Microsoft rolls out the patch KB4343897 for Windows 10 1709 Build 16299.611. This cumulative update carries some significant improvements as well as fixes to the operating system. You can download KB4343897 directly from Windows Update. However, the team also lets you manually grab the stand-alone package via the Microsoft Update Catalog.
The cumulative update KB4343897 deals with issues of high CPU usage, or fixes vulnerabilities such as L1 Terminal Fault (L1TF), and so on. So, here, in this article, you will find every minute details of this patch, including its download link at the bottom.
KB4343897 –
Table of Contents
Download KB4343897 for Windows 10 Version 1709 Build 16299.611
KB4343897 Improvements and fixes
KB4343892 carries quality improvements in the operating system. It does not introduce any new features but definitely provides key changes.
KB4343892 for Windows 10 1803 Build 10240 provides security to the OS against L1 Terminal Fault (L1TF), a new speculative execution side-channel vulnerability. This issue basically affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). However, before you proceed to download KB4343892, ensure to secure the previous operating system protections against Spectre Variant 2 and Meltdown vulnerabilities by enabling them using the registry. The earlier Windows Client KB article outline about this registry setting. By default, for Windows Client OS editions, the registry settings are enabled.
Windows 10 resolves the problem that causes high CPU usage which eventually leads to performance degradation on some systems with Family 15h and 16h AMD processors. This specific problem generally exists after installing the June 2018 or July 2018 Windows updates from Microsoft. Moreover, it also occurs after the installation of AMD microcode updates that address Spectre Variant 2 (CVE-2017-5715 – Branch Target Injection).
KB4343892 is also compatible for the draft version of the Token Binding protocol v0.16.
Windows 10 team focuses the problem that causes Device Guard to avert some ieframe.dll class IDs after the installation of May 2018 Cumulative Update.
The release of this update makes you sure that Internet Explorer moreover Microsoftsupportsupport the preload=”none” tag.
Microsoft also concentrates on the trouble that displays “AzureAD” as the default domain on the sign-in screen. This issue basically happens after installing the July 24, 2018 update on a Hybrid Azure AD-joined machine. As a result of this problem, you may fail to sign in in Hybrid Azure AD-joined scenarios when you give only your username and password.
By installing this update, you can deal with an issue that adds extra spaces to content that’s copied from Internet Explorer to other applications.
Microsoft team deals with a vulnerability related to the Export-Modulemember() function when used with a dot-sourcing script and a wildcard (*). The existing modules on machines that have Device Guard enabled will eventually fail once you install KB4343897. The exception message that it displays is “This module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement”.
KB4343897 for Windows 10 undertakes the problem that was introduced in the July 2018 .NET Framework update. Furthermore, the applications that rely on COM components were failing to load or run correctly. This problem occurs due to the occurrence of errors such as “access denied“, “class not registered”, or “internal failure occurred for unknown reasons”.
In addition to the above changes, KB4343897 also provides Security updates to Windows Server.
Note: In case you have installed the previous updates, then only the new fixes that this particular package carries will be downloaded moreover installed on your system.
Known Issues in KB4343897 for Windows 10 1709 Build 16299.611
| Problem | Workaround |
| Instead of displaying the string in localized language, some non-English platforms may show them it in English. This string goes like this “Reading scheduled jobs from file is not supported in this language mode”. This error happens to occur when you make an attempt to read the scheduled jobs you’ve created and Device Guard is enabled. | Microsoft team is currently dealing with its resolution. Nothing to worry as they will provide an update in an upcoming release. |
| After turning on the Device Guard, certain non-English platforms may show the below-given strings in English instead of the localized language.
1. “Cannot use ‘&’ or ‘.’ operators to invoke a module scope command across language boundaries.” 2. “‘Script’ resource from ‘PSDesiredStateConfiguration’ module is not supported when Device Guard is enabled. Please use ‘Script’ resource published by PSDscResources module from PowerShell Gallery.” |
The team is looking into the matter and will soon introduce an update in the next release. |
How to Download KB4343897 for Windows 10 1709 Build 16299.611
Windows 10 OS will automatically download as well as install KB4343897 through Windows Updates. However, you can also get the stand-alone package. To do so, navigate to Microsoft Update Catalog and download KB4343897 for Windows 10.