KB4493437 Patch Update- takes Windows 10 1803 to Build 17134.753

Microsoft rolls out KB4493437 cumulative update for Windows 10 1803 users and this will upgrade your System to build 17134.753. This patch up update brings some quality improvements for date and time, BitLocker, VPN, Remote Desktop, and much more.

The Company has not included any new operating features, still, it contains some quality fixes. Here, in this guide, we will discuss general improvements and fixes along with known issues on this build. Let’s explore this in detail-

KB4493437

General Improvements and fixes- Windows 10 1803

The key changes which appear with KB4493437 cumulative update are as follow-

Changes made in the Japanese Era Calendar

  1. Updates the NLS registry to support the new Japanese Era.
  2. Updates fonts to support the new Japanese Era and add alternative fonts as well.
  3. Fixes an issue that prevents the CALDATETIME structure from handling more than four Japanese Eras.
  4. Addresses an issue that prevents an input method editor (IME) from supporting the new Japanese Era character.
  5. Addresses an issue that causes the DateTimePicker to display the date incorrectly in the Japanese date format.
  6. KB4493437 resolves an issue that lets ShellExperienceHost.exe stop working when the start date for the Japanese Era is not the first day of the Month.
  7. Resolves an issue that causes the Clock and Calendar flyout control to display the day of the week incorrectly mapped to a date in the month of the new Japanese Era.
  8. KB4493437  resolves an issue which let the Date and Time Settings to control the cache of old Eras. This even doesn’t allow refreshing when the time enters into the new Japanese Era.
  9. This Cumulative update adds a Text-To-Speech (TTS) feature to support Japanese Era Characters.

Microsoft Office, Edge, and Azure

  • The company resolves an issue that causes Microsoft Office apps to stop responding. This even blocks the installation of a newer version of the existing app.
  • Allows the built-in Administrator account to run Microsoft Office setup after downloading the installer on Microsoft Edge.
  • Addresses an issue that disables the new App Container feature for Microsoft Office.
  • Addresses an issue that may cause the loss of Favorites or the Reading List in Microsoft Edge after updating the operating system.
  • Allows existing devices that are managed by Configuration Manager to be enrolled in Microsoft Intune using Co-management without any user interaction. It does not require an active user to being logged in, and there are no Multi-Factor Authentication (MFA) prompts. This update also allows the Co-managed mobile device management (MDM) enrollment to use the device credential is received when the device is enabled to join Hybrid Azure Active Directory (AADJ).
  • Addresses an issue that prevents BitLocker from encrypting a removable drive when there is no connectivity to store the recovery key in Active Directory or Azure Active Directory.

Fixes

  • Addresses an issue that slows server performance or causes the server to stop responding because of numerous Windows firewall rules. To enable the changes, add a new registry key “DeleteUserAppContainersOnLogoff” (DWORD) on HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy using Regedit, and change its value to 1.
  • KB4493437 resolves an issue that causes a roaming profile user to lose customized Start menu settings after upgrading the operating system (OS). After installing this update, administrators must enable the UseProfilePathMinorExtensionVersion registry setting described in KB4493782 for roaming user profiles (RUP). This key allows you to create a new RUP for an upgraded OS and prevents the loss of a custom Start menu. The RUP must be stored locally, and you must restart the device to enable the feature.
  • Fixes an issue that prevents certain apps from launching when you set folder redirection for the Roaming AppData folder to a network path.
  • They work on preventing access to enterprise resources when using Kerberos with Windows Hello for Business (WHfB) credentials. This affects users to obtain multiple prompts to provide their credentials.
  • The company along with the team fixes the Internet Explorer to restrict a sub-resource download. It occurs at the time of loading over the HTTP protocol on a page hosted over the HTTPS protocol.
  • The company resolves another issue which prevents access to the Server Message Block (SMB). It shares on or from SMB-enabled physical or virtual network interface cards that are configured with a virtual private network (VPN) interface.

Some Other Changes

  • Addresses an issue that may prevent Custom URI Schemes for Application Protocol handlers from starting the corresponding application on a local intranet or trusted sites in Internet Explorer.
  • Addresses an issue that prevents Print Workflow Applications from launching for Point and Print.
  • Resolves an issue that may cause the UI to stop responding for several seconds while scrolling down in windows which consists of several child windows.
  • Resolves an issue that causes connection requests to the Remote Desktop Session Host (RDSH) servers in the deployment to fail. This issue occurs because of a deadlock in the Connection Broker.
  • Addresses an issue that causes the error, “0x3B_c0000005_win32kfull!vSetPointer” when the kernel mode driver, win32kfull.sys accesses an invalid memory location.
  • Addresses an issue that may cause the UI to stop responding for several seconds when scrolling in windows that have many child windows.
  • Fixes an issue that may cause a touch screen to stop working after restart.
  • Addresses a gradual memory leak in LSASS.exe on systems that have cached logon enabled. This issue mainly affects servers that process many interactive logon requests, such as web servers.
  • Fixes an issue that may allow a user to continue logging on to an account using a smart card after disabling the account.
  • Improves results when provisioning printers in educational environments that include multifunction printers.
  • Addresses an issue with Always-On VPN exclusion routes that only work for link-local exclusions.
  • Addresses boot failure issues that occur when you restart certain hyper-converged infrastructure (HCI) virtual machines.
  • Fixes an issue that may prevent Universal Windows Platform (UWP) apps from receiving keyboard input when its user interface thread becomes too busy. This issue occurs when the UWP app has an embedded WebView control.

Knows issues- KB4493437 Cumulative update

Symptom Workaround

When you install this cumulative update KB4493437, there may be issues using the Preboot Execution Environment to start a device from a Windows Deployment Services(WDS) server configured to use Variable Window Extension.

This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using the Variable Window Extension.

To solve this bug, try any of these two solutions-

  • Launch an Administrator Command prompt and type the following-
  • Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No
  • Use the Windows Deployment Services UI.
  • Open Windows Deployment Services from Windows Administrative Tools.
  • Extend Servers and right-click a WDS server.
  • Open its properties and clear the Enable Variable Window Extension box on the TFTP tab.
  • Set the following registry value to 0-

HKLM\System\CurrentControlSet\Services

\WDSServer\Providers\WDSTFTP\

EnableVariableWindowExtension

Relaunch the WDSServer service after disabling the Variable Window Extension.

Microsoft is serving on a resolution and will provide an update in a prospective release.

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5). This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

Explore one of the following-

  • Complete the operation from a method that has administrator privilege.
  • Finish the operation from a node that doesn’t have CSV ownership.

Microsoft is working on a resolution and will provide an update in an upcoming release.

How to get this update

If you are willing to download and install this patch up update i.e. KB4493437 on your System, make sure to install the latest SSU (KB4485449) as well. This is because it will enhance the reliability of the whole Update process thus you won’t get any surprise bugs.

Note: SSU stands for servicing stack updates whereas LCU for the latest cumulative update.

Windows users will receive this automatically on their System. However, if this doesn’t appear for any reason, you can download this file manually too. Here is the procedure to get this release-

  • At first, navigate to the following path.
Settings --> Update & Security --> Windows Update

You can also have a Standalone Package of this update from Microsoft Update Catalog.

Source