Microsoft has released new updates for Windows 8.1, Windows Server 2012 R2, Windows Embedded 8.1 Industry Enterprise, Windows 10 version 1803, Windows 10 version 1809, Windows Server version 1809, Windows Server 2019, Windows 10 version 1709, Windows 10 version 1607, and Windows Server 2016.

March 17, 2020—KB4541334 (Preview of Monthly Rollup)

Applies to: Windows 8.1, Windows Server 2012 R2, Windows Embedded 8.1 Industry Enterprise

Improvements and fixes

This non-security update includes improvements and fixes that were a part of KB4541509 (released March 10, 2020) and also includes these new quality improvements as a preview of the next Monthly Rollup update:

• Addresses an issue with evaluating the compatibility status of the Windows ecosystem to help ensure application and device compatibility for all updates to Windows. 

March 17, 2020—KB4541334 (Preview of Monthly Rollup)

March 17, 2020—KB4541333 (OS Build 17134.1399)

Applies to: Windows 10, version 1803, all editions

Highlights

• Updates an issue that causes an error when printing to a document share. 
• Updates an issue that causes a stop error when Windows resumes from Sleep and turns on certain Bluetooth headsets. 
• Improves application and device compatibility with Windows updates.

Improvements and fixes

This non-security update includes quality improvements. Key changes include:

• Addresses an issue that causes an error when printing to a document repository. 
• Addresses an issue that causes a KERNEL_SECURITY_CHECK_FAILURE (139) stop error when Windows resumes from Sleep and turns on certain Bluetooth headsets. 
• Addresses an issue that might cause a delay of up to two minutes when signing in or unlocking a session on Hybrid Azure Active Directory-joined machines. 
• Addresses an issue that causes authentication in an Azure Active Directory environment to fail and no error appears. 
• Addresses an issue that prevents machines that have enabled Credential Guard from joining a domain. The error message is "The server's clock is not synchronized with the primary domain controller's clock." 
• Addresses an issue with evaluating the compatibility status of the Windows ecosystem to help ensure application and device compatibility for all updates to Windows.
• Addresses an issue that prevents Microsoft User Experience Virtualization (UE-V) settings from roaming to enable the signature files that are used for new messages, forwarded messages, and replies.
• Addresses an issue that prevents some machines from automatically going into Sleep mode under certain circumstances because of Microsoft Defender Advanced Threat Protection (ATP) Auto Incident Response (IR).
• Addresses an issue that prevents some machines from running Microsoft Defender ATP Threat & Vulnerability Management successfully.
• Improves support for non-ASCII file paths for Microsoft Defender ATP Auto IR.

March 17, 2020—KB4541333 (OS Build 17134.1399)

March 17, 2020—KB4541331 (OS Build 17763.1131)

Applies to: Windows 10, version 1809, all editions, Windows Server version 1809, Windows Server 2019, all editions

Highlights

• Updates an issue that causes an error when printing to a document share. 
• Updates an issue that prevents the touch keyboard from appearing during sign in when the user is prompted for the password. 
• Updates an issue that causes calendar dates to appear on the wrong day of the week in the clock and date region of the notification area when you select the Samoa time zone. 
• Improves application and device compatibility with Windows updates.

Improvements and fixes

This non-security update includes quality improvements. Key changes include:

• Addresses an issue that causes an error when printing to a document repository. 
• Addresses a drawing issue with the Microsoft Foundation Class (MFC) toolbar that occurs when dragging in a multi-monitor environment. 
• Addresses an issue that prevents the touch keyboard from appearing during sign in when the user is prompted for the password. 
• Addresses an issue that causes new child windows to flicker and appear as white squares on server devices that are configured for stark visual contrast. 
• Addresses an issue that displays incorrect folder properties in File Explorer when the path is longer than MAX_PATH. 
• Addresses an issue that causes calendar dates to appear on the wrong day of the week in the clock and date region of the notification area when you select the Samoa time zone. 
• Addresses an issue with reading logs using the OpenEventLogA() function. 
• Addresses an issue that prevents machines that have enabled Credential Guard from joining a domain. The error message is "The server's clock is not synchronized with the primary domain controller's clock." 
• Addresses an issue that might cause a delay of up to two minutes when signing in or unlocking a session on Hybrid Azure Active Directory-joined machines. 
• Addresses an issue that causes authentication to fail when using Azure Active Directory and the user’s security identifier (SID) has changed. 
• Addresses an issue that might cause domain controllers (DC) to register a lowercase and a mixed or all uppercase Domain Name System (DNS) service (SRV) record in the _MSDCS. DNS zone. This occurs when DC computer names contain one or more uppercase characters. 
• Addresses an issue that causes authentication in an Azure Active Directory environment to fail and no error appears. 
• Addresses an issue that causes high CPU utilization when retrieving a session object. 
• Addresses high latency in Active Directory Federation Services (AD FS) response times for globally distributed datacenters in which SQL might be on a remote datacenter. 
• Improves the performance for all token requests coming to AD FS, including OAuth, Security Assertion Markup Language (SAML), WS-Federation, and WS-Trust. 
• Addresses a high latency issue in acquiring OAuth tokens when AD FS front-end servers and back-end SQL servers are in different datacenters. 
• Restores the constructed attribute in Active Directory and Active Directory Lightweight Directory Services (AD LDS) for msDS-parentdistname. 
• Addresses an issue to prevent SAML errors and the loss of access to third-party apps for users who do not have multi-factor authentication (MFA) enabled. 
• Addresses an issue with evaluating the compatibility status of the Windows ecosystem to help ensure application and device compatibility for all updates to Windows.
• Addresses an issue that prevents Microsoft User Experience Virtualization (UE-V) settings from roaming to enable the signature files that are used for new messages, forwarded messages, and replies.
• Addresses an issue with high CPU usage on AD FS servers that occurs when the backgroundCacheRefreshEnabled feature is enabled.  
• Addresses an issue that creates the Storage Replica administrator group with the incorrect SAM-Account-Type and Group-Type. This makes the Storage Replica administrator group unusable when moving the primary domain controller (PDC) emulator.
• Addresses an issue that prevents some machines from automatically going into Sleep mode under certain circumstances because of Microsoft Defender Advanced Threat Protection (ATP) Auto Incident Response (IR).
• Addresses an issue that prevents some machines from running Microsoft Defender ATP Threat & Vulnerability Management successfully.
• Improves support for non-ASCII file paths for Microsoft Defender ATP Auto IR.
• Addresses an issue that, in some scenarios, causes stop error 0xEF while upgrading to Windows 10, version 1809.
• Improves the performance of the Resilient File System (ReFS) in scenarios that involve many operations on ReFS-cloned files.

March 17, 2020—KB4541331 (OS Build 17763.1131)

March 17, 2020—KB4541330 (OS Build 16299.1775)

Applies to: Windows 10, version 1709, all editions

Highlights

• Improves application and device compatibility with Windows updates.

Improvements and fixes

This non-security update includes quality improvements. Key changes include:

• Addresses an issue that causes File Explorer to close unexpectedly when using roaming profiles between different versions of Windows 10. 
• Addresses an issue that might cause a delay of up to two minutes when signing in or unlocking a session on Hybrid Azure Active Directory-joined machines. 
• Addresses an issue that prevents machines that have enabled Credential Guard from joining a domain. The error message is "The server's clock is not synchronized with the primary domain controller's clock." 
• Addresses an issue with evaluating the compatibility status of the Windows ecosystem to help ensure application and device compatibility for all updates to Windows.
• Addresses an issue that prevents Microsoft User Experience Virtualization (UE-V) settings from roaming to enable the signature files that are used for new messages, forwarded messages, and replies.
• Addresses an issue that prevents some machines from running Microsoft Defender ATP Threat & Vulnerability Management successfully.

March 17, 2020—KB4541330 (OS Build 16299.1775)

March 17, 2020—KB4541329 (OS Build 14393.3595)

Applies to: Windows 10, version 1607, all editions, Windows Server 2016

Highlights

• Improves application and device compatibility with Windows updates.

Improvements and fixes

This non-security update includes quality improvements. Key changes include:

• Addresses an issue that might cause domain controllers (DC) to register a lowercase and a mixed or all uppercase Domain Name System (DNS) service (SRV) record in the _MSDCS. DNS zone. This occurs when DC computer names contain one or more uppercase characters. 
• Addresses an issue that prevents machines that have enabled Credential Guard from joining a domain. The error message is "The server's clock is not synchronized with the primary domain controller's clock." 
• Addresses an issue with running an application in RemoteApp that might cause the application window to flicker and DWM.exe might stop working on the session host. 
• Addresses an issue with evaluating the compatibility status of the Windows ecosystem to help ensure application and device compatibility for all updates to Windows.
• Addresses an issue that prevents Microsoft User Experience Virtualization (UE-V) settings from roaming to enable the signature files that are used for new messages, forwarded messages, and replies.
• Addresses an issue with high CPU usage on Active Directory Federation Services (AD FS) servers that occurs when the backgroundCacheRefreshEnabled feature is enabled.  

March 17, 2020—KB4541329 (OS Build 14393.3595)