Microsoft has released KB4571756 cumulative update for Windows 10 Version 2004. This update is a part of the Microsoft Windows Patch Tuesday for September 2020, which shall be automatically installed on all registered devices through Windows Update, or manually through other means including manually download and install or Windows Server Update Services servers (WSUS). A preview version of this update was already released earlier this month.
But that is not it. Microsoft has gone above and beyond to introduce new updates for most of the previous versions of Windows 10, going back to v1607.
Although Microsoft has announced that the older versions have reached the end of mainstream support, they are still providing users with extended support but these patches are only available for the Enterprise versions.
The updates and details for each of these are as follows:
- Windows 10 Version 2004 | Update: KB4571756 | New Build: 19041.508
- Windows 10 Version 1909 | Update: KB4574727 | New Build: 18363.1082
- Windows 10 Version 1903 | Update: KB4574727 | New Build: 18362.1082
- Windows 10 Version 1809 | Update: KB4570333 | New Build: 17763.1457
- Windows 10 Version 1803 | Update: KB4577032 | New Build: 17134.1726
- Windows 10 Version 1709 | Update: KB4577041 | New Build: 16299.2107
- Windows 10 Version 1703 | Update: KB4577021 | New Build: 15063.2500
- Windows 10 Version 1607 | Update: KB4577015 | New Build: 14393.3930
Table of Contents
What’s new in these updates
As per Microsoft Security Response Center, a total of 305 vulnerabilities have been addressed for Windows 10 Version 2004 alone, and a total of 3,475 for all of the Windows 10 versions combined. These are inclusive of the 32-bit, 64-bit, and ARM64 based systems.
In the cumulative update KB4571756 for Windows 10 version 2004, 44 of the vulnerabilities addressed are critical, all of which address Remote Code Execution.
This update fixes vulnerabilities in several Windows components including the Windows kernel, Windows Storage and filesystem, and the Microsoft Scripting engine
Other important matters addressed include elevation of privilege, information disclosure, and spoofing.
The highlights of KB4571756 for Windows 10 Version 2004 are:
- Updates for managing and storing files.
- Improved security when using Microsoft Office suite.
- Improved security when using input and output peripherals, such as a mouse, keyboard, USB drives, etc.
- Improved security while performing simple Windows operations.
The improvements and fixes in KB4571756 are:
- Addressed an issue in elevation of privilege while using windowmanagement.dll.
- Added security updates to Microsoft Graphics Component, Windows Input, and Composition, Windows Media, Windows Shell, Windows Cloud Infrastructure, etc.
- Addressed a security vulnerability linking proxy servers and intranet HTTP-based servers.
Here is the exact excerpt from Microsoft:
Addresses an issue with a possible elevation of privilege in windowmanagement.dll.
Addresses a security vulnerability issue with user proxies and HTTP-based intranet servers. After installing this update, HTTP-based intranet servers cannot leverage a user proxy by default to detect updates. Scans using these servers will fail if the clients do not have a configured system proxy. If you must leverage a user proxy, you must configure the behavior using the Windows Update policy “Allow user proxy to be used as a fallback if detection using system proxy fails.” This change does not affect customers who secure their Windows Server Update Services (WSUS) servers with the Transport Layer Security (TLS) or Secure Sockets Layer (SSL) protocols. For more information, see Ensuring clients stay secure, changes to scans against Windows Server Update Service (WSUS) servers.
Security updates to Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Input and Composition, Windows Media, Windows Shell, Windows Cloud Infrastructure, Windows Fundamentals, Windows Management, Windows Kernel, Windows Virtualization, Windows Storage and Filesystems, the Microsoft Scripting Engine, and the Microsoft JET Database Engine.Microsoft KB4571756 help page
For more elaborate information on KB4571756, check out this Microsoft help page, or refer to the links for each update stated above to view the information regarding the update for each individual version of Windows 10.
Install KB4571756 and other updates using Windows Update
The size of the updates for each individual version can vary, and range from 337.3 MB to 1.6 GB. Surprisingly, the later versions, such as v2004, take up lesser space, which climbs up as going to the previous versions. Therefore, it is recommended to give your computer the appropriate time to download and install these updates according to your Windows 10 version.
If you are missing any previous updates, installing September 2020 cumulative updates will install all the security fixes included in the previous updates.
To install this update using Windows Update, please go to Start Menu –> Settings –> Update & Security –> Windows Update. In the right-hand pane, click on the Check for updates button.
You will then be able to see the update. Press Download and then Install to begin the installation.
Download offline installers
These updates can also be installed on any computer having the relevant version of Windows 10, without having an internet connection. Download the offline installers below as per your Windows 10 version and bit requirements:
For Windows 10 Version 2004
For Windows 10 Version 1909
For Windows 10 Version 1903
For Windows 10 Version 1809
For Windows 10 Version 1803
For Windows 10 Version 1709
For Windows 10 Version 1703
For Windows 10 Version 1607
To install the update, simply run the downloaded MSU file and Windows will automatically install the cumulative update.
You can check out your current Windows build by going to Run and then type winver.
To download any other updates related to any of the above, please check Microsoft Catalog.
Issues related to the updates
It seems that Microsoft was aware of the issue reported in the update KB4571756 as they had the same issue with the preview update KB4571744 that was released earlier this month. However, they were still unable to resolve the problem any further.
Microsoft suggests that after installing the relevant update on version 2004, the users of Microsoft Input Method Editor (IME) might experience some problems while inserting or reviewing the results in Chinese or Japanese languages. However, they seem to be working on resolving the issue and have found some workarounds for a few.
Moreover, an issue discovered in KB4570333 for Windows 10 version 1809 also exists in the fonts. After installing this update users might not be able to use some Asian language packs and may be prompted with the error “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.” The only workaround for this is to revert the PC to an older state and not install the update.
When installing the update KB4577015 for Windows 10 version 1607, the Windows cluster service may fail to start if the Minimum Password Length is configured to greater than 14 characters in the Group Policy.
There are no known issues with the other updates that are applicable to the different versions of Windows 10.
Uninstall the cumulative updates
Here is a quick guide on how you can uninstall the updates on your computer if you face any issues with them:
Uninstall updates using Windows Update History tool
- Navigate to the following:
Start Menu -> Settings –> Update & Security –> Windows Update.
- From the right-hand pane, click on View Update History.
- Now click on Uninstall updates.
- Select Update for Microsoft Windows with the relevant update name and press the Uninstall button.
Uninstall updates using command-line
You can also delete the update by entering several commands in the Command Prompt. Here is how:
- Open Command Prompt (Run –> cmd)
- Run the following command:
wmic qfe list brief /format:table
- This will show all the updates installed on the computer. Make sure the relevant update is on the list.
- To uninstall the update, run the following command
wusa /uninstall /kb:(UpdateName)
Replace UpdateName with the number from the update. For example, if the update you want to uninstall is KB4571756, you will enter the following command:
wusa /uninstall /kb:4571756
Restart the computer once the update is uninstalled.
Cleanup after installing Windows Updates
If you want to save space after installing Windows updates, you can run the following commands:
dism.exe /Online /Cleanup-Image /AnalyzeComponentStore
dism.exe /Online /Cleanup-Image /StartComponentCleanup