Hardware

WINDOWS 10: A GUIDE TO THE UPDATES

The launch of a big Microsoft Windows 10 update like the Creators Updateisn’t the end of a process — it’s really just the beginning. As soon as a major update is released, Microsoft quickly gets to work on improving it by fixing bugs, releasing security patches, and occasionally adding new features.

Here we’ve summarized what you need to know about every Windows 10 update since the Creators Update, with the most recent on top. For each build, we’ve included the date of its release and a link to Microsoft’s announcement about it.

Note: This story covers updates to the currently shipping PC version of Windows 10 — version 1703, known as the Creators Update. If you’re looking for information about Insider Program previews for the next major release of Windows 10, see “Windows 10 Redstone: A guide to the builds.” And if you’re still using an earlier version of Windows, see the Microsoft support site for details about updates to Windows 7, Windows 8.1 and Windows 10 version 1607 / Windows Server 2016.

KB4041676 (OS Build 15063.674)

Release date: October 10, 2017

This non-feature update addresses a wide variety of issues, including ones related to security. It fixes a bug that won’t allow some games from downloading from the MIcrosoft Store. The build also fixes an issue in which some Universal Windows Platform (UWP) apps and Centennial apps (.NET and Win32-based Windows applications that have been packaged to be published to the Microsoft Store) have a gray icon and display the error message “This app can’t open” on launch.

In addition, security updates are included for many parts of Windows, including Microsoft Windows Search Component, Windows kernel-mode drivers, Microsoft Graphics Component, Internet Explorer, Windows kernel, Microsoft Edge, Windows Authentication, Windows TPM, Device Guard, Windows Wireless Networking, Windows Storage and Filesystems, Microsoft Windows DNS, Microsoft Scripting Engine, Windows Server, Windows Subsystem for Linux, Microsoft JET Database Engine, and the Windows SMB Server.

What IT needs to know: Because this is a security update, it should be applied soon. Over the next few days, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4041767.)

KB4040724 (OS Build 15063.632)

Release date: September 25, 2017

This non-feature update addresses two very minor issues: Cellular connectivity and reliability have been improved, and performance problems with Microsoft Edge that were introduced in KB40387888 have been resolved.

(Get more info about KB4040724.)

KB4038788 (OS Build 15063.608)

Release date: Sept. 12, 2017

This non-feature update addresses a wide variety of miscellaneous minor issues, including one where some machines fail to load wireless WAN devices when they resume from Sleep, and another where spoolsv.exe stops working. Also addressed is a problem in which the option to join Azure AAD is sometimes unavailable during the out-of-box experience, and another in which clicking the buttons on Windows Action Center notifications results in no action being taken.

What IT needs to know

This release includes security updates to Microsoft Graphics Component, Windows kernel-mode drivers, Windows shell, Microsoft Uniscribe, Microsoft Edge, Device Guard, Windows TPM, Internet Explorer, Microsoft Scripting Engine, Windows Hyper-V, Windows kernel and Windows Virtualization. Because it’s a security update, it should be applied soon. Over the next few days, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4038788.)

KB4034674 (OS Build 15063.540)

Release date: Aug. 8, 2017

This non-feature update addresses a variety of minor issues, primarily aimed at IT. Two fixes are for mobile devices: One in which the policies provisioned using Mobile Device Management (MDM) don’t take precedence over policies set by provisioning packages, but should, and another in which an access violation in the Mobile Device Manager Enterprise feature causes stop errors. Also addressed is an issue in which the Site to Zone Assignment List group policy (GPO) was not set on machines when it was enabled.

There are also security updates for many Windows features and services, including Microsoft Edge, Microsoft Windows Search Component, Microsoft Scripting Engine, Microsoft Windows PDF Library, Windows Hyper-V, Windows Server, Windows kernel-mode drivers, Windows Subsystem for Linux, Windows shell, Common Log File System Driver, Internet Explorer, and the Microsoft JET Database Engine.

What IT needs to know: Because this is a security update, it should be applied soon. Over the next few days, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4034674.)

KB4032188 (OS Build 15063.502)

Release date: July 31, 2017

This non-feature update addresses a variety of minor issues and bugs, including one in which Win32 applications have problems working with various Bluetooth LE devices including head tracking devices, a reliability issue with launching the Settings app while an application is using the camera, and a bug in which video playback artifacts appear during transitions from portrait to landscape on mobile devices.

What IT needs to know: Several minor issues addressed in this update affect IT, including the Mobile Device Manager Enterprise feature not allowing headsets to work correctly, and a bug that can cause a service using a Managed Service Account (MSA) to fail to connect to a domain after an automatic password update.

(Get more info about KB4032188.)

KB4025342 (OS Build 15063.483)

Release date: July 11, 2017

This security update (a Patch Tuesday release) fixes 54 vulnerabilities in Windows 10, Microsoft Edge, Internet Explorer, Microsoft Office and Microsoft Exchange. Nineteen of the vulnerabilities were rated as critical, 32 as important and three as moderate.

The critical bugs include six remote code execution ones, including one for Microsoft’s HoloLens mixed reality head-mounted display that is currently available only to developers. It allowed the device to be hacked “by merely receiving WiFi packets, apparently without any form of authentication at all,” in Microsoft’s words.

Microsoft Edge received patches for thirteen critical scripting engine memory corruption vulnerabilities, including one in which an attacker could gain the same user rights as the current user.

What IT needs to know: Because this is a security update, it should be applied soon. Over the next few days, check for reports about problematic issues, and if all seems well, apply the update. In addition to the patches for Windows 10 Creators Update are security patches for Windows Server 2016 / Windows 10 Anniversary Update.

(Get more info about KB4025342.)

KB4022716 (OS Build 15063.447)

Release date: June 27, 2017

This non-security update kills more than three dozen minor bugs. Among them are one that causes the Camera app to use a lot of memory on mobile platforms, which reduces battery life. The update also improves Bluetooth connectivity with wearable devices.

What IT needs to know: Some of the bugs affect networks, including one in which network printers may fail when using the printer vendor’s setup software on machines with less than 4GB of RAM. Installing the printers using the Settings app or from Devices and Printers in Control Panel will ensure they’re installed properly. In addition, the update fixes an issue which prevented users from connecting to the Terminal Services Gateway (TSG) running on Windows Server 2008 SP2 after it has been upgraded to the Creators Update, with the result that users were not able to access Remote Desktop Services or remote apps.

(Get more info about KB4022716.)

KB4022725 (OS Builds 15063.413 and 15063.414)

Release date: June 13, 2017

This security update closes dozens of security holes, including two remote code execution vulnerabilities (CVE-2017-8464, which is similar to Stuxnet, and CVE-2017-8543, which is a wormlike attack).

It also fixes a variety of bugs, including one in which a user may have to press the space bar to dismiss the lock screen to log in, even after the log on is authenticated using a companion device.

What IT needs to know: Because this is a security update, it should be applied immediately, especially because several of the security holes are being actively used by attackers. (Get more info about KB4022725.)

KB4020102 (OS Build 15063.332)

Release date: May 25, 2017

This non-security update fixes a wide variety of bugs but offers no new features. Among other issues, it fixes a problem when network printers may fail to install using the printer vendor’s setup software on PCs with less than 4GB of RAM. It also fixes several problems with Internet Explorer, including one where non-administrator users can’t install ActiveX controls. (Get more info about KB4020102.)

KB4016871 (OS Builds 15063.296 and 15063.297)

Release date: May 9, 2017

This is a security update that also includes minor bug fixes, but no new features. The security updates are for Microsoft Edge, Internet Explorer, Microsoft Graphics Component, Windows SMB Server, Windows COM, Microsoft Scripting Engine, the Windows kernel, Windows Server, and the .NET Framework. Among the bugs fixed are one in which autochk.exe can randomly skip drive checks and not fix data corruptions, which could lead to data loss.

What IT needs to know: Because this is a security update, it should be applied soon. Over the next few days, check for reports about problematic issues, and if all seems well, apply the update. (Get more info about KB4016871.)

KB4016240 (OS Build 15063.250)

Release date: April 25, 2017

This non-security update squashes a wide variety of bugs but includes no new features. It fixes a bug that caused intermittent logout from web applications and another that made systems unresponsive in certain situations after running Direct3D apps in full-screen exclusive mode. Previous to this patch, Windows Forms configuration issues caused antivirus applications to stop working at startup; they now work.

What IT needs to know: Two of the bugs fixed with this release are one in which some VMs experienced network connectivity loss while provisioning IP addresses and another that prevented Group Policy settings from disabling the lock screen. (Get more info about  KB4016240.)

KB4015583 (OS Build 15063.138)

Release date: April 11, 2017

This security update includes only a few minor bug fixes and no new features. It updates security for Scripting Engine, libjpeg image-processing library, Hyper-V, Windows kernel-mode drivers, Adobe Type Manager Font Driver, Internet Explorer, Graphics Component, Active Directory Federation Services, .NET Framework, Lightweight Directory Access Protocol, Microsoft Edge and Windows OLE. In addition, it fixes a problem with updating time zone information.

What IT needs to know: Because this is a security update, it should be applied soon. Over the next few days, check for reports about problematic issues, and if all seems well, apply the update. (Get more info about KB4015583.)

KB4016251 (OS Build 15063.13)

Release date: April 5, 2017

This non-security update fixes a few very minor bugs and has no new features. It repairs a problem that caused the Surface USB: Bluetooth radio to sometimes fail during hibernate/resume, and fixes an issue in which a virus protection product driver installation would trigger a system crash on Windows build 15060 configured with DeviceGuard. (Get more info about KB4016251.)

Windows 10 Creators Update (version 1703)

Release date: April 5, 2017

Version 1703, dubbed the Creators Update, is the most recent major update to Windows 10. Here’s a quick summary of what’s new for users in the Creators Update. (For more details, see our full review.)

  • It helps you better organize the Start menu by letting you put multiple tiles for apps into a single folder — for example, you can group all social media apps into one folder.
  • Users are given a bit more control over the update process: They can delay an update for three days and keep delaying it in three-day increments, or choose specific times for updates to install.
  • The Edge browser has gotten some improvements, including having Flash disabled by default for security reasons and supporting the ePub and PDF formats for reading books and other content.
  • Microsoft added some 3D and virtual reality features, including running HoloLens virtual reality and mixed reality apps for the first time, and introducing a Paint 3D app for creating 3D objects.
  • System settings that previously were in multiple locations have been consolidated into the Settings app.
  • There’s a new all-in-one security dashboard called Windows Defender Security Center that consolidates many security and computer health settings and information.
  • New gaming features include streaming gaming sessions over the internet; a Game Mode to improve gaming performance; and a Game bar to let you record your gameplay, take screenshots and perform games-related tasks.
  • The Cortana personal assistant gets a few modest additions, including scheduling monthly reminders and helping you set up devices.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 Creators Update:

  • Security has been improved in a number of ways, including adding new features and insights into Windows Defender Advanced Threat Protection (ATP) to better investigate and respond to network threats. Among the new features are sensors in memory, better intelligence and improved remediation capabilities.
  • Several new configuration service providers (CSPs) available in the Creators Update let administrators manage Windows 10 devices through Mobile Device Management (MDM) or provisioning packages. The DynamicManagement CSP, for instance, can enable or disable certain device features depending on location, network presence or time.
  • New mobile application management capabilities can protect data on personal mobile devices without requiring each device to be part of the corporate MDM.
  • The Windows Configuration Designer (previously called Windows Imaging and Configuration Designer) includes new wizards to make it easier to create provisioning packages, including for desktop devices, Windows mobile devices, Surface Hub devices, HoloLens devices and kiosk devices.
  • Enterprise security administrators get a more comprehensive documentation library for Windows Defender Antivirus.
  • If an enterprise-wide update policy hasn’t been configured, users with Windows Pro, Windows Enterprise or Windows Education editions have much more control over how Windows updates. With the Creators Update, users can now automatically delay cumulative monthly updates for up to 30 days, and can delay feature updates by up to 365 days.

 452 Posts 0 Comments 129909 Views