Microsoft releases Windows 10 builds 15063.674, 14393.1770 - here's what's new

Today is the second Tuesday of the month, making it Patch Tuesday. This means that Microsoft is releasing cumulative updates for all supported versions of Windows 10, including builds 15063.674, 14393.1770, 10586.1176, and 10240.17643.

For those that are on the Windows 10 Creators Update, you'll find build 15063.674, or KB4041676. If you don't feel like going through the standard method of Windows Update, you can manually download it here. It comes with a long list of fixes:

  • Addressed issue where some UWP and Centennial apps show a gray icon and display the error message "This app can't open" on launch.

  • Addressed reliability issue that causes the AppReadiness service to stop working.

  • Addressed issue where applications that use the Silverlight map stack stop working.

  • Addressed issue where VSync prevents devices from entering Panel Self Refresh mode, which can lead to reduced battery life.

  • Addressed issue where user customizations (like pinned tiles) made to an enforced partial Start layout are lost when upgrading to Windows 10 1703.

  • Addressed issue where the Universal CRT caused the linker (link.exe) to stop working for large projects.

  • Addressed issue that prevents Windows Error Reporting from saving error reports in a temporary folder that is recreated with incorrect permissions. Instead, the temporary folder is inadvertently deleted.

  • Addressed issue where the MSMQ performance counter (MSMQ Queue) may not populate queue instances when the server hosts a clustered MSMQ role.

  • Addressed issue with the token broker where it was leaking a token that caused sessions to remain allocated after logoff.

  • Addressed issue where Personal Identity Verification (PIV) smart card PINs are not cached on a per-application basis. This caused users to see the PIN prompt multiple times in a short time period; normally, the PIN prompt only displays once.

  • Addressed issue where using the Cipher.exe /u tool to update Data Recovery Agent (DRA) encryption keys fails unless user certification encryption already exists on the machine.

  • Addressed issue where using AppLocker to block a Modern app fails. This issue occurs only with Modern apps that come pre-installed with Windows.

  • Addressed issue with form submissions in Internet Explorer.

  • Addressed issue with the rendering of a graphics element in Internet Explorer.

  • Addressed issue that prevents an element from receiving focus in Internet Explorer.

  • Addressed issue with the docking and undocking of Internet Explorer windows.

  • Addressed issue caused by a pop-up window in Internet Explorer.

  • Addressed issue where a Vendor API deleted data unexpectedly.

  • Addressed issue where using the Robocopy utility to copy a SharePoint document library, which is mounted as a drive letter, fails to copy files. However, in this scenario, Robocopy will copy folders successfully.

  • Addressed issue where MDM USB restrictions did not disable the USB port as expected.

  • Addressed issue where creating an iSCSI session on a new OS installation may result in the "Initiator instance does not exist" error when attempting to connect to a target.

  • Addressed issue where connecting to RDS applications published using Azure App Proxy fails. The error message is, “Your computer can’t connect to the Remote Desktop Gateway server. Contact your network administrator for assistance”. The error can occur when the RDP cookie size limit is exceeded. This update increased the size of the RDP cookie limit.

  • Addressed issue where USBHUB.SYS randomly causes memory corruption that results in random system crashes that are extremely difficult to diagnose.

  • Addressed issue that affects the download of some games from the Microsoft Store during the pre-order phase. Download fails with the error code 0x80070005, and the device attempts to restart the download from the beginning.

  • Addressed issue where the ServerSecurityDescriptor registry value does not migrate when you upgrade to Windows 10 1703. As a result, users might not be able to add a printer using the Citrix Print Manager service. Additionally, they might not be able to print to a client redirected printer, a Citrix universal print driver, or a network printer driver using the Citrix universal print driver.

  • Security updates to Microsoft Windows Search Component, Windows kernel-mode drivers, Microsoft Graphics Component, Internet Explorer, Windows kernel, Microsoft Edge, Windows Authentication, Windows TPM, Device Guard, Windows Wireless Networking, Windows Storage and Filesystems, Microsoft Windows DNS, Microsoft Scripting Engine, Windows Server, Windows Subsystem for Linux, Microsoft JET Database Engine, and the Windows SMB Server.

There are a couple of known issues to be aware of:

Symptom Workaround
Installing KB4034674 may change Czech and Arabic languages to English for Microsoft Edge and other applications. Microsoft is working on a resolution and will provide an update in an upcoming release.
Systems with support enabled for USB Type-C Connector System Software Interface (UCSI) may experience a blue screen or stop responding with a black screen when a system shutdown is initiated.

If available, disable UCSI in the computer system’s BIOS. This will also disable UCSI features in the Windows operating system.

Microsoft is working on a resolution and will provide an update in an upcoming release.


Next up is build 14393.1770, which is available for both PCs and phones on the Anniversary Update, just like the cumulative update for the Creators Update. You can manually download it here, and it also contains a bunch of fixes:

  • Addressed issue where the Universal CRT caused the linker (link.exe) to stop working for large projects.

  • Addressed issue with form submissions in Internet Explorer.

  • Addressed issue with rendering a graphics element in Internet Explorer.

  • Addressed issue with docking and undocking Internet Explorer windows.

  • Addressed issue caused by a pop-up window in Internet Explorer.

  • Addressed issue where a vendor API deleted data unexpectedly.

  • Addressed issue where SD propagation stops working when you manually trigger Security Descriptor propagation (SDPROP) by setting the RootDse attribute FixupInheritance to 1. After setting this attribute, SD propagation and permissions changes made on Active Directory objects don't propagate to child objects. No errors are logged.

  • Addressed access violation in LSASS that occurs during startup of domain controller role conditions. A race condition causes the violation when account management calls occur while the database is refreshing internal metadata. A password reset or change is one of the management calls that may trigger this problem.

  • Addressed issue where USBHUB.SYS randomly causes memory corruption that results in random system crashes that are extremely difficult to diagnose.

  • Addressed issue where the ServerSecurityDescriptor registry value does not migrate when you upgrade to Windows 10 1607. As a result, users might not be able to add a printer using the Citrix Print Manager service. Additionally, they might not be able to print to a client redirected printer, a Citrix universal print driver, or a network printer driver using the Citrix universal print driver.

  • Security updates to Microsoft Windows Search Component, Windows kernel-mode drivers, Microsoft Graphics Component, Internet Explorer, Windows kernel, Microsoft Edge, Windows Authentication, Windows TPM, Device Guard, Windows Wireless Networking, Windows Storage and Filesystems, Microsoft Windows DNS, Microsoft Scripting Engine, Windows Server, Microsoft JET Database Engine, and the Windows SMB Server.

This one also contains some known issues:

Symptom Workaround
After installing this update, downloading updates using express installation files may fail.
  1. Download the update you want from the Microsoft Update Catalog.
  2. From an administrative command prompt, run the following and wait for the BITS service to stop:
    sc config bits start= disabled
    net stop bits
  3. Install the package you downloaded in step 1.
  4. From an administrative command prompt, run the following:
    sc config bits start= delayed-auto
    net start bits

Microsoft is working on a resolution and will provide an update in an upcoming release.

Note: KB4041691 is not available with express installation files for Windows Server 2016.

After installing a delta update package, the KB numbers appear twice under Installed Updates. This issue doesn't occur when you install a full update package.

Microsoft is working on a resolution and will provide an update in an upcoming release.

When you uninstall the updates, uninstall the entries that have the same KB number.
After installing KB4041691, package users may see an error dialog that indicates that an application exception has occurred when closing some applications. This can affect applications that use mshtml.dll to load web content. The failure only occurs when a process is already shutting down and will not impact application functionality. Microsoft is working on a resolution and will provide an update in an upcoming release.


If your PC is still on the November Update, or version 1511, you'll see build 10586.1176. Be aware though, that this version of Windows 10 will no longer be supported after today. This update is PC-only, despite the fact that Windows 10 Mobile version 1511 should have support until January.

You can manually download the cumulative update here. This is what got fixed:

  • Addressed issue where the Universal CRT _splitpath was not handling multibyte strings correctly, which caused apps to fail when accessing multibyte filenames.

  • Addressed issue where the Universal CRT caused the linker (link.exe) to stop working for large projects.

  • Addressed issue where the MSMQ performance counter (MSMQ Queue) may not populate queue instances when the server hosts a clustered MSMQ role.

  • Addressed issue with the Lock Workstation policy for smart cards where, in some cases, the system doesn’t lock when you remove the smart card.

  • Addressed issue where, when using Conditional Access with Azure Active Directory, authentication fails.

  • Addressed issue with form submissions in Internet Explorer.

  • Addressed issue where messages that should be in a non-English language display in English in Internet Explorer.

  • Addressed issue where USBHUB.SYS randomly causes memory corruption that results in random system crashes that are extremely difficult to diagnose.

  • Security updates to Microsoft Windows Search Component, Windows kernel-mode drivers, Microsoft Graphics Component, Internet Explorer, Windows kernel, Microsoft Edge, Windows Authentication, Windows TPM, Microsoft PowerShell, Windows Wireless Networking, Windows Storage and Filesystems, Microsoft Windows DNS, Microsoft Scripting Engine, Windows Server, Device Guard, and the Windows SMB Server.

There are no known issues with this update.

Finally, if you're still on the original version of Windows 10, version 1507, build 10240.17643 is available. You can manually download it here, and this is what got fixed:

  • Addressed issue where the Universal CRT _splitpath was not handling multibyte strings correctly, which caused apps to fail when accessing multibyte filenames.

  • Addressed issue where the Universal CRT caused the linker (link.exe) to stop working for large projects.

  • Addressed issue where the MSMQ performance counter (MSMQ Queue) may not populate queue instances when the server hosts a clustered MSMQ role.

  • Addressed issue with the Lock Workstation policy for smart cards where, in some cases, the system doesn’t lock when you remove the smart card.

  • Addressed issue with form submissions in Internet Explorer.

  • Addressed issue with URL encoding in Internet Explorer.

  • Addressed issue that prevents an element from receiving focus in Internet Explorer.

  • Addressed issue with the docking and undocking of Internet Explorer windows.

  • Addressed issue with the rendering of a graphics element in Internet Explorer.

  • Addressed issue caused by a pop-up window in Internet Explorer.

  • Addressed issue where USBHUB.SYS randomly causes memory corruption that results in random system crashes that are extremely difficult to diagnose.

  • Security updates to Microsoft Windows Search Component, Windows kernel-mode drivers, Microsoft Graphics Component, Internet Explorer, Windows kernel, Microsoft Edge, Windows Authentication, Windows TPM, Device Guard, Windows Wireless Networking, Windows Storage and Filesystems, Microsoft Windows DNS, Microsoft Scripting Engine, Windows Server, Microsoft JET Database Engine, and the Windows SMB Server.

This build also includes a known issue:

Symptom Workaround
After installing KB4042895, package users may see an error dialog that indicates that an application exception has occurred when closing some applications. This can affect applications that use mshtml.dll to load web content. The failure only occurs when a process is already shutting down and will not impact application functionality. Microsoft is working on a resolution and will provide an update in an upcoming release.

We're now just a week away from the launch of the Windows 10 Fall Creators Update, so next month, there will be even more cumulative updates to report on. But since many of these known issues are promising an upcoming fix, it would seem that we'll see more updates before next month's Patch Tuesday.

Of course, you don't have to manually download any of these updates. You can head over to Settings -> Updates & security -> Windows Update -> Check for updates, or just wait for them to be installed automatically.

Report a problem with article
Previous Story

Purism's Librem 5 FOSS phone smashes crowdfunding goal

Next Story

Assassin's Creed Origins' post-launch DLC and free content detailed

9 Comments - Add comment

Advertisement