November Windows 10 'Patch Tuesday' updates now rolling out

By Dan Thorp-Lancaster
published

Better late than never?

Surface Laptop 2
Surface Laptop 2 (Image credit: Windows Central)

We're two weeks into November, which means it's time for another round of "Patch Tuesday" updates for Windows 10. Once again, these updates focus on fixes and security updates, rather than any new features. The patches are available for several versions of Windows 10, and they're dropping at the same time as the relaunch of the troubled Windows 10 October 2018 Update.

Coinciding with its public realaunch, the October 2018 Update is picking up KB4464455, which moves the build number up to 17763.107. Here's what's included:

  • Addresses an issue that incorrectly implies that user policies have not been applied after configuring a user rights Group Policy setting. Reporting tools, such as RSOP.MSC or Gpresult.exe /h, do not show the user rights policies or display a red "X" instead.
  • Addresses an issue that degrades Internet Explorer performance when you use roaming profiles or you don't use the Microsoft Compatibility List.
  • Addresses additional issues with updated time zone information.
  • Addresses an issue that causes a black screen to appear after turning on the display on some servers.
  • Addresses an issue that causes a long delay in taking a photo using the Camera app in certain lighting conditions.
  • Addresses a performance issue with vSwitch on network interface cards (NIC) that do not support Large Send Offload (LSO) and Checksum Offload (CSO).
  • Addresses an issue that may cause applications to lose IPv4 connectivity when IPv6 is unbound.
  • Addresses an issue that may break connectivity on guest VMs on the server when applications inject the low-resource flag on packets.

If you're still running the Fall Creators Update, Creators Update, or Anniversary Update, you'll see KB4467686, KB4467696 and KB4467691, which tick the build numbers up to 16299.785, 15063.1446, and 14393.2608, respectively. Here's what's new in each update:

  • Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers. These protections aren't enabled by default. For Windows client (IT pro) guidance, follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. Use these guidance documents to enable mitigations for Speculative Store Bypass (CVE-2018-3639). Additionally, use the mitigations that have already been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).
  • Security updates to Windows Scripting, Internet Explorer, Microsoft Edge, Windows Media, Windows Graphics, Windows App Platform and Frameworks, Windows Server, Windows Kernel, and Windows Virtualization and Kernel

The April 2018 Update is also picking up the above two fixes with KBB4467702, along with a single added fix for an issue with the developer tools in Microsoft Edge:

  • Addresses an issue that may prevent developer tools (F12) from starting in Microsoft Edge.

Finally, the initial release version of Windows 10 is seing update KB4467680, moving the build number up to 10240.18036. Here's what's new:

  • Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers. These protections aren't enabled by default. For Windows client (IT pro) guidance, follow the instructions in KB4073119. Use this guidance document to enable mitigations for Speculative Store Bypass (CVE-2018-3639). Additionally, use the mitigations that have already been released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).
  • Updates Venezuela currency information. This will affect the culture of "es-VE" as follows:
    • The currency symbol is "Bs.S".
    • The English currency name is "Bolívar Soberano".
    • The local currency name is "bolívar soberano".
    • The International Currency Code is "VES".
  • Addresses additional issues with updated time zone information.
  • Addresses an issue with navigation from the Decade view in the Japanese calendar. When the user tries to go from the Current era to the next era, navigation does not work properly.
  • Addresses an issue in the Universal CRT that sometimes causes the AMD64-specific implementation of FMOD to return an incorrect result when given very large inputs. FMOD is frequently used to implement the modulo operator in JavaScript and Python implementations that use the Universal C Runtime.
  • Addresses an issue with a handle leak that may occur in the lsm.exe process and in applications that call SCardEstablishContext or SCardReleaseContext. Once the leaked handle count reaches a certain threshold, smart card-based operations fail with the error, "SCARD_E_NO_SERVICE".
  • Security updates to Microsoft Edge, Internet Explorer, Windows Scripting, Windows App Platform and Frameworks, Windows Graphics, Windows Kernel, and Windows Server.

Each new release is now rolling out via Windows Update. As has become common in recent months, we also expect Microsoft will ship further cumulative updates throughout November to address any lingering issues.

For more, check out Microsoft's full release notes.

Dan Thorp-Lancaster
Dan Thorp-Lancaster

Dan Thorp-Lancaster is the former Editor-in-Chief of Windows Central. He began working with Windows Central, Android Central, and iMore as a news writer in 2014 and is obsessed with tech of all sorts. You can follow Dan on Twitter @DthorpL and Instagram @heyitsdtl