An X shaped patch using the Windows 7 and 8 dot 1 default backgrounds on each half

As is the case every month, Microsoft is releasing cumulative updates for all supported Windows versions. These include the three most recent Windows 10 versions for consumers and a few versions that are supported for specific channels and select SKUs. Windows 8.1 and Windows 7 too are receiving updates, with the latter being reserved for those who have opted to pay for extended updates.

As usual, the updates are split into two parts – monthly rollup and security-only updates. Monthly rollup packages are automatically served through Windows Update and security-only updates can be manually downloaded through the update catalog.

Starting with Windows 8.1 and Windows Server 2012 R2, the monthly rollup is KB5003671 and can be downloaded manually from the Update Catalog here. The changelog for this patch includes:

  • Security updates to Windows App Platform and Frameworks, Windows Cloud Infrastructure, Windows Authentication, Windows Fundamentals, Windows Storage and Filesystems, Windows HTML Platform, and Microsoft Scripting Engine.

As for the security-only update, that is labeled as KB5003681 and can be manually downloaded from here. The list of fixes is similar to that of the monthly rollup. Here's the changelog posted by the firm:

  • Security updates to Windows App Platform and Frameworks, Windows Cloud Infrastructure, Windows Authentication, Windows Fundamentals, and Windows Storage and Filesystems.

Both updates share the same known issue that users must be aware of. Here are the problems documented by the firm:

Symptom

Workaround

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

Microsoft is working on a resolution and will provide an update in an upcoming release.

Moving on to Windows 7 and Windows Server 2008 R2 SP1, the monthly rollup is KB5003667 and can be downloaded from here manually. It comes with the following fixes and improvements detailed in the knowledge base changelog:

  • Security updates to Windows App Platform and Frameworks, Windows Cloud Infrastructure, Windows Authentication, Windows Fundamentals, Windows Remote Desktop, Windows Storage and Filesystems, Windows HTML Platform, and Microsoft Scripting Engine.

The security-only update is labeled KB5003694 and can be downloaded manually from the Update Catalog here. The fixes listed in this patch are as follows:

  • Addresses an issue in the Server Message Block (SMB) protocol which may cause frequent crashes with Stop error 0xA on devices that run Windows Server 2008 R2 Service Pack 1 (SP1).
  • Security updates to Windows App Platform and Frameworks, Windows Cloud Infrastructure, Windows Authentication, Windows Fundamentals, Windows Remote Desktop, and Windows Storage and Filesystems.

Both these updates share the same set of known issues, with the renaming issue now being there on the list for a long time.

Symptom

Workaround

After installing this update or later updates, connections to SQL Server 2005 might fail. You might receive an error, "Cannot connect to , Additional information: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 – Could not open a connection to SQL Server) (.Net SqlClient Data Provider)"

This is expected behavior due to a security hardening change in this update. To resolve this issue, you will need to update to a supported version of SQL Server.

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

This is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the "How to get this update" section of this article.

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

Microsoft is working on a resolution and will provide an update in an upcoming release.

As is always the case, you can head to Windows Update and check for updates to pull the monthly rollup patches. You can also head to the individual download links for the security-only updates which can only be manually installed.