Microsoft today pushed Windows 10 Mobile Build 15254.527 (10.0.15254.527) as the cumulative update KB4346644 to those on Fall Creators update aka Windows 10 Mobile Version 1709. The changelog for the Build 15254.527 mentions only fixes and security updates. Read the full changelog below.

You can check the update availability by going to Settings–>Update & Security–>Windows update–>Check for updates.

Windows 10 mobile Build 15254.527 Changelog:

This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

  • This build includes all the improvements from KB4343885.

If you installed earlier updates, only the new fixes in this package will be downloaded and installed on your device.

For more information about the resolved security vulnerabilities, see the Security Update Guide.

KB4343885 Improvements and fixes:


This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

  • Provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel® Core® processors and Intel® Xeon® processors (CVE-2018-3620 and CVE-2018-3646). Make sure previous OS protections against Spectre Variant 2 and Meltdown vulnerabilities are enabled using the registry settings outlined in the Windows Client guidance KB article. (These registry settings are enabled by default for Windows Client OS editions.)
  • Addresses an issue that causes Internet Explorer to stop working for certain websites.
  • Updates support for the draft version of the Token Binding protocol v0.16.
  • Addresses an issue that causes Device Guard to block some ieframe.dll class IDs after installing the May 2018 Cumulative Update.
  • Ensures that Internet Explorer and Microsoft Edge support the preload=”none” tag.
  • Addresses a vulnerability related to the Export-Modulemember() function when used with a wildcard (*) and a dot-sourcing script. After installing this update, existing modules on devices that have Device Guard enabled will intentionally fail. The exception error is “This module uses the dot-source operator while exporting functions using wildcard characters, and this is disallowed when the system is under application verification enforcement”. For more information, see https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200 and https://aka.ms/PSModuleFunctionExport.
  • Security updates to Windows Server.

If you installed earlier updates, only the new fixes in this package will be downloaded and installed on your device.