Current Version plugins

Microsoft Windows Security Updates March 2019 overview

Today is the third patch day of the year 2019. Microsoft released updates for Microsoft Windows, Office, and other company products on March 12, 2019.

The updates are already available via Windows Update, as direct downloads, and through other updating systems that Microsoft supports.

Our monthly patch overview provides you with detailed information and links to support pages for further analysis.

The overview starts with an executive summary. What follows are statistics, information about cumulative updates for Windows, links to all security and non-security updates that Microsoft released, information about known issues, direct download links, and more.

Here is the link to last month’s patch overview in case you missed it.

We suggest that you create backups of the system and data that is important to you before you install any updates.

Microsoft Windows Security Updates March 2019

You may download the following Excel spreadsheet that lists all security updates released for all Microsoft products in March 2019. Click on the following link to download it to your device:
March 2019 Security Updates spreadsheet Windows

Executive Summary

  • Microsoft released security products for all client and server based versions of Windows that it supports.
  • The company released security updates for the following products next to that: Internet Explorer, Microsoft Edge, Microsoft Office and SharePoint, Skype for Business, Team Foundation Server, Visual Studio, and NuGet.
  • Microsoft released SHA-2 Code sign support for Windows 7 SP1 and Windows Server 2008 R2 SP1 as a security update. See this support article for additional information.

Operating System Distribution

  • Windows 7: 21 vulnerabilities of which 3 are rated critical and 18 are rated important.
    • Same as Windows 10 version 1607
  • Windows 8.1: 20 vulnerabilities of which 3 are rated critical and 17 are rated important.
    • Same as Windows 10 version 1607
  • Windows 10 version 1607:  24 vulnerabilities of which 3 are critical and 21 are important
    •  CVE-2019-0603 | Windows Deployment Services TFTP Server Remote Code Execution Vulnerability
    • Same as Windows 10 version 1709
  • Windows 10 version 1703:  24 vulnerabilities of which 2 are critical and 22 are important
    • Same as Windows 10 version 1709
  • Windows 10 version 1709: 28 vulnerabilities of which 2 are critical and 26 are important
  • Windows 10 version 1803: 33 vulnerabilities of which 6 are critical and 27 are important
    • same as Windows 10 version 1809
  • Windows 10 version 1809: 33 vulnerabilities of which 6 are critical and 27 are important
    • CVE-2019-0603 | Windows Deployment Services TFTP Server Remote Code Execution Vulnerability
    • CVE-2019-0697 | Windows DHCP Client Remote Code Execution Vulnerability
    • CVE-2019-0698 | Windows DHCP Client Remote Code Execution Vulnerability
    • CVE-2019-0726 | Windows DHCP Client Remote Code Execution Vulnerability
    • CVE-2019-0756 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0784 | Windows ActiveX Remote Code Execution Vulnerability

Windows Server products

  • Windows Server 2008 R2: 21 vulnerabilities of which 3 are critical and 17 are important.
    • Same as Windows Server 2016.
  • Windows Server 2012 R2: 20 vulnerabilities of which 3 are critical and 17 are important.
    • Same as Windows Server 2016.
  • Windows Server 2016: 24 vulnerabilities of which 3 are critical and 21 are important.
    • CVE-2019-0603 | Windows Deployment Services TFTP Server Remote Code Execution Vulnerability
    • CVE-2019-0756 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0784 | Windows ActiveX Remote Code Execution Vulnerability
  • Windows Server 2019: 33 vulnerabilities of which 5 are critical and 27 are important.
    • CVE-2019-0603 | Windows Deployment Services TFTP Server Remote Code Execution Vulnerability
    • CVE-2019-0697 | Windows DHCP Client Remote Code Execution Vulnerability
    • CVE-2019-0698 | Windows DHCP Client Remote Code Execution Vulnerability
    • CVE-2019-0726 | Windows DHCP Client Remote Code Execution Vulnerability
    • CVE-2019-0756 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0784 | Windows ActiveX Remote Code Execution Vulnerability

Other Microsoft Products

  • Internet Explorer 11: 14 vulnerability, 4 critical, 10 important
  • Microsoft Edge: 14 vulnerabilities, 7 critical, 7 important

Windows Security Updates

Windows 10 version 1809

KB4489899

  • Fixed a tracking and device calibration issue that affected Microsoft HoloLens.
  • Fixed “Error 1309” when installing or removing MSI and MSP files.
  • Fixed the graphics performance degredation issue.
  • Security updates for various Windows components.

Windows 10 version 1803

KB4489868

  • Fixed the “Error 1309” notification.
  • Security updates for various Windows components.

Windows 10 version 1709

KB4489886

  • Fixed “Error 1309”.
  • Security updates for various Windows components.

Windows 10 version 1703

KB4489871

  • Fixed “Error 1309”.
  • Fixed _isleadbyte_l() returning 0.
  • Security updates for various Windows components.

Windows 10 version 1607 / Server 2016

KB4489882

  • Fixed “Error 1309”.
  • Fixed an issue that caused Windows Server to stop working and restarting “when hosting multiple terminal server sessions and a user logs off”.
  • Fixed _isleadbyte_l() returning 0.
  • Security updates for various Windows components.

Windows 8.1

KB4489881 Monthly Rollup

  • Fixed the “Error 1309” issue.
  • Fixed an issue with a virtual memory leak and depletion of paged pool.
  • Various security updates for Windows components.

KB4489883 Security-only Update

  • Additional Japanese Era name fixes.
  • Same as Monthly Rollup.

Windows 7 Service Pack 1

KB4489878 Monthly Rollup

  • Fixed an issue that prevented the Event Viewer from showing Network Interface Cards events.
  • Various security updates for Windows components.

KB4489885 Security-only Update

  • Additional Japanese ERA name fixes.
  • Same as Monthly Rollup.

Other security updates

KB4489873 — Cumulative security update for Internet Explorer: March 12, 2019

KB4474419 — SHA-2 code signing support update for Windows Server 2008 R2 and Windows 7: March 12, 2019

KB4486468 — Security update for the information disclosure vulnerability in Windows Embedded POSReady 2009: March 12, 2019

KB4486536 — Security update for the information disclosure vulnerability in Windows Embedded POSReady 2009: March 12, 2019

KB4486538 — Security update for the elevation of privilege vulnerability in Windows Embedded POSReady 2009: March 12, 2019

KB4489493 — Security update for the information disclosure vulnerability in Windows Embedded POSReady 2009: March 12, 2019

KB4489876 — Security Only Quality Update for Windows Server 2008

KB4489880 — Security Monthly Quality Rollup for Windows Server 2008

KB4489884 –Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4489891 — Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4489907 — Adobe Flash Player update

KB4489973 — Security update for the remote code execution vulnerability in Windows Embedded POSReady 2009: March 12, 2019

KB4489974 — Security update for the remote code execution vulnerabilities in Windows Embedded POSReady 2009: March 12, 2019

KB4489977 — Security update for the remote code execution vulnerability in Windows Embedded POSReady 2009: March 12, 2019

KB4490228 — Security update for the remote code execution vulnerability in Windows Embedded POSReady 2009: March 12, 2019

KB4490385 — Security update for the information disclosure vulnerabilities in Windows Embedded POSReady 2009: March 12, 2019

KB4490500 — Security update for the elevation of privilege vulnerabilities in Windows Embedded POSReady 2009: March 12, 2019

KB4490501 — Security update for the information disclosure vulnerability in Windows Embedded POSReady 2009: March 12, 2019

KB4493341 — Security update for the information disclosure vulnerability in Windows Embedded POSReady 2009: March 12, 2019

Known Issues

4489878 Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Monthly Rollup) AND

4489885 Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Security-only update) AND

4489884 Windows Server 2012 (Security-only update) AND

4489891 Windows Server 2012 (Monthly Rollup)

  • Internet Explorer 10 may have authentication issues
    • Create unique user accounts to avoid same user account sharing and resolve the issue.

4489881 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup) AND

4489883 Windows 8.1, Windows Server 2012 R2 (Security-only update)

  • IE11 may have authentication issues.

4489882 Windows 10 version 1607, Windows Server 2016

  • System Center Virtual Machine Manager managed hosts cannot “enumerate and manage logical switches”.
    • Run mofcomp on Scvmmswitchportsettings.mof and VMMDHCPSvr.mof
  • Cluster service may fail with error “2245 (NERR_PasswordTooShort)”.
    • Set the Minimum Password Length policy to less or equal to 14 characters.
  • IE11 may have authentication issues.

4489899 Windows 10 version 1809, Windows Server 2019

  • IE11 may have authentication issues.
  • Output devices may stop working on devices with multiple audio devices. Affected applications include Windows Media Player, Sound Blaster Control Panel, and Realtek HD Audio Manager.
    • Temporary workaround: set the output device to default.

Security advisories and updates

ADV190008 | March 2019 Adobe Flash Security Update

ADV190010 | Best Practices Regarding Sharing of a Single User Account Across Multiple Users

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB4484071 — Update for Windows Server 2008 R2 and Windows Server 2008

KB4487989 — Update for POSReady 2009

KB4490628 — Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4489723 — Dynamic Update for for Windows 10 Version 1803

KB890830 — Windows Malicious Software Removal Tool – March 2019

Microsoft Office Updates

Microsoft released non-security and security updates for supported Microsoft Office products in March 2019. Information is available here.

How to download and install the March 2019 security updates

windows update 2019 march

Windows updates are installed automatically on most systems by default. Windows administrators may speed up the process by searching for updates manually or by downloading them directly from the Microsoft Update Catalog website.

Direct update downloads

Cumulative updates that Microsoft releases as well as other updates get uploaded to the Microsoft Update Catalog website.

You find links to all cumulative updates for client and server versions of Microsoft Windows.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4489878 — 2019-03 Security Monthly Quality Rollup for Windows 7
  • KB4489885 — 2019-03 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4489881— 2019-03 Security Monthly Quality Rollup for Windows 8.1
  • KB4489883 — 2019-03 Security Only Quality Update for Windows 8.1

Windows 10 and Windows Server 2016 (version 1607)

  • KB4489882 — 2019-03 Cumulative Update for Windows 10 Version 1607

Windows 10 (version 1703)

  •  KB4489871 — 2019-03 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  • KB4489886— 2019-03 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4489868 — 2019-03 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  •  KB4489899 — 2019-03 Cumulative Update for Windows 10 Version 1809

Additional resources

Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates March 2019 overview appeared first on gHacks Technology News.


Leave a Comment

Your email address will not be published. Required fields are marked *

Menu Title