Cumulative Update KB4077525 Windows 10 v1607 Build 14393.2097 Feb. 22

  1. Brink's Avatar
    Posts : 33,678
    64-bit Windows 10 Pro build 18277
       23 Feb 2018 #1

    Cumulative Update KB4077525 Windows 10 v1607 Build 14393.2097 Feb. 22

    February 22, 2018 - KB4077525 (OS Build 14393.2097)

    Applies to: Windows 10 Version 1607, Windows Server 2016

    Improvements and fixes

    This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

    • Addresses issue where users of Citrix XenApp are unable to change passwords by pressing Ctrl+F1.
    • Addresses issue where members of the Performance Log Users group receive the error “Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))”. The error appears while trying to schedule logging of performance counters, enable trace providers, or collect trace information.
    • Addresses issue where the WinRM event query returns the error "0x6c6 (RPC_S_INVALID_BOUND)" from the target server. The error appears when servers are configured to push their security event logs to a central server for analysis using a subscription.
    • Addresses issue where authentication to Microsoft Outlook fails when using conditional access.
    • Addresses issue where smart card logons fail with the error "Signing in with a smart card isn’t supported for your account...." after the authenticating DC has been restarted. Authenticating DCs log KDC Event 19 and Kerberos Distribution Event 29 in the System event log. The log states that a suitable certificate cannot be found for smart card logons.
    • Addresses issue where the certutil.exe -MergePfx command could not produce a merged EPF file for multiple V1 certificates.
    • Addresses issue where the SM3 cryptographic hash algorithm was not supported on TPM devices. Customers experiencing this issue noticed that their TPM failed to initialize.
    • Addresses issue where a 0x06d9 failure occurs when a user attempts an OS upgrade or an LCU update. The system automatically reverts to a previous version of the upgrade or update.
    • Addresses issue where a server error occurs occasionally during file transfer. The error is “Stop D1 in tcpip!TcpSegmentTcbSend”.
    • Addresses issue where the Remote Authentication Dial-In User Service (RADIUS) server name is not authenticated while connecting to a wireless network.
    • Addresses issue where iSCSI target redirection during login may lead to stop error 9f.
    • Addresses issue in MPIO where pass-through SCSI requests may lead to a stop error if the disk is pending removal.
    • Updates MPIO path selection algorithm to match the documentation when all paths are Active or Unoptimized.
    • Addresses issue where a delay function in StorNVMe may cause a small CPU usage increase when launching applications.
    • Improves ReFS performance by more thoroughly unmapping multiple views of a file. See KB4090104 for additional tunable registry parameters to address large ReFS metadata streams.
    • Improves ReFS performance by removing idle containers from its hash table.
    • Addresses issue where booting with Unified Write Filter and a connected USB hub may lead to stop error E1.
    • Addresses issue where the Internet connection service (ICS) connections don't persist across OS restarts or ICS service restarts. You can also activate this solution using an optional EnableRebootPersistConnection registry key described in KB4055559.
    • Cleans the public IP with the correct information for the SDN Network Manager.
    • Adds ADCS support for Certificate Transparency (CT) that's compatible with the updated Google Chrome requirements. CT is a technology used by certificate authorities to log and publish certificate metadata for improved security.
    • Adds ADCS support for Certificate Transparency for publicly trusted SSL/TLS certificates.
    • Addresses issue where there is missing information in the Value field of audit event 5136 for Directory Service Changes. This occurs when you modify an attribute of an object on Windows Server 2016 Domain Controllers. This problem may occur if you use PowerShell commands (Add-ADGroupMember or Set-ADGroup) to add someone to a group using the user’s SID instead of the Distinguished Name.
    • Addresses issue where an HTTP 500 error occurs when an ADFS farm has at least two servers using Windows Internal Database (WID). In this scenario, HTTP basic pre-authentication on the Web Application Proxy (WAP) server fails to authenticate some users. When the error occurs, you might also see the Microsoft Windows Web Application Proxy warning Event ID 13039 in the WAP event log. The description reads, “Web Application Proxy failed to authenticate the user. Pre-authentication is 'ADFS For Rich Clients'. The given user is not authorized to access the given relying party. The authorization rules of either the target relying party or the WAP relying party are needed to be modified.”
    • Addresses issue in which AD FS can no longer ignore prompt=login during authentication. A Disabled option was added to support scenarios in which password authentication is not used. For more information, see AD FS ignores the "prompt=login" parameter during an authentication in Windows Server 2016 RTM.
    • Addresses issue in AD FS where Authorized Customers (and relying parties) who select Certificate as an authentication option will fail to connect. The failure occurs when using prompt=login if Windows Integrated Authentication (WIA) is enabled and the request can do WIA.
    • Addresses issue where AD FS incorrectly displays the Home Realm Discovery (HRD) page when an identity provider (IDP) is associated with a relying party (RP) in an OAuth Group. Unless multiple IDPs are associated with the RP in the OAuth Group, the user will not be shown the HRD page. Instead, the user will go directly to the associated IDP for authentication.
    • Addresses issue where some Remote Desktop Protocol (RDP) clients that used an absolute URI (instead of a relative URI) were blocked by the Web Application Proxy (WAP) server from connecting to the Remote Desktop Gateway. This affected RDP clients on iOS, Mac, Android, and the Windows modern RDP client app. The error is "We couldn't connect to the gateway because of an error. If this keeps happening, ask your admin or tech support for help. Error code: 0x03000008."
    • Addresses issue where GPMC reports are not showing content when you select links in the report with one of these errors:
      • Error: 'XMLSerializer' is undefined.
      • ‘DOMParser’ is undefined.
      • Server execution failed.

    • Addresses issue where a file that is optimized and is less than 2.2 TB may be corrupted by the Dedup process when the file is updated to exceed 2.2 TB.
    • Addresses issue where a file is always marked as corrupted—even though it isn't—when running a full Dedup scrub on a file larger than 2.2 TB.
    • Addresses issue where, after installing .NET 4.7, creating a new DFS-Replication group or adding a member to an existing replication group in the DFS Management snap-in leads to an error. The error is “The value does not fall within the expected range”.
    • Addresses issue where, after installing .NET 4.7, the Create Cluster wizard in the Failover Cluster Management UI may unexpectedly close upon selecting Browse on the Select Servers page.
    • Addresses issue where the Japanese keyboard layout didn't work properly during a Remote Assistance session.
    • Addresses issue where logons to a Remote Desktop VDI collection start to fail after a period of server uptime. The Performance Counter Remote Desktop Connection Broker Redirector Counterset/RPC Contexts will show incremental growth during logon hours. When the value reaches 40, new connections to the farm fail or time out.
    • Addresses issue where logons to a Remote Desktop VDI Farm fails after the connection broker loses access to the SQL Database for more than two minutes. This causes virtual machines from collections to go to an Unknown state. The Administrator must restart the Remote Desktop Connection Broker service to recover from the failure.
    • Addresses issue where servers that have Credential Guard enabled may restart unexpectedly. The error is, "The system process lsass.exe terminated unexpectedly with status code -1073740791. The system will now shut down and restart".

    If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

    For more information about the resolved security vulnerabilities, see the Security Update Guide.

    Windows Update Improvements
    Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 Feature Update based on device compatibility and Windows Update for Business deferral policy. This does not apply to long-term servicing editions.

    Known issues in this update

    Symptom Workaround
    Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY. Contact your antivirus manufacturer to verify that their software is compatible and that they have set the following REGKEY on the computer:


    Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc"


    Because of an AD FS server issue that causes the WID AD FS database to become unusable after a restart, the AD FS service may fail to start. There is no way to undo the database corruption. To return your AD FS server to a functional state, you must restore it from a backup.

    How to get this update

    To get the standalone package for this update, go to the Microsoft Update Catalog website.

    File information

    For a list of the files that are provided in this update, download the file information for cumulative update 4077525.


    Direct download links for KB4077525 from Microsoft Update Catalog:

    Download KB4077525 MSU for Windows 10 Version 1607 32-bit (x86) - 621.4 MB

    Download KB4077525 MSU for Windows 10 Version 1607 64-bit (x64) - 1146.2 MB
    Last edited by Brink; 03 Mar 2018 at 14:56.
      My ComputersSystem Spec


Related Threads
Source: Find Windows 10 Version Number Find Windows 10 Build Number Direct download links for KB4057142 from Microsoft Update Catalog:
Update August 16th 2017: Cumulative Update KB4034661 Windows 10 v1607 Build 14393.1613 - Windows 10 Forums Source: Find Windows 10 Version Number
Update July 11, 2017: Cumulative Update KB4025339 Windows 10 v1607 Build 14393.1480 - Windows 10 Forums Source: Find Windows 10 Version Number
Update April 11th 2017: This KB4016635 update has been replaced by KB4015217. Source: To download: (Not available in Windows Update)
UPDATE: This cumulative update KB4015438 has been replaced by KB4016635 on March 22nd 2017. Source: March 20, 2017—KB4015438 (OS Build 14393.969) - Microsoft Support To manually download:
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 15:20.
Find Us