Windows 10 Cumulative Update Build 14393.447 for PCs Plus Unified Windows Update History Page Released

Windows 10 Anniversary Update build 14393.447 for PC, and new unified Windows 10 and Windows Server 2016 update history page announced.

Share online:

Patch Tuesday brings a new cumulative updates for Windows 10 Anniversary Update, with build 14393.447 for PC pushed out today. Among others, the foremost fix included in this build is a Google reported vulnerability for Windows 10, Vista, 7, and 8.1.

This update also bring updates for version 1511 and version 1507 of Windows 10 PC. Windows Insiders Release Preview and Slow rings are still on build 14393.351.

Microsoft additionally also fixed a rather significant security flaw in Windows 10, that allow attackers to take advantage of certain privilege settings which would allow them to potentially install and run applications.

The security update MS16–135 rated Important for all supported releases of Windows addresses the vulnerabilities by correcting how the Windows kernel-mode driver handles objects in memory.

According to Microsoft, "this security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system."

Microsoft announced a new unified Windows 10 and Windows Server 2016 update history page, that will be available "beginning with the December Windows 10 and Windows Server 2016 Cumulative Update (CU)." Other Windows 10 updates and down-level platforms will get this update over the coming months.

The new page will "consolidate information including: release notes containing improvements and fixes, in addition to Knowledge Base (KB) article content, all into a single Update History page."

Contents published as of today, will not affect with this change, Microsoft stated. For easy access, visit here.

Here are some other critical updates in the Patch Tuesday:

  • MS16-129 addresses a critical vulnerability found in Microsoft Edge, which at worst, could allow for remote code execution on affected machines. The flaw could be exploited if a user visited a maliciously crafted webpage. Users running with fewer privileges could be less impacted.
  • MS16-142 addresses a similar vulnerability inside of Internet Explorer. An attacker who tricked the user into viewing a maliciously crafter webpage could gain access to the affected system and elevate his privileges. He'd then be able to run code remotely and take complete control over the target machine.
  • MS16-130 has to do with a security flaw inside of Windows, which could eventually allow for remote code execution if a locally authenticated attacker ran a specially created script on the affected system.
  • MS16-131 is another vulnerability inside of Windows, having to do with Microsoft Video Control. The issue could allow for remote code execution because of a problem with the way Microsoft Video Control stores objects in memory. An attacker could gain full access to the system if it convinces a local user to open a local malicious file or program. Interestingly enough, Microsoft has patched this component of Windows a number of times during the past few months, but critical issues seem to keep popping up.
  • MS16-132 is once more Windows vulnerability that relates to the Microsoft Graphics Component. Windows Animation Manager improperly handles objects in memory, leaving the door wide open to attack if a user visits a malicious website. A successful exploitation of the issue could leave the attacker with full control over the system.
  • MS14-141 is the final critical bulletin among yesterday’s patches. It contains relates to critical vulnerabilities found in Adobe Flash Player, and contains fixes for nine flaw registered by Adobe.

Update 11/10: Microsoft Security Response Center (MSRC) investigates all reports of security vulnerabilities affecting Microsoft products and services, and provides comprehensive security updates information—has launched a new site to publishe this information in a single destination.

According to Microsoft, the new portal will "let customers search security vulnerabilities in a single online database." Uses for the portal include:

  • Sort and filter security vulnerability and update content, for example, by CVE, KB number, product, or release date.
  • Filter out products that don't apply to you, and drill down to more detailed security update information for products that do.
  • Leverage a new RESTful API to obtain Microsoft security update information. This eliminates the need for you to employ outdated methods like screen-scraping of security bulletin web pages to assemble working databases of necessary and actionable information.

See the site here.

What's new in build 14393.447:

  • Improved the reliability of multimedia audio, Remote Desktop, and Internet Explorer 11.?
  • Addressed issue that prevents users from connecting to a virtual private network (VPN).
  • Addressed issue with a scheduled task that doesn't run in Task Scheduler after reenabling.
  • Addressed issue to update the Access Point Name (APN) database.
  • Addressed issue with Japanese characters that are missing when converted by the Input Method Editor.
  • Addressed issue with the system tray showing no Wi-Fi connection even when Wi-Fi is present.
  • Addressed issue with Windows devices that disconnect from the Internet prematurely before users can complete their paid Wi-Fi purchase.
  • Addressed issue to update the new Belarusian ruble symbol to Br and the new ISO 4217 code to BYN.
  • Addressed additional issues with multimedia, Windows kernel, packaging release management, authentication, Microsoft Edge, Internet Explorer 11, Remote Desktop, Active Directory, wireless networking, Windows shell, graphics, enterprise security, and Microsoft HoloLens.
  • Security updates to Boot Manager, Windows operating system, kernel-mode drivers, Microsoft Edge, Internet Explorer 11, Microsoft Virtual Hard Drive, Common Log File System driver, Microsoft Video Control, Common Log File System driver, Windows authentication methods, Windows File Manager, and the Microsoft Graphics Component.

Here's what is new in build 10586.679 of Windows 10 version 1511, also known as November Update:

  • Improved the reliability of the Windows shell, Microsoft Edge, and Internet Explorer 11.
  • Addressed issue with Japanese characters that are missing when converted by the Input Method Editor.
  • Addressed issue with systems that randomly stop applying UNC Hardening group policy, leaving systems vulnerable until restarted.
  • Addressed issue with proxy authentication that causes Windows Update downloads to fail.
  • Addressed issue that prevents users from accessing network resources after logon after they've installed KB3185614.
  • Addressed issue with point rendering in Internet Explorer 11 and Microsoft Edge.
  • Addressed issue where users can't navigate to Internet sites when a network is configured to use Web Proxy Auto Discovery (WPAD).
  • Addressed issue where users can't access Microsoft Store in an authenticated proxy environment.
  • Addressed additional issues with enterprise security, Internet Explorer 11, Remote Desktop, datacenter networking, Windows shell, filter driver, the Access Point Name (APN) database, and wireless networking.
  • Security updates to the Windows operating system, kernel-mode drivers, Microsoft Edge, Boot Manager, Internet Explorer 11, Common Log File System driver, Microsoft Virtual Hard Drive, Microsoft Video Control, Windows authentication methods, Windows File Manager, OpenType, and the Microsoft Graphics Component.

Those, still running original version of Windows 10 (also now known as version 1507) getting build 10240.17190 with today's cumulative update:

  • Addressed issue to update the Access Point Name (APN) database.
  • Addressed issue with deadlocks occurring after a user password reset.
  • Addressed issue with point rendering in Internet Explorer 11 and Microsoft Edge.
  • Addressed issue with Japanese characters that are missing when converted by the Input Method Editor.
  • Addressed additional issues with filter drivers, enterprise security, Windows shell, and Internet Explorer 1.
  • Security updates to the Windows OS, Microsoft Edge, Internet Explorer 11, Windows File Manager, Microsoft Graphics Component, Windows authentication methods, kernel-mode drivers, Microsoft Virtual Hard Drive, Microsoft Video Control, OpenType, and the Common Log File System driver.

Citrix Sharefile, a popular file sharing, and storage solution is updates its Windows 10 UWP app today to leverage new security features including Windows Hello and Windows Information Protection (WIP).

ShareFile for Windows 10 is optimized for all devices and form factors (AIOs, laptops, 2-in-1, convertibles, tablets and phones) and is available as a free download for Windows 10 customers in the Windows Store.

Citrix Sharefie UWP app for Window 10 updates
Citrix ShareFile UWP app secured by Windows Hello and Windows Information Protection

In other Windows news, an updated version of Work Folders for Android which enables users to sync files that were created or edited on their Android device is released today.

Features of Work Folders for Android include:

  • Sync files that were created or edited on your device
  • Take pictures and write notes within the Work Folders app
  • When working within other applications (i.e., Microsoft Word), the Work Folders location can be selected when opening or saving files. No need to open the Work Folders app to sync your files.
  • Pin files for offline viewing. Saves storage space by fully showing all available files but locally storing and keeping in sync only the files you care about.
  • Files are always encrypted. On the wire and at rest on the device.
  • Access to the app is protected by an app passcode – keeping others out even if the device is left unlocked and unattended.
  • Allows for DIGEST and Active Directory Federation Services (ADFS) authentication mechanisms including multi factor authentication.
  • Search for files and folders
  • Open files in other apps that might be specialized to work with a certain file type

Work Folders, if you don't know, "is a Windows Server feature since 20012 R2 that enables individual employees to access their files securely from inside and outside the corporate environment." The Work Folders app "connects to the server and enables file access on your Android phone and tablet," explained Microsoft. "Work Folders enables this while allowing the organization's IT department to fully secure that data."

Windows Server 20012 R2 Work Folders for Android
Windows Server 20012 R2 Work Folders for Android
Open, save document to Windows Server 20012 R2 Work Folders for Android
Open, save document to Windows Server 20012 R2 Work Folders for Android