Lucene search

MicrosoftKB4601315

HistoryFeb 09, 2021 - 8:00 a.m.

February 9, 2021—KB4601315 (OS Build 18363.1377) - EXPIRED

2021-02-0908:00:00

Microsoft

support.microsoft.com

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.5 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.451 Medium

EPSS

Percentile

97.4%

JSON

February 9, 2021—KB4601315 (OS Build 18363.1377) - EXPIRED

NEW 8/5/21
EXPIRATION NOTICE****IMPORTANTAs of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update.

**12/8/20
REMINDER **Windows 10, version 1903 reached end of servicing on December 8, 2020. To continue receiving security and quality updates, Microsoft recommends that you update to the latest version of Windows 10. If you want to update to Windows 10, version 1909, you must use the Enablement Package KB4517245 (EKB). Using the EKB makes updating faster and easier and requires a single restart. For more information, see Windows 10, version 1909 delivery options.

11/19/20
For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. To view other notes and messages, see the Windows 10, version 1909 update history home page.NoteFollow @WindowsUpdate to find out when new content is published to the release information dashboard.

NoteThis release also contains updates for Microsoft HoloLens (OS Build 18363.1098) released February 9, 2021. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have not updated to this most recent OS Build.

Highlights

Updates to improve security when using input devices such as a mouse, keyboard, or pen.
Updates for verifying usernames and passwords.

Improvements and fixes

This security update includes quality improvements. Key changes include:

Addresses a possible elevation of privilege vulnerability in the win32k component.
Updates the Netlogon Elevation of Privilege Vulnerability (CVE-2020-1472) to enable Enforcement mode. For more details, see CVE-2020-1472 and How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472.
Security updates to Windows App Platform and Frameworks, Windows Apps, Windows Input and Composition, Windows Cloud Infrastructure, Windows Management, Windows Authentication, Windows Fundamentals, Windows Cryptography, Windows Virtualization, Windows Core Networking, and Windows Hybrid Cloud Networking.
If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new Security Update Guide website.

Windows Update ImprovementsMicrosoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn’t apply to long-term servicing editions.

Known issues in this update

Symptom	Workaround
Microsoft and Discord have found incompatibility issues with some games using Direct3D 12 when the in-game overlay feature of Discord is enabled. When attempting to open affected games you might receive an error, or the game might close silently.	To mitigate this issue, you can turn off the in-game overlay in settings within the Discord app.This issue is now resolved in an update to the Discord app. To verify you’re on the latest version, right click on the Discord icon in the notification area and select “Check for updates…”. If there are updates to install, it should install automatically but you might need to select the arrow icon in the upper right corner of the app to install the updated version. There is no update for Windows needed to resolve this issue.
You might receive stop error 0x7E in nwifi.sys with a blue screen when you attempt to use a Wi-Fi Protected Access 3 (WPA3) connection. You are more likely to encounter this issue when reconnecting to a Wi-Fi network after disconnecting or when waking from sleep or hibernation. NoteMost Wi-Fi networks are currently using WPA2 and are not affected.	To mitigate this issue, you can do one of the following:

Symptom

Workaround

Microsoft and Discord have found incompatibility issues with some games using Direct3D 12 when the in-game overlay feature of Discord is enabled. When attempting to open affected games you might receive an error, or the game might close silently.

To mitigate this issue, you can turn off the in-game overlay in settings within the Discord app.This issue is now resolved in an update to the Discord app. To verify you’re on the latest version, right click on the Discord icon in the notification area and select “Check for updates…”. If there are updates to install, it should install automatically but you might need to select the arrow icon in the upper right corner of the app to install the updated version. There is no update for Windows needed to resolve this issue.

You might receive stop error 0x7E in nwifi.sys with a blue screen when you attempt to use a Wi-Fi Protected Access 3 (WPA3) connection. You are more likely to encounter this issue when reconnecting to a Wi-Fi network after disconnecting or when waking from sleep or hibernation. NoteMost Wi-Fi networks are currently using WPA2 and are not affected.

To mitigate this issue, you can do one of the following:

Update your device to Windows 10, version 2004 or Windows 10, version 20H2.
Connect to a Wi-Fi network using WPA2. To do this you may need to reconfigure your access point or router settings.
Connect using a wired ethernet connection.
This issue is resolved in KB5001028.

How to get this update

Before installing this updateMicrosoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB4601395) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the Microsoft Update Catalog.Install this update****Release Channel	Available	Next Step
Windows Update and Microsoft Update	Yes	None. This update will be downloaded and installed automatically from Windows Update.
Microsoft Update Catalog	Yes	To get the standalone package for this update, go to the Microsoft Update Catalog website.
Windows Server Update Services (WSUS)	Yes	This update will automatically sync with WSUS if you configure Products and Classifications as follows:Product: Windows 10, version 1903 and laterClassification: Security Updates File informationFor a list of the files that are provided in this update, download the file information for cumulative update 4601315.Note Some files erroneously have “Not applicable” in the “File version” column of the CSV file. This might lead to false positives or false negatives when using some third-party scan detection tools to validate the build.