July 11, 2017—KB4025333 (Security-only update)

Applies to: Windows 8.1Windows Server 2012 R2

Improvements and fixes


This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

  • Security updates to Windows kernel, ASP.NET, Internet Explorer 11, Windows Search, Windows Storage and File Systems, Datacenter Networking, Windows Virtualization, Windows Server, Windows shell, Microsoft NTFS, Microsoft PowerShell, Windows Kernel-Mode Drivers, and Microsoft Graphics Component.

For more information about the security vulnerabilities resolved, please refer to the Security Update Guide.

More Information

Important

  • After installing the security updates for CVE-2017-8563, administrators need to set registry key LdapEnforceChannelBinding to enable the fix for the CVE. For more information about setting the registry key, see Microsoft Knowledge Base article 4034879.

Known issues in this update


Symptom Workaround
After installing KB4025333 powershell may fail with a "Method not found" error (if you didn't have KB3000850 installed)

This issue has been resolved by KB4038792.

If an iSCSI target becomes unavailable, attempts to reconnect will cause a leak. Initiating a new connection to an available target will work as expected.

Microsoft is working on a resolution and will provide an update in an upcoming release. 
Japanese IME may hang in certain scenarios. Install KB2962409

 

How to get this update


To get the standalone package for this update, go to the Microsoft Update Catalog website.

File information

For a list of the files that are provided in this update, download the file information for update 4025333

Prerequisites


You must have the following update installed:
2919355 Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 update: April 2014