Improvements and fixes
This security update includes improvements and fixes that were a part of update KB4012219 (released March 21, 2017) and resolves the security vulnerabilities in Hyper-V, libjpeg image-process library, Win32K, Adobe Type Manager font driver, Active Directory Federation Services, Lightweight Directory Access Protocol, Windows kernel-mode drivers, OLE, Scripting Engine, Windows Graphics component and Internet Explorer in addition to these quality improvements:
- Addressed an issue that was causing Authentication Success and Failure events with Event ID 4768 to not be logged after installing KB4012216.
- Addressed a bug check encountered on Windows Server 2012 R2 Hyper-V hosts with error code 0xE4 after installing KB4012216.
- Addressed issue where a server may fail with STOP 0x3B error leading to data loss when Input Method Editors (IME) like keyboards are installed.
For more information about the security vulnerabilities resolved, please refer to the Security Update Guide.
Known issues in this update
|Symptom||Workaround / Resolution|
|If the PC uses an AMD Carrizo DDR4 processor, installing this update will block downloading and installing future Windows updates.||This issue is resolved by KB4022726.|
|If a Server 2012 R2 system uses an Intel Xeon (E3 v6) family of processors, installing this update will block downloading and installing future Windows updates.|| |
This issue is resolved by KB4022726.
|This security update introduced an issue in which, if an iSCSI target becomes unavailable, attempts to reconnect will cause a leak. Initiating a new connection to an available target will work as expected.||Microsoft is working on a resolution and will provide an update in an upcoming release. For more information about this issue, see the following section.|
How to get this update
This update will be downloaded and installed automatically from Windows Update. To get the stand-alone package for this update, go to the Microsoft Update Catalog website.
- The security fixes that are listed in this Security Monthly Quality Rollup KB4015550 are also included in the April 2017 Security Only Quality Update, KB4015547, except for the security fixes for Internet Explorer. Those are instead included in the Cumulative Security Update for Internet Explorer KB4014661. Installing either this April 2017 Security Monthly Quality Rollup, or both the April 2017 Security Only Quality update and the Cumulative Security Update for Internet Explorer, will install the security fixes that are listed here. This Security Monthly Quality Rollup also includes improvements and fixes from previous monthly rollups.
- If you use update management processes other than Windows Update, and you automatically approve all security update classifications for deployment, April 2017 Security Monthly Quality Rollup KB4015550, April 2017 Security Only Quality Update KB4015547, and the Cumulative Security Update for Internet Explorer KB4014661 are deployed. We recommend that you review your update deployment rules to make sure that the desired updates are deployed.