Microsoft rolled out out-of-band patches to address the so-called Meltdown and Spectre security vulnerabilities in chipsets from several vendors, and systems running the Windows 10 Creators Update are getting their own cumulative update.
Computers that have already been updated to the Windows 10 Fall Creators Update (version 1709) have also received a stand-alone cumulative update and you can read more about it here.
As compared to its sibling shipped to the Fall Creators Update, Windows 10 cumulative update KB4056891 for the Creators Update is all about security fixes, with no other improvements included. The update bumps OS version number to 15063.850, so unless you’re already on this version, consider updating as soon as possible.
To check the version of your Windows 10 install, just click the Start menu and type winver, check the OS build next to the version number.
According to the official change log, this new release includes “security updates to Internet Explorer, Microsoft Scripting Engine, Microsoft Edge, Windows Graphics, Windows Kernel, Windows Subsystem for Linux, and the Windows SMB Server.”
Two known issues
This time, however, there are two known issues and you should pay particular attention to both of them, especially because this is a critical update that everyone should install as soon as possible.
First and foremost, Microsoft says that after installing cumulative update KB4056891, calling CoInitializeSecurity might fail if passing RPC_C_IMP_LEVEL_NONE under certain conditions, and at this point, no workaround is available, with a future update to fix the bug.
Additionally, the company explains that because of compatibility issues with some antivirus software, the cumulative update is only shipped to systems where anti-virus ISV has updated the ALLOW regkey. Microsoft provides the following guidance in this regard:
Contact your Anti-Virus AV to confirm that their software is compatible and have set the following REGKEY on the machine
The cumulative update is offered via Windows Update and a system reboot is required, with users recommended to deploy it as soon as possible.