcast series
In this new podcast series, we'll explore the good, the bad, and, yes, the ugly of servicing and delivery for Windows 10 and Office 365 ProPlus. We'll talk about modern desktop management through Enterprise Mobility, security, and cloud-attached and co-managed environments. Listen to the first episode, in which we discuss monthly quality updates fpr Windows 10, the Microsoft 365 Stay Current pilot program, and interview a real customer to see how they ingest monthly updates in their organization.December 18, 2018
01:00 PM PTMeasuring Delivery Optimization and its impact to your network
If you've familiarized yourself with the configuration options for Delivery Optimization in Windows 10, and have started to configure the settings you feel will be the best fit for your organization’s network topology, now is the time to see how well those settings are working. This article provides tips on how evaluate performance at the device level or organization level.December 13, 2018
03:48 PM PTWindows monthly security and quality updates overview
Today’s global cybersecurity threats are both dynamic and sophisticated, and new vulnerabilities are discovered almost every day. We focus on protecting customers from these security threats by providing security updates on a timely basis and with high quality. Find out how how we deliver these critical updates on a massive scale as a key component of our ongoing Windows as a service effort.December 10, 2018
10:00 AM PTLTSC: What is it, and when should it be used?
With the Semi-Annual Channel, devices receive two feature updates per year, and benefit from the best performance, user experience, security, and stability. This servicing option continues to be our recommendation for managing Windows 10 updates; however, we acknowledge that certain devices and use cases (e.g. medical systems and industrial process controllers) dictate that functionality and features don’t change over time. Find out how we designed the Long-Term Servicing Channel (LTSC) with these types of use cases in mind, and what is offered through the LTSC.November 29, 2018
07:02 PM PTPlan for change: Local Experience Packs: What are they and when should you use them?
When we released Windows 10, version 1803, we introduced Local Experience Packs (LXPs), which are modern language packs delivered through the Microsoft Store or Microsoft Store for Business. Learn about the biggest advantage to LXPs, and the retirement of legacy language packs (lp.cab) for all Language Interface Packs (LIP).November 14, 2018
11:10 AM PTWindows 10 Quality approach for a complex ecosystem
While our measurements of quality show improving trends on aggregate for each successive Windows 10 release, if a single customer experiences an issue with any of our updates, we take it seriously. In this blog post, Windows CVP Mike Fortin shares an overview of how we work to continuously improve the quality of Windows and our Windows as a service approach. This blog will be the first in a series of more in-depth explanations of the work we do to deliver quality in our Windows releases.November 13, 2018
10:00 AM PTWindows 10, version 1809 rollout resumes; now available on VLSC
Today we are resuming the rollout of the latest Windows 10 feature update—Windows 10, version 1809—via the Software Download Center (via Update Assistant or the Media Creation Tool), Windows Server Update Services (WSUS), and Windows Update for Business. Windows 10, version 1809 is also now available on the Volume Licensing Service Center (VLSC).November 13, 2018
10:00 AM PTExpress updates for Windows Server 2016 re-enabled for November 2018 update
Starting with the November 13, 2018 Update Tuesday release, Windows will again publish Express updates for Windows Server 2016. That means that system administrators for WSUS and System Center Configuration Manager will once again see two packages for the Windows Server 2016 update: a Full update and an Express update. Read this article for more details.November 12, 2018
03:00 PM PTPlan for change: 2019 SHA-2 code signing support requirement for Windows and WSUS To protect your security, Windows operating system updates are dual-signed using both the SHA-1 and SHA-2 hash algorithms to authenticate that updates come directly from Microsoft and were not tampered with during delivery. Due to weaknesses in the SHA-1 algorithm and to align to industry standards Microsoft will only sign Windows updates using the more secure SHA-2 algorithm exclusively.Customers running legacy OS versions (Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Server 2008 SP2) will be required to have SHA-2 code signing support installed on their devices by July 2019. Any devices without SHA-2 support will not be offered Windows updates after July 2019. To help prepare you for this change, we will release support for SHA-2 signing in 2019. Windows Server Update Services (WSUS) 3.0 SP2 will receive SHA-2 support to properly deliver SHA-2 signed updates. Please make note of the dates in the migration timeline and plan accordingly.November 09, 2018
10:00 AM PTYes
+ +[Device Owners](#bkmk-device-owners)
Yes
Yes
Yes
Yes
[Distributed COM Users](#bkmk-distributedcomusers)
Yes
Yes
Yes
Yes
+ [DnsUpdateProxy](#bkmk-dnsupdateproxy)
Yes
Yes
Yes
Yes
+ [DnsAdmins](#bkmk-dnsadmins)
Yes
Yes
Yes
Yes
+ [Domain Admins](#bkmk-domainadmins)
Yes
Yes
Yes
Yes
+ [Domain Computers](#bkmk-domaincomputers)
Yes
Yes
Yes
Yes
+ [Domain Controllers](#bkmk-domaincontrollers)
Yes
Yes
Yes
Yes
+ [Domain Guests](#bkmk-domainguests)
Yes
Yes
Yes
Yes
+ [Domain Users](#bkmk-domainusers)
Yes
Yes
Yes
Yes
+ [Enterprise Admins](#bkmk-entadmins)
Yes
Yes
Yes
Yes
- [Enterprise Key Admins](#bkmk-enterprise-key-admins)
+ -[Enterprise Key Admins](#enterprise-key-admins)
Yes
+ [Enterprise Read-only Domain Controllers](#bkmk-entrodc)
Yes
Yes
Yes
Yes
+ [Event Log Readers](#bkmk-eventlogreaders)
Yes
Yes
Yes
Yes
+ [Group Policy Creator Owners](#bkmk-gpcreatorsowners)
Yes
Yes
Yes
Yes
+ [Guests](#bkmk-guests)
Yes
Yes
Yes
Yes
+ [Hyper-V Administrators](#bkmk-hypervadministrators)
Yes
Yes
Yes
+ [IIS_IUSRS](#bkmk-iis-iusrs)
Yes
Yes
Yes
Yes
+ [Incoming Forest Trust Builders](#bkmk-inforesttrustbldrs)
Yes
Yes
Yes
Yes
+ [Key Admins](#key-admins)
Yes
+ [Network Configuration Operators](#bkmk-networkcfgoperators)
Yes
Yes
Yes
Yes
+ [Performance Log Users](#bkmk-perflogusers)
Yes
Yes
Yes
Yes
+ [Performance Monitor Users](#bkmk-perfmonitorusers)
Yes
Yes
Yes
Yes
+ [Pre–Windows 2000 Compatible Access](#bkmk-pre-ws2kcompataccess)
Yes
Yes
Yes
Yes
+ [Print Operators](#bkmk-printoperators)
Yes
Yes
Yes
Yes
+ [Protected Users](#bkmk-protectedusers)
Yes
Yes
+ [RAS and IAS Servers](#bkmk-rasandias)
Yes
Yes
Yes
Yes
+ [RDS Endpoint Servers](#bkmk-rdsendpointservers)
Yes
Yes
Yes
+ [RDS Management Servers](#bkmk-rdsmanagementservers)
Yes
Yes
Yes
+ [RDS Remote Access Servers](#bkmk-rdsremoteaccessservers)
Yes
Yes
Yes
+ [Read-only Domain Controllers](#bkmk-rodc)
Yes
Yes
Yes
Yes
+ [Remote Desktop Users](#bkmk-remotedesktopusers)
Yes
Yes
Yes
Yes
+ [Remote Management Users](#bkmk-remotemanagementusers)
Yes
Yes
Yes
+ [Replicator](#bkmk-replicator)
Yes
Yes
Yes
Yes
+ [Schema Admins](#bkmk-schemaadmins)
Yes
Yes
Yes
Yes
+ [Server Operators](#bkmk-serveroperators)
Yes
Yes
Yes
Yes
+ [Storage Replica Administrators](#storage-replica-administrators)
Yes
+ [System Managed Accounts Group](#system-managed-accounts-group)
Yes
+ [Terminal Server License Servers](#bkmk-terminalserverlic)
Yes
Yes
Yes
Yes
+ [Users](#bkmk-users)
Yes
Yes
Yes
Yes
+ [Windows Authorization Access Group](#bkmk-winauthaccess)
Yes
Yes
Yes
Yes
+ [WinRMRemoteWMIUsers_](#bkmk-winrmremotewmiusers-)
Yes
***Subcategory:*** [Audit Filtering Platform Connection](audit-filtering-platform-connection.md)
-***Event Schema:***
+***Event Description:***
-*The Windows Filtering Platform has blocked a bind to a local port.*
+This event is logged if the Windows Filtering Platform has blocked a bind to a local port.
-*Application Information:*
+
+
+ If you convert the hexadecimal value to decimal, you can compare it to the values in Task Manager.
+
+ You can also correlate this process ID with a process ID in other events, for example, “[4688](event-4688.md): A new process has been created” **Process Information\\New Process ID**.
+
+
+
+- **Application Name** \[Type = UnicodeString\]**:** full path and the name of the executable for the process.
+
+ Logical disk is displayed in format \\device\\harddiskvolume\#. You can get all local volume numbers by using **diskpart** utility. The command to get volume numbers using diskpart is “**list volume”**:
+
+
+
+**Network Information:**
+
+- **Source Address** \[Type = UnicodeString\]**:** the local IP address of the computer running the application.
+
+ - IPv4 Address
+
+ - IPv6 Address
+
+ - :: - all IP addresses in IPv6 format
+
+ - 0.0.0.0 - all IP addresses in IPv4 format
+
+ - 127.0.0.1 , ::1 - localhost
+
+- **Source Port** \[Type = UnicodeString\]**:** the port number used by the application.
+
+- **Protocol** \[Type = UInt32\]: the protocol number being used.
+
+| Service | Protocol Number |
+|----------------------------------------------------|-----------------|
+| Internet Control Message Protocol (ICMP) | 1 |
+| Transmission Control Protocol (TCP) | 6 |
+| User Datagram Protocol (UDP) | 17 |
+| General Routing Encapsulation (PPTP data over GRE) | 47 |
+| Authentication Header (AH) IPSec | 51 |
+| Encapsulation Security Payload (ESP) IPSec | 50 |
+| Exterior Gateway Protocol (EGP) | 8 |
+| Gateway-Gateway Protocol (GGP) | 3 |
+| Host Monitoring Protocol (HMP) | 20 |
+| Internet Group Management Protocol (IGMP) | 88 |
+| MIT Remote Virtual Disk (RVD) | 66 |
+| OSPF Open Shortest Path First | 89 |
+| PARC Universal Packet Protocol (PUP) | 12 |
+| Reliable Datagram Protocol (RDP) | 27 |
+| Reservation Protocol (RSVP) QoS | 46 |
+
+**Filter Information:**
+
+- **Filter Run-Time ID** \[Type = UInt64\]: unique filter ID which blocks the application from binding to the port. By default, Windows firewall won't prevent a port from binding by an application, and if this application doesn’t match any filters, you will get value 0 in this field.
+
+ To find specific Windows Filtering Platform filter by ID you need to execute the following command: **netsh wfp show filters**. As a result of this command, **filters.xml** file will be generated. You need to open this file and find the specific substring with the required filter ID (**<filterId>**)**,** for example:
+
+ 
+
+- **Layer Name** \[Type = UnicodeString\]: [Application Layer Enforcement](https://msdn.microsoft.com/library/windows/desktop/aa363971(v=vs.85).aspx) layer name.
+
+- **Layer Run-Time ID** \[Type = UInt64\]: Windows Filtering Platform layer identifier. To find specific Windows Filtering Platform layer ID you need to execute the following command: **netsh wfp show state**. As result of this command **wfpstate.xml** file will be generated. You need to open this file and find specific substring with required layer ID (**<layerId>**)**,** for example:
+
+
+
## Security Monitoring Recommendations
- There is no recommendation for this event in this document.
diff --git a/windows/security/threat-protection/auditing/images/event-5159.png b/windows/security/threat-protection/auditing/images/event-5159.png
new file mode 100644
index 0000000000..a2f9134fe8
Binary files /dev/null and b/windows/security/threat-protection/auditing/images/event-5159.png differ
diff --git a/windows/security/threat-protection/images/seccon-framework.png b/windows/security/threat-protection/images/seccon-framework.png
new file mode 100644
index 0000000000..06f66acf99
Binary files /dev/null and b/windows/security/threat-protection/images/seccon-framework.png differ
diff --git a/windows/security/threat-protection/images/security-control-classification.png b/windows/security/threat-protection/images/security-control-classification.png
new file mode 100644
index 0000000000..75467f2098
Binary files /dev/null and b/windows/security/threat-protection/images/security-control-classification.png differ
diff --git a/windows/security/threat-protection/images/security-control-deployment-methodologies.png b/windows/security/threat-protection/images/security-control-deployment-methodologies.png
new file mode 100644
index 0000000000..4f869474e2
Binary files /dev/null and b/windows/security/threat-protection/images/security-control-deployment-methodologies.png differ
diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md
index 44c4ef2a2f..0359a92351 100644
--- a/windows/security/threat-protection/index.md
+++ b/windows/security/threat-protection/index.md
@@ -14,9 +14,13 @@ ms.localizationpriority: medium
# Threat Protection
[Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) is a unified platform for preventative protection, post-breach detection, automated investigation, and response. Windows Defender ATP protects endpoints from cyber threats; detects advanced attacks and data breaches, automates security incidents and improves security posture.
+>[!Note]
+> The Windows Defender Security Center is currently going through rebranding. All references to Windows Defender will be replaced with Microsoft Defender. You will see the updates in the user interface and in the documentation library in next few months.
+
