Applies ToWindows 10, version 1607, all editions Windows Server 2016, all editions

Release Date:

2/13/2018

Version:

OS Build 14393.2068

Improvements and fixes

This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

  • Addresses issue with fragment identifier contained in links opened using the Enterprise Mode Site List to redirect from Microsoft Edge to Internet Explorer.

  • Addresses issue with rendering graphics elements with Internet Explorer.

  • Addresses a script-related issue that caused Internet Explorer to stop working in some cases.

  • Addresses issue in Internet Explorer where pressing the Delete key inserted a new line in input boxes in an application.

  • Addresses issue where some users may have experienced issues logging into some websites when using third-party account credentials in Microsoft Edge.

  • Addresses issue with browser Compatibility View settings that occured during updates.

  • Updates time zone information.

  • Updates Microsoft HoloLens CPU Microcode to address vulnerability CVE-2017-5715 - Branch target injection. Installing this KB for HoloLens applies all relevant OS and Microcode updates. See Advisory 180002 for more details.

  • Addresses issue where telemetry data couldn't be uploaded using UTC because of networking environments that prevent access to the necessary CRL servers.

  • Addresses issue where MMC application snap-ins—such as Services, Local Policy Admin, and Printer Management—fail to run when Windows Defender Application Control (Device Guard) is turned on. The error is "Object doesn't support this property or method."

  • Addresses issue where a failover in MPIO while throttling input and output requests may cause all available paths to fail.

  • Addresses issue where the application pool CPU throttles when running IIS.

  • Addresses issue where, after installing KB4057142 or KB4056890 on an SMB server, accessing files in directory junction points or volume mount points hosted on the server may fail. The error is “ERROR_INVALID_REPARSE_DATA”. For example, this symptom may be observed:

  • Editing some group policies using GPMC or AGPM 4.0 may fail with the error "The data present in the reparse point buffer is invalid. (Exception from HRESULT: 0x80071128)".

  • Security updates to Microsoft Edge, Internet Explorer, Adobe Flash Player, Microsoft Windows Search Component, Windows Kernel, Device Guard, Common Log File System Driver, and Windows storage and file systems.

Note This update isn't available with express installation files for Windows Server 2016.

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

For more information about the resolved security vulnerabilities, see the Security Update Guide.

Windows Update Improvements

Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 Feature Update based on device compatibility and Windows Update for Business deferral policy. This does not apply to long-term servicing editions.

Known issues in this update

Symptom

Workaround

Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.

This issue is resolved in KB4088787.

After installing this update, servers where Credential Guard is enabled may experience an unexpected restart with the error "The system process lsass.exe terminated unexpectedly with status code -1073740791. The system will now shut down and restart."

Event ID 1000 in the application log shows:

'C:\windows\system32\lsass.exe' terminated unexpectedly with status code -1073740791

Faulting application: lsass.exe, Version: 10.0.14393.1770, Time Stamp: 0x59bf2fb2

Faulting module: ntdll.dll, Version: 10.0.14393.1715, Time Stamp: 0x59b0d03e

Exception: 0xc0000409

This issue is resolved in KB4077525.

After installing this update, applications may not be able to reserve or bind to ports that previously worked.

To resolve this issue, use the following workaround.

Check if the port you want to bind to or reserve is already reserved on the container host. For example, you can use netsh as follows:   

netsh interface ipv4 show excludedportrange protocol=tcp

  If the port is not reserved, you may use it. If it is reserved, choose a different port.

How to get this update

This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the Microsoft Update Catalog website.

File information

For a list of the files that are provided in this update, download the file information for cumulative update 4074590.

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.