Cumulative Update for Windows 10 version 1511 and Windows Server 2016 Technical Preview 4: June 14, 2016

Summary
This security update includes improvements and fixes in the functionality of Windows 10 Version 1511 and Windows Server 2016 Technical Preview 4, and resolves the following vulnerabilities:
  • 3163649 MS16-063: Cumulative security update for Internet Explorer: June 14, 2016
  • 3163656 MS16-068: Cumulative security update for Microsoft Edge: June 14, 2016
  • 3163622 MS16-072: Security update for Group Policy: June 14, 2016
  • 3164028 MS16-073: Security update for kernel mode drivers: June 14, 2016
  • 3164036 MS16-074: Security Update for Microsoft graphics component: June 14, 2016
  • 3164038 MS16-075: Security Update for Windows SMB Server: June 14, 2016
  • 3165191 MS16-077: Security update for Web Proxy Autodiscovery (WPAD): June 14, 2016
  • 3165479 MS16-078: Security update to Windows Diagnostic Hub: June 14, 2016
  • 3164302 MS16-080: Security update for Microsoft Windows PDF: June 14, 2016
  • 3165270 MS16-082: Security update for Windows Structured Query: June 14, 2016

Windows 10 and Windows Server 2016 updates are cumulative. Therefore, this package contains all previously released fixes.

If you have installed previous updates, only the new fixes that are contained in this package will be downloaded and installed on your computer. If you are installing a Windows 10 or Windows Server 2016 update package for the first time, the package for the x86 version is 402 MB and the package for the x64 version is 713 MB.

Known issue with Windows Server 2016 Technical Preview 4

  • Administrators can't install the Web Server (IIS) server role and the ASP.NET 4.6 role service at the same time.

    To fix this issue, complete one of the following:
    • Before you install KB 3163016, install the Web Server (IIS) server role and the ASP.NET 4.6 role service. For more information about the Web Server (IIS) server role, read Install or Uninstall Roles, Role Services, or Features.
    • After you install KB 3163016, open an elevated command prompt and run these commands in the following order before enabling additional Web Server role services and features.
      dism /online /enable-feature /all /featurename:NetFx4Extended-ASPNET45
      dism /online /enable-feature /all /featurename:IIS-NetFxExtensibility
      dism /online /enable-feature /all /featurename:IIS-ASPNET
    • Install Windows Server 2016 Technical Preview 5.
  • MS16-072 changes the security context with which user group policies are retrieved. This by-design behavior change protects customers’ computers from a security vulnerability. Before MS16-072 is installed, user group policies were retrieved by using the user’s security context. After MS16-072 is installed, user group policies are retrieved by using the computer's security context. This issue is applicable for the following KB articles:
    • 3159398 MS16-072: Description of the security update for Group Policy: June 14, 2016
    • 3163017 Cumulative update for Windows 10: June 14, 2016
    • 3163018 Cumulative update for Windows 10 Version 1511 and Windows Server 2016 Technical Preview 4: June 14, 2016
    • 3163016 Cumulative Update for Windows Server 2016 Technical Preview 5: June 14 2016

    Symptoms

    All user Group Policy, including those that have been security filtered on user accounts or security groups, or both, may fail to apply on domain joined computers.

    Cause

    This issue may occur if the Group Policy Object is missing the Read permissions for the Authenticated Users group or if you are using security filtering and are missing Read permissions for the domain computers group.

    Resolution

    To resolve this issue, use the Group Policy Management Console (GPMC.MSC) and follow one of the following steps:
    • Add the Authenticated Users group with Read Permissions on the Group Policy Object (GPO).
    • If you are using security filtering, add the Domain Computers group with read permission.
How to get this update
Important If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

Method 1: Windows Update

This update will be downloaded and installed automatically.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Prerequisites

There are no prerequisites for installing this update.

Restart information

You will need to restart the computer after you apply this update.

Update replacement information

This update replaces the previously released update KB3156421.
File Information
For a list of the files that are provided in this cumulative update, download the file information for cumulative update 3163017.

File hash information

File nameSHA1 hashSHA256 hash
Windows10.0-KB3163018-x86.msu71D1565761F4AAAB298C543CAE6F717167A1D56004E40D03E8D6F7F4E8C6471241D04C6138D20E8AD69570B1065556135D972AAA
Windows10.0-KB3163018-x64.msu2A605CD94A453746D31D34B136FBDE61615C22E66354AAA06985D330E5A64EF25391BE12312F80AEF25C255B7499566D5C383E12
References
Learn about the terminology that Microsoft uses to describe software updates.
Properties

Article ID: 3163018 - Last Review: 06/21/2016 16:32:00 - Revision: 3.0

Windows Server 2016 Technical Preview 4, Windows 10 Version 1511

  • kbsurveynew atdownload kbfix kbexpertiseadvanced kbcontentauto KB3163018
Feedback