KB4340917

• Addresses an issue that causes devices within Active Directory or Hybrid AADJ++ domains to unexpectedly unenroll from Microsoft Intune or third-party MDM services after installing provisioning package updates (PPKG). This issue occurs on devices that are subject to the Auto MDM Enrollment with AAD Token Group Policy. If you ran the script Disable-AutoEnrollMDMCSE.PS1 as a workaround for this issue, run Enable-AutoEnrollMDMCSE.PS1 from a PowerShell window in Administrator mode after installing this update.

• Addresses additional issues that affect updated time zone information.

• Improves the ability of the Universal CRT Ctype family of functions to handle EOF as valid input.

• Addresses an issue that affects registration in the "Push to Install" service.

• Addresses an issue that affects Roaming User Profiles in which the AppData\Local and AppData\Locallow folders are incorrectly synchronized at user logon and logoff. For more information, see KB 4340390.

• Addresses issues that is related to peripherals that use Quality of Service (QoS) parameters for Bluetooth connections.

• Addresses an issue that causes SQL Server memory usage to grow over time when you encrypt data by using a symmetric key that has a certificate, and then you run queries that open and close the symmetric key in a recursive loop.

• Addresses an issue in which using an invalid password in a wireless PEAP environment that has SSO enabled submits two authentication requests that use the invalid password. The excess authentication request may cause premature account lockouts in environments that have low account lockout thresholds. To enable the changes, start Registry Editor, add the registry key DisableAuthRetry on HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\PPP\EAP\26, and set the DWORD value to 1.

• Addresses an issue that prevents OpenType fonts from printing in Win32 applications.

• Addresses an issue in DNS Response Rate Limiting that causes a memory leak when enabled with LogOnly mode.

• Addresses an issue in a RemoteApp session that may cause a black screen when maximizing an app window on a secondary monitor.

• Addresses an issue in IME that causes unexpected finalization of strings during Japanese input in applications such as Microsoft Outlook.