-->

Windows 10: A guide to the updates

Microsoft | Jan 27, 2018 |

What you need to know about each update to Windows 10 as they roll out from Microsoft. Now updated for KB4073291, released Jan. 18, 2018.

The launch of a big Microsoft Windows 10 update like the Fall Creators Update isn’t the end of a process — it’s really just the beginning. As soon as a major update is released, Microsoft quickly gets to work on improving it by fixing bugs, releasing security patches, and occasionally adding new features.

Here we’ve summarized what you need to know about every Windows 10 update being released to the public. First come updates to the currently shipping version of Windows 10 — version 1709, known as the Fall Creators Update — with the most recent updates on top. (Note that the Fall Creators Update is on a phased rollout, so you may not have received it yet.) Below that are updates to version 1703, known as the Creators Update. For each build, we’ve included the date of its initial release and a link to Microsoft’s announcement about it.

Note: If you're looking for information about Insider Program previews for the next major release of Windows 10, code-named Redstone 4, see "Windows 10 Redstone: A guide to the builds." And if you’re still using an earlier version of Windows, see the Microsoft support site for details about updates to Windows 7, Windows 8.1 and Windows 10 version 1607 / Windows Server 2016.

KB4073291 (OS Build 16299.201)
Release date: January 18, 2018


This update is only for PCs with the 32-bit (x86) version of Windows 10 1709 that have already installed January 3, 2018, update (KB4056892, OS Build 16299.192). Microsoft has provided no information about this update beyond a list of files that are in it (CSV download) and that it “provides additional protections for 32-Bit (x86) version of Windows 10 1709.” However, it notes that there are a number of known issues with the update, including that “Windows Update History reports that KB4054517 failed to install because of Error 0x80070643.”

(Get more info about KB4073291.)

KB4056892 (OS Build 16299.192)
Release date: January 3, 2018

This update fixes a variety of minor bugs, including one in which event logs stop receiving events when a maximum file size policy is applied to the channel. It also fixes several Microsoft Edge-related issues including one in which printing an Office Online document in Microsoft Edge fails and another in which Microsoft Edge stops responding for up to 3 seconds while displaying content from a software rendering path.


Also included are security updates for Internet Explorer, Microsoft Edge, Windows 10, .NET Framework and more. For details see the January 2018 Security Updates Release Notes.

What IT needs to know 

Because this is a security update, it should be applied soon. Over the next few days, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4056892.)

KB4054517 (OS Build 16299.125)
Release date: December 12, 2017 

This update fixes a variety of minor bugs, including one in which Windows Defender Device Guard and Application Control block some applications from running, even in Audit-Only Enforcement Mode. It also fixes a variety of issues with updating time zone information.

Also included are 34 security updates to the Microsoft Scripting Engine, Microsoft Edge, and Windows Server. The most notable of them are fixes to two remote code execution bugs in the Microsoft Malware Protection Engine. For details about the two remote execution bugs, see CVE-2017-11937and CVE-2017-11940.

What IT needs to know: Because this is a security update, it should be applied soon. Over the next few days, check for reports about problematic issues, and if all seems well, apply the update.


(Get more info about KB4054517.)

KB4051963 (OS Build 16299.98)
Release date: November 30, 2017

This minor, non-feature update includes a variety of bug fixes. It addresses several problems with Internet Explorer, including a script-related issue that caused the browser to stop working in some cases, and another in which forms submissions didn’t work properly. It also fixed performance problems when users run full-screen Microsoft DirectX 9 games and applications. And it fixes an issue in which user selections for Feedback Frequency in Settings > Privacy > Feedback & diagnostics weren’t saved.

(Get more info about KB4051963.)

KB4048955 (OS Build 16299.64)
Release date: November 14, 2017

This first “Patch Tuesday” release for the Fall Creators Update contains no new features but has a variety of bug fixes and security patches. It fixes a problem that caused the Mixed Reality Portal to stop responding to launch and one where black screens appeared when switching between windowed and full-screen modes when playing some Microsoft DirectX games. It also fixes an issue in which application tiles were missing from the Start menu. A variety of other problems have been solved as well.

Fifty-three security vulnerabilities have also been also fixed, with 20 of them rated as critical. Security holes have been patched throughout Windows, including in Internet Explorer, Microsoft Edge, Windows, Microsoft Office, ASP.NET Core, and Chakra Core.

What IT needs to know: Because this is a security update, it should be applied soon. Over the next few days, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4048955.)

KB4043961 (OS Build 16299.19)
Release date: October 17, 2017

This very minor, non-feature update addresses only a few small issues, including a bug in which, after apps are removed, they're reinstalled on every restart, logoff, and log in. There are also security updates to Windows kernel-mode drivers, Microsoft Graphics Component, Internet Explorer, Windows kernel, Microsoft Windows Search Component, Windows TPM, Windows NTLM, Device Guard, Microsoft Scripting Engine, Windows Wireless Networking, Microsoft Windows DNS, Windows Server, Microsoft JET Database Engine, and the Windows SMB Server.

What IT needs to know: Because this is a security update, it should be applied soon. Over the next few days, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4043961.)

Windows 10 Fall Creators Update (version 1709)
Release date: October 17, 2017

Version 1709, called the Windows 10 Fall Creators Update, is the most recent major update to Windows 10. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

  • OneDrive gets a new feature called Files On-Demand that gives you access to all of your OneDrive files on every device, without having to download them first. You’ll be able to see all the files you have in OneDrive, even if they’re only in the cloud and not on your PC. Icons tell you which are local and which are in the cloud. Just open the file, and if it’s not on your PC, it gets downloaded.
  • The new My People feature lets you pin three contacts to the Windows taskbar and then communicate with them instantly without having to open a separate app such as Skype or Mail. You can also click to see a list of all communications between them and you at a glance.
  • You can now send web links from your iOS or Android device to your PC and have them open in Microsoft Edge.
  • Cortana gets several new features, including displaying results in a scrollable flyout panel, so you don’t have to launch a web browser.
  • Microsoft Edge gets some minor improvements, including better Favorites handling and the ability to mark up PDFs and e-books.
  • Security has been beefed up, including the addition of Windows Defender Exploit Guard, which includes intrusion rules and policies to protect against a variety of threats, notably zero-day exploits. A new anti-ransomware feature called Controlled Folder Access has also been added; it lets only approved apps have access to Windows system files and folders.
  • New privacy features include the ability to review the kinds of devices and services apps from the Microsoft Store want access to before you download them.
  • The update incorporates Microsoft’s new design system and guidelines, called Fluent Design. Overall, transitions are smoother, and there are subtle changes to the transparency effect.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 Fall Creators Update:

  • The notoriously insecure SMBv1 networking protocol, exploited in recent ransomware attacks including WannaCry and Petya, won’t be included on clean installs of the Windows 10 Fall Creators Update, but SMBv1 components will remain if you do in-place upgrades on PCs that already have the component installed.
  • Windows Defender Advanced Threat Protection (ATP), a suite of tools introduced in Windows 10 that helps enterprise customers protect their users and networks against threats and respond to attacks, is being beefed up. Among other things, it will run on the Windows Server OS.
  • ATP is also part of Windows Defender Application Guard for Microsoft Edge, available only for Windows 10 Enterprise Edition. It protects against malware attacks by confining visits to unknown or untrusted websites to a virtual machine, so that attacks can’t spread to a PC or the network.
  • Windows AutoPilot, which improves self-service deployments of Windows 10 PCs, gets a variety of tweaks, including better mobile device management (MDM) services.
  • Windows Analytics’ new Device Health tool gathers information on how PCs perform in an enterprise and based on that, identifies potential issues and outlines steps to resolve them.
  • Enterprises get more control over what kind of information Windows Analytics gathers for the IT staff. In order to improve users’ privacy, IT staff can limit the information collected by Windows Analytics to only diagnostic data.

Updates to the Creators Update (version 1703)
KB4041676 (OS Build 15063.674)
Release date: October 10, 2017

This non-feature update addresses a wide variety of issues, including ones related to security. It fixes a bug that won’t allow some games from downloading from the MIcrosoft Store. The build also fixes an issue in which some Universal Windows Platform (UWP) apps and Centennial apps (.NET and Win32-based Windows applications that have been packaged to be published to the Microsoft Store) have a gray icon and display the error message "This app can't open" on launch.

In addition, security updates are included for many parts of Windows, including Microsoft Windows Search Component, Windows kernel-mode drivers, Microsoft Graphics Component, Internet Explorer, Windows kernel, Microsoft Edge, Windows Authentication, Windows TPM, Device Guard, Windows Wireless Networking, Windows Storage and Filesystems, Microsoft Windows DNS, Microsoft Scripting Engine, Windows Server, Windows Subsystem for Linux, Microsoft JET Database Engine, and the Windows SMB Server.

What IT needs to know: Because this is a security update, it should be applied soon. Over the next few days, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4041767.)

KB4040724 (OS Build 15063.632)
Release date: September 25, 2017

This non-feature update addresses two very minor issues: Cellular connectivity and reliability have been improved, and performance problems with Microsoft Edge that were introduced in KB40387888 have been resolved.

(Get more info about KB4040724.)

KB4038788 (OS Build 15063.608)
Release date: Sept. 12, 2017

This non-feature update addresses a wide variety of miscellaneous minor issues, including one where some machines fail to load wireless WAN devices when they resume from Sleep, and another where spoolsv.exe stops working. Also addressed is a problem in which the option to join Azure AAD is sometimes unavailable during the out-of-box experience, and another in which clicking the buttons on Windows Action Center notifications results in no action being taken.

What IT needs to know

This release includes security updates to Microsoft Graphics Component, Windows kernel-mode drivers, Windows shell, Microsoft Uniscribe, Microsoft Edge, Device Guard, Windows TPM, Internet Explorer, Microsoft Scripting Engine, Windows Hyper-V, Windows kernel and Windows Virtualization. Because it’s a security update, it should be applied soon. Over the next few days, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4038788.)

KB4034674 (OS Build 15063.540)
Release date: Aug. 8, 2017

This non-feature update addresses a variety of minor issues, primarily aimed at IT. Two fixes are for mobile devices: One in which the policies provisioned using Mobile Device Management (MDM) don’t take precedence over policies set by provisioning packages, but should, and another in which an access violation in the Mobile Device Manager Enterprise feature causes stop errors. Also addressed is an issue in which the Site to Zone Assignment List group policy (GPO) was not set on machines when it was enabled.

There are also security updates for many Windows features and services, including Microsoft Edge, Microsoft Windows Search Component, Microsoft Scripting Engine, Microsoft Windows PDF Library, Windows Hyper-V, Windows Server, Windows kernel-mode drivers, Windows Subsystem for Linux, Windows shell, Common Log File System Driver, Internet Explorer, and the Microsoft JET Database Engine.

What IT needs to know: Because this is a security update, it should be applied soon. Over the next few days, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4034674.)

KB4032188 (OS Build 15063.502)
Release date: July 31, 2017

This non-feature update addresses a variety of minor issues and bugs, including one in which Win32 applications have problems working with various Bluetooth LE devices including head tracking devices, a reliability issue with launching the Settings app while an application is using the camera, and a bug in which video playback artifacts appear during transitions from portrait to landscape on mobile devices.

What IT needs to know: Several minor issues addressed in this update affect IT, including the Mobile Device Manager Enterprise feature not allowing headsets to work correctly, and a bug that can cause a service using a Managed Service Account (MSA) to fail to connect to a domain after an automatic password update.

(Get more info about KB4032188.)

KB4025342 (OS Build 15063.483)
Release date: July 11, 2017

This security update (a Patch Tuesday release) fixes 54 vulnerabilities in Windows 10, Microsoft Edge, Internet Explorer, Microsoft Office and Microsoft Exchange. Nineteen of the vulnerabilities were rated as critical, 32 as important and three as moderate.

The critical bugs include six remote code execution ones, including one for Microsoft’s HoloLens mixed reality head-mounted display that is currently available only to developers. It allowed the device to be hacked “by merely receiving WiFi packets, apparently without any form of authentication at all,” in Microsoft’s words.

Microsoft Edge received patches for thirteen critical scripting engine memory corruption vulnerabilities, including one in which an attacker could gain the same user rights as the current user.

What IT needs to know: Because this is a security update, it should be applied soon. Over the next few days, check for reports about problematic issues, and if all seems well, apply the update. In addition to the patches for Windows 10 Creators Update are security patches for Windows Server 2016 / Windows 10 Anniversary Update.

(Get more info about KB4025342.)

KB4022716 (OS Build 15063.447)
Release date: June 27, 2017

This non-security update kills more than three dozen minor bugs. Among them are one that causes the Camera app to use a lot of memory on mobile platforms, which reduces battery life. The update also improves Bluetooth connectivity with wearable devices.

What IT needs to know: Some of the bugs affect networks, including one in which network printers may fail when using the printer vendor’s setup software on machines with less than 4GB of RAM. Installing the printers using the Settings app or from Devices and Printers in Control Panel will ensure they’re installed properly. In addition, the update fixes an issue which prevented users from connecting to the Terminal Services Gateway (TSG) running on Windows Server 2008 SP2 after it has been upgraded to the Creators Update, with the result that users were not able to access Remote Desktop Services or remote apps.

(Get more info about KB4022716.)

KB4022725 (OS Builds 15063.413 and 15063.414)
Release date: June 13, 2017

This security update closes dozens of security holes, including two remote code execution vulnerabilities (CVE-2017-8464, which is similar to Stuxnet, and CVE-2017-8543, which is a wormlike attack).

It also fixes a variety of bugs, including one in which a user may have to press the space bar to dismiss the lock screen to log in, even after the log on is authenticated using a companion device.

What IT needs to know: Because this is a security update, it should be applied immediately, especially because several of the security holes are being actively used by attackers. (Get more info about KB4022725.)

KB4020102 (OS Build 15063.332)
Release date: May 25, 2017

This non-security update fixes a wide variety of bugs but offers no new features. Among other issues, it fixes a problem when network printers may fail to install using the printer vendor’s setup software on PCs with less than 4GB of RAM. It also fixes several problems with Internet Explorer, including one where non-administrator users can’t install ActiveX controls. (Get more info about KB4020102.)

KB4016871 (OS Builds 15063.296 and 15063.297)
Release date: May 9, 2017

This is a security update that also includes minor bug fixes, but no new features. The security updates are for Microsoft Edge, Internet Explorer, Microsoft Graphics Component, Windows SMB Server, Windows COM, Microsoft Scripting Engine, the Windows kernel, Windows Server, and the .NET Framework. Among the bugs fixed are one in which autochk.exe can randomly skip drive checks and not fix data corruptions, which could lead to data loss.

What IT needs to know: Because this is a security update, it should be applied soon. Over the next few days, check for reports about problematic issues, and if all seems well, apply the update. (Get more info about KB4016871.)

KB4016240 (OS Build 15063.250)
Release date: April 25, 2017

This non-security update squashes a wide variety of bugs but includes no new features. It fixes a bug that caused intermittent logout from web applications and another that made systems unresponsive in certain situations after running Direct3D apps in full-screen exclusive mode. Previous to this patch, Windows Forms configuration issues caused antivirus applications to stop working at startup; they now work.

What IT needs to know: Two of the bugs fixed with this release are one in which some VMs experienced network connectivity loss while provisioning IP addresses and another that prevented Group Policy settings from disabling the lock screen. (Get more info about  KB4016240.)

KB4015583 (OS Build 15063.138)
Release date: April 11, 2017

This security update includes only a few minor bug fixes and no new features. It updates security for Scripting Engine, libjpeg image-processing library, Hyper-V, Windows kernel-mode drivers, Adobe Type Manager Font Driver, Internet Explorer, Graphics Component, Active Directory Federation Services, .NET Framework, Lightweight Directory Access Protocol, Microsoft Edge and Windows OLE. In addition, it fixes a problem with updating time zone information.

What IT needs to know: Because this is a security update, it should be applied soon. Over the next few days, check for reports about problematic issues, and if all seems well, apply the update. (Get more info about KB4015583.)

KB4016251 (OS Build 15063.13)
Release date: April 5, 2017

This non-security update fixes a few very minor bugs and has no new features. It repairs a problem that caused the Surface USB: Bluetooth radio to sometimes fail during hibernate/resume, and fixes an issue in which a virus protection product driver installation would trigger a system crash on Windows build 15060 configured with DeviceGuard. (Get more info about KB4016251.)

Windows 10 Creators Update (version 1703)
Release date: April 5, 2017

Version 1703, dubbed the Creators Update, is the major update to Windows 10 that precedes the Fall Creators Update. Here’s a quick summary of what’s new for users in the Creators Update. (For more details, see our full review.)

  • It helps you better organize the Start menu by letting you put multiple tiles for apps into a single folder — for example, you can group all social media apps into one folder.
  • Users are given a bit more control over the update process: They can delay an update for three days and keep delaying it in three-day increments, or choose specific times for updates to install.
  • The Edge browser has gotten some improvements, including having Flash disabled by default for security reasons and supporting the ePub and PDF formats for reading books and other content.
  • Microsoft added some 3D and virtual reality features, including running HoloLens virtual reality and mixed reality apps for the first time, and introducing a Paint 3D app for creating 3D objects.
  • System settings that previously were in multiple locations have been consolidated into the Settings app.
  • There’s a new all-in-one security dashboard called Windows Defender Security Center that consolidates many security and computer health settings and information.
  • New gaming features include streaming gaming sessions over the internet; a Game Mode to improve gaming performance; and a Game bar to let you record your gameplay, take screenshots and perform games-related tasks.
  • The Cortana personal assistant gets a few modest additions, including scheduling monthly reminders and helping you set up devices.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 Creators Update:

  • Security has been improved in a number of ways, including adding new features and insights into Windows Defender Advanced Threat Protection (ATP) to better investigate and respond to network threats. Among the new features are sensors in memory, better intelligence and improved remediation capabilities.
  • Several new configuration service providers (CSPs) available in the Creators Update let administrators manage Windows 10 devices through Mobile Device Management (MDM) or provisioning packages. The DynamicManagement CSP, for instance, can enable or disable certain device features depending on location, network presence or time.
  • New mobile application management capabilities can protect data on personal mobile devices without requiring each device to be part of the corporate MDM.
  • The Windows Configuration Designer (previously called Windows Imaging and Configuration Designer) includes new wizards to make it easier to create provisioning packages, including for desktop devices, Windows mobile devices, Surface Hub devices, HoloLens devices and kiosk devices.
  • Enterprise security administrators get a more comprehensive documentation library for Windows Defender Antivirus.
  • If an enterprise-wide update policy hasn’t been configured, users with Windows Pro, Windows Enterprise or Windows Education editions have much more control over how Windows updates. With the Creators Update, users can now automatically delay cumulative monthly updates for up to 30 days, and can delay feature updates by up to 365 days.

For more details about new features for IT, see the Microsoft blog posts

 

Keywords: Windows, Microsoft, ICYMI, updates, log

Comments:

comments powered by Disqus

Sponsored Ads:

Sponsored Ads:

DMCA.com Protection Status