Yesterday, Microsoft delivered cumulative update KB4284880 for Windows 10 Version 1607 Build 14393.2312. The package is equally useful for Windows Server 2016. However, the update is not valid for the Home and Pro versions because Microsoft has ended support for these on April 10, 2018. But Windows 10 Enterprise and Windows 10 Education editions users will receive it automatically.
The cumulative updates include extra Protection from Speculative Store Bypass, performance improvements, and Security and few fixes.
KB4284880 –
See the details –
Table of Contents
KB4284880 Windows 10 Version 1607 Build 14393.2312 Details
KB4284880 gives protections from a vulnerability associated with the subclass of speculative execution side channel. This attack on Systems with microprocessors is also referred as Speculative Store Bypass (CVE-2018-3639). The protections are disabled by default so Windows client (IT pro) should follow the guidelines in KB4073119. You need to pursue the instructions in KB4072698 to enable the same on Windows Server. These notes will help you use mitigations for Speculative Store Bypass (CVE-2018-3639). Furthermore, you can also mitigate Spectre Variant 2 “CVE-2017-5715” including Meltdown “CVE-2017-5754” using the information.
KB4284880 Windows 10 Version 1607 Build 14393.2312 additional performance improvements
Microsoft has worked on booting with Unified Write Filter and a connected USB hub problem that may show stop error E1.
Windows 10 team addresses firmware updates bug that causes systems to switch to BitLocker recovery mode This occurs while
Secure Boot is disabled or not present although BitLocker is running. KB4284880 will stop firmware installation on the system in this state. Admins can install firmware updates by:
- Suspending BitLocker at that time,
- Instantly installing firmware updates prior to the subsequent bootup.
- To re-enable BitLocker Immediately reboot the system.
Windows 10 v1607 will now allow a band-capable disk that comprises only one partition to change to a dynamic disk. This will be an MSR partition.
Microsoft raises the Internet Explorer cookie limit to better compete with industry standards which was 50 earlier.
Security updates to the built-in web browser Microsoft Edge, Microsoft scripting engine, Windows Desktop Bridge, Windows apps exist in KB4284880. In addition, the same for Windows Server, Windows datacenter networking, Windows wireless networking is also available in this package. KB4284880 has the security updates for “Windows virtualization and kernel”, and “Windows app platform and frameworks”.
In case, you already installed previous updates which included improvements, you will receive only the new fixes in this patch.
Known issues in this update in KB4284880 Windows 10 Version 1607 Build 14393.2312
Issue |
Workaround |
Microsoft noticed Reliability problem during the creation of shielded VMs and the requisite artifacts for their deployment. This issue also occurred with Shielding File Wizard with or without the SCVMM interface.
Important: There was no change in Existing shielded VMs and HGSs. |
Microsoft is trying to settle and will provide an update in an upcoming release. |
How to get this KB4284880 Windows 10 Version 1607 Build 14393.2312
To get the standalone package for this update in an easy way, navigate to this link.
Note: If you are getting servicing stack update (SSU) (KB4132216) and the KB4284880 at the same time install the SSU before installing the LCU.
Alternatively, launch Settings app and do a click on Update & Security. Click on check for updates and manually install the patch.