Improvements and fixes
This non-security update includes improvements and fixes that were a part of KB4056894 (released January 4, 2018) and also includes these new quality improvements as a preview of the next Monthly Rollup update:
Addresses issue where every smart card logon to a Windows Terminal Server/Remote Desktop Server may result in a handle leak in the certprop service. Token leaks result in session leaks on computers that have installed MS16-111/KB3175024 and superseding fixes.
- Adds support for the SHA2 server’s authentication endpoint support for the Windows Server Update Services server.
For more information about the resolved security vulnerabilities, see the Security Update Guide.
Known issues in this update
|Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.|| |
Contact your antivirus manufacturer to verify that their software is compatible and that they have set the following REGKEY on the computer:
|The LSM.EXE process and applications that call SCardEstablishContext or SCardReleaseContext may experience a handle leak. Once the leaked handle count reaches a certain threshold, smart card-based operations fail with error "SCARD_E_NO_SERVICE". Confirm the scenario match by reviewing the handle counts for LSM.EXE and the calling processes in the process tab of Task Manager or an equivalent application.|| |
This issue is resolved in KB4091290.
After installing this update, SMB servers may experience a memory leak.
Microsoft is working on a resolution and will provide an update in an upcoming release.
How to get this update
This is provided as an Optional update on Windows Update. For more information about how to run Windows Update, see How to get an update through Windows Update. To get the standalone package for this update, go to the Microsoft Update Catalog website.
For a list of the files that are provided in this update, download the file information for update 4057400.