Saturday, September 30, 2017

Windows 10 – KB4040724 - Cumulative Update – September 25, 2017


It’s now available the Microsoft Windows 10 Cumulative Update September 25, 2017.
The quality update KB4040724 sets Windows 10 build to version 15063.632.

Improvements and Fixes

  • Reliability improvements and fixes for cellular connectivity.
  • Addressed issue in Microsoft Edge where on first launch after installing KB4038788, or periodically thereafter, users may observe performance issues or unresponsiveness until the next launch of the browser.

You can download this cumulative update from Microsoft Update Catalog

Saturday, September 16, 2017

Windows 10 – KB4038788 - Cumulative Update – September 12, 2017


It’s now available the Microsoft Windows 10 Cumulative Update September 12, 2017.
The quality update KB4038788 sets Windows 10 build to version 15063.608.

Improvements and Fixes

  • Addressed issue where the color profiles do not revert to the user-specified settings after playing a full-screen game.
  • Updated HDR feature to be turned off by default in the OS.
  • Addressed issue where you can't open the Start menu when you add a third-party IME.
  • Addressed issue with scanners that rely on inbox driver support.
  • Addressed issue in a Mobile Device Manager Enterprise feature to allow headsets to work correctly.
  • Addressed issue where some machines fail to load wireless WAN devices when they resume from Sleep.
  • Addressed issue where Windows Error Reporting doesn't clean up temporary files when there is a redirection on a folder.
  • Addressed issue where revoking a certificate associated with a disabled user account in the CA management console fails. The error is "The user name or password is incorrect. 0x8007052e (WIN32: 1326 ERROR_LOGON_FAILURE)”.
  • Addressed issue where LSASS is leaking large amounts of memory.
  • Addressed issue where enabling encryption using syskey.exe renders the system unbootable.
  • Updated the BitLocker.psm1 PowerShell script to not log passwords when logging is enabled.
  • Addressed issue where saving a credential with an empty password to Credential Manager causes the system to crash when attempting to use that credential.
  • Updates to Internet Explorer 11’s navigation bar with search box.
  • Addressed issue in Internet Explorer where undo is broken if character conversion is canceled using IME.
  • Addressed issue with the EMIE where Microsoft Edge and Internet Explorer repeatedly switched between each other.
  • Addressed issue where a device may stop responding for several minutes and then stop working with error 0x9F (SYSTEM_POWER_STATE_FAILURE) when a USB network adapter is attached.
  • Addressed issue where some apps cannot be opened because the IPHlpSvc service stops responding during the Windows boot procedure.
  • Addressed issue where spoolsv.exe stops working.
  • Addressed issue where the Get-AuthenticodeSignature cmdlet does not list TimeStamperCertificate even though the file is time stamped.
  • Addressed issue where, after upgrading to Windows 10, users may experience long delays when running applications hosted on Windows Server 2008 SP2.
  • Addressed RemoteApp display issues that occur when you minimize and restore a RemoteApp to full-screen mode.
  • Addressed issue that sometimes causes Windows File Explorer to stop responding and causes the system to stop working.
  • Addressed issue that causes the Export-StartLayout cmdlet to fail when exporting the layout of tiles at startup.
  • Addressed issue where the option to join Azure AAD is sometimes unavailable during the out-of-box experience.
  • Addressed issue where clicking the buttons on Windows Action Center notifications results in no action being taken.
  • Re-release of MS16-087- Security update for Windows print spooler components.
  • Security updates to Microsoft Graphics Component, Windows kernel-mode drivers, Windows shell, Microsoft Uniscribe, Microsoft Edge, Device Guard, Windows TPM, Internet Explorer, Microsoft Scripting Engine, Windows Hyper-V, Windows kernel, and Windows Virtualization.

You can download this cumulative update from Microsoft Update Catalog

Tuesday, September 12, 2017

Win7 Deploy – Adding NVM Express Support (KB2990941)

Microsoft Windows 7 SP1 and Windows 2008 R2 SP1 don’t support NVM Express (NVMe) devices that uses the PCI Express (PCIe) bus.
Therefore, when you try to deploy the OS on a machine with this devices, you’ll receive a Blue Screen of Death (BSOD).

To simply solve this, Microsoft has available an hotfix that adds the native NVMe driver support.

Here’s the download link:
KB2990941 - Update to add native driver support in NVM Express in Windows 7 and Windows Server 2008 R2

Powershell Tips – Get Users and Group from a GPO Security Filtering


Using security filtering on GPOs it’s a nice way to apply a GPO to specific groups or users.
But you may find yourself a little bit lost if you need to know every user or group you have configured.

Since Group Policy Management doesn’t allow you to export the users and groups, you’ll need to use a Powershell command to do it.

Here’s how:
Get-GPPermission Name ‘GPO NAME’ -All | Where Permission –eq GpoApply

And…you’re done!

GPOs – Attention! MS16-072 May Cause Security Filtering GPOs to Fail !!


Here’s an important one!

If you’re using GPOs with users or groups security filtering you may need to make changes after installing MS16-072.

Basically the group policy just…stops working!

This happens because GPO is missing the Read permissions for the Authenticated Users group.

To resolve this:

  • Open Group Policy Management Console (GPMC)
  • Navigate to the GPO and click Delegation tab on the right
  • Add the Authenticated Users group with Read permissions on the GPO

And the GPO works again!