Microsoft Known Issue

Known issues in Microsoft Patches:
 
Microsoft often releases patches to address security and reliability issues. Sometimes, patches itself will introduce unprecedented issues after installing them. Here's the updated list of all the known issues in Microsoft patches and possible workaround for them.

Oops! No results for your search.

workaround
Jul 14, 2021
KB5004289
2021-07 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5004289) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jul 14, 2021
KB5004289
2021-07 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5004289) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004237
2021-07 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5004237)
When using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually. Note The affected apps are using the ImmGetCompositionString() function.
We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004237
2021-07 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5004237)
Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the using SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business.
workaround
Jul 14, 2021
KB5004305
2021-07 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5004305) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jul 14, 2021
KB5004305
2021-07 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5004305) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004235
2021-07 Cumulative Update for Azure Stack HCI, version 20H2 and Windows Server 2019 Datacenter: Azure Edition for x64-based Systems (KB5004235)
You might have issues installing this update by using the Windows Admin Center or Cluster Aware Updating (CAU) through the Windows Update Plugin.
For more information about this issue, please see KB5004971: Issue installing updates in some Azure Stack HCI clusters
workaround
Jul 14, 2021
KB5004285
2021-07 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5004285)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004302
2021-07 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5004302)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004298
2021-07 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5004298)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004307
2021-07 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5004307) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jul 14, 2021
KB5004307
2021-07 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5004307) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004244
2021-07 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5004244)
After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004244
2021-07 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5004244)
After installing KB5001342 or later, the Cluster Service might fail to start because a Cluster Network Driver is not found.
This issue occurs because of an update to the PnP class drivers used by this service. After about 20 minutes, you should be able to restart your device and not encounter this issue. For more information about the specific errors, cause, and workaround for this issue, please see KB5003571.
workaround
Jul 14, 2021
KB5004294
2021-07 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5004294)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004299
2021-07 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5004299) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004960
2021-07 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5004960) (CVE-2021-34527)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004956
2021-07 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5004956) (CVE-2021-34527)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004955
2021-07 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5004955) (ESU) (CVE-2021-34527)
After installing this update or later updates, connections to SQL Server 2005 might fail. You might receive an error, "Cannot connect to, Additional information: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 4
This is expected behavior due to a security hardening change in this update. To resolve this issue, you will need to update to a supported version of SQL Server.
workaround
Jul 14, 2021
KB5004955
2021-07 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5004955) (ESU) (CVE-2021-34527)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jul 14, 2021
KB5004955
2021-07 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5004955) (ESU) (CVE-2021-34527)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004954
2021-07 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5004954) (CVE-2021-34527)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004953
2021-07 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5004953) (ESU) (CVE-2021-34527)
After installing this update or later updates, connections to SQL Server 2005 might fail. You might receive the following error: "Cannot connect to, Additional information: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provide
This is expected behavior due to a security hardening change in this update. To resolve this issue, you will need to update to a supported version of SQL Server.
workaround
Jul 14, 2021
KB5004953
2021-07 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5004953) (ESU) (CVE-2021-34527)
After installing this update and restarting your device, you might receive the error, "Failure to configure Windows updates. Reverting Changes. Do not turn off your computer", and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jul 14, 2021
KB5004953
2021-07 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5004953) (ESU) (CVE-2021-34527)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004945
2021-07 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5004945) (CVE-2021-34527)
When using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually. Note The affected apps are using the ImmGetCompositionString() function.
We are working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004945
2021-07 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5004945) (CVE-2021-34527)
Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the using SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business
workaround
Jul 14, 2021
KB5004945
2021-07 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5004945) (CVE-2021-34527)
After installing this update, you might have issues printing to certain printers. Various brands and models are affected, primarily receipt or label printers that connect via USB. Note This issue is not related to CVE-2021-34527 or CVE-2021-1675.
This issue is resolved in KB5004237.
workaround
Jul 14, 2021
KB5004947
2021-07 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5004947) (CVE-2021-34527)
After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004947
2021-07 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5004947) (CVE-2021-34527)
After installing KB5001342 or later, the Cluster Service might fail to start because a Cluster Network Driver is not found.
This issue occurs because of an update to the PnP class drivers used by this service. After about 20 minutes, you should be able to restart your device and not encounter this issue. For more information about the specific errors, cause, and workaround for this issue, please see KB5003571.
workaround
Jul 14, 2021
KB5004959
2021-07 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5004959) (ESU) (CVE-2021-34527)
After installing this update or later updates, connections to SQL Server 2005 might fail. You might receive an error, "Cannot connect to, Additional information: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 4
This is expected behavior due to a security hardening change in this update. To resolve this issue, you will need to update to a supported version of SQL Server.
workaround
Jul 14, 2021
KB5004959
2021-07 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5004959) (ESU) (CVE-2021-34527)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jul 14, 2021
KB5004959
2021-07 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5004959) (ESU) (CVE-2021-34527)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004958
2021-07 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5004958) (CVE-2021-34527)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jul 14, 2021
KB5004951
2021-07 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5004951) (ESU) (CVE-2021-34527)
After installing this update or later updates, connections to SQL Server 2005 might fail. You might receive the following error: "Cannot connect to, Additional information: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provide
This is expected behavior due to a security hardening change in this update. To resolve this issue, you will need to update to a supported version of SQL Server.
workaround
Jul 14, 2021
KB5004951
2021-07 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5004951) (ESU) (CVE-2021-34527)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the How to get this update section of this article.
workaround
Jul 14, 2021
KB5004951
2021-07 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5004951) (ESU) (CVE-2021-34527)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.

Disclaimer:This webpage is intended to provide you information about patch announcement for certain specific software products. The information is provided "As Is" without warranty of any kind. The links provided point to pages on the vendors websites. You can get more information by clicking the links to visit the relevant pages on the vendors website.

workaround
Jun 9, 2021
KB5003637
2021-06 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5003637)
After installing this update, 5.1 Dolby Digital audio may play containing a high-pitched noise or squeak in certain apps when using certain audio devices and Windows settings. Note This issue does not occur when stereo is used.
To mitigate this issue, you can try one or more of the following: Streaming the video or audio in a web browser or different app, instead of the app affected by this issue. Enable Spatial sound settings by right clicking or long pressing on the volume icon in the notification area, selecting Spatial sound (Off) and selecting any of the available options. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jun 9, 2021
KB5003637
2021-06 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5003637)
A small subset of users have reported lower than expected performance in games after installing this update. Most users affected by this issue are running games full screen or borderless windowed modes and using two or more monitors.
This issue is resolved using Known Issue Rollback (KIR). Please note that it might take up to 24 hours for the resolution to propagate automatically to consumer devices and non-managed business devices. Restarting your device might help the resolution apply to your device faster. For enterprise-managed devices that have installed an affected update and encountered this issue, it can be resolved by installing and configuring a special Group Policy. Note Devices need to be restarted after configuring the special Group Policy. For help, please see How to use Group Policy to deploy a Known Issue Rollback. For general information on using Group Policies, see Group Policy Overview.
workaround
Jun 9, 2021
KB5003637
2021-06 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5003637)
Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the using SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business
workaround
Jun 9, 2021
KB5003637
2021-06 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5003637)
When using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually. Note The affected apps are using the ImmGetCompositionString() function.
We are working on a resolution and will provide an update in an upcoming release.
workaround
Jun 9, 2021
KB5003637
2021-06 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5003637)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Jun 9, 2021
KB5003667
2021-06 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5003667) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jun 9, 2021
KB5003667
2021-06 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5003667) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jun 9, 2021
KB5003667
2021-06 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5003667) (ESU)
After installing this update or later updates, connections to SQL Server 2005 might fail. You might receive an error, "Cannot connect to, Additional information: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 4
This is expected behavior due to a security hardening change in this update. To resolve this issue, you will need to update to a supported version of SQL Server.
workaround
Jun 9, 2021
KB5003635
2021-06 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5003635)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Jun 9, 2021
KB5003661
2021-06 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5003661) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jun 9, 2021
KB5003661
2021-06 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5003661) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jun 9, 2021
KB5003661
2021-06 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5003661) (ESU)
After installing this update or later updates, connections to SQL Server 2005 might fail. You might receive an error, "Cannot connect to, Additional information: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 4
This is expected behavior due to a security hardening change in this update. To resolve this issue, you will need to update to a supported version of SQL Server.
workaround
Jun 9, 2021
KB5003681
2021-06 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5003681)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jun 9, 2021
KB5003696
2021-06 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5003696)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jun 9, 2021
KB5003694
2021-06 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5003694) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jun 9, 2021
KB5003694
2021-06 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5003694) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jun 9, 2021
KB5003694
2021-06 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5003694) (ESU)
After installing this update or later updates, connections to SQL Server 2005 might fail. You might receive an error, "Cannot connect to, Additional information: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 4
This is expected behavior due to a security hardening change in this update. To resolve this issue, you will need to update to a supported version of SQL Server.
workaround
Jun 9, 2021
KB5003646
2021-06 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5003646)
After installing KB5001342 or later, the Cluster Service might fail to start because a Cluster Network Driver is not found.
This issue occurs because of an update to the PnP class drivers used by this service. After about 20 minutes, you should be able to restart your device and not encounter this issue. For more information about the specific errors, cause, and workaround for this issue, please see KB5003571.
workaround
Jun 9, 2021
KB5003646
2021-06 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5003646)
After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jun 9, 2021
KB5003671
2021-06 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5003671)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jun 9, 2021
KB5003695
2021-06 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5003695) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jun 9, 2021
KB5003695
2021-06 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5003695) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jun 9, 2021
KB5003695
2021-06 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5003695) (ESU)
After installing this update or later updates, connections to SQL Server 2005 might fail. You might receive an error, "Cannot connect to, Additional information: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 4
This is expected behavior due to a security hardening change in this update. To resolve this issue, you will need to update to a supported version of SQL Server.
workaround
Jun 9, 2021
KB5003697
2021-06 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5003697)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jun 9, 2021
KB5003214
2021-05 Cumulative Update Preview for Windows Server, version 2004 for x64-based Systems (KB5003214)
Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the using SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business
workaround
Jun 9, 2021
KB5003214
2021-05 Cumulative Update Preview for Windows Server, version 2004 for x64-based Systems (KB5003214)
After installing this update, 5.1 Dolby Digital audio may play containing a high-pitched noise or squeak in certain apps when using certain audio devices and Windows settings. Note This issue does not occur when stereo is used.
To mitigate this issue, you can try one or more of the following: Streaming the video or audio in a web browser or different app, instead of the app affected by this issue. Enable Spatial sound settings by right clicking or long pressing on the volume icon in the notification area, selecting Spatial sound (Off) and selecting any of the available options. We are working on a resolution and will provide an update in an upcoming release.
workaround
Jun 9, 2021
KB5003214
2021-05 Cumulative Update Preview for Windows Server, version 2004 for x64-based Systems (KB5003214)
A small subset of users have reported lower than expected performance in games after installing this update. Most users affected by this issue are running games full screen or borderless windowed modes and using two or more monitors.
This issue is resolved using Known Issue Rollback (KIR). Please note that it might take up to 24 hours for the resolution to propagate automatically to consumer devices and non-managed business devices. Restarting your device might help the resolution apply to your device faster. For enterprise-managed devices that have installed an affected update and encountered this issue, it can be resolved by installing and configuring a special Group Policy. Note Devices need to be restarted after configuring the special Group Policy. For help, please see How to use Group Policy to deploy a Known Issue Rollback. For general information on using Group Policies, see Group Policy Overview.
workaround
Jun 9, 2021
KB5003214
2021-05 Cumulative Update Preview for Windows Server, version 2004 for x64-based Systems (KB5003214)
When using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually. Note The affected apps are using the ImmGetCompositionString() function.
We are working on a resolution and will provide an update in an upcoming release.
workaround
Jun 9, 2021
KB5003214
2021-05 Cumulative Update Preview for Windows Server, version 2004 for x64-based Systems (KB5003214)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Jun 9, 2021
KB5003212
2021-05 Cumulative Update Preview for Windows 10 Version 1909 for x64-based Systems (KB5003212)
After installing this update and restarting your device, you might be unable to sign into some Microsoft 365 desktop client apps such as Microsoft Teams, OneDrive for Business and Microsoft Outlook. You might also receive an 80080300 error or "We ran into a problem. Reconnecting…" when attempting to authenticate or sign into Teams. Note Mobile, web and non-Windows versions are not impacted.
To mitigate this issue on most devices, you can restart your device a second time. Most devices will sign into affected apps as expected for all subsequent restarts after the first restart that completes installation of the update. If restarting does not mitigate the issue on your device, you can use the web versions of the apps: Microsoft Teams OneDrive for Business Outlook We are presently investigating and will provide an update in an upcoming release.
workaround
Jun 9, 2021
KB5003212
2021-05 Cumulative Update Preview for Windows 10 Version 1909 for x64-based Systems (KB5003212)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Jun 9, 2021
KB5003217
2021-05 Cumulative Update Preview for Windows 10 Version 1809 for x64-based Systems (KB5003217)
After installing KB5001342 or later, the Cluster Service might fail to start because a Cluster Network Driver is not found.
This issue occurs because of an update to the PnP class drivers used by this service. After about 20 minutes, you should be able to restart your device and not encounter this issue. For more information about the specific errors, cause, and workaround for this issue, please see KB5003571.
workaround
Jun 9, 2021
KB5003217
2021-05 Cumulative Update Preview for Windows 10 Version 1809 for x64-based Systems (KB5003217)
After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.

Disclaimer:This webpage is intended to provide you information about patch announcement for certain specific software products. The information is provided "As Is" without warranty of any kind. The links provided point to pages on the vendors websites. You can get more information by clicking the links to visit the relevant pages on the vendors website.

workaround
May 12, 2021
KB5003220
2021-05 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5003220)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 12, 2021
KB5003197
2021-05 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5003197)
After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.
Set the domain default "Minimum Password Length" policy to less than or equal to 14 characters. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 12, 2021
KB5003203
2021-05 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5003203)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 12, 2021
KB5003209
2021-05 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5003209)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 12, 2021
KB5003228
2021-05 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5003228) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
May 12, 2021
KB5003228
2021-05 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5003228) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 12, 2021
KB5003173
2021-05 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5003173)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
May 12, 2021
KB5003173
2021-05 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5003173)
When using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually. Note The affected apps are using the ImmGetCompositionString() function.
We are working on a resolution and will provide an update in an upcoming release.
workaround
May 12, 2021
KB5003173
2021-05 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5003173)
Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the using SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business
workaround
May 12, 2021
KB5003173
2021-05 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5003173)
A small subset of users have reported lower than expected performance in games after installing this update. Most users affected by this issue are running games full screen or borderless windowed modes and using two or more monitors.
This issue is resolved using Known Issue Rollback (KIR). Please note that it might take up to 24 hours for the resolution to propagate automatically to consumer devices and non-managed business devices. Restarting your device might help the resolution apply to your device faster. For enterprise-managed devices that have installed an affected update and encountered this issue, it can be resolved by installing and configuring a special Group Policy. Note Devices need to be restarted after configuring the special Group Policy. For help, please see How to use Group Policy to deploy a Known Issue Rollback. For general information on using Group Policies, see Group Policy Overview.
workaround
May 12, 2021
KB5003225
2021-05 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5003225) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
May 12, 2021
KB5003225
2021-05 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5003225) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 12, 2021
KB5003208
2021-05 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5003208)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 12, 2021
KB5003233
2021-05 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5003233) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
May 12, 2021
KB5003233
2021-05 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5003233) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 12, 2021
KB5003171
2021-05 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5003171)
After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 12, 2021
KB5003210
2021-05 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5003210) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
May 12, 2021
KB5003210
2021-05 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5003210) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 12, 2021
KB5003169
2021-05 Cumulative Update for Windows Server, version 1909 for x64-based Systems (KB5003169)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
May 12, 2021
KB5001391
2021-04 Cumulative Update Preview for Windows Server, version 2004 for x64-based Systems (KB5001391)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
May 12, 2021
KB5001391
2021-04 Cumulative Update Preview for Windows Server, version 2004 for x64-based Systems (KB5001391)
When using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually. Note The affected apps are using the ImmGetCompositionString() function.
We are working on a resolution and will provide an update in an upcoming release.
workaround
May 12, 2021
KB5001391
2021-04 Cumulative Update Preview for Windows Server, version 2004 for x64-based Systems (KB5001391)
Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the using SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business
workaround
May 12, 2021
KB5001391
2021-04 Cumulative Update Preview for Windows Server, version 2004 for x64-based Systems (KB5001391)
A small subset of users have reported lower than expected performance in games after installing this update. Most users affected by this issue are running games full screen or borderless windowed modes and using two or more monitors.
This issue is resolved using Known Issue Rollback (KIR). Please note that it might take up to 24 hours for the resolution to propagate automatically to consumer devices and non-managed business devices. Restarting your device might help the resolution apply to your device faster. For enterprise-managed devices that have installed an affected update and encountered this issue, it can be resolved by installing and configuring a special Group Policy. Note Devices need to be restarted after configuring the special Group Policy. For help, please see How to use Group Policy to deploy a Known Issue Rollback. For general information on using Group Policies, see Group Policy Overview.
workaround
May 12, 2021
KB5001396
2021-04 Cumulative Update Preview for Windows Server, version 1909 for x64-based Systems (KB5001396)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
May 12, 2021
KB5001396
2021-04 Cumulative Update Preview for Windows Server, version 1909 for x64-based Systems (KB5001396)
Scroll bar controls might appear blank on the screen and not function after installing this update. This issue affects 32-bit applications running on 64-bit Windows 10 (WOW64) that create scroll bars using a superclass of the USER32.DLL SCROLLBAR window class. This issue also affects HScrollBar and VScrollBar controls that are used in Visual Basic 6 applications and the classes derived from System.Windows.Forms.ScrollBar that are used in .NET Windows Forms applicati
Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 12, 2021
KB5001384
2021-04 Cumulative Update Preview for Windows 10 Version 1809 for x64-based Systems (KB5001384)
After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
May 12, 2021
KB5001384
2021-04 Cumulative Update Preview for Windows 10 Version 1809 for x64-based Systems (KB5001384)
After installing KB5001342 or later, the Cluster Service might fail to start because a Cluster Network Driver is not found.
This issue occurs because of an update to the PnP class drivers used by this service. After about 20 minutes, you should be able to restart your device and not encounter this issue. For more information about the specific errors, cause, and workaround for this issue, please see KB5003571.
workaround
Apr 14, 2021
KB5001337
2021-04 Cumulative Update for Windows Server, version 1909 for x64-based Systems (KB5001337) (CVE-2021-28437) (CVE-2021-28310) (CVE-2021-28312)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Apr 14, 2021
KB5001335
2021-04 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5001335) (ESU) (CVE-2021-28437) (CVE-2021-27091)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Apr 14, 2021
KB5001335
2021-04 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5001335) (ESU) (CVE-2021-28437) (CVE-2021-27091)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 14, 2021
KB5001330
2021-04 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5001330) (CVE-2021-28437) (CVE-2021-28310) (CVE-2021-28312)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Apr 14, 2021
KB5001330
2021-04 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5001330) (CVE-2021-28437) (CVE-2021-28310) (CVE-2021-28312)
When using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually. Note The affected apps are using the ImmGetCompositionString() function.
We are working on a resolution and will provide an update in an upcoming release.
workaround
Apr 14, 2021
KB5001330
2021-04 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5001330) (CVE-2021-28437) (CVE-2021-28310) (CVE-2021-28312)
Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the using SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business
workaround
Apr 14, 2021
KB5001389
2021-04 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5001389) (ESU) (CVE-2021-28437)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Apr 14, 2021
KB5001389
2021-04 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5001389) (ESU) (CVE-2021-28437)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 14, 2021
KB5001393
2021-04 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5001393) (CVE-2021-28437) (CVE-2021-27091)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 14, 2021
KB5001347
2021-04 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5001347) (CVE-2021-28437)
After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.
Set the domain default "Minimum Password Length" policy to less than or equal to 14 characters. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 14, 2021
KB5001383
2021-04 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5001383) (CVE-2021-28437) (CVE-2021-27091)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 14, 2021
KB5001342
2021-04 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5001342) (CVE-2021-28437) (CVE-2021-28310)
After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 14, 2021
KB5001392
2021-04 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5001392) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Apr 14, 2021
KB5001392
2021-04 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5001392) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 14, 2021
KB5001382
2021-04 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5001382) (CVE-2021-28437)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 14, 2021
KB5001332
2021-04 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5001332) (ESU) (CVE-2021-28437)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Apr 14, 2021
KB5001332
2021-04 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5001332) (ESU) (CVE-2021-28437)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 14, 2021
KB5001387
2021-04 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5001387) (CVE-2021-28437) (CVE-2021-27091)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 14, 2021
KB5000842
2021-03 Cumulative Update Preview for Windows Server, version 2004 for x64-based Systems (KB5000842)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Apr 14, 2021
KB5000842
2021-03 Cumulative Update Preview for Windows Server, version 2004 for x64-based Systems (KB5000842)
When using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually. Note The affected apps are using the ImmGetCompositionString() function.
We are working on a resolution and will provide an update in an upcoming release.
workaround
Apr 14, 2021
KB5000842
2021-03 Cumulative Update Preview for Windows Server, version 2004 for x64-based Systems (KB5000842)
Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later. Note Devices that connect dire
To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the using SSU: Extract the cab from the msu via this command line (using the package for KB5000842 as an example): expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cabExtract the SSU from the previously extracted cab via this command line: expand Windows10.0-KB5000842-x64.cab /f:*You will then have the SSU cab, in this example named SSU-19041.903-x64.cab. Slipstream this file into your offline image first, then the LCU. If you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the new Microsoft Edge. If you need to broadly deploy the new Microsoft Edge for business, see Download and deploy Microsoft Edge for business
workaround
Apr 14, 2021
KB5000850
2021-03 Cumulative Update Preview for Windows Server, version 1909 for x64-based Systems (KB5000850)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Apr 14, 2021
KB5000854
2021-03 Cumulative Update Preview for Windows 10 Version 1809 for x64-based Systems (KB5000854)
After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 14, 2021
KB5001648
2021-03 Cumulative Update for Windows Server, version 1909 for x64-based Systems (KB5001648)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Apr 14, 2021
KB5001649
2021-03 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5001649)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Apr 14, 2021
KB5001649
2021-03 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5001649)
When using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually. Note The affected apps are using the ImmGetCompositionString() function.
We are working on a resolution and will provide an update in an upcoming release.
workaround
Apr 14, 2021
KB5001638
2021-03 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5001638)
After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 14, 2021
KB5001633
2021-03 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5001633)
After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.
Set the domain default "Minimum Password Length" policy to less than or equal to 14 characters. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 14, 2021
KB5001567
2021-03 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5001567)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Apr 14, 2021
KB5001567
2021-03 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5001567)
When using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually. Note The affected apps are using the ImmGetCompositionString() function.
We are working on a resolution and will provide an update in an upcoming release.
workaround
Apr 14, 2021
KB5001567
2021-03 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5001567)
When opening a document in Microsoft Word, Microsoft Excel, or any Microsoft Office applications, you might receive the error, "Microsoft Excel cannot open or save any more documents because there is not enough available memory or disk space". This issue only affects devices that have installed Microsoft Office apps from the Microsoft Store and are attempting to open a document that has triggered the use of the Protected View feature.
This issue is resolved using Known Issue Rollback (KIR). Please note that it might take up to 24 hours for the resolution to propagate automatically to non-managed devices. Restarting your device might help the resolution apply to your device faster. For enterprise-managed devices that have installed an affected update and encountered this issue, it can be resolved by installing and configuring a special Group Policy. Note Devices need to be restarted after configuring the special Group Policy. To find out more about using Group Policies, see Group Policy Overview.
workaround
Apr 14, 2021
KB5001567
2021-03 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5001567)
After installing updates released March 9, 2021 or March 15, 2021, you might get unexpected results when printing from some apps. Issues might include: Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos. Table lines might be missing. Other alignment or formatting issues might also be present. Printing from some apps or to some printers might result in a blank page or
This issue is resolved in KB5001649.
workaround
Apr 14, 2021
KB5001566
2021-03 Cumulative Update for Windows Server, version 1909 for x64-based Systems (KB5001566)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Apr 14, 2021
KB5001566
2021-03 Cumulative Update for Windows Server, version 1909 for x64-based Systems (KB5001566)
After installing updates released March 9, 2021 or March 15, 2021, you might get unexpected results when printing from some apps. Issues might include: Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos. Table lines might be missing. Other alignment or formatting issues might also be present. Printing from some apps or to some printers might result in a blank page or
This issue is resolved in KB5001648.
workaround
Apr 14, 2021
KB5001565
2021-03 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB5001565)
After installing updates released March 9, 2021 or March 15, 2021, you might get unexpected results when printing from some apps. Issues might include: Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos. Table lines might be missing. Other alignment or formatting issues might also be present. Printing from some apps or to some printers might result in a blank page or
This issue is resolved in KB5001634.
workaround
Apr 14, 2021
KB5001568
2021-03 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5001568)
After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Apr 14, 2021
KB5001568
2021-03 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5001568)
After installing updates released March 9, 2021 or March 15, 2021, you might get unexpected results when printing from some apps. Issues might include: Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos. Table lines might be missing. Other alignment or formatting issues might also be present. Printing from some apps or to some printers might result in a blank page or
This issue is resolved in KB5001638.
workaround
Apr 14, 2021
KB5000809
2021-03 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB5000809) (CVE-2021-27077) (CVE-2021-26411)
After installing this update, you might receive an APC_INDEX_MISMATCH error with a blue screen when attempting to print to certain printers in some apps.
This issue is resolved in KB5001565.
workaround
Apr 14, 2021
KB5000809
2021-03 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB5000809) (CVE-2021-27077) (CVE-2021-26411)
After installing updates released March 9, 2021 or March 15, 2021, you might get unexpected results when printing from some apps. Issues might include: Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos. Table lines might be missing. Other alignment or formatting issues might also be present. Printing from some apps or to some printers might result in a blank page or
This issue is resolved in KB5001634.
workaround
Apr 14, 2021
KB5000807
2021-03 Cumulative Update for Windows 10 Version 1507 for x64-based Systems (KB5000807) (CVE-2021-27077) (CVE-2021-26411)
After installing updates released March 9, 2021 or March 15, 2021, you might get unexpected results when printing from some apps. Issues might include: Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos. Table lines might be missing. Other alignment or formatting issues might also be present. Printing from some apps or to some printers might result in a blank page or
This issue is resolved in KB5001631.
workaround
Mar 10, 2021
KB5000841
2021-03 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5000841) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Mar 10, 2021
KB5000841
2021-03 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5000841) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Mar 10, 2021
KB5000844
2021-03 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5000844) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Mar 10, 2021
KB5000844
2021-03 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5000844) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Mar 10, 2021
KB5000803
2021-03 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5000803)
After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.
Set the domain default "Minimum Password Length" policy to less than or equal to 14 characters. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Mar 10, 2021
KB5000802
2021-03 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5000802)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Mar 10, 2021
KB5000802
2021-03 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5000802)
When using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually. Note The affected apps are using the ImmGetCompositionString() function.
We are working on a resolution and will provide an update in an upcoming release.
workaround
Mar 10, 2021
KB5000853
2021-03 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5000853)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Mar 10, 2021
KB5000822
2021-03 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5000822)
After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Mar 10, 2021
KB5000840
2021-03 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5000840)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Mar 10, 2021
KB5000848
2021-03 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5000848)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Mar 10, 2021
KB5000851
2021-03 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5000851) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Mar 10, 2021
KB5000851
2021-03 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5000851) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Mar 10, 2021
KB5000808
2021-03 Cumulative Update for Windows Server, version 1909 for x64-based Systems (KB5000808)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Mar 10, 2021
KB5000847
2021-03 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5000847)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Mar 10, 2021
KB5000856
2021-03 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5000856) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Mar 10, 2021
KB5000856
2021-03 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5000856) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Mar 10, 2021
KB4601382
2021-02 Cumulative Update Preview for Windows Server, version 2004 for x64-based Systems (KB4601382)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Mar 10, 2021
KB4601382
2021-02 Cumulative Update Preview for Windows Server, version 2004 for x64-based Systems (KB4601382)
When using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually. Note The affected apps are using the ImmGetCompositionString() function.
We are working on a resolution and will provide an update in an upcoming release.
workaround
Mar 10, 2021
KB4601380
2021-02 Cumulative Update Preview for Windows Server, version 1909 for x64-based Systems (KB4601380)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Mar 10, 2021
KB4601383
2021-02 Cumulative Update Preview for Windows 10 Version 1809 for x64-based Systems (KB4601383)
After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Mar 10, 2021
KB5001028
2021-02 Cumulative Update for Windows Server, version 1909 for x64-based Systems (KB5001028)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Feb 10, 2021
KB4601349
2021-02 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB4601349)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Feb 10, 2021
KB4601057
KB4603003, 2021-02 Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012 for x64 (KB4601057)
After installing this update, WPF apps may crash with a callstack similar to Exception Info: System.NullReferenceException at System.Windows.Interop.HwndMouseInputProvider.HasCustomChrome(System.Windows.Interop.HwndSource, RECT ByRef).This occurs when disposing an HwndSource whose RootVisual is null, a situation that arises in Visual Studio when docking or splitting windows, and could arise in other apps
To work around this problem, set two AppContext switches using one of the methods described in AppContext Class (System) under the heading “AppContext for library consumers”. The switches are named Switch.System.Windows.Interop.MouseInput.OptOutOfMoveToChromedWindowFix and Switch.System.Windows.Interop.MouseInput.DoNotOptOutOfMoveToChromedWindowFix and both should be set to “true”. The first switch avoids the crash, but re-introduces the bug fixed in the KBs. The second switch is currently ignored, but will be recognized in a future .NET update that contains a fix for the null-reference crash; it restores the original bug fix. For example, using the app.config file method to apply the workaround at application scope:
workaround
Feb 10, 2021
KB4601050
2021-02 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 2004 for x64 (KB4601050)
After installing this update, WPF apps may crash with a callstack similar to Exception Info: System.NullReferenceException at Exception Info: System.NullReferenceException at System.Windows.Interop.HwndMouseInputProvider.HasCustomChrome(System.Windows.Interop.HwndSource, RECT ByRef). This occurs when disposing an HwndSource whose RootVisual is null, a situation that arises in Visual Studio when docking or splitting windows, and could arise in other apps.
To work around this problem, set two AppContext switches using one of the methods described in AppContext Class (System) under the heading “AppContext for library consumers”. The switches are named Switch.System.Windows.Interop.MouseInput.OptOutOfMoveToChromedWindowFix and Switch.System.Windows.Interop.MouseInput.DoNotOptOutOfMoveToChromedWindowFix and both should be set to “true”. The first switch avoids the crash, but re-introduces the bug fixed in the KBs. The second switch is currently ignored, but will be recognized in a future .NET update that contains a fix for the null-reference crash; it restores the original bug fix. For example, using the app.config file method to apply the workaround at application scope:
workaround
Feb 10, 2021
KB4601357
2021-02 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB4601357)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Feb 10, 2021
KB4600957
KB4603003, 2021-02 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 for x64 (KB4600957)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
To work around this problem, set two AppContext switches using one of the methods described in AppContext Class (System) under the heading “AppContext for library consumers”. The switches are named Switch.System.Windows.Interop.MouseInput.OptOutOfMoveToChromedWindowFix and Switch.System.Windows.Interop.MouseInput.DoNotOptOutOfMoveToChromedWindowFix and both should be set to “true”. The first switch avoids the crash, but re-introduces the bug fixed in the KBs. The second switch is currently ignored, but will be recognized in a future .NET update that contains a fix for the null-reference crash; it restores the original bug fix. For example, using the app.config file method to apply the workaround at application scope:
workaround
Feb 10, 2021
KB4601345
2021-02 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB4601345) (CVE-2021-1732)
After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Feb 10, 2021
KB4601060
KB4601887, 2021-02 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809 for x64 (KB4601060)
After installing this update, WPF apps may crash with a callstack similar to Exception Info: System.NullReferenceException at Exception Info: System.NullReferenceException at System.Windows.Interop.HwndMouseInputProvider.HasCustomChrome(System.Windows.Interop.HwndSource, RECT ByRef). This occurs when disposing an HwndSource whose RootVisual is null, a situation that arises in Visual Studio when docking or splitting windows, and could arise in other apps.
To work around this problem, set two AppContext switches using one of the methods described in AppContext Class (System) under the heading “AppContext for library consumers”. The switches are named Switch.System.Windows.Interop.MouseInput.OptOutOfMoveToChromedWindowFix and Switch.System.Windows.Interop.MouseInput.DoNotOptOutOfMoveToChromedWindowFix and both should be set to “true”. The first switch avoids the crash, but re-introduces the bug fixed in the KBs. The second switch is currently ignored, but will be recognized in a future .NET update that contains a fix for the null-reference crash; it restores the original bug fix. For example, using the app.config file method to apply the workaround at application scope:
workaround
Feb 10, 2021
KB4601363
2021-02 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB4601363) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Feb 10, 2021
KB4601363
2021-02 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB4601363) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Feb 10, 2021
KB4600944
KB4603002, 2021-02 Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2008 R2 for x64 (KB4600944) (ESU)
After installing this update, WPF apps may crash with a callstack similar to Exception Info: System.NullReferenceException at Exception Info: System.NullReferenceException at System.Windows.Interop.HwndMouseInputProvider.HasCustomChrome(System.Windows.Interop.HwndSource, RECT ByRef). This occurs when disposing an HwndSource whose RootVisual is null, a situation that arises in Visual Studio when docking or splitting windows, and could arise in other apps.
To work around this problem, set two AppContext switches using one of the methods described in AppContext Class (System) under the heading “AppContext for library consumers”. The switches are named Switch.System.Windows.Interop.MouseInput.OptOutOfMoveToChromedWindowFix and Switch.System.Windows.Interop.MouseInput.DoNotOptOutOfMoveToChromedWindowFix and both should be set to “true”. The first switch avoids the crash, but re-introduces the bug fixed in the KBs. The second switch is currently ignored, but will be recognized in a future .NET update that contains a fix for the null-reference crash; it restores the original bug fix. For example, using the app.config file method to apply the workaround at application scope:
workaround
Feb 10, 2021
KB4601384
2021-02 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB4601384)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Feb 10, 2021
KB4601056
2021-02 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 1909 for x64 (KB4601056)
After installing this update, WPF apps may crash with a callstack similar to Exception Info: System.NullReferenceException at Exception Info: System.NullReferenceException at System.Windows.Interop.HwndMouseInputProvider.HasCustomChrome(System.Windows.Interop.HwndSource, RECT ByRef). This occurs when disposing an HwndSource whose RootVisual is null, a situation that arises in Visual Studio when docking or splitting windows, and could arise in other apps.
To work around this problem, set two AppContext switches using one of the methods described in AppContext Class (System) under the heading “AppContext for library consumers”. The switches are named Switch.System.Windows.Interop.MouseInput.OptOutOfMoveToChromedWindowFix and Switch.System.Windows.Interop.MouseInput.DoNotOptOutOfMoveToChromedWindowFix and both should be set to “true”. The first switch avoids the crash, but re-introduces the bug fixed in the KBs. The second switch is currently ignored, but will be recognized in a future .NET update that contains a fix for the null-reference crash; it restores the original bug fix. For example, using the app.config file method to apply the workaround at application scope:
workaround
Feb 10, 2021
KB4601366
2021-02 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB4601366) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Feb 10, 2021
KB4601366
2021-02 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB4601366) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Feb 10, 2021
KB4600945
KB4603002, 2021-02 Security and Quality Rollup for .NET Framework 4.6 for Windows Server 2008 SP2 for x64 (KB4600945) (ESU)
After installing this update, WPF apps may crash with a callstack similar to Exception Info: System.NullReferenceException at Exception Info: System.NullReferenceException at System.Windows.Interop.HwndMouseInputProvider.HasCustomChrome(System.Windows.Interop.HwndSource, RECT ByRef). This occurs when disposing an HwndSource whose RootVisual is null, a situation that arises in Visual Studio when docking or splitting windows, and could arise in other apps.
To work around this problem, set two AppContext switches using one of the methods described in AppContext Class (System) under the heading “AppContext for library consumers”. The switches are named Switch.System.Windows.Interop.MouseInput.OptOutOfMoveToChromedWindowFix and Switch.System.Windows.Interop.MouseInput.DoNotOptOutOfMoveToChromedWindowFix and both should be set to “true”. The first switch avoids the crash, but re-introduces the bug fixed in the KBs. The second switch is currently ignored, but will be recognized in a future .NET update that contains a fix for the null-reference crash; it restores the original bug fix. For example, using the app.config file method to apply the workaround at application scope:
workaround
Feb 10, 2021
KB4601319
2021-02 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB4601319) (CVE-2021-1732)
Microsoft and Discord have found incompatibility issues with some games using Direct3D 12 when the in-game overlay feature of Discord is enabled. When attempting to open affected games you might receive an error, or the game might close silently.
To mitigate this issue, you can turn off the in-game overlay in settings within the Discord app. This issue is now resolved in an update to the Discord app. To verify youre on the latest version, right click on the Discord icon in the notification area and select "Check for updates...". If there are updates to install, it should install automatically but you might need to select the arrow icon in the upper right corner of the app to install the updated version. There is no update for Windows needed to resolve this issue.
workaround
Feb 10, 2021
KB4601319
2021-02 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB4601319) (CVE-2021-1732)
When using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually. Note The affected apps are using the ImmGetCompositionString() function.
We are working on a resolution and will provide an update in an upcoming release.
workaround
Feb 10, 2021
KB4601319
2021-02 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB4601319) (CVE-2021-1732)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Feb 10, 2021
KB4601348
2021-02 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB4601348)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Feb 10, 2021
KB4601055
KB4601887, 2021-02 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1809 for x64 (KB4601055)
After installing this update, WPF apps may crash with a callstack similar to Exception Info: System.NullReferenceException at Exception Info: System.NullReferenceException at System.Windows.Interop.HwndMouseInputProvider.HasCustomChrome(System.Windows.Interop.HwndSource, RECT ByRef). This occurs when disposing an HwndSource whose RootVisual is null, a situation that arises in Visual Studio when docking or splitting windows, and could arise in other apps.
To work around this problem, set two AppContext switches using one of the methods described in AppContext Class (System) under the heading “AppContext for library consumers”. The switches are named Switch.System.Windows.Interop.MouseInput.OptOutOfMoveToChromedWindowFix and Switch.System.Windows.Interop.MouseInput.DoNotOptOutOfMoveToChromedWindowFix and both should be set to “true”. The first switch avoids the crash, but re-introduces the bug fixed in the KBs. The second switch is currently ignored, but will be recognized in a future .NET update that contains a fix for the null-reference crash; it restores the original bug fix. For example, using the app.config file method to apply the workaround at application scope:
workaround
Feb 10, 2021
KB4601318
2021-02 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4601318)
After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.
Set the domain default "Minimum Password Length" policy to less than or equal to 14 characters. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Feb 10, 2021
KB4601058
2021-02 Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012 R2 for x64 (KB4601058)
After installing this update, WPF apps may crash with a callstack similar to Exception Info: System.NullReferenceException at Exception Info: System.NullReferenceException at System.Windows.Interop.HwndMouseInputProvider.HasCustomChrome(System.Windows.Interop.HwndSource, RECT ByRef). This occurs when disposing an HwndSource whose RootVisual is null, a situation that arises in Visual Studio when docking or splitting windows, and could arise in other apps.
To work around this problem, set two AppContext switches using one of the methods described in AppContext Class (System) under the heading “AppContext for library consumers”. The switches are named Switch.System.Windows.Interop.MouseInput.OptOutOfMoveToChromedWindowFix and Switch.System.Windows.Interop.MouseInput.DoNotOptOutOfMoveToChromedWindowFix and both should be set to “true”. The first switch avoids the crash, but re-introduces the bug fixed in the KBs. The second switch is currently ignored, but will be recognized in a future .NET update that contains a fix for the null-reference crash; it restores the original bug fix. For example, using the app.config file method to apply the workaround at application scope:
workaround
Feb 10, 2021
KB4601347
2021-02 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4601347) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Feb 10, 2021
KB4601347
2021-02 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4601347) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Feb 10, 2021
KB4601054
2021-02 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 (1803) for x64 (KB4601054)
After installing this update, WPF apps may crash with a callstack similar to Exception Info: System.NullReferenceException at Exception Info: System.NullReferenceException at System.Windows.Interop.HwndMouseInputProvider.HasCustomChrome(System.Windows.Interop.HwndSource, RECT ByRef). This occurs when disposing an HwndSource whose RootVisual is null, a situation that arises in Visual Studio when docking or splitting windows, and could arise in other apps.
To work around this problem, set two AppContext switches using one of the methods described in AppContext Class (System) under the heading “AppContext for library consumers”. The switches are named Switch.System.Windows.Interop.MouseInput.OptOutOfMoveToChromedWindowFix and Switch.System.Windows.Interop.MouseInput.DoNotOptOutOfMoveToChromedWindowFix and both should be set to “true”. The first switch avoids the crash, but re-introduces the bug fixed in the KBs. The second switch is currently ignored, but will be recognized in a future .NET update that contains a fix for the null-reference crash; it restores the original bug fix. For example, using the app.config file method to apply the workaround at application scope:
workaround
Feb 10, 2021
KB4601315
2021-02 Cumulative Update for Windows Server, version 1909 for x64-based Systems (KB4601315) (CVE-2021-1732)
Microsoft and Discord have found incompatibility issues with some games using Direct3D 12 when the in-game overlay feature of Discord is enabled. When attempting to open affected games you might receive an error, or the game might close silently.
To mitigate this issue, you can turn off the in-game overlay in settings within the Discord app. This issue is now resolved in an update to the Discord app. To verify youre on the latest version, right click on the Discord icon in the notification area and select "Check for updates...". If there are updates to install, it should install automatically but you might need to select the arrow icon in the upper right corner of the app to install the updated version. There is no update for Windows needed to resolve this issue.
workaround
Feb 10, 2021
KB4601315
2021-02 Cumulative Update for Windows Server, version 1909 for x64-based Systems (KB4601315) (CVE-2021-1732)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Feb 10, 2021
KB4601048
2021-02 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 R2 for x64 (KB4601048)
After installing this update, WPF apps may crash with a callstack similar to Exception Info: System.NullReferenceException at Exception Info: System.NullReferenceException at System.Windows.Interop.HwndMouseInputProvider.HasCustomChrome(System.Windows.Interop.HwndSource, RECT ByRef). This occurs when disposing an HwndSource whose RootVisual is null, a situation that arises in Visual Studio when docking or splitting windows, and could arise in other apps.
To work around this problem, set two AppContext switches using one of the methods described in AppContext Class (System) under the heading “AppContext for library consumers”. The switches are named Switch.System.Windows.Interop.MouseInput.OptOutOfMoveToChromedWindowFix and Switch.System.Windows.Interop.MouseInput.DoNotOptOutOfMoveToChromedWindowFix and both should be set to “true”. The first switch avoids the crash, but re-introduces the bug fixed in the KBs. The second switch is currently ignored, but will be recognized in a future .NET update that contains a fix for the null-reference crash; it restores the original bug fix. For example, using the app.config file method to apply the workaround at application scope:
workaround
Feb 10, 2021
KB4601360
2021-02 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB4601360) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Feb 10, 2021
KB4601360
2021-02 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB4601360) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Feb 10, 2021
KB4601051
2021-02 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607 for x64 (KB4601051)
After installing this update, WPF apps may crash with a callstack similar to Exception Info: System.NullReferenceException at Exception Info: System.NullReferenceException at System.Windows.Interop.HwndMouseInputProvider.HasCustomChrome(System.Windows.Interop.HwndSource, RECT ByRef). This occurs when disposing an HwndSource whose RootVisual is null, a situation that arises in Visual Studio when docking or splitting windows, and could arise in other apps.
To work around this problem, set two AppContext switches using one of the methods described in AppContext Class (System) under the heading “AppContext for library consumers”. The switches are named Switch.System.Windows.Interop.MouseInput.OptOutOfMoveToChromedWindowFix and Switch.System.Windows.Interop.MouseInput.DoNotOptOutOfMoveToChromedWindowFix and both should be set to “true”. The first switch avoids the crash, but re-introduces the bug fixed in the KBs. The second switch is currently ignored, but will be recognized in a future .NET update that contains a fix for the null-reference crash; it restores the original bug fix. For example, using the app.config file method to apply the workaround at application scope:
workaround
Feb 10, 2021
KB4598299
2021-02 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows Server, version 2004 for x64 (KB4598299)
After installing this update, WPF apps may crash with a callstack similar to Exception Info: System.NullReferenceException at Exception Info: System.NullReferenceException at System.Windows.Interop.HwndMouseInputProvider.HasCustomChrome(System.Windows.Interop.HwndSource, RECT ByRef). This occurs when disposing an HwndSource whose RootVisual is null, a situation that arises in Visual Studio when docking or splitting windows, and could arise in other apps.
To work around this problem, set two AppContext switches using one of the methods described in AppContext Class (System) under the heading “AppContext for library consumers”. The switches are named Switch.System.Windows.Interop.MouseInput.OptOutOfMoveToChromedWindowFix and Switch.System.Windows.Interop.MouseInput.DoNotOptOutOfMoveToChromedWindowFix and both should be set to “true”. The first switch avoids the crash, but re-introduces the bug fixed in the KBs. The second switch is currently ignored, but will be recognized in a future .NET update that contains a fix for the null-reference crash; it restores the original bug fix. For example, using the app.config file method to apply the workaround at application scope:
workaround
Jan 22, 2021
KB4505057
2019-05 Cumulative Update for Windows 10 Version 1903 for x64-based Systems (KB4505057) Insider Preview
After installing this update, users may experience error “0x800705b4” when launching Windows Defender Application Guard or Windows Sandbox.
Use the credentials of a local admin to create and set the following registry keys on the Host OS then restart the Host: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Containers\CmService\Policy] "DisableClone"=dword:00000001 "DisableSnapshot"=dword:00000001
workaround
Jan 22, 2021
KB4497936
2019-05 Cumulative Update for Windows 10 Version 1903 for x64-based Systems (KB4497936)
After installing this update, users may experience error “0x800705b4” when launching Windows Defender Application Guard or Windows Sandbox.
Use the credentials of a local admin to create and set the following registry keys on the Host OS then restart the Host: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Containers\CmService\Policy] "DisableClone"=dword:00000001 "DisableSnapshot"=dword:00000001 Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jan 22, 2021
KB4490481
2019-03 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB4490481)
After installing this update, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.
To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options: Option 1: Open an Administrator Command prompt and type the following: Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No Option 2: Use the Windows Deployment Services UI. Open Windows Deployment Services from Windows Administrative Tools. Expand Servers and right-click a WDS server. Open its properties and clear the Enable Variable Window Extension box on the TFTP tab. Option 3: Set the following registry value to 0: “HKLM\System\CurrentControlSet\Services\WDSServer\Providers\WDSTFTP\EnableVariableWindowExtension”. Restart the WDSServer service after disabling the Variable Window Extension. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jan 21, 2021
KB4088881
2018-03 Preview of Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4088881)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
The issue is resolved in KB4093113. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4088882
2018-03 Preview of Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB4088882)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
This issue is resolved in KB4093121. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4088883
2018-03 Preview of Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB4088883)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
This issue is resolved in KB4093116. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4088876
2018-03 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB4088876)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
This issue is resolved in KB4093114. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4088880
2018-03 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB4088880)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
This issue is resolved in KB4093122. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4088877
2018-03 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB4088877)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
This issue is resolved in KB4093123. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4088878
2018-03 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB4088878)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
This issue is resolved in KB4093108. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4088875
2018-03 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4088875)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
This issue is resolved in KB4093118. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4088879
2018-03 Security Only Quality Update for Windows 8.1 for x64-based Systems (KB4088879)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
This issue is resolved in KB4093115. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4075212
2018-02 Preview of Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB4075212)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
This issue is resolved in KB4093121. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4075211
2018-02 Preview of Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4075211)
Because of an issue that affects some versions of antivirus software, this fix is being applied only to the computers on which the antivirus ISV have updated the ALLOW REGKEY.
The issue is resolved in KB4093113. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4074598
2018-02 Security Monthly Quality Rollup for Windows 7 for x64-based Systems - Meltdown and Spectre(KB4074598)
Because of an issue that affects some versions of antivirus software, this fix is being applied only to the computers on which the antivirus ISV have updated the ALLOW REGKEY.
This issue is resolved in KB4093118. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4074587
2018-02 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems - Meltdown and Spectre(KB4074587)
Because of an issue that affects some versions of antivirus software, this fix is being applied only to the computers on which the antivirus ISV have updated the ALLOW REGKEY.
This issue is resolved in KB4093108. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4074597
2018-02 Security Only Quality Update for Windows 8.1 for x64-based Systems - Meltdown and SpectreKB4074597)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
This issue is resolved in KB4093115. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4074594
2018-02 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems - Meltdown and Spectre(KB4074594)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
This issue is resolved in KB4093114. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4057400
2018-01 Preview of Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems - Meltdown and Spectre (KB4057400)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
The issue is resolved in KB4093113. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4057401
2018-01 Preview of Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems - Meltdown and Spectre(KB4057401)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
This issue is resolved in KB4093121. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4056895
2018-01 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems - Meltdown and Spectre (KB4056895)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
This issue is resolved in KB4093114. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4056894
2018-01 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems - Meltdown and Spectre (KB4056894)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
This issue is resolved in KB4093118. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4056898
2018-01 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems - Meltdown and Spectre (KB4056898)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
This issue is resolved in KB4093115. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 21, 2021
KB4056897
2018-01 Security Only Quality Update for Windows 7 for x64-based Systems - Meltdown and Spectre (KB4056897)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
This issue is resolved in KB4093108. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
workaround
Jan 13, 2021
KB4598297
2021-01 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB4598297)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jan 13, 2021
KB4598243
2021-01 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4598243)
After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.
Set the domain default "Minimum Password Length" policy to less than or equal to 14 characters. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jan 13, 2021
KB4598289
2021-01 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB4598289) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated.  If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jan 13, 2021
KB4598289
2021-01 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB4598289) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jan 13, 2021
KB4598242
2021-01 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB4598242)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Jan 13, 2021
KB4598242
2021-01 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB4598242)
When using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually. Note The affected apps are using the ImmGetCompositionString() function.
We are working on a resolution and will provide an update in an upcoming release.
workaround
Jan 13, 2021
KB4598285
2021-01 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB4598285)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jan 13, 2021
KB4598287
2021-01 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB4598287) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated.  If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jan 13, 2021
KB4598287
2021-01 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB4598287) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jan 13, 2021
KB4598278
2021-01 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB4598278)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jan 13, 2021
KB4598230
2021-01 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB4598230)
After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jan 13, 2021
KB4598279
2021-01 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4598279) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated.  If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jan 13, 2021
KB4598279
2021-01 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4598279) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following:  Perform the operation from a process that has administrator privilege.  Perform the operation from a node that doesn’t have CSV ownership.  Microsoft is working on a resolution and will provide an update in an upcoming release. 
workaround
Jan 13, 2021
KB4598229
2021-01 Cumulative Update for Windows Server, version 1909 for x64-based Systems (KB4598229)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Jan 13, 2021
KB4598288
2021-01 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB4598288) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated.  If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Jan 13, 2021
KB4598288
2021-01 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB4598288) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jan 13, 2021
KB4598275
2021-01 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB4598275)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jan 13, 2021
KB4505057
2019-05 Cumulative Update for Windows 10 Version 1903 for x64-based Systems (KB4505057) Insider Preview
After installing this update, users may experience error “0x800705b4” when launching Windows Defender Application Guard or Windows Sandbox.
Use the credentials of a local admin to create and set the following registry keys on the Host OS then restart the Host: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Containers\CmService\Policy] "DisableClone"=dword:00000001 "DisableSnapshot"=dword:00000001
workaround
Jan 13, 2021
KB4497936
2019-05 Cumulative Update for Windows 10 Version 1903 for x64-based Systems (KB4497936)
After installing this update, users may experience error “0x800705b4” when launching Windows Defender Application Guard or Windows Sandbox.
Use the credentials of a local admin to create and set the following registry keys on the Host OS then restart the Host: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Containers\CmService\Policy] "DisableClone"=dword:00000001 "DisableSnapshot"=dword:00000001 Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Jan 13, 2021
KB4490481
2019-03 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB4490481)
After installing this update, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.
To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options: Option 1: Open an Administrator Command prompt and type the following: Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No Option 2: Use the Windows Deployment Services UI. Open Windows Deployment Services from Windows Administrative Tools. Expand Servers and right-click a WDS server. Open its properties and clear the Enable Variable Window Extension box on the TFTP tab. Option 3: Set the following registry value to 0: “HKLM\System\CurrentControlSet\Services\WDSServer\Providers\WDSTFTP\EnableVariableWindowExtension”. Restart the WDSServer service after disabling the Variable Window Extension. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Dec 9, 2020
KB4592497
2020-12 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB4592497)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Dec 9, 2020
KB4592503
2020-12 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB4592503) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Dec 9, 2020
KB4592503
2020-12 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB4592503) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Dec 9, 2020
KB4592449
2020-12 Cumulative Update for Windows Server, version 1903 for x64-based Systems (KB4592449)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Dec 9, 2020
KB4592504
2020-12 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB4592504) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Dec 9, 2020
KB4592504
2020-12 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB4592504) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Dec 9, 2020
KB4592484
2020-12 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB4592484)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Dec 9, 2020
KB4592468
2020-12 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB4592468)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Dec 9, 2020
KB4592440
2020-12 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB4592440)
After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Dec 9, 2020
KB4592471
2020-12 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4592471) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Dec 9, 2020
KB4592471
2020-12 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4592471) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Dec 9, 2020
KB4592438
2020-12 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB4592438)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Dec 9, 2020
KB4592438
2020-12 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB4592438)
When using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually. Note The affected apps are using the ImmGetCompositionString() function.
We are working on a resolution and will provide an update in an upcoming release.
workaround
Dec 9, 2020
KB4592498
2020-12 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB4592498) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Dec 9, 2020
KB4592498
2020-12 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB4592498) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Dec 9, 2020
KB4592495
2020-12 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB4592495)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Dec 9, 2020
KB4593226
2020-12 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4593226)
After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.
Set the domain default "Minimum Password Length" policy to less than or equal to 14 characters. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Nov 11, 2020
KB4586786
2020-11 Cumulative Update for Windows Server, version 1903 for x64-based Systems (KB4586786)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Nov 11, 2020
KB4586827
2020-11 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4586827) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Nov 11, 2020
KB4586827
2020-11 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4586827) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Nov 11, 2020
KB4586807
2020-11 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB4586807) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Nov 11, 2020
KB4586807
2020-11 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB4586807) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Nov 11, 2020
KB4586781
2020-11 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB4586781)
Users of the Microsoft Input Method Editor (IME) for Japanese or Chinese languages might experience issues when attempting various tasks. You might have issues with input, receive unexpected results, or might not be able to enter text.
For more information about the issues, workaround steps, and the currently resolved issues, please see KB4564002
workaround
Nov 11, 2020
KB4586781
2020-11 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB4586781)
System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when
If you have already encountered this issue on your device, you can mitigate it within the uninstall window by going back to your previous version of Windows using the instructions here. The uninstall window might be 10 or 30 days depending on the configuration of your environment and the version you’re updating to. You will then need to update to the later version of Windows 10 after the issue is resolved in your environment. Note Within the uninstall window, you can increase the number of days you have to go back to your previous version of Windows 10 by using the DISM command /Set-OSUninstallWindow. You must make this change before the default uninstall window has lapsed. For more information, see DISM operating system uninstall command-line options. We are working on a resolution and will provide updated bundles and refreshed media in the coming weeks.
workaround
Nov 11, 2020
KB4586823
2020-11 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB4586823)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Nov 11, 2020
KB4586830
2020-11 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4586830)
After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.
Set the domain default "Minimum Password Length" policy to less than or equal to 14 characters. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Nov 11, 2020
KB4586808
2020-11 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB4586808)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Nov 11, 2020
KB4586793
2020-11 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB4586793)
After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."
Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10. Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows: Go to the Settings app > Recovery. Select Get Started under the Reset this PC recovery option. Select Keep my Files. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Nov 11, 2020
KB4586805
2020-11 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB4586805) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Nov 11, 2020
KB4586805
2020-11 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB4586805) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Nov 11, 2020
KB4586845
2020-11 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB4586845)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Nov 11, 2020
KB4586834
2020-11 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB4586834)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Nov 11, 2020
KB4586817
2020-11 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB4586817) (ESU)
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.
This is expected in the following circumstances: If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181. If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.
workaround
Nov 11, 2020
KB4586817
2020-11 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB4586817) (ESU)
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.
Do one of the following: Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Nov 11, 2020
KB4505057
2019-05 Cumulative Update for Windows 10 Version 1903 for x64-based Systems (KB4505057) Insider Preview
After installing this update, users may experience error “0x800705b4” when launching Windows Defender Application Guard or Windows Sandbox.
Use the credentials of a local admin to create and set the following registry keys on the Host OS then restart the Host: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Containers\CmService\Policy] "DisableClone"=dword:00000001 "DisableSnapshot"=dword:00000001
workaround
Nov 11, 2020
KB4497936
2019-05 Cumulative Update for Windows 10 Version 1903 for x64-based Systems (KB4497936)
After installing this update, users may experience error “0x800705b4” when launching Windows Defender Application Guard or Windows Sandbox.
Use the credentials of a local admin to create and set the following registry keys on the Host OS then restart the Host: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Containers\CmService\Policy] "DisableClone"=dword:00000001 "DisableSnapshot"=dword:00000001 Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Nov 11, 2020
KB4490481
2019-03 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB4490481)
After installing this update, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.
To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options: Option 1: Open an Administrator Command prompt and type the following: Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No Option 2: Use the Windows Deployment Services UI. Open Windows Deployment Services from Windows Administrative Tools. Expand Servers and right-click a WDS server. Open its properties and clear the Enable Variable Window Extension box on the TFTP tab. Option 3: Set the following registry value to 0: “HKLM\System\CurrentControlSet\Services\WDSServer\Providers\WDSTFTP\EnableVariableWindowExtension”. Restart the WDSServer service after disabling the Variable Window Extension. Microsoft is working on a resolution and will provide an update in an upcoming release.
workaround
Nov 11, 2020
KB4088881
2018-03 Preview of Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4088881)
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.
The issue is resolved in KB4093113. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc

Disclaimer:This webpage is intended to provide you information about patch announcement for certain specific software products. The information is provided "As Is" without warranty of any kind. The links provided point to pages on the vendors websites. You can get more information by clicking the links to visit the relevant pages on the vendors website.