Fri. Aug 14th, 2020

Microsoft released the updates KB4489894, KB4489890, KB4489888 and KB4489889 for Windows 10

5 min read

Microsoft has released optional updates for Windows 10 Version 1803, Version 1709, Version 1703, and Version 1607. This type of optional cumulative update is currently pushed in advance to test to see if there are any potential issues and then to be pushed as a routine update on Tuesday night of the second week of the following month.

Windows 10 Insider Preview Build 18282

Windows 10 version 1803 — KB4489894

The update includes the following fixes and improvements:

  • Time zone information update for Kazakhstan, Buenos Aires, Argentina,  São Tomé and Príncipe.
  • Fixed an issue that prevented Microsoft Office updates from downloading from the Microsoft Store.
  • Additional Japan New Era fixes.
  • Fixed an Access 97 database issue if tables or columns have custom properties (stops the operation).
  • Addressed an issue that caused devices to stop sporadically if East Asian languages were used.
  • Fixed an issue that caused laptop screens to remain black when resuming from sleep.
  • Fixed the Group Policy “Turn off app notifications on the lock screen”.
  • Addresses an issue that may prevent users from signing in and cause account lockouts when using the App-V client to start applications. Fix involves changing a Registry Key:
    • Setting: UseDcForGetUserInfo
    • Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Shared\
    • Type: REG_DWORD
    • Value: Setting the following DWORD to nonzero will enable the solution.
  • Fixed an unlocking issue using smart cards that prevented users from unlocking the device under certain circumstances.
  • Fixed an issue that caused the authentication credentials dialog from appearing in Enterprise environments.
  • Fixed a server or client restart issue when attempting to log in using a smart card.
  • Addressed an issue that listed multiple device entries for a single hybrid domain joined device.
  • Addresses an issue that removes the ALLOWCLSIDS policy from the policy XML file when you run the Add-SignerRule for Windows Defender Application Control.
  • Fixed an issue that prevented smart cards from working properly in conjunction with Citrix 7.15.2000 Workstation VDA software.
  • Fixed an authentication issue  that caused Windows Account Manager to fail.
  • Fixed an issue that caused certification renewals to fail.
  • Added new Group Policy “Enable Windows to soft-disconnect a computer from a network” which determines how Windows should disconnect from a network when it determines that the computer should not be connected to the network anymore.
    • Path: Computer Configuration\Policies\Administrative Templates\Network\Windows Connection Manager
    • Enabled: Windows will soft-disconnect.
    • Disabled: Windows disconnects immediately.
    • Not configured: Same as Enabled.
  • Fixed issue for “Stop 0x133” in NTFS.sys.
  • Fixed an issue that made Windows reuse an expired Dynamic Host Configuration Protocol (DHCP) lease if the lease expired during shutdown.
  • Fixed an issue with Virtual Machine Management Service to stop working.
  • Fixed an issue in which the graphics device interface (GDI) DeleteObject() caused the calling process to stop working.
  • “Seamless” integration with Microsoft Cloud App Security (MCAS) for Windows Defender Advanced Threat Protection customers.
  • Enhances automated investigation and remediation, including memory forensics, for Windows Defender ATP customers.
  • Addresses minor issues with unknown options (unknown OPT) in the Extension Mechanisms for DNS (EDNS) for the Windows DNS Server role.


Windows 10 version 1709 — KB4489890

The following improvements are unique to this update:

  • Addressed an issue that causes the “Windows created a temporary warning.” message to appear if you create a page file on a drive with FILE_PORTABLE_DEVICE characteristics.
  • Addressed an issue that causes the user interface (UI) to stop responding for several seconds when you scroll a window while many child windows are open.
  • Addressed an issue with Microsoft Outlook profiles on devices that are domain joined and workplace joined. Creation of new Microsoft Outlook profile may fail, or created Microsoft Outlook profiles may fail to work later.


Windows 10 version 1703 — KB4489888

Improvements are shared for the most part (but fewer). Microsoft lists three known issues for this update (MSXML6, Custom URI Schemes, and EUDC).


Windows 10 version 1607 — KB4489889

The update shares fixes with the other updates. There are some unique ones, however:

  • Addressed a reliability issue in dxgkrnl.sys.
  • Addressed an issue that caused a yellow exclamation mark to appear in Windows Device Manager on human interface devices (HID).
  • Addressed an issue that caused the touch screen to stop working after a restart.
  • Addressed an issue that prevented App-V applications from starting and generated the error “0xc0000225”.
    • Setting the value of HKLM\Software\Microsoft\AppV\\MAV\Configuration\MaxAttachWaitTimeInMilliseconds to a non-zero value resolves the issue. The max is 10,000.
  • Addressed an issue that caused certificate renewal to fail when using CERT_RENEWAL_PROP_ID with the ICertPropertyRenewal interface.
  • Addressed an issue that prevented users from receiving all the available Windows updates using the Unified Write Filter (UWF) servicing mode while UWF is enabled.
  • Addressed an issue in the Microsoft Service Control Manager (SCM) component that caused a system to stop responding at startup.
  • Addressed an issue in Active Directory Federation Services (AD FS) that caused a duplicate relying party trust to appear in the AD FS management console.
  • Fixed an issue with previous versions of files becoming unavailable.
  • Fixed an issue that caused a long delay when resuming from hybrid sleep.
  • Addressed an issue in a Storage Spaces Direct environment that led to an error at shutdown during a “restart in a loop” scenario.
  • Addressed an issue that caused a cluster to stop working when a file share witness became read-only.
  • Addressed an issue that occured when updating cluster nodes one by one. If you restarted a node at a lower patched level, the node at a higher patched level became unexpectedly quarantined.
  • Addressed a high Active Directory Federation Services (ADFS) Web Application Proxy (WAP) latency issue (over 10,000ms) that occured while Extranet Smart Lockout (ESL) was enabled on ADFS.
  • Enables activation of insider builds of Windows 10 Enterprise for Virtual Desktops in Microsoft Azure.
  • Addressed an issue in which the Policy Replication Status report in the Group Policy Management Console (GPMC) consistently displayed one less domain controller than was present in the entire domain or a specific Group Policy.
  • Addressed a character limit issue in the “Settings Page Visibility” Group Policy in the following policy path: “User Configuration\Administrative Templates\Control Panel”.

The update shares the known issues MSXML6, CustomURI Schemes, Preboot Execution Environment (PXE), and EUDC. Microsoft lists the following unique issues:

  • For hosts managed by System Center Virtual Machine Manager (SCVMM), SCVMM cannot enumerate and manage logical switches deployed on the host after installing the update.
    • Run mofcomp on Scvmmswitchportsettings.mof and VMMDHCPSvr.mof.Follow the best practices while patching to avoid a stop error in vfpext.sys in an SDN v2 environment (NC managed hosts).
  • Cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.
  • Internet Explorer 11 may have authentication issues.