Archive for the ‘NOC Services’ Category

Flexis June 2020 Patch Review And Recommendations

  • KB4561608 – 2020-06 Cumulative Update for Windows Server 2019 for x64-based Systems
  • KB4561616 – 2020-06 Cumulative Update for Windows Server 2016 for x64-based Systems
  • KB4562561 – 2020-06 Servicing Stack Update for Windows Server 2016 for x64-based Systems
  • KB4561666 – 2020-06 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems

Impacted Products:

  • Microsoft Windows
  • Microsoft Edge (EdgeHTML-based)
  • Microsoft Edge (Chromium-based) in IE Mode
  • Internet Explorer
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Windows Defender
  • Microsoft Dynamics
  • Visual Studio
  • Azure DevOps
  • Adobe Flash Player
  • Microsoft Apps for Android
  • Windows App Store
  • System Center
  • Android App

 

Please note the following information regarding the security updates:

 

  • For information regarding enabling Windows 10, version 1909 features, please see Windows 10, version 1909 delivery options. Note that Windows 10, versions 1903 and 1909 share a common core operating system with an identical set of system files. They will also share the same security update KBs.
  • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
  • For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
  • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  • Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
  • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
  • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

Microsoft Security Advisories:

  • ADV200010 | June 2020 Adobe Flash Security Update

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200010

 

Known Issues:

 KB4560960 Applies to: Windows 10 version 1903 all editions; Windows Server version 1903; Windows 10 version 1909 all editions; Windows Server version 1909

https://support.microsoft.com/en-us/help/4560960/windows-10-update-kb4560960

 Symptoms:

After installing this update on a Windows 10 device with a wireless wide area network (WWAN) LTE modem, reaching the internet might not be possible. However, the Network Connectivity Status Indicator (NCSI) in the notification area might still indicate that you are connected to the internet.

 

Workaround:

 Microsoft is working on a resolution and will provide an update in an upcoming release.

 

 KB4561608 Applies to: Windows 10 version 1809 all editions; Windows Server version 1809; Windows Server 2019 all editions

https://support.microsoft.com/en-us/help/4561608/windows-10-update-kb4561608

Symptoms:

After installing KB4493509, devices with some Asian language packs installed may receive the error, “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.”

 

Workaround:

  1.  Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10.
  2. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10.

 

Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows:

  1. Go to the Settings app > Recovery.
  2. Select Get Started under the Reset this PC recovery option.
  3. Select Keep my Files.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

 KB4561616 Applies to: Windows 10 version 1607 all editions; Windows Server 2016

https://support.microsoft.com/en-us/help/4561616/windows-10-update-kb4561616

 Symptoms:

After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.

 

Workaround:

 Set the domain default “Minimum Password Length” policy to less than or equal to 14 characters.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

 KB4561643 Applies to: Windows 7 Service Pack 1; Windows Server 2008 R2 Service Pack 1; Windows Embedded Standard 7 Service Pack 1; Windows Embedded POSReady 7; Windows Thin PC

 https://support.microsoft.com/en-us/help/4561643/windows-7-update-kb4561643

 Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

 This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get this update” section of this article.

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4561645 Applies to: Windows Server 2008 Service Pack 2

 https://support.microsoft.com/en-us/help/4561645/windows-server-2008-update-kb4561645

Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

 This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get this update” section of this article.

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

 KB4561669 Applies to: Windows 7 Service Pack 1; Windows Server 2008 R2 Service Pack 1; Windows Embedded Standard 7 Service Pack 1; Windows Embedded POSReady 7; Windows Thin PC

 https://support.microsoft.com/en-us/help/4561669/windows-7-update-kb4561669

 Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get and install this update” section of this article.

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4561670 Applies to: Windows Server 2008 Service Pack 2

 https://support.microsoft.com/en-us/help/4561670/windows-server-2008-update-kb4561670

 Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get and install this update” section of this article.

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

Flexis May 2020 Patch Review And Recommendations

  • KB4551853 – 2020-05 Cumulative Update for Windows Server 2019 for x64-based Systems
  • KB4556813 – 2020-05 Cumulative Update for Windows Server 2016 for x64-based Systems
  • KB4556840 – 2020-05 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems
  • KB4556846 – 2020-05 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems

 Impacted Products:

  • Microsoft Windows
  • Microsoft Edge (EdgeHTML-based)
  • Microsoft Edge (Chromium-based)
  • Internet Explorer
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Windows Defender
  • Visual Studio
  • Microsoft Dynamics
  • .NET Framework
  • .NET Core

 

Please note the following information regarding the security updates:

 

  • For information regarding enabling Windows 10, version 1909 features, please see Windows 10, version 1909 delivery options. Note that Windows 10, versions 1903 and 1909 share a common core operating system with an identical set of system files. They will also share the same security update KBs.
  • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
  • For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
  • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  • Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
  • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
  • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

 

Known Issues:

 KB4551853 Applies to: Windows 10 version 1809 all editions; Windows Server version 1809; Windows Server 2019 all editions

https://support.microsoft.com/en-us/help/4551853/windows-10-update-kb4551853

Symptoms:

After installing KB4493509, devices with some Asian language packs installed may receive the error, “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.”

 

Workaround:

  1. Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10.
  2. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10.

 

Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows:

  1. Go to the Settings app > Recovery.
  2. Select Get Started under the Reset this PC recovery option.
  3. Select Keep my Files.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4556813 Applies to: Windows 10 version 1607 all editions; Windows Server 2016

https://support.microsoft.com/en-us/help/4556813/windows-10-update-kb4556813

Symptoms:

After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.

 

Workaround:

Set the domain default “Minimum Password Length” policy to less than or equal to 14 characters.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4556836 Applies to: Windows 7 Service Pack 1; Windows Server 2008 R2 Service Pack 1; Windows Embedded Standard 7 Service Pack 1; Windows Embedded POSReady 7; Windows Thin PC

https://support.microsoft.com/en-us/help/4556836/windows-7-update-kb4556836

Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

 

Workaround:

This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get this update” section of this article.

 

KB4556843 Applies to: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1; Windows Embedded Standard 7 Service Pack 1; Windows Embedded POSReady 7; Windows Thin PC

https://support.microsoft.com/en-us/help/4556843/windows-7-update-kb4556843

Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

 

Workaround:

This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get this update” section of this article.

 

KB4556854 Applies to: Windows Server 2008 Service Pack 2

https://support.microsoft.com/en-us/help/4556854/windows-server-2008-update-kb4556854

Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

 

Workaround:

This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get this update” section of this article.

 

KB4556860 Applies to: Windows Server 2008 Service Pack 2

https://support.microsoft.com/en-us/help/4556860/windows-server-2008-update-kb4556860

Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

 

Workaround:

This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get and install this update” section of this article.

 

 

Flexis April 2020 Patch Review And Recommendations

  • KB4549949 – 2020-04 Cumulative Update for Windows Server 2019 for x64-based Systems
  • KB4550929 – 2020-04 Cumulative Update for Windows Server 2016 for x64-based Systems
  • KB4550917 – 2020-04 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems
  • KB4550961 – 2020-04 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems

Impacted Products:

  • Microsoft Windows
  • Microsoft Edge (EdgeHTML-based)
  • Microsoft Edge (Chromium-based)
  • Internet Explorer
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Windows Defender
  • Visual Studio
  • Microsoft Dynamics
  • Microsoft Apps for Android
  • Microsoft Apps for Mac

 

Please note the following information regarding the security updates:

 

  • For information regarding enabling Windows 10, version 1909 features, please see Windows 10, version 1909 delivery options. Note that Windows 10, versions 1903 and 1909 share a common core operating system with an identical set of system files. They will also share the same security update KBs.
  • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
  • For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
  • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  • Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
  • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
  • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

 

Known Issues:

 KB4549949 Applies to: Windows 10 version 1809 all editions; Windows Server version 1809; Windows Server 2019 all editions

 https://support.microsoft.com/en-us/help/4549949/windows-10-update-kb4549949

 Symptoms:

After installing KB4493509, devices with some Asian language packs installed may receive the error, “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.”

 

Workaround:

  1.  Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10.
  2. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10.

 

Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows:

  1. Go to the Settings app > Recovery.
  2. Select Get Started under the Reset this PC recovery option.
  3. Select Keep my Files.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4550905 Applies to: Internet Explorer 11 on Windows Server 2012 R2; Internet Explorer 11 on Windows Server 2012; Internet Explorer 11 on Windows Server 2008 R2 SP1; Internet Explorer 11 on Windows 8.1 Update; Internet Explorer 11 on Windows 7 SP1; Internet Explorer 9 on Windows Server 2008 SP2

https://support.microsoft.com/en-us/help/4550905/cumulative-security-update-for-internet-explorer

Symptoms:

After you install this update on Windows 7 SP1, Windows Server 2008 R2 SP1, or Windows Server 2008 SP2 and then restart your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer” and the update might show as Failed in Update History.

 

Workaround:

This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get and install this update” section.

 

KB4550917 Applies to: Windows Server 2012Windows Embedded 8 Standard

https://support.microsoft.com/en-us/help/4550917/windows-server-2012-update-kb4550917

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Devices on a domain might be unable to install apps published using a Group Policy Object (GPO). This issue only affects app installations that use .msi files. It does not affect any other installation methods, such as from the Microsoft Store.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

To mitigate this issue, manually install the app on the device.

 

KB4550929 Applies to: Windows 10, version 1607 all editions; Windows Server 2016

https://support.microsoft.com/en-us/help/4550929/windows-10-update-kb4550929

Symptoms:

After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.

 

Workaround:

Set the domain default “Minimum Password Length” policy to less than or equal to 14 characters.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4550951 Applies to: Windows Server 2008 Service Pack 2

https://support.microsoft.com/en-us/help/4550951/windows-server-2008-update-kb4550951

Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer” and the update might show as Failed in Update History.

Devices on a domain might be unable to install apps published using a Group Policy Object (GPO). This issue only affects app installations that use .msi files. It does not affect any other installation methods, such as from the Microsoft Store.

 

Workaround:

This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get and install this update” section of this article.

 

To mitigate this issue, manually install the app on the device.

 

KB4550957 Applies to: Windows Server 2008 Service Pack 2

https://support.microsoft.com/en-us/help/4550957/windows-server-2008-update-kb4550957

Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

 

Workaround:

This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get and install this update” section of this article.

 

KB4550961 Applies to: Windows 8.1, Windows Server 2012 R2; Windows Embedded 8.1 Industry Enterprise; Windows Embedded 8.1 Industry Pro

https://support.microsoft.com/en-us/help/4550961/windows-8-1-kb4550961

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

Devices on a domain might be unable to install apps published using a Group Policy Object (GPO). This issue only affects app installations that use .msi files. It does not affect any other installation methods, such as from the Microsoft Store.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

To mitigate this issue, manually install the app on the device.

 

KB4550964 Applies to: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1; Windows Embedded Standard 7 Service Pack 1; Windows Embedded POSReady 7; Windows Thin PC

https://support.microsoft.com/en-us/help/4550964/windows-7-update-kb4550964

Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

 

Devices on a domain might be unable to install apps published using a Group Policy Object (GPO). This issue only affects app installations that use .msi files. It does not affect any other installation methods, such as from the Microsoft Store.

 

Workaround:

This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get and install this update” section of this article.

 

To mitigate this issue, manually install the app on the device.

 

KB4550965 Applies to: Windows 7 Service Pack 1; Windows Server 2008 R2 Service Pack 1; Windows Embedded Standard 7 Service Pack 1; Windows Embedded POS Ready 7; Windows Thin PC

https://support.microsoft.com/en-us/help/4550965/windows-7-update-kb4550965

Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

 

Workaround:

This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get and install this update” section of this article.

KB4550970 Applies to: Windows 8.1, Windows Server 2012 R2; Windows Embedded 8.1 Industry Enterprise; Windows Embedded 8.1 Industry Pro

https://support.microsoft.com/en-us/help/4550970/windows-8-1-kb4550970

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4550971 Applies to: Windows Server 2012; Windows Embedded 8 Standard

https://support.microsoft.com/en-us/help/4550971/windows-server-2012-update-kb4550971

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

Flexis March 2020 Patch Review And Recommendations

  • KB4538461 – 2020-03 Cumulative Update for Windows Server 2019 for x64-based Systems
  • KB4540670 – 2020-03 Cumulative Update for Windows Server 2016 for x64-based Systems
  • KB4541510 – 2020-03 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems
  • KB4541509 – 2020-03 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems 

Impacted Products:

  • Microsoft Windows
  • Microsoft Edge (EdgeHTML-based)
  • Microsoft Edge (Chromium-based)
  • Internet Explorer
  • Microsoft Exchange Server
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Azure DevOps
  • Windows Defender
  • Visual Studio
  • Azure
  • Microsoft Dynamics

 

Please note the following information regarding the security updates:

 

  • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
  • Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
  • For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
  • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
  • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

 

Known Issues:

KB4538032 Applies to: Visual Studio 2015 Update 3

https://support.microsoft.com/en-us/help/4538032/march-10-2020-security-update-for-microsoft-visual-studio-2015

Symptoms:

Visual Studio 2015 customers may experience issues that affect the offering of this update through Microsoft Update. In some cases, this update is offered to products for which the update was not intended or needed, such as Visual Studio Isolated and Integrated Shells.

 

Workaround:

On August 5, 2019, a detection revision was made to address issues that affect the Microsoft Update offering for this update. Customers who observed unexpected issues in the offering of this update can rescan Microsoft Update for the latest content within their Windows Server Update Services (WSUS) and update management environments. Customers who rely on the Wsusscan2.cab file will receive this revision as part of the August 2019 broad Windows Update releases.

 

KB4538461 Applies to: Windows 10 version 1809, Windows Server version 1809; Windows Server 2019 all versions

https://support.microsoft.com/en-us/help/4538461/windows-10-update-kb4538461

Symptoms:

After installing KB4493509, devices with some Asian language packs installed may receive the error, “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.”

When using Windows Server containers with the March 10, 2020 updates, you might encounter issues with 32-bit applications and processes.

 

Workaround:

  1. Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10.
  2. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10.

 

Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows:

  1. Go to the Settings app > Recovery.
  2. Select Get Started under the Reset this PC recovery option.
  3. Select Keep my Files.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4540123 Applies to: Exchange Server 2019; Exchange Server 2016

https://support.microsoft.com/en-us/help/4540123/security-update-for-exchange-server-2019-and-2016

Symptoms:

When you try to manually install this security update by double-clicking the update file (.msp) to run it in Normal mode (that is, not as an administrator), some files are not correctly updated.

When this issue occurs, you don’t receive an error message or any indication that the security update was not correctly installed. However, Outlook Web Access (OWA) and the Exchange Control Panel (ECP) may stop working.

This issue occurs on servers that are using user account control (UAC). The issue occurs because the security update doesn’t correctly stop certain Exchange-related services.

Exchange services may remain in a disabled state after you install this security update. This condition does not indicate that the update is not installed correctly. This condition may occur if the service control scripts experience a problem when they try to return Exchange services to their usual state.

 

Workaround:

To avoid this issue, follow these steps to manually install this security update:

  1. Select Start, and type cmd.
  2. In the results, right-click Command Prompt, and then select Run as administrator.
  3. If the User Account Control dialog box appears, verify that the default action is the action that you want, and then select Continue.
  4. Type the full path of the .msp file, and then press Enter.

This issue does not occur when you install the update through Microsoft Update.

 

To fix this issue, use Services Manager to restore the startup type to Automatic, and then start the affected Exchange services manually. To avoid this issue, run the security update at an elevated command prompt. For more information about how to open an elevated Command Prompt window, see Start a Command Prompt as an Administrator.

 

KB4540670 Applies to: Windows 10 version 1607, Windows Server 2016

https://support.microsoft.com/en-us/help/4540670/windows-10-update-kb4540670

Symptoms:

After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.

When using Windows Server containers with the March 10, 2020 updates, you might encounter issues with 32-bit applications and processes.

 

Workaround:

Set the domain default “Minimum Password Length” policy to less than or equal to 14 characters.

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4540671 Applies to: Internet Explorer 11 on Windows Server 2012 R2; Internet Explorer 11 on Windows Server 2012; Internet Explorer 11 on Windows Server 2008 R2 SP1; Internet Explorer 11 on Windows 8.1 Update; Internet Explorer 11 on Windows 7 SP1; Internet Explorer 9 on Windows Server 2008 SP2

https://support.microsoft.com/en-us/help/4540671/cumulative-security-update-for-internet-explorer

Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer” and the update might show as Failed in Update History.

 

Workaround:

This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get and install this update” section.

 

KB4540688 Applies to: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Embedded Standard 7 Service Pack 1, Windows Embedded POSReady 7, Windows Thin PC

https://support.microsoft.com/en-us/help/4540688/windows-7-update-kb4540688

Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

 

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get and install this update” section.

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4540694 Applies to: Windows Server 2012; Windows Embedded 8 Standard

https://support.microsoft.com/en-us/help/4540694/windows-server-2012-update-kb4540694

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4541500 Applies to: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Embedded Standard 7 Service Pack 1, Windows Embedded POS Ready 7, Windows Thin PC

https://support.microsoft.com/en-us/help/4541500/windows-7-update-kb4541500

Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get and install this update” section.

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4541504 Applies to: Windows Server 2008 Service Pack 2

https://support.microsoft.com/en-us/help/4541504/windows-server-2008-update-kb4541504

Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get and install this update” section.

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4541505 Applies to: Windows 8.1; Windows Server 2012 R2; Windows Embedded 8.1 Industry Enterprise; Windows Embedded 8.1 Industry Pro

https://support.microsoft.com/en-us/help/4541505/windows-8-1-kb4541505

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4541506 Applies to: Windows Server 2008 Service Pack 2

https://support.microsoft.com/en-us/help/4541506/windows-server-2008-update-kb4541506

Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get this update” section of this article.

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

KB4541509 Applies to: Windows 8.1; Windows Server 2012 R2; Windows Embedded 8.1 Industry Enterprise; Windows Embedded 8.1 Industry Pro

https://support.microsoft.com/en-us/help/4541509/windows-8-1-kb4541509

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4541510 Applies to: Windows Server 2012; Windows Embedded 8 Standard

https://support.microsoft.com/en-us/help/4541510/windows-server-2012-update-kb4541510

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

KB4551762 Applies to: Windows 10 version 1903; Windows Server version 1903; Windows 10 version 1909; Windows Server version 1909

https://support.microsoft.com/en-us/help/4551762/windows-10-update-kb4551762

Symptoms:

When using Windows Server containers with the March 10, 2020 updates, you might encounter issues with 32-bit applications and processes.

 

Workaround:

For important guidance on updating Windows containers, please see Windows container version compatibility.

 

 

Flexis February 2020 Patch Review And Recommendations

  • KB4532691 – 2020-02 Cumulative Update for Windows Server 2019 for x64-based Systems
  • KB4537764 – 2020-02 Cumulative Update for Windows Server 2016 for x64-based Systems
  • KB4537814 – 2020-02 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems
  • KB4537821 – 2020-02 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems
  • KB4502496 – 2020-02 Security Update for Windows Server 2012 R2 for x64-based Systems
  • KB4538124 – 2020-02 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Server 2012 R2 for x64

Impacted Products:

  • Microsoft Windows
  • Microsoft Edge (EdgeHTML-based)
  • Microsoft Edge (Chromium-based)
  • Internet Explorer
  • Microsoft Exchange Server
  • Microsoft SQL Server
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Windows Malicious Software Removal Tool
  • Microsoft Surface Hub

 

Please note the following information regarding the security updates:

  • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
  • Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
  • For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
  • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
  • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

Microsoft Security Advisories:

  • ADV200003 | February 2020 Adobe Flash Security Update

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200003

 

Known Issues:

KB4532691 Applies to: Windows 10 version 1809; Windows Server version 1809; Windows Server 2019 all versions

https://support.microsoft.com/en-us/help/4532691/windows-10-update-kb4532691

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

After installing KB4493509, devices with some Asian language packs installed may receive the error, “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.”

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

  1. Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10.
  2. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10.

 

Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows:

  1. Go to the Settings app > Recovery.
  2. Select Get Started under the Reset this PC recovery option.
  3. Select Keep my Files.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4536987 Applies to: Exchange Server 2016; Exchange Server 2019

https://support.microsoft.com/en-us/help/4536987/security-update-for-exchange-server-2019-and-2016

Symptoms:

When you try to manually install this security update by double-clicking the update file (.msp) to run it in Normal mode (that is, not as an administrator), some files are not correctly updated.

When this issue occurs, you don’t receive an error message or any indication that the security update was not correctly installed. However, Outlook Web Access (OWA) and the Exchange Control Panel (ECP) may stop working.

 

This issue occurs on servers that are using user account control (UAC). The issue occurs because the security update doesn’t correctly stop certain Exchange-related services.

 

Exchange services may remain in a disabled state after you install this security update. This condition does not indicate that the update is not installed correctly. This condition may occur if the service control scripts experience a problem when they try to return Exchange services to their usual state.

 

Workaround:

To avoid this issue, follow these steps to manually install this security update:

  1. Select Start, and type cmd.
  2. In the results, right-click Command Prompt, and then select Run as administrator.
  3. If the User Account Control dialog box appears, verify that the default action is the action that you want, and then select Continue.
  4. Type the full path of the .msp file, and then press Enter.

 

This issue does not occur when you install the update through Microsoft Update.

 

To fix this issue, use Services Manager to restore the startup type to Automatic, and then start the affected Exchange services manually. To avoid this issue, run the security update at an elevated command prompt. For more information about how to open an elevated Command Prompt window, see Start a Command Prompt as an Administrator.

 

KB4536988 Applies to: Exchange Server 2013

https://support.microsoft.com/en-us/help/4536988/description-of-the-security-update-for-microsoft-exchange-server-2013

Symptoms:

When you try to manually install this security update by double-clicking the update file (.msp) to run it in Normal mode (that is, not as an administrator), some files are not correctly updated.

 

When this issue occurs, you don’t receive an error message or any indication that the security update was not correctly installed. However, Outlook Web Access (OWA) and the Exchange Control Panel (ECP) may stop working.

 

This issue occurs on servers that are using user account control (UAC). The issue occurs because the security update doesn’t correctly stop certain Exchange-related services.

 

Exchange services may remain in a disabled state after you install this security update. This condition does not indicate that the update is not installed correctly. This condition may occur if the service control scripts experience a problem when they try to return Exchange services to their usual state.

 

Workaround:

To avoid this issue, follow these steps to manually install this security update:

  1. Select Start, and type cmd.
  2. In the results, right-click Command Prompt, and then select Run as administrator.
  3. If the User Account Control dialog box appears, verify that the default action is the action that you want, and then select Continue.
  4. Type the full path of the .msp file, and then press Enter.

 

This issue does not occur when you install the update through Microsoft Update.

 

To fix this issue, use Services Manager to restore the startup type to Automatic, and then start the affected Exchange services manually. To avoid this issue, run the security update at an elevated command prompt. For more information about how to open an elevated Command Prompt window, see Start a Command Prompt as an Administrator.

 

KB4536989 Applies to: Exchange Server 2010 Service Pack 3

https://support.microsoft.com/en-us/help/4536989/security-update-for-exchange-server-2010

Symptoms:

When you try to manually install this security update by double-clicking the update file (.msp) to run it in “Normal mode” (that is, not as an administrator), some files are not correctly updated.

 

When this issue occurs, you don’t receive an error message or any indication that the security update was not correctly installed. However, Outlook Web Access (OWA) and the Exchange Control Panel (ECP) may stop working. This issue occurs on servers that are using user account control (UAC). The issue occurs because the security update doesn’t correctly stop certain Exchange-related services.

 

Exchange services may remain in a disabled state after you install this security update. This condition does not indicate that the update is not installed correctly. This condition may occur if the service control scripts experience a problem when they try to return Exchange services to its usual state. To fix this issue, use Services Manager to restore the startup type to Automatic, and then start the affected Exchange services manually.

 

Workaround:

To avoid this issue, follow these steps to manually install this security update:

  1. Select Start, and type cmd.
  2. In the results, right-click Command Prompt, and then select Run as administrator.
  3. If the User Account Control dialog box appears, verify that the default action is the action that you want, and then select Continue.
  4. Type the full path of the .msp file, and then press Enter.

 

This issue does not occur when you install the update through Microsoft Update.

 

To avoid this issue, run the security update at an elevated command prompt. For more information about how to open an elevated Command Prompt window, see Start a Command Prompt as an Administrator.

 

KB4537762 Applies to: Windows 10 version 1803

https://support.microsoft.com/en-us/help/4537762/windows-10-update-kb4537762

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4537764 Applies to: Windows 10 version 1607; Windows Server 2016

https://support.microsoft.com/en-us/help/4537764/windows-10-update-kb4537764

Symptoms:

After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Set the domain default “Minimum Password Length” policy to less than or equal to 14 characters.

 

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4537776 Applies to: Windows 10

https://support.microsoft.com/en-us/help/4537776/windows-10-update-kb4537776

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4537789 Applies to: Windows 10 version 1709

https://support.microsoft.com/en-us/help/4537789/windows-10-update-kb4537789

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

KB4537794 Applies to: Windows Server 2012, Windows Embedded 8 Standard

https://support.microsoft.com/en-us/help/4537794/windows-server-2012-update-kb4537794

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4537803 Applies to: Windows 8.1; Windows Server 2012 R2; Windows Embedded 8.1 Industry Enterprise; Windows Embedded 8.1 Industry Pro

https://support.microsoft.com/en-us/help/4537803/windows-8-1-kb4537803

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4537813 Applies to: Windows 7 Service Pack 1; Windows Server 2008 R2 Service Pack 1; Windows Embedded Standard 7 Service Pack 1; Windows Embedded POSReady 7; Windows Thin PC

https://support.microsoft.com/en-us/help/4537813/windows-7-update-kb4537813

Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer”, and the update might show as Failed in Update History.

 

Workaround:

This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get this update” section of this article.

KB4537814 Applies to: Windows Server 2012; Windows Embedded 8 Standard

https://support.microsoft.com/en-us/help/4537814/windows-server-2012-update-kb4537814

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4537821 Applies to: Windows 8.1; Windows Server 2012 R2; Windows Embedded 8.1 Industry Enterprise; Windows Embedded 8.1 Industry Pro

https://support.microsoft.com/en-us/help/4537821/windows-8-1-kb4537821

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

 

 

Flexis January 2020 Patch Review And Recommendations

  • KB4534271 – 2020-01 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4534271)
  • KB4534283 – 2020-01 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB4534283)
  • KB4532920 – 2019-12 Servicing Stack Update for Windows Server 2012 for x64-based Systems (KB4532920)
  • KB4534297 – 2020-01 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB4534297)
  • KB4534310 – 2020-01 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4534310)

Impacted Products:

  • Microsoft Windows
  • Internet Explorer
  • Microsoft Office and Microsoft Office Services and Web Apps
  • NET Core
  • .Net Framework
  • Microsoft Dynamics

 

Please note the following information regarding the security updates:

  • For information regarding enabling Windows 10, version 1909 features, please see Windows 10, version 1909 delivery options. Note that Windows 10, versions 1903 and 1909 share a common core operating system with an identical set of system files. They will also share the same security update KBs.
  • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
  • For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
  • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  • Starting in May 2019, Internet Explorer 11 is available on Windows Server 2012. This configuration is only present in only the IE Cumulative package.
  • Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
  • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
  • Note: Support for Windows 7, Windows Server 2008 R2, and Windows Server 2008 ends January 14, 2020. For more information please see Lifecycle FAQ-Extended Security Updates.

 

Known Issues:

 

KB4534271 Applies to: Windows 10 version 1607; Windows Server 2016

 https://support.microsoft.com/en-us/help/4534271/windows-10-update-kb4534271

 Symptoms:

After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.

 

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

 Set the domain default “Minimum Password Length” policy to less than or equal to 14 characters.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4534273 Applies to: Windows 10 version 1809; Windows Server version 1809; Windows Server 2019 all versions

https://support.microsoft.com/en-us/help/4534273/windows-10-update-kb4534273

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

After installing KB4493509, devices with some Asian language packs installed may receive the error, “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.”

When setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.

 

Note This issue does not affect using a Microsoft Account during OOBE.

 

Workaround:

 Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

  1. Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10.
  2. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10.

 

Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows:

  1. Go to the Settings app > Recovery.
  2. Select Get Started under the Reset this PC recovery option.
  3. Select Keep my Files.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using these instructions. If you prefer to create a new local user, see KB4026923.

 

KB4534276 Applies to: Windows 10 version 1709

 https://support.microsoft.com/en-us/help/4534276/windows-10-update-kb4534276

 Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

When setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.

 

Note This issue does not affect using a Microsoft Account during OOBE.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using these instructions. If you prefer to create a new local user, see KB4026923.

 

KB4534283 Applies to: Windows Server 2012; Windows Embedded 8 Standard

 https://support.microsoft.com/en-us/help/4534283/windows-server-2012-update-kb4534283

 Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

 Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4534288 Applies to: Windows Server 2012; Windows Embedded 8 Standard

 https://support.microsoft.com/en-us/help/4534288/windows-server-2012-update-kb4534288

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4534293 Applies to: Windows 10 version 1803

 https://support.microsoft.com/en-us/help/4534293/windows-10-update-kb4534293

 Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

When setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.

 

Note: This issue does not affect using a Microsoft Account during OOBE.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using these instructions. If you prefer to create a new local user, see KB4026923.

 

KB4534297 Applies to: Windows 8.1, Windows Server 2012 R2; Windows Embedded 8.1 Industry Enterprise; Windows Embedded 8.1 Industry Pro

 https://support.microsoft.com/en-us/help/4534297/windows-8-1-kb4534297

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4534306 Applies to: Windows 10

 https://support.microsoft.com/en-us/help/4534306/windows-10-update-kb4534306

 Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4534309 Applies to: Windows 8.1; Windows Server 2012 R2; Windows Embedded 8.1 Industry Enterprise; Windows Embedded 8.1 Industry Pro

 https://support.microsoft.com/en-us/help/4534309/windows-8-1-kb4534309

 Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

 

Flexis December 2019 Patch Review And Recommendations

KB4530715 – 2019-12 Cumulative Update for Windows Server 2019 for x64-based Systems

  • KB4530689 – 2019-12 Cumulative Update for Windows Server 2016 for x64-based Systems
  • KB4530717 – 2019-12 Cumulative Update for Windows Server 2016 (1803) for x64-based Systems
  • KB4530691 – 2019-12 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems
  • KB4530702 – 2019-12 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems
  • KB4530695 – 2019-12 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems
  • KB4530734 – 2019-12 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems

Impacted Products:

  • Microsoft Windows
  • Internet Explorer
  • Microsoft Office and Microsoft Office Services and Web Apps
  • SQL Server
  • Visual Studio
  • Skype for Business

 

Please note the following information regarding the security updates:

  • For information regarding enabling Windows 10, version 1909 features, please see Windows 10, version 1909 delivery options. Note that Windows 10, versions 1903 and 1909 share a common core operating system with an identical set of system files. They will also share the same security update KBs.
  • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
  • For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
  • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  • Starting in May 2019, Internet Explorer 11 is available on Windows Server 2012. This configuration is only present in only the IE Cumulative package.
  • Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
  • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

Microsoft Security Advisories:

  • ADV990001 | Latest Servicing Stack Updates

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV990001

  • ADV190026 | Microsoft Guidance for cleaning up orphaned keys generated on vulnerable TPMs and used for Windows Hello for Business

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190026

 

Known Issues:

 

KB4530689 Applies to: Windows 10 version 1607; Windows Server 2016

https://support.microsoft.com/en-us/help/4530689/windows-10-update-kb4530689

Symptoms:

After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Set the domain default “Minimum Password Length” policy to less than or equal to 14 characters.

Microsoft is working on a resolution and will provide an update in an upcoming release.

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4530691 Applies to: Windows Server 2012; Windows Embedded 8 Standard

https://support.microsoft.com/en-us/help/4530691/windows-server-2012-update-kb4530691

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4530698 Applies to: Windows Server 2012; Windows Embedded 8 Standard

 

https://support.microsoft.com/en-us/help/4530698/windows-server-2012-update-kb4530698

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4530702 Applies to: Windows 8.1; Windows Server 2012 R2; Windows Embedded 8.1 Industry Enterprise; Windows Embedded 8.1 Industry Pro

https://support.microsoft.com/en-us/help/4530702/windows-8-1-kb4530702

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4530714 Applies to: Windows 10 version 1709

https://support.microsoft.com/en-us/help/4530714/windows-10-update-kb4530714

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

When setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.

 

Note: This issue does not affect using a Microsoft Account during OOBE.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using these instructions. If you prefer to create a new local user, see KB4026923.

 

KB4530715 Applies to: Windows 10 version 1809; Windows Server version 1809; Windows Server 2019 all versions

https://support.microsoft.com/en-us/help/4530715/windows-10-update-kb4530715

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

After installing KB4493509, devices with some Asian language packs installed may receive the error, “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.”

When setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.

 

Note: This issue does not affect using a Microsoft Account during OOBE.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

  • Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10.
  • Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10.

 

Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows:

  1. Go to the Settings app > Recovery.
  2. Select Get Started under the Reset this PC recovery option.
  3. Select Keep my Files.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using these instructions. If you prefer to create a new local user, see KB4026923.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4530717 Applies to: Windows 10 version 1803

https://support.microsoft.com/en-us/help/4530717/windows-10-update-kb4530717

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

When setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.

 

Note This issue does not affect using a Microsoft Account during OOBE.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using these instructions. If you prefer to create a new local user, see KB4026923.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4530730 Applies to: Windows 8.1; Windows Server 2012 R2; Windows Embedded 8.1 Industry Enterprise; Windows Embedded 8.1 Industry Pro

https://support.microsoft.com/en-us/help/4530730/windows-8-1-kb4530730

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4530734 Applies to: Windows 7 Service Pack 1; Windows Server 2008 R2 Service Pack 1; Windows Embedded Standard 7 Service Pack 1; Windows Embedded POS Ready 7 Windows Thin PC

https://support.microsoft.com/en-us/help/4530734/windows-7-update-kb4530734

Improvements and fixes:

This security update includes improvements and fixes that were a part of update KB4525251 (released November 19, 2019) and addresses the following issues:

  • Security updates to Windows Input and Composition, Windows Virtualization, Windows Kernel, Windows Peripherals, the Microsoft Scripting Engine, and Windows Server.

 

For more information about the resolved security vulnerabilities, please refer to the Security Update Guide.

 

 

 

Flexis November 2019 Patch Review And Recommendations

  • KB4523205 – 2019-11 Cumulative Update for Windows Server 2019 for x64-based Systems
  • KB4525236 – 2019-11 Cumulative Update for Windows Server 2016 for x64-based Systems
  • KB4520724 – 2019-11 Servicing Stack Update for Windows Server 2016 for x64-based Systems
  • KB4525246 – 2019-11 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems
  • KB4525243 – 2019-11 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems
  • KB4525234 – 2019-11 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems
  • KB4525235 – 2019-11 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems

Impacted Products:

  • Microsoft Windows
  • Internet Explorer
  • Microsoft Edge
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Open Source Software
  • Microsoft Exchange Server
  • Visual Studio
  • Azure Stack

 

Please note the following information regarding the security updates:

  • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
  • Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
  • For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
  • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
  • Starting in May 2019, Internet Explorer 11 is available on Windows Server 2012. This configuration is only present in only the IE Cumulative package.

Microsoft Security Advisories:

  • ADV190024 | Microsoft Guidance for Vulnerability in Trusted Platform Module (TPM)

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190024

 

Known Issues:

 

KB4484113 Applies to: Office Professional Plus 2016; Office Professional 2016; Office Standard 2016,; Office Home and Business 2016; Office Home and Student 2016

https://support.microsoft.com/en-us/help/4484113/security-update-for-office-2016-november-12-2019

Symptoms:

After you install this update, you may see a “File failed to upload” error message when you save files to a network location. To fix this issue, install the November 12, 2019, update for Office 2016 (KB3085368).

After you install this update, you may receive the following error message when you try to run an Update query in Access: Query “query name” is corrupt.

 

KB4523171 Applies to: Exchange Server 2019; Exchange Server 2016; Exchange Server 2013

https://support.microsoft.com/en-us/help/4523171/security-update-for-exchange-server-2019-2016-and-2013

Symptoms:

When you try to manually install this security update by double-clicking the update file (.msp) to run it in Normal mode (that is, not as an administrator), some files are not correctly updated.

 

When this issue occurs, you don’t receive an error message or any indication that the security update was not correctly installed. However, Outlook Web Access (OWA) and the Exchange Control Panel (ECP) may stop working.

 

This issue occurs on servers that are using user account control (UAC). The issue occurs because the security update doesn’t correctly stop certain Exchange-related services.

 

To avoid this issue, follow these steps to manually install this security update:

  • Select Start, and type cmd.
  • In the results, right-click Command Prompt, and then select Run as administrator.
  • If the User Account Control dialog box appears, verify that the default action is the action that you want, and then select Continue.
  • Type the full path of the .msp file, and then press Enter.

 

This issue does not occur when you install the update through Microsoft Update.

 

Exchange services may remain in a disabled state after you install this security update. This condition does not indicate that the update is not installed correctly. This condition may occur if the service control scripts experience a problem when they try to return Exchange services to their usual state.

 

Workaround:

To fix this issue, use Services Manager to restore the startup type to Automatic, and then start the affected Exchange services manually. To avoid this issue, run the security update at an elevated command prompt. For more information about how to open an elevated Command Prompt window, see Start a Command Prompt as an Administrator.

 

 

KB4523205 Applies to: Windows 10 version 1809; Windows Server version 1809; Windows Server 2019 all versions

https://support.microsoft.com/en-us/help/4523205/windows-10-update-kb4523205

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

After installing KB4493509, devices with some Asian language packs installed may receive the error, “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.”

 

When setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.

 

Note This issue does not affect using a Microsoft Account during OOBE.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

  1. Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10.
  2. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10.

 

Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows:

  1. Go to the Settings app > Recovery.
  2. Select Get Started under the Reset this PC recovery option.
  3. Select Keep my Files.

 

To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using these instructions. If you prefer to create a new local user, see KB4026923.

 

KB4524570 Applies to: Windows 10 version 1903; Windows Server version 1903; Windows 10 version 1909; Windows Server version 1909

https://support.microsoft.com/en-us/help/4524570/windows-10-update-kb4524570

Symptoms:

When setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.

 

Note This issue does not affect using a Microsoft Account during OOBE.

 

Workaround:

To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using these instructions. If you prefer to create a new local user, see KB4026923.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4525232 Applies to: Windows 10

https://support.microsoft.com/en-us/help/4525232/windows-10-update-kb4525232

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4525236 Applies to: Windows 10 version 1607; Windows Server 2016

https://support.microsoft.com/en-us/help/4525236/windows-10-update-kb4525236

Symptoms:

After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.

 

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Set the domain default “Minimum Password Length” policy to less than or equal to 14 characters.

 

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4525237 Applies to: Windows 10 version 1803

https://support.microsoft.com/en-us/help/4525237/windows-10-update-kb4525237

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

When setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.

 

Note This issue does not affect using a Microsoft Account during OOBE.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using these instructions. If you prefer to create a new local user, see KB4026923.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4525241 Applies to: Windows 10 version 1709

https://support.microsoft.com/en-us/help/4525241/windows-10-update-kb4525241

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

When setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.

 

Note This issue does not affect using a Microsoft Account during OOBE.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using these instructions. If you prefer to create a new local user, see KB4026923.

 

KB4525243 Applies to: Windows 8.1, Windows Server 2012 R2; Windows Embedded 8.1 Industry Enterprise; Windows Embedded 8.1 Industry Pro

https://support.microsoft.com/en-us/help/4525243/windows-8-1-kb4525243

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4525246 Applies to: Windows Server 2012; Windows Embedded 8 Standard 

https://support.microsoft.com/en-us/help/4525246/windows-server-2012-update-kb4525246

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4525250 Applies to: Windows 8.1; Windows Server 2012 R2; Windows Embedded 8.1 Industry Enterprise; Windows Embedded 8.1 Industry Pro

https://support.microsoft.com/en-us/help/4525250/windows-8-1-kb4525250

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4525253 Applies to: Windows Server 2012; Windows Embedded 8 Standard

https://support.microsoft.com/en-us/help/4525253/windows-server-2012-update-kb4525253

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

 

Flexis October 2019 Patch Review And Recommendations

  • KB4519998 – 2019-10 Cumulative Update for Windows Server 2016 for x64-based Systems
  • KB4521858 – 2019-10 Servicing Stack Update for Windows Server 2016 for x64-based Systems
  • KB4520007 – 2019-10 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems
  • KB4520005 – 2019-10 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems
  • KB4519976 – 2019-10 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems

Impacted Products:

  • Microsoft Windows
  • Internet Explorer
  • Microsoft Edge
  • Microsoft Office and Microsoft Office Services and Web Apps
  • SQL Server Management Studio
  • Open Source Software
  • Microsoft Dynamic 365
  • Windows Update Assistant

 

Please note the following information regarding the security updates:

  • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
  • Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
  • For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
  • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
  • Starting in May 2019, Internet Explorer 11 is available on Windows Server 2012. This configuration is only present in only the IE Cumulative package.

 

Known Issues:

 

KB4519338 Applies to: Windows 10 version 1809; Windows Server version 1809; Windows Server 2019 all versions

https://support.microsoft.com/en-us/help/4519338/windows-10-update-kb4519338

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

After installing KB4493509, devices with some Asian language packs installed may receive the error, “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.”

 

We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.

 

After installing this update, Windows Mixed Reality Portal users may intermittently receive a “15-5” error code. In some cases, Windows Mixed Reality Portal may report that the headset is sleeping and pressing “Wake up” may appear to produce no action.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

  1. Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10.
  2. Select Check for Updatesand install the April 2019 Cumulative Update. For instructions, see Update Windows 10.

Note: If reinstalling the language pack does not mitigate the issue, reset your PC as follows:

  1. Go to the Settings app > Recovery.
  2. Select Get Startedunder the Reset this PC recovery option.
  3. Select Keep my Files.

Microsoft is working on a resolution and will provide an update in an upcoming release.

To mitigate this issue, press Ctrl+Alt+Delete, then select the Power button in the lower right corner of the screen and select Restart. Your device should now restart normally.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

To mitigate the issue, use the following steps:

  1. Close the Windows Mixed Reality Portal, if it is running.
  2. Open Task Manager by selecting the Start button and typing “task manager”.
  3. In Task Manager, under the Processes tab, right-click Windows Explorer and select Restart.
  4. Open the Windows Mixed Reality Portal.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4519976 Applies to: Windows 7 Service Pack 1; Windows Server 2008 R2 Service Pack 1

https://support.microsoft.com/en-us/help/4519976/windows-7-update-kb4519976

Improvement and Fixes:

This security update includes improvements and fixes that were a part of update KB4516048 (released September 24, 2019) and addresses the following issues:

  • Addresses an issue that may fail to disable VBScript in Internet Explorer by default after installing KB4507437 (Preview of Monthly Rollup) or KB4511872 (Internet Explorer Cumulative Update) and later.
  • Addresses an issue with applications and printer drivers that utilize the Windows JavaScript engine (jscript.dll) for processing print jobs.
  • Security updates to Windows Authentication, Microsoft JET Database Engine, Windows Kernel, Internet Information Services, the Microsoft Scripting Engine, and Windows Server.

 

For more information about the resolved security vulnerabilities, please refer to the Security Update Guide.

 

Microsoft is not currently aware of any issues with this update.

 

KB4519985 Applies to: Windows Server 2012; Windows Embedded 8 Standard

https://support.microsoft.com/en-us/help/4519985/windows-server-2012-update-kb4519985

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4519990 Applies to: Windows 8.1; Windows Server 2012 R2

https://support.microsoft.com/en-us/help/4519990/windows-8-1-kb4519990

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4519998 Applies to: Windows 10 version 1607; Windows Server 2016

https://support.microsoft.com/en-us/help/4519998/windows-10-update-kb4519998

Symptoms:

After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.

 

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Set the domain default “Minimum Password Length” policy to less than or equal to 14 characters.

Microsoft is working on a resolution and will provide an update in an upcoming release.

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4520004 Applies to: Windows 10 version 1709

https://support.microsoft.com/en-us/help/4520004/windows-10-update-kb4520004

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4520005 Applies to: Windows 8.1; Windows Server 2012 R2

https://support.microsoft.com/en-us/help/4520005/windows-8-1-kb4520005

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4520007 Applies to: Windows Server 2012; Windows Embedded 8 Standard

https://support.microsoft.com/en-us/help/4520007/windows-server-2012-update-kb4520007

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4520008 Applies to: Windows 10 version 1803

https://support.microsoft.com/en-us/help/4520008/windows-10-update-kb4520008

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.

 

After installing this update, Windows Mixed Reality Portal users may intermittently receive a “15-5” error code. In some cases, Windows Mixed Reality Portal may report that the headset is sleeping and pressing “Wake up” may appear to produce no action.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

Microsoft is working on a resolution and will provide an update in an upcoming release.

To mitigate this issue, press Ctrl+Alt+Delete, then select the Power button in the lower right corner of the screen and select Restart. Your device should now restart normally.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

To mitigate the issue, use the following steps:

  • Close the Windows Mixed Reality Portal, if it is running.
  • Open Task Manager by selecting the Start button and typing “task manager”.
  • In Task Manager, under the Processes tab, right-click Windows Explorer and select Restart.
  • Open the Windows Mixed Reality Portal.

 

We are working on a resolution and will provide an update in an upcoming release.

 

KB4520010 Applies to: Windows 10 version 1703

https://support.microsoft.com/en-us/help/4520010/windows-10-update-kb4520010

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4520011 Applies to: Windows 10

https://support.microsoft.com/en-us/help/4520011/windows-10-update-kb4520011

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

Flexis September 2019 Patch Review And Recommendations

  • KB4512574 – 2019-09 Servicing Stack update for Windows Server 2016 for x64- based Systems
  • KB4516044 – 2019-09 Cumulative Update for Windows Server 2016 for x64-based systems
  • KB4516067 – Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems
  • KB4474419 – 2019-09 Security update for Windows Server 2008 R2 for x64-based Systems
  • KB4516065 – 2019-09 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems

Impacted Products:

  • Microsoft Windows
  • Internet Explorer
  • Microsoft Edge
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Adobe Flash Player
  • Microsoft Lync
  • Visual Studio
  • Microsoft Exchange Server
  • .NET Framework
  • Microsoft Yammer
  • ASP.NET
  • Team Foundation Server

 

Please note the following information regarding the security updates:

  •  A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
  • Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
  • For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
  • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
  • Starting in May 2019, Internet Explorer 11 is available on Windows Server 2012. This configuration is only present in only the IE Cumulative package.

 

Microsoft Security Advisories:

  • ADV190022 | September 2019 Adobe Flash Security Update

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190022

  • ADV990001 | Latest Servicing Stack Updates

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV990001

 

Known Issues:

 

KB4512578 Applies to: Windows 10 version 1809; Windows Server version 1809; Windows Server 2019 all versions

 https://support.microsoft.com/en-us/help/4512578/windows-10-update-kb4512578

 Symptoms:

 

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

After installing KB4493509, devices with some Asian language packs installed may receive the error, “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.”

 

We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.

 

Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries. When requesting additional pages you may receive the error, “1359: an internal error occurred.” This issue occurs in this update and in all the updates before June 18, 2019.

 

After installing this update, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an “invalid procedure call error.”

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

  1. Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10.
  2. Select Check for Updatesand install the April 2019 Cumulative Update. For instructions, see Update Windows 10.

Note: If reinstalling the language pack does not mitigate the issue, reset your PC as follows:

  1. Go to the Settings app > Recovery.
  2. Select Get Startedunder the Reset this PC recovery option.
  3. Select Keep my Files.

Microsoft is working on a resolution and will provide an update in an upcoming release.

To mitigate this issue, press Ctrl+Alt+Delete, then select the Power button in the lower right corner of the screen and select Restart. Your device should now restart normally.

 

We are working on a resolution and will provide an update in an upcoming release.

 

To mitigate the issue, use the following steps:

  1. Close the Windows Mixed Reality Portal, if it is running.
  2. Open Task Manager by selecting the Start button and typing “task manager”.
  3. In Task Manager, under the Processes tab, right-click Windows Explorer and select Restart.
  4. Open the Windows Mixed Reality Portal.

 

We are working on a resolution and will provide an update in an upcoming release.

 

KB4515384 Applies to: Windows 10 version 1903; Windows Server version 1903

https://support.microsoft.com/en-us/help/4515384/windows-10-update-kb4515384

 

Improvement and Fixes:

This security update includes quality improvements. Key changes include:

  • Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 32-Bit (x86) versions of Windows (CVE-2019-11091, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130). Use the registry settings as described in the Windows Client and Windows Server articles. (These registry settings are enabled by default for Windows Client OS editions and Windows Server OS editions.)
  • Addresses an issue that causes high CPU usage from SearchUI.exe for a small number of users. This issue only occurs on devices that have disabled searching the web using Windows Desktop Search.
  • Security updates to Microsoft Edge, Internet Explorer, Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Input and Composition, Windows Media, Windows Fundamentals, Windows Authentication, Windows Cryptography, Windows Datacenter Networking, Windows Storage and Filesystems, Windows Wireless Networking, the Microsoft JET Database Engine, Windows Kernel, Windows Virtualization, and Windows Server.

 

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

 

KB4515832 Applies to: Exchange Server 2019; Exchange Server 2016

 https://support.microsoft.com/en-us/help/4515832/security-update-for-exchange-server-2019-and-2016

 Symptoms:

When you try to manually install this security update by double-clicking the update file (.msp) to run it in Normal mode (that is, not as an administrator), some files are not correctly updated.

 

When this issue occurs, you don’t receive an error message or any indication that the security update was not correctly installed. However, Outlook Web Access (OWA) and the Exchange Control Panel (ECP) may stop working. This issue occurs on servers that are using user account control (UAC). The issue occurs because the security update doesn’t correctly stop certain Exchange-related services.

 

To avoid this issue, follow these steps to manually install this security update:

  1. Select Start, and type cmd.
  2. In the results, right-click Command Prompt, and then select Run as administrator.
  3. If the User Account Control dialog box appears, verify that the default action is the action that you want, and then select Continue.
  4. Type the full path of the .msp file, and then press Enter.

 

This issue does not occur when you install the update through Microsoft Update.

Exchange services may remain in a disabled state after you install this security update. This condition does not indicate that the update is not installed correctly. This condition may occur if the service control scripts experience a problem when they try to return Exchange services to its usual state.

 

Workaround:

To fix this issue, use Services Manager to restore the startup type to Automatic, and then start the affected Exchange services manually. To avoid this issue, run the security update at an elevated command prompt. For more information about how to open an elevated Command Prompt window, see Start a Command Prompt as an Administrator.

 

KB4516044 Applies to: Windows 10 version 1607; Windows Server 2016

 https://support.microsoft.com/en-us/help/4516044/windows-10-update-kb4516044

 Symptoms:

After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.

 

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Set the domain default “Minimum Password Length” policy to less than or equal to 14 characters.

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4516046 Applies to: Internet Explorer 11 on Windows Server 2012 R2; Internet Explorer 11 on Windows Server 2012; Internet Explorer 11 on Windows Server 2008 R2 SP1; Internet Explorer 11 on Windows 8.1 Update; Internet Explorer 11 on Windows 7 SP1; Internet Explorer 10 on Windows Server 2012; Internet Explorer 9 on Windows Server 2008 SP2

 https://support.microsoft.com/en-us/help/4516046/cumulative-security-update-for-internet-explorer

Symptoms:

Users who have upgraded to Internet Explorer 11 by installing KB4492872 on Windows Server 2012 and Windows Embedded 8 Standard may still be offered “Cumulative Security Update for Internet Explorer 10” through Windows Server Update Services (WSUS) or other update management solutions.

 

For Windows 7 SP1 and Windows Server 2008 R2 SP1, VBscript in Internet Explorer 11 should be disabled by default after installing updates starting with KB4507437 (Preview of Monthly Rollup released July 16, 2019) or KB4511872 (Internet Explorer Cumulative Update released August 13, 2019) but in some circumstances, may not be disabled as intended.

 

Workaround:

This issue is now resolved on the server-side and requires no action from users. The Internet Explorer 10 version of this update should no longer be offered if you have Internet Explorer 11 installed.

 

To work around this issue, follow these steps:

  1. In Internet Explorer 11, select Tools or press and hold the Alt key on your keyboard and then select the letter X to see the menu.
  2. Select Internet Options.
  3. Select the Security tab.
  4. Select the Internet icon in the Select a zone to view or change security settings field.
  5. Select the Default Level button.
  6. Select the Ok button to accept settings and close the dialog box.
  7. Close Internet Explorer 11, on next start, VBScript will now be disabled.

 

We are working on a resolution and will provide an update in an upcoming release.

KB4516055 Applies to: Windows Server 2012; Windows Embedded 8 Standard

 https://support.microsoft.com/en-us/help/4516055/windows-server-2012-update-kb4516055

 Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4516058 Applies to: Windows 10 version 1803

 https://support.microsoft.com/en-us/help/4516058/windows-10-update-kb4516058

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.

 

After installing this update, Windows Mixed Reality Portal users may intermittently receive a “15-5” error code. In some cases, Windows Mixed Reality Portal may report that the headset is sleeping and pressing “Wake up” may appear to produce no action.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

To mitigate this issue, press Ctrl+Alt+Delete, then select the Power button in the lower right corner of the screen and select Restart. Your device should now restart normally.

 

We are working on a resolution and will provide an update in an upcoming release.

 

To mitigate the issue, use the following steps:

  1. Close the Windows Mixed Reality Portal, if it is running.
  2. Open Task Manager by selecting the Start button and typing “task manager”.
  3. In Task Manager, under the Processes tab, right-click Windows Explorer and select Restart.
  4. Open the Windows Mixed Reality Portal.

 

We are working on a resolution and will provide an update in an upcoming release.

KB4516062 Applies to: Windows Server 2012; Windows Embedded 8 Standard

 https://support.microsoft.com/en-us/help/4516062/windows-server-2012-update-kb4516062

 Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4516064 Applies to: Windows 8.1; Windows Server 2012 R2

 https://support.microsoft.com/en-us/help/4516064/windows-8-1-kb4516064

 Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4516065 Applies to: Windows 7 Service Pack 1; Windows Server 2008 R2 Service Pack 1

 https://support.microsoft.com/en-us/help/4516065/windows-7-update-kb4516065

 Symptoms:

VBScript in Internet Explorer 11 should be disabled by default after installing KB4507437 (Preview of Monthly Rollup) or KB4511872 (Internet Explorer Cumulative Update) and later. However, in some circumstances, VBScript may not be disabled as intended.

 

After installing this update, you may receive an error when opening or using the Toshiba Qosmio AV Center. You may also receive an error in the Event Log related to cryptnet.dll.

 

Workaround:

To mitigate this issue, follow these steps:

  1. In Internet Explorer 11 select the Tools icon or press and hold the alt key on your keyboard and press the letter x to see the menu.
  2. Select Internet Options.
  3. Select the Security tab.
  4. Select the Internet icon in the Select a zone to view or change security settings field.
  5. Select the Default Level button.
  6. Select the Ok button to accept settings and close the dialog.
  7. Close Internet Explorer 11. On the next start, VBScript will be disabled.

 

We are working on a resolution and will provide an update in an upcoming release.

Microsoft is working with Dynabook to resolve this issue and estimates a solution will be available in late September.

 

KB4516066 Applies to: Windows 10 version 1709

 https://support.microsoft.com/en-us/help/4516066/windows-10-update-kb4516066

 Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

KB4516067 Applies to: Windows 8.1; Windows Server 2012 R2

 https://support.microsoft.com/en-us/help/4516067/windows-8-1-kb4516067

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4516068 Applies to: Windows 10 version 1703

 https://support.microsoft.com/en-us/help/4516068/windows-10-update-kb4516068

 Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4516070 Applies to: Windows 10

 https://support.microsoft.com/en-us/help/4516070/windows-10-update-kb4516070

Symptoms:

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.