Windows 10 Mobile gets fixes in OS Build 15254.527 Patch Tuesday update

Brad Stephenson

Windows 10 Mobile on Lumia 950

As part of Patch Tuesday, Microsoft has pushed out an update to Windows phones running the Windows 10 Mobile operating system.

Unfortunately, due to the fact that the company is winding down Windows 10 Mobile, no new features were added with this update (KB4346644) and it pretty much consists of only quality of life updates and fixes not important to mention in detail in the release notes. In fact, the only thing the release notes state is that this “build includes all the improvements from KB4343885.”

The release notes for that update are as follows:

  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client guidance KB article. (These registry settings are enabled by default for Windows Client OS editions.)
  • Addresses an issue that causes Internet Explorer to stop working for certain websites.
  • Updates support for the draft version of the Token Binding protocol v0.16.
  • Addresses an issue that causes Device Guard to block some ieframe.dll class IDs after installing the May 2018 Cumulative Update.
  • Ensures that Internet Explorer and Microsoft Edge support the preload=”none” tag.
  • Addresses a vulnerability related to the Export-Modulemember() function when used with a wildcard (*) and a dot-sourcing script. After installing this update, existing modules on devices that have Device Guard enabled will intentionally fail. The exception error is “This module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement”. For more information, see https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200 and https://aka.ms/PSModuleFunctionExport.
  • Addresses an issue that was introduced in the July 2018 .NET Framework update. Applications that rely on COM components were failing to load or run correctly because of “access denied,” “class not registered,” or “internal failure occurred for unknown reasons” errors.
  • Security updates to Windows Server.

Are you still using a Windows phone and have you installed this update yet? Let us know if you’re seeing any improvements or bugs in the comments below.