Microsoft has released a cumulative update KB4041688 for Windows 10 version 1607 (Build 14393.1794) on 17th October 2017. This is the second update in the month of October for version 1607, the first update was KB4041691.
The Update KB40401688 for Anniversary Update (version 1607) rolls out to fix all the issues and vulnerabilities which were occurring in the previous update. So far no new features are included in this update, only quality improvements have made. This update is also for Windows Server 2016 64-bit based systems.
As this is the cumulative update, so you can also get it via Windows Update automatically if you are already using Windows 10 version 1607 on your system.
Let’s see what security issues have been resolved in update KB041688, then you can have direct links to the offline installers of this update to get this update manually on your system. The offline installer will help you in a way that it won’t need the availability of an internet connection while installing.
Changelog for Update KB4041688
Following key changes have included in this update:
The rare issue has been fixed where fonts may be corrupted after the Out of Box Experience is completed. This issue occurs on images that have multiple language packs installed.
Downloading updates using express installation files may fail after installing OS Updates 14393.1670 through 14393.1770. This issue has been sorted out.
An issue that causes an error when trying to access shares on a file server has been fixed now.
An issue has been resolved that prevented Windows Error Reporting from saving error reports in a temporary folder that is recreated with incorrect permissions. Instead, the temporary folder is inadvertently deleted.
The issue where the MSMQ performance counter (MSMQ Queue) may not populate queuing instances when the server hosts a clustered MSMQ role, is removed.
The issue is removed where restricting the RPC port of the Next Generation Credentials (Windows Hello) service causes the system to stop responding when logging on.
An issue where Personal Identity Verification (PIV) smart card PINs are not cached on a per-application basis. This causes users to see the PIN prompt multiple times in a short time period. Normally, the PIN prompt only display once. This has been fixed now.
2 NVMe SSD throughput has improved, when the queue size increases.
Fixed an issue where running Event Tracing for Windows with Volsnap may result in error 0x50.
An issue has been fixed where using the Robocopy utility to copy a SharePoint document library, which is mounted as a drive letter, fails to copy files. However, in this scenario, Robocopy copies folders successfully.
The issue is removed where Miniports that make 64-bit DMA requests from a single 4 GB region may fail, preventing the system from booting.
The addressed issue where a disk losing communication with its S2D cluster may lead to a stale fault domain descriptor for the enclosure.
The addressed issue where, if an update to a pool config header occurs when it’s performing a read function, a stop error may occur on a Windows Server 2016 Storage Spaces Directory (S2D) deployment.
An issue has addressed to allow UEFI-based customers to pre-stage UEFI-based Gen 2 VMs to run Windows Setup automatically.
Fixed an issue that intermittently misdirects AD Authority requests to the wrong Identity Provider because of incorrect caching behavior. This can affect authentication features like Multi-Factor Authentication.
The ability for AAD Connect Health to report AD FS server health with correct fidelity (using verbose auditing) on mixed WS2012R2 and WS2016 AD FS farms has been added.
The addressed issue where the PowerShell cmdlet that raises the farm behavior level fails with a timeout during the upgrade from the 2012 R2 AD FS farm to AD FS 2016. The failure occurs because there are many relying party trusts.
An issue has been settled where adding user rights to an RMS template causes the Active Directory RMS management console (mmc.exe) to stop working with an unexpected exception.
Resolved an issue where AD FS causes authentication failures by modifying the WCT parameter value while federating the requests to another Security Token Server (STS).
The SPN and UPN uniqueness feature have updated to work within the forest root tree and across other trees in the forest. The updated NTDSAI.DLL won’t allow a subtree to add an SPN or a UPN as a duplicate across the entire forest.
An issue has addressed where the language bar stays open after closing a RemoteApp application, which prevents sessions from being disconnected.
The issue has been resolved where the working directory of RemoteApps on Server 2016 is set to %windir%\System32 regardless of the application’s directory.
SYS randomly causes memory corruption that results in random system crashes that are extremely difficult to diagnose. This error has been removed in this update.
An issue has addressed where the ServerSecurityDescriptor registry value doesn’t migrate when you upgrade to Windows 10 1607. As a result, users might not be able to add a printer using the Citrix Print Manager service. Additionally, they might not be able to print to a client redirected printer, a Citrix universal print driver, or a network printer driver using the Citrix universal print driver.
Fixed an issue where policies are not pushed for servers that have an updated Instance ID. This occurs when synchronizing the removal of the old server resources with the notifications about NICs (port profile changes) from the host.
Installing this update may cause applications based on the Microsoft JET Database Engine (Microsoft Access 2007 and older or non-Microsoft applications) to fail when creating or opening Microsoft Excel .xls files. The error message is, “Unexpected error from external database driver (1). (Microsoft JET Database Engine)”.
Some users who have the text size for icons set to a larger size (using the Display Settings in Control Panel) may have issues launching Internet Explorer.
Get Update KB4041688 Via Windows Update
If you are already on Windows 10 version 1607, then you can easily get this update via Windows Update automatically. Apply below few steps to get this update.
Press the “Windows Key+I" and go to Update and Security.
Then click on Windows Update from the left-hand side of the window. In the right-hand menu, you will see a button for check Updates. Click on it.
If an update is present it will show you and ask you to download. Then the installation will start downloading.