January 17, 2018 - KB4057144 (OS Build 15063.877)

Applies to: Windows 10 Version 1703


Improvements and fixes

This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

  • Addresses issue with printing PDFs in Microsoft Edge.
  • Addresses issue with the App-V package folder access that cause the access control list to be handled incorrectly.
  • Addresses issue where backwards compatibility for managing Microsoft User Experience Virtualization (UE-V) with group policy is lost. Windows 10 version 1607 group policy isn't compatible with Windows 10 version 1703 or higher group policy. Because of this bug, the new Windows 10 Administrative Templates (.admx) cannot be deployed to the Group Policy Central Store. This means that some of the new, additional settings for Windows 10 aren't available.
  • Addresses issue where some Microsoft-signed ActiveX controls don't work when Windows Defender Application Control (Device Guard) is enabled. Specifically, class IDs related to XMLHTTP in msxml6.dll don't work.
  • Addresses issue where, when attempting to change the Smart Card for Windows service start type from Disabled to Manual or Automatic, the system reports an error: “Cannot create a file when that file already exists.”
  • Addresses issue where some applications are blocked from running by Windows Defender Device Guard or Windows Defender Application Control when the application runs in Audit only enforcement mode.
  • Addresses issue where the virtual TPM self-test isn't run as part of virtual TPM initialization.
  • Addresses issue with NoToastApplicationNotificationOnLockScreen GPO that causes Toast notifications to appear on the lock screen.
  • Addresses issue originally called out in KB4056891 where calling CoInitializeSecurity with the authentication parameter set to RPC_C_AUTHN_LEVEL_NONE resulted in the error STATUS_BAD_IMPERSONATION_LEVEL.
  • Addresses issue where some customers with AMD devices get into an unbootable state.

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

For more information about the resolved security vulnerabilities, see the Security Update Guide.

Known issues in this update

Symptom Workaround
Due to an issue with some versions of antivirus software, this fix only applies to the machines where the antivirus ISV has updated the ALLOW REGKEY. Contact your antivirus AV to confirm that its software is compatible and have set the following REGKEY on the machine

Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat"

Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc"

Type="REG_DWORD”

Data="0x00000000”

How to get this update

To get the standalone package for this update, go to the Microsoft Update Catalog website.

File information

For a list of the files that are provided in this update, download the file information for cumulative update 4057144.


Source: https://support.microsoft.com/en-us/help/4057144




Direct download links for KB4057144 from Microsoft Update Catalog:

Download KB4057144 MSU for Windows 10 Version 1703 32-bit (x86) - 596.2 MB

Download KB4057144 MSU for Windows 10 Version 1703 64-bit (x64) - 1027.8 MB