Microsoft yesterday pushed cumulative updates KB4056892, KB4056891 to Windows 10 versions 1709, 1703. All these security updates fix the Intel/AMD processors exploit on Windows 10. You can read more about these updates here.

These updates also have some known issues listed by Microsoft along with workarounds. You may face errors installing these updates and there may be errors like 0x80070643. You can check the full list of known issues and workarounds for both updates KB4056892 & KB4056891 below.

Known issues in KB4056892 & workaround


SymptomWorkaround
Windows Update History reports that KB4054517 failed to install because of Error 0x80070643.Even though the update was successfully installed, Windows Update incorrectly reports that the update failed to install. To verify the installation, select Check for Updates to confirm that there are no additional updates available.

You can also type About your PC in the Search box on your taskbar to confirm that your device is using the expected OS build.

Microsoft is working on a resolution and will provide an update in an upcoming release.

When calling CoInitializeSecurity, the call will fail if passing RPC_C_IMP_LEVEL_NONE under certain conditions.

When calling CoInitializeSecurity, the call may fail when passing RPC_C_AUTHN_LEVEL_NONE as the authentication level. The error returned on failure is STATUS_BAD_IMPERSONATION_LEVEL.

Change the authentication level parameter to RPC_C_AUTHN_LEVEL_CALL.

Microsoft is working on a resolution and will provide an update in an upcoming release.

Due to an issue with some versions of Anti-Virus software, this fix is only being made applicable to the machines where the Anti virus ISV has updated the ALLOW REGKEY.

Contact your Anti-Virus AV to confirm that their software is compatible and have set the following REGKEY on the machine

Key=”HKEY_LOCAL_MACHINE”Subkey=”SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat”

Value Name=”cadca5fe-87d3-4b96-b7fb-a231484277cc”

Type=”REG_DWORD”

Data=”0x00000000”

Known issues in KB4056891 & workaround:


SymptomWorkaround
When calling CoInitializeSecurity, the call will fail if passing RPC_C_IMP_LEVEL_NONE under certain conditions.

When calling CoInitializeSecurity, the call may fail when passing RPC_C_AUTHN_LEVEL_NONE as the authentication level. The error returned on failure is STATUS_BAD_IMPERSONATION_LEVEL.

Change the authentication level parameter to RPC_C_AUTHN_LEVEL_CALL.

Microsoft is working on a resolution and will provide an update in an upcoming release.

Due to an issue with some versions of Anti-Virus software, this fix is only being made applicable to the machines where the Anti virus ISV has updated the ALLOW REGKEY.

Contact your Anti-Virus AV to confirm that their software is compatible and have set the following REGKEY on the machine

Key=”HKEY_LOCAL_MACHINE”Subkey=”SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat”

Value Name=”cadca5fe-87d3-4b96-b7fb-a231484277cc”

Type=”REG_DWORD”

Data=”0x00000000”