KB4537795

• Improves the accuracy of Windows Hello face authentication.

• Updates an issue that might prevent ActiveX content from loading.

• Updates an issue that adds an unwanted keyboard layout as the default after an upgrade even if you have already removed it.

• Updates an issue that prevents some applications from printing to network printers.

• Improves the accuracy of Windows Hello face authentication.

• Improves Urlmon resiliency when receiving incorrect Content-Length for a PeerDist response.

• Addresses an issue that might prevent ActiveX content from loading.

• Addresses an issue that might cause Microsoft browsers to bypass proxy servers.

• Addresses an issue that adds an unwanted keyboard layout as the default after an upgrade or migration even if you have already removed it.

• Addresses an issue that causes an error if you open Microsoft OneDrive files on demand when User Experience Virtualization (UE-V) is enabled. To apply this solution, set the following DWORD to 1: “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\UEV\Agent\Configuration\ApplyExplorerCompatFix.”

• Addresses an issue that generates an “unknown username or bad password” error when attempting to sign in. This occurs in an environment that has a Windows Server 2003 domain controller (DC) and a Windows Server 2016 or later DC.

• Addresses an issue with sign in scripts that fail to run when a user signs in or signs out.

• Addresses an issue that continues to collect IsTouchCapable and GetSystemSku data when they should no longer be collected.

• Provides live response capability that gives Security Operations (SecOps) immediate access to compromised machines using the Microsoft Defender Advanced Threat Protection (ATP) console (Microsoft Defender Security Center).

• Improves the accuracy of detection in Microsoft Defender ATP Threat & Vulnerability Management.

• Addresses an issue that might cause Direct Access servers to use a large amount of non-paged pool memory (pooltag: NDnd).

• Addresses an issue in which the WinHTTP AutoProxy service does not comply with the value set for the maximum Time To Live (TTL) on the Proxy Auto-Configuration (PAC) file. This prevents the cached file from updating dynamically.

• Addresses an issue that prevents some applications from printing to network printers.

• Addresses an issue that prevents the Background Intelligent Transfer Service (BITS) from downloading files; the error is “0x80190191.”

• Addresses an issue that causes the Windows firewall to drop network traffic from Modern apps, such as Microsoft Edge, when you connect to a corporate network using a virtual private network (VPN).

• Addresses an issue that intermittently generates Online Certificate Status Protocol (OSCP) Responder audit events (5125) to indicate that a request was submitted to the OCSP Responder Service. However, there is no reference to the serial number or the domain name (DN) of the issuer of the request.

• Addresses an issue that causes queries against large keys on Ntds.dit to fail with the error, “MAPI_E_NOT_ENOUGH_RESOURCES.” This issue might cause users to see limited meeting room availability because the Exchange Messaging Application Programming Interface (MAPI) cannot allocate additional memory for the meeting requests.

• Addresses an issue that damages a log file when a storage volume is full and data is still being written to the Extensible Storage Engine Technology (ESENT) database.

• Addresses an issue with certificate validation that causes Internet Explorer mode in Microsoft Edge to fail.