KB4537795

Improves the accuracy of Windows Hello face authentication.

Updates an issue that might prevent ActiveX content from loading.

Updates an issue that adds an unwanted keyboard layout as the default after an upgrade even if you have already removed it.

Updates an issue that prevents some applications from printing to network printers.

Improves the accuracy of Windows Hello face authentication.

Improves Urlmon resiliency when receiving incorrect Content-Length for a PeerDist response.

Addresses an issue that might prevent ActiveX content from loading.

Addresses an issue that might cause Microsoft browsers to bypass proxy servers.

Addresses an issue that adds an unwanted keyboard layout as the default after an upgrade or migration even if you have already removed it.

Addresses an issue that causes an error if you open Microsoft OneDrive files on demand when User Experience Virtualization (UE-V) is enabled. To apply this solution, set the following DWORD to 1: “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\UEV\Agent\Configuration\ApplyExplorerCompatFix.”

Addresses an issue that generates an “unknown username or bad password” error when attempting to sign in. This occurs in an environment that has a Windows Server 2003 domain controller (DC) and a Windows Server 2016 or later DC.

Addresses an issue with sign in scripts that fail to run when a user signs in or signs out.

Addresses an issue that continues to collect IsTouchCapable and GetSystemSku data when they should no longer be collected.

Provides live response capability that gives Security Operations (SecOps) immediate access to compromised machines using the Microsoft Defender Advanced Threat Protection (ATP) console (Microsoft Defender Security Center).

Improves the accuracy of detection in Microsoft Defender ATP Threat & Vulnerability Management.

Addresses an issue that might cause Direct Access servers to use a large amount of non-paged pool memory (pooltag: NDnd).

Addresses an issue in which the WinHTTP AutoProxy service does not comply with the value set for the maximum Time To Live (TTL) on the Proxy Auto-Configuration (PAC) file. This prevents the cached file from updating dynamically.

Addresses an issue that prevents some applications from printing to network printers.

Addresses an issue that prevents the Background Intelligent Transfer Service (BITS) from downloading files; the error is “0x80190191.”

Addresses an issue that causes the Windows firewall to drop network traffic from Modern apps, such as Microsoft Edge, when you connect to a corporate network using a virtual private network (VPN).

Addresses an issue that intermittently generates Online Certificate Status Protocol (OSCP) Responder audit events (5125) to indicate that a request was submitted to the OCSP Responder Service. However, there is no reference to the serial number or the domain name (DN) of the issuer of the request.

Addresses an issue that causes queries against large keys on Ntds.dit to fail with the error, “MAPI_E_NOT_ENOUGH_RESOURCES.” This issue might cause users to see limited meeting room availability because the Exchange Messaging Application Programming Interface (MAPI) cannot allocate additional memory for the meeting requests.

Addresses an issue that damages a log file when a storage volume is full and data is still being written to the Extensible Storage Engine Technology (ESENT) database.

Addresses an issue with certificate validation that causes Internet Explorer mode in Microsoft Edge to fail.