This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:
- Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure that previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client and Windows Server guidance KB articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.).
- Security updates Windows media, Windows Shell, Windows kernel, Windows datacenter networking, Windows virtualization and kernel, Microsoft JET Database Engine, Windows MSXML, and Windows Server.
For more information about the resolved security vulnerabilities, see the Security Update Guide.