Microsoft Windows Security Updates December 2019 overview

Welcome to the overview of the last Patch Tuesday of 2019. Microsoft released security and non-security updates for all supported products on December 11, 2019.

Our monthly series provides system administrators and interested users with information about the updates that Microsoft released in the month that is covered. It includes statistics, links to security and non-security updates, as well as download links, and links to resources and other official pages.

Click here to access the November 2019 Microsoft Patch Day overview.

Microsoft Windows Security Updates December 2019

microsoft windows security updates december 2019

You may download the following (zipped) Excel spreadsheet that contains a list of released updates in December 2019: microsoft-windows-security-updates-december-2019

Executive Summary

  • This is the last Patch Tuesday of 2019.
  • Microsoft released security updates for all versions of Windows as well as other company products such as Microsoft Office, SQL Server, Visual Studio, and Skype for Business.
  • Windows 10 version 1903 and 1909 share the same security KBs.
  • Microsoft’s Windows 7 operating system won’t receive updates anymore after the January 2020 Patch Day (Small Businesses and Enterprises may buy extensions) Microsoft plans to display a full-screen notification on January 15, 2020 on Starter, Home Basic, Home Premium, Professional (without ESU) and Ultimate editions of Windows 7.

Operating System Distribution

  • Windows 7: 14 vulnerabilities: 1 rated critical and 13 rated important
    • CVE-2019-1468 | Win32k Graphics Remote Code Execution Vulnerability
  • Windows 8.1: 11 vulnerabilities: 1 rated critical and 10 rated important
    • CVE-2019-1468 | Win32k Graphics Remote Code Execution Vulnerability
  • Windows 10 version 1803: 14 vulnerabilities: 2 critical and 12 important
    • CVE-2019-1468 | Win32k Graphics Remote Code Execution Vulnerability
    • CVE-2019-1471 | Windows Hyper-V Remote Code Execution Vulnerability
  • Windows 10 version 1809: 15 vulnerabilities: 2 critical and 13  important
    • Same as Windows 10 version 1803
  • Windows 10 version 1903: 14 vulnerabilities: 2 critical and 12 important
  • Windows 10 version 1909: same as Windows 10 version 1903

Windows Server products

  • Windows Server 2008 R2: 12 vulnerabilities: 1 critical and 11 important.
    • CVE-2019-1468 | Win32k Graphics Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 11 vulnerabilities: 1 critical and 10 important.
    • Same as Windows Server 2008 R2
  • Windows Server 2016: 13 vulnerabilities: 1 critical and 12 important.
    • Same as Windows Server 2008 R2
  • Windows Server 2019: 15 vulnerabilities: 22 critical and 13 are important
    • CVE-2019-1468 | Win32k Graphics Remote Code Execution Vulnerability
    • CVE-2019-1471 | Windows Hyper-V Remote Code Execution Vulnerability

Other Microsoft Products

  • Internet Explorer 11: 1 vulnerability: 1 important
  • Microsoft Edge: none?
  • Microsoft Edge on Chromium: none?

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

  • Monthly Rollup: KB4530734
  • Security-only Update: KB4530692 — The security-only update is only available through the Microsoft Update Catalog website and WSUS.

Changes:

  • Security updates to Windows Input and Composition, Windows Virtualization, Windows Kernel, Windows Peripherals, the Microsoft Scripting Engine, and Windows Server.

Windows 8.1 and Server 2012 R2

Changes:

Security updates to Windows Virtualization, Windows Kernel, Windows Peripherals, the Microsoft Scripting Engine, and Windows Server.

Windows 10 version 1803

Changes:

  • Fixes an issue that prevented Microsoft Store from opening on Windows on Arm.
  • Security updates to Windows Virtualization, Windows Kernel, Windows Peripherals, the Microsoft Scripting Engine, and Windows Server

Windows 10 version 1809

Changes:

  • Fixed a diagnostic data processing issue for devices on which the setting was set to Basic.
  • Same as Windows 10 version 1803.

Windows 10 version 1903

Changes:

  • Fixed an issue that could cause error 0x3B in cldflt.sys on some devices.
  • Fixed an issue that could prevent the creation of local user accounts when IME is used.
  • Security updates to Windows Virtualization, Windows Kernel, the Microsoft Scripting Engine, and Windows Server.

Windows 10 version 1909

Changes:

  • Same as Windows 10 version 1903

Other security updates

KB4530677 — 2019-12 Cumulative Security Update for Internet Explorer

KB4530691 — 2019-12 Security Monthly Quality Rollup for Windows Embedded 8 Standard, and Windows Server 2012

KB4530695 — 2019-12 Security Monthly Quality Rollup for Windows Server 2008

KB4530698 — 2019-12 Security Only Quality Update for Windows Embedded 8 Standard, and Windows Server 2012

KB4530719 — 2019-12 Security Only Quality Update for Windows Server 2008

KB4530681 — 2019-12 Cumulative Update for Windows 10 Version 1507

KB4530689 — 2019-12 Cumulative Update for Windows 10 Version 1607

KB4530711 — 2019-12 Cumulative Update for Windows 10 Version 1703

KB4530714 — 2019-12 Cumulative Update for Windows 10 Version 1709

KB4531787 — 2019-12 Servicing Stack Update for Windows Server 2008

KB4532920 — 2019-12 Servicing Stack Update for Windows Embedded 8 Standard, and Windows Server 2012

Known Issues

Windows 7 SP1 and Server 2008 R2:

Microsoft does not list any known issues on the KB support article but the release notes state that there is an (unnamed) issue.

Windows 8.1 and Server 2012 R2:

  • Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail

Windows 10 version 1803:

  • Same as Windows 8.1 and Server 2012 R2.
  • Problem creating local user accounts during the Out of Box Experienced when using Input Method Editor (IME).

Windows 10 version 1809:

  • Same as Windows 10 version 1803
  • Devices with “some” Asian language packs may throw error 0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.

Security advisories and updates

ADV990001 | Latest Servicing Stack Updates

ADV190026 | Microsoft Guidance for cleaning up orphaned keys generated on vulnerable TPMs and used for Windows Hello for Business

Non-security related updates

KB4532997 — 2019-12 Cumulative Update for .NET Framework 4.8 Windows 10 Version 1607, and Windows Server 2016

KB4532998 — 2019-12 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703

KB4532999 — 2019-12 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1709

KB4533000 –2019-12 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1903,and Windows Server 2016

KB4533001 — 2019-12 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1809, and Windows Server 2019

KB4533002 — 2019-12 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 1909 and Windows 10 Version 1909

KB4533013 — 2019-12 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809, and Windows Server 2019

KB4533094 — 2019-12 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809, and Windows Server 2019

KB4533003 — 2019-12 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8 Standard, and Windows Server 2012

KB4533004 — 2019-12 Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1, and Windows Server 2012 R2

KB4533005 — 2019-12 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4533010 — 2019-12 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard, and Windows Server 2012

KB4533011 — 2019-12 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 , and Windows Server 2012 R2

KB4533012 — 2019-12 Security and Quality Rollup for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4533095 — 2019-12 Security and Quality Rollup for .NET Framework 3.5.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4533096 — 2019-12 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard, and Windows Server 2012

KB4533097 — 2019-12 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4533098 — 2019-12 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

KB890830 — Windows Malicious Software Removal Tool – December 2019

Microsoft Office Updates

You find Office update information here.

How to download and install the December 2019 security updates

Security updates are downloaded and installed automatically on most (Home) Windows systems. Windows runs checks for updates regularly to download and install security updates released by Microsoft.

Windows administrators may run manual checks for updates to speed up the process or download patches from the Microsoft Update Catalog website.

Note: we recommend that backups are created before updates are installed.

Do this to run a manual check for updates:

  1. Open the Start Menu of the Windows operating system, type Windows Update and select the result.
  2. Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4530734 — 2019-12 Security Monthly Quality Rollup for Windows 7
  • KB4530692 — 2019-12 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4530702 — 2019-12 Security Monthly Quality Rollup for Windows 8.1
  • KB4530730 — 2019-12 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

  • KB4530717 — 2019-12 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1809)

  • KB4530715  — 2019-12 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4530684 — 2019-12 Cumulative Update for Windows 10 Version 1903

Windows 10 (version 1909)

  • KB4530684 — 2019-12 Cumulative Update for Windows 10 Version 1909

Additional resources

Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates December 2019 overview appeared first on gHacks Technology News.

Microsoft Windows Security Updates November 2019 overview

It is the second Tuesday of November 2019 and that means that it is Microsoft Patch Day. Microsoft released security and non-security updates for its Windows operating system and other company products.

Our overview provides you with information on these updates: it starts with an executive summary and information about the number of released updates for all supported client and server versions of Windows as well as the Microsoft Edge (classic) and Internet Explorer web browsers.

What follows is information about the updates, all with links to support articles on Microsoft’s website, the list of known issues, direct download links to cumulative updates for Windows, and additional update related information.

Click here to open the October 2019 Patch Day overview.

Microsoft Windows Security Updates October 2019

Download the following Excel spreadsheet to your local system; it lists security updates that Microsoft released in November 2019: November 2019 Security Updates

Executive Summary

feature update windows 10 1909

  • Microsoft released security updates for all supported client and server versions of the Microsoft Windows operating system.
  • The following Microsoft products have received security updates as well: Internet Explorer, Microsoft Edge, Microsoft Office, Secure Boot, Microsoft Exchange Server, Visual Studio, Azure Stack.
  • The Windows 10 version 1909 features are included in the Windows 10 version 1903 update but not activated until “they are turned on using an enablement package, which is a small, quick-to-install “master switch” that simply activates the Windows 10, version 1909 features.” Microsoft released a blog post that details how to get the update. (basically, install regular 1903 update, then check for updates again and the 1909 update should be offered)
  • Windows 10 Home, Pro, Pro for Workstations and IoT Core, version 1803 have reached end of servicing. These editions won’t receive security updates or other updates after November 12, 2019.

Operating System Distribution

  • Windows 7: 35 vulnerabilities: 4 rated critical and 31 rated important
    • CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
    • CVE-2019-1441 | Win32k Graphics Remote Code Execution Vulnerability
  • Windows 8.1: 37 vulnerabilities: 3 rated critical and 34 rated important
    • Same as Windows 7 except for CVE-2019-1441 (not affected)
  • Windows 10 version 1803: 46 vulnerabilities: 5 critical and 41 important
    • CVE-2019-0721 | Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1398 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
  • Windows 10 version 1809: 46 vulnerabilities: 4 critical and 42  important
    • Same as Windows 10 version 1803 except for CVE-2019-1389 (not affected)
  • Windows 10 version 1903: 46 vulnerabilities: 2 critical and 28 important
    • Same as Windows 10 version 1809 plus
    • CVE-2019-1430 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Windows Server products

  • Windows Server 2008 R2: 35 vulnerabilities: 4 critical and 31 important.
    • CVE-2019-1441 | Win32k Graphics Remote Code Execution Vulnerability
    • CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
    • CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 37 vulnerabilities: 3 critical and 34 important.
    • same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected)
  • Windows Server 2016: 38 vulnerabilities: 2 critical and 20 important.
    • same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected)
  • Windows Server 2019: 46 vulnerabilities: 2 critical and 29 are important
    • same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected) plus
    • CVE-2019-0721 | Hyper-V Remote Code Execution Vulnerability

Other Microsoft Products

  • Internet Explorer 11: 2 vulnerabilities: 2 critical
  • Microsoft Edge: 4 vulnerabilities: 4 critical
    • CVE-2019-1413 | Microsoft Edge Security Feature Bypass Vulnerability
    • CVE-2019-1426 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1427 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1428 | Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

The security-only update resolves the following issues/makes the following changes:

  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates for various operating system components.

The monthly rollup update includes all of the updates of the security-only update plus:

  • Fixes an issue that prevented certain 16-bit Visual Basic 3 applications or other VB3 applications from running.
  • Fixes a temporary user profile issue when the policy “Delete cached copies of roaming profiles” is set.

Windows 8.1 and Server 2012 R2

The security-only update resolves the following issues/makes the following changes:

  • Same as Windows 7 SP1 and Windows Server 2008 R2.

The monthly rollup update includes all of the updates of the security-only update plus:

  • Same as Windows 7 SP1 and Windows Server 2008 R2 plus
  • Fixes an issue that prevented multiple Bluetooth Basic Rate devices from functioning properly after installing the August 2019 updates.
  • Fixes an issue that caused error 0x7E when connecting Bluetooth devices after installing the June 2019 updates.

Windows 10 version 1803

The cumulative update fixes the following issues / makes the following changes:

  • Fixes an issue that caused Windows Defender Application Control Code Integrity events to become unreadable.
  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates

Windows 10 version 1809

The cumulative update fixes the following issues / makes the following changes:

  • Fixes an issue that could cause the Microsoft Defender Advanced Threat Protection service to stop running or stop sending report data.
  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates

Windows 10 version 1903

The cumulative update lists changes for Windows 10 version 1903 and 1909. It appears that Microsoft included the changes of 1909 in the cumulative update but has not activated them at the time of writing.

  • Fixes an issue in the Keyboard Lockdown Subsystem that might not filter key input correctly.
  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates

Other security updates

  • Internet Explorer Cumulative Update: KB4525106
  • 2019-11 Security Monthly Quality Rollup for Windows Server 2008 (KB4525234)
  • 2019-11 Security Only Quality Update for Windows Server 2008 (KB4525239)
  • 2019-11 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB4525246)
  • 2019-11 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB4525253)
  • 2019-11 Cumulative Update for Windows Server, version 1909 and Windows 10 Version 1909 (KB4524570)
  • 2019-11 Cumulative Update for Windows 10 Version 1507 (KB4525232)
  • 2019-11 Cumulative Update for Windows Server 2016, and Windows 10 Version 1607 (KB4525236)
  • 2019-11 Cumulative Update for Windows 10 Version 1709 (KB4525241)
  • 2019-11 Cumulative Update for Windows 10 Version 1703 (KB4525245)
  • 2019-11 Servicing Stack Update for Windows Server 2016, and Windows 10 Version 1607 (KB4520724)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1507 (KB4523200)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1703 (KB4523201)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1709 (KB4523202)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1803, and Windows Server 2016 (KB4523203)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1809, and Windows Server 2019 (KB4523204)
  • 2019-11 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB4523206)
  • 2019-11 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012 (KB4523208)
  • 2019-11 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB4524445)
  • 2019-11 Servicing Stack Update for Windows Server, version 1909 and Windows 10 Version 1909 (KB4524569)
  • 2019-11 Servicing Stack Update for Windows Server 2008 (KB4526478)

Known Issues

Windows 8.1 and Windows Server 2012 R2

  • Certain operations may fail on Cluster Shared Volumes with the error code “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”

Windows 10 version 1803

  • Certain operations may fail on Cluster Shared Volumes with the error code “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”
  • May be unable to create a new local user during the Out of Box Experience when using Input Method Editor (IME) — Microsoft recommends setting the keyboard language to English during user creation or to use a Microsoft Account to complete the setup.

Windows 10 version 1809

  • Same as Windows 10 version 1803 plus
  • May receive error “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND” with some Asian language packs installed.

Windows 10 version 1903

  • May be unable to create a new local user during the Out of Box Experience when using Input Method Editor (IME) — Microsoft recommends setting the keyboard language to English during user creation or to use a Microsoft Account to complete the setup.

Security advisories and updates

ADV190024 | Microsoft Guidance for Vulnerability in Trusted Platform Module (TPM)

Non-security related updates

  • 2019-11 Dynamic Update for Windows 10 Version 1809 (KB4524761)
  • 2019-11 Dynamic Update for Windows 10 Version 1903 (KB4525043)
  • Windows Malicious Software Removal Tool – November 2019 (KB890830)

Microsoft Office Updates

You find Office update information here.

How to download and install the November 2019 security updates

windows updates security november 2019

Most home devices running Windows are configured to download and install security updates when they are released. Users who don’t want to wait for that to happen or have configured their systems to update manually only may run manual checks for updates or download the cumulative updates from Microsoft’s Update Catalog website.

The following needs to be done to check for updates manually:

  1. Open the Start Menu of the Windows operating system, type Windows Update and select the result.
  2. Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4525235 — 2019-11 Security Monthly Quality Rollup for Windows 7
  • KB4525233 — 2019-11 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4525243 — 2019-11 Security Monthly Quality Rollup for Windows 8.1
  • KB4525250 — 2019-11 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

  • KB4525237 — 2019-11 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4523205  — 2019-11 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4524570  — 2019-11 Cumulative Update for Windows 10 Version 1903

Additional resources

Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates November 2019 overview appeared first on gHacks Technology News.

Microsoft Windows Security Updates October 2019 overview

Microsoft released security and non-security updates for the Microsoft Windows operating system and other company products on October 8, 2019.

Our overview of the monthly release of patches provides administrators and home users with information.

The overview links to all released updates, provides information on fixes and known issues, links to support articles and download pages, and provides statistics about the released updates of the month.

You can check out the September 2019 overview here in case you missed it.

Microsoft Windows Security Updates October 2019

Here is a handy Excel spreadsheet that lists all released security updates for Microsoft products in October 2019. Please download it with a click on the following link: microsoft-windows-october-2019-update list

Executive Summary

  • Microsoft released security updates for all supported versions of Microsoft Windows.
  • Security updates were also released for the following company products: Internet Explorer, Microsoft Edge, Microsoft Office, SQL Server Management Studio, Microsoft Dynamics, Windows Update Assistant
  • The latest Servicing Stack Update and SHA-2 updates need to be installed before this month’s patches for Windows 7 and Windows Server 2008 R2 are installed.
  • Windows 10 version 1803 reaches end of servicing next month for Home and Pro editions.

Operating System Distribution

  • Windows 7: 20 vulnerabilities: 1 rated critical and 18 rated important
    • CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows 8.1: 20 vulnerabilities: 2 rated critical and 17 rated important and 1 moderate
    • CVE-2019-1060 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows 10 version 1803: 29 vulnerabilities: 2 critical and 26 important and 1 moderate
    • CVE-2019-1060 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows 10 version 1809: 32 vulnerabilities: 2 critical and 29  important and 1 moderate
    • Same as Windows 10 version 1803
  • Windows 10 version 1903: 31 vulnerabilities: 2 critical and 28 important and 1 moderate
    • Same as Windows 10 version 1803

Windows Server products

  • Windows Server 2008 R2: 20 vulnerabilities: 1 critical,18 important and 1 moderate.
    • CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 20 vulnerabilities: 2 critical, 17 important and 1 moderate
    • CVE-2019-1060 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows Server 2016: 23 vulnerabilities: 2 critical, 20 important and 1 moderate.
    • Same as Server 2012 R2.
  • Windows Server 2019: 32 vulnerabilities: 2 critical, 29 are important and 1 moderate.
    • Same as Server 2012 R2.

Other Microsoft Products

  • Internet Explorer 11: 6 vulnerabilities: 3 critical, 3 important
  • Microsoft Edge: 7 vulnerabilities: 4 critical, 3 important
    • CVE-2019-1307 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1308 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1335 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1366 | Chakra Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

Security only: KB4520003 

  • Fixed an issue with security bulletin CVE-2019-1318 that could cause clients or servers that don’t support Extended Master Secret RFC 7626 to have increased latency and CPU utilization.
  • Security updates

Monthly Rollup: KB4519976

  • Fixed an issue that could prevent the disabling of VBScript in IE by default.
  • Fixed a printing issue.
  • Security fixes.

Windows 8.1 and Server 2012 R2

Security-only: KB4519990

  • Security updates.

Monthly Rollup: KB4520005

  • Same as security-only.
  • Fixed an issue with applications and printer drivers that use Windows JavaScript engine for processing print jobs.

Windows 10 version 1803

Cumulative Update: KB4520008

  • Fixed a Keyboard Lockdown Subsystem issue that prevented the correct filtering of key input.
  • Fixed a Bluetooth hardening issue that could cause the error “0x133 DPC_WATCHDOG_VIOLATION”.
  • Fixed an issue with security bulletin CVE-2019-1318 that could cause clients or servers that don’t support Extended Master Secret RFC 7626 to have increased latency and CPU utilization.
  • Fixed a printing issue.
  • Security updates

Windows 10 version 1809 and Server 1809 and Windows Server 2019

Cumulative Update: KB4519338

  • Fixed a Keyboard Lockdown Subsystem issue that prevented the correct filtering of key input.
  • Fixed an issue with security bulletin CVE-2019-1318 that could cause clients or servers that don’t support Extended Master Secret RFC 7626 to have increased latency and CPU utilization.
  • Fixed a printing issue.
  • Security updates

Windows 10 version 1903 and Server 1903

Cumulative Update: KB4517389 

  • Fixed an issue with security bulletin CVE-2019-1318 that could cause clients or servers that don’t support Extended Master Secret RFC 7626 to have increased latency and CPU utilization.
  • Fixed a printing issue.
  • Security updates

Other security updates

KB4519974 — Cumulative security update for Internet Explorer: October 8, 2019

KB4520004 — 2019-10 Cumulative Update for Windows 10 Version 1709

KB4520010 — 2019-10 Cumulative Update for Windows 10 Version 1703

KB4520011 — 2019-10 Cumulative Update for Windows 10 Version 1507

KB4521856 — 2019-10 Servicing Stack Update for Windows 10 Version 1507

KB4521857 — 2019-10 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012

KB4521858 — 2019-10 Servicing Stack Update for Windows Server 2016 and Windows 10 Version 1607

KB4521859 — 2019-10 Servicing Stack Update for Windows 10 Version 1703

KB4521860 — 2019-10 Servicing Stack Update for Windows 10 Version 1709

KB4521861 — 2019-10 Servicing Stack Update for Windows 10 Version 1803 and Windows Server 2016

KB4521862 — 2019-10 Servicing Stack Update for Windows 10 Version 1809 and Windows Server 2019

KB4521863 — 2019-10 Servicing Stack Update for Windows Server 1909 and Windows 10 Version 1909

KB4521864 — 2019-10 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

Server products

KB4519985 — Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4520002 — 2019-10 Security Monthly Quality Rollup for Windows Server 2008

KB4520007  — 2019-10 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4520009 — 2019-10 Security Only Quality Update for Windows Server 2008

KB4519998 — 2019-10 Cumulative Update for Windows 10 Version 1607 and Windows Server 2016

Known Issues

Windows 8.1

  • Certain operations on Cluster Shared Volumes may fail.

Windows 10 version 1803

  • Same as Windows 8.1.
  • Black screen issue on first boot after the installation of updates.
  • Mixed Reality Portal error issue.

Windows 10 version 1809

  • Same as Windows 10 version 1809.
  • Issue on devices with certain Asian language packs installed.

Security advisories and updates

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB4524102 — 2019-10 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4524103 — 2019-10 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4524104 — 2019-10 Security and Quality Rollup for .NET Framework 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4524105 — 2019-10 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

KB4519335 — 2019-10 Dynamic Update for Windows 10 Version 1607

KB4519336 — 2019-10 Dynamic Update for Windows 10 Version 1703

KB4519337 — 2019-10 Dynamic Update for Windows 10 Version 1809

KB4519764 — 2019-10 Dynamic Update for Windows 10 Version 1709

KB4519765 — 2019-10 Dynamic Update for Windows 10 Version 1803

KB4524095 — 2019-10 Cumulative Update for .NET Framework 4.8 for Windows Server 1903, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows 10 Version 1803, Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524096 — 2019-10 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1903, Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524097 — 2019-10 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1903, Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524098 — 2019-10 Cumulative Update for .NET Framework 4.8 for Windows Server 1903, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows 10 Version 1803, Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524099 — 2019-10 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows Server 2019, Windows 10 Version 1903, Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524100 –2019-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 1903 and Windows 10 Version 1903

KB4524101 — 2019-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 1909 and Windows 10 Version 1909

KB890830 — Windows Malicious Software Removal Tool – October 2019

Microsoft Office Updates

You find Office update information here.

How to download and install the October 2019 security updates

windows security updates october 2019

Note: we suggest that you create a full system backup before applying any updates; Microsoft’s track record of releasing updates without known issues has not been the best lately and while most updates may install fine and without issues on most systems, a backup ensures that you can restore the previous version if you encounter any issues.

Windows Updates are pushed to home devices automatically. You can run a manual check for updates to speed up the process.

  1. Open the Start Menu of the Windows operating system, type Windows Update and select the result.
  2. Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Cumulative updates may also be downloaded from the Microsoft Update Catalog website to install them manually. Note that you need to make sure that a compatible Service Stack Update is installed on the device.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4519976 — 2019-10 Security Monthly Quality Rollup for Windows 7
  • KB4520003 — 2019-10 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4520005 — 2019-10 Security Monthly Quality Rollup for Windows 8.1
  • KB4519990 — 2019-10 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

  • KB4520008  — 2019-10 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4519338  — 2019-10 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4517389  — 2019-10 Cumulative Update for Windows 10 Version 1903

Additional resources

Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates October 2019 overview appeared first on gHacks Technology News.

Microsoft Windows Security Updates September 2019 overview

It is September 10, 2019 and Microsoft has just released security and non-security updates for its Microsoft Windows operating system and other company products.

Our overview of the September 2019 Patch Day provides system administrators and home users with information on the released updates. It features some stats at the beginning, provides links to all support articles and direct download options, lists known issues and security advisories, and provides other relevant information.

Check out the August 2019 update overview in case you missed it.

Microsoft Windows Security Updates September 2019

Here is a handy Excel spreadsheet that lists all released security updates for Microsoft products in September 2019. Please download it with a click on the following link:
Microsoft Windows Security Updates September 2019

Executive Summary

  • Microsoft released security updates for all client and server versions of the Windows operating system that it supports.
  • The following non-Windows products had security updates released as well: Internet Explorer, Microsoft Edge, Microsoft Office, Adobe Flash Player, Microsoft Lync, Visual Studio, .NET Framework, Microsoft Exchange Server, Microsoft Yammer, .NET Core, ASP.NET, Team Foundation Server, Project Rome.
  • Microsoft fixed the high CPU usage issue from SearchUI.exe in Windows 10 1903.
  • The Microsoft Update Catalog website lists 215 updates.

Operating System Distribution

  • Windows 7: 32 vulnerabilities: 4 rated critical and 28 rated important
    • CVE-2019-0787 | Remote Desktop Client Remote Code Execution Vulnerability
    • CVE-2019-1280 | LNK Remote Code Execution Vulnerability
    • CVE-2019-1290 | Remote Desktop Client Remote Code Execution Vulnerability
    • CVE-2019-1291 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows 8.1: 33 vulnerabilities: 5 rated critical and 28 rated important
    • same as Windows 7 plus
    • CVE-2019-0788 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows 10 version 1803: 46 vulnerabilities: 5 critical and 41 important
    • same as Windows 8.1
  • Windows 10 version 1809: 45 vulnerabilities: 5 critical and 40 important
    • same as Windows 8.1
  • Windows 10 version 1903: 45 vulnerabilities: 5 critical and 40 important.
    • same as Windows 8.1

Windows Server products

  • Windows Server 2008 R2: 31 vulnerabilities: 3 critical and 28 important.
    • CVE-2019-1280 | LNK Remote Code Execution Vulnerability
    • CVE-2019-1290 | Remote Desktop Client Remote Code Execution Vulnerability
    • CVE-2019-1291 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 31 vulnerabilities: 3 critical and 28 important.
    • same as Windows Server 2008 R2.
  • Windows Server 2016: 39 vulnerabilities: 3 critical and 36 important
    • same as Windows Server 2008 R2.
  • Windows Server 2019: 43 vulnerabilities: 3 critical and 40 are important.
    • same as Windows Server 2008 R2.

Other Microsoft Products

  • Internet Explorer 11: 4 vulnerabilities: 3 critical, 1 important
  • Microsoft Edge: 7 vulnerabilities: 5 critical, 2 important
    • CVE-2019-1138 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1217 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1237 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1298 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1300 | Chakra Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2 SP1

Monthly Rollup: KB4516065

Security Only: KB4516033

  • Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 32-Bit (x86) versions of Windows
  • Security Updates

Windows 8.1 and Windows Server 2012 R2

Monthly Rollup: KB4516067

Security Only: KB4516064

  • Same as Windows 7 and Server 2008 R2

Windows 10 version 1803

Cumulative Update: KB4516058

  • Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 32-Bit (x86) versions of Windows.
  • Security updates.

Windows 10 version 1809 and Windows Server 1809

Cumulative Update: KB4512578

  • Same as Windows 10 version 1803.

Windows 10 version 1903 and Windows Server version 1903

Cumulative update: KB4515384

  • Same as Windows version 1803 plus
  • Fixed the high CPU usage issue caused by SearchUI.exe.

Windows 10 version 1903 and Windows Server 1903

Other security updates

KB4516046 — Cumulative security update for Internet Explorer: September 10, 2019

KB4474419 — SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: August 13, 2019

KB4516655 — 2019-09 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB45171342019-09 Servicing Stack Update for Windows Server 2008

KB4512938 — 2019-09 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4512939 — 2019-09 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012

KB4511839 — 2019-09 Servicing Stack Update for Windows 10 Version 1703

KB4512573 — 2019-09 Servicing Stack Update for Windows 10 Version 1507

KB4512575 — 2019-09 Servicing Stack Update for Windows 10 Version 1709

KB4512576 — 2019-09 Servicing Stack Update for Windows Server Version 1803 and Windows 10 Version 1803

KB4512577 — 2019-09 Servicing Stack Update for Windows 10 Version 1809 and Windows Server 2019

KB4515383 — 2019-09 Servicing Stack Update for Windows 10 Version 1903

KB4512574 — 2019-09 Servicing Stack Update for Windows Server 1903 RTM, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows Server Version 1803, Windows 10 Version 1803, Windows Server 2016, Windows Server Version 1709, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10

Server / Embedded

KB4516026 — 2019-09 Security Monthly Quality Rollup for Windows Server 2008

KB4516051 — 2019-09 Security Only Quality Update for Windows Server 2008

KB4516055 –2019-09 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4516062 — 2019-09 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

Microsoft .NET

KB4514330 — Security Only Update for .NET Framework 4.8 for Windows Server 2012

KB4514331 — Security Only Update for .NET Framework 4.8 for Windows 8.1 and Server 2012 R2

KB4514337

KB4514338 — Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2

KB4514341 — Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Server 2012 R2

KB4514342 — Security Only Update for .NET Framework 4.5.2 for Windows Server 2012

KB4514349 — Security Only Update for .NET Framework 3.5 for Windows Server 2012

KB4514350 — Security Only Update for .NET Framework 3.5 for Windows 8.1 and Server 2012 R2

KB4514360 — Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012

KB4514361 — Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514363 — Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012

KB4514364 — Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514367 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514368 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows Server 2012

KB4514370 — Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012

KB4514371 — Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Server 2012 R2

KB4514598 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012

KB4514599 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Server 2012 R2

KB4514602 — Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Server 2008 R2 SP1

KB4514603 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012

KB4514604 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514605 — Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2

KB4514354 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607

KB4514355 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703

KB4514356 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1709

KB4514357 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803 and Windows Server 2016

KB4514358 — 2019-09 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1809

KB4514359 — 2019-09 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1903

KB4514366 — 2019-09 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809

KB4514601 — 2019-09 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809

Known Issues

Windows 7 SP1 and Windows Server 2008 R2 (monthly rollup only)

  • VBScript may not be disabled in Internet Explorer even though it should be

Windows 8.1 and Windows Server 2008 R2

  • Certain operations may fail on Cluster Shared Volumes

Windows 10 version 1803

  • Operations may fail on Cluster Shared Volumes.
  • Black screen during first logon after update installation issue

Windows 10 version 1809

  • Same as Windows 10 version 1803 plus
  • Error on some devices with certain Asian language packs installed: 0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.
  • Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries

Security advisories and updates

ADV990001 | Latest Servicing Stack Updates

ADV190022 | September 2019 Adobe Flash Security Update

Non-security related updates

Microsoft Office Updates

You find Office update information here.

How to download and install the September 2019 security updates

windows updates september 2019 microsoft

Most home systems receive updates automatically especially when they run Windows 10. Updates are not pushed in real-time to devices running Windows. Some administrators prefer to install security updates the moment they are released, others to wait to make sure that the updates don’t introduce any issues on the system.

Note: it is recommended that you back up the system partition before you install updates. Use programs like Paragon Backup & Recovery Free or Macrium Reflect for that.

Admins may check for updates manually to retrieve the released updates right away. Here is how that is done:

  • Open the Start Menu of the Windows operating system, type Windows Update and select the result.
  • Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Updates may also be downloaded from the Microsoft Update Catalog website.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4516065 — 2019-09 Security Monthly Quality Rollup for Windows 7
  • KB4516033 — 2019-09 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4516067 — 2019-09 Security Monthly Quality Rollup for Windows 8.1
  • KB4516064 — 2019-09 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

  • KB4516058 — 2019-09 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4512578  — 2019-09 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4515384  — 2019-09 Cumulative Update for Windows 10 Version 1903

Additional resources

Ghacks needs you. You can find out how to support us here (https://www.ghacks.net/support/) or support the site directly by becoming a Patreon (https://www.patreon.com/ghacks/). Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates September 2019 overview appeared first on gHacks Technology News.

Microsoft Windows Security Updates August 2019 overview

Today is the August 2019 Patch Day over at Microsoft. The company released security and non-security updates for all supported versions of Microsoft Windows and other company products today.

We publish detailed information for system administrators, organizations, and interested home users on each Microsoft Patch Day. These cover links information and links to patches, the list of known issues, links to resource pages, and other relevant information to make educated updating decisions.

You can check out the July 2019 Update overview if you missed it.

Microsoft Windows Security Updates August 2019

The following Excel spreadsheet lists updates that Microsoft released for its products in August 2019. You can download it with a click on the following link:
Microsoft Windows Security Updates August 2019 List

Executive Summary

  • Microsoft released security updates for all client and server versions of Microsoft Windows. All systems are affected by multiple critical security vulnerabilities.
  • Microsoft released updates for other products including Internet Explorer, Microsoft Edge, Visual Studio, Active Directory, Microsoft Office, and Microsoft Dynamics.
  • Microsoft fixed the MIT Kerberos known issue for affected versions of Windows.
  • The Microsoft Update Catalog lists 90 entries.

Operating System Distribution

  • Windows 7: 39 vulnerabilities: 11 rated critical and 28 rated important
    • CVE-2019-0720 | Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0736 | Windows DHCP Client Remote Code Execution Vulnerability
    • CVE-2019-1144 | Microsoft Graphics Remote Code Execution Vulnerability
    • CVE-2019-1145 | Microsoft Graphics Remote Code Execution Vulnerability
    • CVE-2019-1149 | Microsoft Graphics Remote Code Execution Vulnerability
    • CVE-2019-1150 | Microsoft Graphics Remote Code Execution Vulnerability
    • CVE-2019-1151 | Microsoft Graphics Remote Code Execution Vulnerability
    • CVE-2019-1152 | Microsoft Graphics Remote Code Execution Vulnerability
    • CVE-2019-1181 | Remote Desktop Services Remote Code Execution Vulnerabilit
    • CVE-2019-1182 | Remote Desktop Services Remote Code Execution Vulnerability
    • CVE-2019-1183 | Windows VBScript Engine Remote Code Execution Vulnerability
  • Windows 8.1: 39 vulnerabilities: 11 rated critical and 28 rated important
    • same as Windows 7
  • Windows 10 version 1709: 53 vulnerabilities: 13 critical and 40 important
    • CVE-2019-0720 | Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0736 | Windows DHCP Client Remote Code Execution Vulnerability
    • CVE-2019-0965 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1144 | Microsoft Graphics Remote Code Execution Vulnerability
    • CVE-2019-1145 | Microsoft Graphics Remote Code Execution Vulnerability
    • CVE-2019-1149 | Microsoft Graphics Remote Code Execution Vulnerability
    • CVE-2019-1150 | Microsoft Graphics Remote Code Execution Vulnerability
    • CVE-2019-1151 | Microsoft Graphics Remote Code Execution Vulnerability
    • CVE-2019-1152 | Microsoft Graphics Remote Code Execution Vulnerability
    • CVE-2019-1181 | Remote Desktop Services Remote Code Execution Vulnerability
    • CVE-2019-1182 | Remote Desktop Services Remote Code Execution Vulnerability
    • CVE-2019-1183 | Windows VBScript Engine Remote Code Execution Vulnerability
    • CVE-2019-1188 | LNK Remote Code Execution Vulnerability
  • Windows 10 version 1803: 61 vulnerabilities: 15 critical and 46 important
    • Same as Windows 10 version 1709 plus..
    • CVE-2019-1222 | Remote Desktop Services Remote Code Execution Vulnerability
    • CVE-2019-1226 | Remote Desktop Services Remote Code Execution Vulnerability
  • Windows 10 version 1809: 64 vulnerabilities: 14 critical and 50 important
    • Same as Windows 10 version 1803 except CVE-2019-0736
  • Windows 10 version 1903: 64 vulnerabilities: 13 critical and 51 important.
    • Same as Windows 10 version 1803 except CVE-2019-0720 and CVE-2019-0736

Windows Server products

  • Windows Server 2008 R2: 39 vulnerabilities: 11 critical and 28 important.
    • CVE-2019-0720 | Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0736 | Windows DHCP Client Remote Code Execution Vulnerability
    • CVE-2019-1144 | Microsoft Graphics Remote Code Execution Vulnerability
    • CVE-2019-1145 | Microsoft Graphics Remote Code Execution Vulnerability
    • CVE-2019-1149 | Microsoft Graphics Remote Code Execution Vulnerability
    • CVE-2019-1150 | Microsoft Graphics Remote Code Execution Vulnerability
    • CVE-2019-1151 | Microsoft Graphics Remote Code Execution Vulnerability
    • CVE-2019-1152 | Microsoft Graphics Remote Code Execution Vulnerability
    • CVE-2019-1181 | Remote Desktop Services Remote Code Execution Vulnerabilit
    • CVE-2019-1182 | Remote Desktop Services Remote Code Execution Vulnerability
    • CVE-2019-1183 | Windows VBScript Engine Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 40 vulnerabilities: 11 critical and 29 important.
    • Same as Windows Server 2008 R2.
  • Windows Server 2016: 50 vulnerabilities: 11 critical and 39 important
    • Same as Windows Server 2008 R2.
  • Windows Server 2019: 65 vulnerabilities: 14 critical and 51 are important.
    • Same as Windows Server 2008 R2 plus
    • CVE-2019-1212 | Windows DHCP Server Denial of Service Vulnerability
    • CVE-2019-1226 | Remote Desktop Services Remote Code Execution Vulnerability

Other Microsoft Products

  • Internet Explorer 11: 4 vulnerabilities: 2 critical, 2 important
    • CVE-2019-1133 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1194 | Scripting Engine Memory Corruption Vulnerability
  • Microsoft Edge: 9 vulnerabilities: 7 critical, 2 important
    • CVE-2019-1131 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1139 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1140 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1141 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1195 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1196 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1197 | Chakra Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2 SP1

KB4512506 — Monthly Rollup

KB4512486 — Security-only update

  • Security updates to Windows App Platform and Frameworks, Windows Wireless Networking, Windows Storage and Filesystems, Windows Virtualization, Windows Datacenter Networking, Microsoft Scripting Engine, the Microsoft JET Database Engine, Windows Input and Composition, Windows MSXML, Internet Explorer, and Windows Server.

Windows 8.1 and Windows Server 2012 R2

KB4512488 — Monthly Rollup

KB4512489 — Security-only update

  • Security updates to Windows App Platform and Frameworks, Windows Input and Composition, Windows Wireless Networking, Windows Virtualization, Windows Datacenter Networking, Windows Storage and Filesystems, the Microsoft JET Database Engine, Microsoft Scripting Engine, Windows MSXML, Internet Explorer, and Windows Server.

Windows 10 version 1709

KB4512516 — Cumulative Update

  • Fixed the MIT Kerberos realms issue that prevented devices from starting up or caused them to continue restarting.
  • Security updates to Windows Wireless Networking, Windows Storage and Filesystems, Windows App Platform and Frameworks, Microsoft Scripting Engine, Microsoft Edge, Windows Server, Windows MSXML, the Microsoft JET Database Engine, Windows Datacenter Networking, Windows Virtualization, Windows Cryptography, Windows Input and Composition, and Internet Explorer.

Windows 10 version 1803

KB4512501 — Cumulative Update

  • Fixed the MIT Kerberos realms issue that prevented devices from starting up or caused them to continue restarting.
  • Security updates to Windows Wireless Networking, Windows Storage and Filesystems, Windows App Platform and Frameworks, Windows Datacenter Networking, Microsoft JET Database Engine, Windows Input and Composition, Windows MSXML, Internet Explorer, Windows Server, Microsoft Scripting Engine, Windows Cryptography, Windows Server, Windows Virtualization, Microsoft Edge, and Windows Shell.

Windows 10 version 1809 and Windows Server 1809

KB4511553 — Cumulative Update

  • Fixed the MIT Kerberos realms issue that prevented devices from starting up or caused them to continue restarting.
  • Fixed an issue with an Windows Server Update Services console user interface exception that occurred when expanding the Computers directory.
  • Security updates to Windows App Platform and Frameworks, Windows Wireless Networking, Windows Storage and Filesystems, Microsoft Scripting Engine, Internet Explorer, Windows Input and Composition, Windows Cryptography, Windows Virtualization, Windows Datacenter Networking, the Microsoft JET Database Engine, Windows Server, Windows Kernel, Windows MSXML, and Microsoft Edge.

Windows 10 version 1903 and Windows Server 1903

KB4512508 — Cumulative Update

  • Fixed the MIT Kerberos realms issue that prevented devices from starting up or caused them to continue restarting.
  • Security updates to Windows App Platform and Frameworks, Windows Storage and Filesystems, Microsoft Scripting Engine, Windows Input and Composition, Windows Wireless Networking, Windows Cryptography, Windows Datacenter Networking, Windows Virtualization, Windows Storage and Filesystems, the Microsoft JET Database Engine, Windows Linux, Windows Kernel, Windows Server, Windows MSXML, Internet Explorer, and Microsoft Edge.

Other security updates

KB4511872 — Cumulative security update for Internet Explorer: August 13, 2019

KB4474419 — SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: August 13, 2019

KB4512476 — Windows Server 2008 SP2 Monthly Rollup

KB4512491 — Windows Server 2008 SP2 Security-Only Update

KB4512518 — Windows Server 2012 and Windows Embedded 8 Standard Monthly Rollup

KB4512482 — Windows Server 2012 and Windows Embedded 8 Standard Security-Only Update

Known Issues

Windows 7 and Server 2008 R2

  • Devices that use Preboot Execution Environment may fail to start.
  • IA64 devices may fail to start. Solution: install KB4474419 .
  • Systems with Symantec or Norton software installed may block or delete Windows updates which causes Windows to stop working or fail to start. Upgrade block is in place. Symantec support article for the issue.

Windows 8.1 and Server 2012 R2

  • Certain operations on Cluster Shared Volumes fail.
  • Devices that use Preboot Execution Environment may fail to start.

Windows 10 version 1709

  • Same as Windows 8.1 and Server 2012 R2

Windows 10 version 1803

  • Same as Windows 8.1 and Server 2012 R2, plus..
  • Black screen on first startup after installing updates.

Windows 10 version 1809 and Server 1809

  • Same as Windows 1803, plus..
  • Issue on systems with Asian language packs installed.
  • Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.

Windows 10 version 1903 and Server 1903

  • Windows Sandbox may fail to start.
  • Devices that use Preboot Execution Environment may fail to start.

Security advisories and updates

ADV190014 | Microsoft Live Accounts Elevation of Privilege Vulnerability

Non-security related updates

KB4087513 — Microsoft .NET Framework 4.8 Language Packs for Windows Embedded 8 Standard and Windows Server 2012

KB4087514 — Microsoft .NET Framework 4.8 Language Packs for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4087515 — Microsoft .NET Framework 4.8 Language Packs for Windows Server 1903, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows 10 Version 1803, Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10 Version 1507

KB4087642 — Microsoft .NET Framework 4.8 Language Packs for Windows Server 1903, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows 10 Version 1803, Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10 Version 1507

KB4486081 — Microsoft .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4486105 — Microsoft .NET Framework 4.8 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4486129 — Microsoft .NET Framework 4.8 for Windows Server 1703, Windows Server and Windows 10 Version 1607

KB4486153 — Microsoft .NET Framework 4.8 for Windows Server 1903, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows 10 Version 1803, Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10 Version 1507

KB4497410 — Microsoft .NET Framework 4.8 Language Packs for Windows 7 and Server 2008 R2

KB4503548 — Microsoft .NET Framework 4.8 for Windows 7 and Windows Server 2008 R2

KB4511552 — 2019-08 Dynamic Update for Windows 10 Version 1809

KB890830 — Windows Malicious Software Removal Tool – August 2019

KB4505903 — Windows 10 version 1903 and Windows Server version 1903

KB4505658 — Windows 10 version 1809 and Windows Server 1809

KB4507466 — Windows 10 version 1803

KB4507465 — Windows 10 version 1709

KB4507467 — Windows 10 version 1703

 

Microsoft Office Updates

You find Office update information here.

How to download and install the August 2019 security updates

microsoft windows security updates august 2019

Home computer systems running Windows are configured to download and install updates automatically. It is recommended to wait with the installation of updates or create backups of the system before updates are installed; updates may introduce issues of their own on systems including major issues that may prevent PCs from booting into Windows.

You may run manual checks for updates to speed up the installation of the new updates

  1. Tap on the Windows-key, type Windows Update, and select the result.
  2. A click on “check for updates” runs a manual check. Updates may be installed automatically or on user request depending on system settings.

Another option that you have is to download the updates manually from the Microsoft Update Catalog website.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4512506 — 2019-08 Security Monthly Quality Rollup for Windows 7
  • KB4512486 — 2019-08 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4512488 — 2019-08 Security Monthly Quality Rollup for Windows 8.1
  • KB4512489 — 2019-08 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

  • KB4512501 — 2019-08 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4511553 — 2019-08 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4512508 — 2019-08 Cumulative Update for Windows 10 Version 1903

Additional resources

Ghacks needs you. You can find out how to support us here (https://www.ghacks.net/support/) or support the site directly by becoming a Patreon (https://www.patreon.com/ghacks/). Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates August 2019 overview appeared first on gHacks Technology News.

Microsoft Windows Security Updates July 2019 overview

Microsoft released security updates and non-security updates for Microsoft Windows (client and server) and other company products on the July 9, 2019 Patch Day.

Our overview provides system administrators, organizations, and home users with detailed information on released patches, known issues, and other relevant information.

The overview starts with an executive summary; it is followed by the operating system distribution, and the list of security updates for all versions of Windows.

The list of known issues, security advisories released by Microsoft, and download information follow.

Here is the link to the June 2019 Patch Day in case you missed it.

Microsoft Windows Security Updates July 2019

Here is an Excel spreadsheet listing security updates that Microsoft released for its products in July 2019. You can download the archive with a click on the following link:
Microsoft Windows Security Updates July 2019 Overview

Executive Summary

  • Microsoft released security updates for all client and server versions of the Windows operating system.
  • All versions of Windows are affected by (at least) 1 critical security issue.
  • Security updates were also released for other company products such as Internet Explorer, Microsoft Edge, Microsoft Office, Azure DevOps, .NET Framework, Azure, SQL Server, ASP.NET, Visual Studio, and Microsoft Exchange Server
  • The Microsoft Update Catalog lists 212 entries.

Operating System Distribution

  • Windows 7: 21 vulnerabilities: 1 rated critical and 20 rated important
  • Windows 8.1: 19 vulnerabilities: 1 rated critical and 18 rated important
  • Windows 10 version 1703: 24 vulnerabilities: 1 critical and 23 important
  • Windows 10 version 1709: 36 vulnerabilities: 1 critical and 35 important
  • Windows 10 version 1803: 37 vulnerabilities: 1 critical and 36 important
  • Windows 10 version 1809: 36 vulnerabilities: 1 critical and 35 important
  • Windows 10 version 1903: 36 vulnerabilities: 1 critical and 35 important.

Windows Server products

  • Windows Server 2008 R2: 21 vulnerabilities: 1 critical and 20 important.
  • Windows Server 2012 R2: 22 vulnerabilities: 2 critical and 20 important.
    • CVE-2019-0785 | Windows DHCP Server Remote Code Execution Vulnerability
    • CVE-2019-1102 | GDI+ Remote Code Execution Vulnerability
  • Windows Server 2016: 27 vulnerabilities: 2 critical and 25 important
    • CVE-2019-0785 | Windows DHCP Server Remote Code Execution Vulnerability
    • CVE-2019-1102 | GDI+ Remote Code Execution Vulnerability
  • Windows Server 2019: 40 vulnerabilities: 2 critical and 38 are important.
    • CVE-2019-0785 | Windows DHCP Server Remote Code Execution Vulnerability
    • CVE-2019-1102 | GDI+ Remote Code Execution Vulnerability

Other Microsoft Products

  • Internet Explorer 11: 6 vulnerabilities: 6 critical
    • CVE-2019-1001 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1004 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1056 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1059 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1063 | Internet Explorer Memory Corruption Vulnerability
    • CVE-2019-1104 | Microsoft Browser Memory Corruption Vulnerability
  • Microsoft Edge: 7 vulnerabilities: 7 critical
    • CVE-2019-1001 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1062 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1092 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1103 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1104 | Microsoft Browser Memory Corruption Vulnerability
    • CVE-2019-1106 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1107 | Chakra Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 Service Pack 1 and Windows Server 2008 R2

KB4507449 — Monthly Rollup

  • Same as KB4507456.

KB4507456 — Security-only Update

  • Security updates to Windows Server, Microsoft Graphics Component, Windows Storage and Filesystems, Windows Shell, Windows Input and Composition, and Windows Kernel.

Windows 8.1 and Windows Server 2012 R2

KB4507448 — Monthly Rollup

  • Fixed a Bitlocker issue that caused Bitlocker to go into recovery mode.
  • Same as KB4507457.

KB4507457 — Security-only Update

  • Security updates to Windows Wireless Networking, Windows Server, Windows Storage and Filesystems, Microsoft Graphics Component, Windows Input and Composition, Windows Kernel, and Windows App Platform and Frameworks

Windows 10 version 1803

KB4507435

  • Fixed a Bitlocker issue that caused the encryption software to go into recover mode.
  • Security updates to Windows Wireless Networking, Windows Server, Microsoft Scripting Engine, Windows Storage and Filesystems, Microsoft Graphics Component, Windows Kernel, Internet Explorer, Windows Input and Composition, Windows Virtualization, Windows App Platform and Frameworks, Microsoft Edge, Windows Cryptography, and Windows Fundamentals.

Windows 10 version 1809 and Windows Server 2019

KB4507469

  • Fixed a Bitlocker issue that caused the encryption software to go into recover mode.
  • Fixed an issue that caused the camera to become unresponsive.
  • Security updates to Windows Server, Microsoft Scripting Engine, Microsoft Graphics Component, Internet Explorer, Windows Input and Composition, Windows Virtualization, Windows App Platform and Frameworks, Windows Kernel, Microsoft Edge, Windows Cryptography, and Windows Fundamentals.

Windows 10 version 1903

KB4507453

Other security updates

Known Issues

Windows 7 Service Pack 1 and Windows Server 2008 R2

  • Issue with McAfee Enterprise software that causes slow startup or the system to become unresponsive.

Windows 8.1 and Windows Server 2012 R2

  • Still the long standing issue with Cluster Shared Volumes that throws the error “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.
  • Issue with McAfee Enterprise software that causes slow startup or the system to become unresponsive.
  • Windows-Eyes screen reader may may throw errors on launch or during use, and some features may not work properly.

Windows 10 version 1803

  • Still the long standing issue with Cluster Shared Volumes that throws the error “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.
  • Black screen during first logon after installing updates.
  • Issue with Window-Eyes screen reader app that may not work correctly.

Windows 10 version 1809 and Server 2019

  • Long standing issue with Cluster Shared Volumes.
  • Error “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND” on devices with “some Asian language packs installed”.
  • Black screen during first logon after installing updates.
  • Issue with Window-Eyes screen reader app that may not work correctly.

Windows 10 version 1903

  • Windows Sandbox may fail to start.
  • The Remote Access Connection Manager (RASMAN) service may stop working and you may receive the error “0xc0000005” on devices where the diagnostic data level is manually configured to the non-default setting of 0.

Security advisories and updates

ADV190015 | June 2019 Adobe Flash Security Update

ADV190020 | Linux Kernel TCP SACK Denial of Service Vulnerability

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB4501375 –Windows 10 version 1903 and Windows Server version 1903

KB4509479 — Windows 10 version 1809 and Windows Server 2019

  • Fixed a Storage Area Network (SAN) connection issue.

KB4501371 –Windows 10 version 1809 and Windows Server 2019

KB4509478 — Windows 10 version 1803

  • Same as KB4509479 for Windows 10 version 1809.

KB4503288 — Windows 10 version 1803

KB4509477 — Windows 10 version 1709

  • Same as KB4509479 for Windows 10 version 1809.

KB4503281 — Windows 10 version 1709

Microsoft Office Updates

You find Office update information here.

How to download and install the July 2019 security updates

microsoft windows security updates july 2019

The July 2019 security updates are distributed through Windows Update, WSUS, and other means. Most client-based Windows systems are configured to check for updates automatically.

Windows administrators who don’t want to wait may run manual checks for updates. It is generally not recommended as bugs may be discovered after the general availability. Backups are recommended if the installation of updates can’t be delayed.

Do the following to run a manual check for updates:

  1. Tap on the Windows-key, type Windows Update, and select the result.
  2. A click on “check for updates” runs a manual check. Updates may be installed automatically or on user request depending on system settings.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4507449 — 2019-07 Security Monthly Quality Rollup for Windows 7
  • KB4507456 — 2019-07 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4507448 — 2019-07 Security Monthly Quality Rollup for Windows 8.1
  • KB4507457 — 2019-07 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

  • KB4507435 — 2019-07 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4507469 — 2019-07 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4501375 — 2019-07 Cumulative Update for Windows 10 Version 1903

Additional resources

Ghacks needs you. You can find out how to support us here (https://www.ghacks.net/support/) or support the site directly by becoming a Patreon (https://www.patreon.com/ghacks)). Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates July 2019 overview appeared first on gHacks Technology News.

Microsoft may close accounts after two-years of inactivity, unless..

Microsoft started to send out emails to all Microsoft Account users recently in which it informed its customers about upcoming services agreement changes.

The changes are listed on a special page on the Microsoft website and there is an option to read the entire upcoming services agreement as well. The change takes effect on August 30, 2019.

One of the major changes affects Microsoft Accounts; more precisely, the period of inactivity that may lead to the automatic closure of the account.  Microsoft clarified the account activity policy under KB4511051.

Tip: To protect a Microsoft Account better, enable two-factor authentication or set up a security key for the Microsoft Account.

microsoft account policy

Generally speaking, Microsoft customers need to sign-in to the account at least once every two years to keep it active. Microsoft considers accounts inactive if no sign-in happened in a two year period.

Microsoft reduced the inactivity period from five years to two years in the new services agreement.  Some services, OneDrive and Outlook.com, require once-a-year sign-ins to avoid the inactivity flag and potential termination of the account.

Certain activities may override the two-year limit and the resulting closure of the account:

  • If a purchase has been made that is linked to the account. This does not apply to gift cards, certifications, or subscription-based purchases or services.
  • Accounts with active subscriptions won’t be closed during the subscription period.
  • Developers who published to the Microsoft Store won’t have their accounts closed. The same goes for accounts used to register for a Microsoft Partner Center account.
  • Customers who earned a certification that is linked to the Microsoft Account won’t have the account closed due to inactivity.
  • If the account balance is not Zero, the account will remain active.
  • If Microsoft owes money to an account, that account remains active as well.
  • If the Microsoft Account has “granted consent for an active Microsoft account belonging to a minor”, Microsoft won’t close the account due to inactivity. The account will be closed if the minor’s account is deemed inactivity and closed by Microsoft, is closed by the account owner, or transitioned into a standard Microsoft account.
  • Legal requirements or as otherwise provided by Microsoft.

Microsoft notes that customers may always check the activity status of the account on the Microsoft account management website. I could not find the option there and since you need to sign-in before you can look up the information, you are more or less guaranteed a 2-year extension since doing so counts as a sign-in that resets the inactivity period.

Microsoft accounts are used for a variety of purposes. Windows 10 (digital) licenses may be linked to the accounts.

Now You: Do you use a Microsoft Account?

Ghacks needs you. You can find out how to support us here (https://www.ghacks.net/support/) or support the site directly by becoming a Patreon (https://www.patreon.com/ghacks)). Thank you for being a Ghacks reader. The post Microsoft may close accounts after two-years of inactivity, unless.. appeared first on gHacks Technology News.

Microsoft launches Hub for all Insider Programs

Microsoft’s Insider program is a success and it should not come as a surprise that the company launched Insider programs for many of its core products in recent years.

It all began with the introduction of the Windows 10 Insider Program. Organizations, administrators, and interested users could join the program to test pre-release versions of the operating system.

Microsoft killed two birds with one stone with the introduction; it opened up development to the public, at least to a degree, and got its hands on data provided by Insider PCs to detect certain issues prior to release.

Participants were encouraged to provide feedback and suggestions. The effect of feedback on development is debatable. Critics argue that Microsoft is not listening enough to the provided feedback, Microsoft argues that it values feedback and used it in the past to improve or change functionality.

Microsoft launched Insider programs for other company products. Microsoft Office, the search engine Bing, the new Microsoft Edge browser that is based on Chromium, the communication software Skype, the development environment Visual Studio Code, and Xbox support the Insider program.

The new Insider Programs hub provides a list of these programs.

microsoft insider programs

The Hub lists the available Insider Programs on a single page. Each program is listed with a short description and a link to the actual homepage of the Insider Program.

A click on the learn more link under Office Insider opens the official Office Insider Program homepage.

Closing Words

The new hub offers little in terms of functionality. It offers an overview of available Insider Programs, and that may be reason enough to bookmark the page. Microsoft will add new programs to the page when they are launched so that it is easy enough to keep an overview of new programs.

Insiders share Telemetry with Microsoft, something that home users and organizations need to be aware of. It is highly suggested not to join Insider Programs on production machines as software released should be considered in development.

Now You: Have you joined an Insider Program?

Ghacks needs you. You can find out how to support us here (https://www.ghacks.net/support/) or support the site directly by becoming a Patreon (https://www.patreon.com/ghacks)). Thank you for being a Ghacks reader. The post Microsoft launches Hub for all Insider Programs appeared first on gHacks Technology News.

Microsoft Windows Security Updates June 2019 overview

Microsoft released security updates for all supported versions of the Microsoft Windows operating system on the June 11, 2019 Patch Day.

Our overview of the June 2019 Patch Tuesday provides with you information about security and non-security updates that Microsoft released on this day.

The overview includes an executive summary, statistics, links to all updates, the list of known issues sorted by operating system, download links, and more.

Microsoft released the May 2019 Update for Windows 10 recently but it is available to users who seek for updates manually only at the time and only if the system is compatible.

You can check out the May 2019 Update overview here in case you missed it.

Microsoft Windows Security Updates June 2019

The following Excel spreadsheet lists security update information for June 2019. Click on the following link to download it to your system:
Microsoft Windows Security Updates June 2019 Overview

Executive Summary

  • Microsoft released security updates for all supported versions of the Windows operating system in June 2019.
  • All client and server versions have critically rated vulnerabilities patched.
  • Microsoft released security updates for other products such as Internet Explorer, Microsoft Edge, Microsoft Office, Azure, Microsoft Exchange Server, and Skype.

Operating System Distribution

  • Windows 7: 42 vulnerabilities of which 3 are rated critical and 39 are rated important
    • CVE-2019-0722 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0888 | ActiveX Data Objects (ADO) Remote Code Execution Vulnerability
    • CVE-2019-0985 | Microsoft Speech API Remote Code Execution Vulnerability
  • Windows 8.1: 35 vulnerabilities of which 3 are rated critical and 32 are rated important
    • same as 1903
  • Windows 10 version 1703:  41 vulnerabilities of which 4 is critical and 37 are important
    • same as 1709
  • Windows 10 version 1709: 43 vulnerabilities of which 4 is critical and 39 are important
    • CVE-2019-0709 | Windows Hyper-V Remote Code Execution Vulnerability
    • same as 1903
  • Windows 10 version 1803: 45 vulnerabilities of which 3 are critical and 43 are important
    • same as 1903
  • Windows 10 version 1809: 47 vulnerabilities of which 3 are critical and 44 are important
    • same as 1903
  • Windows 10 version 1903: 42 vulnerabilities of which 3 are critical and 39 are important.
    • CVE-2019-0620 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0722 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0888 | ActiveX Data Objects (ADO) Remote Code Execution Vulnerability

Windows Server products

  • Windows Server 2008 R2: 42 vulnerabilities: 3 are critical and 39 are important.
    • CVE-2019-0722 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0888 | ActiveX Data Objects (ADO) Remote Code Execution Vulnerability
    • CVE-2019-0985 | Microsoft Speech API Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 34 vulnerabilities: 3 are critical and 31 are important.
    • Same as Server 2019
  • Windows Server 2016: 39 vulnerabilities: 4 are critical and 35 are important
    • CVE-2019-0709 | Windows Hyper-V Remote Code Execution Vulnerability
    • Same as Server 2019
  • Windows Server 2019: 47 vulnerabilities: 3 are critical and 44 are important.
    • CVE-2019-0620 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0722 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0888 | ActiveX Data Objects (ADO) Remote Code Execution Vulnerability

Other Microsoft Products

  • Internet Explorer 11: 7 vulnerability, 5 critical, 2 important
    • CVE-2019-1080 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1055 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1038 | Microsoft Browser Memory Corruption Vulnerability
    • CVE-2019-0988 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0920 | Scripting Engine Memory Corruption Vulnerability
  • Microsoft Edge: 14 vulnerabilities, 12 critical, 2 important
    • CVE-2019-0989 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0990 | Scripting Engine Information Disclosure Vulnerability
    • CVE-2019-0991 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0992 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0993 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1002 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1003 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1023 | Scripting Engine Information Disclosure Vulnerability
    • CVE-2019-1024 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1038 | Microsoft Browser Memory Corruption Vulnerability
    • CVE-2019-1051 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1052 | Chakra Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Server 2008 R2

KB4503292 — Monthly Rollup

  • Fixed a HTTP and HTTPS string character limit issue in Internet Explorer.
  • Security updates

KB4503269 — Security-only Update

  • Security updates only

Windows 8.1 and Server 2012 R2

KB4503276 — Monthly Rollup

  • Patched a security vulnerability by “intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections”.
  • Fixed the Preboot Execution Environment known issue.
  • Fixed a HTTP and HTTPS string character limit issue in Internet Explorer.
  • Security updates.

KB4503290 — Security-only Rollup

  • Same as KB4503276 with the exception of the IE string character limit issue.

Windows 10 version Windows 10 version 1709

KB4503284

  • Fixed Bluetooth vulnerability.
  • Fixed an IE11 issue that could prevent IE from opening if no or a malformed search provider was set as the default.
  • security updates

Windows 10 version 1803

  • Fixed the Preboot Execution Environment issue.
  • Same as 1709

Windows 10 version 1809

  • Fixed a Windows Mixed Reality keyboard rendering issue.
  • Fixed a Bluetooth vulnerability.
  • Fixed the Preboot environment issue.
  • Updated Broadcom Wi-Fi firmware to Microsoft HoloLens.
  • Fixed the IE11 default search provider issue.
  • Security updates

Windows 10 version 1903

  • Fixed Bluetooth vulnerability.
  • Security updates.

Other security updates

KB4503259 — Cumulative security update for Internet Explorer: June 11, 2019

KB4474419 — SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: March 12, 2019

KB4503285 — Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4503287 — Security Only Quality Update for Windows Server 2008

KB4503308 — Security update for Adobe Flash Player

KB4503267 — Cumulative Update for Windows 10 Version 1607 and Windows Server Version 1607

KB4503291 — Cumulative Update for Windows 10 Version 1507

KB4503537 — Servicing Stack Update for Windows 10 Version 1607, and Windows Server 2016

KB4504369 — Servicing Stack Update for Windows 10 Version 1809, and Windows Server 2019

Known Issues

Windows 7 SP1 and Server 2008 R2

  1. Issue with McAfee Enterprise products that may cause the system to have slow startups or become unresponsive.
  2. Internet Explorer 11 may stop working when “loading or interacting with Power BI reports”.
    • Workaround: republish with Markers turned off.

Windows 8.1 and Server 2012 R2

  1. Same as Windows 7 SP1 and Server 2008 R2
  2. Certain operations on Cluster Shared Volumes still fail. Workaround is still valid.

Windows 10 version 1709, 1803

  1. Certain operations on Cluster Shared Volumes still fail. Workaround is still valid.

Windows 10 version 1809

  1. Certain operations on Cluster Shared Volumes still fail. Workaround is still valid.
  2. A printing issue in Microsoft Edge and other UWP apps that throws “Your printer has experienced an unexpected configuration problem. 0x80070007e.” errors.
    • Workaround: use another browser to print.
  3. Error “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND”after installing KB4493509 on devices with certain Asian languages.

Windows 10 version 1903

  1. Windows Sandbox may fail to start with ERROR_FILE_NOT_FOUND (0x80070002)

Security advisories and updates

ADV190015 | June 2019 Adobe Flash Security Update

ADV190016 | Bluetooth Low Energy Advisory

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB4497935 for Windows 10 version 1903 and Windows Server 1903

KB4497934 for Windows 10 version 1809 and Windows Server 2019

KB4505056 for Windows 10 version 1809 and Windows Server 2019

KB4499183 for Windows 10 version 1803

KB4505064 for Windows 10 version 1803

KB4499147 for Windows 10 version 1709

KB4505062 for Windows 10 version 1709

KB4499162 for Windows 10 version 1703

KB4505055 for Windows 10 version 1703

KB4499177 for Windows 10 version 1607 and Windows Server 2016

KB4505052 for Windows 10 version 1607 and Windows Server 2016

KB4503539 — Dynamic Update for Windows 10 Version 1803

KB4494454 — Update for Windows 10

KB4501226 — Update for POSReady 2009

KB890830 — Windows Malicious Software Removal Tool – June 2019

Microsoft Office Updates

You find Office update information here.

How to download and install the June 2019 security updates

windows security updates june 2019

All Windows client systems are configured to download and install security updates automatically shortly after release. It is possible to run manual checks for updates to install these as early as possible.

We suggest that backups are created before any updates are installed as updates may introduce issues of their own or in worst case, break the system.

You can run a manual check for updates in the following way:

  1. Tap on the Windows-key, type Windows Update, and select the result.
  2. A click on “check for updates” runs a manual check. Updates may be installed automatically or on user request depending on system settings.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4503292 — 2019-06 Security Monthly Quality Rollup for Windows 7
  • KB4503269 — 2019-06 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4503276 — 2019-06 Security Monthly Quality Rollup for Windows 8.1
  • KB4503290 — 2019-06 Security Only Quality Update for Windows 8.1

Windows 10 (version 1709)

  •  KB4503279 — 2019-06 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4503286 — 2019-06 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  •  KB4503327 — 2019-06 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4503293 — 2019-06 Cumulative Update for Windows 10 Version 1809

Additional resources

Ghacks needs you. You can find out how to support us here (https://www.ghacks.net/support/) or support the site directly by becoming a Patreon (https://www.patreon.com/ghacks)). Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates June 2019 overview appeared first on gHacks Technology News.

Microsoft Windows Security Updates May 2019 overview

Welcome to the Microsoft Patch Day overview for May 2019. Microsoft released security updates and non-security updates for all supported versions of the Windows operating system — client and server — and other Microsoft products such as Microsoft Office on May 14, 2019.

Our overview provides you with information and resource links; we cover all major update releases for all Microsoft platforms, provide an overview of critical updates (which you may want to address quickly), operating system distribution statistics, and download instructions.

Microsoft plans to release the May 2019 Update for Windows 10 at the end of the month; check out this guide if you plan to update to the new feature update for Windows 10. If you take the disastrous Windows 10 version 1809 release into account, it is probably better to wait several months before you  consider installing the update on production machines.

Note that there are some upgrade blocks in place currently that prevent the installation of the new update.

Microsoft Windows Security Updates May 2019

Download the following Excel spreadsheet (zipped) that lists the released security updates and information:
security-updates-windows-microsoft-may-2019.zip

Executive Summary

  • Microsoft released security updates for all supported versions of Windows.
  • All versions of Windows are affected by CVE-2019-0903,  a GDI+ Remote Code Execution Vulnerability critical vulnerability.
  • Windows 7 is the only client system affected by another critical vulnerability CVE-2019-0708 , Remote Desktop Services Remote Code Execution Vulnerability
  • Microsoft released a security update for Windows XP (KB4500331)
  • All server versions affected by CVE-2019-0725 | Windows DHCP Server Remote Code Execution Vulnerability.
  • Server 2008 R2 only version affected by CVE-2019-0708 Remote Desktop Services Remote Code Execution Vulnerability.
  • Other Microsoft products with security update releases: IE, Edge, Team Foundation Server, SQL Server, Azure, Skype for Android, Office, Visual Studio, Azure DevOps Server, .Net Framework and Core, ASP.NET Core, ChakraCore, NuGet.
  • The Update Catalog lists 243 updates.

Operating System Distribution

  • Windows 7: 23 vulnerabilities of which 2 are rated critical and 21 are rated important
    • CVE-2019-0903 | GDI+ Remote Code Execution Vulnerability
    • CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability
  • Windows 8.1: 23 vulnerabilities of which 1 is rated critical and 22 are rated important
  • Windows 10 version 1703:  28 vulnerabilities of which 1 is critical and 27 are important
  • Windows 10 version 1709: 29 vulnerabilities of which 1 is critical and 28 are important
  • Windows 10 version 1803: 29 vulnerabilities of which 1 is critical and 28 are important
  • Windows 10 version 1809: 29 vulnerabilities of which 1 is critical and 28 are important

Windows Server products

  • Windows Server 2008 R2: 24 vulnerabilities of which 3 are critical and 21 are important.
    • CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability
    • CVE-2019-0725 | Windows DHCP Server Remote Code Execution Vulnerability
    • CVE-2019-0903 | GDI+ Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 24 vulnerabilities of which 2 are critical and 22 are important.
    • CVE-2019-0725 | Windows DHCP Server Remote Code Execution Vulnerability
    • CVE-2019-0903 | GDI+ Remote Code Execution Vulnerability
  • Windows Server 2016: 28 vulnerabilities of which 2 are critical and 26 are important
    • CVE-2019-0725 | Windows DHCP Server Remote Code Execution Vulnerability
    • CVE-2019-0903 | GDI+ Remote Code Execution Vulnerability
  • Windows Server 2019: 30 vulnerabilities of which 2 are critical and 28 are important.
    • CVE-2019-0725 | Windows DHCP Server Remote Code Execution Vulnerability
    • CVE-2019-0903 | GDI+ Remote Code Execution Vulnerability

Other Microsoft Products

  • Internet Explorer 11: 8 vulnerability, 5 critical, 4 important
    • CVE-2019-0884 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0911 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0918 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0929 | Internet Explorer Memory Corruption Vulnerability
    • CVE-2019-0940 | Microsoft Browser Memory Corruption Vulnerability
  • Microsoft Edge: 14 vulnerabilities, 11 critical, 3 important
    • CVE-2019-0915 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0916 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0917 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0922 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0924 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0925 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0926 | Microsoft Edge Memory Corruption Vulnerability
    • CVE-2019-0927 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0933 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0937 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0940 | Microsoft Browser Memory Corruption Vulnerability

Windows Security Updates

Windows 7 Service Pack 1

KB4499175 — Security-only update

  • Protections against a new subclass of speculative execution side-channel vulnerabilities (Microarchitectural Data Sampling)
  • Addresses an issue that may prevent applications that rely on unconstrained delegation from authenticating after the Kerberos ticket-granting ticket (TGT) expires (the default is 10 hours).
  • Security updates

KB4499164 — Monthly Rollup

  • Same as security-only update, and
  • Fixed Excel display issue.
  • Fixed Microsoft Visual Studio Simulator startup issue.

Windows 8.1

KB4499165 — Security-only Update

  • Protections against a new subclass of speculative execution side-channel vulnerabilities (Microarchitectural Data Sampling)
  • Security updates

KB4499151 — Monthly Rollup

  • Same as Security-only update, and
  • Fixed “Error 1309” issue with msi and msp files.
  • Fixed Microsoft Visual Studio Simulator startup issue.
  • Added uk.gov into HTTP Strict Transport Security Top Level Domains (HSTS TLD) for Internet Explorer and Microsoft Edge.
  • Fixed display issue in Excel.

Windows 10 version 1703

KB4499181

  • Same as Windows 10 version 1809 with the exception of Retpoline, Simple Network Management Protocol Management Information Base registration, and the zone transfer issue.

Windows 10 version 1709

KB4499179

  • Same as Windows 10 version 1809 with the exception of Retpoline and Simple Network Management Protocol Management Information Base registration

Windows 10 version 1803

KB4499167

  • Same as Windows 10 version 1809 with the exception of Retpoline and Simple Network Management Protocol Management Information Base registration

Windows 10 version 1809

KB4494441

  • Retpoline is enabled by default if protections against Spectre Variant 2 are enabled.
  • Protections against a new subclass of speculative execution side-channel vulnerabilities (Microarchitectural Data Sampling)
  • uk.gov added into the HTTP Strict Transport Security Top Level Domains for IE and Edge.
  • Fixed the cause of Error 1309 when installing or removing certain msi or msp files on a virtual drive.
  • Fixed an issue that prevented Microsoft Visual Studio Simulator from starting.
  • Fixed an issue that could cause zone transfers between primary and secondary DNS servers over TCP to fail.
  • Fixed an issue that could cause Simple Network Management Protocol Management Information Base registration to fail.
  • Fixed a font issue in Microsoft Excel that could make text, layout, or cell sizes narrower or wider.
  • Security updates.

Other security updates

KB4498206 — Cumulative security update for Internet Explorer: May 14, 2019

KB4474419 — SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: March 12, 2019

KB4495582 — 2019-05 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4495584 — 2019-05 Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4495585 — 2019-05 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4495586 — 2019-05 Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4495587 — 2019-05 Security Only Update for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4495588 — 2019-05 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4495589 — 2019-05 Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4495591 — 2019-05 Security Only Update for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4495592 — 2019-05 Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4495593 — 2019-05 Security Only Update for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4495594 — 2019-05 Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4495596 — 2019-05 Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4495602 — 2019-05 Security and Quality Rollup for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4495604 — 2019-05 Security and Quality Rollup for .NET Framework 2.0, 3.0 for Windows Server 2008

KB4495606 — 2019-05 Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4495607 — 2019-05 Security Only Update for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4495608 — 2019-05 Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4495609 — 2019-05 Security Only Update for .NET Framework 2.0 on Windows Server 2008

KB4495612 — 2019-05 Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4495615 — 2019-05 Security Only Update for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4495622 — 2019-05 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4495623 — 2019-05 Security Only Update for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4495624 — 2019-05 Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2

KB4495625 — 2019-05 Security Only Update for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2

KB4495626 — 2019-05 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4495627 — 2019-05 Security Only Update for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4497932 — Adobe Flash Player Security Update

KB4498961 — 2019-05 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4498962 — 2019-05 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4498963 — 2019-05 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2

KB4498964 — 2019-05 Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4499149 — 2019-05 Security Monthly Quality Rollup for Windows Server 2008

KB4499158 — 2019-05 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4499171 — 2019-05 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4499180 — 2019-05 Security Only Quality Update for Windows Server 2008

KB4499406 — 2019-05 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4499407 — 2019-05 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4499408 — 2019-05 Security and Quality Rollup for .NET Framework 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4499409 — 2019-05 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4500331 — Security Update for Windows Server 2003, Windows XP Embedded, and Windows XP

KB4494440 — 2019-05 Cumulative Update for Windows 10 Version 1607

KB4495590 — Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10

KB4495610 — 2019-05 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607, and Windows Server 2016

KB4495611 — 2019-05 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703

KB4495613 — 2019-05 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1709

KB4495616 — 2019-05 Cumulative Update for .NET Framework 4.8 on Windows 10 Version 1803, and Windows Server 2016

KB4495618 — 2019-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1809

KB4495620 — 2019-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 version 1903, and Windows Server 1903

KB4497398 — 2019-05 Servicing Stack Update for Windows 10 Version 1803, and Windows Server 2016

KB4498353 — 2019-05 Servicing Stack Update for Windows 10

KB4498947 — 2019-05 Servicing Stack Update for Windows 10 Version 1607, and Windows Server 2016

KB4499154 — 2019-05 Cumulative Update for Windows 10

KB4499167 — 2019-05 Dynamic Cumulative Update for Windows 10 Version 1809, and Windows Server 2016

KB4499405 — 2019-05 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809, and Windows Server 2019

KB4499728 — 2019-05 Servicing Stack Update for Windows 10 Version 1809, and Windows Server 2019

KB4500109 — 2019-05 Servicing Stack Update for Windows 10 Version 1903

KB4500640 — 2019-05 Servicing Stack Update for Windows 10 Version 1703

KB4500641 — 2019-05 Servicing Stack Update for Windows 10 Version 1709

Known Issues

See the linked KB articles for workarounds and additional information.

Windows 8.1 and Serve 2012 R2

  • First two issues of Windows 10 version 1809.
  • Monthly Rollup additionally: issue with Mcafee Endpoint Security software.

Windows 10 version 1703

  • Second issue of Windows 10 version 1809 only.

Windows 10 version 1709

  • Second issue of Windows 10 version 1809 only.

Windows 10 version 1803

  • First two issues of Windows 10 version 1809.

Windows 10 version 1809

  • Issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. Workaround available.
  • Error STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5) when performing certain operations on files or files that are on a Cluster Shared Volume. Workaround available.
  • Printing issue with error “Your printer has experienced an unexpected configuration problem. 0x80070007e” in Edge and UWP apps. Workaround available.
  • Error “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND” after installing KB4493509 with certain Asian language packs installed. Workaround available.

Security advisories and updates

ADV190012 | May 2019 Adobe Flash Security Update

ADV190013 | Microsoft Guidance to mitigate Microarchitectural Data Sampling vulnerabilities

ADV190014 | Listed but error page

Windows client guidance for IT Pros to protect against speculative execution side-channel vulnerabilities

Windows Server guidance to protect against speculative execution side-channel vulnerabilities

Non-security related updates

KB4494174 — 2019-05 Update for Windows 10 Version 1809 (Intel microcode updates)

KB4494175 –2019-05 Update for Windows 10 Version 1607 (Intel microcode updates)

KB4494451 — 2019-05 Update for Windows 10 Version 1803 (Intel microcode updates)

KB4494452 — 2019-05 Update for Windows 10 Version 1709 (Intel microcode updates)

KB4494453 — 2019-05 Update for Windows 10 Version 1703 (Intel microcode updates)

KB4494454 — 2019-05 Update for Windows 10 Version 1507 (Intel microcode updates)

KB4497165 — 2019-05 Update for Windows 10 Version 1903 (Intel microcode updates)

KB4498946 — 2019-05 Dynamic Update for Windows 10 Version 1709 (Intel microcode updates)

KB890830 — Windows Malicious Software Removal Tool – May 2019

Microsoft Office Updates

You find Office update information here.

How to download and install the May 2019 security updates

windows may 2019 microsoft security updates

Home users may use Windows Update to download and install the updates, or install updates manually by downloading them directly from Microsoft.

It is not recommended to select the “check for updates” option manually on Windows PCs as you may install preview updates or feature updates when you use the option.

If you still want to do so, make sure you create a backup of important data — better the entire system partition — before you install updates.

  1. Open the Start Menu.
  2. Type Windows Update.
  3. Click on the “check for updates” button to run a manual check.

Third-party tools like Windows Update Manager, Windows Update MiniTool or Sledgehammer may be useful as well as you get more control over the update processes.

Direct update downloads

Most Windows devices are updated automatically either through Windows Update or other update management systems. Some users and organizations prefer to install updates manually. All cumulative updates can be downloaded from the Microsoft Update Catalog website. Below are links to all cumulative updates.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4499164 — 2019-05 Security Monthly Quality Rollup for Windows 7
  • KB4499175 — 2019-05 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4499151 — 2019-05 Security Monthly Quality Rollup for Windows 8.1
  • KB4499165 — 2019-05 Security Only Quality Update for Windows 8.1

Windows 10 (version 1703)

  • KB4499181 — 2019-05 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  • KB4499179 — 2019-05 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4499167 — 2019-05 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4494441 — 2019-05 Cumulative Update for Windows 10 Version 1809

Additional resources

Ghacks needs you. You can find out how to support us here (https://www.ghacks.net/support/) or support the site directly by becoming a Patreon (https://www.patreon.com/ghacks)). Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates May 2019 overview appeared first on gHacks Technology News.