June 15, 2021—KB5003703 (OS Build 17763.2028) Preview
Applies To
Win 10 Ent LTSC 2019 Win 10 IoT Ent LTSC 2019 Windows 10 IoT Core LTSC Windows Server 2019Release Date:
15/06/2021
Version:
OS Build 17763.2028
NEW 6/15/21 Update on Adobe Flash Player End of Support.
IMPORTANT This release includes the Flash Removal Package. Taking this update will remove Adobe Flash from the machine. For more information, see the5/11/21
REMINDER Windows 10, version 1809 reached end of service on May 11, 2021 for devices running the Enterprise, Education, and IoT Enterprise editions. After May 11, 2021, these devices will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.We will continue to service the following editions: Enterprise G, HoloLens, and the LTSC editions for Client, Server, and IoT.
5/11/21 New Microsoft Edge to replace Microsoft Edge Legacy with April’s Windows 10 Update Tuesday release.
REMINDER Microsoft removed the Microsoft Edge Legacy desktop application that is out of support in April 2021. In the May 11, 2021 release, we installed the new Microsoft Edge. For more information, see11/17/20 types of Windows updates and the monthly quality update types. To view other notes and messages, see the Windows 10, version 1809 update history page.
For information about Windows update terminology, see the article about theHighlights
-
Updates an issue that prevents certain screen reader apps from running.
-
Updates an issue that might cause a VPN to fail.
Improvements and fixes
This non-security update includes quality improvements. Key changes include:
-
Addresses an issue that prevents sorting from working properly when using multiple versions of National Language Support (NLS) sorting.
-
Addresses a performance issue in the MultiByteToWideChar() function that occurs when it is used in a non-English locale.
-
Addresses an issue that fails to properly manage touch input related memory before a user session ends.
-
Addresses an issue that causes Windows to stop working when it uses AppLocker to validate a file that has multiple signatures. The error is 0x3B.
-
Addresses an issue that might cause BitLocker to go into recovery mode after updating the Trusted Platform Module (TPM) firmware. This occurs when the "Interactive logon: Machine account lockout Threshold" policy is set and there were incorrect password attempts.
-
Addresses an issue that prevents certain screen reader apps from running when Hypervisor-protected code integrity (HVCI) is enabled.
-
Addresses an issue that causes Windows to generate many AppLocker or SmartLocker success events in the AppLocker EXE and DLL event channel.
-
Improves the accuracy and efficiency of sensitive data analysis in the Microsoft 365 Endpoint data loss prevention (DLP) Classification Engine.
-
Addresses an access violation issue in HTTP.sys that causes a stop error. This issue only occurs when you enable HTTP tracing or logging.
-
Addresses an issue with the Internet Key Exchange (IKE) VPN service on remote access server (RAS) servers. Periodically, users cannot connect a VPN to the server over the IKE protocol. This issue might start several hours or days after restarting the server or restarting the IKEEXT service. Some users can connect while many others cannot connect because the service is in DoS Protection mode, which limits incoming connection attempts.
-
Addresses an issue that might cause a VPN to fail after renewing a user auto-enrolled certificate. The error message is "There are no more files".
-
Addresses a metadata encoding issue that causes Free Lossless Audio Codec (FLAC) music files to become unplayable if you change their title, artist, or other metadata. For more information, see FLAC encoded music file is corrupted when metadata is edited in Windows Explorer.
-
Addresses an issue that causes Remote Desktop sessions to stop responding while the User Datagram Protocol (UDP) is enabled.
-
Addresses an issue with an infinite loop in svchost.exe (TermService) that might cause high CPU usage.
-
Addresses an issue in Adamsync.exe that affects the syncing of large Active Directory subtrees.
-
Addresses an issue that might cause endless replication when you promote a new domain controller and the Active Directory Recycle Bin feature is enabled.
-
Addresses an issue that occurs when the Lightweight Directory Access Protocol (LDAP) bind cache is full, and the LDAP client library receives a referral.
-
Addresses an issue that might cause a stop error when you run SmbConnectStress for a prolonged duration.
-
Addresses a redirector stop error that is caused by a race condition that occurs when the system deletes binding objects when connections close.
-
Addresses an issue that might damage the file system of some devices and prevent them from starting up after running chkdsk /f.
-
Addresses an issue that causes the images and text that first appear when you open a RemoteApp to remain on the screen indefinitely.
If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.
Windows Update Improvements
Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.
Known issues in this update
Symptom |
Workaround |
---|---|
After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND." |
This issue is addressed by updates released June 11, 2019 and later. We recommend you install the latest security updates for your device. Customers installing Windows Server 2019 using media should install the latest Servicing Stack Update (SSU) before installing the language pack or other optional components. If using the Volume Licensing Service Center (VLSC), acquire the latest Windows Server 2019 media available. The proper order of installation is as follows:
Note Updating your device will prevent this issue, but will have no effect on devices already affected by this issue. If this issue is present in your device, you will need to use the workaround steps to repair it. Workaround:
Note If reinstalling the language pack does not mitigate the issue, use the In-Place-Upgrade feature. For guidance, see How to do an in-place upgrade on Windows, and Perform an in-place upgrade of Windows Server. |
After installing KB5001342 or later, the Cluster Service might fail to start because a Cluster Network Driver is not found. |
This issue occurs because of an update to the PnP class drivers used by this service. After about 20 minutes, you should be able to restart your device and not encounter this issue.KB5003571. For more information about the specific errors, cause, and workaround for this issue, please see |
After installing updates released April 22, 2021 or later, an issue occurs that affects versions of Windows Server that are in use as a Key Management Services (KMS) host. Client devices running Windows 10 Enterprise LTSC 2019 and Windows 10 Enterprise LTSC 2016 might fail to activate. This issue only occurs when using a new Customer Support Volume License Key (CSVLK). Note This does not affect activation of any other version or edition of Windows. Client devices that are attempting to activate and are affected by this issue might receive the error, "Error: 0xC004F074. The Software Licensing Service reported that the computer could not be activated. No Key Management Service (KMS) could be contacted. Please see the Application Event Log for additional information." Event Log entries related to activation are another way to tell that you might be affected by this issue. Open Event Viewer on the client device that failed activation and go to Windows Logs > Application. If you see only event ID 12288 without a corresponding event ID 12289, this means one of the following:
For more information on these event IDs, see Useful KMS client events - Event ID 12288 and Event ID 12289. |
This issue is resolved in KB5009616. |
How to get this update
Before installing this update
Prerequisite:
You must install the May 11, 2021 servicing stack update (SSU) (KB5003243) or the latest SSU (KB5003711) before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU. For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
If you are using Windows Update, the latest SSU will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the Microsoft Update Catalog.
Install this update
Release Channel |
Available |
Next Step |
---|---|---|
Windows Update or Microsoft Update |
Yes |
Go to Settings > Update & Security > Windows Update. In the Optional updates available area, you’ll find the link to download and install the update. |
Windows Update for Business |
No |
None. These changes will be included in the next security update to this channel. |
Microsoft Update Catalog |
Yes |
To get the standalone package for this update, go to the Microsoft Update Catalog website. |
Windows Server Update Services (WSUS) |
No |
You can import this update into WSUS manually. See the Microsoft Update Catalog for instructions. |
File information
For a list of the files that are provided in this update, download the file information for cumulative update 5003703.