KB4093117 for Windows 10 1703 and KB4093120 for 1607 released – download

Microsoft released 2 cumulative updates for Windows 10 Version 1703 Creators Update and Version 1607 Anniversary Update last night . These are the updates  KB4093117 for 1703 and  KB4093120 for version 1607. Both updates are now available for download via the integrated Windows Update function and the Windows Update Catalog.

This increases the Windows 10 build numbers at 1703 to 15063.1058 and at 1607 to build 14393.2214 .

Since Microsoft does not add any new features to the monthly, cumulative updates, only bug fixes are included. According to Microsoft, these bugs have been fixed in the respective Windows 10 feature updates.

Update KB4093117 build 15063.1058

Update KB4093117 build 15063.1058:

  • Addresses an issue that could cause Microsoft Edge to stop working after a few seconds while running a software restriction policy.
  • Resolves issues where AppLocker Publisher rules applied to MSI files do not match the files correctly.
  • Addresses an issue that causes Microsoft Active Directory accounts and Azure Active Directory accounts to get the password prompt repeatedly, not just once.
  • So far there could be problems with Windows Hello. which generates good keys due to TPM firmware problems if weak cryptographic keys are recognized. This problem only occurs if the policy that the TPM requires is configured.
  • Fixed an issue that prevented users from unlocking their session and sometimes displaying incorrect username @ domain name information on the login screen when multiple users log on to a computer with a quick user change. This happens especially when users log in from several different domains, use the UPN format for their domain credentials (user name @ domain name) and switch between users with fast user switching.
  • Improves the processing of smart cards that allow PINs or biometric entries. If the user enters an incorrect PIN or biometric input (e.g. a fingerprint), an error is displayed and the user has to wait up to 30 seconds. With this change, the 30 second delay is no longer required.
  • Addresses issues where the browser often asks for credentials instead of just once when using the Office Chrome extension.
  • The update increases the minimum password length in Group Policy to 20 characters.
  • Addresses an issue that displays incorrect name information when displaying certificate properties. Instead of displaying properly formatted data, the information is presented in hexadecimal format.
  • Addresses issues that block failed NTLM authentication rather than just logging it when using an authentication policy with audit mode enabled. Netlogon.log may display the following:
    SamLogon: Transitive network login from <domain> <user> from <
    Machine2 > (via < Machine1 >) NlpVerifyAllowedToAuthenticate: AuthzAccessCheck failed for A2ATo 0x5 . This may be the lack of claims and composite support NTLM be due
    SamLogon Transitive Network logon of <domain> <user> of <Machine2> (about <Machine1>) Returns 0xC0000413 Back
  • Addresses an issue that generated a certificate check error 0x800B0109 (CERT_E_UNTRUSTEDROOT) from http.sys.
  • Fixed an issue where the right-click context menu for encrypting and decrypting files using Windows Explorer was missing.
  • Addresses an issue in which BitLocker or device encryption is suspended during device registration instead of protecting the drive.
  • Addresses an issue that could result in Centennial apps blocking the ability to set user quotas for NTFS.
  • Resolves the issue that causes the connection bar to be missing when connecting to virtual machines (VMConnect) when using full-screen mode on multiple monitors.
  • Addresses an issue in which using a GPO login script to map a network drive fails when the user disconnects from the network and restarts. When the user logs on again, the mapped drive is not available. This problem occurs even though the persistence flag of the logon script is set to TRUE.
  • Addresses an issue that could cause some files to be skipped and duplicate files to be created in the working folder locations during full enumeration synchronization sessions.
  • Addresses an issue that occurs when Volume Shadow Copy is enabled on a volume that hosts a file share. When the client accesses the UNC path to view the properties on the Previous Version tab, the Date Modified field is blank.
  • Fixed issues that occur when a user with a roaming user profile first logs in and out on a Windows 10 version 1607 computer. If the user later tries to log on to a computer that is running Windows 10 version 1703 and opens Microsoft Edge, Microsoft Edge will no longer work.
  • Addresses an issue with the reliability of Internet Explorer when entering text in a RichEditText control.
  • Addresses a potential leak caused by opening and closing a new web browser control.
  • Addresses an issue that causes the ContentIndexter.AddAsync API to throw an unnecessary exception.

Update KB4093120 Build 14393.2214

Update KB4093120 Build 14393.2214:

  • Mostly fixes the same bugs as for update KB4093117 (see above).
  • Resolves an issue in apps that occurs when using the Japanese IME.
  • Addresses issues where AppLocker Publisher rules applied to MSI files do not match the files correctly.
  • Resolves the issue that prevents ReFS partitions from expanding if the volume was originally formatted with ReFS v1.
  • Resolves Hyper-V issues that cause the host Hyper-V node to stop working when the hosted VM starts.
  • Addresses a kernel deadlock that affects server availability.
  • Addresses issues with Windows Update, which prevents VMs from being saved after restarting or shutting down a computer after applying an update. vmms.exe does not wait for vmwp.exe to finish copying VM memory data .
  • Fixes an issue where DTC in Msdtcprx! CIConnSink :: SendReceive stops responding during an XA restore . During this error, IXaMapper objects with identical RMIDs are corrupted.
  • Resolves the problem that prevents Active Directory objects with invalid backlink attributes from being changed or restored in their class. The error you get is: “ Error 0x207D An attempt was made to modify an object to insert an attribute that is not allowed for its class.
  • Addresses an unhandled update token validation problem. It generates the following error: “Microsoft.IdentityServer.Web.Protocols.OAuth.Exceptions.OAuthInvalidRefreshTokenException: MSIS9312: Invalid update OAuth token received. The update token was received in the token earlier than the allowable time. ”
  • Addresses an issue that prevents ADDS-DSAC from running on a client that has PowerShell transcription enabled. The following error is displayed: “ A connection to a domain cannot be established. Update or try again when the connection is available.
  • Addresses an issue that causes an NFS server cluster resource to fail over long when communication from the NFS server to the NFS client is blocked. If the failover takes more than 20 minutes, the error 0x9E ( USER_MODE_HEALTH_MONITOR ) occurs.
  • Addresses issues that may generate a capacity reservation error warning during cluster validation or while the Debug-StorageSubSystem cmdlet is running, even though sufficient capacity is actually reserved. The warning reads: “The storage pool does not have the recommended reserve capacity. This can limit your ability to restore data security in the event of a drive failure. ”
  • Addresses issues in Windows Multipoint Server 2016 that may result in the error “ The MultiPoint service is not responding on this computer. To resolve the problem, restart the computer.
  • Resolves a profile problem that prevents a UDP profile from loading. This loading error generates the ” We cannot log in to your account ” error , and users receive a temporary profile.
  • Resolves the issue where the high contrast theme setting is incorrectly applied when a user logs in with RDP.
  • Eliminates pairing problem for low power Bluetooth devices.
  • Addresses a reliability issue with Microsoft Outlook and an Alt key issue when using a Microsoft Office application in an ActiveX container.

Here below you can download the two updates for your Windows 10 system.

– 2018-04 Cumulative Update for Windows 10 Version 1703 for x64-based Systems (KB4093117)
– 2018-04 Cumulative Update for Windows 10 Version 1703 for x86-based Systems (KB4093117)

– 2018-04 Cumulative update for Windows 10 version 1607 for x64-based systems (KB4093120)
– 2018-04 Cumulative update for Windows 10 version 1607 for x86-based systems (KB4093120)
– 2018-04 Cumulative update for Windows Server 2016 (KB4093120 )