KB4586830

• Updates the 2020 DST start date for the Fiji Islands to December 20, 2020.

• Updates to improve security when using Microsoft Office products.

• Updates to improve security when Windows performs basic operations.

• Allows administrators to use a Group Policy to enable Save Target As for users in Microsoft Edge IE Mode.

• Allows you to restrict the JScript Scripting Engine to a process.

• Address an issue that causes an application to stop working if the app uses a hook.

• Addresses an issue that causes the Microsoft Management Console (MMC) Group Policy application to stop working when you are editing the Group Policy Security settings. The error message is, “MMC cannot initialize the snap-in.”

• Addresses an issue with devices on which Credential Guard is enabled; if these devices use a Machine Bound certificate, authentication requests might fail. This occurs because Windows 2016 and Windows 2019 domain controllers add duplicate KeyID values to the msDS-KeyCredentialLink attribute of these devices.

• Addresses an issue that might cause stop error 7E in nfssvr.sys on servers running the Network File System (NFS) service.

• Addresses an issue with Remote Desktop Session Host (RDSH) connection brokers that prevents users from connecting to a Remote Desktop in collections. This issue occurs because of an access violation in tssdis.exe.

• Addresses an issue that causes the Windows Management Instrumentation (WMI) Provider Host (WmiPrvSE.exe) to leak registry key handles when querying Win32_RDCentralPublishedDeploymentSettings.

• Updates the 2020 DST start date for the Fiji Islands to December 20, 2020.

• Addresses an issue that might cause Windows 10 devices that enable Credential Guard to fail authentication requests when they use the machine certificate.

• Addresses an issue with incorrect Canonical Display Driver (CDD) buffer flushing, which degrades performance in Remote Desktop Protocol (RDP) Windows 2000 Display Driver Model (XDDM) scenarios. This issue affects applications that use graphics processing units (GPU) to operate, such as Microsoft Teams, Microsoft Office, and web browsers.

• Addresses a security vulnerability by preventing applications that run as a SYSTEM account from printing to local ports that point to a file. Failing print jobs log error 50, “The request is not supported.” in event ID 372 in the PrintService\Admin event log. To address this issue in the future, make sure your applications or services run as a specific user or service account.

• Addresses an issue with remote procedure call (RPC) runtime that might cause memory to leak. As a result, performance degrades, which causes high CPU usage, slowness, or resource depletion.

• Security updates to the Microsoft Scripting Engine, the Microsoft Graphics Component, the Windows Wallet Service, Windows Fundamentals, the Windows Kernel, and Windows Virtualization.