Sign in with Microsoft
Sign in or create an account.
Hello,
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.

Summary

This security update for Windows 10 Version 1511 and Windows Server 2016 Technical Preview 4 includes functionality improvements and fixes, and it resolves the following vulnerabilities in Windows:

  • 3155533 MS16-051: Cumulative Security update for Internet Explorer: May 10, 2016

  • 3155538 MS16-052: Cumulative Security update for Microsoft Edge: May 10, 2016

  • 3156754 MS16-055: Security update for Microsoft graphics component: May 10, 2016

  • 3156761 MS16-056: Security update for Windows Journal: May 10, 2016

  • 3156987 MS16-057: Security update for Windows shell: May 10, 2016

  • 3154846 MS16-060: Security update for Windows kernel: May 10, 2016

  • 3155520 MS16-061: Security update to RPC: May 10, 2016

  • 3158222 MS16-062: Security update for kernel mode drivers: May 10, 2016

  • 3155527 MS16-064: Security update to Schannel: May 10, 2016

  • 3156757 MS16-065: Security update for the .NET Framework: May 10, 2016

  • 3155451 MS16-066: Security update to virtual secure mode: May 10, 2016


Windows 10 and Windows Server 2016 updates are cumulative. Therefore, this package contains all previously released fixes.

If you have installed previous updates, only the new fixes that are contained in this package will be downloaded and installed to your computer. If you are installing a Windows 10 update package for the first time, the package for the x86 version is 390 MB and the package for the x64 version is 677 MB.

How to get this update

Method 1: Windows Update

This update will be downloaded and installed automatically.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Prerequisites

There are no prerequisites for installing this update.

Restart information

You have to restart the computer after you apply this update. 

Update replacement information

This update replaces the previously released security update 3147458.

File Information

For a list of the files that are provided in this cumulative update, download the file information for cumulative update 3156421.

File name

SHA1 hash

SHA256 hash

Windows10.0-KB3156421-x86.msu

DF6C01B17D1D5967853384BA995509FEFB432F10

0A983CCEF83D1FA44B418B5486D29B195BB0134FBAC2D99C7831EB18482AF914

Windows10.0-KB3156421-x64.msu

DF611D19667C6936EE4A7F77DA54801A6B87F275

7D81058C3879A4028791056FC81D70E119344AF12D0B475DE33ACFD8698D7A57


More Information

The .NET framework version 3.5 and earlier versions did not provide support for applications to use Transport Layer Security (TLS) System Default Versions as a cryptographic protocol. This update enables the use of TLS v1.2 in the .NET Framework 3.5.

The following registry keys can be set to use the operating system defaults for SSL and TLS instead of the hardcoded .NET Framework defaults for a managed application running on the computer.

  • For 64-bit operating systems: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727] "SystemDefaultTlsVersions"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v2.0.50727] "SystemDefaultTlsVersions"=dword:00000001

  • For 32-bit operating systems: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727] "SystemDefaultTlsVersions"=dword:00000001

Note If the application has set the ServicePointManager.SecureProtocol in code or through config files to a specific value, or uses the SslStream.AuthenticateAs* APIs to specify a specific SslProtocols enum, the registry setting behavior does not occur.

In addition, we have added the SslProtocolsExtensions enumeration that you can use as an option for setting TLS v1.2, TLS v1.1, as well as operating system defaults for the ServicePointManager.SecurityProtocol property when targeting .NET framework version 2.0 SP2. (See the Developer Guidance section for the information on how to use the extensions.)

For more information about how to enable TLS v1.1 or v1.2 as operating system defaults, follow the instructions at https://technet.microsoft.com/en-us/library/dn786418(v=ws.11).aspx#BKMK_SchannelTR_TLS12.

References

Learn about the terminology that Microsoft uses to describe software updates.

Facebook LinkedIn Email
SUBSCRIBE RSS FEEDS

Need more help?

Want more options?

Discover Community

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Microsoft 365 subscription benefits

Microsoft 365 training

Microsoft security

Accessibility center

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Ask the Microsoft Community

Microsoft Tech Community

Windows Insiders

Microsoft 365 Insiders

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!

×