This security update for Windows 10 Version 1511 and Windows Server 2016 Technical Preview 4 includes functionality improvements and fixes, and it resolves the following vulnerabilities in Windows:
Windows 10 and Windows Server 2016 updates are cumulative. Therefore, this package contains all previously released fixes.
If you have installed previous updates, only the new fixes that are contained in this package will be downloaded and installed to your computer. If you are installing a Windows 10 update package for the first time, the package for the x86 version is 390 MB and the package for the x64 version is 677 MB.
This update will be downloaded and installed automatically.
To get the stand-alone package for this update, go to the Microsoft Update Catalog website.
There are no prerequisites for installing this update.
You have to restart the computer after you apply this update.
This update replaces the previously released security update 3147458.
For a list of the files that are provided in this cumulative update, download the file information for cumulative update 3156421.
File hash information
File name| SHA1 hash| SHA256 hash
Windows10.0-KB3156421-x86.msu| DF6C01B17D1D5967853384BA995509FEFB432F10| 0A983CCEF83D1FA44B418B5486D29B195BB0134FBAC2D99C7831EB18482AF914
Windows10.0-KB3156421-x64.msu| DF611D19667C6936EE4A7F77DA54801A6B87F275| 7D81058C3879A4028791056FC81D70E119344AF12D0B475DE33ACFD8698D7A57
More InformationThe .NET framework version 3.5 and earlier versions did not provide support for applications to use Transport Layer Security (TLS) System Default Versions as a cryptographic protocol. This update enables the use of TLS v1.2 in the .NET Framework 3.5.The following registry keys can be set to use the operating system defaults for SSL and TLS instead of the hardcoded .NET Framework defaults for a managed application running on the computer.
Note If the application has set the ServicePointManager.SecureProtocol in code or through config files to a specific value, or uses the SslStream.AuthenticateAs * APIs to specify a specific SslProtocols enum, the registry setting behavior does not occur.In addition, we have added the SslProtocolsExtensions enumeration that you can use as an option for setting TLS v1.2, TLS v1.1, as well as operating system defaults for the ServicePointManager.SecurityProtoco l property when targeting .NET framework version 2.0 SP2. (See the Developer Guidance section for the information on how to use the extensions.)For more information about how to enable TLS v1.1 or v1.2 as operating system defaults, follow the instructions at <https://technet.microsoft.com/en- us/library/dn786418(v=ws.11).aspx#BKMK_SchannelTR_TLS12>. ReferencesLearn about the terminology that Microsoft uses to describe software updates.