Windows 10 KB4057142, KB4057144 and KB4073290 released

TechExpert

Microsoft released the updates  KB4057142, KB4057144 and KB4073290 on January 17th, 2017 for the company's Windows 10 operating system.

One of the updates, KB4073290, addresses the unbootable state issue for select AMD devices after installing the January 3 update KB4056892.  The company released updates for affected Windows 7, Windows 8.1 and Windows Server systems yesterday already.

The two remaining updates, KB4057142 and KB4057144 are cumulative updates for Windows 10 version 1607 and 1703.

KB4073290

KB4073290 is an update for Windows 10 version 1709 that patches the unbootable state issue that select AMD devices were stuck in after installing the January 3 security update for the device.

The update suffers from the same lack of actionable information that yesterday's updates for Windows 7 and Windows 8.1 suffered from. Should you install only this update? And how should you do so if the system won't boot? What about the January 3 patch, does it still need to be installed?

KB4057142

This update patches a large number of issues in Windows 10 version 1607. It brings the build number to 14393.2034.  It addresses the unbootable state issue but patches lots of other issues on top of that.

  • Some Microsoft-signed ActiveX controls did not work if Windows Defender Application Control is enabled.
  • Excessive memory use when using smart cards on a Windows Terminal Server system.
  • Virtual TPM self-test is not run.
  • Compatibility with U.2 NVMe device hot-add/removal cases improved.
  • iSCSI Initiator Properties Devices list fails to list some targets.
  • NGUID and EUI64 I formats compatibility for NVMe devices.
  • Fixed error 0xc2 and 7e sync errors when backing up large Resilient File System volumes.
  • UWF file commits add old data to files.
  • Access-based enumeration not working correctly after installing KB4015217
  • Addresses issue where AD FS incorrectly displays the Home Realm Discovery (HRD) page when an identity provider (IDP) is associated with a relying party (RP) in an OAuth Group.
  • Addresses issue where PKeyAuth-based device authentication sometimes fails in Internet Explorer and Microsoft Edge when AD FS returns a context that exceeds the request limits for URL length.
  • Addresses issue in AD FS where MSISConext cookies in request headers can eventually overflow the headers’ size limit. This causes authentication failure with the HTTP status code 400: “Bad Request - Header Too Long."
  • Addresses issue where AD FS produces an MFA Event 1200 log that doesn't contain UserID information.
  • Addresses issue where retrieving the Certificate Revocation List (CRL) from the Certification Authority (CA) using the Simple Certificate Enrollment Protocol (SCEP) fails.
  • Enables IT, administrators, to scientifically troubleshoot I/O failures using a comprehensive event log for the resiliency state transition.
  • Transparency for replication health when free disk space is low, Hyper-V Replica Log size is growing to maximum limit and Recovery Point Objectives threshold violations.
  • Addresses issue where, if the Online Certificate Status Protocol (OCSP) renewal date comes after the certificate expiration date, the OCSP-stapled response is used until the renewal date even though the certificate has expired.
  • Addresses issue where backward compatibility for managing Microsoft User Experience Virtualization (UE-V) with group policy is lost. Windows 10 version 1607 group policy isn't compatible with Windows 10 version 1703 or higher group policy. Because of this bug, the new Windows 10 Administrative Templates (.admx) cannot be deployed to the Group Policy Central Store. This means that some of the new, additional settings for Windows 10 aren't available.
  • Addresses issue with the App-V package folder access that causes the access control list to be handled incorrectly.
  • Addressed delay when searching for new printers.
  • Fixed issue where users could not change passwords on remote logon screens if the password expired.
  • DISM command sometimes failed to import custom application defaults.
  • Addresses issue originally called out in KB4056890 where calling CoInitializeSecurity with the authentication parameter set to RPC_C_AUTHN_LEVEL_NONE resulted in the error STATUS_BAD_IMPERSONATION_LEVEL.
  • Addresses issue where some customers with AMD devices get into an unbootable state.

KB4057144

KB4057144is an update for Windows 10 version 1703. It patches the unbootable state issue as well on the version of Windows 10, and addresses the following issues on top of that:

  • PDF printing issue in Microsoft Edge.
  • App-V package folder access issue that affected the access control list.
  • Addresses issue where backward compatibility for managing Microsoft User Experience Virtualization (UE-V) with group policy is lost.
  • Addresses issue where some Microsoft-signed ActiveX controls don't work when Windows Defender Application Control (Device Guard) is enabled. Specifically, class IDs related to XMLHTTP in msxml6.dll don't work.
  • "Cannot create a file when that file already exists." error when changing the Smart Card for Windows server start type from Disabled to Manual or Automatic.
  • Windows Defender Device Guard or Windows Defender Application Control would wrongfully block some applications in Audit only mode.
  • Addresses issue where the virtual TPM self-test isn't run as part of virtual TPM initialization.
    Addresses issue with NoToastApplicationNotificationOnLockScreen GPO that causes Toast notifications to appear on the lock screen.
  • Addresses issue originally called out in KB4056891 where calling CoInitializeSecurity with the authentication parameter set to RPC_C_AUTHN_LEVEL_NONE resulted in the error STATUS_BAD_IMPERSONATION_LEVEL.
  • Addresses issue where some customers with AMD devices get into an unbootable state.