Windows 10: Preview Updates KB4586819 (19. Nov. 2020)

[English]Am 19. November 2020 hat Microsoft noch das Preview Updates für diverse Windows 10 Versionen freigegeben. Es sind optionale Updates, die zum Dezember 2020-Patchday regulär ausgerollt werden sollen. Hier einige Details zu diesen Updates.

Eine Liste der Updates lässt sich auf dieser Microsoft-Webseite abrufen. Ich habe nachfolgend die Details herausgezogen. Die Update-Installation setzt ein vorhandenes aktuelles Servicing Stack Update (SSUs) voraus. Microsoft veröffentlicht inzwischen eine Übersicht aktueller Servicing Stack Updates (SSUs) unter ADV990001 (falls die nicht aktuell ist, im Microsoft Update Catalog nach Servicing Stack Updates suchen lassen).

Wichtig: Ab Juli 2020 deaktivieren alle Windows Updates die RemoteFX vGPU-Funktion aufgrund der Sicherheitslücke CVE-2020-1036 (siehe auch KB4570006). Nach der Installation dieses Updates schlagen Versuche, virtuelle Maschinen (VM) zu starten, bei denen RemoteFX vGPU aktiviert ist, fehl.

Die Updates für den Kerberos Authentifizierungsfehler sind im Blog-Beitrag Weitere Windows-Updates mit Fix für Kerberos-Authentication-Problem (19.11.2020) beschrieben.

Update KB4586819 für Windows 10 Version 190x

Das Preview-Update KB4586819 ist kumulativ und steht für die Windows 10 Versionen 1903 und 1909 sowie für Windows Server Version 1903 und Windows Server Version 1909 bereit zur Verfügung. Es hebt die OS-Build auf 18362.1237 (Windows 10 V1903) bzw. auf 18363.12371 (Windows 10 V1909). Es beinhaltet Qualitätsverbesserungen aber keine neuen Betriebssystemfunktionen. Hier die Liste der Verbesserungen, von Microsoft als Highlights bezeichnet:

• Updates an issue that causes the Chromium-based Microsoft Edge browser to open in the background when a device is in tablet mode.
• Updates an issue that causes Narrator to stop responding after you unlock a device if Narrator was in use before you locked the device.
• Updates an issue with USB 3.0 hubs. A device connected to the hub might stop working when you set the device to hibernate or restart the device.
• Updates an issue that might cause games that use spatial audio to stop working.
• Updates the visual quality of Windows Mixed Reality headsets that run in lower resolution mode.

Hinzukommen folgende Fixes und Verbesserungen an der Windows 10 Version 1909, die aber identisch mit der Version 1903 (Update steht auch für die Hololens bereit) sind:

• Updates Internet Explorer's About dialog to use the standard modern dialog.
• Addresses an issue that causes the Chromium-based Microsoft Edge browser to open in the background when a device is in tablet mode.
• Addresses an issue that causes Narrator to stop responding after you unlock a device if Narrator was in use before you locked the device.
• Addresses an issue that displays a black screen to Windows Virtual Desktop (WVD) users when they attempt to sign in.
• Addresses an issue with using Microsoft Changjie that causes apps to stop working because of a stack overflow.
• Addresses an issue with USB 3.0 hubs. A device connected to the hub might stop working when you set the device to hibernate or restart the device.
• Addresses an issue that might cause Windows to inadvertently modify settings for certain IP cameras that are on the same network as the Windows device.
• Addresses an issue that might cause games that use spatial audio to stop working.
• Addresses an issue with leaking Graphics Device Interface (GDI) Font Handles that result in unexpected behaviors in certain applications.
• Addresses an issue with missing enforced groups in the Start menu layout, which occurs when using mobile device management (MDM) to set the tile groups.
• Addresses an issue that fails to set the desktop wallpaper as configured by a Group Policy object (GPO) when you specify the local background as a solid color.
• Addresses an issue with excessive network traffic that occurs when you use the Open File dialog box in File Explorer and browse to a shared folder that has the Previous Version feature available.
• Addresses an issue with the Search bar in Shell namespace extension products, which causes File Explorer to stop working unexpectedly.
• Addresses an issue that prevents you from signing in on certain servers. This occurs when you enable a Group Policy that forces the start of a computer session to be interactive.
• Addresses an issue that prevents the Sign in options page from opening using the ms-settings:signinoptions-launchfaceenrollment URI.
• Addresses an issue that generates a 0x57 error when the wecutil ss /c: command is used to update an Event Forwarding subscription.
• Addresses an issue that might prevent user settings from syncing across devices.
• Addresses an issue that causes the "I forgot my Pin" functionality on the lock screen to fail. This failure occurs if the user has signed in using a username and password and the DontDisplayLastUserName or HideFastUserSwitching policy settings are enabled.
• Addresses an issue that causes applications to fail when they call the LookupAccountSid() API. This occurs after migrating accounts to a new domain whose name is shorter than the name of the previous domain.
• Addresses an issue in which loading a Code Integrity Policy causes PowerShell to leak a large amount of memory.
• Addresses an issue that causes a system to stop working during startup. This occurs when the CrashOnAuditFail policy is set to 1 and command-line argument auditing is turned on.
• Addresses an issue that causes the Microsoft Management Console (MMC) Group Policy application to stop working when you are editing the Group Policy Security settings. The error message is, "MMC cannot initialize the snap-in."
• Addresses an issue that fails to free a system's non-paged pool and requires a restart of the system. This occurs when running 32-bit applications with the Federal Information Processing Standard (FIPS) mode enabled.
• Addresses an issue that prevents access to Azure Active Directory (AD) using the Google Chrome browser because of a Conditional Access policy error.
• Improves the visual quality of Windows Mixed Reality headsets that run in lower resolution mode.
• Extends Microsoft Defender for Endpoint support to new regions.
• Addresses an issue in the Microsoft Remote Procedure Call (RPC) runtime that causes the Distributed File System Replication (DFSR) service to stop responding. This issue generates log events for DFS Replication (5014), RPC (1726), and no reconnection (5004) for a default timeout of 24 hours with no replication.
• Addresses an issue that causes a wireless receiver to disconnect during a wireless projection session.
• Addresses an issue that prevents the PDF24 app, version 9.1.1, from opening .txt files.
• Addresses an issue that might cause a non-paged pool memory leak in some scenarios.
• Addresses an issue that might cause a memory leak in bindflt.sys when copying files in a container scenario.
• Addresses an issue with Active Directory Certificate Services (AD CS) that might prevent Certificate Transparency (CT) logs from being submitted, if enabled.
• Addresses an issue in which cluster validation tests internal switches that are not for cluster use and re-communication.

Dieses Update wird als über Windows Update angeboten, ist aber auch im Microsoft Update Catalog (nicht jedoch für WSUS) erhältlich. Laut Microsoft ist das Update optional und wird nur bei einer Update-Suche gefunden. Microsoft empfiehlt dringend, dass Sie das neueste Service Stack Update (SSU) für Ihr Betriebssystem installieren, bevor Sie das neueste kumulative Update (LCU) installieren. Microsoft gibt ein bekanntes Problem (Zertifikate-Verlust beim Upgrade) an, welches im KB-Artikel dokumentiert ist (siehe auch Windows 10 vergisst Zertifikate beim Upgrade).

Zudem hat Microsoft ein Update direkt für den Windows Update Client veröffentlicht, um dessen Zuverlässigkeit zu verbessern. Das wird außerhalb von Windows Update ausgerollt, wenn die Maschine kompatibel und keine LTSC-Variante ist und Updates nicht per GPO blockiert wurden.

Update KB4586839 für Windows 10 Version 1809

Das kumulative Update KB4586839 hebt die OS-Build (laut MS) auf 17763.1613 und beinhaltet Qualitätsverbesserungen aber keine neuen Betriebssystemfunktionen. Microsoft gibt folgende Highlights an.

• Updates an issue that causes the Chromium-based Microsoft Edge browser to open in the background when a device is in tablet mode.
• Updates an issue that causes the hard drive to fill up in certain error situations.
• Updates an issue with USB 3.0 hubs. A device connected to the hub might stop working when you set the device to hibernate or restart the device.

Hier die Liste der weiteren Verbesserungen:

• Updates Internet Explorer's About dialog to use the standard modern dialog.
• Addresses an issue that causes the Chromium-based Microsoft Edge browser to open in the background when a device is in tablet mode.
• Addresses an issue that causes the hard drive to fill up in certain error situations.
• Addresses an issue with USB 3.0 hubs. A device connected to the hub might stop working when you set the device to hibernate or restart the device.
• Addresses an issue that generates a 0x57 error when the wecutil ss /c: command is used to update an Event Forwarding subscription.
• Addresses an issue that causes applications to fail when they call the LookupAccountSid() API. This occurs after migrating accounts to a new domain whose name is shorter than the name of the previous domain.
• Addresses an issue that causes Windows Defender Application Control to generate too many events related to dynamic code generation.
• Addresses an issue that causes the "I forgot my Pin" functionality on the lock screen to fail. This failure occurs if the user has signed in using a username and password and the DontDisplayLastUserName or HideFastUserSwitching policy settings are enabled.
• Addresses an issue that causes a system to stop working during startup. This occurs when the CrashOnAuditFail policy is set to 1 and command-line argument auditing is turned on.
• Addresses an issue that prevents access to Azure Active Directory (AD) using the Google Chrome browser because of a Conditional Access policy error.
• Addresses an issue that causes the Microsoft Management Console (MMC) Group Policy application to stop working when you are editing the Group Policy Security settings. The error message is, "MMC cannot initialize the snap-in."
• Addresses an issue that fails to free a system's non-paged pool and requires a restart of the system. This occurs when running 32-bit applications with the Federal Information Processing Standard (FIPS) mode enabled.
• Extends Microsoft Defender for Endpoint support to new regions.
• Addresses high memory and CPU utilization in Microsoft Defender for Endpoint.
• Addresses an issue in the Microsoft Remote Procedure Call (RPC) runtime that causes the Distributed File System Replication (DFSR) service to stop responding. This issue generates log events for DFS Replication (5014), RPC (1726), and no reconnection (5004) for a default timeout of 24 hours with no replication.
• Addresses an issue that might cause Dynamic Host Configuration Protocol (DHCP) servers to ignore Link Selection information (DHCP Option 82, sub-option 5) in DHCP Request packets from clients.
• Addresses an issue that prevents the PDF24 app, version 9.1.1, from opening .txt files.
• Addresses an issue that might cause a non-paged pool memory leak in a Remote Desktop Protocol (RDP) over virtual private network (VPN) scenario.
• Addresses an issue that might cause a memory leak in bindflt.sys when copying files in a container scenario.
• Addresses an issue with Active Directory Certificate Services (AD CS) that might prevent Certificate Transparency (CT) logs from being submitted, if enabled.
• Addresses an issue that fails to implement the terminal services (termsrv.dll) idle timeout settings.
• Addresses an issue with the User Datagram Protocol (UDP) rate controller feature that causes Remote Desktop Services (Terminal Services) to intermittently stop working. As a result, all RDP connections are lost.
• Addresses an issue with incorrect Canonical Display Driver (CDD) buffer flushing, which degrades performance in Remote Desktop Protocol (RDP) Windows 2000 Display Driver Model (XDDM) scenarios. This issue affects applications that use graphics processing units (GPU) to operate, such as Microsoft Teams, Microsoft Office, and web browsers.

Dieses Update wird als option über Windows Update angeboten, ist aber auch im Microsoft Update Catalog (nicht jedoch für WSUS) erhältlich. Laut Microsoft ist wird es nur bei einer Update-Suche gefunden. Microsoft empfiehlt dringend, dass Sie das neueste Service Stack Update (SSU) für Ihr Betriebssystem installieren, bevor Sie das neueste kumulative Update (LCU) installieren. Microsoft gibt ein bekanntes Problem (Fehler "0x800f0982) an, welches im KB-Artikel dokumentiert ist.

Zudem hat Microsoft ein Update direkt für den Windows Update Client veröffentlicht, um dessen Zuverlässigkeit zu verbessern. Das wird außerhalb von Windows Update ausgerollt, wenn die Maschine kompatibel und keine LTSC-Variante ist und Updates nicht per GPO blockiert wurden.

Das dürfte voraussichtlich das letzte Preview-Update für dieses Jahr für diese Windows 10-Versionen sein, da Microsoft im Dezember 2020 deren Auslieferung aussetzt (siehe Windows 10: Treiber- und Preview-Updates im Dezember 2020 ausgesetzt). (via)

Ähnliche Artikel:
Microsoft Office Patchday (3. November, 2020)
Microsoft Security Update Summary (10. November 2020
Patchday: Windows 10-Updates (10. November 2020)
Patchday: Updates für Windows 7/Server 2008 R2 (10.11.2020)
Patchday: Windows 8.1/Server 2012-Updates (10.11.2020)
Patchday Microsoft Office Updates (10. November 2020)