Yesterday was Microsoft’s October 2020 Patch Tuesday update rollout. As always, the monthly cumulative updates are focused on fixing issues across Microsoft’s services, including Windows 10. This month, Patch Tuesday is typically massive, fixing dozens of problems and security flaws.

Considering the recent history of Patch Tuesday’s, we are unsure whether to greet new updates with excitement or concern. That’s because these updates have a nasty habit of fixing one issue but causing others.

Recently, Microsoft sent out a fix for Windows Search that has left users unable to boot their PCs.

In April, that month’s release also triggered BSODs in Windows 10. In March, the cumulative update left Microsoft Defender not showing some files. Last month’s batch was reportedly causing BSOD errors for some Windows 10 users.

Below there are a massive number of changes across Windows 10 versions. Microsoft has patched all Win10 versions aside from version 1511, including the 20H2 preview. Below we will look at them all, so buckle up because it is a long ride.

Windows 10 Version 2004 and Insider Version 20H2

Users running Windows 10 version 2004, the latest major build of the platform, are receiving KB4579311. This patch is also for Windows 10 20H2 users on the Insider Program. The relevant builds here are 19041.572 or 19042.572, respectively. You can manually download it here, and these are the highlights:

  • Updates to improve security when using Microsoft Office products.
  • Updates for verifying usernames and passwords.
  • Updates to improve security when Windows performs basic operations.

Here’s the full list of fixes:

  • Addresses an issue with a possible elevation of privilege in win32k.
  • Addresses an issue with the Group Policy service that might recursively delete critical files in alphabetic order from %systemroot%\systm32. This issue occurs when a policy has been configured to delete cached profiles. These file deletions might cause stop error “0x5A (CRITICAL_SERVICE_FAILED)” boot failures.
  • Addresses an issue with creating null ports using the user interface.
  • Security updates to Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Media, Windows Fundamentals, Windows Authentication, Windows Virtualization, and Windows Kernel.

Known Issues

Symptom Workaround
Users of the Microsoft Input Method Editor (IME) for Japanese or Chinese languages might experience issues when attempting various tasks. You might have issues with input, receive unexpected results, or might not be able to enter text. For more information about the issues, workaround steps, and the currently resolved issues, please see KB4564002
When installing a third-party driver, you might receive the error, “Windows can’t verify the publisher of this driver software”. You might also see the error, “No signature was present in the subject” when attempting to view the signature properties using Windows Explorer. This issue occurs when an improperly formatted catalog file is identified during validation by Windows. Starting with this release, Windows will require the validity of DER encoded PKCS#7 content in catalog files. Catalogs files must be signed per section 11.6 of describing DER-encoding for SET OF members in X.690.

If this happens you should contact the driver vendor or device manufacturer (OEM) and ask them for an updated driver to correct the issue.

 

Versions 1909 and 1903

Microsoft is patching last years Windows 10 updates with the KB4577671 patch. This brings the versions to build number 18363.1139 or 18362.1139, respectively.

  • Updates to improve security when using Microsoft Office products.
  • Updates for verifying usernames and passwords.
  • Updates to improve security when Windows performs basic operations.
  • Updates for storing and managing files.

Here’s the full list of fixes:

  • Addresses an issue with a possible elevation of privilege in win32k.
  • Addresses an issue with the Group Policy service that might recursively delete critical files in alphabetic order from %systemroot%\systm32. This issue occurs when a policy has been configured to delete cached profiles. These file deletions might cause stop error “0x5A (CRITICAL_SERVICE_FAILED)” boot failures.
  • Addresses an issue with creating null ports using the user interface.
  • Security updates to Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Media, Windows Shell, Windows Cloud Infrastructure, Windows Fundamentals, Windows Authentication, Windows Virtualization, Windows Kernel, and Windows Storage and Filesystems.

Known Issues

Symptom Workaround
When updating to Windows 10, version 1903 or Windows 10, version 1909 from any previous version of Windows 10, you might receive a compatibility report dialog with “What needs your attention” at the top and the error, “Continuing with the installation of Windows will remove some optional features. You may need to add them back in Settings after the installation completes.” You might receive this compatibility warning when LOCAL SYSTEM accounts are blocked in a firewall from accessing the internet via HTTP. This is caused by the Windows 10 Setup Dynamic Update (DU) being unable to download required packages. If your device has access to HTTP blocked for LOCAL SYSTEM accounts, to mitigate this issue you can enable HTTP access for the Windows 10 Setup Dynamic Update (DU) using the LOCAL SYSTEM account. After you have allowed access, you can restart installation of the update and you should not see the warning. You can also continue by clicking the OK button or use the /compat IgnoreWarning command to ignore compatibility warnings but this might also ignore other warnings that your device might be affected by.

We are working on a resolution and will provide an update in an upcoming release.

When installing a third-party driver, you might receive the error, “Windows can’t verify the publisher of this driver software”. You might also see the error, “No signature was present in the subject” when attempting to view the signature properties using Windows Explorer. This issue occurs when an improperly formatted catalog file is identified during validation by Windows. Starting with this release, Windows will require the validity of DER encoded PKCS#7 content in catalog files. Catalogs files must be signed per section 11.6 of describing DER-encoding for SET OF members in X.690.

If this happens you should contact the driver vendor or device manufacturer (OEM) and ask them for an updated driver to correct the issue.

 

Windows 10 1809

Next up is version 1809, which Microsoft has said will end support in November (although it may be extended like version 1803 was). Either way, this is build number 17763.1518 and here’s the changes:

  • Updates to improve security when using Microsoft Office products.
  • Updates for verifying usernames and passwords.
  • Updates to improve security when Windows performs basic operations.
  • Updates for storing and managing files.

Here’s the full list of fixes:

  • Addresses an issue with a possible elevation of privilege in win32k.
  • Addresses an issue that causes apps that use Dynamic Data Exchange (DDE) to stop responding when you attempt to close the app.
  • Addresses an issue with the Group Policy service that might recursively delete critical files in alphabetic order from %systemroot%\systm32. This issue occurs when a policy has been configured to delete cached profiles. These file deletions might cause stop error “0x5A (CRITICAL_SERVICE_FAILED)” boot failures.
  • Addresses an issue with creating null ports using the user interface.
  • Security updates to Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Media, Windows Shell, Windows Cloud Infrastructure, Windows Fundamentals, Windows Authentication, Windows Virtualization, Windows Kernel, and Windows Storage and Filesystems.

Known Issues

Symptom Workaround
After installing KB4493509, devices with some Asian language packs installed may receive the error, “0x800f0982 – PSFX_E_MATCHING _COMPONENT_NOT_FOUND.”
  1. Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10.
  2. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10.

Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows:

  1. Go to the Settings app > Recovery.
  2. Select Get Started under the Reset this PC recovery option.
  3. Select Keep my Files.

Microsoft is working on a resolution and will provide an update in an upcoming release.

When installing a third-party driver, you might receive the error, “Windows can’t verify the publisher of this driver software”. You might also see the error, “No signature was present in the subject” when attempting to view the signature properties using Windows Explorer. This issue occurs when an improperly formatted catalog file is identified during validation by Windows. Starting with this release, Windows will require the validity of DER encoded PKCS#7 content in catalog files. Catalogs files must be signed per section 11.6 of describing DER-encoding for SET OF members in X.690.

If this happens you should contact the driver vendor or device manufacturer (OEM) and ask them for an updated driver to correct the issue.

 

Unsupported Versions

Many Windows 10 versions are officially no longer supported. However, there are some circumstances where support is ongoing. For those versions, Microsoft is sending out the following patches:

Version KB Build Download Support
1803 KB4580330 17134.1792 Update Catalog Enterprise and Education SKUs
1709 KB4580328 16299.2166 Update Catalog
1703 KB4580370 15063.572 Update Catalog Surface Hub only
1607 KB4580346 14393.3986 Update Catalog Long-Term Servicing Branch
1507 KB4580327 10240.18725 Update Catalog