Patch Tuesday Cumulative Updates Are Now Available for Several Windows 10 Versions

Microsoft has released this month’s security updates for several supported versions of its desktop operating system, including the upcoming Windows 10 October 2020 Update. Today’s Windows 10 cumulative update is available for Windows 10 May 2020 Update (version 2004), Windows 10 November 2019 Update (version 1909), and May 2019 Update (version 1903), along with the older versions of the OS.

Today’s Patch Tuesday updates bring a number of improvements and bug fixes to Windows 10. Microsoft had released a preview of these updates last month, giving it some time to test these Windows 10 cumulative updates. But Patch Tuesday Windows 10 cumulative update also adds security fixes to the mix, making these mandatory, non-optional updates.

Changelog of Windows 10 Cumulative Update Builds 18362.1139 and 18363.1139 (KB4577671) for versions 1909 and 1903

• Updates to improve security when using Microsoft Office products.
• Updates for verifying usernames and passwords.
• Updates to improve security when Windows performs basic operations.
• Updates for storing and managing files.
• Addresses an issue with a possible elevation of privilege in win32k.
• Addresses an issue with the Group Policy service that might recursively delete critical files in alphabetic order from %systemroot%\systm32. This issue occurs when a policy has been configured to delete cached profiles. These file deletions might cause stop error “0x5A (CRITICAL_SERVICE_FAILED)” boot failures.
• Addresses an issue with creating null ports using the user interface.
• Security updates to Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Media, Windows Shell, Windows Cloud Infrastructure, Windows Fundamentals, Windows Authentication, Windows Virtualization, Windows Kernel, and Windows Storage and Filesystems.

Note that Windows 10 versions 1903 and 1909 share a common core operating system and an identical set of system files, which is why they receive the same set of updates.

More details about today’s update for version 2004 is available over at this link. Along with these 3 feature updates, today’s Patch Tuesday updates are also live for version 1803 (KB4580330 -Build 17134.1792), version 1709 (KB4580328 — Build 16299.2166), version 1703 (KB4580370 — Build 15063.2525), version 1607 (KB4580346 — Build 14393.3986), and the original version of Windows 10 (KB4580327 — Build 10240.18725).

Cumulative update for Windows 10 Version 1607 and Windows Server 2016: October 11, 2016

Summary

This security update includes improvements and fixes in the functionality of Windows 10 Version 1607 and Windows Server 2016. It also resolves the following vulnerabilities in Windows:

3193229 MS16-125: Security update for diagnostics hub: October 11, 2016

3193227 MS16-124: Security update for Windows registry: October 11, 2016

3192892 MS16-123: Security update for kernel-mode drivers: October 11, 2016

3195360 MS16-122: Security update for Microsoft video control: October 11, 2016

3192884 MS16-120: Security update for Microsoft graphics component: October 11, 2016

3192890 MS16-119: Cumulative security update for Microsoft Edge: October 11, 2016

3192887 MS16-118: Cumulative security update for Internet Explorer: October 11, 2016

3178465 MS16-101: Security update for Windows authentication methods: August 9, 2016

Windows 10 and Windows Server 2016 updates are cumulative. Therefore, this package contains all previously released fixes.

If you have installed previous updates, only the new fixes that are contained in this package will be downloaded and installed to your computer. If you are installing a Windows 10 or Windows Server 2016 update package for the first time, the package for the x86 version is 420 MB and the package for the x64 version is 781 MB.

Improvements and fixes

Known issues that are resolved by this update

This update resolves known issues that are caused by security update 3170005. For more information about the known issues, see the
Oct 2016 Update: Mitigation for known issues section in KB 3170005.

Known issues in this security update

Issue 1

After you install this security update, System Center Operations Manager (SCOM) Management Console crashes in State view.

To resolve this issue, install the following update:

3197954 Cumulative Update for Windows 10 Version 1607: October 27, 2016

Issue 2

If you are running McAfee Data Loss Prevention Endpoint (DLP Endpoint) and you install this update, you may experience loss of USB functionality.

Please contact McAfee to get their latest updates.

Issue 3

After you install this security update, some DFS-N mapped network drives may be inaccessible to members of the Administrators group when UAC and EnableLinkedConnections are enabled. This occurs when the process that is attempting to access the mapped network drive, is running in a different elevation status than the process that created the mapped network drive. For example, an Explorer window, that is an unelevated process, is unable to access a mapped drive created by a logon script, that runs in an elevated context.

To resolve this issue, install the update KB4011347.

How to get this update

Method 1: Windows Update

This update will be downloaded and installed automatically.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Prerequisites

There are no prerequisites for installing this update.

Restart information

You must restart the computer after you apply this update.

Update replacement information

This update replaces the previously released update 3189866.

File Information

For a list of the files that are provided in this cumulative update, download the file information for cumulative update 3194798.

References

Learn about the terminology that Microsoft uses to describe software updates.

The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.

Cumulative update for Windows 10 Version 1511: October 11, 2016

Summary

This security update includes improvements and fixes in the functionality of Windows 10 Version 1511. It also resolves the following vulnerabilities in Windows:

3193229 MS16-125: Security update for diagnostics hub: October 11, 2016

3193227 MS16-124: Security update for Windows registry: October 11, 2016

3192892 MS16-123: Security update for kernel-mode drivers: October 11, 2016

3195360 MS16-122: Security update for Microsoft video control: October 11, 2016

3192884 MS16-120: Security update for Microsoft graphics component: October 11, 2016

3192890 MS16-119: Cumulative security update for Microsoft Edge: October 11, 2016

3192887 MS16-118: Cumulative security update for Internet Explorer: October 11, 2016

3178465 MS16-101: Security update for Windows authentication methods: August 9, 2016

Windows 10 updates are cumulative. Therefore, this package contains all previously released fixes.

If you have installed previous updates, only the new fixes that are contained in this package will be downloaded and installed to your computer. If you are installing a Windows 10 update package for the first time, the package for the x86 version is 525 MB and the package for the x64 version is 989 MB.

Known issues in this security update

Issue 1

After you install this security update, System Center Operations Manager (SCOM) Management Console crashes in State view.

To resolve this issue, install the following update:

3200068 Cumulative Update for Windows 10 Version 1511: October 18, 2016

Issue 2

After you install this security update, some DFS-N mapped network drives may be inaccessible to members of the Administrators group when UAC and EnableLinkedConnections are enabled. This occurs when the process that is attempting to access the mapped network drive, is running in a different elevation status than the process that created the mapped network drive. For example, an Explorer window, that is an unelevated process, is unable to access a mapped drive created by a logon script, that runs in an elevated context.

To resolve this issue, install the update KB4013198.

How to get this update

Method 1: Windows Update

This update will be downloaded and installed automatically.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Prerequisites

There are no prerequisites for installing this update.

Restart information

You must restart the computer after you apply this update.

Update replacement information

This update replaces the previously released updates 3185614 and 3193517.

File Information

For a list of the files that are provided in this cumulative update, download the file information for cumulative update 3192441.

More Information

This package updates the Connected User Experiences and Telemetry service to provide benefit for enterprises by using Upgrade Analytics to plan and manage the Windows upgrade process. This update includes the following:

Support to enable upload of telemetry and download of settings in an authenticated proxy environment

Support to configure a specific proxy to upload telemetry and download settings

Support for Azure Active Directory (AAD) tenant identity

The Connected User Experiences and Telemetry service collects usage and diagnostics information from Windows. You can learn more about configuring Windows telemetry in your organization here.

This update also resolves known issues that are caused by security update 3170005. For more information about the known issues, see the
Oct 2016 Update: Mitigation for known issues section in KB 3170005.

Additionally, this update uses SSL (TCP Port 443) to download manifests and upload telemetry to Microsoft that uses the following DNS endpoints:

This update contains the following two manifests that are used by the service.

Registry information

ImportantFollow the steps in this section carefully. Serious problems might occur if you modify the registry incorrectly. Before you modify it, back up the registry for restoration in case problems occur.

By default on Windows 10, support for sending usage and diagnostics information through an authenticated proxy is disabled. When the setting isn’t disabled (0x0) through the following registry subkey, the Connected User Experiences and Telemetry service will impersonate a logged on user to authenticate with the proxy to send the information. If you are using Upgrade Analytics in a network environment that uses an authenticated proxy, we recommends configuring this setting to 0x0.

Locate and then select the registry subkey HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection

On the Edit menu, point to New, and then click DWORD Value.

Type DisableEnterpriseAuthProxy, and then press the Enter key.

In the Details pane, right-click DisableEnterpriseAuthProxy, and then click Modify.

In the Value data box, type 0 (not disabled) or 1 (disabled), and then click OK.

You can also configure Connected User Experiences and Telemetry to forward usage and diagnostics information to a specific proxy server by using the following registry path. You can specify the FQDN or IP address of the proxy server and optionally a port number.

Locate and then select the registry subkey HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection

On the Edit menu, point to New, and then click String Value.

Type TelemetryProxy, and then press the Enter key.

In the Details pane, right-click TelemetryProxy, and then click Modify.

In the Value data box, type server:port, and then click OK.

References

Learn about the terminology that Microsoft uses to describe software updates.

Windows 10 update history

Windows 10, version 1909 and Windows Server, version 1909

Updates for Windows 10, version 1909 and Windows Server, version 1909

Windows 10 is a service, which means it gets better through periodic software updates.

The great news is you usually don’t have to do anything! If you have enabled automatic updates, new updates will automatically download and install whenever they’re available, so you don’t have to think about it.

On the left side of this page, you’ll find a list of all the updates released for this version of Windows. You can also find more information about releases and any known issues. Installing the most recent update ensures that you also get any previous updates you might have missed, including any important security fixes.

For more information about the update and how to get it, see:

What’s new for Windows 10, version 1909 and Windows 10, version 1903 release notes

Windows 10, versions 1903 and 1909 share a common core operating system and an identical set of system files. As a result, the new features in Windows 10, version 1909 were included in the recent monthly quality update for Windows 10, version 1903 (released October 8, 2019), but are currently in a dormant state. These new features will remain dormant until they are turned on using an enablement package, which is a small, quick-to-install “master switch” that simply activates the Windows 10, version 1909 features.

To reflect this change, the release notes for Windows 10, version 1903 and Windows 10, version 1909 will share an update history page. Each release page will contain a list of addressed issues for both 1903 and 1909 versions. Note that the 1909 version will always contain the fixes for 1903; however, 1903 will not contain the fixes for 1909. This page will provide you with the build numbers for both 1909 and 1903 versions so that it will be easier for support to assist you if you encounter issues.

For more details about the enablement package and how to get the feature update, see the Windows 10, version 1909 delivery options blog.

Current status of Windows 10, version 1909 and Windows Server, version 1909

For the most up-to-date information about Known Issues for Windows and Windows Server, please go to the Windows release health dashboard.

Notes and messages

General

IMPORTANT Release notes are changing! To learn about the new URL, metadata updates, and more, see What’s next for Windows release notes.

IMPORTANT Starting in July 2020, we will resume non-security releases for Windows 10 and Windows Server, version 1809 and later. There is no change to the cumulative monthly security updates (also referred to as the «B» release or Update Tuesday release). For more information, see the blog post Resuming optional Windows 10 and Windows Server non-security monthly updates.

IMPORTANT Starting in July 2020, all Windows Updates will disable the RemoteFX vGPU feature because of a security vulnerability. For more information about the vulnerability, seeCVE-2020-1036 and KB4570006. After you install this update, attempts to start virtual machines (VM) that have RemoteFX vGPU enabled will fail, and messages such as the following will appear:

If you re-enable RemoteFX vGPU, a message similar to the following will appear:

“The virtual machine cannot be started because all the RemoteFX-capable GPUs are disabled in Hyper-V Manager.”

“The virtual machine cannot be started because the server has insufficient GPU resources.”

«We no longer support the RemoteFX 3D video adapter. If you are still using this adapter, you may become vulnerable to security risk. Learn more (https://go.microsoft.com/fwlink/?linkid=2131976)”

What’s new for Windows 10, version 1909 and Windows 10, version 1903 release notes

Windows 10, versions 1903 and 1909 share a common core operating system and an identical set of system files. As a result, the new features in Windows 10, version 1909 were included in the recent monthly quality update for Windows 10, version 1903 (released October 8, 2019), but are currently in a dormant state. These new features will remain dormant until they are turned on using an enablement package, which is a small, quick-to-install “master switch” that simply activates the Windows 10, version 1909 features.

To reflect this change, the release notes for Windows 10, version 1903 and Windows 10, version 1909 will share an update history page. Each release page will contain a list of addressed issues for both 1903 and 1909 versions. Note that the 1909 version will always contain the fixes for 1903; however, 1903 will not contain the fixes for 1909. This page will provide you with the build numbers for both 1909 and 1903 versions so that it will be easier for support to assist you if you encounter issues.

For more details about the enablement package and how to get the feature update, see the Windows 10, version 1909 delivery options blog.

Troubleshooting

If you have questions or need help activating or troubleshooting Windows, see our help topics below:

For information about how to update, see Update Windows 10.

If you have questions about manually installing or removing an update, see Windows Update: FAQ.

Getting an error message when updating? See Troubleshoot problems updating Windows 10.

If you need to activate Windows, see Activation in Windows 10. If you’re having trouble with activation, see Get help with Windows activation errors.

To get the latest major update to Windows 10, see Get the Windows 10 November 2019 Update.