This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
+ Some applications may fail to run as expected on clients of AD FS 2016
Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016)
See details > | OS Build 14393.2941
April 25, 2019
KB4493473 | Mitigated
| June 04, 2019
05:55 PM PT |
Devices running Windows Server 2016 with Hyper-V seeing Bitlocker error 0xC0210000
Some devices running Windows Server with Hyper-V enabled may start into Bitlocker recovery with error 0xC0210000
See details > | OS Build 14393.2969
May 14, 2019
KB4494440 | Mitigated
| May 23, 2019
09:57 AM PT |
Cluster service may fail if the minimum password length is set to greater than 14
The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.
See details > | OS Build 14393.2639
November 27, 2018
KB4467684 | Mitigated
| April 25, 2019
02:00 PM PT |
Issue using PXE to start a device from WDS
There may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension.
See details > | OS Build 14393.2848
March 12, 2019
KB4489882 | Mitigated
| April 25, 2019
02:00 PM PT |
@@ -80,6 +81,15 @@ sections:
"
+- title: June 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Some applications may fail to run as expected on clients of AD FS 2016Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016) after installation of KB4493473 on the server. Applications that may exhibit this behavior use an IFRAME during non-interactive authentication requests and receive X-Frame Options set to DENY.
Affected platforms: - Server: Windows Server 2016
Workaround: You can use the Allow-From value of the header if the IFRAME is only accessing pages from a single-origin URL. On the affected server, open a PowerShell window as an administrator and run the following command: set-AdfsResponseHeaders -SetHeaderName X-Frame-Options -SetHeaderValue \"allow-from https://example.com\"
Next steps: We are working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 14393.2941
April 25, 2019
KB4493473 | Mitigated
| Last updated:
June 04, 2019
05:55 PM PT
Opened:
June 04, 2019
05:55 PM PT |
+
+ "
+
- title: May 2019
- items:
- type: markdown
diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
index c19588480c..5b4036e0c0 100644
--- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
+++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
@@ -76,7 +76,6 @@ sections:
Zone transfers over TCP may fail
Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.
See details > | OS Build 17763.475
May 03, 2019
KB4495667 | Resolved
KB4494441 | May 14, 2019
10:00 AM PT |
Latest cumulative update (KB 4495667) installs automatically
Reports that the optional cumulative update (KB 4495667) installs automatically.
See details > | OS Build 17763.475
May 03, 2019
KB4495667 | Resolved
| May 08, 2019
03:37 PM PT |
System may be unresponsive after restart if ArcaBit antivirus software installed
After further investigation ArcaBit has confirmed this issue is not applicable to Windows 10, version 1809
See details > | OS Build 17763.437
April 09, 2019
KB4493509 | Resolved
| May 08, 2019
03:30 PM PT |
- Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | OS Build 17763.379
March 12, 2019
KB4489899 | Resolved
KB4495667 | May 03, 2019
10:00 AM PT |
"
@@ -118,7 +117,6 @@ sections:
| Details | Originating update | Status | History |
Issue using PXE to start a device from WDSAfter installing KB4489899, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options:
Option 1: Open an Administrator Command prompt and type the following: Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No
Option 2: Use the Windows Deployment Services UI to make the following adjustment: - Open Windows Deployment Services from Windows Administrative Tools.
- Expand Servers and right-click a WDS server.
- Open its properties and clear the Enable Variable Window Extension box on the TFTP tab.
Option 3: Set the following registry value to 0: HKLM\\System\\CurrentControlSet\\Services\\WDSServer\\Providers\\WDSTFTP\\EnableVariableWindowExtension
Restart the WDSServer service after disabling the Variable Window Extension.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 17763.379
March 12, 2019
KB4489899 | Mitigated
| Last updated:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
- Custom URI schemes may not start corresponding applicationAfter installing KB4489899, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Workaround: Right-click the URL link to open it in a new window or tab, or enable Protected Mode in Internet Explorer for local intranet and trusted sites - Go to Tools > Internet options > Security.
- Within Select a zone to view of change security settings, select Local intranet and then select Enable Protected Mode.
- Select Trusted Sites and then select Enable Protected Mode.
- Select OK.
You must restart the browser after making these changes.
Resolution: This issue is resolved in KB4495667.
Back to top | OS Build 17763.379
March 12, 2019
KB4489899 | Resolved
KB4495667 | Resolved:
May 03, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
"
diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index d9d8a66658..6b91654209 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -239,6 +239,7 @@
####### [Troubleshoot subscription and portal access issues](microsoft-defender-atp/troubleshoot-onboarding-error-messages.md)
##### [Microsoft Defender ATP API](microsoft-defender-atp/use-apis.md)
+###### [Microsoft Defender ATP API license and terms](microsoft-defender-atp/api-terms-of-use.md)
###### [Get started with Microsoft Defender ATP APIs](microsoft-defender-atp/apis-intro.md)
####### [Hello World](microsoft-defender-atp/api-hello-world.md)
####### [Get access with application context](microsoft-defender-atp/exposed-apis-create-app-webapp.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/TOC.md b/windows/security/threat-protection/microsoft-defender-atp/TOC.md
index 2570edf47b..ff64c95cca 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/TOC.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/TOC.md
@@ -244,6 +244,7 @@
#### [Microsoft Defender ATP API](use-apis.md)
+##### [Microsoft Defender ATP API license and terms](api-terms-of-use.md)
##### [Get started with Microsoft Defender ATP APIs](apis-intro.md)
###### [Hello World](api-hello-world.md)
###### [Get access with application context](exposed-apis-create-app-webapp.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-terms-of-use.md b/windows/security/threat-protection/microsoft-defender-atp/api-terms-of-use.md
new file mode 100644
index 0000000000..9a0cea7281
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/api-terms-of-use.md
@@ -0,0 +1,34 @@
+---
+title: Microsoft Defender ATP API license and terms of use
+description: Description of the license and terms of use for Microsoft Defender APIs
+keywords: license, terms, apis, legal, notices, code of conduct
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: macapara
+author: mjcaparas
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance
+ms.topic: article
+---
+
+# Microsoft Defender ATP API license and terms of use
+
+## APIs
+
+Microsoft Defender ATP APIs are governed by [Microsoft API License and Terms of use](https://docs.microsoft.com/en-us/legal/microsoft-apis/terms-of-use).
+
+
+## Legal Notices
+
+Microsoft and any contributors grant you a license to the Microsoft documentation and other content in this repository under the Creative Commons Attribution 4.0 International Public License, see the LICENSE file.
+
+Microsoft, Windows, Microsoft Azure and/or other Microsoft products and services referenced in the documentation may be either trademarks or registered trademarks of Microsoft in the United States and/or other countries. The licenses for this project do not grant you rights to use any Microsoft names, logos, or trademarks. Microsoft's general trademark guidelines can be found at http://go.microsoft.com/fwlink/?LinkID=254653.
+
+Privacy information can be found at https://privacy.microsoft.com/en-us/
+Microsoft and any contributors reserve all others rights, whether under their respective copyrights, patents, or trademarks, whether by implication, estoppel or otherwise.
+
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md b/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
index 442d8833a2..017979c7ca 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
@@ -124,8 +124,7 @@ Agent Resource | Ports
| winatp-gw-weu.microsoft.com | 443 |
|winatp-gw-uks.microsoft.com | 443 |
|winatp-gw-ukw.microsoft.com | 443 |
-| winatp-gw-aus.microsoft.com | 443|
-| winatp-gw-aue.microsoft.com |443 |
+
## Windows Server, version 1803 and Windows Server 2019
To onboard Windows Server, version 1803 or Windows Server 2019, use the same method used when onboarding Windows 10 machines.