Microsoft Windows Security Updates April 2019 overview

Microsoft released security updates for supported versions of Windows and other company today on the April 9, 2019 Patch Tuesday.

Updates are provided in various ways: via Windows Update, as direct downloads, and through Enterprise updating systems.

Our monthly overview of Microsoft’s Patch Day offers detailed information on updates, additional information that is relevant, and links to supported articles.

It starts with an executive summary, and is followed by the statistics, the list of released updates, known issues, and direct download links.

You can check out last month’s Patch Day in case you have missed it. As always, it is recommended that systems are backed up before new patches are installed. Note that some users had troubles installing the last cumulative update for Windows 10 version 1809; you can check a possible fix for System Service Exception blue screens here.

Attention: Reports of Windows 7 and 8.1, and Server 2008 R2 / 2012 R2 machines freezing after update installation. Is apparently related to Sophos products, only solution right now is to uninstall the update.

Microsoft Windows Security Updates April 2019

Download the following Excel spreadsheet listing security updates and related information for updates that Microsoft released in April 2019. Click on the following link to download the spreadsheet to your local system: microsoft-windows-security-updates-april-2019.zip

Executive Summary

  • Windows 10 version 1607 reached end of support for Enterprise and Education customers today.
  • Windows 10 version 1709 reached end of support for Home, Pro and Pro for Workstations today.
  • Microsoft released security updates for all client and server versions of Windows.
  • Other Microsoft software with security updates: Microsoft Edge, Internet Explorer, Microsoft Exchange Server, Team Foundation Server, Azure DevOps Server, Windows Admin Center, Microsoft Office
  • Microsoft fixed many long standing known issues.
  • The Update Catalog lists 133 updates.

Operating System Distribution

  • Windows 7: 29 vulnerabilities of which 6 are rated critical and 23 are rated important (links see W10 1809)
    • CVE-2019-0791 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0792 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0793 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0795 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0845 | Windows IOleCvt Interface Remote Code Execution Vulnerability
    • CVE-2019-0853 | GDI+ Remote Code Execution Vulnerability
  • Windows 8.1: 31 vulnerabilities of which 7 are rated critical and 24 are rated important (links see W10 1809)
    • CVE-2019-0790 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0791 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0792 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0793 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0795 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0845 | Windows IOleCvt Interface Remote Code Execution Vulnerability
    • CVE-2019-0853 | GDI+ Remote Code Execution Vulnerability
  • Windows 10 version 1607: 33 vulnerabilities of which 7 are critical and 26 are important
    • critical issues same as W10 1809 except for CVE-2019-0786 which is not listed.
  • Windows 10 version 1703: 35 vulnerabilities of which 7 are critical and 28 are important
    • critical issues same as W10 1809 except for CVE-2019-0786 which is not listed.
  • Windows 10 version 1709: 37 vulnerabilities of which 8 are critical and 29 are important
    • critical issues same as W10 1809
  • Windows 10 version 1803: 37 vulnerabilities of which 8 are critical and 29 are important
    • critical issues same as W10 1809
  • Windows 10 version 1809: 36 vulnerabilities of which 8 are critical and 28 are important

Windows Server products

  • Windows Server 2008 R2: 29 vulnerabilities of which 6 are critical and 23 are important.
    • same as Windows 7
  • Windows Server 2012 R2: 31 vulnerabilities of which 7 are critical and 24 are important.
    • critical issues same as W10 1809 except CVE-2019-0786 which is not listed.
  • Windows Server 2016: 33 vulnerabilities of which 7 are critical and 26 are important
    • critical issues same as W10 1809 except CVE-2019-0786 which is not listed.
  • Windows Server 2019: 36 vulnerabilities of which 8 are critical and 28 are important.
    • Critical issues same as W10 1809

Other Microsoft Products

  • Internet Explorer 11: 5 vulnerability, 1 critical, 4 important
  • Microsoft Edge: 9 vulnerabilities, 7 critical, 2 important

Windows Security Updates

Windows 7 Service Pack 1

Monthly rollups won’t include PciClearStaleCache.exe anymore starting with this update. Microsoft advises that administrators make sure that updates between April 20, 2018 and March 12, 2019 are installed prior to installing this update and future monthly rollup updates to make sure that the program is on the system.

The following symptoms may be experienced if the file is not available:

  • Existing NIC definitions in control panel networks may be replaced with a new Ethernet Network Interface Card (NIC) but with default settings. Any custom settings on the previously NIC persist in the registry but were unused.
  • Loss of static IP address settings.
  • Network Flyout does not display certain Wi-Fi profile settings.
  • Disabling of Wi-Fi network adapters.

KB4493472 — Monthly Rollup

  • Provides protections against Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754) for VIA-based computers.
  • Fixed an issue that caused the error “0x3B_c0000005_win32k!vSetPointer”.
  • Fixed the netdom.exe error “The command failed to complete successfully” appears.
  • Fixed the Custom URI Schemes issue.
  • Fixed the WININET.DLL issue.
  • Security updates

KB4493448 — Security only update

  • Same as monthly rollup except for error “0x3B_c0000005_win32k!vSetPointer” and Custom URI Schemes.

Windows 8.1

KB4493446 — Monthly Rollup

  • Provides protections against Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754) for VIA-based computers.
  • Fixes an issue with MSXML6 that could cause programs to stop responding.
  • Fixed an issue with the Group Policy Editor that caused it to stop responding when editing Group Policy Preferences for Internet Explorer 10 Internet settings.
  • Fixed an issue with Custom URI schemes for Application Protocol Handlers.
  • Fixed an authentication issue in Internet Explorer 11 and other apps that use WININET.DLL.
  • Security updates for various components.

KB4493467 — Security-only Update

  • Same as the Monthly rollup except the Custom URI schemes fix (not listed)

Windows 10 version 1607

KB4493470

  • Fixed several known issues.
  • Fixed an issue to meet GB18030 certificate requirements.
  • Security updates.

Windows 10 version 1703

KB4493474

  • Fixed several known issues
  • Security Updates

Windows 10 version 1709

KB4493441

  • Fixed several known issues
  • Security Updates

Windows 10 version 1803

KB4493464

  • Fixed several known issues
  • Addresses a stop error that occurs when attempting to start the Secure Shell (SSH) client program from Windows Subsystem for Linux (WSL) with agent forwarding enabled using a command line switch (ssh –A) or a configuration setting.
  • Security updates.

Windows 10 version 1809

KB4493509

  • Fixed several known issues including EUDC blue screen, MXSML6 stop responding, Group Policy Editor stops responding, WININET.DLL
  • Security updates

Other security updates

KB4493435 — Cumulative Security Update for Internet Explorer

KB4491443 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493448 — Security Only Quality Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4493450 — Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4493451 — Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4493458 — Security Only Quality Update for Windows Server 2008

KB4493471 — Security Monthly Quality Rollup for Windows Server 2008

KB4493472 — Security Monthly Quality Rollup for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4493478 — Security Update for Adobe Flash Player

KB4493563 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493730 — Security Update for Windows Server 2008

KB4493790 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493793 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493794 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493795 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493796 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493797 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493927 — Information disclosure vulnerability in Windows Embedded POSReady 2009

KB4494059 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4494528 — You receive an Error 1309 message when you install an .msi file on Windows Embedded POSReady 2009

KB4495022 — Information disclosure vulnerability in Windows Embedded POSReady 2009

Known Issues

Windows 7 Service Pack 1

After installing this update, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. Workarounds available.

Windows 8.1

Authentication may fail for services that require unconstrained delegation after the Kerberos ticket expires. Workarounds available.

Windows 10 version 1607

For hosts managed by System Center Virtual Machine Manager (SCVMM), SCVMM cannot enumerate and manage logical switches deployed on the host after installing the update.

After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.

And the Windows 7 SP1 issue.

Windows 10 version 1607 and newer

After installing the Internet Explorer cumulative update, custom URI schemes for application protocol handlers may not work properly in Internet Explorer. Workaround available.

Windows 10 version 1803

Same as Windows 7 SP1

Windows 10 version 1809, Windows Server 2016

Same as Windows 7 SP1

Security advisories and updates

ADV190011 | April 2019 Adobe Flash Security Update

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB4487990 — Update for POSReady 2009

KB890830 — Windows Malicious Software Removal Tool – April 2019

Microsoft Office Updates

You find a list of all released updates for Microsoft Office — security and non-security – here.

How to download and install the April 2019 security updates

microsoft updates windows april 2019

Windows Updates get installed automatically on Home systems by default. You can block or delay the installation of updates on these systems.

It is not recommended to run a manual check for updates as it may lead to the installation of preview updates or feature updates, but you may do so in the following way:

  1. Open the Start Menu.
  2. Type Windows Update.
  3. Click on the “check for updates” button to run a manual check.

You may use third-party tools like the excellent Windows Update Manager or Windows Update Minitool to download updates.

Direct update downloads

Microsoft makes available all cumulative updates that it releases for Windows as direct downloads on the Microsoft Update Catalog website. Follow the links listed below to go there for the listed version of Windows.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4493472 — 2019-04 Security Monthly Quality Rollup for Windows 7
  • KB4493448 — 2019-04 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4493446 — 2019-04 Security Monthly Quality Rollup for Windows 8.1
  • KB4493467 — 2019-04 Security Only Quality Update for Windows 8.1

Windows 10 and Windows Server 2016 (version 1607)

  • KB4493470 — 2019-04 Cumulative Update for Windows 10 Version 1607

Windows 10 (version 1703)

  • KB4493474 — 2019-04 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  • KB4493441 — 2019-04 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4493464 — 2019-04 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4493509 — 2019-04 Cumulative Update for Windows 10 Version 1809

Additional resources

Summary
Microsoft Windows Security Updates April 2019 overview
Article Name
Microsoft Windows Security Updates April 2019 overview
Description
Microsoft released security updates for supported versions of Windows and other company today on the April 9, 2019 Patch Tuesday.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Ghacks Technology News
Advertisement

Related:

  • No Related Posts

Starting March 1, 2019, Bay Area Systems Will Begin Providing It Support Services on the Latest …

SAN FRANCISCO (PRWEB)February 23, 2019

Bay Area Systems, Inc. (http://www.BayAreaSystems.com), premier Information Technology (IT) consulting provider in San Francisco Bay Area, is on the forefront of providing cost-effective IT outsourcing solutions for small businesses.

Starting March 1, 2019, Bay Area Systems will begin providing IT support services on the latest Microsoft Server: Windows Server 2019. Through utilization of Microsoft Windows Server 2019’s native Hyper-V virtualization technology, Bay Area Systems helped deployed web server farms, clustered database servers, remote desktop workstations, and cloud computing platforms. When businesses need Virtual Private Network (VPN) access and remote desktop services; rather than adding individual workstations to be used for remote office desktop connection needs, virtual workstations offer the same experience with greater efficiency. Clients praise our virtual machine solutions that are space saving (often one server can serve the needs of 10 – 30 servers and/or workstations, reducing the need to have these physical machines scattered around in the office); energy saving in terms of electricity needs as well as cooling requirements; easy deployment – adding a server or workstation is much faster than having to order an additional machine, and often may not be of the same exact specification; fast recovery – by utilizing the cloning feature, essential virtual machines can be cloned and quickly replaced should a catastrophic software error occurred.

Microsoft Windows Server 2019’s Server Core App Compatibility feature on demand (FOD) significantly improves the app compatibility of the Windows Server Core installation option by including a subset of binaries and components from Windows Server with the Desktop Experience, without adding the Windows Server Desktop Experience graphical environment itself.

Windows Defender ATP Exploit Guard is a new set of host-intrusion prevention capabilities. The four components of Windows Defender Exploit Guard (Attack Surface Reduction (ASR), Network protection, Controlled folder access, Exploit protection) are designed to lock down the device against a wide variety of attack vectors and block behaviors commonly used in malware attacks, while enabling you to balance security risk and productivity requirements.

Microsoft Windows Server 2019’s Security with Software Defined Networking (SDN) delivers many features to increase cutstomer confidence in running workloads, either on-premises, or as a service provider in the cloud.

Windows Server 2019 also has a new Storage Migration Service that makes it easier to migrate servers to a newer version of Windows Server. It provides a graphical tool that inventories data on servers, transfers the data and configuration to newer servers, and then optionally moves the identities of the old servers to the new servers so that apps and users don’t have to change anything.

Hyper-V virtual server provides one of the most stable platforms for virtual machines, and the multitude of tools available making cloning, clustering and failover available to support critical business needs. The time it takes to restore a cloned Microsoft Exchange Server in Hyper-V could be as little as 2 hours, compared to having to rebuild a physical server, reinstall Operating Systems and Exchange Server, setup accounts, and can easily take 6 to 8 hours and thousands of dollars. In Windows Server 2019, you can now add NIC on the fly without taking down the server.

Bay Area Systems have fully tested and deployed Hyper-V solutions to solve customers’ growing needs of testing new Operating Systems as well as program upgrades. It is much more convenient, and cost-effective, to use a virtual machine to test system integration, software upgrades, patches, and new installations before deploying into the production environment. Efficient resource sharing and distribution in Hyper-V also ensure a much better performance for individual virtual machines than purchasing separate physical units.

The combination of cutting-edge, professional services of Bay Area Systems and production proven virtual machine solutions provided by Microsoft’s Windows Server 2019 will serve to deliver energy saving, cost-effective, cutting-edge, fast and complete services to Bay Area Systems customers.

Since 2002,Bay Area Systems has provided cost-effective computer systems and network support and services to small businesses all around the San Francisco Bay Area. Bay Area Systems LLC has become a pioneer in providing customized technology solutions that are efficient, cost-effective, and improve bottom line of small businesses. Bay Area Systems’ business model is based on their passion to provide the best customer service experience in the industry, and building long-term business relationship with their customers.

Related:

  • No Related Posts

KB4487011 and KB4487006 fix unresponsive app issues

Microsoft recently released Windows 10 cumulative updates KB4487006, KB4487011, KB4487021, and KB4487029 addressing non-security bugs in the operating system. The company aims to enhance the reliability of the OS with bug fixes, stability enhancement and quality improvements.

KB4487011 improvement and fixes

KB4487011 offers four major improvements and fixes that we’ll list below:

1. IE Fails To Load Images Bug Fix

The update addressed the problems related to loading images having a backslash () in their relative source path. The issue was reported in the previous releases.

2. Microsoft Access Bug Fix

The Microsoft Access bug was responsible for randomly stopping those apps that are using Microsoft Jet database along with the Microsoft Access 95 file format. Just like the previous issue, this bug was also reported in KB4487044.

3. Application Not Responding Bug Fix

This issue was reported by the users that the issue arose when the same input queue is used by its two threads.

4. Device Compatability Issue Fix

This fix addresses a bug that existed in the evaluation of the compatibility status of the entire ecosystem of Windows. It is done to ensure device and application compatibility for all Windows updates.

KB4487011 Known Issues

As of now, Microsoft has not acknowledged any known issues in the update. The blog post will be updated if the tech giant confirms any potential bugs.

KB4487006 Improvement & Fixes

Apart from the device compatibility and issues and Microsoft Access bug fix, the update comes along with a series of bug fixes. Some of the major features are discussed below.

1. Remote Desktop Protocol (RDP) Client Bug

The release of KB4487006 resolved a major issue that existed in the previous build. The users got black screen at the login in the Remote Desktop Protocol (RDP) client application.

2. win32kfull.sys Reliability Issue

The update fixes a reliability issue with win32kfull.sys, that existed in the previous versions. The bug was initially introduced in KB4487026.

3. Microsoft Outlook “The operation failed” error

When a user tried to open the Microsoft Exchange Address Book, “The operation failed” used to appear. The issue was introduced after the installation of KB4457127 on Active Directory domain controllers.

KB4487006 Known Issues

1. Startup Issues in Specific Laptops

Specific Lenovo and Fujitsu laptops that currently have less than 8 GB RAM may face startup issues. The bug is created as a result of KB4467691installation.

One of the easiest ways to resolve the issue is restarting your machine with the help of Unified Extensible Firmware Interface (UEFI). Make sure to disable Secure Boot before restarting the device.

2. Cluster Service Start Fail

If the “Minimum Password Length” of the group policy uses more than 14 characters then the users can face cluster service start fail error. The following error message is displayed to the user “2245 (NERR_PasswordTooShort)”. The installation of KB4467684 triggers the error.

Microsoft is currently working to resolve the issue and the workaround is expected to be available in the coming weeks. Till now the company suggests the users to set the default minimum password length policy to equals to or less than 14 characters.

3. IE 11 Authentication Issues

Some authentication issues are reported in Internet Explorer 11 right after the installation of IE11. As soon as the same account is used by two or more users for various concurrent login sessions on the same Windows Server machine.

Microsoft recommends the users to create unique user accounts. Moreover, multiple RDP sessions should be disabled for each user account.

System Center Virtual Machine Manager (SCVMM) fails to manage the logical switches that have been deployed on the host that is managed by SCVMM. Also, a stop error is raised in vfpext.sysif you fail to follow the best practices.

A quick workaround is to access the affected host machine to run mofcomp files for running two mof files named as Scvmmswitchportsettings.mof and VMMDHCPSvr.mof. Microsoft recommends that users can avoid a stop error by following the best practices.

Download KB4487011/KB4487006 for Windows 10

The KB4487011/KB4487006 patch can be automatically downloaded through the Settings menu. If you have not yet received the update you need to open the Settings menu by pressing Win+I. Now you need to navigate to Update & Security >>Windows Update >> Check for updates.

You can enhance the consistency of the update process by installing the latest servicing stack update (SSU) just before installing the LCU KB4487011.

Microsoft has followed its tradition to specify third Tuesday of the month for the release of the non-security cumulative update. Although these updates are termed as non-security, it is yet not clear that either security components are included in the update or not. 

Comment down below if you have faced any pre and post-installation issues while installing KB4487011 and KB4487006.

Windows 10 updates KB4487029, KB4487021, KB4487011 and KB4487006 released

Microsoft released several cumulative updates for different Windows 10 versions on February 19, 2019. The cumulative updates KB4487029, KB4487021, KB4487011 and KB4487006 update Windows 10 version 1803, 1709, 1703 and 1607 but not the current version 1809.

Only the Enterprise editions of Windows 10 version 1607 and 1703 are supported. Home and Pro editions of these versions of Windows 10 are no longer supported; in other words: you need to upgrade the operating system to a supported version to receive continued support with updates.

Note: These are not security updates; they fix stability and other issues only. It is recommended that you back up your system before you install the updates or wait if you are not affected by any of the listed issues.

And Windows 10 version 1809? Microsoft pushes cumulative updates for the current version of Windows 10 to the Release Preview ring first before release. It is likely that an update will be released in the coming days / week.

KB4487029 for Windows 10 version 1803

KB4487029

Windows 10 version 1803 is the most used edition of Windows 10. Microsoft launched Windows 10 version 1809 last year but bugsforced the company to stop the distribution of the operating system for weeks.

The update increases the build of the operating system to 17134.619. The following changes are listed in the changelog:

  • Media Content can play e-learning content with USB adapter cables on Microsoft Edge.
  • Windows ActiveX content in iframes scrolls with other content in Internet Explorer 11.
  • Fixed an issue that caused Registry keys that are app-specific to be deleted after updates.
  • Time Zone information for Chile updated.
  • Fixed an audio compatibility issue of games with 3D Spatial Audio modes.
  • Fixed an issue that prevented users from pinning web links to Start or the Taskbar.
  • Fixed an issue that prevented the lockscreen image from updating.
  • Improved the performance of case-sensitive string comparison functions.
  • Fixed an compatibility status evaluating issue.
  • Improved the reliability of the UE-VAppmonitor.
  • Fixed a user hive updating issue.
  • Fixed an issue that allowed protected files (by Windows Information Protection) to be transferred using Bluetooth.
  • Fixed an issue with Internet Explorer proxy settings that caused the initial logon to stop responding.
  • Fixed an issue that prevented the deletion of wireless network profiles.
  • Addressed the cause for error “STOP 0x1A”.
  • Fixed a Timeline issue that caused File Explorer to stop working.
  • Fixed an issue that caused the Photos app to stop working when used from within the Mail app.
  • Fixed a PLMDebug.exe tool issue that caused the losing of debug sessions.
  • Improved AOVPN (Always On VPN) reconnect and disconnect functionality.
  • Further Japanese era name issue fixues.
  • Fixed an issue that caused Internet Explorer to skip loading images that have a backslash character in their relative source path.
  • Fixed an issue that caused applications that use Microsoft Jet Databases with Microsoft Access 95 formats to stop working.

You can download the update manually from the Microsoft Update Catalog website.

KB4487021 for Windows 10 version 1709

KB4487021

The update includes some of the fixes found in the update for Windows 10 version 1803 but not all of them. It does include some fixes that are not included in the update for version 1803.

The update increases the build to 16299.1004.

The changelog lists the following fixes and improvements:

  • Time Zone information for Chile updated.
  • Improved the performance of case-sensitive string comparison functions.
  • Fixed an compatibility status evaluating issue.
  • Improved the reliability of the UE-VAppmonitor.
  • Fixed a user hive updating issue.
  • New Group Policy called “Policy Details” that disconnects any wireless connections immediately when a wired connection is detected and “Minimize simultaneous connections” is configured.
  • Additional Japanese era date and format fixes.
  • Fixed the Internet Explorer not loading images with backslash characters in path issue.
  • Fixed an issue that caused applications that use Microsoft Jet Databases with Microsoft Access 95 formats to stop working.

You can download the update manually from the Microsoft Update Catalog website.

KB4487011 for Windows 10 version 1703

KB4487011

The update is only for Windows 10 Enterprise and Education editions. The update brings the build to version 15063.1659.

It includes the same updates as KB4487021 with the exception of the following exclusive additions:

  • Fixed an issue that caused programs to stop responding if its threads share the same input queue.
  • Addressed an issue with a rooted pointer to an item identifier list (PIDL) in File Explorer

The update is available on the Microsoft Update Catalog website as a manual download.

KB4487006 for Windows 10 version 1607 and Windows Server 2016

KB4487006

The update bring the version of the operating system to 14393.2828. It is only available to Enterprise and Education editions.

The changelog lists the following improvements:

  • Chile Time Zone information update.
  • Fixed an issue that caused Remote Desktop Protocol client applications to display a black screen on login.
  • Improved the performance of case-sensitive string comparison functions.
  • Fixed an compatibility status evaluating issue.
  • Improved the reliability of the UE-VAppmonitor.
  • Fixed a user name display issue in the Routing and Remote Access Service (RRAS) servers.
  • Addressed an issue that caused updates to a relying party trust to fail when using PowerShell or the Active Directory Federation Services (AD FS) management console.
  • Fixed an issue that caused “specific error message for external complexity password changes” to display.
  • Fixed an issue that caused Microsoft Outlook to throw the error “The Operation Failed” when viewing Microsoft Exchange address books.
  • Fixed an issue that prevented the enabling of Storage Maintenance Mode.
  • Fixed a server stop working error when handling a compound client request that includes a rename.
  • Fixed error 0x165 when pausing a node and taking it down for maintenance.
  • Fixed a cause for Stop 24 error on a virtual Remote Desktop Service server.
  • Fixed an issue with Japanese era names.
  • Fixed a reliability issue with win32kfull.sys.
  • Fixed the Internet Explorer not loading images with backslash characters in path issue.
  • Fixed the Microsoft Jet database access issue.

Microsoft lists three known issues, all known already:

  1. For hosts managed by System Center Virtual Machine Manager (SCVMM), SCVMM cannot enumerate and manage logical switches deployed on the host after installing the update.
  2. After installing KB4467691, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.
  3. After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.

The update can be downloaded manually from the Microsoft Update Catalog website.

Summary
Windows 10 updates KB4487029, KB4487021, KB4487011 and KB4487006 released
Article Name
Windows 10 updates KB4487029, KB4487021, KB4487011 and KB4487006 released
Description
Microsoft released several cumulative updates for different Windows 10 versions on February 19, 2019.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Advertisement

Related:

  • No Related Posts

Microsoft Windows Security Updates January 2019 overview

Welcome to the first Microsoft Windows Patch Day overview of 2019. Microsoft released security updates for all supported client and server versions of the Windows operating system and other company products such as Microsoft Office on January 8, 2019.

We publish a monthly overview shortly after Microsoft’s release on the second Tuesday of each month. The overview lists all released security updates with links to Microsoft Support articles, known issues, downloads, and other Patch Tuesday related information.

You can check out the December 2018 Patch Day overview here.

Note: As always, we recommend to back up the system before you install updates for Windows or any other program.

Microsoft Windows Security Updates January 2019

Click on the following link to download an Excel spreadsheet that includes data about all released security updates for Microsoft Windows versions and other Microsoft products. Just click on the following link to start the download: security-updates-microsoft-january-2019-windows.zip

Executive Summary

  • Microsoft released security updates for all client and server versions of Windows.
  • No critical vulnerabilities in Windows 8.1 and 7.
  • Microsoft released security updates for Microsoft Edge, Internet Explorer, Adobe Flash Player, .NET Framework, Microsoft Office, Microsoft Exchange Server, and Microsoft Visual Studio
  • Windows 10 version 1809 is in active distribution. Check out our guide on delaying feature updates for Windows 10 to avoid the installation.
  • The Update Catalog lists 187 updates for January 2019.

Operating System Distribution

  • Windows 7: 15 vulnerabilities of which 15 are rated important.
  • Windows 8.1: 18 vulnerabilities of which 18 are rated important.
  • Windows 10 version 1607: 23 vulnerabilities of which 1 is critical and 22 are important
  • Windows 10 version 1703: 24 vulnerabilities of which 1 is critical and 23 are important
  • Windows 10 version 1709: 24 vulnerabilities of which 1 is critical and 23 are important
  • Windows 10 version 1803: 26 vulnerabilities of which 3 are critical and 23 are important
  • Windows 10 version 1809: 25 vulnerabilities of which 2 are critical and 23 are important

Windows Server products

  • Windows Server 2008 R2: 15 vulnerabilities of which 15 are important.
  • Windows Server 2012 R2: 18 vulnerabilities of which 18 are important.
  • Windows Server 2016: 23 vulnerabilities of which 1 is critical and 22 are important.
  • Windows Server 2019: 25 vulnerabilities of which 2 are critical and 23 are important.

Other Microsoft Products

Windows Security Updates

All Windows versions:

Starting with the January 2019 security updates, PowerShell remote endpoints cannot be configured anymore to work with non-administrator accounts.

Attempts to use non-admin accounts throws the following error after installation of the updates:

“New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered. For more information, see the about_Remote_Troubleshooting Help topic.”

Windows 10 version 1809

KB4480116

Security updates to Microsoft Edge, Internet Explorer, Windows App Platform and Frameworks, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, Microsoft JET Database Engine, Windows Linux, Windows Virtualization, and the Microsoft Scripting Engine.

Windows 10 version 1803

Fixes a highly exploitable issue in Windows 10 version 1803; recommended to patch as early as possible. See Zero Day Initiative and Microsoft’s guidance on the vulnerability.

KB4480966

  • Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows Kernel, Windows Storage and Filesystems, Windows Virtualization, Windows Linux, Windows MSXML, and the Microsoft JET Database Engine .

Windows 10 version 1709

KB4480978

  • Fixes an issue with esentutl /p which caused the repair to result in a “mostly empty database” which is corrupt and cannot be mounted.
  • Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Virtualization, Windows Linux, and the Microsoft JET Database Engine.

Windows 10 version 1703

KB4480973

  • Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows Authentication, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Virtualization, Windows Linux, and Microsoft JET Database Engine

Windows 10 version 1607

KB4480961

  • Security updates to Internet Explorer, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows Kernel, Windows Hyper-V, Windows MSXML, and the Microsoft JET Database Engine.

Windows 8.1 and Windows Server 2012 R2

KB4480963 Monthly Rollup

  • Protection against Speculative Story Bypass CVE-2018-3639 for AMD-based computers
  • Security updates to Windows App Platform and Frameworks, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.

KB4480964 Security-only

  • Same as Monthly Rollup

Windows 7 SP1 and Windows Server 2008 R2 SP1

Note: The updates may introduce issues with network shares.

KB4480970 Monthly Rollup

  • Protection against Speculative Story Bypass CVE-2018-3639 for AMD-based computers
  • Security updates to Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.

KB4480960 — Security-only

  • Same as Monthly Rollup

Other security updates

KB4483235 — Windows 10 version 1809 and Windows Server 2019 — Security update for Internet Explorer

KB4483234 — Windows 10 version 1803 — Security update for Internet Explorer

KB4483232 — Windows 10 version 1709 — Security update for Internet Explorer

KB4483230 — Windows 10 version 1703 — Security update for Internet Explorer

KB4483229 — Windows 10 version 1607 and Windows Server 2016 — Security update for Internet Explorer

KB4483187 — Cumulative security update for Internet Explorer: December 19, 2018 — fixes a remote code execution vulnerability.

KB4480059 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4480051 — Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4480054 — Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4480055 — Security and Quality Rollup for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4480057 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4480058 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4480061 — Security and Quality Rollup for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4480062 — Security and Quality Rollup for .NET Framework 2.0, 3.0 for Windows Server 2008

KB4480063 — Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4480064 — Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4480070 — Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4480071 — Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4480072 — Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4480074 — Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4480075 — Security Only Update for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4480076 — Security Only Update for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4480077 — Security Only Update for .NET Framework 4 on WES09 and POSReady 2009

KB4480083 — Security Only Update for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4480084 — Security Only Update for .NET Framework 2.0, 3.0 for Windows Server 2008

KB4480085 — Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4480086 — Security Only Update for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4480957 — Security Only Quality Update for Windows Server 2008

KB4480968 — Security Monthly Quality Rollup for Windows Server 2008

KB4480965 — Cumulative Security Update for Internet Explorer

KB4480972 — Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4480975 — Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4480979 — Adobe Flash Player update

KB4481275 — Security Update for WES09 and POSReady 2009

KB4481480 — Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4481481 — Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4481482 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4481483 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4481484 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4481485 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4481486 — Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4481487 — Security Only Update for .NET Framework 2.0 for Windows Server 2008

KB4480056 — Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10

Notes

Known Issues

Windows 10 version 1809 — KB4480116

  • Third-party applications may have difficulty authentication hotspots.

Windows 10 version 1803 — KB4480966

  • Same as Windows 10 version 1709
  • Some users may not be able to pin web links to the Start Menu or Taskbar.
  • After installing KB4467682, the cluster service may fail with 2245 (NERR_PasswordTooShort) if the Minimum Password Length policy is set to a value greater than 14 characters.KB4480966.

Windows 10 version 1709 — KB4480978

Windows 10 version 1703 — KB4480973

  • Third-party applications may have difficulty authentication hotspots.
  • Instantiation of SqlConnection can throw an exception.

Windows 10 version 1607 — KB4480961

  • Same as Windows 10 version 1709
  • After installation of KB4467691, Windows may not start on “certain” Lenovo devices with less than 8 Gigabytes of RAM.
  • After installing KB4467684, the cluster service may fail with 2245 (NERR_PasswordTooShort) if the Minimum Password Length policy is set to a value greater than 14 characters.KB4480966.
  • After installation of the update on Windows Server 2016, Outlook instant searches may fail with “Outlook cannot perform the search”.
  • System Center Virtual Machine Manager (SCVMM) managed workloads are noticing infrastructure management issues after VMM refresh as the Windows Management Instrumentation (WMI) class around network port is being unregistered on Hyper-V hosts.

Windows 8.1 — KB4480963

  • Third-party applications may have difficulty authentication hotspots.

Windows 7 — KB4480116

  • Third-party applications may have difficulty authentication hotspots.

Security advisories and updates

ADV190001 | January 2019 Adobe Flash Update

Non-security related updates

KB4090007 — Windows 10 version 1709 — Intel Microcode updates around the following products (CPUs) have been revised

KB4091663 — Windows 10 version 1703 — Intel Microcode updates around the following products (CPUs) have been revised

KB4091664 — Windows 10 version 1607 — Intel Microcode updates around the following products (CPUs) have been revised

KB890830 — Windows Malicious Software Removal Tool

Microsoft Office Updates

Microsoft released non-security updates for Office in the first week of January 2019.

The list of security updates released in January 2019 for Office is available here.

How to download and install the January 2019 security updates

windows updates january 2019

Security updates are released via Windows Update for the majority of Home systems. All Home systems are set up to check for updates automatically and download these when discovered.

Administrators may run a manual check for updates to pick up the new releases early:

  • Activate the Start Menu, e.g. by tapping on the Windows-key.
  • Type Windows Update and select the tool from the list of results.
  • Activate “check for updates” to run the manual update check.

Windows updates may be downloaded directly using third-party tools, e.g. Windows Update Minitool or wumgr, or Microsoft’s Download Center. Links to the January 2019 cumulative updates are posted below.

Direct update downloads

Microsoft publishes all cumulative security updates and other updates on the Microsoft Update Catalog website. Direct download links are listed below.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4480970 — 2019-01 Security Monthly Quality Rollup for Windows 7
  • KB4480960 — 2019-01 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4480963 — 2019-01 Security Monthly Quality Rollup for Windows 8.1
  • KB4480964 — 2019-01 Security Only Quality Update for Windows 8.1

Windows 10 and Windows Server 2016 (version 1607)

  • KB4480961 — 2019-01 Cumulative Update for Windows 10 Version 1607

Windows 10 (version 1703)

  • KB4480973 — 2019-01 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  • KB4480978 — 2019-01 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4480966 — 2019-01 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4480116 — 2019-01 Cumulative Update for Windows 10 Version 1809

Additional resources

Summary
Microsoft Windows Security Updates January 2019 overview
Article Name
Microsoft Windows Security Updates January 2019 overview
Description
An overview of all Microsoft security updates released for all supported versions of Microsoft Windows and other company products on January 8, 2019.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Advertisement

Related:

  • No Related Posts

Techie was bigged up by boss… only to cause mass Microsoft Exchange outage

Who, Me? Welcome once more to Who, Me?, our weekly column in which readers confess to their worst IT cock-ups.

This time, we meet “Freddie”, who must have a good supply of luck on his side, as he managed to not only get away with his error, but win praise for fixing it.

At the time, Freddie was a busy man. He worked for a managed service provider as the supervisor for all technical support staff, was the company’s senior network engineer and its security specialist.

“As if wearing three hats wasn’t enough, due to a shortage in employees, I was also made the lead network administrator for one of our bigger clients,” Freddie told us.

“What that boiled down to was doing all of the work I normally do, but with the occasional system or network task, seated Monday through Friday in this customer’s network operations centre.”

One week, Freddie had to suffer through a cringe-inducing meeting in which his boss told the business manager and IT coordinator of the customer just how great he was.

Of course, with that sort of glowing endorsement, there was really only one thing for Freddie’s reputation to do: go downhill.

The blunder came a week later, when he was performing some maintenance on the customer’s Exchange environment.

“Conveniently for me, there was a de facto maintenance window every morning from 6:30am-7:00am,” he said. The maintenance he was carrying out wasn’t expected to cause any downtime, but he’d been asked to do it during this window anyway.

“I had just finished with five minutes to spare, but instead of hitting ‘sign-out’, I accidentally hit ‘shut-down’ on the primary server,” Freddie said.

Thinking that this wasn’t the worst thing in the world, Freddie hurriedly restarted the virtual machine.

“But, unbeknownst to me, my predecessor had incorrectly removed a server (or maybe servers) from the [database availability group],” Freddie said – which meant starting Exchange services took about 20 minutes.

UK actor Kayode Ewumi in character as clueless "know-it-all" "Roll Safe". Hood Documentary ( BBC Three)

Can’t get pranked by your team if nobody in the world can log on

READ MORE

Not long after the work day was supposed to start, Freddie was on the receiving end of a call from the same business manager.

“Everyone up here is getting a message that we can’t log in to our email,” the chap said. “Help!”

“Oh really?” Freddie, thinking on his feet, replied. “Let me take a look, and I’ll see if I can get that fixed… Give me maybe 10 minutes?”

Feeling a quiet confidence that his ruse was working, Freddie crossed his fingers and waited.

“Ten minutes later, Exchange was back online, and I called the business manager back, asking him to try it again.

“A moment later he replied, ‘Freddie! I don’t know what you did to fix it, but it’s working for everyone now! Great job!’”

Better yet, an hour or so later, Freddie’s boss at the managed service provider also called to praise his work.

“He’d received a call from the client telling him how quickly I was able to fix the issue,” Freddie said.

If this tale has reminded you of a time you took credit for fixing a fault you created, don’t keep quiet – tell Who, Me? and we might run your tale in the future.

And don’t forget, we’re on the hunt for spooky tales for a Halloween special of On Call, our column for tech support triumphs. ®

Related:

  • No Related Posts

Microsoft October 2018 Patch Tuesday Fixes 12 Critical Vulnerabilities

Patch Tuesday

Today is the October 2018 Patch Tuesday, which means a boatload of security updates are out for Microsoft products including Windows, Office, and Exchange Server. These updates fix known bugs and security vulnerabilities found within Microsoft’s products.

This article will cover the security updates released today as part of the October 2018 Patch Tuesday. These updates resolve 50 known vulnerabilities in Microsoft’s products, with 12 of them being labeled as critical.

For information about the non-security Windows updates, you can read about today’s Windows 10 KB4464330, KB4462919 and KB4462918 Cumulative Updates and the Microsoft Releases Windows 7 & 8.1 Cumulative Updates KB4462923 & KB4462926.

Critical Vulnerabilities fixed in the October 2018 Patch Tuesday updates

This Patch Tuesday fixes 12 Critical security vulnerabilities that when exploited could lead to code execution. These vulnerabilities are the most dangerous as if they are exploited could allow a remote attacker to execute commands on a vulnerable computer and essentially take full control.

CVE-2018-8473 – Microsoft Edge Memory Corruption Vulnerability is a remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user.

CVE-2018-8460 – Internet Explorer Memory Corruption Vulnerability is a remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8489 – Windows Hyper-V Remote Code Execution Vulnerability is a remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.

CVE-2018-8490 – Windows Hyper-V Remote Code Execution Vulnerability is a remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.

CVE-2018-8491 – Internet Explorer Memory Corruption Vulnerability is a remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8494 – MS XML Remote Code Execution Vulnerability is a remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system.

CVE-2018-8500 – Scripting Engine Memory Corruption Vulnerability is a remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8505 – Chakra Scripting Engine Memory Corruption Vulnerabilityis a remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8509 – Microsoft Edge Memory Corruption Vulnerability is a remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user.

CVE-2018-8510 – Chakra Scripting Engine Memory Corruption Vulnerability is a remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8511 – Chakra Scripting Engine Memory Corruption Vulnerability is a remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

CVE-2018-8513 – Chakra Scripting Engine Memory Corruption Vulnerability is a remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

The October 2018 Patch Tuesday Security Updates

Below is the full list of vulnerabilities resolved by the October 2018 Patch Tuesday updates. To access the full description of each vulnerability and the systems that it affects, you can view the full report here.

Tag CVE ID CVE Title
Azure CVE-2018-8531 Azure IoT Device Client SDK Memory Corruption Vulnerability
Device Guard CVE-2018-8492 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Internet Explorer CVE-2018-8460 Internet Explorer Memory Corruption Vulnerability
Internet Explorer CVE-2018-8491 Internet Explorer Memory Corruption Vulnerability
Microsoft Edge CVE-2018-8473 Microsoft Edge Memory Corruption Vulnerability
Microsoft Edge CVE-2018-8512 Microsoft Edge Security Feature Bypass Vulnerability
Microsoft Edge CVE-2018-8530 Microsoft Edge Security Feature Bypass Vulnerability
Microsoft Edge CVE-2018-8509 Microsoft Edge Memory Corruption Vulnerability
Microsoft Exchange Server CVE-2010-3190 MFC Insecure Library Loading Vulnerability
Microsoft Exchange Server CVE-2018-8448 Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server CVE-2018-8265 Microsoft Exchange Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2018-8486 DirectX Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2018-8484 DirectX Graphics Kernel Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2018-8453 Win32k Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2018-8472 Windows GDI Information Disclosure Vulnerability
Microsoft JET Database Engine CVE-2018-8423 Microsoft JET Database Engine Remote Code Execution Vulnerability
Microsoft Office ADV180026 Microsoft Office Defense in Depth Update
Microsoft Office CVE-2018-8501 Microsoft PowerPoint Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8427 Microsoft Graphics Components Information Disclosure Vulnerability
Microsoft Office CVE-2018-8504 Microsoft Word Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8502 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8432 Microsoft Graphics Components Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2018-8498 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office SharePoint CVE-2018-8480 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office SharePoint CVE-2018-8488 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office SharePoint CVE-2018-8518 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Scripting Engine CVE-2018-8511 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8500 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8505 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8503 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8510 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8513 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Windows CVE-2018-8411 NTFS Elevation of Privilege Vulnerability
Microsoft Windows CVE-2018-8333 Microsoft Filter Manager Elevation Of Privilege Vulnerability
Microsoft Windows CVE-2018-8493 Windows TCP/IP Information Disclosure Vulnerability
Microsoft Windows CVE-2018-8506 Microsoft Windows Codecs Library Information Disclosure Vulnerability
Microsoft Windows DNS CVE-2018-8320 Windows DNS Security Feature Bypass Vulnerability
Microsoft XML Core Services CVE-2018-8494 MS XML Remote Code Execution Vulnerability
SQL Server CVE-2018-8527 SQL Server Management Studio Information Disclosure Vulnerability
SQL Server CVE-2018-8532 SQL Server Management Studio Information Disclosure Vulnerability
SQL Server CVE-2018-8533 SQL Server Management Studio Information Disclosure Vulnerability
Windows – Linux CVE-2018-8329 Linux On Windows Elevation Of Privilege Vulnerability
Windows Hyper-V CVE-2018-8489 Windows Hyper-V Remote Code Execution Vulnerability
Windows Hyper-V CVE-2018-8490 Windows Hyper-V Remote Code Execution Vulnerability
Windows Kernel CVE-2018-8330 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2018-8497 Windows Kernel Elevation of Privilege Vulnerability
Windows Media Player CVE-2018-8482 Windows Media Player Information Disclosure Vulnerability
Windows Media Player CVE-2018-8481 Windows Media Player Information Disclosure Vulnerability
Windows Shell CVE-2018-8413 Windows Theme API Remote Code Execution Vulnerability
Windows Shell CVE-2018-8495 Windows Shell Remote Code Execution Vulnerability

Related:

Microsoft Windows Security Updates August 2018 release overview

Microsoft released security updates for Windows, Office, and other company products on the August 2018 Patch Tuesday (Update Tuesday).

Last month’s Patch Day was not the the smoothest of them all as it had issues that affected all supported versions of Windows. Microsoft released three cumulative updates for Windows 10, one designed solely to fix issues caused by another. The Windows 7 and Windows 8.1 updates had bugs, and the .Net Framework patches caused issues on some systems they were installed on.

We recommend to wait with the installation of the updates for at least a couple of days to monitor reports about issues. If you have to install the updates, make sure you back up the system before you do so.

The overview covers updates for client and server versions of Windows, Microsoft Office, and other company products. It links to security advisories and support pages, lists direct downloads, and other information that is important for home users and system administrators alike.

Microsoft Windows Security Updates August 2018

You can download an Excel spreadsheet that contains all security updates that Microsoft released today. Just click on the following link to download it: microsoft-windows-august-2018-updates.zip

Executive Summary

  • Microsoft released updates for all versions of Windows, Microsoft Edge, Internet Explorer Microsoft Office, and other company products including Visual Studio, .NET Framework, Microsoft SQL Server, Microsoft Exchange Server, and Adobe Flash Player.
  • All client and server versions of Windows are affected by critical vulnerabilities.
  • Microsoft does not provide a general overview of resolved security issues anymore on support pages.

Operating System Distribution

  • Windows 7: 15 vulnerabilities of which 3 are critical and 12 are important.
  • Windows 8.1: 12 vulnerabilities of which 2 are critical and 10 are important.
  • Windows 10 version 1607: 21 vulnerabilities of which 2 are critical and 17 are important.
  • Windows 10 version 1703: 21 vulnerabilities of which 3 are critical and 18 are important.
  • Windows 10 version 1709: 22 vulnerabilities of which 3 are critical and 19 are important.
  • Windows 10 version 1803: 21 vulnerabilities of which 3 are critical and 18 are important.

Windows Server products

  • Windows Server 2008 R2: 15 vulnerabilities of which 3 are critical and 12 are important.
  • Windows Server 2012 R2: 13 vulnerabilities of which 2 are critical and 10 are important.
  • Windows Server 2016: 20 vulnerabilities of which 2 are critical and 18 are important.

Other Microsoft Products

  • Internet Explorer 11: 11 vulnerabilities, 6 critical, 5 important
  • Microsoft Edge: 16 vulnerabilities, 10 critical, 5 important, 1 low

Windows Security Updates

KB4343909 — Windows 10 version 1803

  • Protection against a new speculative execution side-channel vulnerability known as L2 Terminal Fault affecting Intel Copre and Intel Xeon processors.
  • Fixed high CPU usage issue for AMD Family processors of the 15th and 16th generation after installing the June or July 2018 updates from Microsoft and microcode updates.
  • Fixed an issue that prevent apps from receiving mesh updates.
  • IE and Edge support the preload=”none” tag.
  • Fixed authentication issue for apps running on HoloLens.
  • Addressed a battery life issue that reduced battery significantly after the upgrade to version 1803.
  • Fixed Device Guard blocking some ieframe.dll class IDs after the May 2018 update.
  • Addressed a vulnerability related to Export-Modulemember() function.

KB4343897 — Windows 10 version 1709

  • Similar to Windows 10 version 1803.
  • Fixed copy adding additional spaces to content copied from IE.
  • Fixed AzureAD being displayed as the default domain after the July 24, 2018 updates.
  • Token Binding protocol draft updated to 0.16

KB4343885 — Windows 10 version 1703

  • Similar to Windows 10 version 1803.
  • Fixed a issue that caused Internet Explorer to stop working on some sites.

KB4343887 — Windows 10 version 1607 and Server 2016

  • Similar to Windows 10 version 1703.

KB4343898 — Windows 8.1 Monthly Rollup Update

  • Protections against L1 Terminal Fault as in the Windows 10 updates
  • Support for preload=”none” tag. Microsoft lists Edge but that is a copy/paste error.
  • Fixed device startup issue by installing KB3033055 released in September 2015 after installing any November 2017 or later update.

KB4343888 — Windows 8.1 Security-only

  • Protections against L1 Terminal Fault as in the Windows 10 updates

KB4343900 — Windows 7 SP1 Monthly Rollup Update

  • Protections against L1 Terminal Fault as in the Windows 10 updates
  • Fixed high cpu usage issue for some AMD processors after installing June or July 2018 updates and AMD microcode updates.
  • Protections against Lazy Floating Point (FP) State Restore for 32-bit versions.

KB4343899 — Windows 7 SP1 Security-only

  • Identical to KB4343900

KB4343205 — Cumulative Update for Internet Explorer

KB4338380 — Windows Server 2008 — An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory.

KB4340937 — Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009 — A remote code execution vulnerability exists in “Microsoft COM for Windows” when it fails to properly handle serialized objects.

KB4340939 — Windows Server 2008 — A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.

KB4341832 — Windows Server 2008 — L1TF variant vulnerabilities update.

KB4343674 — Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009 — fixes remote code execution vulnerability and information disclosure vulnerability in GDI.

KB4343902 — Security update for Adobe Flash Player

KB4344104 — Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009 — Remote code execution vulnerability in the Windows font library.

KB4344159 — Security Only Update for .NET Framework 4.0 on WES09 and POSReady 2009

KB4344180 — Security Only Update for .NET Framework 2.0 on WES09 and POSReady 2009

KB4345590 –Security and Quality Rollup for .NET Framework 3.5.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4345591 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4345592 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4345593 — Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

KB4345679 — Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4345680 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4345681 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4345682 — Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

Notes

The following CVEs have FAQs that offer additional information and may also list additional steps required to update.

Known Issues

Windows 10 version 1803

Windows 10 version 1703

  • Issues caused by the July 2018 Net Framework update — Microsoft is working on a solution.

Windows 10 version 1709

  • Localization issues for some languages that may display a few strings in English and not the local version.

Windows 7 SP1

  • Issue with third-party software related to missing oem<number>.inf file still exists.

Microsoft Exchange Server 2013

  • Some files are not properly update when the updates KB4340731 or KB4340733 are installed without elevated privileges. Outlook Web Access and Exchange Control Panel may stop working.

Security advisories and updates

ADV180017 — July 2018 Adobe Flash Security Update

ADV180018 — Microsoft Guidance to mitigate L1TF variant

ADV180020 — August 2018 Adobe Flash Security Update

ADV180021 | Microsoft Office Defense in Depth Update

Non-security related updates

KB4339284 — Time zone and DST changes in Windows for North Korea

KB4340689 — Dynamic Update for Windows 10 Version 1709

KB890830 — Windows Malicious Software Removal Tool – August 2018

KB4346877 — Update for Windows 10 version 1607 and Server 2016 — Fixes the .Net Framework update issues introduced by the July 2018 .Net updates.

KB4340917 — Update for Windows 10 version 1803 — See our coverage of KB4340917 here.

KB4338817 — Update for Windows 10 version 1709 — Lots of bug fixes.

KB4338827 — Update for Windows 10 version 1703 — Lots of bug fixes.

KB4338822 — Update for Windows 10 version 1607 and Server 2016 — Lots of bug fixes.

KB4345421 — Update for Windows 10 version 1803 — See our coverage of KB4345421 here.

KB4345420 — Update for Windows 10 version 1709 — attempts to fix issues caused by the July 2018 updates.

KB4345419 — Update for Windows 10 version 1703 — attempts to fix issues caused by the July 2018 updates.

KB4345418 — Update for Windows 10 version 1607 and Server 2016 — attempts to fix issues caused by the July 2018 updates.

Microsoft Office Updates

Check out our coverage of all released non-security updates for Office in August 2018 here.

Office 2016

KB4032233 — Security update for Office 2016 that patches an information disclosure vulnerability.

KB4032235 — Security update for Outlook 2016 detailed in ADV180021. Includes a number of improvements as well:

  • Restricts users from adding cloud files as attachments to digitally signed, rights-protected, or encrypted email messages.
  • Improves first, middle, and last names label translations in French.
  • Fixes a crash in third-party MAPI applications.
  • Adds various translations.
  • Outlook 2016 may start in offline mode even when you set it to start in online mode. (Fixed?)
  • Fixes accessibility issue with the Security Support Provider Interface authentication prompt.
  • Dynamic CRM functionality is blocked. See for help.

KB4032229 — Security update for Excel 2016 that resolves a remote code execution vulnerability. Also includes improvements:

  • Fixes hangs in Excel
  • Addresses high CPU usage when you unprotect workbookx in Protected View and edit them.
  • Fixes an Excel crash when you open a workbook with an XLL add-in to store and retrieve binary data.
  • German translation update for VLOOKUP function assistant help text.

Office 2013

KB4032239 — Resolves information disclosure vulnerability. Enables People Picker control in the Office Document Information Panel.

KB4032241 –Resolves various security vulnerabilities in Excel 2013.

KB4032240 — Fixes security issues in Outlook 2013. Includes the following improvements:

  • Same as KB4032235 for the most part.

Office 2010

KB3213636 — Fixes vulnerabilities in Microsoft Office 2010 – CVE-2018-8378.

KB4022198 — Fixes vulnerabilities in Microsoft Office 2010 – CVE-2018-8378.

KB4032223 — Excel 2010 update that addresses CVE-2018-8375, CVE-2018-8379 and CVE-2018-8382.

KB4018310 — PowerPoint 2010 security update that addresses CVE-2018-8376.

KB4032222 — Outlook 2010 security update. See ADV180021

Other Office products

KB4092433 — Word Viewer

KB4092434 — Word Viewer

KB4032213 — Excel Viewer 2007

KB4032212 — Microsoft Office Compatibility Pack Service Pack 3

KB4022195 – Microsoft Office Viewers and Office Compatibility Pack

Also: SharePoint Server 2016, 2013 and 2010.

How to download and install the August 2018 security updates

microsoft windows security updates august 2018

Most home PCs that run Windows use Windows Update for update checks, downloads, and installs. Organizations use Enterprise-specific update tools usually to download and deploy updates.

The Microsoft Update Catalog website offers a third-option to download and install updates.

Windows users who use Windows Update can run manual checks for updates to get updates installed immediately when they are released.

While it is recommended that you wait before you install updates, as updates may break things (and have numerous times in the past), you may do the following to install them when they are available:

  1. Tap on the Windows-key to display the Start menu.
  2. Type Windows Update and select the option.
  3. Select check for updates to install the updates.

Note: We recommend that you create a backup of the system partition and important data before you install Windows updates.

Direct update downloads

All cumulative updates for supported versions of Windows are also provided as direct downloads from Microsoft’s Download Center site.

Just click on the direct links below to do so.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4343900— 2018-08 Security Monthly Quality Rollup for Windows 7
  • KB4343899 — 2018-08 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4343898 — 2018-08 Security Monthly Quality Rollup for Windows 8.1
  • KB4343888 — 2018-08 Security Only Quality Update for Windows 8.1

Windows 10 and Windows Server 2016 (version 1607)

  • KB4343887 — 2018-08 Cumulative Update for Windows 10 Version 1607

Windows 10 (version 1703)

  • KB4343885 — 2018-08 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  • KB4343897 — 2018-08 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4343909 — 2018-08 Cumulative Update for Windows 10 Version 1709

Additional resources

Summary
Microsoft Windows Security Updates August 2018 release overview
Article Name
Microsoft Windows Security Updates August 2018 release overview
Description
Our overview of the Microsoft August 2018 Patch Day lists all updates released for Windows, Office, and other Microsoft products, and more.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo

HOW TO: Ways to fix Outlook error ‘cannot open your default email folders’

Microsoft Outlook may be the most widely used email service around the globe, but users have come to accept the good with the very bad. Yes, Outlook offers an extensive and exclusive range of features as well as its friendly user experience. But there’s the flip side: User forums are filled with anger over errors that seem to have zero solutions. For this article, we will examine and hopefully resolve perhaps the most common Outlook error: “cannot open your default email folders.” This Outlook error mostly appears when you are trying to open your Outlook profile. It generally happens because of a corrupted OST file or the execution of Outlook in compatibility mode.

Why OST file corruption happens

OST files are the files that allow users to use Outlook while they are offline. It is actually a synchronized copied element of the accounts saved on your device that enables you to continue to use Outlook even when the program gets disconnected from MS Exchange Server.

These files can become corrupted because of various reasons. Some of the reasons are:

  • Deletion of any file or folder removed from Exchange folder.
  • Intrusion of any malware or virus.
  • Disruption in the file synchronization process due to sudden or abnormal shutdown failure.
  • Some internal discrepancies in Outlook causing abnormal Outlook termination.
  • Creation of some bad sectors in the hard drive where the OST file is stored.
  • Failure of any networking device that might disrupt the synchronizing process of the OST file.
  • Any changes in the internal structures of the OST file.
  • Installed plugins sometimes may damage Outlook performance, thus causing damage to the OST file.

Fixing OST file corruption

Here’s some ways to begin fixing the problem:

  1. Remove those profiles that are not being used from the address “Control Panel > Mail > Show profiles.”
  2. Create another copy of OST file.
  3. Even if the error doesn’t get resolved, create another new profile from while using Outlook Profile Helper or manually.

Outlook error caused by running in compatibility mode

Outlook Error
You might have witnessed these errors:

Cannot open your default email folders. Information store could not be opened,”

or

“Cannot start Microsoft Outlook. Cannot open the Outlook window. The server is not available. Contact your administrator if this condition persists.”

or

“Cannot display the folder. File access is denied. You do not have the permission required to access the file C:Usersusernamelocalsettingsapplication datamicrosoftoutlookoutlook.ost”

If you have enabled compatibility mode mistakenly, just disable it. If you haven’t, do not enable it for Outlook. Users typically enable it when they are required to run the troubleshoot compatibility wizard. Also, compatibility mode is not required for any version of Outlook on Vista or Windows 7 or any other Windows OS. This mode is also not needed for any application that is supported on any Windows OS or for recently released applications.

The user can switch off compatibility mode in a 64-bit operating system by following these easy steps:

  • Switch to the mentioned address “C:Program Files (x86)Microsoft OfficeOffice XXOutlook.exe”
  • Right-click on exe and then follow up by clicking on Properties then Compatibility tab.
  • Uncheck the checkbox called “Run this program in compatibility mode” box, thereafter click Apply and OK.

And in case, you are unable to place the Compatibility tab, follow the following steps:

  • Click on Startand search for Program Compatibility Troubleshooter.
  • Start Program Compatibility Troubleshooter; select Next option to proceed.
  • Select Outlook XX from the appeared list of programs. Following the steps of the Program Compatibility Troubleshooter.
  • Switch to the mentioned address “C:Program Files (x86)Microsoft OfficeOffice XXOutlook.exe”
  • Right-click on exe and then follow up by clicking on Properties then Compatibility tab.
  • Uncheck the checkbox called “Run this program in compatibility mode” box, thereafter click Apply and OK.

If this issue is experienced over an Exchange email account that is configured on your Outlook, you can diagnose the error by trying the following steps:

  1. If your program is executing along with a running Windows Server and/or over a firewall, then disable the firewall and then connect it with the server directly without any firewall.
  2. If this Outlook error gets resolved, then you will be required to reconfigure your firewall to allow Exchange to sync.
  3. And if the Outlook error still persists even after disabling the firewall, create a new mail profile from Outlook. You will also need to reconfigure your account.

Featured image: Shutterstock

Post Views: 78

Read Next

Related:

  • No Related Posts

FIX: Outlook error when sharing calendar in Windows 10

Do you get the Outlook error when sharing calendar? If you have Office 365 or any other Microsoft Exchange email service, Outlook can be used on the web to share your calendar with others in and outside of your organization.

Depending on the permissions given, others can only view your calendar, edit, or act as your delegate for meeting requests.

The Outlook error when sharing calendar can happen due to configuration or permission issues. Some users have reported that removing current permissions besides the Default and Anonymous resolves the issue.

However, if the error persists, repair Office from Control Panel, and if it fails, download and run the Microsoft Office Configuration Analyzer tool 2.2, which analyzes Office programs for known configurations that can cause issues.

If you don’t have the option to share your calendar (maybe it is grayed out), it can also be because your network admin or IT support set a policy preventing calendar sharing among people in the office.

Fortunately, there are ways to fix the Outlook error when sharing calendar as listed below.

Outlook won’t share calendar, how do I fix that?

  1. General fixes
  2. Check Permission settings
  3. Check for Duplicate entries

1. General fixes

  • Update Office suite to the latest version by going to Outlook>FILE>Office Account>Update Options>Update Now
  • Do an online repair for the Office programs
  • Also, if you are using an Office 365 account in your Outlook 2016, you can try sharing the calendar in Outlook Web App (OWA).
  • Launch the Run command and paste exe /safe in the open box to start Outlook in Safe Mode
  • Uncheck Cash mode in Outlook
  • Download Microsoft Support and Recovery Assistant for Office 365 and see if it helps

— RELATED: Fix Outlook error ‘Too many recipients’ on Windows 10

2. Check Permission settings

  • Open Outlook and go to Calendar view
  • Right click the calendar you’re trying to share
  • Click Properties
  • Go to Permissions tab and remove users who are no longer at the office or who cannot access the calendar
  • Click Apply and close the window then try to share your calendar again

3. Check for Duplicate entries

The Outlook error when sharing calendar may be related to a duplicate entry in the Permission list of your calendar. To check for this, do the following:

  • Right click user’s calendar
  • Select Properties
  • Click Permissions tab
  • Go through the users’ list and check for a duplicate entry
  • If you find, remove it and restart Outlook again
  • Share your calendar
  • Remove all entries and return them again
  • Right click the calendar you want to share
  • Select Properties
  • Make a note of the entries and then remove all entries in the calendar permission list
  • Add them back

Were you able to resolve the Outlook error when sharing calendar? Let us know in the comments section below.

RELATED STORIES TO CHECK OUT:

Related:

  • No Related Posts