Updates to the October 2018 Update (version 1809)

KB4497934 (OS Build OS 17763.529)

Release date: May 21, 2019

This build brings a major change to the way you update Windows 10. You no longer have to accept every one of Microsoft’s twice-yearly feature updates such as the just released Windows 10 May 2019 Update (version 1903). When there’s a new feature update available, a “Download and install now” link appears in the Windows Update Settings pane. If you don’t want to install it, don’t click the link.

However, there is one caveat: When your current version of Windows nears what Microsoft calls “end of service” — the point at which Microsoft no longer supports it — Windows 10 will install the latest feature update.

In addition, this update fixes more than 20 issues in the latest version of Windows 10, including one that caused Microsoft Edge to hide annotations added to a PDF file, such as inked notes, highlights and comments, and another that failed to record a local user’s last logon time even when the user had accessed the server’s network share.

There are a handful of issues with this build, including one in which when attempting to print from Microsoft Edge or other Universal Windows Platform (UWP) applications you may receive the error, “Your printer has experienced an unexpected configuration problem. 0x80070007e.” There may also be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension.

(Get more info about KB4497934.)

KB4494441 (OS Build 17763.503)

Release date: May 14, 2019

This build fixes minor issues in the latest version of Windows 10, including one that caused zone transfers between primary and secondary DNS servers over TCP to fail, and another that caused “Error 1309” while installing or uninstalling certain types of .msi and .msp files on a virtual drive.

In addition, security updates are included for Microsoft Edge, Internet Explorer, Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Graphics, Windows Storage and Filesystems, Windows Cryptography, the Microsoft JET Database Engine, Windows Kernel, Windows Virtualization, and Windows Server. For more information about them, see the May 2019 Security Updates Release Notes.

There are several issues in the build, including one in which when attempting to print from Microsoft Edge or other Universal Windows Platform (UWP) applications you may receive the error “Your printer has experienced an unexpected configuration problem. 0x80070007e.” There may also be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4494441.)

KB4495667 (OS Build 17763.475)

Release date: May 3, 2019

This build fixes more than two dozen minor issues in the latest version of Windows 10, including one that caused some touch screens to stop working after restarts, and another that caused Internet Explorer Automation to fail in certain instances. The build also adds several minor features, including one that allows the built-in Administrator account to run Microsoft Office setup after downloading the installer in Microsoft Edge.

There are several issues in the build, including one in which Custom URI Schemes for Application Protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer. There may also be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. And when attempting to print from Microsoft Edge or other Universal Windows Platform (UWP) applications, you may receive the error “Your printer has experienced an unexpected configuration problem. 0x80070007e.”

(Get more info about KB4495667.)

KB4493509 (OS Build 17763.437)

Release date: April 9, 2019

This build fixes a handful of minor bugs in the latest version of Windows 10, including one that may cause authentication issues for Internet Explorer 11 and other applications that use WININET.DLL, and another that may cause compound document (OLE) server applications to display embedded objects incorrectly if you use the PatBlt API to place embedded objects into the Windows Management Framework (WMF).

In addition, security updates are included for Windows Datacenter Networking, Windows Server, the Microsoft JET Database Engine, Windows Kernel, Windows Input and Composition, Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Storage and Filesystems, Microsoft Graphics Component, Windows Virtualization, Windows MSXML, Windows SQL components, and Microsoft Edge. For more information about them, see the April 2019 Security Updates Release Notes.

There are several known issues in the build, including one in which Custom URI Schemes for Application Protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer. There may also be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4493509.)

KB4490481 (OS Build 17763.404)

Release date: April 2, 2019

This build fixes several dozen minor issues with the latest version of Windows 10, including one that prevented users from configuring their screens for high-dynamic-range (HDR) video playback, and another that failed to register USB cameras correctly for Windows Hello after their initial setup. It also fixes an issue that caused Windows to reuse an expired Dynamic Host Configuration Protocol (DHCP) lease if the lease expired while the OS was shut down, and another that prevented the authentication credentials dialog from appearing when an enterprise web server attempted to connect to the internet.

There are several issues in the build, including one in which Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues, and another in which Custom URI Schemes for Application Protocol handlers may not start the corresponding application for local intranet and trusted sites on Internet Explorer.

(Get more info about KB4490481.)

KB4489899 (OS Build 17763.379)

Release date: March 12, 2019

This build fixes several minor issues with the latest version of Windows 10 and includes security patches. Among other issues, it fixes a tracking and device calibration issue in Microsoft HoloLens that some people have experienced. Although people may see an improvement 10 to 15 minutes after installing the update, Microsoft recommends resetting the holograms for best results.

In addition, security updates are included for Microsoft Edge, Internet Explorer, Microsoft Scripting Engine, Windows Shell, Windows App Platform and Frameworks, Windows Kernel-Mode Drivers, Windows Server, Windows Linux, Windows Hyper-V, Windows Datacenter Networking, Windows Storage and Filesystems, Windows Wireless Networking, the Microsoft JET Database Engine, Windows Kernel, Windows, and Windows Fundamentals. The Security Update Guide’s Release Notes has details.

There are several issues in the build, including one in which after installing the update on machines that have multiple audio devices, applications that provide advanced options for internal or external audio output devices may stop working unexpectedly.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4489899.)

KB4482887 (OS Build 17763.348)

Release date: March 1, 2019

This build fixes several dozen minor issues with the latest version of Windows 10. Among them is one that caused the Action Center to suddenly appear on the wrong side of the screen before appearing on the correct side and another that caused the screen to remain black after resuming from Sleep if the laptop lid was closed while the laptop was being disconnected from a docking station.

The build also turns on a patch called “Retpoline” for some Windows devices, which may improve protection against the Spectre variant 2 vulnerability. For more details, see “Mitigating Spectre variant 2 with Retpoline on Windows.”

There is one known issue in the build, in which Internet Explorer 11 may have authentication issues when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

(Get more info about KB4482887.)

KB4487044 (OS Build 17763.316)

Release date: February 12, 2019

This build fixes several minor issues with the latest version of Windows 10. Among them is one in which Windows Hello for Business Hybrid Key Trust deployment sign-on fails if Windows 2019 Server domain controllers (DC) are used for authentication. It also fixes a bug in Microsoft HoloLens that allows users to bypass the lock screen sign-in process in some workflows.

In addition, security updates are included for Microsoft Scripting Engine, Microsoft Edge, Windows Server, the Microsoft JET Database Engine, Internet Explorer, Windows Wireless Networking, Windows Storage and Filesystems, Windows Input and Composition, Windows Graphics, and Windows App Platform and Frameworks. The Security Update Guide’s Release Notes has details.

There is one known issue in the build, in which after installing the previous build, KB4480116, some users cannot load a webpage in Microsoft Edge using a local IP address. Browsing fails or the webpage becomes unresponsive.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4487044.)

KB4476976 (OS Build 17763.292)

Release date: January 22, 2019

This build fixes 20 minor issues with the latest version of Windows 10. Among them is one in which File Explorer stopped working when you clicked the Turn On button for the timeline feature when the “Allow upload of user activities” group policy was disabled. This build also fixed a problem that caused Remote Desktop Services to stop accepting connections after accepting several connections, and another one that caused Microsoft Edge to stop working with certain display drivers.

There are two known issues in the build. In one, applications that use a Microsoft Jet database with the Microsoft Access 97 file format may fail to open if the database has column names greater than 32 characters. The database will display the error “Unrecognized Database Format.” In the other issue, after installing the previous build (KB4480116), some users some users cannot load a webpage in Microsoft Edge using a local IP address. Browsing fails or the webpage becomes unresponsive.

(Get more info about KB4476976.)

KB4480116 (OS Build 17763.253)

Release date: January 8, 2019

This minor build has several security updates and addresses a single minor issue. It fixes the problem in which using esentutl /p to repair a corrupt Extensible Storage Engine (ESE) database results in a mostly empty database that is corrupted and can’t be mounted.

One security update addresses a vulnerability in session isolation that affects PowerShell remote endpoints. For security reasons, from this build and onward, PowerShell remote endpoints cannot be configured to work with non-administrator accounts.

In addition, security updates are included for Microsoft Edge, Internet Explorer, Windows App Platform and Frameworks, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, Microsoft JET Database Engine, Windows Linux, Windows Virtualization, and the Microsoft Scripting Engine. The Security Update Guide’s Release Notes has details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4480116.)

KB4483235 (OS Build 17763.195)

Release date: December 19, 2018

This minor build has only a single change: a security update to Internet Explorer.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4483235.)

KB4471332 (OS Build 17763.194)

Release date: December 11, 2018

This minor security update fixes an issue that may prevent the use of the Seek Bar in Windows Media Player when playing specific files. The issue does not affect normal playback.  The build also has security updates for Windows Authentication, Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Storage and Filesystems, Windows Wireless Networking, Windows Kernel, Microsoft Edge, and Microsoft Scripting Engine. See the Security Update Guide for details.

There are no known issues in the update.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4471332.)

KB4469342 (OS Build 17763.168)

Release date: December 5, 2018

This non-feature update fixes 20 minor issues, including one that can cause mapped drives to fail to reconnect after starting and logging onto a Windows device, and another in which there are long delays when taking a photo with the Camera app in certain lighting conditions.

There are two known issues in this update, including one in which users may not be able to use the Seek Bar in Windows Media Player when playing specific files. This issue does not affect normal playback. Microsoft expects a fix to be available in mid-December.

(Get more info about KB4469342.)

KB4467708 (OS Build 17763.134)

Release date: November 13, 2018

This update addresses several security issues, including security updates for Microsoft Edge, Windows Scripting, Internet Explorer, Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Kernel, Windows Server, and Windows Wireless Networking.

In addition, it provides protections against a subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers. These protections are not enabled by default in the update. To turn the protections on after installing the update, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Additionally, IT staff should follow the mitigations that have already been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).

In addition to the security updates, the build fixes several issues, including one that prevented users from signing in to a Microsoft account (MSA) as a different user if signing in a second time, and another that caused the on-screen keyboard to appear when running automated tests or when you install a physical keyboard.

There are two known issues in this update, one in which some users cannot set Win32 program defaults for certain app and file type combinations using the Open with… command or Settings > Apps > Default apps, and another in which Microsoft Notepad and other Win32 programs cannot be set as default applications.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4467708.)

KB4464455 (OS Build 17763.107)

Release date: November 13, 2018

This minor, non-feature update fixes a variety of small issues, including one in which Internet Explorer performance became degraded when using roaming profiles or when the Microsoft Compatibility List wasn’t being used. Other issues fixed include one that caused a long delay in taking a photo using the Camera app in certain lighting conditions, and one that caused applications to lose IPv4 connectivity when IPv6 is unbound.

There are two known issues in this update: one in which some users cannot set Win32 program defaults for certain app and file type combinations using the Open with… command or Settings > Apps > Default apps, and another in which Microsoft Notepad and other Win32 programs cannot be set as default applications.

(Get more info about KB4464455.)

KB4464330 (OS Build 17763.55)

Release date: October 9, 2018

This very minor, non-feature update fixes an issue in which an incorrect timing calculation may prematurely delete user profiles on devices subject to the “Delete user profiles older than a specified number of day” group policy. It also has security updates for Windows Kernel, Microsoft Graphics Component, Microsoft Scripting Engine, Internet Explorer, Windows Storage and Filesystems, Windows Linux, Windows Wireless Networking, Windows MSXML, the Microsoft JET Database Engine, Windows Peripherals, Microsoft Edge, Windows Media Player, and Internet Explorer. (Go to the Security Update Guide for more details about these updates.)

There are no known issues with the update.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4464330.)

Windows 10 October 2018 Update (version 1809)

Release date: October 2, 2018; paused October 5; re-released November 13, 2018

Version 1809, called the Windows 10 October 2018 Update, is the feature update that preceded the May 2019 Update. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

• A new, powered-up Windows Clipboard can hold multiple clips, store clips permanently, let you preview clips and choose which one you’d like to paste into a document, and share clips across Windows 10 devices.
• A new screenshot and annotation tool called Snip & Sketch lets you capture and annotate the entire screen, a rectangular portion of the screen or a freehand-drawn portion of it. After you take a screen capture, you can annotate it and then save it to a file, copy it to the Clipboard, open it in another program or share it via email, social media and other methods.
• Storage Sense, which helps save storage space, now works with OneDrive Files On-Demand to clean out files you’ve downloaded from OneDrive cloud storage to your PC but that you don’t use any longer. You can choose how long you would like the cloud files to stay on your PC unused before you want them deleted, from never to 60 days.
• The Microsoft Edge browser lets you set autoplay permissions for sound and video on websites on a site-by-site basis. It also lets you look up word definitions in its built-in eReader for books and PDFs, and mark up PDFs and books using a highlighter and by adding notes.
• The new Your Phone app links Windows 10 devices to iOS and Android phones. It allows you to start web browsing on an iOS or Android device and then continue where you left off on your PC. It also lets you view photos on your Android phone from your Windows 10 PC.
• Search Previews have been powered up slightly. You no longer need to click to display the preview panel; it opens automatically. It also now shows files found on your PC.
• Smaller changes include a new dark theme for File Explorer; the addition of the SwiftKey swipe keyboard, which lets you enter text by swiping a finger across an onscreen keyboard; updates that are less intrusive; and faster sign-ins on shared PCs.

What IT needs to know: There are few significant changes that affect IT in the Windows 10 October 2018 Update, other than New Microsoft Edge Group Policies that let admins enable and disable full-screen mode, printing, the favorites bar, and browser history saves. IT can also allow or ban Edge extensions (not that there are many available) and configure the Home button and new tab page and startup options.

Updates to the April 2018 Update (version 1803)

KB4458469 (OS Build 17134.319)

Release date: September 20, 2018

This non-feature update fixes several dozen issues, including one that prevents custom keyboard layouts from working correctly, another that prevents some Bluetooth devices from pairing with Windows, and another in which a daily, repetitive task starts unexpectedly when the task is first created or starts when the task is updated.

There are no known issues with the update.

(Get more info about KB4458469.)

KB4464218 (OS Build 17134.286)

Release date: September 17, 2018

This non-feature update fixes a single issue that occurs after installing any of the updates released between July 24, 2018 and September 11, 2018. In those updates, Windows no longer recognizes the Personal Information exchange (PFX) certificate used for authenticating to a Wi-Fi or VPN connection. So Intune takes a long time to deliver user profiles because it doesn’t recognize that the required certificate is on the device. This build fixes the problem.

There are no known issues with the update.

(Get more info about KB4464218.)

KB4457128 (OS Build 17134.285)

Release date: September 11, 2018

This non-feature update includes several security updates and fixes an issue that causes the Program Compatibility Assistant (PCA) service to have excessive CPU usage. It provides protection against a Spectre Variant 2 vulnerability (CVE-2017-5715) for ARM64 devices. And it also includes security updates to Internet Explorer, Microsoft Edge, Microsoft scripting engine, Microsoft Graphics Component, Windows Media, Windows Shell, Windows Hyper-V, Windows datacenter networking, Windows virtualization and kernel, Windows Linux, Windows kernel, Microsoft JET Database Engine, Windows MSXML, and Windows Server. (See the Security Update Guide for details.)

There are no known issues with the update.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4457128.)

KB4346783 (OS Build 17134.254)

Release date: August 30, 2018

This non-feature update addresses a little more than a dozen problems, including one in which an issue in Microsoft Foundation Class applications may cause applications to flicker, and another in which Microsoft Edge or other UWP applications can’t perform client authentication when the private key is stored on a TPM 2.0 device.

There is one known issue in the update: Microsoft Edge may fail when using the New Application Guard Window, but normal Microsoft Edge instances aren’t affected.

(Get more info about KB4346783.)

KB4343909 (OS Build 17134.228)

Release date: August 14, 2018

This non-feature update addresses a handful of minor issues, including fixing a problem that caused high CPU usage and performance degradation on some systems with Family 15h and 16h AMD processors, and fixing another one that significantly reduced battery life after upgrading to Windows 10 version 1803, the Windows 10 April 2018 Update.

It also has security fixes, including several for Windows Server, and protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel Core processors and Intel Xeon processors

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4343909.)

KB4340917 (OS Build 17134.191)

Release date: July 24, 2018

This non-feature update addresses a dozen minor issues, including problems updating time zone information, an issue that prevented OpenType fonts from printing in Win32 applications and an issue with Roaming User Profiles where the AppDataLocal and AppDataLocallow folders are incorrectly synchronized at user logon and logoff, among others.

There is one known issue: After installation of any of the July 2018 .NET Framework Security Updates, a COM component will fail to load because of “access denied,” “class not registered,” or “internal failure occurred for unknown reasons” errors. For more details, see KB4345913.

(Get more info about KB4340917.)

KB4345421 (OS Build 17134.166)

Release date: July 16, 2018

This non-feature update addresses a small number of issues, including one in which the DHCP Failover server may cause enterprise clients to receive an invalid configuration when requesting a new IP address, resulting in a loss of connectivity. It also fixes another issue that may cause the restart of the SQL Server service to fail occasionally, listing the error “Tcp port is already in use.” There are no known issues with the update.

(Get more info about KB4345421.)

KB4338819 (OS Build 17134.165)

Release date: July 10, 2018

This security update addresses a small number of issues, including one that may cause the Mitigation Options Group Policy client-side extension to fail during GPO processing. It also evaluates the Windows ecosystem to help ensure application and device compatibility for all updates to Windows and enables debugging of WebView content in UWP apps using the Microsoft Edge DevTools Preview app that’s available in the Microsoft Store.

The update also includes security updates for Internet Explorer, Windows apps, Windows graphics, Windows data center networking, Windows wireless networking, Windows virtualization, Windows kernel, and Windows Server. All security updates fix vulnerabilities in the Microsoft .NET Framework.

The update has a known issue: After installing this update on a DHCP Failover Server, Enterprise clients may receive an invalid configuration when requesting a new IP address.  This may result in loss of connectivity as systems fail to renew their leases.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4338819.)

KB4284848 (OS Build 17134.137)

Release date: June 26, 2018

This non-feature update fixes a wide variety of bugs, including a performance issue on Windows Mixed Reality that occurred on some laptops with hybrid graphics adapters, such as the Surface Book 2, and another in which the Video Settings HDR streaming calibration slider stopped working due to a conflict with the panel brightness intensity settings configured by some OEMs.

The ancient, security-challenged SMBv1 protocol also has a fix for a bug in which users got the “An invalid argument was supplied” error message when accessing files or running programs from a shared folder using the protocol. The release also fixes a bug in which media content previously generated by Media Center didn’t play after the Windows 10 April 2018 Update was installed. There were more than a dozen other minor bugs squashed as well.

(Get more info about KB4284848.)

KB4284835 (OS Build 17134.112)

Release date: June 12, 2018

This update addresses a variety of issues, including several security problems. It fixes a problem that stops the GameBar from launching and also adds support for the SameSite cookie web standard to Microsoft Edge and Internet Explorer. Among other changes, it also addresses an issue in which some systems started up to a black screen. That occurred because previous updates to Windows 10 version 1803 were incompatible with specific versions of PC tune-up utilities after installation.

The update also provides protections for an additional subclass of speculative execution side channel vulnerabilities known as Speculative Store Bypass  (CVE-2018-3639). The protections aren’t enabled by default. IT administrators who want to turn them on for the Windows client should follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. This should be done in addition to the mitigations already released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).

The release also includes security updates to Internet Explorer, Microsoft Edge, Microsoft scripting engine, Windows Desktop Bridge, Windows apps, Windows shell, Windows kernel, Windows Server, Windows storage and filesystems, Windows wireless networking, remote code execution, and Windows virtualization and kernel.

There is a known issue in this update, in which some users running Windows 10 version 1803 may receive an error “An invalid argument was supplied” when accessing files or running programs from a shared folder using the SMBv1 protocol. To work around the problem, enable SMBv2 or SMBv3 on both the SMB server and the SMB client, as described in KB2696547.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4284835.)

KB4338548 (OS Build 17134.83)

Release date: June 5, 2018

This extremely minor update fixes a single bug in which 2017 and 2018 versions of Intuit QuickBooks Desktop couldn’t run in multi-user mode on Windows 10 version 1803 devices.

(Get more info about KB4338548.)

KB4100403 (OS Build 17134.81)

Release date: May 23, 2018

This update fixes a variety of minor bugs, including one in which Internet Explorer might cause communication between web workers to fail in certain asynchronous scenarios with multiple visits to a web page, and another that caused Windows Hello enrollment to fail on hardware with dGPUs.

There are several known issues with the update, including one in which some users running Windows 10 version 1803 may receive an error “An invalid argument was supplied” when accessing files or running programs from a shared folder using the SMBv1 protocol.

(Get more info about KB4100403.)

KB4103721 (OS Build 17134.48)

Release date: May 8, 2018

This update fixes several minor bugs, closes security holes and introduces no new features. Among other fixes, it addresses one that causes some devices to stop responding or working when using applications such as Cortana or Chrome after installing the Windows 10 April 2018 Update. And security updates are included for Windows Server, Microsoft Edge, Internet Explorer, Microsoft scripting engine, Windows app platform and frameworks, Windows kernel, Microsoft Graphics Component, Windows storage and filesystems, HTML help and Windows Hyper-V.

The update has one known issue – when some devices with Intel SSD 600p Series or Intel SSD Pro 6000p Series hard disks attempt to upgrade to the Windows 10 April 2018 Update, they may repeatedly enter a UEFI screen after restart or stop working. Microsoft is working with Intel and hardware partners  to identify and block devices with Intel SSD 600p Series or Intel SSD Pro 6000p Series from installing the April 2018 Update. It also is working on a fix that will allow those devices to eventually install the update.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4103721.)

Windows 10 April 2018 Update (version 1803)

Release date: April 30, 2018

Version 1803, called the Windows 10 April 2018 Update, is the major update to Windows 10 that preceded the October 2018 Update. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

• The most important new feature is Timeline, which lets you review and resume activities and open files you’ve started on your PC, or any other Windows PCs you have. It also tracks what you’ve done on iOS and Android devices if you install Microsoft’s digital assistant Cortana on them and are logged in. It shows a list of activities day by day for up to 30 days. Each activity shows up as a large tile, with the file name and document title or URL and website name across it, and the name of the application or app that created it across the top. Click any activity to reopen it. (Note that at present, Timeline only tracks activities in certain Microsoft programs such as the Edge browser and Office applications.)
• The new Diagnostic Data Viewer is supported, which Microsoft is designed to let you see the “diagnostic data collected from your Windows devices, how it is used, and to provide you with increased control over that data.” However, the information is presented in such a complex, technical way that even programmers will likely have a difficult time understanding it. The viewer isn’t built directly into the Windows 10 April 2018 Update. Instead, you have to download it from the Microsoft Store.
• The My People feature now lets you pin up to 10 contacts on the Windows taskbar. Previously, you could only pin up to three.
• Microsoft Edge gets several minor tweaks, including a revamped Hub, the ability to mute auto-playing audio in tabs, and a forms-filler for web-based forms.
• The Notebook feature of Cortana gets a new, cleaner interface for its Notebook. It now has two tabs, Organizer and Manage Skills. The Organizer makes it easier to create lists and set reminders. The Manage Skills tab lets you add “skills” to Cortana, such as controlling your home and its appliances, connecting Cortana to music services such as Spotify, tracking your fitness and more.
• You get more control over app permissions, such as whether they can access your camera, location and contacts.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 April 2018 Update:

• Windows 10 Professional now gets the Windows Defender Application Guard, which protects Microsoft Edge. There’s also a new feature in the application guard that lets users download files inside Edge instead of directly to the operating system, as a way to increase security.
• There are new policies for Group Policy and Mobile Device Management (MDM) that can better control how Delivery Optimization is used for Windows Update and Windows Store app updates. You can also now monitor Delivery Optimization using Windows Analytics.
• Windows AutoPilot also gets a tweak that lets IT make sure policies, settings and apps are provisioned on devices before users begin using them.
• Windows gets the Linux curl and tar utilities for downloading files and extracting .tar archives built directly into Windows. Windows also now natively supports Unix sockets (AF_UNIX) with a new afunix.sys kernel driver. That will make it easier to port software to Windows from Linux as well as from other Unix-like operating systems.
• There are a host of improvements to the Windows Subsystem for Linux, which lets you run a variety of Linux distributions on Windows 10. Linux applications can run in the background, some launch settings for Linux distributions can be customized, and Linux applications have been given access to serial devices. The new Unix sockets report is available for the Windows Subsystem for Linux as well as Windows itself.
• The Windows 10 Pro for Workstations version of Windows 10 gets a new power scheme called Ultimate Performance it’s only for desktop PCs, not those that can be powered by batteries. In addition, Windows 10 Pro for Workstations no longer ships with games like Candy Crush or other similar consumer-focused apps. Instead, it features enterprise- and business-related apps.
• Administrators have been given the power to configure an enterprise’s PCs to run custom scripts during feature updates, which will make configuration and deployment easier.

For  more details, see the Microsoft blog post “Making IT simpler with a modern workplace.”

Updates to the Fall Creators Update (version 1709)

KB4093105 (OS Build 16299.402)

Release date: April 23, 2018

This update fixes three dozen minor bugs and issues and introduces no new features. Among other fixes, it addresses one that removes user-pinned folders or tiles from the Start menu in some cases, and another that causes Skype and Xbox to stop working.

The update has one known issue — it reports that KB4054517 failed to install because of error 0x80070643, even though the installation was successful. If you want to verify the installation and make sure are no additional updates available, select Check for Updates. Microsoft is working on a resolution to the problem and will issue a fix in an upcoming Windows update.

(Get more info about KB4093105.)

KB4093112 (OS Build 16299.371)

Release date: April 10, 2018

This update fixes a variety of minor bugs and issues and plugs a number of security holes. Among other fixes, it addresses one that causes an access violation in Internet Explorer when it runs on the Microsoft Application Virtualization platform. It also fixes an issue that might cause the App-V service to stop working on an RDS server that hosts many users. There are also updates to Internet Explorer, Microsoft Edge, Windows kpp platform and frameworks, Microsoft scripting engine, Windows graphics, Windows Server, Windows kernel, Windows datacenter networking, Windows wireless networking, Windows virtualization and Kernel, and Windows Hyper-V.

The update has a variety of issues. In one, after it’s installed, users may experience unexpected panning or scrolling in certain apps while using the pen. In another, Windows Update History reports that KB4054517 failed to install because of error 0x80070643.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4093112.)

KB4089848 (OS Build 16299.334)

Release date: March 22, 2018

This non-security updates fixes a variety of minor bugs and issues but offers no new features. Among other issues, it fixes a problem in which Bluetooth devices failed to receive data after a restart, and problems Microsoft Edge had in rendering PDF documents with backgrounds created using various third-party publishing tools. It also fixed an issue with the press-and-hold feature when using a pen in Tablet mode, and another that caused monitors to disconnect after a computer woke from Sleep.

(Get more info about KB4089848.)

KB4088776 (OS Build 16299.309)

Release date: March 13, 2018

This update fixes a variety of bugs and closes several security holes. It fixes a problem in which pinch and zoom gestures don’t work on some hardware when using Internet Explorer, and another one in which Internet Explorer becomes unresponsive in certain scenarios when a Browser Helper Object is installed. It also fixes a bug in which media and other applications become unresponsive or fail when upgrading graphics drivers, and one in which after installing KB4090913, the Mixed Reality Portal failed to initialize.

The update also includes security updates to Internet Explorer, Microsoft Edge, Microsoft Scripting Engine, Windows Desktop Bridge, Windows Kernel, Windows Shell, Windows MSXML, Device Guard, Windows Hyper-V, Windows Installer, and the Microsoft Scripting Engine.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4088776.)

KB4090913 (OS Build 16299.251)

Release date: March 5, 2018

This update fixes a significant bug and adds no new features. The bug was one in which some USB devices and onboard devices, including built-in laptop cameras, keyboards, or mice, stopped working. It occurred when the Windows Update servicing stack incorrectly skipped installing newer versions of critical drivers in the cumulative update and uninstalled the currently active drivers.

The current update has a variety of known issues, including that some devices may fail to start after installing it and return the error message INACCESSIBLE_BOOT_DEVICE. See Microsoft’s suggested workarounds.

(Get more info about KB4090913.)

KB4074588 (OS Build 16299.248)

Release date: February 13, 2018

This February 2018 “Patch Tuesday” update fixes a wide variety of bugs, adds no new features and offers a several security updates. Among other bugs handled, it fixes an issue in Internet Explorer where pressing the delete key inserted a new line in input boxes in an application. It also updates time zone information and fixes a bug that caused delays when switching keyboard languages using Alt+Shift. There are a number of known issues with the update, including one in which Windows Update History incorrectly reports that KB4054517 failed to install. 

The patch also includes security updates to Microsoft Scripting Engine, Microsoft Edge, Internet Explorer, Microsoft Windows Search component, Windows Kernel, Windows Authentication, Device Guard, Common Log File System driver, and the Windows storage and file systems.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4074588.)

KB4058258 (OS Build 16299.214)

Release date: January 31, 2018

This minor non-feature update fixes a variety of minor bugs, including one in which colors are distorted when the system is connected to displays that support the wide color gamut, and another in which delays are caused when switching keyboard languages using Alt+Shift. The update also includes unnamed security protections for 32-bit (x86) versions of the Windows 10 Fall Creators Update. There are several known issues with the update, including that after its installation, “Windows Update History reports that KB4054517 failed to install because of error 0x80070643.”

(Get more info about KB4058258.)

KB4073291 (OS Build 16299.201)

Release date: January 18, 2018

This update is only for PCs with the 32-bit (x86) version of Windows 10 1709 that have already installed the January 3, 2018 update (KB4056892, OS Build 16299.192). Microsoft has provided no information about this update beyond a list of files that are in it (CSV download) and that it “provides additional protections for 32-Bit (x86) version of Windows 10 1709.” However, it notes that there are a number of known issues with the update, including that “Windows Update History reports that KB4054517 failed to install because of Error 0x80070643.”

(Get more info about KB4073291.)

KB4056892 (OS Build 16299.192)

Release date: January 3, 2018

This update fixes a variety of minor bugs, including one in which event logs stop receiving events when a maximum file size policy is applied to the channel. It also fixes several Microsoft Edge-related issues including one in which printing an Office Online document in Microsoft Edge fails and another in which Microsoft Edge stops responding for up to 3 seconds while displaying content from a software rendering path.

Also included are security updates for Internet Explorer, Microsoft Edge, Windows 10, .NET Framework and more. For details see the January 2018 Security Updates Release Notes.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4056892.)

KB4054517 (OS Build 16299.125)

Release date: December 12, 2017

This update fixes a variety of minor bugs, including one in which Windows Defender Device Guard and Application Control block some applications from running, even in Audit-Only Enforcement Mode. It also fixes a variety of issues with updating time zone information.

Also included are 34 security updates to the Microsoft Scripting Engine, Microsoft Edge and Windows Server. The most notable of them are fixes to two remote code execution bugs in the Microsoft Malware Protection Engine. For details about the two remote execution bugs, see CVE-2017-11937 and CVE-2017-11940.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4054517.)

KB4051963 (OS Build 16299.98)

Release date: November 30, 2017

This minor, non-feature update includes a variety of bug fixes. It addresses several problems with Internet Explorer, including a script-related issue that caused the browser to stop working in some cases, and another in which forms submissions didn’t work properly. It also fixed performance problems when users run full-screen Microsoft DirectX 9 games and applications. And it fixes an issue in which user selections for Feedback Frequency in Settings > Privacy > Feedback & diagnostics weren’t saved.

(Get more info about KB4051963.)

KB4048955 (OS Build 16299.64)

Release date: November 14, 2017

This first “Patch Tuesday” release for the Fall Creators Update contains no new features, but has a variety of bug fixes and security patches. It fixes a problem that caused the Mixed Reality Portal to stop responding on launch and one where black screens appeared when switching between windowed and full-screen modes when playing some Microsoft DirectX games. It also fixes an issue in which application tiles were missing from the Start menu. A variety of other problems have been solved as well.

Fifty-three security vulnerabilities have also been also fixed, with 20 of them rated as critical. Security holes have been patched throughout Windows, including in Internet Explorer, Microsoft Edge, Windows, Microsoft Office, ASP.NET Core, and Chakra Core.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4048955.)

KB4043961 (OS Build 16299.19)

Release date: October 17, 2017

This very minor, non-feature update addresses only a few small issues, including a bug in which, after apps are removed, they’re reinstalled on every restart, logoff and login. There are also security updates to Windows kernel-mode drivers, Microsoft Graphics Component, Internet Explorer, Windows kernel, Microsoft Windows Search Component, Windows TPM, Windows NTLM, Device Guard, Microsoft Scripting Engine, Windows Wireless Networking, Microsoft Windows DNS, Windows Server, Microsoft JET Database Engine, and the Windows SMB Server.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4043961.)

Windows 10 Fall Creators Update (version 1709)

Release date: October 17, 2017

Version 1709, called the Windows 10 Fall Creators Update, is the major update to Windows 10 that preceded the April 2018 Update. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

• OneDrive gets a new feature called Files On-Demand that gives you access to all of your OneDrive files on every device, without having to download them first. You’ll be able to see all the files you have in OneDrive, even if they’re only in the cloud and not on your PC. Icons tell you which are local and which are in the cloud. Just open the file, and if it’s not on your PC, it gets downloaded.
• The new My People feature lets you pin three contacts to the Windows taskbar and then communicate with them instantly without having to open a separate app such as Skype or Mail. You can also click to see a list of all communications between them and you at a glance.
• You can now send web links from your iOS or Android device to your PC and have them open in Microsoft Edge.
• Cortana gets several new features, including displaying results in a scrollable flyout panel, so you don’t have to launch a web browser.
• Microsoft Edge gets some minor improvements, including better Favorites handling and the ability to mark up PDFs and e-books.
• Security has been beefed up, including the addition of Windows Defender Exploit Guard, which includes intrusion rules and policies to protect against a variety of threats, notably zero-day exploits. A new anti-ransomware feature called Controlled Folder Access has also been added; it lets only approved apps have access to Windows system files and folders.
• New privacy features include the ability to review the kinds of devices and services apps from the Microsoft Store want access to before you download them.
• The update incorporates Microsoft’s new design system and guidelines, called Fluent Design. Overall, transitions are smoother, and there are subtle changes to the transparency effect.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 Fall Creators Update:

• The notoriously insecure SMBv1 networking protocol, exploited in recent ransomware attacks including WannaCry and Petya, won’t be included on clean installs of the Windows 10 Fall Creators Update, but SMBv1 components will remain if you do in-place upgrades on PCs that already have the component installed.
• Windows Defender Advanced Threat Protection (ATP), a suite of tools introduced in Windows 10 that helps enterprise customers protect their users and networks against threats and respond to attacks, is being beefed up. Among other things, it will run on the Windows Server OS.
• ATP is also part of Windows Defender Application Guard for Microsoft Edge, available only for Windows 10 Enterprise Edition. It protects against malware attacks by confining visits to unknown or untrusted websites to a virtual machine, so that attacks can’t spread to a PC or the network.
• Windows AutoPilot, which improves self-service deployments of Windows 10 PCs, gets a variety of tweaks, including better mobile device management (MDM) services.
• Windows Analytics’ new Device Health tool gathers information on how PCs perform in an enterprise, and based on that, identifies potential issues and outlines steps to resolve them.
• Enterprises get more control over what kind of information Windows Analytics gathers for the IT staff. In order to improve users’ privacy, IT staff can limit the information collected by Windows Analytics to only diagnostic data.

For more details about new features for IT, see “What’s new in Windows 10, version 1709 IT Pro content,”  “Announcing end-to-end security features in Windows 10” and “Delivering the Modern IT promise with Windows 10” from Microsoft.

Updates to the Creators Update (version 1703)

KB4041676 (OS Build 15063.674)

Release date: October 10, 2017

This non-feature update addresses a wide variety of issues, including ones related to security. It fixes a bug that won’t allow some games from downloading from the MIcrosoft Store. The build also fixes an issue in which some Universal Windows Platform (UWP) apps and Centennial apps (.NET and Win32-based Windows applications that have been packaged to be published to the Microsoft Store) have a gray icon and display the error message “This app can’t open” on launch.

In addition, security updates are included for many parts of Windows, including Microsoft Windows Search Component, Windows kernel-mode drivers, Microsoft Graphics Component, Internet Explorer, Windows kernel, Microsoft Edge, Windows Authentication, Windows TPM, Device Guard, Windows Wireless Networking, Windows Storage and Filesystems, Microsoft Windows DNS, Microsoft Scripting Engine, Windows Server, Windows Subsystem for Linux, Microsoft JET Database Engine, and the Windows SMB Server.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4041767.)

KB4040724 (OS Build 15063.632)

Release date: September 25, 2017

This non-feature update addresses two very minor issues: Cellular connectivity and reliability have been improved, and performance problems with Microsoft Edge that were introduced in KB40387888 have been resolved.

(Get more info about KB4040724.)

KB4038788 (OS Build 15063.608)

Release date: Sept. 12, 2017

This non-feature update addresses a wide variety of miscellaneous minor issues, including one where some machines fail to load wireless WAN devices when they resume from Sleep, and another where spoolsv.exe stops working. Also addressed is a problem in which the option to join Azure AAD is sometimes unavailable during the out-of-box experience, and another in which clicking the buttons on Windows Action Center notifications results in no action being taken.

What IT needs to know

This release includes security updates to Microsoft Graphics Component, Windows kernel-mode drivers, Windows shell, Microsoft Uniscribe, Microsoft Edge, Device Guard, Windows TPM, Internet Explorer, Microsoft Scripting Engine, Windows Hyper-V, Windows kernel and Windows Virtualization. Because it’s a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4038788.)

KB4034674 (OS Build 15063.540)

Release date: Aug. 8, 2017

This non-feature update addresses a variety of minor issues, primarily aimed at IT. Two fixes are for mobile devices: One in which the policies provisioned using Mobile Device Management (MDM) don’t take precedence over policies set by provisioning packages, but should, and another in which an access violation in the Mobile Device Manager Enterprise feature causes stop errors. Also addressed is an issue in which the Site to Zone Assignment List group policy (GPO) was not set on machines when it was enabled.

There are also security updates for many Windows features and services, including Microsoft Edge, Microsoft Windows Search Component, Microsoft Scripting Engine, Microsoft Windows PDF Library, Windows Hyper-V, Windows Server, Windows kernel-mode drivers, Windows Subsystem for Linux, Windows shell, Common Log File System Driver, Internet Explorer, and the Microsoft JET Database Engine.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4034674.)

KB4032188 (OS Build 15063.502)

Release date: July 31, 2017

This non-feature update addresses a variety of minor issues and bugs, including one in which Win32 applications have problems working with various Bluetooth LE devices including head tracking devices, a reliability issue with launching the Settings app while an application is using the camera, and a bug in which video playback artifacts appear during transitions from portrait to landscape on mobile devices.

What IT needs to know: Several minor issues addressed in this update affect IT, including the Mobile Device Manager Enterprise feature not allowing headsets to work correctly, and a bug that can cause a service using a Managed Service Account (MSA) to fail to connect to a domain after an automatic password update.

(Get more info about KB4032188.)

KB4025342 (OS Build 15063.483)

Release date: July 11, 2017

This security update (a Patch Tuesday release) fixes 54 vulnerabilities in Windows 10, Microsoft Edge, Internet Explorer, Microsoft Office and Microsoft Exchange. Nineteen of the vulnerabilities were rated as critical, 32 as important and three as moderate.

The critical bugs include six remote code execution ones, including one for Microsoft’s HoloLens mixed reality head-mounted display that is currently available only to developers. It allowed the device to be hacked “by merely receiving WiFi packets, apparently without any form of authentication at all,” in Microsoft’s words.

Microsoft Edge received patches for thirteen critical scripting engine memory corruption vulnerabilities, including one in which an attacker could gain the same user rights as the current user.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update. In addition to the patches for Windows 10 Creators Update are security patches for Windows Server 2016 / Windows 10 Anniversary Update.

(Get more info about KB4025342.)

KB4022716 (OS Build 15063.447)

Release date: June 27, 2017

This non-security update kills more than three dozen minor bugs. Among them are one that causes the Camera app to use a lot of memory on mobile platforms, which reduces battery life. The update also improves Bluetooth connectivity with wearable devices.

What IT needs to know: Some of the bugs affect networks, including one in which network printers may fail when using the printer vendor’s setup software on machines with less than 4GB of RAM. Installing the printers using the Settings app or from Devices and Printers in Control Panel will ensure they’re installed properly. In addition, the update fixes an issue which prevented users from connecting to the Terminal Services Gateway (TSG) running on Windows Server 2008 SP2 after it has been upgraded to the Creators Update, with the result that users were not able to access Remote Desktop Services or remote apps.

(Get more info about KB4022716.)

KB4022725 (OS Builds 15063.413 and 15063.414)

Release date: June 13, 2017

This security update closes dozens of security holes, including two remote code execution vulnerabilities (CVE-2017-8464, which is similar to Stuxnet, and CVE-2017-8543, which is a wormlike attack).

It also fixes a variety of bugs, including one in which a user may have to press the space bar to dismiss the lock screen to log in, even after the log on is authenticated using a companion device.

What IT needs to know: Because this is a security update, it should be applied immediately, especially because several of the security holes are being actively used by attackers. (Get more info about KB4022725.)

KB4020102 (OS Build 15063.332)

Release date: May 25, 2017

This non-security update fixes a wide variety of bugs but offers no new features. Among other issues, it fixes a problem when network printers may fail to install using the printer vendor’s setup software on PCs with less than 4GB of RAM. It also fixes several problems with Internet Explorer, including one where non-administrator users can’t install ActiveX controls. (Get more info about KB4020102.)

KB4016871 (OS Builds 15063.296 and 15063.297)

Release date: May 9, 2017

This is a security update that also includes minor bug fixes, but no new features. The security updates are for Microsoft Edge, Internet Explorer, Microsoft Graphics Component, Windows SMB Server, Windows COM, Microsoft Scripting Engine, the Windows kernel, Windows Server, and the .NET Framework. Among the bugs fixed are one in which autochk.exe can randomly skip drive checks and not fix data corruptions, which could lead to data loss.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update. (Get more info about KB4016871.)

KB4016240 (OS Build 15063.250)

Release date: April 25, 2017

This non-security update squashes a wide variety of bugs but includes no new features. It fixes a bug that caused intermittent logout from web applications and another that made systems unresponsive in certain situations after running Direct3D apps in full-screen exclusive mode. Previous to this patch, Windows Forms configuration issues caused antivirus applications to stop working at startup; they now work.

What IT needs to know: Two of the bugs fixed with this release are one in which some VMs experienced network connectivity loss while provisioning IP addresses and another that prevented Group Policy settings from disabling the lock screen. (Get more info about  KB4016240.)

KB4015583 (OS Build 15063.138)

Release date: April 11, 2017

This security update includes only a few minor bug fixes and no new features. It updates security for Scripting Engine, libjpeg image-processing library, Hyper-V, Windows kernel-mode drivers, Adobe Type Manager Font Driver, Internet Explorer, Graphics Component, Active Directory Federation Services, .NET Framework, Lightweight Directory Access Protocol, Microsoft Edge and Windows OLE. In addition, it fixes a problem with updating time zone information.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update. (Get more info about KB4015583.)

KB4016251 (OS Build 15063.13)

Release date: April 5, 2017

This non-security update fixes a few very minor bugs and has no new features. It repairs a problem that caused the Surface USB: Bluetooth radio to sometimes fail during hibernate/resume, and fixes an issue in which a virus protection product driver installation would trigger a system crash on Windows build 15060 configured with DeviceGuard. (Get more info about KB4016251.)

Windows 10 Creators Update (version 1703)

Release date: April 5, 2017

Version 1703, dubbed the Creators Update, is the major update to Windows 10 that preceded the Fall Creators Update. Here’s a quick summary of what’s new for users in the Creators Update. (For more details, see our full review.)

• It helps you better organize the Start menu by letting you put multiple tiles for apps into a single folder — for example, you can group all social media apps into one folder.
• Users are given a bit more control over the update process: They can delay an update for three days and keep delaying it in three-day increments, or choose specific times for updates to install.
• The Edge browser has gotten some improvements, including having Flash disabled by default for security reasons and supporting the ePub and PDF formats for reading books and other content.
• Microsoft added some 3D and virtual reality features, including running HoloLens virtual reality and mixed reality apps for the first time, and introducing a Paint 3D app for creating 3D objects.
• System settings that previously were in multiple locations have been consolidated into the Settings app.
• There’s a new all-in-one security dashboard called Windows Defender Security Center that consolidates many security and computer health settings and information.
• New gaming features include streaming gaming sessions over the internet; a Game Mode to improve gaming performance; and a Game bar to let you record your gameplay, take screenshots and perform games-related tasks.
• The Cortana personal assistant gets a few modest additions, including scheduling monthly reminders and helping you set up devices.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 Creators Update:

• Security has been improved in a number of ways, including adding new features and insights into Windows Defender Advanced Threat Protection (ATP) to better investigate and respond to network threats. Among the new features are sensors in memory, better intelligence and improved remediation capabilities.
• Several new configuration service providers (CSPs) available in the Creators Update let administrators manage Windows 10 devices through Mobile Device Management (MDM) or provisioning packages. The DynamicManagement CSP, for instance, can enable or disable certain device features depending on location, network presence or time.
• New mobile application management capabilities can protect data on personal mobile devices without requiring each device to be part of the corporate MDM.
• The Windows Configuration Designer (previously called Windows Imaging and Configuration Designer) includes new wizards to make it easier to create provisioning packages, including for desktop devices, Windows mobile devices, Surface Hub devices, HoloLens devices and kiosk devices.
• Enterprise security administrators get a more comprehensive documentation library for Windows Defender Antivirus.
• If an enterprise-wide update policy hasn’t been configured, users with Windows Pro, Windows Enterprise or Windows Education editions have much more control over how Windows updates. With the Creators Update, users can now automatically delay cumulative monthly updates for up to 30 days, and can delay feature updates by up to 365 days.

For more details about new features for IT, see the Microsoft blog posts “Windows 10 Creators Update advances security and best-in-class modern IT tools” and “What’s new in Windows 10, version 1703 IT pro content.”