Windows 10: Second batch of September 2019 updates available

Microsoft released the second batch of updates for most supported versions of the company's Windows operating system on September 24, 2019. The company released security updates for all supported versions of Windows earlier this month.
Cumulative updates are available for Windows 10 versions 1607, 1703, 1709, 1803 and 1809; the Windows 10 version 1903 update has not been released yet and it usually takes a week or more before that happens as it undergoes an extra round of testing before release.
The updates are available via Windows Update, as direct downloads on the Microsoft Update Catalog website, but not via WSUS (Windows Server Update Services) directly.
All updates include the recently released Internet Explorer security patch that fixes an actively exploited security issue of the web browser.
Some defaults change:
Windows 10 version 1607 to 1803:
- Changed the default encryption setting from hardware encryption to software encryption for new encryption tasks.
Windows 10 version 1809:
- Configures Windows 10 Enterprise for Virtual Desktops (EVD) editions in Azure Active Directory (Azure AD) licensing mode by default.
Windows 10 version 1607 and Windows Server 2016
The changes:
- Fixed an issue that caused a black screen to be displayed on Remote Desktop Protocol sessions.
- Fixed a File Explorer stop working issue on devices with personalizations.
- Fixed an issue that delayed logons if at least one service is operated by an account that is not built-in.
- Fixed an issue that prevented web browsers from connecting to Windows Server securely.
- Fixed an authentication issue that caused certificate-based authentications to fail if a cname was part of the pre-authentication request.
- Fixed an issue that selected SHA-1 for secure connections to Windows Servers.
- Fixed an LSASS (Local Security Authority Subsystem Service) issue that threw the error 0xc0000005.
- Fixed an issue that caused lsass.exe to stop working and the system to shut down.
- Fixed an issue with LdapPermissiveModify requests that failed to make Active Directory group membership changes even though Success was returned.
- Fixed an issue that prevented changes in the %HOMESHARE% path to the folder redirection configuration to apply correctly.
- Fixed a file server issue that could cause it to stop working and that might lead to data loss.
- Fixed an Internet Explorer Origin request header issue.
- Fixed a netcfg issue that led to Azure Virtual Filtering Platform (VFP) driver installation failures.
- Fixed a Hyper-V and Hyper-V host connectivity issue.
Known issues:
- Cluster service may fail to start with the error "2245 (NERR_PasswordTooShort)".
- Certain operations may fail on a Cluster Shared Volume.
Workarounds are available.
Windows 10 version 1703
The changes:
- Fixed an unnamed issue in Microsoft Edge that "occurs when browsing certain internal websites".
- Fixed an issue that prevented web browsers from connecting to Windows Server securely.
- Fixed an LSASS (Local Security Authority Subsystem Service) issue that threw the error 0xc0000005.
- Fixed an issue that caused lsass.exe to stop working and the system to shut down.
- Fixed an Internet Explorer Origin request header issue.
- Fixed a Windows Update issue that caused the stop error "0xc000021a" when installing updates and initializing a system restoration from a restore point.
Known issues:
- Certain operations may fail on a Cluster Shared Volume.
Workarounds are available.
Windows 10 version 1709
The changes:
- Fixed a high CPU usage issue when users switched applications or hovered over the taskbar.
- Fixed an App-V issue that prevented applications from opening.
- Fixed an issue that prevented web browsers from connecting to Windows Server securely.
- Fixed a Windows Hello for Business issue that gave users two authentication certificates instead of just one.
- Fixed a "possible" Microsoft Defender Advanced Threat Protection compatibility issue.
- Fixed a rare issue that occurred when mssecflt.sys was taking too much space on the kernel stack. It resulted in the error "STOP 0x7F: UNEXPECTED_KERNEL_MODE_TRAP".
- Fixed a memory consumption issue in Microsoft Defender Advanced Threat Protection.
- Fixed an LSASS (Local Security Authority Subsystem Service) issue that threw the error 0xc0000005.
- Fixed an issue that caused lsass.exe to stop working and the system to shut down.
- Improvements to the accuracy of Microsoft Defender ATP Threat & Vulnerability management.
- Fixed a Windows Update issue that caused the stop error "0xc000021a" when installing updates and initializing a system restoration from a restore point.
- Fixed an Internet Explorer Origin request header issue.
Known issues:
- Certain operations may fail on a Cluster Shared Volume.
- Certain IME may have high CPU usage or may become unresponsive.
Workarounds are available.
Windows 10 version 1803
The changes:
- Fixed an unnamed issue that caused "a browser to stop working on certain architectures".
- Fixed an issue that prevented Microsoft Narrator from opening when the UAC setting was disabled for standard user accounts.
- Fixed a cursor not appearing issue when selecting text input elements using touch.
- Fixed a lock screen image customization issue in Group Policy.
- Fixed a high CPU usage issue when users switched applications or hovered over the taskbar.
- Fixed an App-V issue that prevented applications from opening.
- Fixed an issue that could prevent some modifications to the access control policy from preserving after upgrading to newer versions of Windows 10.
- Fixed an authentication issue that caused certificate-based authentications to fail if a cname was part of the pre-authentication request.
- Fixed an issue that prevented web browsers from connecting to Windows Server securely.
- Fixed an LSASS (Local Security Authority Subsystem Service) issue that threw the error 0xc0000005.
- Fixed an issue that prevented the BitLocker recovery key from being backed up to Azure Active Directory.
- Fixed a "possible" Microsoft Defender Advanced Threat Protection compatibility issue.
- Fixed a rare issue that occurred when mssecflt.sys was taking too much space on the kernel stack. It resulted in the error "STOP 0x7F: UNEXPECTED_KERNEL_MODE_TRAP".
- Fixed a memory consumption issue in Microsoft Defender Advanced Threat Protection.
- Improvements to the accuracy of Microsoft Defender ATP Threat & Vulnerability management.
- Fixed a Windows Hello for Business issue that gave users two authentication certificates instead of just one.
- Fixed an issue that caused lsass.exe to stop working and the system to shut down.
- Fixed an issue that might have given write access to removable USB disks when a "user switches from a privileged user to an unprivileged one".
- Fixed an issue that prevented the running of Active Directory Diagnostics Data Collector Set from the Performance Monitor for Domain Controllers.
- Fixed an issue in GetFinalPathNameByHandleW() that prevented Favorites from opening in IE 11.
- Fixed an Internet Explorer Origin request header issue.
- Allows auditing of security events for clients managed by mobile device management (MDM) for security monitoring and incident response activities.
Known issues:
- Certain operations may fail on a Cluster Shared Volume.
- Certain IME may have high CPU usage or may become unresponsive.
- Black screen issue on first startup after update installation.
- Windows Mixed Reality Portal users may receive the error code "15-5".
Workarounds are available.
Windows 10 version 1809
The changes:
- Fixed an issue that prevented the discovery of remote systems associated with a user.
- Fixed an issue that prevented Microsoft Narrator from opening when the UAC setting was disabled for standard user accounts.
- Fixed a PDF printing issue in Microsoft Edge so that documents with landscape and portrait-oriented pages print correctly.
- Fixed an issue that prevented users from changing the display brightness after Sleep or Hibernation.
- Fixed a MSCTF.dll issue that caused applications to stop working.
- Fixed an issue that prevented interactions with certain minimized windows on systems with custom shells.
- Fixed a cursor not appearing issue when selecting text input elements using touch.
- Fixed an issue that caused icons in message boxes to appear too large.
- Fixed a Save and Save As not working issue in Microsoft Office on devices with high contrast mode set to on.
- Fixed a File Explorer reporting files and folder sizes incorrectly if they used long paths.
- Fixed an issue that caused unnecessary restart requests on servers.
- Fixed a diagnostic data processing issue during Windows Out of Box Experience.
- Fixed an App-V issue that prevented applications from opening.
- Fixed an issue that prevented web browsers from connecting to Windows Server securely.
- Fixed an LSASS (Local Security Authority Subsystem Service) issue that threw the error 0xc0000005.
- Fixed an issue that prevented the BitLocker recovery key from being backed up to Azure Active Directory.
- Fixed a memory consumption issue in Microsoft Defender Advanced Threat Protection.
- Fixed a "possible" Microsoft Defender Advanced Threat Protection compatibility issue.
- Fixed a rare issue that occurred when mssecflt.sys was taking too much space on the kernel stack. It resulted in the error "STOP 0x7F: UNEXPECTED_KERNEL_MODE_TRAP".
- Improvements to the accuracy of Microsoft Defender ATP Threat & Vulnerability management.
- Fixed a Windows Hello for Business issue that gave users two authentication certificates instead of just one.
- Fixed an issue that caused lsass.exe to stop working and the system to shut down.
- Fixed an issue that caused Direct Access servers to use a large amount of non-paged pool memory.
- Fixed a PostScript printer issue that caused vertical fonts to be larger when printing.
- Addressed an issue that prevented Windows from sending a shutdown notification to a Non-Volatile Memory Express (NVMe) drive when the driver unloads using Disable Device in Device Manager.
- Fixed an issue that prevented the running of Active Directory Diagnostics Data Collector Set from the Performance Monitor for Domain Controllers.
- Fixed an issue in GetFinalPathNameByHandleW() that prevented Favorites from opening in IE 11.
- Fixed an issue that returned an incorrect product description for Windows Server 2019 when using slmgr /dlv.
- Â Fixed an authentication issue that caused certificate-based authentications to fail if a cname was part of the pre-authentication request.
- Addressed a Lightweight Directory Access Protocol (LDAP) runtime issue for Domain Controller Locator-style LDAP requests
- Addressed an issue that causes LDAP queries that contain LDAP_MATCHING_RULE_IN_CHAIN (memberof:1.2.840.113556.1.4.1941) to intermittently fail on Windows Server 2019 domain controllers.
- Fixed an issue that caused group membership changes in Active Directory groups to fail.
- Fixed an issue with the Set-AdfsSslCertificate script being successful but throwing an exception.
- Fixed a File Explorer display issue for files marked as offline.
- Fixed an error that caused the Calculator app to close when selecting the Converter.
- Fixed a high CPU usage issue when users switched applications or hovered over the taskbar.
- Addressed an issue with applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent.
- Fixed an Internet Explorer Origin request header issue.
- Fixed an issue that caused the brightness of the display to appear as 50% or less after completing the out of box experience or waking from Sleep.
- Allows auditing of security events for clients managed by mobile device management (MDM) for security monitoring and incident response activities.
- Fixed a Microsoft App-V issue that caused it to handle a "parameter of the CreateProcess API" improperly.
- Addressed an issue that causes a device to stop working when opening files from a network drive that has client-side caching enabled
Known issues:
- Same as Windows 10 version 1803
- Devices with "some Asian language packs installed" may throw the error "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND".
Workarounds are available.


What mental age of reader are you targeting with the first sentence? 10?
Why not write an article on how to *avoid* upgrading from W10 to W11. Analogous to those like me who avoided upgrading from 7 to 10 for as long as possible.
If your paymaster Microsoft permits it, of course.
5. Rufus
6. Ventoy
PS. I hate reading these “SEO optimized” articles.
I used Rufus to create an installer for a 6th gen intel i5 that had MBR. It upgraded using Setup. No issues except for Win 11 always prompting me to replace my local account. Still using Win 10 Pro on all my other PCs to avoid the bullying.
bit pointless to upgrade for the sake of upgrading as you never know when you’ll get locked out because ms might suddenly not provide updates to unsupported systems.
ps…. time travelling?
written. Jan 15, 2023
Updated • Jan 13, 2023
This happens when you schedule a post in WordPress and update it before setting the publication date.
Anyone willing to downgrade to this awful OS must like inflicting themselves with harm.
I have become convinced now that anybody who has no qualms with using Windows 11/10 must fit into one of the following brackets:
1) Too young to remember a time before W10 and W11 (doesn’t know better)
2) Wants to play the latest games on their PC above anything else (or deeply needs some software which already dropped W7 support)
3) Doesn’t know too much about how computers work, worried that they’d be absolutely lost and in trouble without the “”latest security””
4) Microsoft apologist that tries to justify that the latest “features” and “changes” are actually a good thing, that improve Windows
5) Uses their computer to do a bare minimum of like 3 different things, browse web, check emails, etc, so really doesn’t fuss
Obviously that doesn’t cover everyone, there’s also the category that:
6) Actually liked W7 more than 10, and held out as long as possible before switching, begrudgingly uses 10 now
Have I missed any group off this list?
You have missed in this group just about any professional user that uses business software like CAD programs or ERP Programs which are 99% of all professional users from this list.
Linux doesn’t help anyone who is not a linux kid and apple is just a fancy facebook machine.
Microsoft has removed KB5029351 update
only from windows update though
KB5029351 is still available from the ms update catalog site
1. This update is labaled as PREVIEW if it causes issues to unintelligent people, then they shouldn’t have allowed Preview updates ot install.
2. I have installed it in a 11 years old computer, and no problems at all.
3. Making a big drama over a bluescreen for an updated labeled as preview is ridiculous.
This is probably another BS internet drama where people ran programs and scripts that modified the registry until they broke Windows, just for removing stuff that they weren’t even using just for the sake of it.
Maybe people should stop playing geeks and actually either use Windows 10 or Windows 11, but don’t try to modify things just for the sake of it.
Sometimes removing or stopping things (like defender is a perfect example) only need intelligence, not scripts or 3rd party programs that might mess with windows.
Windows 11 was a pointless release, it was just created because some of the Windows team wanted to boost sales with some sort of new and improved Windows 10. Instead, Microsoft cannot support one version well let alone two.
Windows 11 is the worst ugly shame by Microsoft ever. They should release with every new W11 version a complete free version of Starallback inside just to make this sh** OS functionally again.
motherboard maker MSI has recently released a statement regarding the “unsupported processor” blue screen error for their boards using Intel 600/700 series chipsets & to avoid the KB5029351 Win11 update:
https://www.msi.com/news/detail/MSI-On–UNSUPPORTED-PROCESSOR–Error-Message-of-Windows-11-Update-KB5029351-Preview-142215
check out the following recent articles:
Neowin – Microsoft puts little blame on its Windows update after UNSUPPORTED PROCESSOR BSOD bug:
https://www.neowin.net/news/microsoft-puts-little-blame-on-its-windows-update-after-unsupported-processor-bsod-bug/
BleepingComputer – Microsoft blames ‘unsupported processor’ blue screens on OEM vendors:
https://www.bleepingcomputer.com/news/microsoft/microsoft-blames-unsupported-processor-blue-screens-on-oem-vendors/
While there may be changes or updates to the Windows 10 Store for Business and Education in the future, it is premature to conclude that it will be discontinued based solely on rumors.
My advice, I left win 15 years ago. Now I’m a happy linux user (linuxmint) but there is Centos, Fedora, Ubuntu depending on your needs.
motherboard maker MSI has recently released new BIOS/firmware updates for their Intel 600 & 700 series motherboards to fix the “UNSUPPORTED_PROCESSOR” problem (Sept. 6):
https://www.msi.com/news/detail/Updated-BIOS-fixes-Error-Message–UNSUPPORTED-PROCESSOR–caused-BSOD-on-MSI-s-Intel-700-and-600-Series-Motherboards-142277
I try to disable the Diagnostics Tracking Service (Connected Devices Platform User Services) but it wont let me disable it, any help will be greatly appreciated.
Tank you for your help