Microsoft Windows Security Updates June 2019 overview

Microsoft released security updates for all supported versions of the Microsoft Windows operating system on the June 11, 2019 Patch Day.

Our overview of the June 2019 Patch Tuesday provides with you information about security and non-security updates that Microsoft released on this day.

The overview includes an executive summary, statistics, links to all updates, the list of known issues sorted by operating system, download links, and more.

Microsoft released the May 2019 Update for Windows 10 recently but it is available to users who seek for updates manually only at the time and only if the system is compatible.

You can check out the May 2019 Update overview here in case you missed it.

Microsoft Windows Security Updates June 2019

The following Excel spreadsheet lists security update information for June 2019. Click on the following link to download it to your system: Microsoft Windows Security Updates June 2019 Overview

Executive Summary

  • Microsoft released security updates for all supported versions of the Windows operating system in June 2019.
  • All client and server versions have critically rated vulnerabilities patched.
  • Microsoft released security updates for other products such as Internet Explorer, Microsoft Edge, Microsoft Office, Azure, Microsoft Exchange Server, and Skype.

Operating System Distribution

  • Windows 7: 42 vulnerabilities of which 3 are rated critical and 39 are rated important
    • CVE-2019-0722 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0888 | ActiveX Data Objects (ADO) Remote Code Execution Vulnerability
    • CVE-2019-0985 | Microsoft Speech API Remote Code Execution Vulnerability
  • Windows 8.1: 35 vulnerabilities of which 3 are rated critical and 32 are rated important
    • same as 1903
  • Windows 10 version 1703: 41 vulnerabilities of which 4 is critical and 37 are important
    • same as 1709
  • Windows 10 version 1709: 43 vulnerabilities of which 4 is critical and 39 are important
    • CVE-2019-0709 | Windows Hyper-V Remote Code Execution Vulnerability
    • same as 1903
  • Windows 10 version 1803: 45 vulnerabilities of which 3 are critical and 43 are important
    • same as 1903
  • Windows 10 version 1809: 47 vulnerabilities of which 3 are critical and 44 are important
    • same as 1903
  • Windows 10 version 1903: 42 vulnerabilities of which 3 are critical and 39 are important.
    • CVE-2019-0620 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0722 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0888 | ActiveX Data Objects (ADO) Remote Code Execution Vulnerability

Windows Server products

  • Windows Server 2008 R2: 42 vulnerabilities: 3 are critical and 39 are important.
    • CVE-2019-0722 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0888 | ActiveX Data Objects (ADO) Remote Code Execution Vulnerability
    • CVE-2019-0985 | Microsoft Speech API Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 34 vulnerabilities: 3 are critical and 31 are important.
    • Same as Server 2019
  • Windows Server 2016: 39 vulnerabilities: 4 are critical and 35 are important
    • CVE-2019-0709 | Windows Hyper-V Remote Code Execution Vulnerability
    • Same as Server 2019
  • Windows Server 2019: 47 vulnerabilities: 3 are critical and 44 are important.
    • CVE-2019-0620 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0722 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0888 | ActiveX Data Objects (ADO) Remote Code Execution Vulnerability

Other Microsoft Products

  • Internet Explorer 11: 7 vulnerability, 5 critical, 2 important
    • CVE-2019-1080 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1055 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1038 | Microsoft Browser Memory Corruption Vulnerability
    • CVE-2019-0988 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0920 | Scripting Engine Memory Corruption Vulnerability
  • Microsoft Edge: 14 vulnerabilities, 12 critical, 2 important
    • CVE-2019-0989 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0990 | Scripting Engine Information Disclosure Vulnerability
    • CVE-2019-0991 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0992 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0993 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1002 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1003 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1023 | Scripting Engine Information Disclosure Vulnerability
    • CVE-2019-1024 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1038 | Microsoft Browser Memory Corruption Vulnerability
    • CVE-2019-1051 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1052 | Chakra Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Server 2008 R2

KB4503292 — Monthly Rollup

  • Fixed a HTTP and HTTPS string character limit issue in Internet Explorer.
  • Security updates

KB4503269 — Security-only Update

  • Security updates only

Windows 8.1 and Server 2012 R2

KB4503276 — Monthly Rollup

  • Patched a security vulnerability by “intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections”.
  • Fixed the Preboot Execution Environment known issue.
  • Fixed a HTTP and HTTPS string character limit issue in Internet Explorer.
  • Security updates.

KB4503290 — Security-only Rollup

  • Same as KB4503276 with the exception of the IE string character limit issue.

Windows 10 version Windows 10 version 1709

KB4503284

  • Fixed Bluetooth vulnerability.
  • Fixed an IE11 issue that could prevent IE from opening if no or a malformed search provider was set as the default.
  • security updates

Windows 10 version 1803

  • Fixed the Preboot Execution Environment issue.
  • Same as 1709

Windows 10 version 1809

  • Fixed a Windows Mixed Reality keyboard rendering issue.
  • Fixed a Bluetooth vulnerability.
  • Fixed the Preboot environment issue.
  • Updated Broadcom Wi-Fi firmware to Microsoft HoloLens.
  • Fixed the IE11 default search provider issue.
  • Security updates

Windows 10 version 1903

  • Fixed Bluetooth vulnerability.
  • Security updates.

Other security updates

KB4503259 — Cumulative security update for Internet Explorer: June 11, 2019

KB4474419 — SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: March 12, 2019

KB4503285 — Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4503287 — Security Only Quality Update for Windows Server 2008

KB4503308 — Security update for Adobe Flash Player

KB4503267 — Cumulative Update for Windows 10 Version 1607 and Windows Server Version 1607

KB4503291 — Cumulative Update for Windows 10 Version 1507

KB4503537 — Servicing Stack Update for Windows 10 Version 1607, and Windows Server 2016

KB4504369 — Servicing Stack Update for Windows 10 Version 1809, and Windows Server 2019

Known Issues

Windows 7 SP1 and Server 2008 R2

  1. Issue with McAfee Enterprise products that may cause the system to have slow startups or become unresponsive.
  2. Internet Explorer 11 may stop working when “loading or interacting with Power BI reports”.
    • Workaround: republish with Markers turned off.

Windows 8.1 and Server 2012 R2

  1. Same as Windows 7 SP1 and Server 2008 R2
  2. Certain operations on Cluster Shared Volumes still fail. Workaround is still valid.

Windows 10 version 1709, 1803

  1. Certain operations on Cluster Shared Volumes still fail. Workaround is still valid.

Windows 10 version 1809

  1. Certain operations on Cluster Shared Volumes still fail. Workaround is still valid.
  2. A printing issue in Microsoft Edge and other UWP apps that throws “Your printer has experienced an unexpected configuration problem. 0x80070007e.” errors.
    • Workaround: use another browser to print.
  3. Error “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND”after installing KB4493509 on devices with certain Asian languages.

Windows 10 version 1903

  1. Windows Sandbox may fail to start with ERROR_FILE_NOT_FOUND (0x80070002)

Security advisories and updates

ADV190015 | June 2019 Adobe Flash Security Update

ADV190016 | Bluetooth Low Energy Advisory

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB4497935 for Windows 10 version 1903 and Windows Server 1903

KB4497934 for Windows 10 version 1809 and Windows Server 2019

KB4505056 for Windows 10 version 1809 and Windows Server 2019

KB4499183 for Windows 10 version 1803

KB4505064 for Windows 10 version 1803

KB4499147 for Windows 10 version 1709

KB4505062 for Windows 10 version 1709

KB4499162 for Windows 10 version 1703

KB4505055 for Windows 10 version 1703

KB4499177 for Windows 10 version 1607 and Windows Server 2016

KB4505052 for Windows 10 version 1607 and Windows Server 2016

KB4503539 — Dynamic Update for Windows 10 Version 1803

KB4494454 — Update for Windows 10

KB4501226 — Update for POSReady 2009

KB890830 — Windows Malicious Software Removal Tool – June 2019

Microsoft Office Updates

You find Office update information here.

How to download and install the June 2019 security updates

windows security updates june 2019

All Windows client systems are configured to download and install security updates automatically shortly after release. It is possible to run manual checks for updates to install these as early as possible.

We suggest that backups are created before any updates are installed as updates may introduce issues of their own or in worst case, break the system.

You can run a manual check for updates in the following way:

  1. Tap on the Windows-key, type Windows Update, and select the result.
  2. A click on “check for updates” runs a manual check. Updates may be installed automatically or on user request depending on system settings.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4503292 — 2019-06 Security Monthly Quality Rollup for Windows 7
  • KB4503269 — 2019-06 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4503276 — 2019-06 Security Monthly Quality Rollup for Windows 8.1
  • KB4503290 — 2019-06 Security Only Quality Update for Windows 8.1

Windows 10 (version 1709)

  • KB4503279 — 2019-06 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4503286 — 2019-06 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4503327 — 2019-06 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4503293 — 2019-06 Cumulative Update for Windows 10 Version 1903

Additional resources

Summary
Article Name
Microsoft Windows Security Updates June 2019 overview
Description
Detailed overview of the Microsoft June 2019 Patch Day covering Windows security and non-security updates, advisories, known issues, and more.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Ghacks Technology News
Advertisement

Related:

  • No Related Posts

May Patch Tuesday fixes zero-day, new Intel CPU bugs

Another day, another exploit comes to light

In other Microsoft security news, researchers from IT security company ESET on May 7 said they uncovered LightNeuron, a sophisticated backdoor and spying malware tailored for Exchange Server systems.

LightNeuron has two key ingredients: a transport agent for mail handling and a dynamic link library (DLL) that held the bulk of the malicious code. For any of this to work, it requires administrative access to the Exchange system.

Once the attacker registers and implements LightNeuron’s components, the malware takes control of the server to block, read and modify emails. ESET said the malware creates a command-and-control server and uses steganography to mask its commands inside JPG images and PDF documents in email attachments. ESET researchers believe LightNeuron’s targets and its characteristics indicate it is the handiwork of the notorious Turla hacking group.

Due to its advanced camouflage techniques, ESET researches said it’s possible LightNeuron has been in use since 2014. Moreover, eliminating the malware can result in disastrous consequences.

“Simply removing the two malicious files will break Microsoft Exchange, preventing everybody in the organization from sending and receiving emails,” according to an ESET whitepaper.

As of this article’s publication, Microsoft had no mitigation or patch. Microsoft’s Security Intelligence claims Windows Defender Antivirus can find and remove the threat, in a short advisory, but it’s not clear if this catches LightNeuron before installation or eliminates it after installation.

News of LightNeuron caught the attention of many administrators. Tony Redmond, a prominent Exchange expert and Microsoft MVP, sent out a tweet to suppress some of the hand-wringing related to the exploit, noting that IT pros who put more effort to lock down their systems should be less fretful.

“Lots of [fear, uncertainty and doubt] floating around about from recent reports of the ‘LightNeuron’ attack on Exchange. If attackers get inside your network and secure the admin [privileges] necessary to install transport agents, you’ve got bigger problems to worry about,” Redmond wrote.

LightNeuron’s exposure reinforces the message that once attackers get in a Windows system, they can burrow and remain undetected for quite some time and do significant damage.

IT pros must throw up as many obstacles as they can to prevent intrusions, such as two-factor authentication on dedicated Exchange administration accounts and tighter controls over PowerShell in the system, ESET said. Administrators should also adopt the habit to inspect the Exchange Server components, such as the transport agent, to verify they have the proper signatures.

Related:

  • No Related Posts

Researchers discover highly stealthy Microsoft Exchange backdoor

An extremely stealthy Microsoft Exchange backdoor can read, modify or block emails going through the compromised mail server and even compose and send new emails.

Microsoft Exchange backdoor

LightNeuron – as the backdoor has been dubbed by ESET researchers – is remotely controlled via emails using steganographic PDF and JPG attachments and is believed to have been used by the Turla cyber espionage group.

About LightNeuron

The LightNeuron backdoor is the first known instance of a backdoor employing a malicious Microsoft Exchange Transport Agent as a persistence mechanism.

“Microsoft Exchange allows extending its functionalities using Transport Agents that can process and modify all email messages going through the mail server. Transport Agents can be created by Microsoft, third-party vendors, or directly within an organization,” the researchers explained.

“The typical events handled by a Transport Agent occur when the mail server sends or receives an email. Before the event is actually executed, the Transport Agents are called and have the possibility to modify or block the email.”

They are usually used for legitimate purposes, but as we can see in this instance they can also be used for malicious ones.

Aside from the Transport Agent, which is dropped in the Exchange folder located in the Program Files folder and registered in the mail server’s configuration, the backdoor also uses a DLL file containing most of the malicious functions needed by the Transport Agent.

As mentioned before, the backdoor can block emails, modify their body, recipient and subject, created a new email, replace attachments, and re-create and re-send the email from the Exchange server to bypass the spam filter.

It can create email and attachment logs, encrypt emails and store then, and parse JPG/PDF attachments and decrypt and execute the commands found in them.

LightNeuron can also be instructed to write and execute files, delete and exfiltrate them, execute processes, disable itself, perform extensive logging (backdoor actions, debug, error, etc.) and perform automatic file exfiltration at a particular time of the day and night.

Microsoft Exchange backdoor

During their investigation, the researchers also noticed alongside LightNeuron the presence of tools like Remote Administration Software, RPC- based malware or .NET web shells targeting Outlook Web Access. By leveraging them, the attackers are able to control other machines on the local network using emails sent to the Exchange server.

Finally, judging by some strings decrypted from the malware samples, they believe its likely that a Linux variant of the malware exists and is used.

“That would not be surprising, given that many organizations have Linux mail servers,” they noted.

About Turla

Turla (aka Snake, aka Uroburos) is believed to be a Russian-speaking group of attackers that is likely state-sponsored. They’ve been active for more than a decade.

Their usual targets are government entities, diplomatic entities, military organizations and defense contractors, regional political organizations and research and education organizations around the world.

Even though LightNeuron dates back to at least 2014, it was discovered and analyzed by security researchers only now because of the previously unseen persistence mechanism, because it is hard to detect at the network level (no standard HTTP(S) communications), and because Turla deploys it only against its most important targets.

“This malware is not highly prevalent in the wild so it was able to stay under the radar for a long period of time,” ESET malware researcher Matthieu Faou told Help Net Security.

“We found LightNeuron while investigating machines already infected with known Turla malware. That’s how we were able to make the link between LightNeuron and Turla.”

The researchers pinpointed two targets hit with the backdoor: a Ministry of Foreign affairs in an Eastern European country and a regional diplomatic organization in the Middle East.

Removing the malware

ESET researchers have released IoCs for companies to check whether they’ve been with the malware, but warned against removing the two malicious files as the first order of business, as this will break Microsoft Exchange and prevent everybody in the organization from sending and receiving emails.

Administrators must first disable the malicious Transport Agents and then move to remove the two malicious files.

“If you do not plan to re-install the mail server, an important last step is to modify the passwords of all accounts that have administrative rights on the compromised server. Otherwise, attackers could access the server again to compromise it again,” they advised.

Related:

  • No Related Posts

Microsoft Windows Security Updates April 2019 overview

Microsoft released security updates for supported versions of Windows and other company today on the April 9, 2019 Patch Tuesday.

Updates are provided in various ways: via Windows Update, as direct downloads, and through Enterprise updating systems.

Our monthly overview of Microsoft’s Patch Day offers detailed information on updates, additional information that is relevant, and links to supported articles.

It starts with an executive summary, and is followed by the statistics, the list of released updates, known issues, and direct download links.

You can check out last month’s Patch Day in case you have missed it. As always, it is recommended that systems are backed up before new patches are installed. Note that some users had troubles installing the last cumulative update for Windows 10 version 1809; you can check a possible fix for System Service Exception blue screens here.

Attention: Reports of Windows 7 and 8.1, and Server 2008 R2 / 2012 R2 machines freezing after update installation. Is apparently related to Sophos products, only solution right now is to uninstall the update.

Microsoft Windows Security Updates April 2019

Download the following Excel spreadsheet listing security updates and related information for updates that Microsoft released in April 2019. Click on the following link to download the spreadsheet to your local system: microsoft-windows-security-updates-april-2019.zip

Executive Summary

  • Windows 10 version 1607 reached end of support for Enterprise and Education customers today.
  • Windows 10 version 1709 reached end of support for Home, Pro and Pro for Workstations today.
  • Microsoft released security updates for all client and server versions of Windows.
  • Other Microsoft software with security updates: Microsoft Edge, Internet Explorer, Microsoft Exchange Server, Team Foundation Server, Azure DevOps Server, Windows Admin Center, Microsoft Office
  • Microsoft fixed many long standing known issues.
  • The Update Catalog lists 133 updates.

Operating System Distribution

  • Windows 7: 29 vulnerabilities of which 6 are rated critical and 23 are rated important (links see W10 1809)
    • CVE-2019-0791 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0792 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0793 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0795 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0845 | Windows IOleCvt Interface Remote Code Execution Vulnerability
    • CVE-2019-0853 | GDI+ Remote Code Execution Vulnerability
  • Windows 8.1: 31 vulnerabilities of which 7 are rated critical and 24 are rated important (links see W10 1809)
    • CVE-2019-0790 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0791 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0792 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0793 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0795 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0845 | Windows IOleCvt Interface Remote Code Execution Vulnerability
    • CVE-2019-0853 | GDI+ Remote Code Execution Vulnerability
  • Windows 10 version 1607: 33 vulnerabilities of which 7 are critical and 26 are important
    • critical issues same as W10 1809 except for CVE-2019-0786 which is not listed.
  • Windows 10 version 1703: 35 vulnerabilities of which 7 are critical and 28 are important
    • critical issues same as W10 1809 except for CVE-2019-0786 which is not listed.
  • Windows 10 version 1709: 37 vulnerabilities of which 8 are critical and 29 are important
    • critical issues same as W10 1809
  • Windows 10 version 1803: 37 vulnerabilities of which 8 are critical and 29 are important
    • critical issues same as W10 1809
  • Windows 10 version 1809: 36 vulnerabilities of which 8 are critical and 28 are important

Windows Server products

  • Windows Server 2008 R2: 29 vulnerabilities of which 6 are critical and 23 are important.
    • same as Windows 7
  • Windows Server 2012 R2: 31 vulnerabilities of which 7 are critical and 24 are important.
    • critical issues same as W10 1809 except CVE-2019-0786 which is not listed.
  • Windows Server 2016: 33 vulnerabilities of which 7 are critical and 26 are important
    • critical issues same as W10 1809 except CVE-2019-0786 which is not listed.
  • Windows Server 2019: 36 vulnerabilities of which 8 are critical and 28 are important.
    • Critical issues same as W10 1809

Other Microsoft Products

  • Internet Explorer 11: 5 vulnerability, 1 critical, 4 important
  • Microsoft Edge: 9 vulnerabilities, 7 critical, 2 important

Windows Security Updates

Windows 7 Service Pack 1

Monthly rollups won’t include PciClearStaleCache.exe anymore starting with this update. Microsoft advises that administrators make sure that updates between April 20, 2018 and March 12, 2019 are installed prior to installing this update and future monthly rollup updates to make sure that the program is on the system.

The following symptoms may be experienced if the file is not available:

  • Existing NIC definitions in control panel networks may be replaced with a new Ethernet Network Interface Card (NIC) but with default settings. Any custom settings on the previously NIC persist in the registry but were unused.
  • Loss of static IP address settings.
  • Network Flyout does not display certain Wi-Fi profile settings.
  • Disabling of Wi-Fi network adapters.

KB4493472 — Monthly Rollup

  • Provides protections against Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754) for VIA-based computers.
  • Fixed an issue that caused the error “0x3B_c0000005_win32k!vSetPointer”.
  • Fixed the netdom.exe error “The command failed to complete successfully” appears.
  • Fixed the Custom URI Schemes issue.
  • Fixed the WININET.DLL issue.
  • Security updates

KB4493448 — Security only update

  • Same as monthly rollup except for error “0x3B_c0000005_win32k!vSetPointer” and Custom URI Schemes.

Windows 8.1

KB4493446 — Monthly Rollup

  • Provides protections against Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754) for VIA-based computers.
  • Fixes an issue with MSXML6 that could cause programs to stop responding.
  • Fixed an issue with the Group Policy Editor that caused it to stop responding when editing Group Policy Preferences for Internet Explorer 10 Internet settings.
  • Fixed an issue with Custom URI schemes for Application Protocol Handlers.
  • Fixed an authentication issue in Internet Explorer 11 and other apps that use WININET.DLL.
  • Security updates for various components.

KB4493467 — Security-only Update

  • Same as the Monthly rollup except the Custom URI schemes fix (not listed)

Windows 10 version 1607

KB4493470

  • Fixed several known issues.
  • Fixed an issue to meet GB18030 certificate requirements.
  • Security updates.

Windows 10 version 1703

KB4493474

  • Fixed several known issues
  • Security Updates

Windows 10 version 1709

KB4493441

  • Fixed several known issues
  • Security Updates

Windows 10 version 1803

KB4493464

  • Fixed several known issues
  • Addresses a stop error that occurs when attempting to start the Secure Shell (SSH) client program from Windows Subsystem for Linux (WSL) with agent forwarding enabled using a command line switch (ssh –A) or a configuration setting.
  • Security updates.

Windows 10 version 1809

KB4493509

  • Fixed several known issues including EUDC blue screen, MXSML6 stop responding, Group Policy Editor stops responding, WININET.DLL
  • Security updates

Other security updates

KB4493435 — Cumulative Security Update for Internet Explorer

KB4491443 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493448 — Security Only Quality Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4493450 — Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4493451 — Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4493458 — Security Only Quality Update for Windows Server 2008

KB4493471 — Security Monthly Quality Rollup for Windows Server 2008

KB4493472 — Security Monthly Quality Rollup for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4493478 — Security Update for Adobe Flash Player

KB4493563 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493730 — Security Update for Windows Server 2008

KB4493790 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493793 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493794 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493795 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493796 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493797 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493927 — Information disclosure vulnerability in Windows Embedded POSReady 2009

KB4494059 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4494528 — You receive an Error 1309 message when you install an .msi file on Windows Embedded POSReady 2009

KB4495022 — Information disclosure vulnerability in Windows Embedded POSReady 2009

Known Issues

Windows 7 Service Pack 1

After installing this update, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. Workarounds available.

Windows 8.1

Authentication may fail for services that require unconstrained delegation after the Kerberos ticket expires. Workarounds available.

Windows 10 version 1607

For hosts managed by System Center Virtual Machine Manager (SCVMM), SCVMM cannot enumerate and manage logical switches deployed on the host after installing the update.

After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.

And the Windows 7 SP1 issue.

Windows 10 version 1607 and newer

After installing the Internet Explorer cumulative update, custom URI schemes for application protocol handlers may not work properly in Internet Explorer. Workaround available.

Windows 10 version 1803

Same as Windows 7 SP1

Windows 10 version 1809, Windows Server 2016

Same as Windows 7 SP1

Security advisories and updates

ADV190011 | April 2019 Adobe Flash Security Update

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB4487990 — Update for POSReady 2009

KB890830 — Windows Malicious Software Removal Tool – April 2019

Microsoft Office Updates

You find a list of all released updates for Microsoft Office — security and non-security – here.

How to download and install the April 2019 security updates

microsoft updates windows april 2019

Windows Updates get installed automatically on Home systems by default. You can block or delay the installation of updates on these systems.

It is not recommended to run a manual check for updates as it may lead to the installation of preview updates or feature updates, but you may do so in the following way:

  1. Open the Start Menu.
  2. Type Windows Update.
  3. Click on the “check for updates” button to run a manual check.

You may use third-party tools like the excellent Windows Update Manager or Windows Update Minitool to download updates.

Direct update downloads

Microsoft makes available all cumulative updates that it releases for Windows as direct downloads on the Microsoft Update Catalog website. Follow the links listed below to go there for the listed version of Windows.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4493472 — 2019-04 Security Monthly Quality Rollup for Windows 7
  • KB4493448 — 2019-04 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4493446 — 2019-04 Security Monthly Quality Rollup for Windows 8.1
  • KB4493467 — 2019-04 Security Only Quality Update for Windows 8.1

Windows 10 and Windows Server 2016 (version 1607)

  • KB4493470 — 2019-04 Cumulative Update for Windows 10 Version 1607

Windows 10 (version 1703)

  • KB4493474 — 2019-04 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  • KB4493441 — 2019-04 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4493464 — 2019-04 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4493509 — 2019-04 Cumulative Update for Windows 10 Version 1809

Additional resources

Summary
Microsoft Windows Security Updates April 2019 overview
Article Name
Microsoft Windows Security Updates April 2019 overview
Description
Microsoft released security updates for supported versions of Windows and other company today on the April 9, 2019 Patch Tuesday.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Ghacks Technology News
Advertisement

Related:

  • No Related Posts

Starting March 1, 2019, Bay Area Systems Will Begin Providing It Support Services on the Latest …

SAN FRANCISCO (PRWEB)February 23, 2019

Bay Area Systems, Inc. (http://www.BayAreaSystems.com), premier Information Technology (IT) consulting provider in San Francisco Bay Area, is on the forefront of providing cost-effective IT outsourcing solutions for small businesses.

Starting March 1, 2019, Bay Area Systems will begin providing IT support services on the latest Microsoft Server: Windows Server 2019. Through utilization of Microsoft Windows Server 2019’s native Hyper-V virtualization technology, Bay Area Systems helped deployed web server farms, clustered database servers, remote desktop workstations, and cloud computing platforms. When businesses need Virtual Private Network (VPN) access and remote desktop services; rather than adding individual workstations to be used for remote office desktop connection needs, virtual workstations offer the same experience with greater efficiency. Clients praise our virtual machine solutions that are space saving (often one server can serve the needs of 10 – 30 servers and/or workstations, reducing the need to have these physical machines scattered around in the office); energy saving in terms of electricity needs as well as cooling requirements; easy deployment – adding a server or workstation is much faster than having to order an additional machine, and often may not be of the same exact specification; fast recovery – by utilizing the cloning feature, essential virtual machines can be cloned and quickly replaced should a catastrophic software error occurred.

Microsoft Windows Server 2019’s Server Core App Compatibility feature on demand (FOD) significantly improves the app compatibility of the Windows Server Core installation option by including a subset of binaries and components from Windows Server with the Desktop Experience, without adding the Windows Server Desktop Experience graphical environment itself.

Windows Defender ATP Exploit Guard is a new set of host-intrusion prevention capabilities. The four components of Windows Defender Exploit Guard (Attack Surface Reduction (ASR), Network protection, Controlled folder access, Exploit protection) are designed to lock down the device against a wide variety of attack vectors and block behaviors commonly used in malware attacks, while enabling you to balance security risk and productivity requirements.

Microsoft Windows Server 2019’s Security with Software Defined Networking (SDN) delivers many features to increase cutstomer confidence in running workloads, either on-premises, or as a service provider in the cloud.

Windows Server 2019 also has a new Storage Migration Service that makes it easier to migrate servers to a newer version of Windows Server. It provides a graphical tool that inventories data on servers, transfers the data and configuration to newer servers, and then optionally moves the identities of the old servers to the new servers so that apps and users don’t have to change anything.

Hyper-V virtual server provides one of the most stable platforms for virtual machines, and the multitude of tools available making cloning, clustering and failover available to support critical business needs. The time it takes to restore a cloned Microsoft Exchange Server in Hyper-V could be as little as 2 hours, compared to having to rebuild a physical server, reinstall Operating Systems and Exchange Server, setup accounts, and can easily take 6 to 8 hours and thousands of dollars. In Windows Server 2019, you can now add NIC on the fly without taking down the server.

Bay Area Systems have fully tested and deployed Hyper-V solutions to solve customers’ growing needs of testing new Operating Systems as well as program upgrades. It is much more convenient, and cost-effective, to use a virtual machine to test system integration, software upgrades, patches, and new installations before deploying into the production environment. Efficient resource sharing and distribution in Hyper-V also ensure a much better performance for individual virtual machines than purchasing separate physical units.

The combination of cutting-edge, professional services of Bay Area Systems and production proven virtual machine solutions provided by Microsoft’s Windows Server 2019 will serve to deliver energy saving, cost-effective, cutting-edge, fast and complete services to Bay Area Systems customers.

Since 2002,Bay Area Systems has provided cost-effective computer systems and network support and services to small businesses all around the San Francisco Bay Area. Bay Area Systems LLC has become a pioneer in providing customized technology solutions that are efficient, cost-effective, and improve bottom line of small businesses. Bay Area Systems’ business model is based on their passion to provide the best customer service experience in the industry, and building long-term business relationship with their customers.

Related:

  • No Related Posts

KB4487011 and KB4487006 fix unresponsive app issues

Microsoft recently released Windows 10 cumulative updates KB4487006, KB4487011, KB4487021, and KB4487029 addressing non-security bugs in the operating system. The company aims to enhance the reliability of the OS with bug fixes, stability enhancement and quality improvements.

KB4487011 improvement and fixes

KB4487011 offers four major improvements and fixes that we’ll list below:

1. IE Fails To Load Images Bug Fix

The update addressed the problems related to loading images having a backslash () in their relative source path. The issue was reported in the previous releases.

2. Microsoft Access Bug Fix

The Microsoft Access bug was responsible for randomly stopping those apps that are using Microsoft Jet database along with the Microsoft Access 95 file format. Just like the previous issue, this bug was also reported in KB4487044.

3. Application Not Responding Bug Fix

This issue was reported by the users that the issue arose when the same input queue is used by its two threads.

4. Device Compatability Issue Fix

This fix addresses a bug that existed in the evaluation of the compatibility status of the entire ecosystem of Windows. It is done to ensure device and application compatibility for all Windows updates.

KB4487011 Known Issues

As of now, Microsoft has not acknowledged any known issues in the update. The blog post will be updated if the tech giant confirms any potential bugs.

KB4487006 Improvement & Fixes

Apart from the device compatibility and issues and Microsoft Access bug fix, the update comes along with a series of bug fixes. Some of the major features are discussed below.

1. Remote Desktop Protocol (RDP) Client Bug

The release of KB4487006 resolved a major issue that existed in the previous build. The users got black screen at the login in the Remote Desktop Protocol (RDP) client application.

2. win32kfull.sys Reliability Issue

The update fixes a reliability issue with win32kfull.sys, that existed in the previous versions. The bug was initially introduced in KB4487026.

3. Microsoft Outlook “The operation failed” error

When a user tried to open the Microsoft Exchange Address Book, “The operation failed” used to appear. The issue was introduced after the installation of KB4457127 on Active Directory domain controllers.

KB4487006 Known Issues

1. Startup Issues in Specific Laptops

Specific Lenovo and Fujitsu laptops that currently have less than 8 GB RAM may face startup issues. The bug is created as a result of KB4467691installation.

One of the easiest ways to resolve the issue is restarting your machine with the help of Unified Extensible Firmware Interface (UEFI). Make sure to disable Secure Boot before restarting the device.

2. Cluster Service Start Fail

If the “Minimum Password Length” of the group policy uses more than 14 characters then the users can face cluster service start fail error. The following error message is displayed to the user “2245 (NERR_PasswordTooShort)”. The installation of KB4467684 triggers the error.

Microsoft is currently working to resolve the issue and the workaround is expected to be available in the coming weeks. Till now the company suggests the users to set the default minimum password length policy to equals to or less than 14 characters.

3. IE 11 Authentication Issues

Some authentication issues are reported in Internet Explorer 11 right after the installation of IE11. As soon as the same account is used by two or more users for various concurrent login sessions on the same Windows Server machine.

Microsoft recommends the users to create unique user accounts. Moreover, multiple RDP sessions should be disabled for each user account.

System Center Virtual Machine Manager (SCVMM) fails to manage the logical switches that have been deployed on the host that is managed by SCVMM. Also, a stop error is raised in vfpext.sysif you fail to follow the best practices.

A quick workaround is to access the affected host machine to run mofcomp files for running two mof files named as Scvmmswitchportsettings.mof and VMMDHCPSvr.mof. Microsoft recommends that users can avoid a stop error by following the best practices.

Download KB4487011/KB4487006 for Windows 10

The KB4487011/KB4487006 patch can be automatically downloaded through the Settings menu. If you have not yet received the update you need to open the Settings menu by pressing Win+I. Now you need to navigate to Update & Security >>Windows Update >> Check for updates.

You can enhance the consistency of the update process by installing the latest servicing stack update (SSU) just before installing the LCU KB4487011.

Microsoft has followed its tradition to specify third Tuesday of the month for the release of the non-security cumulative update. Although these updates are termed as non-security, it is yet not clear that either security components are included in the update or not. 

Comment down below if you have faced any pre and post-installation issues while installing KB4487011 and KB4487006.

Windows 10 updates KB4487029, KB4487021, KB4487011 and KB4487006 released

Microsoft released several cumulative updates for different Windows 10 versions on February 19, 2019. The cumulative updates KB4487029, KB4487021, KB4487011 and KB4487006 update Windows 10 version 1803, 1709, 1703 and 1607 but not the current version 1809.

Only the Enterprise editions of Windows 10 version 1607 and 1703 are supported. Home and Pro editions of these versions of Windows 10 are no longer supported; in other words: you need to upgrade the operating system to a supported version to receive continued support with updates.

Note: These are not security updates; they fix stability and other issues only. It is recommended that you back up your system before you install the updates or wait if you are not affected by any of the listed issues.

And Windows 10 version 1809? Microsoft pushes cumulative updates for the current version of Windows 10 to the Release Preview ring first before release. It is likely that an update will be released in the coming days / week.

KB4487029 for Windows 10 version 1803

KB4487029

Windows 10 version 1803 is the most used edition of Windows 10. Microsoft launched Windows 10 version 1809 last year but bugsforced the company to stop the distribution of the operating system for weeks.

The update increases the build of the operating system to 17134.619. The following changes are listed in the changelog:

  • Media Content can play e-learning content with USB adapter cables on Microsoft Edge.
  • Windows ActiveX content in iframes scrolls with other content in Internet Explorer 11.
  • Fixed an issue that caused Registry keys that are app-specific to be deleted after updates.
  • Time Zone information for Chile updated.
  • Fixed an audio compatibility issue of games with 3D Spatial Audio modes.
  • Fixed an issue that prevented users from pinning web links to Start or the Taskbar.
  • Fixed an issue that prevented the lockscreen image from updating.
  • Improved the performance of case-sensitive string comparison functions.
  • Fixed an compatibility status evaluating issue.
  • Improved the reliability of the UE-VAppmonitor.
  • Fixed a user hive updating issue.
  • Fixed an issue that allowed protected files (by Windows Information Protection) to be transferred using Bluetooth.
  • Fixed an issue with Internet Explorer proxy settings that caused the initial logon to stop responding.
  • Fixed an issue that prevented the deletion of wireless network profiles.
  • Addressed the cause for error “STOP 0x1A”.
  • Fixed a Timeline issue that caused File Explorer to stop working.
  • Fixed an issue that caused the Photos app to stop working when used from within the Mail app.
  • Fixed a PLMDebug.exe tool issue that caused the losing of debug sessions.
  • Improved AOVPN (Always On VPN) reconnect and disconnect functionality.
  • Further Japanese era name issue fixues.
  • Fixed an issue that caused Internet Explorer to skip loading images that have a backslash character in their relative source path.
  • Fixed an issue that caused applications that use Microsoft Jet Databases with Microsoft Access 95 formats to stop working.

You can download the update manually from the Microsoft Update Catalog website.

KB4487021 for Windows 10 version 1709

KB4487021

The update includes some of the fixes found in the update for Windows 10 version 1803 but not all of them. It does include some fixes that are not included in the update for version 1803.

The update increases the build to 16299.1004.

The changelog lists the following fixes and improvements:

  • Time Zone information for Chile updated.
  • Improved the performance of case-sensitive string comparison functions.
  • Fixed an compatibility status evaluating issue.
  • Improved the reliability of the UE-VAppmonitor.
  • Fixed a user hive updating issue.
  • New Group Policy called “Policy Details” that disconnects any wireless connections immediately when a wired connection is detected and “Minimize simultaneous connections” is configured.
  • Additional Japanese era date and format fixes.
  • Fixed the Internet Explorer not loading images with backslash characters in path issue.
  • Fixed an issue that caused applications that use Microsoft Jet Databases with Microsoft Access 95 formats to stop working.

You can download the update manually from the Microsoft Update Catalog website.

KB4487011 for Windows 10 version 1703

KB4487011

The update is only for Windows 10 Enterprise and Education editions. The update brings the build to version 15063.1659.

It includes the same updates as KB4487021 with the exception of the following exclusive additions:

  • Fixed an issue that caused programs to stop responding if its threads share the same input queue.
  • Addressed an issue with a rooted pointer to an item identifier list (PIDL) in File Explorer

The update is available on the Microsoft Update Catalog website as a manual download.

KB4487006 for Windows 10 version 1607 and Windows Server 2016

KB4487006

The update bring the version of the operating system to 14393.2828. It is only available to Enterprise and Education editions.

The changelog lists the following improvements:

  • Chile Time Zone information update.
  • Fixed an issue that caused Remote Desktop Protocol client applications to display a black screen on login.
  • Improved the performance of case-sensitive string comparison functions.
  • Fixed an compatibility status evaluating issue.
  • Improved the reliability of the UE-VAppmonitor.
  • Fixed a user name display issue in the Routing and Remote Access Service (RRAS) servers.
  • Addressed an issue that caused updates to a relying party trust to fail when using PowerShell or the Active Directory Federation Services (AD FS) management console.
  • Fixed an issue that caused “specific error message for external complexity password changes” to display.
  • Fixed an issue that caused Microsoft Outlook to throw the error “The Operation Failed” when viewing Microsoft Exchange address books.
  • Fixed an issue that prevented the enabling of Storage Maintenance Mode.
  • Fixed a server stop working error when handling a compound client request that includes a rename.
  • Fixed error 0x165 when pausing a node and taking it down for maintenance.
  • Fixed a cause for Stop 24 error on a virtual Remote Desktop Service server.
  • Fixed an issue with Japanese era names.
  • Fixed a reliability issue with win32kfull.sys.
  • Fixed the Internet Explorer not loading images with backslash characters in path issue.
  • Fixed the Microsoft Jet database access issue.

Microsoft lists three known issues, all known already:

  1. For hosts managed by System Center Virtual Machine Manager (SCVMM), SCVMM cannot enumerate and manage logical switches deployed on the host after installing the update.
  2. After installing KB4467691, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.
  3. After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.

The update can be downloaded manually from the Microsoft Update Catalog website.

Summary
Windows 10 updates KB4487029, KB4487021, KB4487011 and KB4487006 released
Article Name
Windows 10 updates KB4487029, KB4487021, KB4487011 and KB4487006 released
Description
Microsoft released several cumulative updates for different Windows 10 versions on February 19, 2019.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Advertisement

Related:

  • No Related Posts

Microsoft Windows Security Updates January 2019 overview

Welcome to the first Microsoft Windows Patch Day overview of 2019. Microsoft released security updates for all supported client and server versions of the Windows operating system and other company products such as Microsoft Office on January 8, 2019.

We publish a monthly overview shortly after Microsoft’s release on the second Tuesday of each month. The overview lists all released security updates with links to Microsoft Support articles, known issues, downloads, and other Patch Tuesday related information.

You can check out the December 2018 Patch Day overview here.

Note: As always, we recommend to back up the system before you install updates for Windows or any other program.

Microsoft Windows Security Updates January 2019

Click on the following link to download an Excel spreadsheet that includes data about all released security updates for Microsoft Windows versions and other Microsoft products. Just click on the following link to start the download: security-updates-microsoft-january-2019-windows.zip

Executive Summary

  • Microsoft released security updates for all client and server versions of Windows.
  • No critical vulnerabilities in Windows 8.1 and 7.
  • Microsoft released security updates for Microsoft Edge, Internet Explorer, Adobe Flash Player, .NET Framework, Microsoft Office, Microsoft Exchange Server, and Microsoft Visual Studio
  • Windows 10 version 1809 is in active distribution. Check out our guide on delaying feature updates for Windows 10 to avoid the installation.
  • The Update Catalog lists 187 updates for January 2019.

Operating System Distribution

  • Windows 7: 15 vulnerabilities of which 15 are rated important.
  • Windows 8.1: 18 vulnerabilities of which 18 are rated important.
  • Windows 10 version 1607: 23 vulnerabilities of which 1 is critical and 22 are important
  • Windows 10 version 1703: 24 vulnerabilities of which 1 is critical and 23 are important
  • Windows 10 version 1709: 24 vulnerabilities of which 1 is critical and 23 are important
  • Windows 10 version 1803: 26 vulnerabilities of which 3 are critical and 23 are important
  • Windows 10 version 1809: 25 vulnerabilities of which 2 are critical and 23 are important

Windows Server products

  • Windows Server 2008 R2: 15 vulnerabilities of which 15 are important.
  • Windows Server 2012 R2: 18 vulnerabilities of which 18 are important.
  • Windows Server 2016: 23 vulnerabilities of which 1 is critical and 22 are important.
  • Windows Server 2019: 25 vulnerabilities of which 2 are critical and 23 are important.

Other Microsoft Products

Windows Security Updates

All Windows versions:

Starting with the January 2019 security updates, PowerShell remote endpoints cannot be configured anymore to work with non-administrator accounts.

Attempts to use non-admin accounts throws the following error after installation of the updates:

“New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered. For more information, see the about_Remote_Troubleshooting Help topic.”

Windows 10 version 1809

KB4480116

Security updates to Microsoft Edge, Internet Explorer, Windows App Platform and Frameworks, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, Microsoft JET Database Engine, Windows Linux, Windows Virtualization, and the Microsoft Scripting Engine.

Windows 10 version 1803

Fixes a highly exploitable issue in Windows 10 version 1803; recommended to patch as early as possible. See Zero Day Initiative and Microsoft’s guidance on the vulnerability.

KB4480966

  • Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows Kernel, Windows Storage and Filesystems, Windows Virtualization, Windows Linux, Windows MSXML, and the Microsoft JET Database Engine .

Windows 10 version 1709

KB4480978

  • Fixes an issue with esentutl /p which caused the repair to result in a “mostly empty database” which is corrupt and cannot be mounted.
  • Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Virtualization, Windows Linux, and the Microsoft JET Database Engine.

Windows 10 version 1703

KB4480973

  • Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows Authentication, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Virtualization, Windows Linux, and Microsoft JET Database Engine

Windows 10 version 1607

KB4480961

  • Security updates to Internet Explorer, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows Kernel, Windows Hyper-V, Windows MSXML, and the Microsoft JET Database Engine.

Windows 8.1 and Windows Server 2012 R2

KB4480963 Monthly Rollup

  • Protection against Speculative Story Bypass CVE-2018-3639 for AMD-based computers
  • Security updates to Windows App Platform and Frameworks, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.

KB4480964 Security-only

  • Same as Monthly Rollup

Windows 7 SP1 and Windows Server 2008 R2 SP1

Note: The updates may introduce issues with network shares.

KB4480970 Monthly Rollup

  • Protection against Speculative Story Bypass CVE-2018-3639 for AMD-based computers
  • Security updates to Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.

KB4480960 — Security-only

  • Same as Monthly Rollup

Other security updates

KB4483235 — Windows 10 version 1809 and Windows Server 2019 — Security update for Internet Explorer

KB4483234 — Windows 10 version 1803 — Security update for Internet Explorer

KB4483232 — Windows 10 version 1709 — Security update for Internet Explorer

KB4483230 — Windows 10 version 1703 — Security update for Internet Explorer

KB4483229 — Windows 10 version 1607 and Windows Server 2016 — Security update for Internet Explorer

KB4483187 — Cumulative security update for Internet Explorer: December 19, 2018 — fixes a remote code execution vulnerability.

KB4480059 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4480051 — Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4480054 — Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4480055 — Security and Quality Rollup for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4480057 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4480058 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4480061 — Security and Quality Rollup for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4480062 — Security and Quality Rollup for .NET Framework 2.0, 3.0 for Windows Server 2008

KB4480063 — Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4480064 — Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4480070 — Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4480071 — Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4480072 — Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4480074 — Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4480075 — Security Only Update for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4480076 — Security Only Update for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4480077 — Security Only Update for .NET Framework 4 on WES09 and POSReady 2009

KB4480083 — Security Only Update for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4480084 — Security Only Update for .NET Framework 2.0, 3.0 for Windows Server 2008

KB4480085 — Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4480086 — Security Only Update for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4480957 — Security Only Quality Update for Windows Server 2008

KB4480968 — Security Monthly Quality Rollup for Windows Server 2008

KB4480965 — Cumulative Security Update for Internet Explorer

KB4480972 — Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4480975 — Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4480979 — Adobe Flash Player update

KB4481275 — Security Update for WES09 and POSReady 2009

KB4481480 — Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4481481 — Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4481482 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4481483 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4481484 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4481485 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4481486 — Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4481487 — Security Only Update for .NET Framework 2.0 for Windows Server 2008

KB4480056 — Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10

Notes

Known Issues

Windows 10 version 1809 — KB4480116

  • Third-party applications may have difficulty authentication hotspots.

Windows 10 version 1803 — KB4480966

  • Same as Windows 10 version 1709
  • Some users may not be able to pin web links to the Start Menu or Taskbar.
  • After installing KB4467682, the cluster service may fail with 2245 (NERR_PasswordTooShort) if the Minimum Password Length policy is set to a value greater than 14 characters.KB4480966.

Windows 10 version 1709 — KB4480978

Windows 10 version 1703 — KB4480973

  • Third-party applications may have difficulty authentication hotspots.
  • Instantiation of SqlConnection can throw an exception.

Windows 10 version 1607 — KB4480961

  • Same as Windows 10 version 1709
  • After installation of KB4467691, Windows may not start on “certain” Lenovo devices with less than 8 Gigabytes of RAM.
  • After installing KB4467684, the cluster service may fail with 2245 (NERR_PasswordTooShort) if the Minimum Password Length policy is set to a value greater than 14 characters.KB4480966.
  • After installation of the update on Windows Server 2016, Outlook instant searches may fail with “Outlook cannot perform the search”.
  • System Center Virtual Machine Manager (SCVMM) managed workloads are noticing infrastructure management issues after VMM refresh as the Windows Management Instrumentation (WMI) class around network port is being unregistered on Hyper-V hosts.

Windows 8.1 — KB4480963

  • Third-party applications may have difficulty authentication hotspots.

Windows 7 — KB4480116

  • Third-party applications may have difficulty authentication hotspots.

Security advisories and updates

ADV190001 | January 2019 Adobe Flash Update

Non-security related updates

KB4090007 — Windows 10 version 1709 — Intel Microcode updates around the following products (CPUs) have been revised

KB4091663 — Windows 10 version 1703 — Intel Microcode updates around the following products (CPUs) have been revised

KB4091664 — Windows 10 version 1607 — Intel Microcode updates around the following products (CPUs) have been revised

KB890830 — Windows Malicious Software Removal Tool

Microsoft Office Updates

Microsoft released non-security updates for Office in the first week of January 2019.

The list of security updates released in January 2019 for Office is available here.

How to download and install the January 2019 security updates

windows updates january 2019

Security updates are released via Windows Update for the majority of Home systems. All Home systems are set up to check for updates automatically and download these when discovered.

Administrators may run a manual check for updates to pick up the new releases early:

  • Activate the Start Menu, e.g. by tapping on the Windows-key.
  • Type Windows Update and select the tool from the list of results.
  • Activate “check for updates” to run the manual update check.

Windows updates may be downloaded directly using third-party tools, e.g. Windows Update Minitool or wumgr, or Microsoft’s Download Center. Links to the January 2019 cumulative updates are posted below.

Direct update downloads

Microsoft publishes all cumulative security updates and other updates on the Microsoft Update Catalog website. Direct download links are listed below.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4480970 — 2019-01 Security Monthly Quality Rollup for Windows 7
  • KB4480960 — 2019-01 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4480963 — 2019-01 Security Monthly Quality Rollup for Windows 8.1
  • KB4480964 — 2019-01 Security Only Quality Update for Windows 8.1

Windows 10 and Windows Server 2016 (version 1607)

  • KB4480961 — 2019-01 Cumulative Update for Windows 10 Version 1607

Windows 10 (version 1703)

  • KB4480973 — 2019-01 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  • KB4480978 — 2019-01 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4480966 — 2019-01 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4480116 — 2019-01 Cumulative Update for Windows 10 Version 1809

Additional resources

Summary
Microsoft Windows Security Updates January 2019 overview
Article Name
Microsoft Windows Security Updates January 2019 overview
Description
An overview of all Microsoft security updates released for all supported versions of Microsoft Windows and other company products on January 8, 2019.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Advertisement

Related:

  • No Related Posts

Techie was bigged up by boss… only to cause mass Microsoft Exchange outage

Who, Me? Welcome once more to Who, Me?, our weekly column in which readers confess to their worst IT cock-ups.

This time, we meet “Freddie”, who must have a good supply of luck on his side, as he managed to not only get away with his error, but win praise for fixing it.

At the time, Freddie was a busy man. He worked for a managed service provider as the supervisor for all technical support staff, was the company’s senior network engineer and its security specialist.

“As if wearing three hats wasn’t enough, due to a shortage in employees, I was also made the lead network administrator for one of our bigger clients,” Freddie told us.

“What that boiled down to was doing all of the work I normally do, but with the occasional system or network task, seated Monday through Friday in this customer’s network operations centre.”

One week, Freddie had to suffer through a cringe-inducing meeting in which his boss told the business manager and IT coordinator of the customer just how great he was.

Of course, with that sort of glowing endorsement, there was really only one thing for Freddie’s reputation to do: go downhill.

The blunder came a week later, when he was performing some maintenance on the customer’s Exchange environment.

“Conveniently for me, there was a de facto maintenance window every morning from 6:30am-7:00am,” he said. The maintenance he was carrying out wasn’t expected to cause any downtime, but he’d been asked to do it during this window anyway.

“I had just finished with five minutes to spare, but instead of hitting ‘sign-out’, I accidentally hit ‘shut-down’ on the primary server,” Freddie said.

Thinking that this wasn’t the worst thing in the world, Freddie hurriedly restarted the virtual machine.

“But, unbeknownst to me, my predecessor had incorrectly removed a server (or maybe servers) from the [database availability group],” Freddie said – which meant starting Exchange services took about 20 minutes.

UK actor Kayode Ewumi in character as clueless "know-it-all" "Roll Safe". Hood Documentary ( BBC Three)

Can’t get pranked by your team if nobody in the world can log on

READ MORE

Not long after the work day was supposed to start, Freddie was on the receiving end of a call from the same business manager.

“Everyone up here is getting a message that we can’t log in to our email,” the chap said. “Help!”

“Oh really?” Freddie, thinking on his feet, replied. “Let me take a look, and I’ll see if I can get that fixed… Give me maybe 10 minutes?”

Feeling a quiet confidence that his ruse was working, Freddie crossed his fingers and waited.

“Ten minutes later, Exchange was back online, and I called the business manager back, asking him to try it again.

“A moment later he replied, ‘Freddie! I don’t know what you did to fix it, but it’s working for everyone now! Great job!’”

Better yet, an hour or so later, Freddie’s boss at the managed service provider also called to praise his work.

“He’d received a call from the client telling him how quickly I was able to fix the issue,” Freddie said.

If this tale has reminded you of a time you took credit for fixing a fault you created, don’t keep quiet – tell Who, Me? and we might run your tale in the future.

And don’t forget, we’re on the hunt for spooky tales for a Halloween special of On Call, our column for tech support triumphs. ®

Related:

  • No Related Posts

Microsoft October 2018 Patch Tuesday Fixes 12 Critical Vulnerabilities

Patch Tuesday

Today is the October 2018 Patch Tuesday, which means a boatload of security updates are out for Microsoft products including Windows, Office, and Exchange Server. These updates fix known bugs and security vulnerabilities found within Microsoft’s products.

This article will cover the security updates released today as part of the October 2018 Patch Tuesday. These updates resolve 50 known vulnerabilities in Microsoft’s products, with 12 of them being labeled as critical.

For information about the non-security Windows updates, you can read about today’s Windows 10 KB4464330, KB4462919 and KB4462918 Cumulative Updates and the Microsoft Releases Windows 7 & 8.1 Cumulative Updates KB4462923 & KB4462926.

Critical Vulnerabilities fixed in the October 2018 Patch Tuesday updates

This Patch Tuesday fixes 12 Critical security vulnerabilities that when exploited could lead to code execution. These vulnerabilities are the most dangerous as if they are exploited could allow a remote attacker to execute commands on a vulnerable computer and essentially take full control.

CVE-2018-8473 – Microsoft Edge Memory Corruption Vulnerability is a remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user.

CVE-2018-8460 – Internet Explorer Memory Corruption Vulnerability is a remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8489 – Windows Hyper-V Remote Code Execution Vulnerability is a remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.

CVE-2018-8490 – Windows Hyper-V Remote Code Execution Vulnerability is a remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.

CVE-2018-8491 – Internet Explorer Memory Corruption Vulnerability is a remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8494 – MS XML Remote Code Execution Vulnerability is a remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system.

CVE-2018-8500 – Scripting Engine Memory Corruption Vulnerability is a remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8505 – Chakra Scripting Engine Memory Corruption Vulnerabilityis a remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8509 – Microsoft Edge Memory Corruption Vulnerability is a remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user.

CVE-2018-8510 – Chakra Scripting Engine Memory Corruption Vulnerability is a remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8511 – Chakra Scripting Engine Memory Corruption Vulnerability is a remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8513 – Chakra Scripting Engine Memory Corruption Vulnerability is a remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

The October 2018 Patch Tuesday Security Updates

Below is the full list of vulnerabilities resolved by the October 2018 Patch Tuesday updates. To access the full description of each vulnerability and the systems that it affects, you can view the full report here.

Tag CVE ID CVE Title
Azure CVE-2018-8531 Azure IoT Device Client SDK Memory Corruption Vulnerability
Device Guard CVE-2018-8492 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Internet Explorer CVE-2018-8460 Internet Explorer Memory Corruption Vulnerability
Internet Explorer CVE-2018-8491 Internet Explorer Memory Corruption Vulnerability
Microsoft Edge CVE-2018-8473 Microsoft Edge Memory Corruption Vulnerability
Microsoft Edge CVE-2018-8512 Microsoft Edge Security Feature Bypass Vulnerability
Microsoft Edge CVE-2018-8530 Microsoft Edge Security Feature Bypass Vulnerability
Microsoft Edge CVE-2018-8509 Microsoft Edge Memory Corruption Vulnerability
Microsoft Exchange Server CVE-2010-3190 MFC Insecure Library Loading Vulnerability
Microsoft Exchange Server CVE-2018-8448 Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server CVE-2018-8265 Microsoft Exchange Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2018-8486 DirectX Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2018-8484 DirectX Graphics Kernel Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2018-8453 Win32k Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2018-8472 Windows GDI Information Disclosure Vulnerability
Microsoft JET Database Engine CVE-2018-8423 Microsoft JET Database Engine Remote Code Execution Vulnerability
Microsoft Office ADV180026 Microsoft Office Defense in Depth Update
Microsoft Office CVE-2018-8501 Microsoft PowerPoint Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8427 Microsoft Graphics Components Information Disclosure Vulnerability
Microsoft Office CVE-2018-8504 Microsoft Word Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8502 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8432 Microsoft Graphics Components Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2018-8498 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office SharePoint CVE-2018-8480 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office SharePoint CVE-2018-8488 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office SharePoint CVE-2018-8518 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Scripting Engine CVE-2018-8511 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8500 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8505 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8503 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8510 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8513 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Windows CVE-2018-8411 NTFS Elevation of Privilege Vulnerability
Microsoft Windows CVE-2018-8333 Microsoft Filter Manager Elevation Of Privilege Vulnerability
Microsoft Windows CVE-2018-8493 Windows TCP/IP Information Disclosure Vulnerability
Microsoft Windows CVE-2018-8506 Microsoft Windows Codecs Library Information Disclosure Vulnerability
Microsoft Windows DNS CVE-2018-8320 Windows DNS Security Feature Bypass Vulnerability
Microsoft XML Core Services CVE-2018-8494 MS XML Remote Code Execution Vulnerability
SQL Server CVE-2018-8527 SQL Server Management Studio Information Disclosure Vulnerability
SQL Server CVE-2018-8532 SQL Server Management Studio Information Disclosure Vulnerability
SQL Server CVE-2018-8533 SQL Server Management Studio Information Disclosure Vulnerability
Windows – Linux CVE-2018-8329 Linux On Windows Elevation Of Privilege Vulnerability
Windows Hyper-V CVE-2018-8489 Windows Hyper-V Remote Code Execution Vulnerability
Windows Hyper-V CVE-2018-8490 Windows Hyper-V Remote Code Execution Vulnerability
Windows Kernel CVE-2018-8330 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2018-8497 Windows Kernel Elevation of Privilege Vulnerability
Windows Media Player CVE-2018-8482 Windows Media Player Information Disclosure Vulnerability
Windows Media Player CVE-2018-8481 Windows Media Player Information Disclosure Vulnerability
Windows Shell CVE-2018-8413 Windows Theme API Remote Code Execution Vulnerability
Windows Shell CVE-2018-8495 Windows Shell Remote Code Execution Vulnerability

Related: