September 11, 2018—KB4457984 (Security-only update)
Improvements and fixes
This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:
Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure that previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.).
Security updates Windows media, Windows Shell, Windows kernel, Windows datacenter networking, Windows virtualization and kernel, Microsoft JET Database Engine, Windows MSXML, and Windows Server.
For more information about the resolved security vulnerabilities, see the Security Update Guide.
Known issues in this update
All Guest Virtual Machines running Unicast NLB fail to respond to NLB requests after the Virtual Machines restart.
This issue is resolved in KB4463104.
How to get this update
This update is now available for installation through WSUS. To get the standalone package for this update, go to the Microsoft Update Catalog website.
For a list of files provided in this update, download the file information for update 4457984.