This security update includes improvements and fixes that were a part of update KB3205401 (released December 13, 2016), and also resolves the following vulnerabilities in Windows:
Addressed issue that causes excessive audit log events when using the Audit File System category. The event ID is 4656.
Improved performance during monthly patching when Address Windowing Extensions are enabled for SQL.
Improved reliability for Server 2012 r2 clustered environments.
Improved reliability for devices supporting Connected Standby.
Security updates to Microsoft XML Core Services, SHA-1 deprecation for SSL/TLS certificates, Windows Media Player, Microsoft Graphics Component, Windows OS, Microsoft Windows PDF Library, Windows kernel-mode drivers, Microsoft Uniscribe, Windows kernel, Internet Explorer, Windows Hyper-V, Windows kernel, Windows SMB Server, Internet Information Services, and Active Directory Federation Services.
For a complete list of affected files, see KB4012216.