Another patch Tuesday is here with a bundle of cumulative updates, including KB4493470, for various versions of Windows 10. It is an update for version 1607 and with it, the OS build will be 14393.2906. This cumulative update offers security improvements to some of the Microsoft applications and programs. Also, it deals with some Group policy and other issues as well.
Users on Windows 10 version 1607 need to note that it had met the end of service back in April of 2018. Even the additional servicing offered to the Enterprise, loT and Education editions terminated with the update on 9th April 2019. Microsoft suggests users upgrade to the latest versions of Windows 10 for a better experience and to continue receiving quality and security updates.
KB4493470 –
Table of Contents
KB4493470 Improvements and fixes details
KB4493470 brings the following improvements and fixes in Windows 10 1607 –
- KB4493470 comes with security updates for different MS components.
- GB18030 certificate requirements are met by resolving the related problems.
- Following issues are resolved by KB4493470-
- A problem that occurred whenever a user attempts and enable per font EUDC (viz end-user-defined characters). This problem used to cause the system to stop working. It also caused a plain blue screen to appear at startup.
- Some authentication issues were there for IE 11 as well as some other apps which made use of WININET.DLL. The problem used to occur whenever two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol and Terminal Server logons.
- The problem preventing response of applications that use MSXML6.
- An issue which blocked the response of Group Policy editor while users edited such Group Policy Object (in short GPO) which contains Policy Preferences for IE 10 Internet settings.
Known Issues with the update
Below given are the known issues with the update KB4493470 –
Issue 1 –
After installing this update, there can be a problem in hosts which are managed by SCVMM or System Center Virtual Machine Manager (SCVMM). In this scenario, “SCVMM” will be unable to enumerate/manage the logical switches deployed on the host. Also, there is a possibility of occurrence of stop error in vfpext.sys.
Workaround –
Run mofcomp on the following mof files:
- mof
- mof
Microsoft recommends users to follow the best practices when patching in order to prevent the stop error in vfpext.sys.
Issue 2 –
Another known issue with the update is that post installation, the cluster service may fail to initiate. An error message “2245 (NERR_PasswordTooShort)” will be shown. This occurs particularly if the users set group policy “Minimum Password Length” over 14 characters.
Workaround –
As a workaround, you can set the “Minimum Password Length”. It might be, by default, over 14 chars, to less than or equal to 14 chars.
The developer is currently working on finding a permanent solution for this issue. We can expect an update in relation to this in an upcoming release.
Issue 3 –
You can come across with certain problems related to Custom URI Schemes for Application Protocol handlers post the installation of KB4493474. It may be unable to initiate the corresponding application for trusted sites on Internet Explorer and local intranet.
Workaround –
Open the link in a new tab or new window by right-clicking on the URL link. Moving ahead, select “open link in new tab” or “open link in new window”.
Alternatively, you can enable Protected Mode in Internet Explorer for local intranet and trusted sites.
Step 1: Search for Internet options in Cortana and go to the Security tab.
Step 2: Here you’ll need to select Local Intranet under Select a zone to view or change security settings. Then simply choose Enable Protected Mode.
Step 3: The next step is to select Trusted sites and then, Enable Protected Mode.
Step 4: Finally click on OK.
Once you make these changes, make sure you restart the browser to apply the changes.
The developer is currently working on finding a permanent solution for this issue. We can expect an update in relation to this in an upcoming release.
Issue 4 –
You may face some problems while trying to start a device using the Preboot Execution Environment (or PXE). The issue occurs when you are starting it from a WDS or Windows Deployment Services server configured to use Variable Window Extension. It may ahead of time terminate the connection to the WDS server while downloading the image. However, this specific trouble does not affect clients or devices that are not using the Variable Window Extension. Microsoft is attempting to resolve this issue.
Workaround –
You can try any of the following workarounds disable the Variable Window Extension on WDS server and mitigate the issue.
Option 1:
This is the simplest method.
- In the search box, type cmd. Then, open Command prompt as an administrator.
- Thereafter, type the following in the command line:
Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No
Option 2:
The second method involves using the Windows Deployment Services User interface.
- Open Windows Deployment Services from Windows Administrative Tools.
- Then, in Servers expanded options, right-click on a WDS server. Open Properties.
- Proceeding ahead, on the TFTP tab, you need to clear the Enable Variable Window Extension box.
Option 3:
- In the search box, type regedit. Then, click on the result to access Registry Editor.
- Go to the following location and set the registry value to 0:
HKLM\System\CurrentControlSet\Services\WDSServer\Providers\WDSTFTP\EnableVariableWindowExtensionAfter you disabling, Microsoft suggests restarting the WDSServer service.
Where to get KB4493470 for Windows 10 Version 1607?
The system will all by itself download the update through “Windows Update service”. KB4493470 is also available in the Microsoft Update Catalog site.
That’s all!