Improvements and fixes
This security update includes improvements and fixes that were a part of update KB4338831 (released July 18, 2018) and addresses the following issues:
Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS Editions.)
Ensures that Internet Explorer and Microsoft Edge support the preload="none" tag.
Addresses an issue that may prevent your device from starting up properly if you install KB3033055 (released September 2015) after installing any Monthly Rollup dated November 2017 or later.
For more information about the resolved security vulnerabilities, see the Security Update Guide.
Known issues in this update
After installing this update, you may observe decreased performance in Internet Explorer 11 when roaming profiles are used or when the Microsoft Compatibility List is not used.
This issue is resolved in KB4463376.
How to get this update
This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the Microsoft Update Catalog website.
For a list of the files that are provided in this update, download the file information for update 4343898.