KB4586830 – Windows 10 1607 Build 14393.4046 Security Update

On 10th Nov 2020, Microsoft releases another set of security updates to all Windows 10 versions including 20H2 and 2004. If you are still on Windows 10 version 1607, this article explains the key features and fixes that you will notice after installing the KB4586830 cumulative update.

Installing this security patch, the Windows 10 1607 OS Build number increases to 14393.4046 along with some quality improvements. If you are on some other version, do visit this catalog – Complete Cumulative Updates.


KB4586830 Changelog

Here are the key changes on Windows 10 1607 Build version 14393.4046 –

  • You may now use a Group policy to enable Save Target As for admin accounts inside Microsoft Edge IE Mode. 
  • Users may now prevent the JScript Scripting Engine from processing.
  • No bugs even while using an application that includes a hook. 
  • The Microsoft Management Console (MMC) Group Policy application will now function properly even during the edition of the related security settings. Earlier, Windows returns an error that reads – “MMC cannot initialize the snap-in”.
  • Fixes the reasons causing the stop error 7E in nfssvr.sys on servers running the Network File System (NFS) service. 
  • Previously, a violation exists inside the tssdis.exe that restricts establishing a proper Remote Desktop Session Host (RDSH) connection.
  • Updates the 2020 DST start date for the Fiji Islands to December 20, 2020.
  • Works upon an anomaly that causes the Windows Management Instrumentation (WMI) Provider Host (WmiPrvSE.exe) to leak registry key handles while querying for the below entry – 
    • Win32_RDCentralPublishedDeploymentSettings

Windows Defender Improvements

If you enable the credential guard on your computer, this may fail to identify any Machine Bound certificates. The problem arises because Windows 2016 and Windows 2019 domain controllers add duplicate KeyID values to the msDS-KeyCredentialLink attribute of these devices.

This issue stands resolved on this build update. 

Apart from the above fixes and improvements, Microsoft provides security updates to the following –

  • Microsoft Scripting Engine, the Microsoft Graphics Component, the Windows Wallet Service, Windows Fundamentals, the Windows Kernel, and Windows Virtualization.

Known Issues on KB4586830 

After installing this patch, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)”. In order to fix this, you must set the domain default “Minimum Password Length” policy to less than or equal to 14 characters. 

How to Get this Update

Make sure to download and install the latest servicing stack first i.e. KB4576750. Normally, Windows update auto-offer this SSU. If not, you may get the standalone package via searching on the Microsoft Update Catalog

After you install the related servicing stack, follow either of the below ways to install the KB4586830 CU.

1. Windows Update

Navigate to the path Settings > Update & Security > Windows Update, and hit Check for Updates. The system will automatically download/install the pending updates and prompts to restart the PC

In case this doesn’t show up any pending updates, follow the next method. 

2. Update Catalog

3. Windows Server Update Services (WSUS)

This update will automatically sync with WSUS if you configure Products and Classifications as follows:

  • Product: Windows 10
  • Classification: Security Updates

Release Note