January 4, 2018—KB4056894 (Monthly Rollup)

Improvements and fixes

This security update includes improvements and fixes that were a part of update KB4054518 (released December 12, 2017) and addresses the following issues:

• Security updates to Windows SMB Server, Windows Kernel, Microsoft Graphics Component, Internet Explorer, and Windows Graphics.
  For more information about the resolved security vulnerabilities, see the Security Update Guide.

Notes

ImportantPlease apply KB4100480 immediately after applying this update. KB4100480 resolves an elevation of privilege vulnerability in the Windows Kernel for the 64-Bit (x64) version of Windows. This vulnerability is documented in CVE-2018-1038.

Known issues in this update

To prevent this issue, Microsoft will temporarily pause Windows OS updates to devices with impacted AMD processors at this time.| This issue is resolved in KB4073578.
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.| This issue is resolved in KB4093118. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc
After installing KB4056897 or any other recent monthly updates, SMB servers may experience a memory leak for some scenarios. This occurs when the requested path traverses a symbolic link, mount point, or directory junction and the registry key is set to 1: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanManServer\Parameters\EnableEcp| This issue is resolved in KB4103718.

How to get this update

This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the Microsoft Update Catalog website.File informationFor a list of the files that are provided in this update, download the file information for update 4056894.