Cumulative Update KB4343897 Windows 10 v1709 Build 16299.611 - Aug. 14
Cumulative Update KB4343897 Windows 10 v1709 Build 16299.611 - Aug. 14
Last Updated: 22 Aug 2018 at 09:25
August 14, 2018 - KB4343897 (OS Build 16299.611)
Applies to: Windows 10, version 1709 Improvements and fixes
This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:
Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)
Addresses an issue that causes high CPU usage that results in performance degradation on some systems with Family 15h and 16h AMD processors. This issue occurs after installing the June 2018 or July 2018 Windows updates from Microsoft and the AMD microcode updates that address Spectre Variant 2 (CVE-2017-5715 – Branch Target Injection).
Updates support for the draft version of the Token Binding protocol v0.16.
Addresses an issue that causes Device Guard to block some ieframe.dll class IDs after the May 2018 Cumulative Update is installed.
Ensures that Internet Explorer and Microsoft Edge support the preload="none" tag.
Addresses an issue that displays “AzureAD” as the default domain on the sign-in screen after installing the July 24, 2018 update on a Hybrid Azure AD-joined machine. As a result, users may fail to sign in in Hybrid Azure AD-joined scenarios when users provide only their username and password.
Addresses an issue that adds additional spaces to content that's copied from Internet Explorer to other apps.
Addresses a vulnerability related to the Export-Modulemember() function when used with a wildcard (*) and a dot-sourcing script. After installing this update, existing modules on devices that have Device Guard enabled will intentionally fail. The exception error is “This module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement”. For more information, see https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200 and https://aka.ms/PSModuleFunctionExport.
[ADDED 8/22] Addresses an issue that was introduced in the July 2018 .NET Framework update. Applications that rely on COM components were failing to load or run correctly because of “access denied,” “class not registered,” or “internal failure occurred for unknown reasons” errors.
[ADDED 8/22] Addresses a vulnerability issue by correcting the way that the .NET Framework handles high-load or high-density network connections. For more information, see CVE-2018-8360.
Security updates to Windows Server.
If you installed earlier updates, only the new fixes in this package will be downloaded and installed on your device.
For more information about the resolved security vulnerabilities, see the Security Update Guide.
Known issues in this update
Symptom
Workaround
Some non-English platforms may display the following string in English instead of the localized language: ”Reading scheduled jobs from file is not supported in this language mode.” This error appears when you try to read the scheduled jobs you've created and Device Guard is enabled
Microsoft is working on a resolution and will provide an update in an upcoming release.
When Device Guard is enabled, some non-English platforms may display the following strings in English instead of the localized language:
"Cannot use '&' or '.' operators to invoke a module scope command across language boundaries."
"'Script' resource from 'PSDesiredStateConfiguration' module is not supported when Device Guard is enabled. Please use 'Script' resource published by PSDscResources module from PowerShell Gallery."
Microsoft is working on a resolution and will provide an update in an upcoming release.
How to get this update
This update will be downloaded and installed automatically from Windows Update.
Are these updates only for the april update windows? I have these on windows update:
2018-08 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4343897)
[Internal – Corpnet Required] 2018-08 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4343897)
Computer Type: Laptop System Manufacturer/Model Number: PC Specialist custom laptop Cosmos IV OS: Win 10 Pro (22H2) (2nd PC is 22H2) CPU: i3 Dual Core Processor i3-6100H Memory: 16GB HyperX IMPACT 1600MHz SODIMM DDR3 Graphics Card: NVIDIA® GeForce® GT 940M Monitor(s) Displays: 15.6" Matte Full HD IPS LED Widescreen Screen Resolution: 1920x1080 Hard Drives: 256GB SAMSUNG SM951 M.2
1TB SERIAL ATA II 2.5" HARD DRIVE WITH 8MB CACHE Internet Speed: 38MB/s Browser: Firefox, Chrome Antivirus: Avast
Downloaded Brink's link and updated no problem other than taking more time than usual on the reboot cycle. So far, nothing sticks out...
I find myself spending more time running a Debian Stretch OS lately. While the desktop is not as fast as W10, KDE gives me the sexy desktop I've grown accustomed to,
Are these updates only for the april update windows? I have these on windows update:
2018-08 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4343897) [Internal – Corpnet Required] 2018-08 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4343897)
@qwertymikey, the part of your post I have put in bold signifies an update that would delivered by a company internal network. Before you say 'but I'm not using a company machine' there are a few other (rare) reports of seeing the same thing, but mostly for the 1803 version of this 2018-08 update.
I am trying to update one of my Windows 10 operating system, but it has been stuck in Initializing status. The update in question is: [Internal – Corpnet Required] 2018-08 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB4343909)
'Corpnet' is a Microsoft name for the internal network, either at Microsoft or in company networks.
Microsoft Corpnet – These are individuals who work internally for Microsoft and are generally the administrators of the extranet application used by partner companies.
At a guess, it appears that versions of the 2018-08 cumulative updates marked for internal deployment by companies through WSUS has been inadvertently been put up on the public windows update server alongside the public ones. Note that both your updates are the same KB number.
WSUS is a Windows Server role available in the Windows Server operating systems. It provides a single hub for Windows updates within an organization.
What version does Winver say you now have? If it is OS Build 16299.611 then one of the KB4343897 updates has successfully installed and the other is a redundant duplicate. It may however be difficult to convince your Windows that it doesn't need it.
Try Restart from the power button on Start. Windows update should then say something like 'we couldn't install updates because the PC was turned off' then check for updates again. Hopefully it will find it is up to date. If not, try the Windows Update troubleshooter. If all else fails, reset windows update (note, this will also clear your update history).
Computer Type: Laptop System Manufacturer/Model Number: Toshiba Satellite L750 OS: 10 Home x64 (22H2) (10 Pro on 2nd pc) CPU: Intel Pentium B950 @2.10GHz Memory: 4GB Internet Speed: 50Mbps down, 10Mbps up Browser: IE/Edge/Firefox Antivirus: Defender Other Info: ...other laptops include:
Dell Latitude E7270, 6th gen i7, 16GB RAM, Windows 10 Pro.
Dell Latitude 5410, 10th gen i7, 32GB RAM, Windows 11 Pro.
main use is to run Hyper-V VMs including XP, W7, W8.1, W10 & W11
Computer Type: Laptop System Manufacturer/Model Number: Samsung R519 OS: 10 Pro x86 (22H2, 21H1, 20H2, 2004, 1909, 1903, 1809, 1803, 1709, 1703, 1607, 1511, 1507), 7 Pro x86 CPU: Intel Pentium T4300 2.10GHz Memory: 4GB Other Info: Test/support machine - uses multiple Macrium images to switch OS.
@Bree thanks for your reply. In the end the update(s) installed after I ran the windows updates troubleshooter for the fourth time. I had the 1709 version and after the updates in question were installed I noticed the message "some settings are managed by your organization" above the new listed windows updates. After I installed the 1803 upgrade the message was gone. I ended up rolling back to the 1709 version because of a problem with the audio though.
New "Improvements and fixes" below added for KB4343897 in first post.
Addresses an issue that was introduced in the July 2018 .NET Framework update. Applications that rely on COM components were failing to load or run correctly because of “access denied,” “class not registered,” or “internal failure occurred for unknown reasons” errors.
Addresses a vulnerability issue by correcting the way that the .NET Framework handles high-load or high-density network connections. For more information, see CVE-2018-8360.
Source: https://support.microsoft.com/en-us/help/4486996
Direct download links for KB4486996 MSU file from Microsoft Update Catalog:
:arrow: Download KB4486996 MSU for Windows 10 v1709 32-bit (x86) - 496.8 MB
:arrow: Download KB4486996 MSU...
UPDATE 4/10: Cumulative Update KB4093112 Windows 10 v1709 Build 16299.371 - Apr. 10 - Windows 10 Forums
Source: https://support.microsoft.com/en-us/help/4089848
Direct download links for KB4089848 MSU file from Microsoft Update...
UPDATE 3/13: Cumulative Update KB4088776 Windows 10 v1709 Build 16299.309 - Mar. 13 - Windows 10 Forums
Source: https://support.microsoft.com/en-us/help/4090913/march5-2018kb4090913osbuild16299-251
Direct download links for KB4090913...