KB4507460 updates Windows 10 1607 to build 14393.3085

Microsoft rolls KB4507460 cumulative update for Windows 10 1607 users which in turn enhances the existing build to 14393.3085. With this release, the Company brings remarkable fixes in BitLocker encryption recovery mode, Microsoft Edge, wireless technologies, and others. Furthermore, there are also some known issues in vfpext.sys, in Window-Eyes screen reader app, and in others.

The Company has already provided a temporary solution to these issues, however, wait for the next upcoming release to get the permanent solution. You can download KB4507460 as .msi files by visiting the link provided at the end of this guide. Today, in this tutorial, we guide on how to incorporate the improvements associated with the build 14393.3085. Here is the complete catalog of  Windows 10 cumulative updates.


Fixes and Improvements

The key changes that came along with KB4507460 are as follow-

  • The Developer team has worked upon BitLocker that go into recovery mode. The situation concerning this issue is that the BitLocker is being provisioned at one time. Along with that time, the updates are also being installed.
  • The tech community works upon an issue that may cause some devices with Hyper-V enabled to enter BitLocker recovery mode and experience the error, “0xC0210000”.
  • KB4507460 having build 14393.3085 provides you the Security updates to different Microsoft products such as- Windows Wireless Networking, Windows Server, Microsoft Scripting Engine, Windows Storage and Filesystems, Microsoft Graphics Component, Internet Explorer, Windows Input and Composition, Windows Virtualization, Windows App Platform and Frameworks, Windows Kernel, Microsoft Edge, and Windows Cryptography.

Known Issues with KB4507460

1- Symptom

There occurs a problem for the Hosts that are administered by SCVMM. This is because SCVMM can’t enumerate or even run logical switches which are deployed on the hosts after each update installation.

After all, if you don’t follow the best practices, there is a higher prospect to appear a stop bug in vfpext.sys on the hosts.


Sol– To solve the above issue, you must follow either of these two solutions-

1) Do mofcomp among the following mof files on the affected host-

  • Scvmmswitchportsettings.mof
  • VMMDHCPSvr.mof

2) As a resolution, you can also head towards the best tactics while patching so as to bypass a stop error in vfpext.sys in an SDN v2 environment (NC managed hosts).

2- Symptom

On installing KB4467684, the cluster service won’t start rather illustrating the following error message-

“2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length”

Basically, this issue arises when one uses more than 14 characters on the cluster services.


Sol– To extricate this problem, you must have to set up the domain default “Minimum Password Length” policy to use equal to or less than 14 characters.

The Company is yet to provide a permanent solution to this trouble.

3- Symptom

A few specific functions, such as rename may result “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)” bug.

This error message appears only if you do above operations on a Cluster Shared Volume (CSV). This bug may also occur if one uses Non-Admin account to perform alike operations on a CSV owner node.


Sol– To fix this problem, you may perform the following tasks-

  1. Carry out the operation using a process that has administrator privilege.
  2. Execute the procedure from a node that doesn’t require CSV ownership.

Microsoft is yet to provide a permanent solution to this issue.

4- Symptom

Several apps may not perform as they are expected for Active Directory Federation Services 2016 clients. After installing the latest patch KB4507460, such apps use an IFRAME during non-interactive authentication requests and receive X-Frame Options set to DENY.


Sol– You are able to use the Allow-From value of the header if the IFRAME only accesses pages from a single-origin URL.

Or, open PowerShell as Admin and run the following command line on the infected server-

set-AdfsResponseHeaders -SetHeaderName X-Frame-Options -SetHeaderValue "allow-from https://example.com"

Wait for some more time as the company is working on a solution to this issue.

5- Symptom

After installing the update KB4507460, you may experience an error while using the Window-Eyes screen reader app. Besides, some features may also not function as expected.

Note- Those people who have already left Window-Eyes and relocate Freedom Scientific’s other screen reader, JAWS, should not be affected by this issue.


Wait for some time as the company is working on a solution to this issue.

How to get KB4507460 cumulative Update

Note: Before going further, do download the latest SSU (KB4509091).

You can download the cumulative update KB4507460 through Windows Update Section. Alternatively,  

You can have this new patch update KB4507460 automatically for your PC through Windows Update. In case, you don’t want to wait, go to the following address download the cumulative update-

 Settings > Update & Security > Windows Update

Once you reach to the above location, press Check for updates option.

You can have the Standalone package by visiting here.

Source: Microsoft Update Catalogue