After installing the Windows 10 update on some Lenovo laptops, you will need to disable Secure Boot
Lenovo X260 ThinkPad with Windows 10
On December 19, 2018, Microsoft released the emergency patch KB4483229 to eliminate the 0day vulnerability in Internet Explorer 9-11. The CVE-2018-8653 critical vulnerability really required immediate action, because it allows an attacker to remotely run arbitrary code on an unpatched machine under any version of Windows.
However, the update itself can be a source of problems, especially for owners of some Lenovo notebooks with less than 8 GB of RAM.
"After you install KB4467691 Windows can not start on some notebooks, the Lenovo, who have at least 8 GB of RAM", - stated in the list of known issues to the KB4483229 update.
As a temporary fix for the situation, Microsoft suggests rebooting the system through the Unified Extensible Firmware Interface (UEFI), disabling the Secure Boot mechanism, and then rebooting. In this case, everything should work. If the BitLocker hard drive content encryption system is running on your computer, then after disabling the Secure Boot mechanism, you may need to go through the BitLocker recovery procedure.
Microsoft reports that it is now working with Lenovo and plans to release a corresponding update so that it will again be possible to activate Secure Boot on laptops affected by this problem.
Apparently, the inability to boot into Secure Boot mode is somehow related to the patch covering the critical vulnerability in Internet Explorer 9-11. "This security update removes the vulnerability by changing the way in-memory processing of objects in the script engine," writes Microsoft.
Critical updates are usually recommended for installation to all Windows users, but in this case, Lenovo laptop owners may consider temporarily delaying the update until Microsoft and Lenovo release another update.