Lucene search

K
mskbMicrosoftKB4074594
HistoryFeb 13, 2018 - 8:00 a.m.

February 13, 2018—KB4074594 (Monthly Rollup)

2018-02-1308:00:00
Microsoft
support.microsoft.com
62

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7

Confidence

High

EPSS

0.939

Percentile

99.2%

February 13, 2018—KB4074594 (Monthly Rollup)

Improvements and fixes

This security update includes improvements and fixes that were a part of update KB4057401 (released January 17, 2018) and addresses the following issues:

  • Addresses a script-related issue that caused Internet Explorer to stop working in some cases.
  • Addresses issue with editing input fields in some applications in Internet Explorer.
  • Addresses issue with launching a new page in Internet Explorer.
  • Addresses issue where after installing KB4056895 or KB4056898 on an SMB server, accessing files in directory junction points or volume mount points hosted on the server may fail. The error is “ERROR_INVALID_REPARSE_DATA”. For example, the following symptom may be observed:Editing some group policies using GPMC or AGPM 4.0 may fail with the error “The data present in the reparse point buffer is invalid. (Exception from HRESULT: 0x80071128)”.
  • Addresses issue where when SharePoint writes to a SQL Server filestream share with SMB3 encryption enabled, the write may fail or execute very slowly.
  • Security updates to Internet Explorer, Windows Kernel, Common Log File System driver, Windows storage and file systems, Microsoft Windows Search component, and the Windows SMB Server.
    For more information about the resolved security vulnerabilities, see the Security Update Guide.

Known issues in this update

Symptom Workaround
Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY. This issue is resolved in KB4093114. You no longer need the following ALLOW REGKEY to detect and be offered this update: HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc

How to get this update

This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the Microsoft Update Catalog website.File informationFor a list of the files that are provided in this update, download the file information for update 4074594.

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7

Confidence

High

EPSS

0.939

Percentile

99.2%