MicrosoftKB4540681March 10, 2020—KB4540681 (OS Build 16299.1747)
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.3 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.54 Medium
EPSS
Percentile
97.6%
March 10, 2020—KB4540681 (OS Build 16299.1747)
ReminderMarch 12 and April 9 were the last two Delta updates for Windows 10, version 1709. Security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please visit our blog.
Reminder Windows 10, version 1709, reached end of service on April 9, 2019 for devices running Windows 10 Home, Pro, Pro for Workstation, and IoT Core editions. These devices will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.
IMPORTANTWindows 10 Enterprise, Education, and IoT Enterprise editions will continue to receive servicing at no cost per the lifecycle announcement on October 2018.
ePub support ended in Microsoft EdgeMicrosoft Edge has ended support for e-books that use the .epub file extension. For more information, see Download an ePub app to keep reading e-books.
For more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article.
Highlights
- Updates to improve security when using Microsoft Office products.
- Updates to improve security when using Microsoft Edge and Internet Explorer.
- Updates for verifying user names and passwords.
- Updates to improve security when Windows performs basic operations.
- Updates for storing and managing files.
- Updates to improve security when using external devices (such as game controllers, printers, and web cameras).
- Updates an issue that might prevent icons and cursors from appearing as expected.
Improvements and fixes
This security update includes quality improvements. Key changes include:
- Addresses an issue that might prevent icons and cursors from appearing as expected.
- Security updates to Microsoft Scripting Engine, Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Media, Windows Silicon Platform, Microsoft Edge, Internet Explorer, Windows Fundamentals, Windows Authentication, Windows Cryptography, Windows Kernel, Windows Core Networking, Windows Storage and Filesystems, Windows Peripherals, Windows Network Security and Containers, Windows Update Stack, and Windows Server.
If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the Security Update Guide.
Known issues in this update
| Symptom | Workaround |
|---|---|
| Devices using a manual or auto-configured proxy, especially with a virtual private network (VPN), might show limited or no internet connection status in the Network Connectivity Status Indicator (NCSI) in the notification area. This might happen when connected to or disconnected from a VPN or after changing the state between the two. Devices with this issue might also have issues reaching the internet using applications that use WinHTTP or WinInet. Examples of apps that might be affected on devices in this state include, but are not limited to, Microsoft Teams, Microsoft Office, Microsoft Office 365, Microsoft Outlook, Internet Explorer 11, and some versions of Microsoft Edge. | This issue is resolved in KB4554342. |
| Devices on a domain might be unable to install apps published using a Group Policy Object (GPO). This issue only affects app installations that use .msi files. It does not affect any other installation methods, such as from the Microsoft Store. | This issue is resolved in KB4556812. |
How to get this update
| Before installing this updateMicrosoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB4541731) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the Microsoft Update Catalog.Install this update****Release Channel | Available | Next Step |
|---|---|---|
| Windows Update and Microsoft Update | Yes | None. This update will be downloaded and installed automatically from Windows Update. |
| Microsoft Update Catalog | Yes | To get the standalone package for this update, go to the Microsoft Update Catalog website. |
| Windows Server Update Services (WSUS) | Yes | This update will automatically sync with WSUS if you configure Products and Classifications as follows:Product: Windows 10Classification: Security Updates File informationFor a list of the files that are provided in this update, download the file information for cumulative update 4540681. |
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.3 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.54 Medium
EPSS
Percentile
97.6%