KB4598291 applies to Windows 10 version 2004, Windows Server version 2004, Windows 10 version 20H2, and Windows Server version 20H2.
This non-security update includes quality improvements. Key changes include:
- Updates the default values for the following Internet Explorer registry keys:
- svcKBFWLink = “ ” (empty string)
- svcKBNumber = “ ” (empty string)
- svcUpdateVersion = 11.0.1000.
In addition, these values will no longer be updated automatically.
- Enables administrators to disable standalone Internet Explorer using a Group Policy while continuing to use Microsoft Edge’s IE Mode.
- Enables you to configure certain policies that support Microsoft Edge IE Mode using mobile device management (MDM).
- Addresses an issue in the Universal C Run-time Library (UCRT) that causes printf() to incorrectly round floating point values.
- Addresses an issue that displays a User Account Control (UAC) dialog box unexpectedly when you turn on speech recognition.
- Addresses an issue that fails to notify the target application when you select the Copy link command on the Share menu.
- Addresses an issue that causes the 64-bit fmod() and remainder() functions to damage the Floating Point Unit (FPU) stack.
- Addresses an issue that causes a stop error or causes a device to stop responding when you play a game in full-screen or tablet mode.
- Addresses an issue with using Ctrl+Caps Lock and Alt+Caps Lock to switch to Hiragana or Katakana mode respectively after upgrading to Windows 10, version 2004.
- Addresses an issue that prevents you from opening a document that is on the Windows desktop and generates the error, “The directory name is invalid.” This issue occurs after changing the desktop location in the Location tab of the Desktop Properties dialog box (File Explorer > This PC > Desktop).
- Addresses an issue that creates duplicate cloud provider folders in the File Explorer navigation pane.
- Addresses an issue that occurs when the Mandatory Profile check box is selected when you copy a user profile.
- Addresses an issue that prevents ImmGetCompositionString() from returning the white space for furigana when using the Japanese Input Method Editor (IME).
- Addresses an issue with some special key combinations used in DaYi, Yi, and Array IMEs that might cause an application to stop working.
- Addresses an issue that displays a blank lock screen after a device wakes up from Hibernate.
- Corrects historical daylight savings time (DST) information for the Palestinian Authority.
- Adds support for serial number control using the registry.
- Addresses an issue that incorrectly deactivates some Windows 10 Education devices after upgrading to Windows 10, version 2004.
- Addresses an issue that causes the upload of diagnostic logs to a management service, such as Microsoft Intune, to fail. The failure occurs because of a network time-out on a slow network.
- Displays a notification to a user when an administrator signs in to an MDM service, such as Microsoft Intune, to find the location of a managed device.
- Addresses an issue that prevents users from using their smart card credentials when the user hint is the domain credential name (domain\username).
- Addresses an issue in which using local Service for User (S4U) affects Data Protection API (DPAPI) credential keys and causes users to sign out unexpectedly.
- Addresses an issue that causes the silent mode deployment of BitLocker to fail with the error 0x80310001. This issue occurs when deploying BitLocker encryption to Hybrid Azure Active Directory (Azure AD) joined devices.
- Addresses an issue that might cause a black screen to appear or delay signing in to Hybrid Azure Active Directory joined machines. Additionally, there is no access to login.microsoftonline.com.
- Addresses an issue that might cause systems that use BitLocker to stop working with the error 0x120 (BITLOCKER_FATAL_ERROR).
- Addresses an issue that causes a device to stop working when deploying Microsoft Endpoint Configuration Manager if AppLocker is enabled on the device.
- Addresses an issue that cause the LSASS.exe process to leak memory on a server that is under a heavy authentication load when Kerberos Armoring (Flexible Authentication Secure Tunneling (FAST)) is enabled.
- Addresses an issue that causes LSASS.exe to stop working because of a race condition that results in a double free error in Schannel. The exception code is c0000374, and the Event Log displays Schannel event 36888, fatal error code 20, and error state 960. This issue occurs after installing Windows updates from September 2020 and later.
- Addresses a memory leak issue that occurs when you authenticate a client certificate on servers that are configured as domain controllers.
- Addresses an issue with Virtual Interrupt Notification Assert (VINA) interrupts.
- Addresses an issue with HTTP caching that interferes with kiosk mode that targets Azure AD groups.
- Addresses an issue that occurs when a Volume Shadow Copy Service (VSS) snapshot triggers on virtual machines (VM) that contain Resilient File System (ReFS) volumes. The triggered VSS snapshot fails with a time-out and prevents access to the ReFS volume for 30 minutes.
- Addresses an issue that incorrectly logs Extensible Storage Engine Technology (ESENT) event 642 in the Application Event Log.
- Addresses an issue with Administrative Template settings you configure using a Group Policy Object (GPO). When you change the value of the policy settings to NOT CONFIGURED, the system fails to remove the previous settings. This issue is most noticeable with roaming user profiles.
- Addresses an issue that might cause a deadlock in Windows Virtual Desktop when a user disconnects before a driver fully loads.
- Addresses an issue that fails to show Extract all on the shortcut menu when you right-click an online-only ZIP file.
- Updates the process for enrolling in online speech recognition. If you are already enrolled, you will see a message that asks you to review the new settings. If you choose not to contribute your speech data for human review, you can still use online speech recognition. The new settings contain one button to turn on online speech recognition and another button that turns on the collection of your voice clips. If you turn on the collection of your voice clips, you can turn it off at any time using the same button in the new settings page.
- Addresses an issue that prevents the Start menu, Cortana, and tiles pinned to the Taskbar from opening. This issue occurs when an administrator copies an existing profile that has the Mandatory Profile check box selected.
This update will require a system reboot.
OTHER FIXES NOTED
The disk optimizer finally recognizes SATA SSD properly. Previously Windows would defragment them as a hard disk. SSD need a TRIM command to be able to flush the unused blocks. This helps the SSD with wear leveling and it can extend the service life substantially.