Windows 10 KB4467702, KB4467686 deliver useful security fixes


Radu Tyrsina
by Radu Tyrsina
Founder & Editor-in-Chief
Loading Comments

file association update

In this article, we are going to be looking at two more November 2018 Patch Tuesday updates – KB4467702 and KB4467686. Both these updates are quality improvement updates – developer tools fixes and fixing some vulnerabilities. They do not contain any new operating system features.

KB4467702 OS Build 17134.407

Improvements and Fixes

The KB4467702 (OS Build 17134.407) update includes the following improvements:

Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers. These protections aren’t enabled by default.

Other fixes include:

  • An issue that may prevent developer tools (F12) from starting in Microsoft Edge.

Security updates for the following programs are also included in this package:

  • Microsoft Edge
  • Windows Scripting
  • Internet Explorer
  • Windows App Platform and Frameworks
  • Windows Graphics
  • Windows Media
  • Windows Kernel
  • Windows Server
  • Windows Wireless Networking

KB4467702 issues:

The three known issues on the list are as follows:

  1. After you install the August Preview of Quality Rollup or September 11, 2018 .NET Framework update, instantiation of SqlConnection can throw an exception.
  2. After installing this update, some users cannot set Win32 program defaults for certain app and file type combinations using the Open with… command or Settings > Apps > Default apps.
  3. In some cases, Microsoft Notepad or other Win32 programs cannot be set as the default.

There are no workarounds for these issues. Microsoft is working on a resolution and will provide an update in an upcoming release. However, for issue #2 attempting to set application defaults again may succeed.

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.  Go to Microsoft’s official support page to learn more about this patch.

KB4467686 OS Build 16299.785

Improvements and Fixes

The KB4467686: (OS Build 16299.785) update includes the following improvement:

Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639) for AMD-based computers. These protections aren’t enabled by default.

Security updates for the following programs are also included in this package:

  • Windows Scripting
  • Internet Explorer
  • Microsoft Edge
  • Windows Media
  • Windows Graphics
  • Windows App Platform and Frameworks
  • Windows Server
  • Windows Kernel
  • Windows Virtualization and Kernel

 KB4467686 issues:

There is just one known issue on the list:

  1. After you install the August Preview of Quality Rollup or September 11, 2018 .NET Framework update, instantiation of SqlConnection can throw an exception.

There are no workarounds for this issue. Microsoft is working on a resolution and will provide an update in an upcoming release.

To get the stand-alone package for this update, go to the Microsoft Update Catalog website. For more information, check out Microsoft’s support page.

Specific comments about these updates, or comments about general updates are always welcome. Please post them below.

RELATED STORIES YOU SHOULD CHECK OUT: