The release of KB4343887 contains multiple improvements and fixes for Windows 10 Anniversary Update. This patch does not introduce any new features to the OS but definitely deals with various vulnerability issues. However, to install this update, you need to take care of certain requirements.
There are two ways to Download KB4343887 for Windows 10 1607 Build 14393.2430 – either manually or automatically. So, in this article, we will outline all the details of this patch.
KB4343887 for Windows 10 1607 Build 14393.2430 Details
Let us first explore the details of KB4343887 –
In addition, this package also comprises updates for Windows 10 Mobile (OS Build 14393.2431).
If you have installed previous updates, then this package will download moreover install only the fixes on your device.
Please understand as important that for Windows Server 2016, this patch is not available with express installation files.
Precondition: Before installing the current cumulative update (LCU) (KB4343887), you must install servicing stack update (SSU) (KB4132216). Until the SSU is installed, the LCU will not be applicable.
Download KB4343887 for Windows 10 1607 Build 14393.2430
Now, let us go through the improvements and fixes that this patch holds –
When you install this cumulative update, it offers security against the strong speculative execution side-channel vulnerability. It is called L1 Terminal Fault (L1TF) which generally affects the processors of Intel® Core® moreover Intel® Xeon®. Furthermore, be sure to enable earlier OS protections against the vulnerabilities of Meltdown and Spectre Variant 2 through the registry tweak. The guidance Knowledgebase (KB) articles of Windows Client, as well as Windows Server, include the entire registry settings. However, an important thing to note is that by default these registry settings are enabled for Windows Client OS. But the same settings are disabled for Windows Server OS editions.
The release of this patch will bypass the problems that lead to high CPU usage. This is why certain systems containing Family 15h and 16h AMD processors experience degradation in performance. Now, this specific trouble exists on devices after the installation of June or July 2048 Windows updates from Microsoft and AMD microcode updates that specify Spectre Variant 2.
Microsoft team provides a solution to the trouble that causes Internet Explorer from functioning for some particular web pages.
KB4343887 focuses on the problem of Device Guard as well. Actually, after receiving May 2018 Cumulative Update, it stops some ieframe.dll class IDs.
Windows 10 team works on the fact that Microsoft Edge and Internet Explorer support the preload=”none” tag.
Microsoft undertakes the vulnerability regarding the Export-Modulemember() function when used with a wildcard (*) moreover a dot-sourcing script. The existing modules on systems with Device Guard enabled will fail once you install this update. It displays the following exception error –
This module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement
In the course of fixes, the team also works on another vulnerability problem by modifying the way the .NET Framework manages high-load and high-density network connections.
Last but not the least, KB4343887 contains Security updates to Windows Server as well.
Known Issues in KB4343887 for Windows 10 1607 Build 14393.2430
The Microsoft team is presently not aware of any issue regarding this specific patch.
How to Get KB4343887 for Windows 10 1607 Build 14393.2430
The Windows Update settings will by default automatically download KB4343887 and install on your Windows 10 PC. In addition, you can also manually grab the stand-alone package by visiting the Microsoft Update Catalog.
Source – Release note