June 12, 2018—KB4284826 (Monthly Rollup)

2018-06-12T00:00:00
ID KB4284826
Type mskb
Reporter Microsoft
Modified 2018-09-10T17:00:31

Description

<html><body><p>Learn more about update KB4284826, including improvements and fixes, any known issues, and how to get the update.</p><h2>Improvements and fixes</h2><div><p>This security update includes improvements and fixes that were a part of update <a data-content-id="4103713" data-content-type="article" href="" managed-link="" target="_blank">KB4103713</a> (released May 17, 2018) and addresses the following issues:</p><ul><li>Provides support to control use of Indirect Branch Prediction Barrier (IBPB) on some AMD processors (CPUs) for mitigating CVE-2017-5715, Spectre Variant 2 when switching from user context to kernel context. (See <a href="https://developer.amd.com/wp-content/resources/Architecture_Guidelines_Update_Indirect_Branch_Control.pdf" managed-link="" target="_blank">AMD Architecture Guidelines for Indirect Branch Control</a> and <a href="https://www.amd.com/en/corporate/security-updates">AMD Security Updates</a> for more details). For Windows client (IT pro) guidance, follow the instructions in <a data-content-id="4073119" data-content-type="article" href="" managed-link="" target="_blank">KB4073119</a>. For Windows Server guidance,<strong> </strong>follow the instructions in <a data-content-id="4072698" data-content-type="article" href="" managed-link="" target="_blank">KB4072698</a>. Use these guidance documents to enable use of IBPB on some AMD processors (CPUs) for mitigating Spectre Variant 2 when switching from user context to kernel context.</li><li>Provides protections from an additional subclass of speculative execution side channel vulnerability known as <a href="https://blogs.technet.microsoft.com/srd/2018/05/21/analysis-and-mitigation-of-speculative-store-bypass-cve-2018-3639/">Speculative Store Bypass</a> (CVE-2018-3639). These protections aren't enabled by default. For Windows client (IT pro) guidance, follow the instructions in <a data-content-id="4073119" data-content-type="article" href="" managed-link="" target="_blank">KB4073119</a>. For Windows Server guidance,<strong> </strong>follow the instructions in <a data-content-id="4072698" data-content-type="article" href="" managed-link="" target="_blank">KB4072698</a>. Use this guidance document to enable mitigations for Speculative Store Bypass (CVE-2018-3639) in addition to the mitigations that have already been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).</li><li>Increased the Internet Explorer cookie limit from 50 to better align with industry standards.</li><li><p><span><span><span><span>Improves the reliability of Internet Explorer when using geolocation.</span></span></span></span></p></li><li>Security updates to Internet Explorer, Windows apps, Windows Server, Windows storage and filesystems, Windows wireless networking, and Windows virtualization and kernel.</li></ul><p>For more information about the resolved security vulnerabilities, see the <a href="https://portal.msrc.microsoft.com/security-guidance">Security Update Guide</a>.</p></div><h2>Known issues in this update</h2><div><table class="table"><tbody><tr><td>Symptom</td><td>Workaround</td></tr><tr><td valign="top">After you apply this update, the network interface controller may stop working on some client software configurations. This occurs because of an issue related to a missing file, oem<number>.inf. The exact problematic configurations are currently unknown.</td><td valign="top"><ol><li>To locate the network device, launch devmgmt.msc; it may appear under Other Devices.</li><li>To automatically rediscover the NIC and install drivers, select <strong>Scan for Hardware Changes</strong> from the Action menu.</li></ol><p class="indent-1">a. Alternatively, install the drivers for the network device by right-clicking the device and selecting <strong>Update</strong>.<strong> </strong>Then select <strong>Search automatically for updated driver software</strong> or <strong>Browse my computer for driver software</strong>.</p></td></tr></tbody></table></div><h2>How to get this update</h2><div><p>This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the <a href="http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4284826">Microsoft Update Catalog</a> website.</p><p><strong>File information</strong></p><p>For a list of the files that are provided in this update, download the <a data-content-id="" data-content-type="" href="http://download.microsoft.com/download/2/2/0/2209FFEF-4DEA-411C-93C1-B240F8F6691C/4284826.csv" target="">file information for update 4284826</a>. </p></div></body></html>