Consider the following scenario:
You are using a Windows-based computer that does not have the September 2018 Windows cumulative update (CU) or a later Windows CU installed.
- Windows 10, version 1803
- Windows 10, version 1709
- Windows 10, version 1703
- Windows 10, version 1607
- Windows Server 2016 Version 1803
- Windows Server 2016 Version 1709
- Windows Server 2016
Device Guard, also known as Virtualization Based Security or Hyper-V Code Integrity, is enabled on the computer.
You try to install or update a SERVICE_BOOT_START kernel driver, such as a driver for the storage controller, anti-virus or file system filter driver, to support Retpoline (also known as return trampoline).
In this scenario, the computer crashes and generates a Stop error code. After the crash, the computer may not start up or recover.
This issue is fixed in the September 2018 Windows 10 cumulative update and in later Windows 10 cumulative updates.
Note This issue is not mentioned in the article for the update.
September 2018 update status
You can use the following method in the registry to check whether the September 2018 update is installed.
The HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion subkey contains information about the installed Windows version and its Windows update state.
The CurrentBuildNumber value contains the Windows build number that indicates the Windows release version.
The UBR (UpdateBuildRevision) value reflects the update level of each Windows version.
Note Windows updates are always cumulative. That is, later updates include previous updates. Therefore, you have to check only the current version number. Update versions are specific to each Windows release.
The following table contains build number and UBR values (combined) for each Windows version that corresponds to the September 2018 update. For example, in Windows 10, version 1803, if the UBR value in the registry is greater than 320, the September 2018 update is installed.
|Windows version||Build number and UBR||Earliest CU requirement|
|Windows 10, version 1607 and Windows Server 2016||14393.2515||KB 4457127|
|Windows 10, version 1703||15063.1358||KB 4457141|
|Windows 10, version 1709 and Windows Server, version 1709||16299.699||KB 4457136|
|Windows 10 version 1803 and Windows Server, version 1803||17134.320||KB 4458469|
Microsoft is working together with the Independent Software Vendors (ISVs) and Independent Hardware Vendors (IHVs) to determine how to recompile their drivers to achieve performance gains for kernel drivers that are affected by Spectre mitigations.
For more information about Spectre and Retpoline in relation to Windows, see the following articles:
ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities
Protect your Windows devices against Spectre and Meltdown
Mitigating Spectre variant 2 with Retpoline on Windows