Lucene search

MicrosoftKB4056890

HistoryJan 09, 2018 - 8:00 a.m.

January 3, 2018—KB4056890 (OS Build 14393.2007)

2018-01-0908:00:00

Microsoft

support.microsoft.com

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.962 High

EPSS

Percentile

99.5%

JSON

January 3, 2018—KB4056890 (OS Build 14393.2007)

NoteThe release also contains updates for Windows 10 Mobile (OS Build 14393.2007) released on January 5, 2018

Improvements and fixes

This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

Security updates to Microsoft Edge, Internet Explorer, Windows Graphics, Windows Kernel, Windows Datacenter Networking, and Windows SMB Server.
NoteThis update isn’t available with express installation files for Windows Server 2016.If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, see the Security Update Guide.

Windows Update Client ImprovementMicrosoft will release an update directly to the Windows Update Client to improve Windows Update reliability. It will only be offered to devices that have’t installed the most recent updates.

Known issues in this update

Symptom	Workaround
When calling CoInitializeSecurity, the call will fail if passing RPC_C_IMP_LEVEL_NONE under certain conditions.When calling CoInitializeSecurity, the call may fail when passing RPC_C_AUTHN_LEVEL_NONE as the authentication level. The error returned on failure is STATUS_BAD_IMPERSONATION_LEVEL.	This issue is resolved in KB4057142.
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.	This issue is resolved in KB4088787.
Microsoft has reports of some customers on a small subset of older AMD processors getting into an unbootable state after installing this KB.

To prevent this issue, Microsoft will temporarily pause Windows OS updates to devices with impacted AMD processors at this time.| This issue is resolved in KB4057142.
After installing this update, servers where Credential Guard is enabled may experience an unexpected restart with the error, "The system process lsass.exe terminated unexpectedly with status code -1073740791. The system will now shut down and restart."Event ID 1000 in the application log shows: "C:\windows\system32\lsass.exe’ terminated unexpectedly with status code -1073740791Faulting application: lsass.exe, Version: 10.0.14393.1770, Time Stamp: 0x59bf2fb2Faulting module: ntdll.dll, Version: 10.0.14393.1715, Time Stamp: 0x59b0d03eException: 0xc0000409| This issue is resolved in KB4077525.
After installing this update, some users may experience issues logging into some websites when using third-party account credentials in Microsoft Edge.| This issue is resolved in KB4074590.
Editing some group policies using GPMC or AGPM 4.0 may fail with error “The data present in the reparse point buffer is invalid. (Exception from HRESULT: 0x80071128)” after installing this update on a domain controller.| This issue is resolved in KB4074590.

How to get this update

This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the Microsoft Update Catalog website.File informationFor a list of the files that are provided in this update, download the file information for cumulative update 4056890.