MS16-101: Security update for Windows authentication methods: August 9, 2016

<html><body><p>Resolves vulnerabilities in Windows that could allow elevation of privilege if an attacker runs a specially crafted application on a domain-joined system.</p><h2></h2><div><span><span>Important</span> This article contains information that shows you how to help lower security settings or how to turn off security features on a computer. You can make these changes to work around a specific problem. Before you make these changes, we recommend that you evaluate the risks that are associated with implementing this workaround in your particular environment. If you implement this workaround, take any appropriate additional steps to help protect the computer.</span></div><h2>Summary</h2><div>This security update resolves multiple vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application on a domain-joined system. <br /><br />To learn more about the vulnerability, see <a href=“https://technet.microsoft.com/library/security/ms16-101” target=“_self”>Microsoft Security Bulletin MS16-101</a>.<br /></div><h2>More Information</h2><div><span>Important</span><br /><br /><ul><li>All future security and non-security updates for Windows 8.1 and Windows Server 2012 R2 require update <a href=“https://support.microsoft.com/en-us/help/2919355” target=“_self”>2919355</a> to be installed. We recommend that you install update <a href=“https://support.microsoft.com/en-us/help/2919355” target=“_self”>2919355</a> on your Windows 8.1-based or Windows Server 2012 R2-based computer so that you receive future updates. </li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a href=“https://technet.microsoft.com/en-us/library/hh825699” target=“_self”>Add language packs to Windows</a>.</li></ul><div><div><div><span><span></span></span><span><span>Non-security-related fixes that are included in this security update</span></span></div><div><span><div>This security update also fixes the following non-security-related issues:<br /><br /><ul><li>In a domain-joined Scale Out File Server (SoFS) on a domainless cluster, when an SMB client that is running either Windows 8.1 or Windows Server 2012 R2 connects to a node that is down, authentication fails. When this problem occurs, you may receive an error message that resembles the following message: <br /><br /><div>STATUS_NO_TGT_REPLY<br /></div></li></ul></div><br /></span></div></div></div></div><h2>Additional information about this security update</h2><div>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. <br /><br /><ul><li><a href=“https://support.microsoft.com/help/3177108” target=“_self”>3177108</a> MS16-101: Description of the security update for Windows authentication methods: August 9, 2016</li><li><a href=“https://support.microsoft.com/help/3167679” target=“_self”>3167679</a> MS16-101: Description of the security update for Windows authentication methods: August 9, 2016</li><li><a href=“https://support.microsoft.com/help/3192392” target=“_self”>3192392</a> October 2016 security only quality update for Windows 8.1, and Windows Server 2012 R2</li><li><a href=“https://support.microsoft.com/help/3185331” target=“_self”>3185331</a> October 2016 security monthly quality rollup for Windows 8.1, and Windows Server 2012 R2</li><li><a href=“https://support.microsoft.com/help/3192393” target=“_self”>3192393</a> October 2016 security only quality update for Windows Server 2012</li><li><a href=“https://support.microsoft.com/help/3185332” target=“_self”>3185332</a> October 2016 security monthly quality rollup for Windows Server 2012</li><li><a href=“https://support.microsoft.com/help/3192391” target=“_self”>3192391</a> October 2016 security only quality update for Windows 7 SP1 and Windows Server 2008 R2 SP1</li><li><a href=“https://support.microsoft.com/help/3185330” target=“_self”>3185330</a> October 2016 security monthly quality rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1</li><li><a href=“https://support.microsoft.com/help/3192440” target=“_self”>3192440</a> Cumulative update for Windows 10: October 11, 2016</li><li><a href=“https://support.microsoft.com/help/3194798” target=“_self”>3194798</a> Cumulative update for Windows 10 Version 1607 and Windows Server 2016: October 11, 2016</li><li><a href=“https://support.microsoft.com/help/3192441” target=“_self”>3192441</a> Cumulative update for Windows 10 Version 1511: October 11, 2016</li></ul><h3> Security updates that are replaced</h3>The following security updates have been replaced:<br /><ul><li><a href=“https://support.microsoft.com/help/3176492” target=“_self”>3176492</a> Cumulative update for Windows 10: August 9, 2016</li><li><a href=“https://support.microsoft.com/help/3176493” target=“_self”>3176493</a> Cumulative update for Windows 10 Version 1511: August 9, 2016</li><li><a href=“https://support.microsoft.com/help/3176495” target=“_self”>3176495</a> Cumulative update for Windows 10 Version 1607: August 9, 2016</li></ul>The following are the new security updates that replace the security updates mentioned earlier:<br /><ul><li><a href=“https://support.microsoft.com/help/3192440” target=“_self”>3192440</a> Cumulative update for Windows 10: October 11, 2016</li><li><a href=“https://support.microsoft.com/help/3194798” target=“_self”>3194798</a> Cumulative update for Windows 10 Version 1607 and Windows Server 2016: October 11, 2016</li><li><a href=“https://support.microsoft.com/help/3192441” target=“_self”>3192441</a> Cumulative update for Windows 10 Version 1511: October 11, 2016</li></ul><h3>Known issues in this security update</h3><ul><li><span>Known issue 1</span><br /><br />The security updates that are provided in <a href=“https://support.microsoft.com/help/3178465” target=“_self”>MS16-101</a> and newer updates disable the ability of the Negotiate process to fall back to NTLM when Kerberos authentication fails for password change operations with the <span>STATUS_NO_LOGON_SERVERS (0xc000005e)</span> error code. In this situation, you may receive one of the following error codes. <br /><br /><div><table><tr><th><span>Hexadecimal</span></th><th><span>Decimal</span></th><th><span>Symbolic</span></th><th><span>Friendly</span></th></tr><tr><td>0xc0000388</td><td>1073740920</td><td>STATUS_DOWNGRADE_DETECTED</td><td>The system detected a possible attempt to compromise security. Please make sure that you can contact the server that authenticated you. </td></tr><tr><td>0x4f1</td><td>1265</td><td>ERROR_DOWNGRADE_DETECTED</td><td>The system detected a possible attempt to compromise security. Please make sure that you can contact the server that authenticated you. </td></tr></table></div><br /><br /><span>Workaround</span><br /><br />If password changes that previously succeeded fail after the installation of MS16-101, it’s likely that password changes were previously relying on NTLM fallback because Kerberos was failing. In order to change passwords successfully by using Kerberos protocols, follow these steps:<br /><br /><br /><ol><li>Configure open communication on TCP port 464 between clients that have MS16-101 installed and the domain controller that is servicing password resets. <br /><br />Read-only domain controllers (RODCs) can service self-service password resets if the user is allowed by the RODCs password replication policy. Users who are not allowed by the RODC password policy require network connectivity to a read/write domain controller (RWDC) in the user account domain. <br /><br /><span>Note</span> To check whether TCP port 464 is open, follow these steps:<br /><br /><br /><ol><li>Create an equivalent display filter for your network monitor parser. For example:<br /><div><pre><code><div>ipv4.address== <ip address of client> && tcp.port==464</div></code></pre></div></li><li>In the results, look for the “TCP:[SynReTransmit” frame. <br /><br /><img alt=“Frame” src=“/Library/Images/3190143.jpg” title=“Frame” /></li></ol></li><li>Make sure that the target Kerberos names are valid. (IP addresses are not valid for the Kerberos protocol. Kerberos supports short names and fully qualified domain names.) </li><li>Make sure that service principal names (SPNs) are registered correctly. <br /><br />For more information, see <a href=“https://technet.microsoft.com/en-us/library/jj134304(v=ws.10).aspx” target=“_self”>Kerberos and Self-Service Password Reset</a>. </li></ol></li><li><span>Known issue 2</span><br /><br />We know about an issue in which programmatic password resets of domain user accounts fail and return the <span>STATUS_DOWNGRADE_DETECTED (0x800704F1)</span> error code if the expected failure is one of the following:<br /><br /><ul><li>ERROR_INVALID_PASSWORD </li><li>ERROR_PWD_TOO_SHORT (rarely returned) </li><li>STATUS_WRONG_PASSWORD </li><li>STATUS_PASSWORD_RESTRICTION</li></ul><br />The following table shows the full error mapping. <br /><br /><div><table><tr><th><span>Hexadecimal</span></th><th><span>Decimal</span></th><th><span>Symbolic</span></th><th><span>Friendly</span></th></tr><tr><td>0x56</td><td>86</td><td>ERROR_INVALID_PASSWORD</td><td>The specified network password is not correct. </td></tr><tr><td>0x267</td><td>615</td><td>ERROR_PWD_TOO_SHORT</td><td>The password that was provided is too short to meet the policy of your user account. Please provide a longer password. </td></tr><tr><td>0xc000006a</td><td>-1073741718</td><td>STATUS_WRONG_PASSWORD</td><td>When you try to update a password, this return status indicates that the value that was provided as the current password is incorrect. </td></tr><tr><td>0xc000006c</td><td>-1073741716</td><td>STATUS_PASSWORD_RESTRICTION</td><td>When you try to update a password, this return status indicates that some password update rule was violated. For example, the password may not meet the length criteria. </td></tr><tr><td>0x800704F1</td><td>1265</td><td>STATUS_DOWNGRADE_DETECTED</td><td>The system cannot contact a domain controller to service the authentication request. Please try again later. </td></tr><tr><td>0xc0000388</td><td>-1073740920</td><td>STATUS_DOWNGRADE_DETECTED</td><td>The system cannot contact a domain controller to service the authentication request. Please try again later. </td></tr></table></div><br /><br /><span> Resolution</span><br /><br /><a href=“https://technet.microsoft.com/library/security/ms16-101.aspx” target=“_self”>MS16-101</a> has been re-released to address this issue. Install the latest version of the updates for this bulletin to resolve this issue. <br /><br /><a></a></li><li><span>Known issue 3</span><br /><br />We know about an issue in which programmatic resets of local user account password changes may fail and return the <span>STATUS_DOWNGRADE_DETECTED (0x800704F1)</span> error code. <br /><br />The following table shows the full error mapping. <br /><br /><div><table><tr><th>Hexadecimal</th><th>Decimal</th><th>Symbolic</th><th>Friendly</th></tr><tr><td>0x4f1</td><td>1265</td><td>ERROR_DOWNGRADE_DETECTED</td><td>The system cannot contact a domain controller to service the authentication request. Please try again later. </td></tr></table></div><br /><br /><span> Resolution</span><br /><br /><a href=“https://technet.microsoft.com/library/security/ms16-101.aspx” target=“_self”>MS16-101</a> has been re-released to address this issue. Install the latest version of the updates for this bulletin to resolve this issue. <br /><br /></li><li><span>Known issue 4</span><br /><br />Passwords for disabled and locked-out user accounts cannot be changed using the negotiate package.<br /><br /> <br />Password changes for disabled and locked-out accounts will still work when using other methods such as when using an LDAP modify operation directly. For example, the PowerShell cmdlet <span>Set-ADAccountPassword</span> uses an “LDAP Modify” operation to change the password and remains unaffected. <br /><br /><span>Workaround</span><br /><br />These accounts require an administrator to make password resets. This behavior is by design after you install MS16-101 and later fixes. <br /><br /></li><li><span>Known issue 5</span><br /><br />Applications that use the <span>NetUserChangePassword</span> API and that pass a servername in the <strong>domainname</strong> parameter will no longer work after MS16-101 and later updates are installed. <br /><br />Microsoft documentation states that providing a remote server name in the <strong>domainname</strong> parameter of the <span>NetUserChangePassword</span> function is supported. For example, the <a href=“https://msdn.microsoft.com/en-us/library/windows/desktop/aa370650(v=vs.85).aspx” target=“_self”>NetUserChangePassword function</a> MSDN topic states the following:<br /><br /><strong>domainname [in]</strong><br /><div>A pointer to a constant string that specifies the DNS or NetBIOS name of a remote server or domain on which the function is to execute. If this parameter is NULL, the logon domain of the caller is used. </div><span> Status</span><br /><br />This guidance has been superseded by MS16-101, unless the password reset is for a local account on the local computer. <br /><br />Post MS16-101, in order for domain user password changes to work, you must pass a valid DNS Domain Name to the NetUserChangePassword API. </li><li><span>Known issue 6</span><br /><br />After you install the security updates that are described in <a href=“https://technet.microsoft.com/library/security/ms16-101.aspx” target=“_self”>MS16-101</a>, remote, programmatic changes of a local user account password, and password changes across untrusted forest fail.<br /><br /><br />This operation fails because the operation relies on NTLM fall-back which is no longer supported for nonlocal accounts after MS16-101 is installed.<br /><br /><br />A registry entry is provided that you can use to disable this change. <br /><br /><span><span>Warning</span> This workaround may make a computer or a network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk. </span><br /><br /><span><span>Important</span>This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base: <div><a href=“https://support.microsoft.com/en-us/help/322756”>322756 </a>How to back up and restore the registry in Windows </div></span><br /><br />To disable this change, set the <span>NegoAllowNtlmPwdChangeFallback</span> DWORD entry to use a value of 1 (one).<br /><br /><br /><span>Important</span> Setting the <span>NegoAllowNtlmPwdChangeFallback</span> registry entry to a value of 1 will disable this security fix:<br /><div><table><tr><th>Registry value</th><th>Description</th></tr><tr><td>0</td><td> Default value. Fallback is prevented. </td></tr><tr><td>1</td><td>Fallback is always allowed. The security fix is turned off. Customers that are having issues with remote local accounts or untrusted forest scenarios can set the registry to this value. </td></tr></table></div>To add these registry values, follow these steps:<br /><ol><li>Click <strong>Start</strong>, click <strong>Run</strong>, type <span>regedit</span> in the <strong>Open</strong> box, and then click <strong>OK</strong>. </li><li>Locate and then click the following subkey in the registry:<br /><div><strong>HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa<br /></strong></div></li><li>On the <strong>Edit</strong> menu, point to <strong>New</strong>, and then click <strong>DWORD Value</strong>. </li><li>Type <span>NegoAllowNtlmPwdChangeFallback</span> for the name of the DWORD, and then press ENTER. </li><li>Right-click <strong>NegoAllowNtlmPwdChangeFallback</strong>, and then click <strong>Modify</strong>. </li><li>In the <strong>Value data</strong> box, type <span> 1</span> to disable this change, and then click <strong>OK</strong>.<br /><br /><br /><span>Note</span> To restore the default value, type 0 (zero), and then click <strong>OK</strong>. </li></ol><span> Status</span><br /><br />The root cause of this issue is understood. This article will be updated with additional details as they become available.</li></ul></div><h2>How to obtain and install the update</h2><div><h3>Method 1: Windows Update</h3><div>This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see<br /><a href=“https://www.microsoft.com/en-us/safety/pc-security/updates.aspx” target=“_self”>Get security updates automatically</a>.<br /></div><h3>Method 2: Microsoft Update Catalog</h3><div>To get the stand-alone package for this update, go to the <a href=“http://catalog.update.microsoft.com/v7/site/search.aspx” target=“_self”>Microsoft Update Catalog</a> website.<br /></div><div><div><div><span><span></span></span><span><span>Method 3: Microsoft Download Center</span></span></div><div><span><div>You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update. <br /><br />Click the download link in <a href=“https://technet.microsoft.com/library/security/ms16-101” target=“_self”>Microsoft Security Bulletin MS16-101</a> that corresponds to the version of Windows that you are running.<br /></div><br /></span></div></div></div></div><h2>More Information</h2><div><div><div><div><span><span></span></span><span><span>Security update deployment information</span></span></div><div><span><div><h4>Windows Vista (all editions)</h4><span>Reference Table</span><br /><br />The following table contains the security update information for this software.<br /><br /><br /><div><table><tr><td><span>Security update file names</span></td><td>For all supported 32-bit editions of Windows Vista:<br /><span>Windows6.0-KB3167679-x86.msu</span></td></tr><tr><td></td><td>For all supported x64-based editions of Windows Vista:<br /><span>Windows6.0-KB3167679-x64.msu</span></td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/934307” target=“_self”>Microsoft Knowledge Base article 934307</a></td></tr><tr><td><span>Restart requirement</span></td><td>You must restart the system after you apply this security update. </td></tr><tr><td><span>Removal information</span></td><td>WUSA.exe does not support uninstalling updates. To uninstall an update that is installed by WUSA, click <strong>Control Panel</strong>, and then click <strong>Security</strong>. Under <span>Windows Update</span>, click <strong>View installed updates</strong>, and then select from the list of updates. </td></tr><tr><td><span>File information</span></td><td>See <a href=“https://support.microsoft.com/help/3167679” target=“_self”>Microsoft Knowledge Base article 3167679</a></td></tr><tr><td><span>Registry key verification</span></td><td><span>Note</span> This update does not add a registry key to validate its presence. </td></tr></table></div><br /><br /><h4>Windows Server 2008 (all editions)</h4><span>Reference Table</span><br /><br />The following table contains the security update information for this software.<br /><br /><br /><div><table><tr><td><span>Security update file names</span></td><td>For all supported 32-bit editions of Windows Server 2008:<br /><span>Windows6.0-KB3167679-x86.msu</span></td></tr><tr><td></td><td>For all supported x64-based editions of Windows Server 2008:<br /><span>Windows6.0-KB3167679-x64.msu</span></td></tr><tr><td></td><td>For all supported Itanium-based editions of Windows Server 2008:<br /><span>Windows6.0-KB3167679-ia64.msu</span></td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/934307” target=“_self”>Microsoft Knowledge Base article 934307</a></td></tr><tr><td><span>Restart requirement</span></td><td>You must restart the system after you apply this security update. </td></tr><tr><td><span>Removal information</span></td><td>WUSA.exe does not support uninstalling updates. To uninstall an update that is installed by WUSA, click <strong>Control Panel</strong>, and then click <strong>Security</strong>. Under <span>Windows Update</span>, click <strong>View installed updates</strong>, and then select from the list of updates. </td></tr><tr><td><span>File information</span></td><td>See <a href=“https://support.microsoft.com/help/3167679” target=“_self”>Microsoft Knowledge Base article 3167679</a></td></tr></table></div><br /><br /><h4> Windows 7 (all editions)</h4><span>Reference Table</span><br /><br />The following table contains the security update information for this software.<br /><div><table><tr><td><span>Security update file name</span></td><td>For all supported 32-bit editions of Windows 7:<br /><span>Windows6.1-KB3192391-x86.msu<br /></span>Security Only</td></tr><tr><td></td><td>For all supported 32-bit editions of Windows 7<br /><br /><span>Windows6.1-KB3185330-x86.msu<br /></span>Monthly Rollup</td></tr><tr><td></td><td>For all supported x64-based editions of Windows 7:<br /><span>Windows6.1-KB3192391-x64.msu<br /></span>Security Only</td></tr><tr><td></td><td>For all supported x64-based editions of Windows 7:<br /><span>Windows6.1-KB3185330-x64.msu<br /></span>Monthly Rollup</td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/934307” target=“_self”>Microsoft Knowledge Base Article 934307</a><span></span></td></tr><tr><td><span>Restart requirement</span></td><td>You must restart the system after you apply this security update. </td></tr><tr><td><span>Removal information</span></td><td>To uninstall an update that is installed by WUSA, use the /Uninstall setup switch or click <strong>Control Panel</strong>, click <strong>System and Security</strong>. Under <strong>Windows Update</strong>, click <strong>View installed updates</strong>, and then select from the list of updates. </td></tr><tr><td><span>File information</span></td><td>See <a href=“https://support.microsoft.com/help/3192391” target=“_self”>Microsoft Knowledge Base Article 3192391</a><br />See <a href=“https://support.microsoft.com/help/3185330” target=“_self”>Microsoft Knowledge Base Article 3185330</a></td></tr><tr><td><span>Registry key verification</span></td><td><span>Note</span> This update does not add a registry key to validate its installation. </td></tr></table></div><br /><br /><h4> Windows Server 2008 R2 (all editions)</h4><span>Reference Table</span><br /><br />The following table contains the security update information for this software.<br /><div><table><tr><td><span>Security update file name</span></td><td>For all supported x64-based editions of Windows Server 2008 R2:<br /><span>Windows6.1-KB3192391-x64.msu<br /></span>Security Only</td></tr><tr><td></td><td>For all supported x64-based editions of Windows Server 2008 R2:<br /><span>Windows6.1-KB3185330-x64.msu<br /></span>Monthly Rollup</td></tr><tr><td></td><td>For all supported Itanium-based editions of Windows Server 2008 R2:<br /><span>Windows6.1-KB3192391-ia64.msu<br /></span>Security Only</td></tr><tr><td></td><td>For all supported Itanium-based editions of Windows Server 2008 R2:<br /><span>Windows6.1-KB3185330-ia64.msu<br /></span>Monthly Rollup</td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/934307” target=“_self”>Microsoft Knowledge Base Article 934307</a></td></tr><tr><td><span>Restart requirement</span></td><td>A system restart is required after you apply this security update. </td></tr><tr><td><span>Removal information</span></td><td>To uninstall an update installed by WUSA, use the <span>/Uninstall</span> setup switch or click <span>Control Panel</span>, click <span>System and Security</span>, and then under Windows Update, click <span>View installed updates</span> and select from the list of updates. </td></tr><tr><td><span>File information</span></td><td>See <a href=“https://support.microsoft.com/help/3192391” target=“_self”>Microsoft Knowledge Base Article 3192391</a><br />See <a href=“https://support.microsoft.com/help/3185330” target=“_self”>Microsoft Knowledge Base Article 3185330</a></td></tr><tr><td><span>Registry key verification</span></td><td><span>Note</span> A registry key does not exist to validate the presence of this update. </td></tr></table></div><br /><br /><h4> Windows 8.1 (all editions)</h4><span>Reference Table</span><br /><br />The following table contains the security update information for this software.<br /><div><table><tr><td><span>Security update file name</span></td><td>For all supported 32-bit editions of Windows 8.1:<br /><span>Windows8.1-KB3192392-x86.msu<br /></span>Security Only</td></tr><tr><td></td><td>For all supported 32-bit editions of Windows 8.1:<br /><span>Windows8.1-KB3185331-x86.msu<br /></span>Monthly Rollup</td></tr><tr><td></td><td>For all supported x64-based editions of Windows 8.1:<br /><span>Windows8.1-KB3192392-x64.msu<br /></span>Security Only</td></tr><tr><td></td><td>For all supported x64-based editions of Windows 8.1:<br /><span>Windows8.1-KB3185331-x64.msu<br /></span>Monthly Rollup</td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/934307” target=“_self”>Microsoft Knowledge Base Article 934307</a></td></tr><tr><td><span>Restart requirement</span></td><td>You must restart the system after you apply this security update. </td></tr><tr><td><span>Removal information</span></td><td>To uninstall an update that is installed by WUSA, use the <span>/Uninstall</span> setup switch or Click <strong>Control Panel</strong>, click <strong>System and Security</strong>, and then click <strong>Windows Update</strong>. Under <span>See also</span>, click <span>Installed updates</span>, and then select from the list of updates. </td></tr><tr><td><span>File information</span></td><td>See <a href=“https://support.microsoft.com/help/3192392” target=“_self”>Microsoft Knowledge Base Article 3192392</a><br />See <a href=“https://support.microsoft.com/help/3185331” target=“_self”>Microsoft Knowledge Base Article 3185331</a></td></tr><tr><td><span>Registry key verification</span></td><td><span>Note</span> This update does not add a registry key to validate its installation. </td></tr></table></div><br /><br /><h4> Windows Server 2012 and Windows Server 2012 R2 (all editions)</h4><span>Reference Table</span><br /><br />The following table contains the security update information for this software.<br /><div><table><tr><td><span>Security update file name</span></td><td>For all supported editions of Windows Server 2012:<br /><span>Windows8-RT-KB3192393-x64.msu<br /></span>Security Only</td></tr><tr><td></td><td>For all supported editions of Windows Server 2012:<br /><span>Windows8-RT-KB3185332-x64.msu<br /></span>Monthly Rollup</td></tr><tr><td></td><td>For all supported editions of Windows Server 2012 R2:<br /><span>Windows8.1-KB3192392-x64.msu<br /></span>Security Only</td></tr><tr><td></td><td>For all supported editions of Windows Server 2012 R2:<br /><span>Windows8.1-KB3185331-x64.msu<br /></span>Monthly Rollup</td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/934307” target=“_self”>Microsoft Knowledge Base Article 934307</a></td></tr><tr><td><span>Restart requirement</span></td><td>A system restart is required after you apply this security update. </td></tr><tr><td><span>Removal information</span></td><td>To uninstall an update installed by WUSA, use the <span>/Uninstall</span> setup switch or click <span>Control Panel</span>, click <span>System and Security</span>, click <span>Windows Update</span>, and then under See also, click <span>Installed updates</span> and select from the list of updates. </td></tr><tr><td><span>File information</span></td><td>See <a href=“https://support.microsoft.com/help/3192393” target=“_self”>Microsoft Knowledge Base Article 3192393</a><br />See <a href=“https://support.microsoft.com/help/3185332” target=“_self”>Microsoft Knowledge Base Article 3185332</a></td></tr><tr><td><span>Registry key verification</span></td><td><span>Note</span> A registry key does not exist to validate the presence of this update. </td></tr></table></div><br /><br /><h4> Windows 10 (all editions)</h4><span>Reference Table</span><br /><br />The following table contains the security update information for this software.<br /><div><table><tr><td><span>Security update file name</span></td><td>For all supported 32-bit editions of Windows 10:<br /><span>Windows10.0-KB3192440-x86.msu</span></td></tr><tr><td></td><td>For all supported x64-based editions of Windows 10:<br /><span>Windows10.0-KB3192440-x64.msu</span></td></tr><tr><td></td><td>For all supported 32-bit editions of Windows 10 Version 1511:<br /><span>Windows10.0-Kb3192441-x86.msu</span></td></tr><tr><td></td><td>For all supported x64-based editions of Windows 10 Version 1511:<br /><span>Windows10.0-Kb3192441-x64.msu</span></td></tr><tr><td></td><td>For all supported 32-bit editions of Windows 10 Version 1607:<br /><span>Windows10.0-KB3194798-x86.msu</span></td></tr><tr><td></td><td>For all supported x64-based editions of Windows 10 Version 1607:<br /><span>Windows10.0-KB3194798-x64.msu</span></td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/934307” target=“_self”>Microsoft Knowledge Base Article 934307</a></td></tr><tr><td><span>Restart requirement</span></td><td>You must restart the system after you apply this security update. </td></tr><tr><td><span>Removal information</span></td><td>To uninstall an update that is installed by WUSA, use the <span>/Uninstall</span> setup switch or Click <strong>Control Panel</strong>, click <strong>System and Security</strong>, and then click <strong>Windows Update</strong>. Under <span>See also</span>, click Installed updates, and then select from the list of updates. </td></tr><tr><td><span>File information</span></td><td>See <a href=“https://support.microsoft.com/help/3192440” target=“_self”>Microsoft Knowledge Base Article 3192440</a><br />See <a href=“https://support.microsoft.com/help/3192440” target=“_self”>Microsoft Knowledge Base Article 3192441</a><br />See <a href=“https://support.microsoft.com/help/3194798” target=“_self”>Microsoft Knowledge Base Article 3194798</a></td></tr><tr><td><span>Registry key verification</span></td><td><span>Note</span> This update does not add a registry key to validate its installation. </td></tr></table></div></div><br /></span></div></div></div><div><div><div><span><span></span></span><span><span>How to obtain help and support for this security update</span></span></div><div><span><div>Help for installing updates: <a href=“https://support.microsoft.com/ph/6527” target=“_self”>Support for Microsoft Update</a><br /><br />Security solutions for IT professionals: <a href=“https://technet.microsoft.com/security/bb980617.aspx” target=“_self”>TechNet Security Troubleshooting and Support</a><br /><br />Help for protecting your Windows-based computer from viruses and malware: <a href=“https://support.microsoft.com/contactus/cu_sc_virsec_master” target=“_self”>Virus Solution and Security Center</a><br /><br />Local support according to your country: <a href=“https://www.microsoft.com/en-us/locale.aspx” target=“_self”>International Support</a></div><br /></span></div></div></div><a></a></div></body></html>