The entire patching system has gone haywire since the Spectre and Meltdown chip bugs were revealed last month. From emergency patches to pulling those patches back, things have gone fairly confusing. While Microsoft usually sends its security updates every second Tuesday of the month, the company has sent over 4 cumulative updates since these bug reports were released. The expected Patch Tuesday updates weren't released last night, but they are finally out.
With the hope that February's Patch Tuesday brings some sanity to this continued patching ordeal, here are the details of all the Windows 10 cumulative updates being released today.
Windows 10 cumulative updates out for all versions in today's security patches
Here is the complete changelog of Windows 10 Fall Creators Update Version 1709 Build 16299.248 (KB4074588):
- Addresses issue where child accounts are able to access InPrivate mode on ARM devices even though their browsing and search history is sent to their parents. This occurs only on Microsoft accounts belonging to children that are managed using the Microsoft Family service and for which parents have enabled activity reporting. This applies to Microsoft Edge and Internet Explorer.
- Addresses issue with docking and undocking Internet Explorer windows.
- Addresses issue in Internet Explorer where pressing the delete key inserted a new line in input boxes in an application.
- Addresses issue in Internet Explorer where selected elements wouldn't update under certain circumstances.
- Addresses issue where some users may have experienced issues logging into some websites when using third-party account credentials in Microsoft Edge.
- Updates time zone information.
- Addresses issue with browser Compatibility View settings that occurs during updates.
- Addresses issue where, in certain hardware configurations, the frame rates of DirectX Games were unintentionally limited to a factor of the display's vertical synchronization.
- Addresses issue that causes delays when switching keyboard languages using Alt+Shift.
- Addresses issue where surround sound audio endpoints reverted to stereo after restarting.
- Improves and reduces conditions where certain Bluetooth keyboards drop keys during reconnection scenarios.
- Corrects mouse delays for devices that incorrectly report the battery level status.
- Addresses issue where MMC application snap-ins—such as Services, Local Policy Admin, and Printer Management—fail to run when Windows Defender Application Control (Device Guard) is turned on. The error is "Object doesn't support this property or method".
- Prevents use of the Pre-production Onesettings endpoint for Windows Setup when test signing is enabled.
- Addresses issue where installations of Windows Server, version 1709 are not automatically activated using the Automated Virtual Machine Activation (AVMA) feature on Hyper-V hosts that have been activated.
- Addresses issue with the Auto-register Inbox templates feature for UEV where the Scheduled Task didn't have the proper trigger.
- Addresses issue where the App-V client didn't read the policy for SyncOnBatteriesEnabled when the policy was set using a Group Policy Object (GPO).
- Addresses issue where the Supported On field for the Enable App-V Client policy is blank in the Group Policy editor.
- Addresses issue where the user’s hive data in the registry is not maintained correctly when some App-V packages belong to the connection group.
- Provides additional logging for administrators to take action, such as picking a proper configuration for their App-V package, when there are multiple configuration files for a single package.
- Addresses issue with App-V packages that aren't compatible with registry virtualization using kernel containers. To address the issue, we changed the registry virtualization to use the earlier (non-container) method by default. Customers who would like to use the new (kernel container) method for registry virtualization can still switch to it by setting the following registry value to 1:
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Compatibility
- Setting: ContainerRegistryEnabled
- DataType: DWORD
- Security updates to Microsoft Scripting Engine, Microsoft Edge, Internet Explorer, Microsoft Windows Search component, Windows Kernel, Windows Authentication, Device Guard, Common Log File System driver, and the Windows storage and file systems.
The Version 1703 Build 15063.909 (KB4074592) brings the following updates and security fixes (only those fixes that are different than the above changelog are mentioned):
- Addresses issue with a fragment identifier contained in links opened using the Enterprise Mode Site List to redirect from Microsoft Edge to Internet Explorer.
- Addresses issue with scrolling through customer applications in Microsoft Edge.
- Addresses a script-related issue that caused Internet Explorer to stop working in some cases.
- Addresses issue with launching files using linked shortcuts in Internet Explorer.
- Addresses issue with rendering graphics elements in Internet Explorer.
- Addresses issue where telemetry data couldn't be uploaded using UTC because of networking environments that prevent access to the necessary CRL servers.
- Addresses issue where the certutil.exe -MergePfx feature couldn't produce a merged EPF file for multiple V1 certificates.
- Addresses issue where booting with Unified Write Filter (UWF) turned on may lead to stop error 0xE1 in embedded devices, particularly when using a USB HUB.
- Improves performance of Intel processors that have Hardware P-States (HWP) enabled.
- Addresses issue where customers sometimes see the error message "Something went wrong" after completing the out-of-box experience.
Microsoft has also released Windows 10 Cumulative Update for Version 1603 (Build 14393.2068, KB4074590), Version 1511 (Build 10586.1417, KB4074591), and the original Windows 10 (Build 10240.17770, KB4074596). Along with performance issues and fixes, the Redmond software giant has also fixed over 50 security issues. Microsoft has also updated its guidance to mitigate speculative execution side-channel vulnerabilities (Meltdown and Spectre).
- More information is available here.
