MS16-110: Description of the security update for Windows: September 13, 2016

Summary
To learn more about the vulnerability, see Microsoft Security Bulletin MS16-110.
More information
Important

  • All future security and non-security updates for Windows RT 8.1 and Windows 8.1 require update 2919355 to be installed. We recommend that you install update 2919355 on your Windows RT 8.1-based, or Windows 8.1-based computer so that you receive future updates.
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.
More information

Known issues in this security update

  • Known issue 1

    Symptoms

    Consider the following scenario:
    • You try to access a file server by using the SMBv1 protocol through an application such as File Explorer.
    • The application uses the CONNECT_INTERACTIVE flag for the WNetAddConnection API.
    • You're using a computer that's logged in through Microsoft Account credentials.
    • The network credentials you're using to access the file server share are not present in Credential Manager.
    • The firewall profile on the computer is set to Public.
    In this scenario, you receive the following error message:

    A specified logon session does not exist. It may already have been terminated.

    This problem may occur if you have security update 3187754 installed.

    Workaround

    To work around this problem, use any of these options:
    • Option 1: If possible, use SMBv2 instead of SMBv1.
    • Option 2: Pass credentials explicitly through the following net use cmd:
      net use \\<serverName>\<shareName> /user: <DomainName\UserName> <Password>
    • Option 3: Change the network profile to Private for private home networks instead of Public.
    • Option 4: Save credentials for trusted network shares in Credential Manager.
  • Known issue 2

    After you install this update, you may encounter 0xC0000022 NTLM authentication errors. To resolve this issue, see NTLM authentication fails with 0xC0000022 error for Windows Server 2012, Windows 8.1, and Windows Server 2012 R2 after update is applied.
How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Get security updates automatically.

Note For Windows RT 8.1, this update is available through Windows Update only.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

Click the download link in Microsoft Security Bulletin MS16-110 that corresponds to the version of Windows that you are running.
More information

How to obtain help and support for this security update

Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support
File Information

File hash information

File nameSHA1 hashSHA256 hash
Windows8.1-KB3187754-v2-x86.msu1CCFA4C4B732DAC305264A78704A49D01F62BEB7C9E6933821256C432F935415A970936E7211B1C4A0ED193ACBA728F5B39B18B2
Windows8.1-KB3187754-v2-x64.msuC366213D75966AEA5D86070919F0B715F7DD7856DA37F953F1FA8B6B6EA86177A215E11A8242BD2D912DF6CD56FB3ED67FC026FE
Windows8-RT-KB3187754-v2-x64.msuFC856F0C6DFFD0C177B1D56A38E399DDF61CF16090786E1403D8E1D36672E8968E1BDC93E2DCF604F8264B2C1A7B636184B4B961

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables.

Windows 8.1 file information

Notes
  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:
    VersionProductMilestoneService branch
    6.3.960 0.16 xxxWindows RT 8.1 and Windows 8.1 RTMGDR
    6.3.960 0.17 xxxWindows RT 8.1 and Windows 8.1 RTMGDR
    6.3.960 0.18 xxxWindows RT 8.1 and Windows 8.1 RTMGDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
  • The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.
For all supported x86-based versions
File nameFile versionFile sizeDateTimePlatform
Bcryptprimitives.dll6.3.9600.18340340,87216-May-201621:13x86
Ksecdd.sys6.3.9600.1845477,65622-Aug-201616:09x86
Lsass.exe6.3.9600.1741535,61629-Oct-201403:05x86
Sspicli.dll6.3.9600.18454136,87222-Aug-201616:09x86
Sspisrv.dll6.3.9600.1741518,43229-Oct-201402:03x86
Cng.sys6.3.9600.18340479,31216-May-201621:16x86
Ksecpkg.sys6.3.9600.18340148,82416-May-201621:16x86
Lsasrv.dll6.3.9600.184541,118,72020-Aug-201622:51x86
Adtschema.dll6.3.9600.17415736,76829-Oct-201402:06x86
Msaudite.dll6.3.9600.17415154,11229-Oct-201402:06x86
Msobjs.dll6.3.9600.1638461,95222-Aug-201304:17x86
Msv1_0.dll6.3.9600.18468332,63208-Sep-201621:51x86
Mrxsmb10.sys6.3.9600.18454229,88820-Aug-201623:59x86
Mrxsmb20.sys6.3.9600.18454153,08821-Aug-201600:01x86
Mrxsmb.sys6.3.9600.18454328,19221-Aug-201600:00x86
For all supported x64-based versions
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Bcryptprimitives.dll6.3.9600.18344397,23218-May-201623:18x64NoneNot applicable
Certcli.dll6.3.9600.18454445,44021-Aug-201600:17x64NoneNot applicable
Ksecdd.sys6.3.9600.18454100,18422-Aug-201616:06x64NoneNot applicable
Lsass.exe6.3.9600.1741547,02429-Oct-201403:51x64NoneNot applicable
Sspicli.dll6.3.9600.18454179,24822-Aug-201616:06x64NoneNot applicable
Sspisrv.dll6.3.9600.1741529,18429-Oct-201402:48x64NoneNot applicable
Cng.sys6.3.9600.18344563,02418-May-201623:18x64NoneNot applicable
Ksecpkg.sys6.3.9600.18344178,01618-May-201623:16x64NoneNot applicable
Lsasrv.dll6.3.9600.184541,445,37620-Aug-201623:27x64NoneNot applicable
Adtschema.dll6.3.9600.17415736,76829-Oct-201402:50x64NoneNot applicable
Msaudite.dll6.3.9600.17415154,11229-Oct-201402:51x64NoneNot applicable
Msobjs.dll6.3.9600.1638461,95222-Aug-201311:46x64NoneNot applicable
Ocspisapi.dll6.3.9600.17415293,37629-Oct-201401:43x64SPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspisapictrs.hNot applicable1,42118-Jun-201315:06Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspisapictrs.iniNot applicable2,63618-Jun-201315:06Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable2,96022-Aug-201319:26Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,13422-Aug-201319:44Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable2,91822-Aug-201312:30Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,21022-Aug-201319:43Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,09822-Aug-201319:30Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,02822-Aug-201319:46Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,14022-Aug-201319:31Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable2,64222-Aug-201319:30Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable2,57622-Aug-201319:31Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,02622-Aug-201319:23Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,02822-Aug-201319:23Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,18822-Aug-201319:23Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,12622-Aug-201319:33Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,06422-Aug-201319:36Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable3,09222-Aug-201319:36Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable2,82822-Aug-201319:32Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable2,46422-Aug-201319:20Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable2,48022-Aug-201319:20Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable2,46022-Aug-201319:21Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvc.exe6.3.9600.17415219,13629-Oct-201402:19x64SPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.hNot applicable1,56918-Jun-201315:06Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Ocspsvcctrs.iniNot applicable2,91818-Jun-201315:06Not applicableSPSAMD64_MICROSOFT-WINDOWS-OCSP
Msv1_0.dll6.3.9600.18468443,22408-Sep-201621:51x64NoneNot applicable
Mrxsmb10.sys6.3.9600.18454284,67221-Aug-201601:01x64NoneNot applicable
Mrxsmb20.sys6.3.9600.18454201,72821-Aug-201601:03x64NoneNot applicable
Mrxsmb.sys6.3.9600.18454401,40821-Aug-201601:01x64NoneNot applicable
Sspicli.dll6.3.9600.18454104,96020-Aug-201622:55x86NoneNot applicable
Msv1_0.dll6.3.9600.18468332,63208-Sep-201621:51x86NoneNot applicable
Bcryptprimitives.dll6.3.9600.18344340,88018-May-201622:28x86NoneNot applicable
Certcli.dll6.3.9600.18454324,09620-Aug-201623:26x86NoneNot applicable
Adtschema.dll6.3.9600.17415736,76829-Oct-201402:06x86NoneNot applicable
Msaudite.dll6.3.9600.17415154,11229-Oct-201402:06x86NoneNot applicable
Msobjs.dll6.3.9600.1638461,95222-Aug-201304:17x86NoneNot applicable
malicious attacker exploit
Egenskaper

Artikkel-ID: 3187754 – Forrige gjennomgang: 10/12/2016 18:57:00 – Revisjon: 4.0

Windows 8.1 Enterprise, Windows 8.1 Pro, Windows 8.1, Windows RT 8.1, Windows 7 Service Pack 1, Windows Vista Service Pack 2

  • atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability KB3187754
Tilbakemelding