Windows 10, version 1809 and Windows Server 2019

Find information on known issues and the servicing status for Windows 10, version 1809 and Windows Server 2019. For immediate help with Windows update issues, use the Get Help app in Windows or go to support.microsoft.com. Follow @WindowsUpdate on Twitter for Windows release health updates.

Current status as of May 11, 2021:
As of May 11, 2021, all editions of Windows 10, version 1809 and Windows Server 2019 have reached end of servicing, except LTSC editions. Devices running these editions will no longer receive monthly security and quality updates containing protections from the latest security threats.

As always, we recommend that you update your devices to the latest version of Windows 10 as soon as possible to ensure that you can take advantage of the latest features and advanced protections from the latest security threats. For information about servicing timelines and lifecycle, see the Windows 10 release information and Lifecycle FAQ - Windows.

    Known issues

    See open issues, issues resolved in the last 30 days, and information on safeguard holds. To find a specific issue, use the search function on your browser (CTRL + F for Microsoft Edge).

    SummaryOriginating updateStatusLast updated
    Application shortcuts might not work from the Start menu or other locations
    Errors might be observed when trying to run exe files. Changes to Microsoft Defender can help.
    N/A

    Resolved
    2023-01-18
    19:28 PT
    Database connections using Microsoft ODBC SQL Server driver might fail.
    Apps using ODBC connections might fail to connect to databases.
    OS Build 17763.3650
    KB5019966
    2022-11-08
    Resolved
    KB5022286
    2023-01-10
    10:00 PT
    KB5012170 might fail to install and you might receive a 0x800f0922 error
    Security update for Secure Boot DBX might fail to install.
    OS Build 17763.3280
    KB5012170
    2022-08-09
    Confirmed
    2022-12-14
    16:12 PT
    Domain join processes may fail with error "0xaac (2732)"
    This might be encountered when an account was created by a different identity than the one used to join the domain
    OS Build 17763.3532
    KB5018419
    2022-10-11
    Confirmed
    2022-10-27
    16:57 PT
    Certain apps or devices might be unable to create Netlogon secure channel connections
    Scenarios which rely on synthetic RODC machine accounts might fail if they do not have a linked KRBTGT account.
    OS Build 17763.2452
    KB5009557
    2022-01-11
    Investigating
    2022-02-24
    17:41 PT
    Apps that acquire or set Active Directory Forest Trust Information might have issues
    Apps using Microsoft .NET to acquire or set Forest Trust Information might fail, close, or you might receive an error.
    OS Build 17763.2452
    KB5009557
    2022-01-11
    Mitigated
    2022-02-07
    15:36 PT

    Issue details

    January 2023

    Application shortcuts might not work from the Start menu or other locations

    StatusOriginating updateHistory
    ResolvedN/A

    Resolved: 2023-01-18, 19:28 PT
    Opened: 2023-01-13, 13:40 PT

    After installing security intelligence update build 1.381.2140.0 for Microsoft Defender, application shortcuts in the Start menu, pinned to the taskbar, and on the Desktop might be missing or deleted. Additionally, errors might be observed when trying to run executable (.exe) files which have dependencies on shortcut files. Affected devices have the Atack Surface Reduction (ASR) rule "Block Win32 API calls from Office macro" enabled. After installing security intelligence build 1.381.2140.0, detections resulted in the deletion of certain Windows shortcut (.lnk) files that matched the incorrect detection pattern.

    Windows devices used by consumers in their home or small offices are not likely to be affected by this issue.

    Workaround: Changes to Microsoft Defender can mitigate this issue. The Atack Surface Reduction (ASR) rules in Microsoft Defender are used to regulate software behavior as part of security measures. Changing ASR rules to Audit Mode can help prevent this issue. This can be done through the following options:

    Microsoft Office applications can be launched through the Microsoft 365 app launcher. More details on the Microsoft 365 app launcher can be found in Meet the Microsoft 365 app launcher

    Next steps: This issue is resolved in security intelligence update build 1.381.2164.0. Installing security intelligence update build 1.381.2164.0 or later should prevent the issue, but it will not restore previously deleted shortcuts. You will need to recreate or restore these shortcuts through other methods. For additional information and help recovering missing shortcuts, see Recovering from Attack Surface Reduction rule shortcut deletions (updated on January 17, 2023 to include additional guidance and scripts to help with recovery).

    Affected platforms:

    • ​Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB
    • ​Server: None

    December 2022

    Database connections using Microsoft ODBC SQL Server driver might fail.

    StatusOriginating updateHistory
    Resolved KB5022286OS Build 17763.3650
    KB5019966
    2022-11-08
    Resolved: 2023-01-10, 10:00 PT
    Opened: 2022-12-05, 15:45 PT

    After installing KB5019966, apps which use ODBC connections utilizing the Microsoft ODBC SQL Server Driver (sqlsrv32.dll) to access databases might fail to connect. You might receive an error within the app or you might receive an error from SQL Server, such as "The EMS System encountered a problem" with "Message: [Microsoft][ODBC SQL Server Driver] Protocol error in TDS Stream" or "Message: [Microsoft][ODBC SQL Server Driver]Unknown token received from SQL Server". Note for developers: Apps affected by this issue might fail to fetch data, for example when using the SQLFetch function. This issue might occur when calling SQLBindCol function before SQLFetch or calling SQLGetData function after SQLFetch and when a value of 0 (zero) is given for the ‘BufferLength’ argument for fixed datatypes larger than 4 bytes (such as SQL_C_FLOAT).

    If you are unsure if you are using any affected apps, open any apps which use a database and then open Command Prompt (select Start then type command prompt and select it) and type the following command:

    tasklist /m sqlsrv32.dll
    

    Workaround: To mitigate this issue, you can do one of the following:

    • ​If your app is already using or able to use Data Source Name (DSN) to select ODBC connections, install Microsoft ODBC Driver 17 for SQL Server and select it for use with your app using DSN. Note: We recommend the latest version of Microsoft ODBC Driver 17 for SQL Server, as it is more compatible with apps currently using the legacy Microsoft ODBC SQL Server Driver (sqlsrv32.dll) than Microsoft ODBC Driver 18 for SQL Server.
    • ​If your app is unable to use DSN, the app will need to be modified to allow for DSN or to use a newer ODBC driver than Microsoft ODBC SQL Server Driver (sqlsrv32.dll).

    Resolution: This issue was resolved in KB5022286. If you have implemented the above workaround, it is recommended to continue using the configuration in the workaround.

    Affected platforms:

    • ​Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1
    • ​Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2

    October 2022

    Domain join processes may fail with error "0xaac (2732)"

    StatusOriginating updateHistory
    ConfirmedOS Build 17763.3532
    KB5018419
    2022-10-11
    Last updated: 2022-10-27, 16:57 PT
    Opened: 2022-10-27, 15:53 PT

    Domain join operations might intentionally fail with error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" and text "An account with the same name exists in Active Directory. Re-using the account was blocked by security policy."

    This issue originates with the October 2022 security updates ( KB5018419) which introduced some hardening changes enabled by default for domain join. Please see KB5020276 - Netjoin: Domain join hardening changes to understand the new designed behavior.

    Affected scenarios include some domain join or re-imaging operations where a computer account was created or pre-staged by a different identity than the identity used to join or re-join the computer to the domain.

    Home users of Windows are unlikely to experience this issue.

     

    Next steps: Please see KB5020276 to understand the designed behavior. We have added insights to this KB, and are evaluating whether optimizations can be made in a future Windows Update. This guidance will be updated once those changes have released.

    Affected platforms:

    • ​Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1
    • ​Server: Windows Server 2022; Windows Server, version 20H2; Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2

    August 2022

    KB5012170 might fail to install and you might receive a 0x800f0922 error

    StatusOriginating updateHistory
    ConfirmedOS Build 17763.3280
    KB5012170
    2022-08-09
    Last updated: 2022-12-14, 16:12 PT
    Opened: 2022-08-12, 17:08 PT

    When attempting to install KB5012170, it might fail to install, and you might receive an error 0x800f0922.

    Note: This issue only affects the Security update for Secure Boot DBX ( KB5012170) and does not affect the latest cumulative security updates, monthly rollups, or security only updates.

    Workaround: This issue can be mitigated on some devices by updating the UEFI bios to the latest version before attempting to install KB5012170.

    Next steps: We are presently investigating and will provide an update in an upcoming release.

    Affected platforms:

    • ​Client: Windows 11, version 22H2; Windows 11, version 21H2; Windows 10, version 22H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1
    • ​Server: Windows Server 2022; Windows Server, version 20H2; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012

    February 2022

    Certain apps or devices might be unable to create Netlogon secure channel connections

    StatusOriginating updateHistory
    InvestigatingOS Build 17763.2452
    KB5009557
    2022-01-11
    Last updated: 2022-02-24, 17:41 PT
    Opened: 2022-02-24, 17:25 PT

    After installing KB5009557 or any updates released January 11, 2022 and later on your domain controllers, scenarios which rely on Read-only domain controllers (RODCs) or synthetic RODC machine accounts might fail to establish a Netlogon secure channel. RODC accounts must have a linked and compliant KRBTGT account to successfully establish a secure channel. Affected applications or network appliances, such as Riverbed SteelHead WAN Optimizers, might have issues joining domains or limitations after joining a domain.

    Next Steps: Affected apps and network appliances will need an update from their developer or manufacturer to resolve this issue. Microsoft and Riverbed are presently investigating and will provide an update when more information is available.

    Affected platforms:

    • ​Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2

    Apps that acquire or set Active Directory Forest Trust Information might have issues

    StatusOriginating updateHistory
    MitigatedOS Build 17763.2452
    KB5009557
    2022-01-11
    Last updated: 2022-02-07, 15:36 PT
    Opened: 2022-02-04, 16:57 PT

    After installing updates released January 11, 2022 or later, apps using Microsoft .NET Framework to acquire or set Active Directory Forest Trust Information might fail, close, or you might receive an error from the app or Windows. You might also receive an access violation (0xc0000005) error. Note for developers: Affected apps use the System.DirectoryServices API.

    Next Steps: This issue was resolved in the out-of-band update for the version of .NET Framework used by the app. Note: These out-of-band updates are not available from Windows Update and will not install automatically. To get the standalone package, search for the KB number for your version of Windows and .NET Framework in the Microsoft Update Catalog. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site. For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog.

    For instructions on how to install this update for your operating system, see the KB articles listed below:

    • ​Windows Server 2022: 
    • ​Windows Server 2019: 
    • ​Windows Server 2016: 
    • ​Windows Server 2012 R2: 
    • ​Windows Server 2012:

    Affected platforms:

    • ​Client: None
    • ​Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012

    Report a problem with Windows updates

    To report an issue to Microsoft at any time, use the Feedback Hub app. To learn more, see Send feedback to Microsoft with the Feedback Hub app

    Need help with Windows updates?

    Search, browse, or ask a question on the Microsoft Support Community. If you are an IT pro supporting an organization, visit Windows release health on the Microsoft 365 admin center for additional details.

    For direct help with your home PC, use the Get Help app in Windows or contact Microsoft Support. Organizations can request immediate support through Support for business.

    View this site in your language

    This site is available in 11 languages: English, Chinese Traditional, Chinese Simplified, French (France), German, Italian, Japanese, Korean, Portuguese (Brazil), Russian, and Spanish (Spain). All text will appear in English if your browser default language is not one of the 11 supported languages. To manually change the display language, scroll down to the bottom of this page, click on the current language displayed on the bottom left of the page, and select one of the 11 supported languages from the list.