Lucene search

MicrosoftKB4343900

HistoryAug 14, 2018 - 7:00 a.m.

August 14, 2018—KB4343900 (Monthly Rollup)

2018-08-1407:00:00

Microsoft

support.microsoft.com

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

JSON

August 14, 2018—KB4343900 (Monthly Rollup)

Improvements and fixes

This security update includes improvements and fixes that were a part of update KB4338821 (released July 18, 2018) and addresses the following issues:

Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)
Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the June 2018 or July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 (CVE-2017-5715 – Branch Target Injection).
Provides protections against an additional vulnerability involving side-channel speculative execution known as Lazy Floating Point (FP) State Restore (CVE-2018-3665) for 32-Bit (x86) versions of Windows.
For more information about the resolved security vulnerabilities, see the Security Update Guide.

Known issues in this update

Symptom	Workaround
After you apply this update, the network interface controller may stop working on some client software configurations. This occurs because of an issue related to a missing file, oem<number>.inf. The exact problematic configurations are currently unknown.

To locate the network device, launch devmgmt.msc; it may appear under Other Devices.
To automatically rediscover the NIC and install drivers, select Scan for Hardware Changes from theAction menu.
a. Alternatively, install the drivers for the network device by right-clicking the device and selecting Update. Then selectSearch automatically for updated driver softwareorBrowse my computer for driver software.
In Internet Explorer 11, a blank page may appear for some redirects. Additionally, if you open a site that uses Active Directory Federation Services (AD FS) or Single sign-on (SSO), the site may be unresponsive.| This issue is resolved in KB4343894.
After installing this update, you may observe decreased performance in Internet Explorer 11 when roaming profiles are used or when the Microsoft Compatibility List is not used.| This issue is resolved in KB4463376.

How to get this update

This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the Microsoft Update Catalog website.File informationFor a list of the files that are provided in this update, download the file information for update 4343900.