Download Link and Changelog: Windows 10 Update KB5016690

Microsoft has released Windows 10 update KB5016690 (Build 17763.3346) for everyone on Windows 10 version 1809. The new version brings a fix for a significant issue affecting device shutdown/restart. It also contains fixes for many other issues affecting Windows 10 version 1809.

It also improves Microsoft Defender for Endpoint’s ability to identify and intercept ransomware and advanced attacks. Check out the full changelog below.


This non-security update includes quality improvements. The main changes include:

  • New! Improves Microsoft Defender for Endpoint’s ability to identify and intercept ransomware and advanced attacks.
  • Fixes an issue that causes ServerAssignedConfigurations be null in a few full configuration scenarios.
  • Addresses an issue that may generate error 0x1E when you shut down or restart a device.
  • Addresses an issue that prevents Microsoft Office App-V virtualized applications from opening or not working.
  • Addresses an issue that results in a false negative when you run scripts while Windows Defender Application Control (WDAC) is enabled. This can cause AppLocker events 8029, 8028, or 8037 to appear in the log when they shouldn’t.
  • Addresses an issue that causes the Resultant Set of Strategy tool (Rsop.msc) to stop working when processing 1000 or more “File System” security settings.
  • Addresses an issue that prevents the Settings application from working on server domain controllers (DCs) when accessing the Privacy > Activity history page.
  • Addresses a race condition that prevents the Local Security Authority Subsystem (LSASS) service from functioning on Active Directory domain controllers. This issue occurs when LSASS concurrently processes Lightweight Directory Access Protocol (LDAP) requests over Transport Layer Security (TLS) that fail to decrypt. The exception code is 0xc0000409 (STATUS_STACK_BUFFER_OVERRUN).
  • Addresses an issue that affects finding a non-existent security ID (SID) from the local domain using a read-only domain controller (RODC). Search unexpectedly returns error STATUS_TRUSTED_DOMAIN_FAILURE instead of STATUS_NONE_MAPPED or STATUS_SOME_MAPPED.
  • Addresses an issue that prevents a private virtual local area network (PVLAN) from providing tenant and virtual machine (VM) isolation.
  • Addresses an issue that delays a client acquiring the Internet Protocol version 6 (IPv6) address for extended periods of time in an IPv6 environment.
  • Fixed an issue that could cause the Remote Desktop Session License to display a 60 minute disconnect warning after reconnecting.
  • Addresses an issue that causes an RODC to restart unexpectedly. In the event log, you will find the following:
    • Event 1074 with message “The system process ‘C:Windowssystem32lsass.exe’ terminated unexpectedly with status code -1073740286. The system will now shut down and restart.
    • Event 1015 with message “A critical system process, C:Windowssystem32lsass.exe, failed with status code c0000602. The machine should now be restarted.
    • Event 1000 with message “Faulting Application Name: lsass.exe, Faulting Module Name: ESENT.dll, Exception Code: 0xc0000602.”
  • Fixes an issue that could cause cldflt.sys to reference invalid memory under race conditions.

If you have installed previous updates, only the new updates contained in this package will be downloaded and installed on your device.

Download link:

You can manually download and install Windows 10 update KB5016690 by clicking here. If you need help understanding how to install these updates manually on your PC, you can refer to our noob-friendly step-by-step tutorial.

Harry D. Gonzalez