November 13, 2018—KB4467680 (OS Build 10240.18036)

Improvements and fixes

This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

• Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers. These protections aren’t enabled by default. For Windows client (IT pro) guidance, follow the instructions in KB4073119. Use this guidance document to enable mitigations for Speculative Store Bypass (CVE-2018-3639). Additionally, use the mitigations that have already been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).
• Updates Venezuela currency information. This will affect the culture of “es-VE” as follows:
  • The currency symbol is “Bs.S”.
  • The English currency name is “Bolívar Soberano”.
  • The local currency name is “bolívar soberano”.
  • The International Currency Code is “VES”.
• Addresses additional issues with updated time zone information.
• Addresses an issue with navigation from the Decade view in the Japanese calendar. When the user tries to go from the Current era to the next era, navigation does not work properly.
• Addresses an issue in the Universal CRT that sometimes causes the AMD64-specific implementation of FMOD to return an incorrect result when given very large inputs. FMOD is frequently used to implement the modulo operator in JavaScript and Python implementations that use the Universal C Runtime.
• Addresses an issue with a handle leak that may occur in the lsm.exe process and in applications that callSCardEstablishContextorSCardReleaseContext. Once the leaked handle count reaches a certain threshold, smart card-based operations fail with the error, “SCARD_E_NO_SERVICE”.
• Security updates to Microsoft Edge, Internet Explorer, Windows Scripting, Windows App Platform and Frameworks, Windows Graphics, Windows Kernel, and Windows Server.
  If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the Security Update Guide.

Windows Update ImprovementsMicrosoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn’t apply to long-term servicing editions.

Known issues in this update

How to get this update

Before installing this updateMicrosoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For more information, see Servicing stack updates.If you are using Windows Update, the latest SSU (KB4093430) will be offered to you automatically. To get the stand-alone package for the latest SSU, go to the Microsoft Update Catalog.Install this updateThis update will be downloaded and installed automatically from Windows Update. To get the stand-alone package for this update, go to the Microsoft Update Catalog website.File informationFor a list of the files that are provided in this update, download the file information for cumulative update 4467680.