August 14, 2018—KB4343896 (Security-only update)

2018-08-14T15:52:19
ID KB4343896
Type mskb
Reporter Microsoft
Modified 2018-08-14T17:06:57

Description

<html><body><p>Learn more about update KB4343896, including improvements and fixes, any known issues, and how to get the update.</p><h2>Improvements and fixes</h2><div><p>This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:</p><ul><li>Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (<a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018">CVE-2018-3620</a> and <a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018">CVE-2018-3646</a>). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the <a href="https://apac01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F4072698%2Fwindows-server-guidance-to-protect-against-the-speculative-execution&data=02%7C01%7C%7C5f093a5931474f6f371408d5fba393a8%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636691602344621389&sdata=3AsCxE7BxWnxLjOiS3fBBT%2FNJ144HgvwBotv%2FazrX%2Fk%3D&reserved=0" target="_blank">Windows Server</a> guidance KB article. (<em>These registry settings are disabled by default for Windows Server OS editions.)</em></li><li><p>Provides protections against an additional vulnerability involving side-channel speculative execution known as Lazy Floating Point (FP) State Restore (<a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180016">CVE-2018-3665</a>) for 32-Bit (x86) versions of Windows.</p></li></ul><p>For more information about the resolved security vulnerabilities, see the <a href="https://portal.msrc.microsoft.com/security-guidance">Security Update Guide</a>.</p></div><h2>Known issues in this update</h2><div><p>Microsoft is not currently aware of any issues with this update.</p></div><h2>How to get this update</h2><div><p>This update is now available for installation through WSUS. To get the standalone package for this update, go to the <a href="http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4343896">Microsoft Update Catalog</a> website.</p><p><strong>File information</strong></p><p>For a list of the files that are provided in this update, download the <a data-content-id="" data-content-type="" href="http://download.microsoft.com/download/1/2/C/12C9BB98-1209-4D80-B837-FFC63AF7FCD0/4343896.csv" target="">file information for update 4343896</a>. </p></div></body></html>