This update applies to Windows 10 Version 1703
October 10, 2017—KB4041676 (OS Build 15063.674)
This update should apply via Windows Update – If it does not, or you need to install this manually here is the direct download link.
This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:
- Addressed issue where some UWP and Centennial apps show a gray icon and display the error message “This app can’t open” on launch.
- Addressed reliability issue that causes the AppReadiness service to stop working.
- Addressed issue where applications that use the Silverlight map stack stop working.
- Addressed issue where VSync prevents devices from entering Panel Self Refresh mode, which can lead to reduced battery life.
- Addressed issue where user customizations (like pinned tiles) made to an enforced partial Start layout are lost when upgrading to Windows 10 1703.
- Addressed issue where the Universal CRT caused the linker (link.exe) to stop working for large projects.
- Addressed issue that prevents Windows Error Reporting from saving error reports in a temporary folder that is recreated with incorrect permissions. Instead, the temporary folder is inadvertently deleted.
- Addressed issue where the MSMQ performance counter (MSMQ Queue) may not populate queue instances when the server hosts a clustered MSMQ role.
- Addressed issue with the token broker where it was leaking a token that caused sessions to remain allocated after logoff.
- Addressed issue where Personal Identity Verification (PIV) smart card PINs are not cached on a per-application basis. This caused users to see the PIN prompt multiple times in a short time period; normally, the PIN prompt only displays once.
- Addressed issue where using the Cipher.exe /u tool to update Data Recovery Agent (DRA) encryption keys fails unless user certification encryption already exists on the machine.
- Addressed issue where using AppLocker to block a Modern app fails. This issue occurs only with Modern apps that come pre-installed with Windows.
- Addressed issue with form submissions in Internet Explorer.
- Addressed issue with the rendering of a graphics element in Internet Explorer.
- Addressed issue that prevents an element from receiving focus in Internet Explorer.
- Addressed issue with the docking and undocking of Internet Explorer windows.
- Addressed issue caused by a pop-up window in Internet Explorer.
- Addressed issue where a Vendor API deleted data unexpectedly.
- Addressed issue where using the Robocopy utility to copy a SharePoint document library, which is mounted as a drive letter, fails to copy files. However, in this scenario, Robocopy will copy folders successfully.
- Addressed issue where MDM USB restrictions did not disable the USB port as expected.
- Addressed issue where creating an iSCSI session on a new OS installation may result in the “Initiator instance does not exist” error when attempting to connect to a target.
- Addressed issue where connecting to RDS applications published using Azure App Proxy fails. The error message is, “Your computer can’t connect to the Remote Desktop Gateway server. Contact your network administrator for assistance”. The error can occur when the RDP cookie size limit is exceeded. This update increased the size of the RDP cookie limit.
- Addressed issue where USBHUB.SYS randomly causes memory corruption that results in random system crashes that are extremely difficult to diagnose.
- Addressed issue that affects the download of some games from the Windows Store during the pre-order phase. Download fails with the error code 0x80070005, and the device attempts to restart the download from the beginning.
- Addressed issue where the ServerSecurityDescriptor registry value does not migrate when you upgrade to Windows 10 1703. As a result, users might not be able to add a printer using the Citrix Print Manager service. Additionally, they might not be able to print to a client redirected printer, a Citrix universal print driver, or a network printer driver using the Citrix universal print driver.
- Security updates to Microsoft Windows Search Component, Windows kernel-mode drivers, Microsoft Graphics Component, Internet Explorer, Windows kernel, Microsoft Edge, Windows Authentication, Windows TPM, Device Guard, Windows Wireless Networking, Windows Storage and Filesystems, Microsoft Windows DNS, Microsoft Scripting Engine, Windows Server, Windows Subsystem for Linux, Microsoft JET Database Engine, and the Windows SMB Server.
If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.
For more information about the resolved security vulnerabilities, please refer to the Security Update Guide.
If available, disable UCSI in the computer system’s BIOS. This will also disable UCSI features in the Windows operating system.
Microsoft is working on a resolution and will provide an update in an upcoming release.
Microsoft is aware of a publishing issue with the October 10th, 2017 monthly security update for Windows 10 version 1703 (KB4041676) for WSUS\SCCM managed devices where Windows devices may fail to boot after installing this update
Customers that download updates directly from Windows Update (Home and consumer devices) or Windows Update for Business are not impacted.
We have corrected this publishing issue. For users who encountered issues please refer to the following article:
The cumulative security updates have been validated. We recommend all customers take these cumulative security updates.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.