Windows 10, version 1607 and Windows Server 2016

Find information on known issues for Windows 10, version 1607 and Windows Server 2016. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).


Known issues

This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

SummaryOriginating updateStatusLast updated
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >
OS Build 14393.3274

October 08, 2019
KB4519998
Mitigated External
November 05, 2019
03:36 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >
OS Build 14393.2724

January 08, 2019
KB4480961
Mitigated
April 25, 2019
02:00 PM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

See details >
OS Build 14393.2608

November 13, 2018
KB4467691
Mitigated
February 19, 2019
10:00 AM PT
Cluster service may fail if the minimum password length is set to greater than 14
The cluster service may fail to start if “Minimum Password Length” is configured with greater than 14 characters.

See details >
OS Build 14393.2639

November 27, 2018
KB4467684
Mitigated
April 25, 2019
02:00 PM PT

Issue details

November 2019

DetailsOriginating updateStatusHistory
TLS connections might fail or timeout
Updates for Windows released October 8, 2019 or later provide protections, tracked by CVE-2019-1318, against an attack that could allow unauthorized access to information or data within TLS connections. This type of attack is known as a man-in-the-middle exploit. Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (RFC 7627). Lack of RFC support might cause one or more of the following errors or logged events:
  • "The request was aborted: Could not create SSL/TLS secure Channel"
  • SCHANNEL event 36887 is logged in the System event log with the description, "A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​"
Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2

Next Steps: Connections between two devices running any supported version of Windows should not have this issue when fully updated. There is no update for Windows needed for this issue. These changes are required to address a security issue and security compliance. For information, see KB4528489.

Back to top
OS Build 14393.3274

October 08, 2019
KB4519998
Mitigated External
Last updated:
November 05, 2019
03:36 PM PT

Opened:
November 05, 2019
03:36 PM PT

January 2019

DetailsOriginating updateStatusHistory
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)". This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. 

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507;  Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: Do one of the following:
  • Perform the operation from a process that has administrator privilege. 
  • Perform the operation from a node that doesn’t have CSV ownership.
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.

Back to top
OS Build 14393.2724

January 08, 2019
KB4480961
Mitigated
Last updated:
April 25, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT

November 2018

DetailsOriginating updateStatusHistory
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
After installing KB4467691, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Workaround: Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.

If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.

Next steps: Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.

Back to top
OS Build 14393.2608

November 13, 2018
KB4467691
Mitigated
Last updated:
February 19, 2019
10:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
Cluster service may fail if the minimum password length is set to greater than 14
After installing KB4467684, the cluster service may fail to start with the error "2245 (NERR_PasswordTooShort)" if the Group Policy "Minimum Password Length" is configured with greater than 14 characters.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Workaround: Set the domain default "Minimum Password Length" policy to less than or equal to 14 characters.

Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.

Back to top
OS Build 14393.2639

November 27, 2018
KB4467684
Mitigated
Last updated:
April 25, 2019
02:00 PM PT

Opened:
November 27, 2018
10:00 AM PT