January 4, 2018—KB4056894 (Monthly Rollup)

2018-01-04T00:00:00
ID KB4056894
Type mskb
Reporter Microsoft
Modified 2018-08-23T01:17:58

Description

<html><body><p>Learn more about update KB4056894, including improvements and fixes, any known issues, and how to get the update.</p><h2>Improvements and fixes</h2><div><p>This security update includes improvements and fixes that were a part of update <a data-content-id="4054518" data-content-type="article" href="" managed-link="" target="_blank">KB4054518</a> (released December 12, 2017) and addresses the following issues:</p><ul><li>Security updates to Windows SMB Server, Windows Kernel,  Microsoft Graphics Component, Internet Explorer, and Windows Graphics.</li></ul><p><span><span><span><span>For more information about the resolved security vulnerabilities, see the </span></span></span></span><span><span><span><a href="https://portal.msrc.microsoft.com/security-guidance"><u>Security Update Guide</u></a></span></span></span><span><span><span><span>.</span></span></span></span></p></div><h2>Notes</h2><p><strong>Important </strong>Please apply <a data-content-id="4100480" data-content-type="article" href="" managed-link="" target="_blank">KB4100480</a> immediately after applying this update. KB4100480 resolves an elevation of privilege vulnerability in the Windows Kernel for the 64-Bit (x64) version of Windows. This vulnerability is documented in <a href="https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-1038" managed-link="" target="_blank">CVE-2018-1038</a>.</p><h2>Known issues in this update</h2><div><table class="table"><tbody><tr><td>Symptom</td><td>Workaround</td></tr><tr><td>Microsoft has reports of some customers on a small subset of older AMD processors getting into an unbootable state after installing this KB.<br/> <br/>To prevent this issue, Microsoft will temporarily pause Windows OS updates to devices with impacted AMD processors at this time.</td><td><p><span>This issue is resolved in <a data-content-id="4073578" data-content-type="article" href="" managed-link="" target="_blank">KB4073578</a>.</span></p></td></tr><tr><td><span>Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.</span></td><td><p>This issue is resolved in <a data-content-id="4093118" data-content-type="article" href="" managed-link="" target="_blank">KB4093118</a>. You no longer need the following ALLOW REGKEY to detect and be offered this update: </p><p>HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc</p><p><span></span></p></td></tr><tr><td><p>After installing KB4056897 or any other recent monthly updates, SMB servers may experience a memory leak for some scenarios. This occurs when the requested path traverses a symbolic link, mount point, or directory junction and the registry key is set to 1:</p><p> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanManServer\Parameters\EnableEcp</p></td><td>This issue is resolved in <a data-content-id="4103718" data-content-type="article" href="" managed-link="" target="_blank">KB4103718</a>.</td></tr></tbody></table><p> </p></div><h2>How to get this update</h2><div><p>This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the <a href="http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4056894">Microsoft Update Catalog</a> website.</p><p><strong>File information</strong></p><p>For a list of the files that are provided in this update, download the <a data-content-id="" data-content-type="" href="http://download.microsoft.com/download/A/E/4/AE4768D5-D156-43E4-BBAB-82784ED6C758/4056894.csv" target="_blank">file information for update 4056894</a>.</p></div></body></html>