December 12, 2017—KB4054517 (OS Build 16299.125)

2017-12-1208:00:00

Microsoft

support.microsoft.com

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.947 High

EPSS

Percentile

99.2%

JSON

December 12, 2017—KB4054517 (OS Build 16299.125)

Improvements and fixes

This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

Updates Internet Explorer’s default visibility for the button that launches Microsoft Edge.
Addresses issue where Windows Defender Device Guard and Application Control block some applications from running, even in Audit-Only Enforcement Mode.
Addresses issue to reset PLC bit on U0/U3 transitions.
Addresses issue with personalized Bluetooth devices that don’t support bonding.
Addresses issue where the touch keyboard doesn’t support the standard layout for 88 languages.
Addresses issue where the touch keyboard for a third-party Input Method Editor (IME) has no IME ON/OFF key.
Addresses additional issues with updated time zone information.
Addresses issue where, when using System Center Virtual Machine Manager (VMM), the user can’t copy or clone virtual machines (VM). The error message is “0x80070057- Invalid parameter”. This issue affects the VMM UI and PowerShell scripts used for VM cloning and copying.
Addresses issue where the Internet Connection Sharing (ICS) service does not persist connections across OS reboots or ICS service restarts. The solution can be activated through an optional “EnableRebootPersistConnection” registry key described in KB4055559.
Security updates to the Microsoft Scripting Engine, Microsoft Edge, and Windows Server.
If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, see the Security Update Guide.

Known issues in this update

Symptom	Workaround
Update installation may stop at 99% and may show elevated CPU or disk utilization if a device was reset using the Reset this PC functionality after installing KB4054022.	This issue is resolved in KB4058702.Note_ _If you are impacted by this issue, you must restart your PC or end the existing Trusted Installer processes by running the following from an Administrative command prompt:taskkill /f /im tiworker.exetaskkill /f /im trustedinstaller.exeDevices that were impacted by this issue may have large CBS.log files. These files can be deleted by running the following from an Administrative command prompt:del /f %windir%\logs\cbs\*.log
Windows Update History reports that KB4054517 failed to install because of Error 0x80070643.	This issue is resolved in KB4058258.
After installing this update, some preinstalled apps running Windows 10 version 1709 may be deleted at system restart.	This issue is resolved in KB4056892.Uninstalled apps can be reinstalled manually from the Microsoft Store.

How to get this update

This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the Microsoft Update Catalog website.File informationFor a list of the files that are provided in this update, download the file information for cumulative update 4054517.