diff --git a/lib/EAPBase/include/EAP.h b/lib/EAPBase/include/EAP.h
index 7a2187e..333a699 100644
--- a/lib/EAPBase/include/EAP.h
+++ b/lib/EAPBase/include/EAP.h
@@ -902,7 +902,7 @@ template<class _Traits, class _Ax>
 inline void operator<<(_Inout_ eap::cursor_out &cursor, _In_ const std::basic_string<wchar_t, _Traits, _Ax> &val)
 {
     std::string val_utf8;
-    WideCharToMultiByte(CP_UTF8, 0, val.c_str(), (int)val.length(), val_utf8, NULL, NULL);
+    WideCharToMultiByte(CP_UTF8, 0, val, val_utf8, NULL, NULL);
     cursor << val_utf8;
 }
 
@@ -919,7 +919,7 @@ inline void operator>>(_Inout_ eap::cursor_in &cursor, _Out_ std::basic_string<w
 {
     std::string val_utf8;
     cursor >> val_utf8;
-    MultiByteToWideChar(CP_UTF8, 0, val_utf8.c_str(), (int)val_utf8.length(), val);
+    MultiByteToWideChar(CP_UTF8, 0, val_utf8, val);
 }
 
 
diff --git a/lib/EAPBase/include/Module.h b/lib/EAPBase/include/Module.h
index e89a9b2..24c2981 100644
--- a/lib/EAPBase/include/Module.h
+++ b/lib/EAPBase/include/Module.h
@@ -323,7 +323,7 @@ namespace eap
         std::vector<unsigned char> encrypt(_In_ HCRYPTPROV hProv, _In_ const std::basic_string<wchar_t, _Traits, _Ax> &val, _Out_opt_ HCRYPTHASH hHash = NULL) const
         {
             winstd::sanitizing_string val_utf8;
-            WideCharToMultiByte(CP_UTF8, 0, val.c_str(), (int)val.length(), val_utf8, NULL, NULL);
+            WideCharToMultiByte(CP_UTF8, 0, val, val_utf8, NULL, NULL);
             return encrypt(hProv, val_utf8, hHash);
         }
 
@@ -367,7 +367,7 @@ namespace eap
         std::vector<unsigned char> encrypt_md5(_In_ HCRYPTPROV hProv, _In_ const std::basic_string<wchar_t, _Traits, _Ax> &val) const
         {
             winstd::sanitizing_string val_utf8;
-            WideCharToMultiByte(CP_UTF8, 0, val.c_str(), (int)val.length(), val_utf8, NULL, NULL);
+            WideCharToMultiByte(CP_UTF8, 0, val, val_utf8, NULL, NULL);
             return encrypt_md5(hProv, val_utf8);
         }
 
@@ -448,7 +448,7 @@ namespace eap
         {
             winstd::sanitizing_string buf(std::move(decrypt_str(hProv, data, size, hHash)));
             std::basic_string<wchar_t, _Traits, _Ax> dec;
-            MultiByteToWideChar(CP_UTF8, 0, buf.data(), (int)buf.size(), dec);
+            MultiByteToWideChar(CP_UTF8, 0, buf, dec);
             return dec;
         }
 
@@ -520,7 +520,7 @@ namespace eap
         {
             winstd::sanitizing_string buf(std::move(decrypt_str_md5<char, std::char_traits<char>, sanitizing_allocator<char> >(hProv, data, size)));
             std::basic_string<wchar_t, _Traits, _Ax> dec;
-            MultiByteToWideChar(CP_UTF8, 0, buf.data(), (int)buf.size(), dec);
+            MultiByteToWideChar(CP_UTF8, 0, buf, dec);
             return dec;
         }
 
diff --git a/lib/EAPBase/src/Credentials.cpp b/lib/EAPBase/src/Credentials.cpp
index 6bccd22..edda614 100644
--- a/lib/EAPBase/src/Credentials.cpp
+++ b/lib/EAPBase/src/Credentials.cpp
@@ -251,7 +251,7 @@ void eap::credentials_pass::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *p
     switch (m_enc_alg) {
     case enc_alg_kph: {
         sanitizing_string password_utf8;
-        WideCharToMultiByte(CP_UTF8, 0, m_password.c_str(), -1, password_utf8, NULL, NULL);
+        WideCharToMultiByte(CP_UTF8, 0, m_password, password_utf8, NULL, NULL);
         wstring password_enc(std::move(kph_encrypt<wchar_t, char_traits<wchar_t>, allocator<wchar_t> >(cp, password_utf8.c_str())));
         com_obj<IXMLDOMElement> pXmlElPassword;
         if (FAILED(hr = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"Password"), namespace_eapmetadata, bstr(password_enc), std::addressof(pXmlElPassword))))
@@ -308,7 +308,7 @@ void eap::credentials_pass::load(_In_ IXMLDOMNode *pConfigRoot)
     } else if (encryption && CompareStringEx(LOCALE_NAME_INVARIANT, NORM_IGNORECASE, encryption, encryption.length(), _L("KPH"), -1, NULL, NULL, 0) == CSTR_EQUAL) {
         // Decrypt password.
         sanitizing_string password_utf8(std::move(kph_decrypt<OLECHAR>(password)));
-        MultiByteToWideChar(CP_UTF8, 0, password_utf8.c_str(), -1, m_password);
+        MultiByteToWideChar(CP_UTF8, 0, password_utf8, m_password);
         m_enc_alg = enc_alg_kph;
     } else if (encryption && encryption[0]) {
         // Encryption is defined but unrecognized.
@@ -354,7 +354,7 @@ void eap::credentials_pass::store(_In_z_ LPCTSTR pszTargetName, _In_ unsigned in
 
     // Convert password to UTF-8.
     sanitizing_string cred_utf8;
-    WideCharToMultiByte(CP_UTF8, 0, m_password.c_str(), (int)m_password.length(), cred_utf8, NULL, NULL);
+    WideCharToMultiByte(CP_UTF8, 0, m_password, cred_utf8, NULL, NULL);
 
     // Encrypt the password using user's key.
     DATA_BLOB cred_blob    = { (DWORD)cred_utf8.size() , const_cast<LPBYTE>(reinterpret_cast<LPCBYTE>(cred_utf8.data())) };
diff --git a/lib/MSCHAPv2/src/Method.cpp b/lib/MSCHAPv2/src/Method.cpp
index e992493..997d6b6 100644
--- a/lib/MSCHAPv2/src/Method.cpp
+++ b/lib/MSCHAPv2/src/Method.cpp
@@ -132,7 +132,7 @@ void eap::method_mschapv2_base::process_success(_In_ const list<string> &argv)
 
             // Calculate expected authenticator response.
             sanitizing_string identity_utf8;
-            WideCharToMultiByte(CP_UTF8, 0, m_cred.m_identity.c_str(), (int)m_cred.m_identity.length(), identity_utf8, NULL, NULL);
+            WideCharToMultiByte(CP_UTF8, 0, m_cred.m_identity, identity_utf8, NULL, NULL);
             authenticator_response resp_exp(m_cp, m_challenge_server, m_challenge_client, identity_utf8.c_str(), m_cred.m_password.c_str(), m_nt_resp);
 
             // Compare against provided authemticator response.
@@ -169,7 +169,7 @@ void eap::method_mschapv2_base::process_error(_In_ const list<string> &argv)
             bool is_last;
             dec.decode(m_challenge_server, is_last, val.data() + 2, (size_t)-1);
         } else if ((val[0] == 'M' || val[0] == 'm') && val[1] == '=') {
-            MultiByteToWideChar(CP_UTF8, 0, val.data() + 2, -1, m_cfg.m_last_msg);
+            MultiByteToWideChar(CP_UTF8, 0, val.data() + 2, (int)val.length() - 2, m_cfg.m_last_msg);
             m_module.log_event(&EAPMETHOD_METHOD_FAILURE_ERROR1, event_data((unsigned int)m_cfg.get_method_id()), event_data(m_cfg.m_last_msg), event_data::blank);
         }
     }
@@ -263,7 +263,7 @@ EapPeerMethodResponseAction eap::method_mschapv2::process_request_packet(
 
             // Calculate NT-Response.
             sanitizing_string identity_utf8;
-            WideCharToMultiByte(CP_UTF8, 0, m_cred.m_identity.c_str(), (int)m_cred.m_identity.length(), identity_utf8, NULL, NULL);
+            WideCharToMultiByte(CP_UTF8, 0, m_cred.m_identity, identity_utf8, NULL, NULL);
             m_nt_resp = nt_response(m_cp, m_challenge_server, m_challenge_client, identity_utf8.c_str(), m_cred.m_password.c_str());
 
             // Prepare CHAP response value.
@@ -373,7 +373,7 @@ EapPeerMethodResponseAction eap::method_mschapv2_diameter::process_request_packe
 
         // Calculate NT-Response.
         sanitizing_string identity_utf8;
-        WideCharToMultiByte(CP_UTF8, 0, m_cred.m_identity.c_str(), (int)m_cred.m_identity.length(), identity_utf8, NULL, NULL);
+        WideCharToMultiByte(CP_UTF8, 0, m_cred.m_identity, identity_utf8, NULL, NULL);
         m_nt_resp = nt_response(m_cp, m_challenge_server, m_challenge_client, identity_utf8.c_str(), m_cred.m_password.c_str());
 
         // Prepare MS-CHAP2-Response.
diff --git a/lib/PAP/src/Method.cpp b/lib/PAP/src/Method.cpp
index 94a9849..29febbc 100644
--- a/lib/PAP/src/Method.cpp
+++ b/lib/PAP/src/Method.cpp
@@ -91,8 +91,8 @@ EapPeerMethodResponseAction eap::method_pap_diameter::process_request_packet(
 
         // Convert username and password to UTF-8.
         sanitizing_string identity_utf8, password_utf8;
-        WideCharToMultiByte(CP_UTF8, 0, m_cred.m_identity.c_str(), (int)m_cred.m_identity.length(), identity_utf8, NULL, NULL);
-        WideCharToMultiByte(CP_UTF8, 0, m_cred.m_password.c_str(), (int)m_cred.m_password.length(), password_utf8, NULL, NULL);
+        WideCharToMultiByte(CP_UTF8, 0, m_cred.m_identity, identity_utf8, NULL, NULL);
+        WideCharToMultiByte(CP_UTF8, 0, m_cred.m_password, password_utf8, NULL, NULL);
 
         // PAP passwords must be padded to 16B boundary according to RFC 5281. Will not add random extra padding here, as length obfuscation should be done by outer transport layers.
         size_t padding_password_ex = (16 - password_utf8.length()) % 16;
diff --git a/lib/TTLS/src/Method.cpp b/lib/TTLS/src/Method.cpp
index af96ffd..a1a4dd0 100644
--- a/lib/TTLS/src/Method.cpp
+++ b/lib/TTLS/src/Method.cpp
@@ -231,7 +231,7 @@ EapPeerMethodResponseAction eap::method_eapmsg::process_request_packet(
     case phase_identity: {
         // Convert identity to UTF-8.
         sanitizing_string identity_utf8;
-        WideCharToMultiByte(CP_UTF8, 0, m_identity.c_str(), -1, identity_utf8, NULL, NULL);
+        WideCharToMultiByte(CP_UTF8, 0, m_identity, identity_utf8, NULL, NULL);
 
         // Build EAP-Response/Identity packet.
         auto size_identity = identity_utf8.length(), size_packet = size_identity + sizeof(EapPacket);
@@ -413,7 +413,7 @@ void eap::method_ttls::begin_session(
         m_sc_target_name.insert(m_sc_target_name.end(), name->begin(), name->end());
 #else
         string buf;
-        WideCharToMultiByte(CP_ACP, 0, name->c_str(), -1, buf, NULL, NULL);
+        WideCharToMultiByte(CP_ACP, 0, name, buf, NULL, NULL);
         m_sc_target_name.insert(m_sc_target_name.end(), buf.begin(), buf.end());
 #endif
     }
diff --git a/lib/WinStd b/lib/WinStd
index 6be8e5e..bab514c 160000
--- a/lib/WinStd
+++ b/lib/WinStd
@@ -1 +1 @@
-Subproject commit 6be8e5ee549a51146782ab6f24a7439292a307e4
+Subproject commit bab514cbd46f1d96d4c7ebad6f5bc3872b940aa3