This security update includes improvements and fixes in the functionality of Windows 10 Version 1607 and Windows Server 2016. It also resolves the following vulnerabilities in Windows:
3193229 MS16-125: Security update for diagnostics hub: October 11, 2016
3193227 MS16-124: Security update for Windows registry: October 11, 2016
3192892 MS16-123: Security update for kernel-mode drivers: October 11, 2016
3195360 MS16-122: Security update for Microsoft video control: October 11, 2016
3192884 MS16-120: Security update for Microsoft graphics component: October 11, 2016
3192890 MS16-119: Cumulative security update for Microsoft Edge: October 11, 2016
3192887 MS16-118: Cumulative security update for Internet Explorer: October 11, 2016
3178465 MS16-101: Security update for Windows authentication methods: August 9, 2016
Windows 10 and Windows Server 2016 updates are cumulative. Therefore, this package contains all previously released fixes.
If you have installed previous updates, only the new fixes that are contained in this package will be downloaded and installed to your computer. If you are installing a Windows 10 or Windows Server 2016 update package for the first time, the package for the x86 version is 420 MB and the package for the x64 version is 781 MB.
Improvements and fixes
Known issues that are resolved by this update
Known issues in this security update
After you install this security update, System Center Operations Manager (SCOM) Management Console crashes in State view.
To resolve this issue, install the following update:
3197954 Cumulative Update for Windows 10 Version 1607: October 27, 2016
If you are running McAfee Data Loss Prevention Endpoint (DLP Endpoint) and you install this update, you may experience loss of USB functionality.
Please contact McAfee to get their latest updates.
After you install this security update, some DFS-N mapped network drives may be inaccessible to members of the Administrators group when UAC and EnableLinkedConnections are enabled. This occurs when the process that is attempting to access the mapped network drive, is running in a different elevation status than the process that created the mapped network drive. For example, an Explorer window, that is an unelevated process, is unable to access a mapped drive created by a logon script, that runs in an elevated context.
To resolve this issue, install the update KB4011347.
How to get this update
Method 1: Windows Update
This update will be downloaded and installed automatically.
Method 2: Microsoft Update Catalog
To get the stand-alone package for this update, go to the Microsoft Update Catalog website.
There are no prerequisites for installing this update.
You must restart the computer after you apply this update.
Update replacement information
This update replaces the previously released update 3189866.
For a list of the files that are provided in this cumulative update, download the file information for cumulative update 3194798.
Learn about the terminology that Microsoft uses to describe software updates.
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.