Microsoft Windows Security Updates December 2019 overview

Welcome to the overview of the last Patch Tuesday of 2019. Microsoft released security and non-security updates for all supported products on December 11, 2019.

Our monthly series provides system administrators and interested users with information about the updates that Microsoft released in the month that is covered. It includes statistics, links to security and non-security updates, as well as download links, and links to resources and other official pages.

Click here to access the November 2019 Microsoft Patch Day overview.

Microsoft Windows Security Updates December 2019

microsoft windows security updates december 2019

You may download the following (zipped) Excel spreadsheet that contains a list of released updates in December 2019: microsoft-windows-security-updates-december-2019

Executive Summary

  • This is the last Patch Tuesday of 2019.
  • Microsoft released security updates for all versions of Windows as well as other company products such as Microsoft Office, SQL Server, Visual Studio, and Skype for Business.
  • Windows 10 version 1903 and 1909 share the same security KBs.
  • Microsoft’s Windows 7 operating system won’t receive updates anymore after the January 2020 Patch Day (Small Businesses and Enterprises may buy extensions) Microsoft plans to display a full-screen notification on January 15, 2020 on Starter, Home Basic, Home Premium, Professional (without ESU) and Ultimate editions of Windows 7.

Operating System Distribution

  • Windows 7: 14 vulnerabilities: 1 rated critical and 13 rated important
    • CVE-2019-1468 | Win32k Graphics Remote Code Execution Vulnerability
  • Windows 8.1: 11 vulnerabilities: 1 rated critical and 10 rated important
    • CVE-2019-1468 | Win32k Graphics Remote Code Execution Vulnerability
  • Windows 10 version 1803: 14 vulnerabilities: 2 critical and 12 important
    • CVE-2019-1468 | Win32k Graphics Remote Code Execution Vulnerability
    • CVE-2019-1471 | Windows Hyper-V Remote Code Execution Vulnerability
  • Windows 10 version 1809: 15 vulnerabilities: 2 critical and 13  important
    • Same as Windows 10 version 1803
  • Windows 10 version 1903: 14 vulnerabilities: 2 critical and 12 important
  • Windows 10 version 1909: same as Windows 10 version 1903

Windows Server products

  • Windows Server 2008 R2: 12 vulnerabilities: 1 critical and 11 important.
    • CVE-2019-1468 | Win32k Graphics Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 11 vulnerabilities: 1 critical and 10 important.
    • Same as Windows Server 2008 R2
  • Windows Server 2016: 13 vulnerabilities: 1 critical and 12 important.
    • Same as Windows Server 2008 R2
  • Windows Server 2019: 15 vulnerabilities: 22 critical and 13 are important
    • CVE-2019-1468 | Win32k Graphics Remote Code Execution Vulnerability
    • CVE-2019-1471 | Windows Hyper-V Remote Code Execution Vulnerability

Other Microsoft Products

  • Internet Explorer 11: 1 vulnerability: 1 important
  • Microsoft Edge: none?
  • Microsoft Edge on Chromium: none?

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

  • Monthly Rollup: KB4530734
  • Security-only Update: KB4530692 — The security-only update is only available through the Microsoft Update Catalog website and WSUS.

Changes:

  • Security updates to Windows Input and Composition, Windows Virtualization, Windows Kernel, Windows Peripherals, the Microsoft Scripting Engine, and Windows Server.

Windows 8.1 and Server 2012 R2

Changes:

Security updates to Windows Virtualization, Windows Kernel, Windows Peripherals, the Microsoft Scripting Engine, and Windows Server.

Windows 10 version 1803

Changes:

  • Fixes an issue that prevented Microsoft Store from opening on Windows on Arm.
  • Security updates to Windows Virtualization, Windows Kernel, Windows Peripherals, the Microsoft Scripting Engine, and Windows Server

Windows 10 version 1809

Changes:

  • Fixed a diagnostic data processing issue for devices on which the setting was set to Basic.
  • Same as Windows 10 version 1803.

Windows 10 version 1903

Changes:

  • Fixed an issue that could cause error 0x3B in cldflt.sys on some devices.
  • Fixed an issue that could prevent the creation of local user accounts when IME is used.
  • Security updates to Windows Virtualization, Windows Kernel, the Microsoft Scripting Engine, and Windows Server.

Windows 10 version 1909

Changes:

  • Same as Windows 10 version 1903

Other security updates

KB4530677 — 2019-12 Cumulative Security Update for Internet Explorer

KB4530691 — 2019-12 Security Monthly Quality Rollup for Windows Embedded 8 Standard, and Windows Server 2012

KB4530695 — 2019-12 Security Monthly Quality Rollup for Windows Server 2008

KB4530698 — 2019-12 Security Only Quality Update for Windows Embedded 8 Standard, and Windows Server 2012

KB4530719 — 2019-12 Security Only Quality Update for Windows Server 2008

KB4530681 — 2019-12 Cumulative Update for Windows 10 Version 1507

KB4530689 — 2019-12 Cumulative Update for Windows 10 Version 1607

KB4530711 — 2019-12 Cumulative Update for Windows 10 Version 1703

KB4530714 — 2019-12 Cumulative Update for Windows 10 Version 1709

KB4531787 — 2019-12 Servicing Stack Update for Windows Server 2008

KB4532920 — 2019-12 Servicing Stack Update for Windows Embedded 8 Standard, and Windows Server 2012

Known Issues

Windows 7 SP1 and Server 2008 R2:

Microsoft does not list any known issues on the KB support article but the release notes state that there is an (unnamed) issue.

Windows 8.1 and Server 2012 R2:

  • Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail

Windows 10 version 1803:

  • Same as Windows 8.1 and Server 2012 R2.
  • Problem creating local user accounts during the Out of Box Experienced when using Input Method Editor (IME).

Windows 10 version 1809:

  • Same as Windows 10 version 1803
  • Devices with “some” Asian language packs may throw error 0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.

Security advisories and updates

ADV990001 | Latest Servicing Stack Updates

ADV190026 | Microsoft Guidance for cleaning up orphaned keys generated on vulnerable TPMs and used for Windows Hello for Business

Non-security related updates

KB4532997 — 2019-12 Cumulative Update for .NET Framework 4.8 Windows 10 Version 1607, and Windows Server 2016

KB4532998 — 2019-12 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703

KB4532999 — 2019-12 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1709

KB4533000 –2019-12 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1903,and Windows Server 2016

KB4533001 — 2019-12 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1809, and Windows Server 2019

KB4533002 — 2019-12 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 1909 and Windows 10 Version 1909

KB4533013 — 2019-12 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809, and Windows Server 2019

KB4533094 — 2019-12 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809, and Windows Server 2019

KB4533003 — 2019-12 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8 Standard, and Windows Server 2012

KB4533004 — 2019-12 Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1, and Windows Server 2012 R2

KB4533005 — 2019-12 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4533010 — 2019-12 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard, and Windows Server 2012

KB4533011 — 2019-12 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 , and Windows Server 2012 R2

KB4533012 — 2019-12 Security and Quality Rollup for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4533095 — 2019-12 Security and Quality Rollup for .NET Framework 3.5.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4533096 — 2019-12 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard, and Windows Server 2012

KB4533097 — 2019-12 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4533098 — 2019-12 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

KB890830 — Windows Malicious Software Removal Tool – December 2019

Microsoft Office Updates

You find Office update information here.

How to download and install the December 2019 security updates

Security updates are downloaded and installed automatically on most (Home) Windows systems. Windows runs checks for updates regularly to download and install security updates released by Microsoft.

Windows administrators may run manual checks for updates to speed up the process or download patches from the Microsoft Update Catalog website.

Note: we recommend that backups are created before updates are installed.

Do this to run a manual check for updates:

  1. Open the Start Menu of the Windows operating system, type Windows Update and select the result.
  2. Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4530734 — 2019-12 Security Monthly Quality Rollup for Windows 7
  • KB4530692 — 2019-12 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4530702 — 2019-12 Security Monthly Quality Rollup for Windows 8.1
  • KB4530730 — 2019-12 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

  • KB4530717 — 2019-12 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1809)

  • KB4530715  — 2019-12 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4530684 — 2019-12 Cumulative Update for Windows 10 Version 1903

Windows 10 (version 1909)

  • KB4530684 — 2019-12 Cumulative Update for Windows 10 Version 1909

Additional resources

Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates December 2019 overview appeared first on gHacks Technology News.

Fido is a PowerShell Script which you can used to download Windows ISO images

There are a lot of ways to get the official Windows 10 ISO images. Windows users may download the Media Creation Tool from Microsoft to download an ISO image of the current version of Windows 10.

When it comes to third-party solutions, Adguard is popular as it provides direct links to Microsoft servers to download ISO files from the company.

Today, we’ll be looking at a different way to get Windows 10 ISO images. Say hello to Fido, not the mobile carrier or the 7-Up guy, but an open-source tool from the creator of Rufus.

Fido is a PowerShell Script which you can used to download Windows ISO images

Calling it a tool is a bit odd, because it’s actually a PowerShell Script. Fido is included in Rufus, and is the tool that the USB Image creator uses to download Windows ISO images straight from the official servers.

Some users may run into issues when trying to use Rufus to download ISO images from Microsoft; one common error is that the download option becomes only available if update checks are enabled. Fido is also available as a standalone download.

How to download and use Fido

Head over to the GitHub main page (see the summary box below the article), right-click on the “Fido.ps1” file and select “save link as” to download your ready-to-use copy of the script.

OR

You can left-click on the said script to open it in your browser and copy its contents in Notepad and save it as a .PS1 script manually.

Note: You can also get it from the latest Source code zip archive from the releases page but you don’t need the extra files to run the script.

Now that you have the script, don’t double-click on it, because it will open the script in Notepad. Instead, right-click on it and select “Run with PowerShell”; or, open a PowerShell window and run it the old-fashioned way if you prefer to do it that way.

Fido PowerShell Script download Windows ISO images

When you execute the script, you will see a “Please Wait…” window at first. The window closes automatically after a few seconds and a new pop-up window, the  Fido – Retail Windows ISO Downloader, opens.

You have two options here: download Windows 8.1 or Windows 10. Choose the one you wish to download and hit Continue. Another couple of seconds later the tool will offer you various versions of Windows to choose from. Say, you want to get Windows 10 19H2 Build 18364.418 – 2019.11 (very catchy names Microsoft), select it and click on Continue.

Next, Fido will ask you to select the Edition you wish to download. The options differ depending on the version that you select. If you take the example, you get to choose between Windows 10 Home, Pro, or Education. Next up, you will have to pick the desired language and afterwards the architecture (x64 for 64-bit or x86 for 32-bit).

Hit that download button; it should open a new tab in your browser and the download of the ISO image should start. If you have a download manager, it should catch the URL automatically (XDM did it for me). The entire ISO selection process takes about 10 seconds or less once you are accustomed to it.

Note: The script closes the PowerShell Window, but you can of course get the URL from the opened browser tab. Windows 10 LTSB/LTSC ISOs are not supported by Fido.

Now You: How do you download Windows ISO images?

Fido

For Windows

Thank you for being a Ghacks reader. The post Fido is a PowerShell Script which you can used to download Windows ISO images appeared first on gHacks Technology News.

Microsoft retires Cortana support on iOS and Android

Remember Cortana? The digital assistant that Microsoft integrated into the company’s Windows 10 operating system? Microsoft went all in on the digital assistant when it first launched Windows 10 and even made Cortana something that users could not remove anymore when it launched the Anniversary Update for the operating system.

Cortana was released for iOS and Android, and also integrated into the Microsoft Launcher application. The digital assistant was never released for previous versions of Windows, however.

Reports started to appear in early 2019 that Microsoft planned to change how Cortana was used fundamentally.

cortana

A new Microsoft support article confirms that Microsoft will retire Cortana support on iOS and Android, and also in the Microsoft Launcher application.

To make your personal digital assistant as helpful as possible, we’re integrating Cortana into your Microsoft 365 productivity apps. As part of this evolution, on January 31st, 2020, we’re ending support for the Cortana app on Android and iOS in your market.

Microsoft won’t support the Cortana mobile application after January 31, 2020 anymore and Microsoft Launcher won’t support Cortana anymore as well after that day.

The company notes that users may still access reminders and lists through Cortana on Windows, and that reminders, lists and tasks are synced automatically to the Microsoft To Do application which is available for mobile devices.

At that point, the Cortana content you created–such as reminders and lists–will no longer function in the Cortana mobile app or Microsoft Launcher, but can still be accessed through Cortana on Windows. Also, Cortana reminders, lists, and tasks are automatically synced to the Microsoft To Do app, which you can download to your phone for free.

Microsoft plans to replace the integrated Cortana with a Cortana application on Windows 10 devices in the future.

Cortana will be integrated into Microsoft 365 productivity apps according to Microsoft. The move limits access to Cortana as Microsoft 365 is only available to Enterprise and small business customers at the time of writing.

Closing words

The retiring of the mobile Cortana applications and the removal of Cortana from Microsoft Launcher looks like an admission of defeat. The move is not the end of Cortana as Microsoft plans to establish it as an Enterprise/Business solution. For consumers, Cortana will play less and less of a role though in the future.

Have you used Cortana or another digital assistant in the past?

Now Read: Why I won’t be using digital voice assistants anytime soon. (via Deskmodder)

Thank you for being a Ghacks reader. The post Microsoft retires Cortana support on iOS and Android appeared first on gHacks Technology News.

Microsoft Windows Security Updates November 2019 overview

It is the second Tuesday of November 2019 and that means that it is Microsoft Patch Day. Microsoft released security and non-security updates for its Windows operating system and other company products.

Our overview provides you with information on these updates: it starts with an executive summary and information about the number of released updates for all supported client and server versions of Windows as well as the Microsoft Edge (classic) and Internet Explorer web browsers.

What follows is information about the updates, all with links to support articles on Microsoft’s website, the list of known issues, direct download links to cumulative updates for Windows, and additional update related information.

Click here to open the October 2019 Patch Day overview.

Microsoft Windows Security Updates October 2019

Download the following Excel spreadsheet to your local system; it lists security updates that Microsoft released in November 2019: November 2019 Security Updates

Executive Summary

feature update windows 10 1909

  • Microsoft released security updates for all supported client and server versions of the Microsoft Windows operating system.
  • The following Microsoft products have received security updates as well: Internet Explorer, Microsoft Edge, Microsoft Office, Secure Boot, Microsoft Exchange Server, Visual Studio, Azure Stack.
  • The Windows 10 version 1909 features are included in the Windows 10 version 1903 update but not activated until “they are turned on using an enablement package, which is a small, quick-to-install “master switch” that simply activates the Windows 10, version 1909 features.” Microsoft released a blog post that details how to get the update. (basically, install regular 1903 update, then check for updates again and the 1909 update should be offered)
  • Windows 10 Home, Pro, Pro for Workstations and IoT Core, version 1803 have reached end of servicing. These editions won’t receive security updates or other updates after November 12, 2019.

Operating System Distribution

  • Windows 7: 35 vulnerabilities: 4 rated critical and 31 rated important
    • CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
    • CVE-2019-1441 | Win32k Graphics Remote Code Execution Vulnerability
  • Windows 8.1: 37 vulnerabilities: 3 rated critical and 34 rated important
    • Same as Windows 7 except for CVE-2019-1441 (not affected)
  • Windows 10 version 1803: 46 vulnerabilities: 5 critical and 41 important
    • CVE-2019-0721 | Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1398 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
  • Windows 10 version 1809: 46 vulnerabilities: 4 critical and 42  important
    • Same as Windows 10 version 1803 except for CVE-2019-1389 (not affected)
  • Windows 10 version 1903: 46 vulnerabilities: 2 critical and 28 important
    • Same as Windows 10 version 1809 plus
    • CVE-2019-1430 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Windows Server products

  • Windows Server 2008 R2: 35 vulnerabilities: 4 critical and 31 important.
    • CVE-2019-1441 | Win32k Graphics Remote Code Execution Vulnerability
    • CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
    • CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 37 vulnerabilities: 3 critical and 34 important.
    • same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected)
  • Windows Server 2016: 38 vulnerabilities: 2 critical and 20 important.
    • same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected)
  • Windows Server 2019: 46 vulnerabilities: 2 critical and 29 are important
    • same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected) plus
    • CVE-2019-0721 | Hyper-V Remote Code Execution Vulnerability

Other Microsoft Products

  • Internet Explorer 11: 2 vulnerabilities: 2 critical
  • Microsoft Edge: 4 vulnerabilities: 4 critical
    • CVE-2019-1413 | Microsoft Edge Security Feature Bypass Vulnerability
    • CVE-2019-1426 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1427 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1428 | Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

The security-only update resolves the following issues/makes the following changes:

  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates for various operating system components.

The monthly rollup update includes all of the updates of the security-only update plus:

  • Fixes an issue that prevented certain 16-bit Visual Basic 3 applications or other VB3 applications from running.
  • Fixes a temporary user profile issue when the policy “Delete cached copies of roaming profiles” is set.

Windows 8.1 and Server 2012 R2

The security-only update resolves the following issues/makes the following changes:

  • Same as Windows 7 SP1 and Windows Server 2008 R2.

The monthly rollup update includes all of the updates of the security-only update plus:

  • Same as Windows 7 SP1 and Windows Server 2008 R2 plus
  • Fixes an issue that prevented multiple Bluetooth Basic Rate devices from functioning properly after installing the August 2019 updates.
  • Fixes an issue that caused error 0x7E when connecting Bluetooth devices after installing the June 2019 updates.

Windows 10 version 1803

The cumulative update fixes the following issues / makes the following changes:

  • Fixes an issue that caused Windows Defender Application Control Code Integrity events to become unreadable.
  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates

Windows 10 version 1809

The cumulative update fixes the following issues / makes the following changes:

  • Fixes an issue that could cause the Microsoft Defender Advanced Threat Protection service to stop running or stop sending report data.
  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates

Windows 10 version 1903

The cumulative update lists changes for Windows 10 version 1903 and 1909. It appears that Microsoft included the changes of 1909 in the cumulative update but has not activated them at the time of writing.

  • Fixes an issue in the Keyboard Lockdown Subsystem that might not filter key input correctly.
  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates

Other security updates

  • Internet Explorer Cumulative Update: KB4525106
  • 2019-11 Security Monthly Quality Rollup for Windows Server 2008 (KB4525234)
  • 2019-11 Security Only Quality Update for Windows Server 2008 (KB4525239)
  • 2019-11 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB4525246)
  • 2019-11 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB4525253)
  • 2019-11 Cumulative Update for Windows Server, version 1909 and Windows 10 Version 1909 (KB4524570)
  • 2019-11 Cumulative Update for Windows 10 Version 1507 (KB4525232)
  • 2019-11 Cumulative Update for Windows Server 2016, and Windows 10 Version 1607 (KB4525236)
  • 2019-11 Cumulative Update for Windows 10 Version 1709 (KB4525241)
  • 2019-11 Cumulative Update for Windows 10 Version 1703 (KB4525245)
  • 2019-11 Servicing Stack Update for Windows Server 2016, and Windows 10 Version 1607 (KB4520724)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1507 (KB4523200)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1703 (KB4523201)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1709 (KB4523202)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1803, and Windows Server 2016 (KB4523203)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1809, and Windows Server 2019 (KB4523204)
  • 2019-11 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB4523206)
  • 2019-11 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012 (KB4523208)
  • 2019-11 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB4524445)
  • 2019-11 Servicing Stack Update for Windows Server, version 1909 and Windows 10 Version 1909 (KB4524569)
  • 2019-11 Servicing Stack Update for Windows Server 2008 (KB4526478)

Known Issues

Windows 8.1 and Windows Server 2012 R2

  • Certain operations may fail on Cluster Shared Volumes with the error code “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”

Windows 10 version 1803

  • Certain operations may fail on Cluster Shared Volumes with the error code “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”
  • May be unable to create a new local user during the Out of Box Experience when using Input Method Editor (IME) — Microsoft recommends setting the keyboard language to English during user creation or to use a Microsoft Account to complete the setup.

Windows 10 version 1809

  • Same as Windows 10 version 1803 plus
  • May receive error “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND” with some Asian language packs installed.

Windows 10 version 1903

  • May be unable to create a new local user during the Out of Box Experience when using Input Method Editor (IME) — Microsoft recommends setting the keyboard language to English during user creation or to use a Microsoft Account to complete the setup.

Security advisories and updates

ADV190024 | Microsoft Guidance for Vulnerability in Trusted Platform Module (TPM)

Non-security related updates

  • 2019-11 Dynamic Update for Windows 10 Version 1809 (KB4524761)
  • 2019-11 Dynamic Update for Windows 10 Version 1903 (KB4525043)
  • Windows Malicious Software Removal Tool – November 2019 (KB890830)

Microsoft Office Updates

You find Office update information here.

How to download and install the November 2019 security updates

windows updates security november 2019

Most home devices running Windows are configured to download and install security updates when they are released. Users who don’t want to wait for that to happen or have configured their systems to update manually only may run manual checks for updates or download the cumulative updates from Microsoft’s Update Catalog website.

The following needs to be done to check for updates manually:

  1. Open the Start Menu of the Windows operating system, type Windows Update and select the result.
  2. Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4525235 — 2019-11 Security Monthly Quality Rollup for Windows 7
  • KB4525233 — 2019-11 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4525243 — 2019-11 Security Monthly Quality Rollup for Windows 8.1
  • KB4525250 — 2019-11 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

  • KB4525237 — 2019-11 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4523205  — 2019-11 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4524570  — 2019-11 Cumulative Update for Windows 10 Version 1903

Additional resources

Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates November 2019 overview appeared first on gHacks Technology News.

Microsoft Windows Security Updates October 2019 overview

Microsoft released security and non-security updates for the Microsoft Windows operating system and other company products on October 8, 2019.

Our overview of the monthly release of patches provides administrators and home users with information.

The overview links to all released updates, provides information on fixes and known issues, links to support articles and download pages, and provides statistics about the released updates of the month.

You can check out the September 2019 overview here in case you missed it.

Microsoft Windows Security Updates October 2019

Here is a handy Excel spreadsheet that lists all released security updates for Microsoft products in October 2019. Please download it with a click on the following link: microsoft-windows-october-2019-update list

Executive Summary

  • Microsoft released security updates for all supported versions of Microsoft Windows.
  • Security updates were also released for the following company products: Internet Explorer, Microsoft Edge, Microsoft Office, SQL Server Management Studio, Microsoft Dynamics, Windows Update Assistant
  • The latest Servicing Stack Update and SHA-2 updates need to be installed before this month’s patches for Windows 7 and Windows Server 2008 R2 are installed.
  • Windows 10 version 1803 reaches end of servicing next month for Home and Pro editions.

Operating System Distribution

  • Windows 7: 20 vulnerabilities: 1 rated critical and 18 rated important
    • CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows 8.1: 20 vulnerabilities: 2 rated critical and 17 rated important and 1 moderate
    • CVE-2019-1060 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows 10 version 1803: 29 vulnerabilities: 2 critical and 26 important and 1 moderate
    • CVE-2019-1060 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows 10 version 1809: 32 vulnerabilities: 2 critical and 29  important and 1 moderate
    • Same as Windows 10 version 1803
  • Windows 10 version 1903: 31 vulnerabilities: 2 critical and 28 important and 1 moderate
    • Same as Windows 10 version 1803

Windows Server products

  • Windows Server 2008 R2: 20 vulnerabilities: 1 critical,18 important and 1 moderate.
    • CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 20 vulnerabilities: 2 critical, 17 important and 1 moderate
    • CVE-2019-1060 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows Server 2016: 23 vulnerabilities: 2 critical, 20 important and 1 moderate.
    • Same as Server 2012 R2.
  • Windows Server 2019: 32 vulnerabilities: 2 critical, 29 are important and 1 moderate.
    • Same as Server 2012 R2.

Other Microsoft Products

  • Internet Explorer 11: 6 vulnerabilities: 3 critical, 3 important
  • Microsoft Edge: 7 vulnerabilities: 4 critical, 3 important
    • CVE-2019-1307 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1308 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1335 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1366 | Chakra Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

Security only: KB4520003 

  • Fixed an issue with security bulletin CVE-2019-1318 that could cause clients or servers that don’t support Extended Master Secret RFC 7626 to have increased latency and CPU utilization.
  • Security updates

Monthly Rollup: KB4519976

  • Fixed an issue that could prevent the disabling of VBScript in IE by default.
  • Fixed a printing issue.
  • Security fixes.

Windows 8.1 and Server 2012 R2

Security-only: KB4519990

  • Security updates.

Monthly Rollup: KB4520005

  • Same as security-only.
  • Fixed an issue with applications and printer drivers that use Windows JavaScript engine for processing print jobs.

Windows 10 version 1803

Cumulative Update: KB4520008

  • Fixed a Keyboard Lockdown Subsystem issue that prevented the correct filtering of key input.
  • Fixed a Bluetooth hardening issue that could cause the error “0x133 DPC_WATCHDOG_VIOLATION”.
  • Fixed an issue with security bulletin CVE-2019-1318 that could cause clients or servers that don’t support Extended Master Secret RFC 7626 to have increased latency and CPU utilization.
  • Fixed a printing issue.
  • Security updates

Windows 10 version 1809 and Server 1809 and Windows Server 2019

Cumulative Update: KB4519338

  • Fixed a Keyboard Lockdown Subsystem issue that prevented the correct filtering of key input.
  • Fixed an issue with security bulletin CVE-2019-1318 that could cause clients or servers that don’t support Extended Master Secret RFC 7626 to have increased latency and CPU utilization.
  • Fixed a printing issue.
  • Security updates

Windows 10 version 1903 and Server 1903

Cumulative Update: KB4517389 

  • Fixed an issue with security bulletin CVE-2019-1318 that could cause clients or servers that don’t support Extended Master Secret RFC 7626 to have increased latency and CPU utilization.
  • Fixed a printing issue.
  • Security updates

Other security updates

KB4519974 — Cumulative security update for Internet Explorer: October 8, 2019

KB4520004 — 2019-10 Cumulative Update for Windows 10 Version 1709

KB4520010 — 2019-10 Cumulative Update for Windows 10 Version 1703

KB4520011 — 2019-10 Cumulative Update for Windows 10 Version 1507

KB4521856 — 2019-10 Servicing Stack Update for Windows 10 Version 1507

KB4521857 — 2019-10 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012

KB4521858 — 2019-10 Servicing Stack Update for Windows Server 2016 and Windows 10 Version 1607

KB4521859 — 2019-10 Servicing Stack Update for Windows 10 Version 1703

KB4521860 — 2019-10 Servicing Stack Update for Windows 10 Version 1709

KB4521861 — 2019-10 Servicing Stack Update for Windows 10 Version 1803 and Windows Server 2016

KB4521862 — 2019-10 Servicing Stack Update for Windows 10 Version 1809 and Windows Server 2019

KB4521863 — 2019-10 Servicing Stack Update for Windows Server 1909 and Windows 10 Version 1909

KB4521864 — 2019-10 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

Server products

KB4519985 — Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4520002 — 2019-10 Security Monthly Quality Rollup for Windows Server 2008

KB4520007  — 2019-10 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4520009 — 2019-10 Security Only Quality Update for Windows Server 2008

KB4519998 — 2019-10 Cumulative Update for Windows 10 Version 1607 and Windows Server 2016

Known Issues

Windows 8.1

  • Certain operations on Cluster Shared Volumes may fail.

Windows 10 version 1803

  • Same as Windows 8.1.
  • Black screen issue on first boot after the installation of updates.
  • Mixed Reality Portal error issue.

Windows 10 version 1809

  • Same as Windows 10 version 1809.
  • Issue on devices with certain Asian language packs installed.

Security advisories and updates

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB4524102 — 2019-10 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4524103 — 2019-10 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4524104 — 2019-10 Security and Quality Rollup for .NET Framework 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4524105 — 2019-10 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

KB4519335 — 2019-10 Dynamic Update for Windows 10 Version 1607

KB4519336 — 2019-10 Dynamic Update for Windows 10 Version 1703

KB4519337 — 2019-10 Dynamic Update for Windows 10 Version 1809

KB4519764 — 2019-10 Dynamic Update for Windows 10 Version 1709

KB4519765 — 2019-10 Dynamic Update for Windows 10 Version 1803

KB4524095 — 2019-10 Cumulative Update for .NET Framework 4.8 for Windows Server 1903, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows 10 Version 1803, Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524096 — 2019-10 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1903, Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524097 — 2019-10 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1903, Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524098 — 2019-10 Cumulative Update for .NET Framework 4.8 for Windows Server 1903, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows 10 Version 1803, Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524099 — 2019-10 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows Server 2019, Windows 10 Version 1903, Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524100 –2019-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 1903 and Windows 10 Version 1903

KB4524101 — 2019-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 1909 and Windows 10 Version 1909

KB890830 — Windows Malicious Software Removal Tool – October 2019

Microsoft Office Updates

You find Office update information here.

How to download and install the October 2019 security updates

windows security updates october 2019

Note: we suggest that you create a full system backup before applying any updates; Microsoft’s track record of releasing updates without known issues has not been the best lately and while most updates may install fine and without issues on most systems, a backup ensures that you can restore the previous version if you encounter any issues.

Windows Updates are pushed to home devices automatically. You can run a manual check for updates to speed up the process.

  1. Open the Start Menu of the Windows operating system, type Windows Update and select the result.
  2. Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Cumulative updates may also be downloaded from the Microsoft Update Catalog website to install them manually. Note that you need to make sure that a compatible Service Stack Update is installed on the device.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4519976 — 2019-10 Security Monthly Quality Rollup for Windows 7
  • KB4520003 — 2019-10 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4520005 — 2019-10 Security Monthly Quality Rollup for Windows 8.1
  • KB4519990 — 2019-10 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

  • KB4520008  — 2019-10 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4519338  — 2019-10 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4517389  — 2019-10 Cumulative Update for Windows 10 Version 1903

Additional resources

Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates October 2019 overview appeared first on gHacks Technology News.

Quick overview of the 2019 Microsoft Surface event

Microsoft revealed seven new products on today’s Surface event; five of which will come out this year, two next year. The coverage of the event is overwhelming and many sites post five, ten or even more articles that cover individual products or impressions.

This overview provides you with the most important information in a single, straightforward way.

Highlights:

  • Microsoft Surface Duo: Android-powered mobile device with two screens that can rotate 360 degrees.
  • Microsoft Surface Pro X: A new Surface device powered by a Qualcom/Microsoft processor called SQ1 and runs Windows on ARM.
  • Microsoft Surface Neo: A new Surface device featuring two 9 inch displays that rotate 360 degrees.

Let’s get started.

Surface Pro 7

A refresh of the Surface Pro lineup, now available in the seventh generation. Powered by Intel 10th generation processes the device will give customers several options when it comes to the components.

The base model starts with 4 Gigabytes of RAM, 128 Gigabytes of storage and a core i3 process; other models offer up to 16 Gigabytes of RAM, 1 Terabyte of storage and an Intel core i7 process.

Design has not changed all that much but the seventh generation of the Surface Pro has a USB-C port. There are some new color options and type covers and pens are sold individually as usually.

Availability: October 22 starting at $749.99

Surface Pro X

A new device in the surface family that is powered by a newly designed processor called Surface SQ1 that is been developed by Microsoft and Qualcomm. It runs Windows on ARM and Microsoft promises that it is good for up to 13 hours of battery life. The device supports fast charge and has built-in LTE support.

It features a 13-inch PixelSense (2880×1920) display and works like a two-in-one with a detachable keyboard.  The device weights about 1.7 pounds and Microsoft added several new features to the device. The Type Cover has been redesigned so that it may now be used to hold and charge the new Surface Slim Pen. Surface Pro X supports removable SSD storage (M.2).

Availability: starting November 5th, 2019 starting at $999. Preorders start today according to Microsoft.

Surface Laptop 3

The next iteration of Surface Laptop comes as a 13.5 inch and 15 inch model. The smaller model is powered by Intel 10th generation processes while the 15 inch model is powered by custom AMD Ryzen processors and not Intel chips.

The 13.5 inch PixelSense screen has a resolution of 2256 x 1504, the 15 inch screen a resolution of 2496 x 1664.

The devices features a removable hard drive, a 20% larger trackpad, 1,3mm key travel instead of 1.5mm in Surface Laptop 2 for “near-silent typing”, and an USB-C port. Microsoft promises up to 11.5 hours of battery life from all models and fast charging (80% in one hour).

Consumers get Windows 10 Home, commercial customers Windows 10 Pro on the devices.

Availability: October 22, starting at $999 and $1199 respectively.

The 2020 devices

surface duo neo

The devices are not finalized yet but Microsoft showcased prototypes of the devices. The company revealed little about hardware and made no mention of price at this point in time.

Surface Duo

Surface Duo probably the biggest announcement of the entire event. It is Microsoft’s re-entry in the mobile market and looks on first glance like a smaller copy of the Surface Neo.

It is a foldable device with two 5.6 inch displays that rotate 360 degrees and expand to a 8.3 inch tablet. The device is powered by a Snapdragon 855 process and runs Android.

The two displays unlock several new modes of operation, e.g. using one display as a keyboard or game controller, and it is possible to run apps side-by-side.

Availability: 2020

Surface Neo

The dual-screen Surface Neo may remind some of Microsoft’s Courier concept from 2008. The device is powered by a new version of Windows that Microsoft calls Windows 10X. It has two 9 inch displays that are can rotate 360 degrees just the devices of the surface Duo can. And just like the Android-powered device, the screens may be used in various modes to get the most out of the device.

Availability: 2020

Now You: what is your take on these devices?

Ghacks needs you. You can find out how to support us here (https://www.ghacks.net/support/) or support the site directly by becoming a Patreon (https://www.patreon.com/ghacks/). Thank you for being a Ghacks reader. The post Quick overview of the 2019 Microsoft Surface event appeared first on gHacks Technology News.

First look at OneDrive's Personal Vault feature

Microsoft revealed the new Personal Vault feature for its OneDrive storage solution in June 2019. The feature was made available to OneDrive users from Australia, New Zealand and Canada initially with the promise to roll out it to other regions in 2019.

Personal Vault adds storage space with an extra layer of security to OneDrive. Think of it as a safe inside OneDrive that requires an additional authentication step before its contents become accessible.

Personal Vault is added as a new icon on OneDrive. Microsoft notes that it is accessible on all OneDrive devices which means that you may use it on all of your devices that have OneDrive.

The first click displays information about the new feature.

onedrive personal vault

The Personal Vault is protected by two-step verification and it locks automatically after 20 minutes of inactivity.

You are asked to verify your identity when you click on the next button.

onedrive personal vault verify identity

A click on Verify prompts for a two-step verification code that you need to enter. OneDrive users who don’t have two-step verification enabled for the account need to set it up first to proceed.

The Personal Vault opens after successful verification; storage is empty on first start and Microsoft displays three helper widgets at the top that provide information, suggest file types that users may want to consider moving into the vault, and a move files action.

You may use the usual OneDrive controls to create, upload or move files.

Note: Non-Office 365 subscribers may store up to three files in the Personal Vault. There is no file limit for Office 365 subscribers. One option to go around the limit is to use archives instead of individual files. It is not super-practical on the other hand as you’d limit accessibility in doing so.

Select the “move files” option to move files or folders that are stored on OneDrive into the vault. You may also upload files from the local system or use the new file option to create blank files in the vault directly.

personal vault options

All files and folders that you put into the vault are accessible by your account. You can download them, rename them or open them just like any other file on OneDrive.

There is even a share option when you select files but when you activate it you are reminded that the items are private and cannot be shared because of that. Items that need to be shared need to be moved out of the vault first.

A click on the vault icon next to “Sort” displays options to open the Personal Vault settings and to lock the vault manually. Non-Office 365 subscribers see the file limit there as well but since it is three files, it is not really helpful as it is easy enough to count the files manually.

The vault settings display an option to disable the vault and to manage vault settings. Activation of the latter displays the account’s security settings and options to add or remove identifiers, e.g. email addresses or phone numbers.

A click on disable shuts down the vault and deletes all files and folders that it contained permanently. The files and folders are not moved but you get a prompt that reminds you that you will lose access to these if you proceed with the disabling.

Personal Vault appears as a shortcut in the file listing of the OneDrive folder when you have enabled synchronziation on the desktop; when you use mobile apps, you will see it in the folder listing.

Closing Words

There are not that many use cases for OneDrive’s Personal Vault feature especially if you have set up your Microsoft account to use two-factor authentication. One of the advantages is that Microsoft uses BitLocker to protect files synced to a PC running Windows 10. That’s good if the device is not fully encrypted as it protects access to these files.   The other advantage is that it puts another barrier in place for users with access to the PC.

The three file limit makes it unusable for most OneDrive users who are not subscribed to Office 365. It could be used to place an archive of important files inside OneDrive that you need to access rarely if at all, and it may be good if you have just one, two or three files that you want to protect better.

Now You: What is your take on the Personal Vault feature?

Ghacks needs you. You can find out how to support us here (https://www.ghacks.net/support/) or support the site directly by becoming a Patreon (https://www.patreon.com/ghacks/). Thank you for being a Ghacks reader. The post First look at OneDrive’s Personal Vault feature appeared first on gHacks Technology News.

Will Microsoft launch a consumer Microsoft 365 subscription product?

Microsoft has put a strong focus on subscriptions in the past couple of years. The company launched Office 365 for consumers, businesses and Enterprises, and Microsoft 365 for businesses and Enterprises.

The two subscription-based products provide customers with access to Office and online storage, and access to Windows and Office respectively. Extras may be available depending on the selected plans.

Microsoft uses various tactics to get customers to switch from a regular version of Office to the subscription-based Office 365.

When Microsoft launched Office 2019, a one-time payment version of Microsoft Office, it made the software Windows 10 exclusive and encouraged customers not to buy Office 2019. The company limits Office 2019 in several ways: Office 2019 won’t receive any feature updates, may only be installed on a single device, and the price of some editions was increased as well.

microsoft 365

Microsoft 365, a subscription-based product that combined Windows and Office in a single subscription has not been released in a consumer version up until now.  We wanted to know back in 2017 whether you’d pay for a subscription to get Office and Windows in return and most who replied stated that they would not while the decision of some would depend on the price of the subscription.

Microsoft has not announced a consumer version of Microsoft 365 yet but it is almost inevitable that the company will release a plan or even multiple plans for consumers in the near future.

Some Microsoft Office 365 customers noticed recently that the name of the product was changed from Office 365 to Microsoft 365.

Mary Jo Foley asked Microsoft about the change and the company responded that Microsoft did not have any plans to rebrand Office 365 to Microsoft 365 “at this point”. Microsoft did not reveal why some customers would see the rebranding happen on their end.

It is possible that the changes were caused by a bug. It seems unlikely that Microsoft would rebrand Office 365 to Microsoft 365 as these are two different products. The rebranding is certainly no confirmation that something is going on but it could very well mean that Microsoft will announce the first consumer subscription bundle during the Surface event in October or Ignite in November.

Closing Words

Microsoft 365 for consumers is the next logical step in Microsoft’s quest to turn all one-time payment products into subscription-based products. Consumers pay once for Windows currently and convincing them to switch to a subscription-model would certainly require incentives to make the subscription-based model look more attractive than the one-time payment model.

I think the question is not if but when Microsoft will unveil the consumer Microsoft 365 product.

Now You: How much would you pay for a Microsoft 365 subscription?

Ghacks needs you. You can find out how to support us here (https://www.ghacks.net/support/) or support the site directly by becoming a Patreon (https://www.patreon.com/ghacks/). Thank you for being a Ghacks reader. The post Will Microsoft launch a consumer Microsoft 365 subscription product? appeared first on gHacks Technology News.

Microsoft Windows Security Updates September 2019 overview

It is September 10, 2019 and Microsoft has just released security and non-security updates for its Microsoft Windows operating system and other company products.

Our overview of the September 2019 Patch Day provides system administrators and home users with information on the released updates. It features some stats at the beginning, provides links to all support articles and direct download options, lists known issues and security advisories, and provides other relevant information.

Check out the August 2019 update overview in case you missed it.

Microsoft Windows Security Updates September 2019

Here is a handy Excel spreadsheet that lists all released security updates for Microsoft products in September 2019. Please download it with a click on the following link:
Microsoft Windows Security Updates September 2019

Executive Summary

  • Microsoft released security updates for all client and server versions of the Windows operating system that it supports.
  • The following non-Windows products had security updates released as well: Internet Explorer, Microsoft Edge, Microsoft Office, Adobe Flash Player, Microsoft Lync, Visual Studio, .NET Framework, Microsoft Exchange Server, Microsoft Yammer, .NET Core, ASP.NET, Team Foundation Server, Project Rome.
  • Microsoft fixed the high CPU usage issue from SearchUI.exe in Windows 10 1903.
  • The Microsoft Update Catalog website lists 215 updates.

Operating System Distribution

  • Windows 7: 32 vulnerabilities: 4 rated critical and 28 rated important
    • CVE-2019-0787 | Remote Desktop Client Remote Code Execution Vulnerability
    • CVE-2019-1280 | LNK Remote Code Execution Vulnerability
    • CVE-2019-1290 | Remote Desktop Client Remote Code Execution Vulnerability
    • CVE-2019-1291 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows 8.1: 33 vulnerabilities: 5 rated critical and 28 rated important
    • same as Windows 7 plus
    • CVE-2019-0788 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows 10 version 1803: 46 vulnerabilities: 5 critical and 41 important
    • same as Windows 8.1
  • Windows 10 version 1809: 45 vulnerabilities: 5 critical and 40 important
    • same as Windows 8.1
  • Windows 10 version 1903: 45 vulnerabilities: 5 critical and 40 important.
    • same as Windows 8.1

Windows Server products

  • Windows Server 2008 R2: 31 vulnerabilities: 3 critical and 28 important.
    • CVE-2019-1280 | LNK Remote Code Execution Vulnerability
    • CVE-2019-1290 | Remote Desktop Client Remote Code Execution Vulnerability
    • CVE-2019-1291 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 31 vulnerabilities: 3 critical and 28 important.
    • same as Windows Server 2008 R2.
  • Windows Server 2016: 39 vulnerabilities: 3 critical and 36 important
    • same as Windows Server 2008 R2.
  • Windows Server 2019: 43 vulnerabilities: 3 critical and 40 are important.
    • same as Windows Server 2008 R2.

Other Microsoft Products

  • Internet Explorer 11: 4 vulnerabilities: 3 critical, 1 important
  • Microsoft Edge: 7 vulnerabilities: 5 critical, 2 important
    • CVE-2019-1138 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1217 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1237 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1298 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1300 | Chakra Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2 SP1

Monthly Rollup: KB4516065

Security Only: KB4516033

  • Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 32-Bit (x86) versions of Windows
  • Security Updates

Windows 8.1 and Windows Server 2012 R2

Monthly Rollup: KB4516067

Security Only: KB4516064

  • Same as Windows 7 and Server 2008 R2

Windows 10 version 1803

Cumulative Update: KB4516058

  • Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 32-Bit (x86) versions of Windows.
  • Security updates.

Windows 10 version 1809 and Windows Server 1809

Cumulative Update: KB4512578

  • Same as Windows 10 version 1803.

Windows 10 version 1903 and Windows Server version 1903

Cumulative update: KB4515384

  • Same as Windows version 1803 plus
  • Fixed the high CPU usage issue caused by SearchUI.exe.

Windows 10 version 1903 and Windows Server 1903

Other security updates

KB4516046 — Cumulative security update for Internet Explorer: September 10, 2019

KB4474419 — SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: August 13, 2019

KB4516655 — 2019-09 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB45171342019-09 Servicing Stack Update for Windows Server 2008

KB4512938 — 2019-09 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4512939 — 2019-09 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012

KB4511839 — 2019-09 Servicing Stack Update for Windows 10 Version 1703

KB4512573 — 2019-09 Servicing Stack Update for Windows 10 Version 1507

KB4512575 — 2019-09 Servicing Stack Update for Windows 10 Version 1709

KB4512576 — 2019-09 Servicing Stack Update for Windows Server Version 1803 and Windows 10 Version 1803

KB4512577 — 2019-09 Servicing Stack Update for Windows 10 Version 1809 and Windows Server 2019

KB4515383 — 2019-09 Servicing Stack Update for Windows 10 Version 1903

KB4512574 — 2019-09 Servicing Stack Update for Windows Server 1903 RTM, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows Server Version 1803, Windows 10 Version 1803, Windows Server 2016, Windows Server Version 1709, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10

Server / Embedded

KB4516026 — 2019-09 Security Monthly Quality Rollup for Windows Server 2008

KB4516051 — 2019-09 Security Only Quality Update for Windows Server 2008

KB4516055 –2019-09 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4516062 — 2019-09 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

Microsoft .NET

KB4514330 — Security Only Update for .NET Framework 4.8 for Windows Server 2012

KB4514331 — Security Only Update for .NET Framework 4.8 for Windows 8.1 and Server 2012 R2

KB4514337

KB4514338 — Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2

KB4514341 — Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Server 2012 R2

KB4514342 — Security Only Update for .NET Framework 4.5.2 for Windows Server 2012

KB4514349 — Security Only Update for .NET Framework 3.5 for Windows Server 2012

KB4514350 — Security Only Update for .NET Framework 3.5 for Windows 8.1 and Server 2012 R2

KB4514360 — Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012

KB4514361 — Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514363 — Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012

KB4514364 — Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514367 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514368 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows Server 2012

KB4514370 — Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012

KB4514371 — Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Server 2012 R2

KB4514598 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012

KB4514599 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Server 2012 R2

KB4514602 — Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Server 2008 R2 SP1

KB4514603 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012

KB4514604 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514605 — Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2

KB4514354 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607

KB4514355 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703

KB4514356 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1709

KB4514357 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803 and Windows Server 2016

KB4514358 — 2019-09 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1809

KB4514359 — 2019-09 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1903

KB4514366 — 2019-09 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809

KB4514601 — 2019-09 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809

Known Issues

Windows 7 SP1 and Windows Server 2008 R2 (monthly rollup only)

  • VBScript may not be disabled in Internet Explorer even though it should be

Windows 8.1 and Windows Server 2008 R2

  • Certain operations may fail on Cluster Shared Volumes

Windows 10 version 1803

  • Operations may fail on Cluster Shared Volumes.
  • Black screen during first logon after update installation issue

Windows 10 version 1809

  • Same as Windows 10 version 1803 plus
  • Error on some devices with certain Asian language packs installed: 0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.
  • Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries

Security advisories and updates

ADV990001 | Latest Servicing Stack Updates

ADV190022 | September 2019 Adobe Flash Security Update

Non-security related updates

Microsoft Office Updates

You find Office update information here.

How to download and install the September 2019 security updates

windows updates september 2019 microsoft

Most home systems receive updates automatically especially when they run Windows 10. Updates are not pushed in real-time to devices running Windows. Some administrators prefer to install security updates the moment they are released, others to wait to make sure that the updates don’t introduce any issues on the system.

Note: it is recommended that you back up the system partition before you install updates. Use programs like Paragon Backup & Recovery Free or Macrium Reflect for that.

Admins may check for updates manually to retrieve the released updates right away. Here is how that is done:

  • Open the Start Menu of the Windows operating system, type Windows Update and select the result.
  • Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Updates may also be downloaded from the Microsoft Update Catalog website.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4516065 — 2019-09 Security Monthly Quality Rollup for Windows 7
  • KB4516033 — 2019-09 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4516067 — 2019-09 Security Monthly Quality Rollup for Windows 8.1
  • KB4516064 — 2019-09 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

  • KB4516058 — 2019-09 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4512578  — 2019-09 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4515384  — 2019-09 Cumulative Update for Windows 10 Version 1903

Additional resources

Ghacks needs you. You can find out how to support us here (https://www.ghacks.net/support/) or support the site directly by becoming a Patreon (https://www.patreon.com/ghacks/). Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates September 2019 overview appeared first on gHacks Technology News.

How long will Microsoft continue to support desktop versions of Office?

The latest version of Microsoft Office for the desktop is Office 2019; the company released Office 2019 in September 2018 and made it a Windows 10 exclusive which means that it supports it only on devices running Windows 10 and latest Windows Server releases).

Four versions of Microsoft Office that are supported by Microsoft are currently available on Windows. These are Office 2010, Office 2013, Office 2016 and Office 2019.

Microsoft uses the terms mainstream support and extended support when it references the lifecycle of its products. The company uses the same terminology for its Windows operating system.

Mainstream support starts right after product release. It lasts five years, usually, and means that a product will receive security and non-security updates, and that product design and feature changes may be released.

Extended support starts right after mainstream support ends. A product won’t receive any new features or changes anymore, and updates will focus on fixing security issues and major stability issues only.

Office support end

The following table lists recent desktop Office products and end of mainstream and extended support for each of the products.

Mainstream Support Extended Support
Office 2010 no longer supported October 13, 2020
Office 2013 no longer supported April 11, 2023
Office 2016 October 13, 2020 October 14, 2025
Office 2019 October 10, 2023 October 14, 2025

As you can see, Office 2010 support ends next year; nine months after support for Windows 7 ends. 2020 will be a major year for many users and organizations as support for two core Microsoft products runs out.

The products won’t just stop working though but Microsoft won’t release security updates for them anymore. Microsoft did make a few exceptions in the past when it released security updates for products that it did not support anymore officially.

Support for the three remaining Office desktop products runs out in 2023 or 2025. Windows 8.1 support ends in 2023 and so does support for Office 2013. That leaves Office 2016 and 2019, and Windows 10 as the only desktop products provided that Microsoft does not release a new version of Windows (which it said it would not do claiming that Windows 10 was the last version).

What happens after October 2025? We don’t know. It is possible that Microsoft won’t release another desktop version of Office after Office 2019 to focus solely on the subscription-based service Office 365 instead.

Microsoft favors Office 365 openly over Office 2019; the company does not want customers to buy Office 2019 but subscribe to Office 365 instead.  Office 2019 won’t change over time; Microsoft won’t release new features or changes other than security and bug fix updates for the desktop version; Office 365 evolves continuously on the other hand.

Microsoft did not have to make the deliberate decision to ignore Office 2019 development after release (except for security and stability updates), but it has done so; this highlights the company’s focus clearly.

Microsoft renamed Office Online to Office recently as well.

As for Windows, the company launched the subscription service Microsoft 365 in 2017 for businesses which combined an Office 365 and Windows 10 license. Microsoft revealed in December 2018 that it would make the service available to consumers as well.

Third-party Office suites such as LibreOffice or FreeOffice remain available for Windows, and they might be the best option for Windows users and organizations who don’t want to subscribe to an Office plan.

Now You: What is your take on the development? What is going to happen in 2025?

Ghacks needs you. You can find out how to support us here (https://www.ghacks.net/support/) or support the site directly by becoming a Patreon (https://www.patreon.com/ghacks/). Thank you for being a Ghacks reader. The post How long will Microsoft continue to support desktop versions of Office? appeared first on gHacks Technology News.