Microsoft fixed a new security vulnerability with the release of KB4480116 update for October 2018 update. The same update is released as KB4480966 for April 2018 update users.
The update includes several security improvements for Windows kernel, Microsoft Edge browser, Windows app platform and frameworks, internet explorer, wireless networking, JET database engine, etc. In addition to the security improvements, the update also fixes PowerShell remote endpoint session and disallows non-administrative users from being able to configure it.
By default Windows will automatically download and install the update. If not, go to "PC Settings app -> Update and Security -> Windows Update" and click on the Check for updates button. If you are facing problems, simply download the KB4480116 offline installer using the download link below.
Download links for KB4480116 offline installer
Here is the direct download link to download KB4480116 update. This link contains download links for both x86 (32-bit) and x64 (64-bit) systems. Depending on your system architecture, download the one you need. You can install KB4480116 like any other software. Don't forget to restart Windows to apply the update.
Changes in KB4480116
This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:
- Addresses a security vulnerability in session isolation that affects PowerShell remote endpoints. By default, PowerShell remoting only works with administrator accounts but can be configured to work with non-administrator accounts. Starting with this release, you cannot configure PowerShell remote endpoints to work with non-administrator accounts. When attempting to use a non-administrator account, the following error will appear:
- “New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered. For more information, see the about_Remote_Troubleshooting Help topic.”
- Addresses an issue in which using esentutl /p to repair a corrupt Extensible Storage Engine (ESE) database results in a mostly empty database. The ESE database is corrupted and cannot be mounted.
- Security updates to Microsoft Edge, Internet Explorer, Windows App Platform and Frameworks, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, Microsoft JET Database Engine, Windows Linux, Windows Virtualization, and the Microsoft Scripting Engine.
That is it for now.