Microsoft Releases November 2019 Windows 10 Patch Which Fixes 74 Flaws

Windows Alternatives - Feature Image
  • The November Windows patch is out, and it comes with a large number of critical fixes.
  • All users are urged to update immediately, as the patch covers a wide range of software tools and products.
  • Some known minor issues accompany this update as always, but there are workarounds.

Microsoft has just released a pretty comprehensive patch for Windows 10, bringing 74 fixes, 13 of which address critical remote code execution (RCE) flaws. The software that is covered this time ranges from the OS core and the Edge browser to the Azure Stack, the Visual Studio, and the Exchange Server. All Windows 10 users will see the update on their settings menu, and everyone is advised to apply the patches as soon as possible, as they will help you stay safe and secure against a wide variety of threats.

More specifically, here are the most critical flaws that were fixed this time:

  • Hyper-V arbitrary code execution and failure to validate input from guest OSes (CVE-2019-0721, CVE-2019-1389, CVE-2019-1397, and CVE-2019-1398)
  • Microsoft Exchange RCE flaw (CVE-2019-1373)
  • SharePoint server information disclosure flaw (CVE-2019-1443)
  • Windows TCP/IP improper IPv6 packet handling (CVE-2019-1324)
  • Windows Graphics Device Interface information disclosure flaw (CVE-2019-1439)
  • Windows Graphics Component privilege elevation vulnerabilities (CVE-2019-1407 and CVE-2019-1433)
  • Microsoft Office for Mac inability to disable macros properly (CVE-2019-1457)
  • VBScript remote code execution vulnerability (CVE-2019-1390)
  • Microsoft Scripting Engine memory corruption flaws (CVE-2019-1426, CVE-2019-1427, CVE-2019-1428, and CVE-2019-1429)

The rest of the patches concern “important” level flaws, so they are also crucial in several use-case scenarios. For example, CVE-2019-1020 is a bypass vulnerability in the Windows secure boot process, allowing an attacker to load malicious software via a third-party bootloader. With the latest patch, this threat has been blocked.

Remember, if you’re using a security solution, it will get updated with new rules to cover the disclosed vulnerabilities. However, applying the OS updates should be an absolute priority in order to defend from any form of known exploitation methods. Moreover, Microsoft delivers Windows updates in a cumulative form, so you will also get other optimizations and improvements bundled with the security fixes.

Applying this update may cause a number of side-effects which Microsoft describes in their “known issues” section. For example, the Exchange Server may greet you with a “File failed to upload” error when trying to save files on a network location, and the exchange services may remain in a disabled state. OOBE (Out of Box Experience) may also be associated with problems creating a local user through IME (Input Method Editor). Finally, renaming files and folders on a CSV (Cluster Shared Volume) may fail with the following error: “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. For most of these, there are workarounds provided by Microsoft.

Are you applying these monthly patches immediately, or do you instead do it whenever you have the time? Let us know in the comments down below, or on our socials, on Facebook and Twitter.

Related:

  • No Related Posts

Microsoft Windows Security Updates November 2019 overview

It is the second Tuesday of November 2019 and that means that it is Microsoft Patch Day. Microsoft released security and non-security updates for its Windows operating system and other company products.

Our overview provides you with information on these updates: it starts with an executive summary and information about the number of released updates for all supported client and server versions of Windows as well as the Microsoft Edge (classic) and Internet Explorer web browsers.

What follows is information about the updates, all with links to support articles on Microsoft’s website, the list of known issues, direct download links to cumulative updates for Windows, and additional update related information.

Click here to open the October 2019 Patch Day overview.

Microsoft Windows Security Updates October 2019

Download the following Excel spreadsheet to your local system; it lists security updates that Microsoft released in November 2019: November 2019 Security Updates

Executive Summary

feature update windows 10 1909

  • Microsoft released security updates for all supported client and server versions of the Microsoft Windows operating system.
  • The following Microsoft products have received security updates as well: Internet Explorer, Microsoft Edge, Microsoft Office, Secure Boot, Microsoft Exchange Server, Visual Studio, Azure Stack.
  • The Windows 10 version 1909 features are included in the Windows 10 version 1903 update but not activated until “they are turned on using an enablement package, which is a small, quick-to-install “master switch” that simply activates the Windows 10, version 1909 features.” Microsoft released a blog post that details how to get the update. (basically, install regular 1903 update, then check for updates again and the 1909 update should be offered)
  • Windows 10 Home, Pro, Pro for Workstations and IoT Core, version 1803 have reached end of servicing. These editions won’t receive security updates or other updates after November 12, 2019.

Operating System Distribution

  • Windows 7: 35 vulnerabilities: 4 rated critical and 31 rated important
    • CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
    • CVE-2019-1441 | Win32k Graphics Remote Code Execution Vulnerability
  • Windows 8.1: 37 vulnerabilities: 3 rated critical and 34 rated important
    • Same as Windows 7 except for CVE-2019-1441 (not affected)
  • Windows 10 version 1803: 46 vulnerabilities: 5 critical and 41 important
    • CVE-2019-0721 | Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1398 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
  • Windows 10 version 1809: 46 vulnerabilities: 4 critical and 42 important
    • Same as Windows 10 version 1803 except for CVE-2019-1389 (not affected)
  • Windows 10 version 1903: 46 vulnerabilities: 2 critical and 28 important
    • Same as Windows 10 version 1809 plus
    • CVE-2019-1430 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Windows Server products

  • Windows Server 2008 R2: 35 vulnerabilities: 4 critical and 31 important.
    • CVE-2019-1441 | Win32k Graphics Remote Code Execution Vulnerability
    • CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
    • CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 37 vulnerabilities: 3 critical and 34 important.
    • same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected)
  • Windows Server 2016: 38 vulnerabilities: 2 critical and 20 important.
    • same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected)
  • Windows Server 2019: 46 vulnerabilities: 2 critical and 29 are important
    • same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected) plus
    • CVE-2019-0721 | Hyper-V Remote Code Execution Vulnerability

Other Microsoft Products

  • Internet Explorer 11: 2 vulnerabilities: 2 critical
  • Microsoft Edge: 4 vulnerabilities: 4 critical
    • CVE-2019-1413 | Microsoft Edge Security Feature Bypass Vulnerability
    • CVE-2019-1426 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1427 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1428 | Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

The security-only update resolves the following issues/makes the following changes:

  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates for various operating system components.

The monthly rollup update includes all of the updates of the security-only update plus:

  • Fixes an issue that prevented certain 16-bit Visual Basic 3 applications or other VB3 applications from running.
  • Fixes a temporary user profile issue when the policy “Delete cached copies of roaming profiles” is set.

Windows 8.1 and Server 2012 R2

The security-only update resolves the following issues/makes the following changes:

  • Same as Windows 7 SP1 and Windows Server 2008 R2.

The monthly rollup update includes all of the updates of the security-only update plus:

  • Same as Windows 7 SP1 and Windows Server 2008 R2 plus
  • Fixes an issue that prevented multiple Bluetooth Basic Rate devices from functioning properly after installing the August 2019 updates.
  • Fixes an issue that caused error 0x7E when connecting Bluetooth devices after installing the June 2019 updates.

Windows 10 version 1803

The cumulative update fixes the following issues / makes the following changes:

  • Fixes an issue that caused Windows Defender Application Control Code Integrity events to become unreadable.
  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates

Windows 10 version 1809

The cumulative update fixes the following issues / makes the following changes:

  • Fixes an issue that could cause the Microsoft Defender Advanced Threat Protection service to stop running or stop sending report data.
  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates

Windows 10 version 1903

The cumulative update lists changes for Windows 10 version 1903 and 1909. It appears that Microsoft included the changes of 1909 in the cumulative update but has not activated them at the time of writing.

  • Fixes an issue in the Keyboard Lockdown Subsystem that might not filter key input correctly.
  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates

Other security updates

  • Internet Explorer Cumulative Update: KB4525106
  • 2019-11 Security Monthly Quality Rollup for Windows Server 2008 (KB4525234)
  • 2019-11 Security Only Quality Update for Windows Server 2008 (KB4525239)
  • 2019-11 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB4525246)
  • 2019-11 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB4525253)
  • 2019-11 Cumulative Update for Windows Server, version 1909 and Windows 10 Version 1909 (KB4524570)
  • 2019-11 Cumulative Update for Windows 10 Version 1507 (KB4525232)
  • 2019-11 Cumulative Update for Windows Server 2016, and Windows 10 Version 1607 (KB4525236)
  • 2019-11 Cumulative Update for Windows 10 Version 1709 (KB4525241)
  • 2019-11 Cumulative Update for Windows 10 Version 1703 (KB4525245)
  • 2019-11 Servicing Stack Update for Windows Server 2016, and Windows 10 Version 1607 (KB4520724)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1507 (KB4523200)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1703 (KB4523201)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1709 (KB4523202)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1803, and Windows Server 2016 (KB4523203)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1809, and Windows Server 2019 (KB4523204)
  • 2019-11 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB4523206)
  • 2019-11 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012 (KB4523208)
  • 2019-11 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB4524445)
  • 2019-11 Servicing Stack Update for Windows Server, version 1909 and Windows 10 Version 1909 (KB4524569)
  • 2019-11 Servicing Stack Update for Windows Server 2008 (KB4526478)

Known Issues

Windows 8.1 and Windows Server 2012 R2

  • Certain operations may fail on Cluster Shared Volumes with the error code “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”

Windows 10 version 1803

  • Certain operations may fail on Cluster Shared Volumes with the error code “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”
  • May be unable to create a new local user during the Out of Box Experience when using Input Method Editor (IME) — Microsoft recommends setting the keyboard language to English during user creation or to use a Microsoft Account to complete the setup.

Windows 10 version 1809

  • Same as Windows 10 version 1803 plus
  • May receive error “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND” with some Asian language packs installed.

Windows 10 version 1903

  • May be unable to create a new local user during the Out of Box Experience when using Input Method Editor (IME) — Microsoft recommends setting the keyboard language to English during user creation or to use a Microsoft Account to complete the setup.

Security advisories and updates

ADV190024 | Microsoft Guidance for Vulnerability in Trusted Platform Module (TPM)

Non-security related updates

  • 2019-11 Dynamic Update for Windows 10 Version 1809 (KB4524761)
  • 2019-11 Dynamic Update for Windows 10 Version 1903 (KB4525043)
  • Windows Malicious Software Removal Tool – November 2019 (KB890830)

Microsoft Office Updates

You find Office update information here.

How to download and install the November 2019 security updates

windows updates security november 2019

Most home devices running Windows are configured to download and install security updates when they are released. Users who don’t want to wait for that to happen or have configured their systems to update manually only may run manual checks for updates or download the cumulative updates from Microsoft’s Update Catalog website.

The following needs to be done to check for updates manually:

  1. Open the Start Menu of the Windows operating system, type Windows Update and select the result.
  2. Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4525235 — 2019-11 Security Monthly Quality Rollup for Windows 7
  • KB4525233 — 2019-11 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4525243 — 2019-11 Security Monthly Quality Rollup for Windows 8.1
  • KB4525250 — 2019-11 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

  • KB4525237 — 2019-11 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4523205 — 2019-11 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4524570 — 2019-11 Cumulative Update for Windows 10 Version 1903

Additional resources

Summary
Microsoft Windows Security Updates November 2019 overview
Article Name
Microsoft Windows Security Updates November 2019 overview
Description
Microsoft released security and non-security updates for the Microsoft Windows operating system and other company products on November 12, 2019.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Ghacks Technology News
Advertisement

Related:

  • No Related Posts

Still see issues with Windows 10 Virus & Threat Protection showing “status unavailable”

I need a solution

Hello All,

We’re still seeing the issue described in this post:  https://www.symantec.com/connect/forums/windows-security-center-shows-status-unavailable-wsep-142?ts=1573500650

… but the post was marked as resolved and closed?

The issue:

Windows Defender Security Center – Virus & Threat Protection – Current Threats/Protection Settings/Protection Updates – all show “Status Unavailable”

Environment:

Windows 10 Enterprise – Version 10.0.17763  Build 17763

Symantec Endpoint Protection – Version 14.2.3335.1000 Build 3335

Suggestions?

0

Related:

  • No Related Posts

The connection to Microsoft Exchange is unavailable, Outlook must be online or connected

Microsoft Outlook, at times, is known to give an error saying — The action cannot be completed. The connection to Microsoft Exchange is unavailable, Outlook must be online or connected to complete this action. In this post, we will show how you can fix this problem and get back it to working as usual.

The connection to Microsoft Exchange is unavailable, Outlook must be online or connected to complete this action

The connection to Microsoft Exchange is unavailable, Outlook must be online or connected to complete this action

The connection to Microsoft Exchange is unavailable. Outlook must be online or connected to complete this action

There are two ways to fix tjis issue. First, create a new default profile. Second, Delete the default profile. Not many have multiple Outlook profiles is not always an option. So use the second method as follows:

  1. Delete Default Profile
  2. Create a New Outlook Profile
  3. Update or create your Outlook profile with RPC encryption
  4. Disable the encryption requirement on all CAS servers
  5. Deploy a Group Policy setting to update existing Outlook profiles with RPC encryption

The first, three can be configured by the end-user, while the last two are only for Servers.

1] Delete Default Profile

Change Default Outlook Profile Windows 10

  • Launch Outlook, and then click on Info > Account settings dropdown > Manage Profile
  • It will open the Mail Setup window. Click on Show Profiles button.
  • Delete the default profile by clicking on the Remove button.
  • Restart Outlook.

When you remove the profile, all offline cached content for its account will be removed. However, you can backup the OST profile to reuse it.

When you relaunch Outlook, you will have to create a new profile, and then go through the setup process again.

2] Create a New Outlook Profile

Create New Outlook Profile Windows 10

If you do not want to delete, you can create a new default profile. At the Mail Setup > Profiles section, you can click on the Add button, and then give a name to the profile. Next, you need to add the email accounts you want to add. Make sure to properly configure the email account, so the error doesn’t reappear. Also, make sure to set that as the default profile.

3] Update or create your Outlook profile with RPC encryption

create your Outlook profile with RPC encryption

Most of the users have all email accounts under one single profile. One of the email accounts may be having trouble with that is running Microsoft Exchange Server 2010, Microsoft Exchange Server 2013, or Microsoft Exchange Server 2016. These are usually corporate accounts that haven’t been configured properly.

  1. Launch Outlook, and then click on Info > Account settings dropdown > Manage Profile
  2. Click on E-mail Accounts > select the email which is configured with Exchange Server, and then click on Change > More Settings
  3. In the Microsoft Exchange window, switch to Security tab
  4. Select Encrypt data between Microsoft Office Outlook and Microsoft Exchange.
  5. Click Ok and exit

It should fix the issue if it were because of RPC encryption error.

4] Disable the encryption requirement on all CAS servers

This part is specifically for IT admins who can disable encryption requirements. Microsoft warns that it should be only used where you cannot immediately deploy the necessary RPC encryption settings on your Outlook clients. Run the following command in the Exchange Management Shell:

Set-RpcClientAccess –Server <Exchange server name> –EncryptionRequired:$False

You must run this cmdlet for all Client Access servers that are running Exchange Server 2010 or later version. Rerun this command for each Exchange server that has the Client Access Server role. Also, make sure to disable RPC encryption, which we talked about in the above step.

However, make sure to enable it back again after deployment with changes to the RPC requirement on the Outlook.

5] Deploy a Group Policy setting to update existing Outlook profiles with RPC encryption

Enable RPC Encryption Policy Settings

You can also change RPC settings on the server-side by using Group Policy. Navigate to User Configuration > Administrative Templates > Microsoft Office “Version number” > Account Settings > Exchange. Locate policy Enable RPC encryption and disable it.

We hope these methods helped you to resolve Outlook connected issues with Microsoft Exchange.

Session Recording Agent Install Fails with “Error 1920, Service 'Citrix Session Recording Agent' (CitrixSmAudAgent) failed to start. Verify that you have sufficient privileges to start services.”

When attempting to install the session recording agent, the installation fails with the following message:

Installer Information

Error 1920. Service ‘Citrix Session Recording Agent’ (CitrixSmAudAgent) failed to start. Verify that you have sufficient privileges to start services.

System Event Log shows that Session Recording Agent service failed to start because SessionRecordingDriver service is not installed.

Related:

  • No Related Posts

Windows Security Center shows “Status Unavailable” w/SEP 14.2

I need a solution

We’ve encountered an issue with SEP 14.2 RU1 MP1 (14.2.4814.1101) on Windows 10 1803 where Windows Defender Security Center shows “Status Unavailable” for both “Virus & Threat Protection” and “Firewall & Network Protection”. If I open SEP, everything looks good, as expected, and opening the Windows Defender Firewall control panel applet shows the “These settings are being managed by vendor application Symantec Endpoint Protection”, as expected.

I’ve tried to do some research on this before posting; TECH247987 doesn’t appear to apply in this situation, as that’s for an older version. TECH255344 says to check the SepWscSvc and SymELAM services; SepWscSvc is running without error, and SymELAM is enabled but stopped. If I manually start the SymELAM service, the status messages in WSC don’t change.

What’s weird is if I open WSC right after a reboot, it’ll display an indeterminate progress bar (the animated “line of dots” thing) under both Virus & threat protection and Firewall & network protection for about a minute or two, then for about 15 seconds Firewall will go green and say “No action needed” and Virus will show “Threat service has stopped. Restart it now”. After that, it reverts back to “Status unavailable”.

It shouldn’t matter that we have a password set for the SEP client, right? Anyone have any ideas?

0

Related:

  • No Related Posts

Microsoft Windows Security Updates September 2019 overview

It is September 10, 2019 and Microsoft has just released security and non-security updates for its Microsoft Windows operating system and other company products.

Our overview of the September 2019 Patch Day provides system administrators and home users with information on the released updates. It features some stats at the beginning, provides links to all support articles and direct download options, lists known issues and security advisories, and provides other relevant information.

Check out the August 2019 update overview in case you missed it.

Microsoft Windows Security Updates September 2019

Here is a handy Excel spreadsheet that lists all released security updates for Microsoft products in September 2019. Please download it with a click on the following link: Microsoft Windows Security Updates September 2019

Executive Summary

  • Microsoft released security updates for all client and server versions of the Windows operating system that it supports.
  • The following non-Windows products had security updates released as well: Internet Explorer, Microsoft Edge, Microsoft Office, Adobe Flash Player, Microsoft Lync, Visual Studio, .NET Framework, Microsoft Exchange Server, Microsoft Yammer, .NET Core, ASP.NET, Team Foundation Server, Project Rome.
  • Microsoft fixed the high CPU usage issue from SearchUI.exe in Windows 10 1903.
  • The Microsoft Update Catalog website lists 215 updates.

Operating System Distribution

  • Windows 7: 32 vulnerabilities: 4 rated critical and 28 rated important
    • CVE-2019-0787 | Remote Desktop Client Remote Code Execution Vulnerability
    • CVE-2019-1280 | LNK Remote Code Execution Vulnerability
    • CVE-2019-1290 | Remote Desktop Client Remote Code Execution Vulnerability
    • CVE-2019-1291 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows 8.1: 33 vulnerabilities: 5 rated critical and 28 rated important
    • same as Windows 7 plus
    • CVE-2019-0788 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows 10 version 1803: 46 vulnerabilities: 5 critical and 41 important
    • same as Windows 8.1
  • Windows 10 version 1809: 45 vulnerabilities: 5 critical and 40 important
    • same as Windows 8.1
  • Windows 10 version 1903: 45 vulnerabilities: 5 critical and 40 important.
    • same as Windows 8.1

Windows Server products

  • Windows Server 2008 R2: 31 vulnerabilities: 3 critical and 28 important.
    • CVE-2019-1280 | LNK Remote Code Execution Vulnerability
    • CVE-2019-1290 | Remote Desktop Client Remote Code Execution Vulnerability
    • CVE-2019-1291 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 31 vulnerabilities: 3 critical and 28 important.
    • same as Windows Server 2008 R2.
  • Windows Server 2016: 39 vulnerabilities: 3 critical and 36 important
    • same as Windows Server 2008 R2.
  • Windows Server 2019: 43 vulnerabilities: 3 critical and 40 are important.
    • same as Windows Server 2008 R2.

Other Microsoft Products

  • Internet Explorer 11: 4 vulnerabilities: 3 critical, 1 important
  • Microsoft Edge: 7 vulnerabilities: 5 critical, 2 important
    • CVE-2019-1138 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1217 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1237 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1298 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1300 | Chakra Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2 SP1

Monthly Rollup: KB4516065

Security Only: KB4516033

  • Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 32-Bit (x86) versions of Windows
  • Security Updates

Windows 8.1 and Windows Server 2012 R2

Monthly Rollup: KB4516067

Security Only: KB4516064

  • Same as Windows 7 and Server 2008 R2

Windows 10 version 1803

Cumulative Update: KB4516058

  • Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 32-Bit (x86) versions of Windows.
  • Security updates.

Windows 10 version 1809 and Windows Server 1809

Cumulative Update: KB4512578

  • Same as Windows 10 version 1803.

Windows 10 version 1903 and Windows Server version 1903

Cumulative update: KB4515384

  • Same as Windows version 1803 plus
  • Fixed the high CPU usage issue caused by SearchUI.exe.

Windows 10 version 1903 and Windows Server 1903

Other security updates

KB4516046 — Cumulative security update for Internet Explorer: September 10, 2019

KB4474419 — SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: August 13, 2019

KB4516655 — 2019-09 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB45171342019-09 Servicing Stack Update for Windows Server 2008

KB4512938 — 2019-09 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4512939 — 2019-09 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012

KB4511839 — 2019-09 Servicing Stack Update for Windows 10 Version 1703

KB4512573 — 2019-09 Servicing Stack Update for Windows 10 Version 1507

KB4512575 — 2019-09 Servicing Stack Update for Windows 10 Version 1709

KB4512576 — 2019-09 Servicing Stack Update for Windows Server Version 1803 and Windows 10 Version 1803

KB4512577 — 2019-09 Servicing Stack Update for Windows 10 Version 1809 and Windows Server 2019

KB4515383 — 2019-09 Servicing Stack Update for Windows 10 Version 1903

KB4512574 — 2019-09 Servicing Stack Update for Windows Server 1903 RTM, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows Server Version 1803, Windows 10 Version 1803, Windows Server 2016, Windows Server Version 1709, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10

Server / Embedded

KB4516026 — 2019-09 Security Monthly Quality Rollup for Windows Server 2008

KB4516051 — 2019-09 Security Only Quality Update for Windows Server 2008

KB4516055 –2019-09 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4516062 — 2019-09 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

Microsoft .NET

KB4514330 — Security Only Update for .NET Framework 4.8 for Windows Server 2012

KB4514331 — Security Only Update for .NET Framework 4.8 for Windows 8.1 and Server 2012 R2

KB4514337

KB4514338 — Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2

KB4514341 — Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Server 2012 R2

KB4514342 — Security Only Update for .NET Framework 4.5.2 for Windows Server 2012

KB4514349 — Security Only Update for .NET Framework 3.5 for Windows Server 2012

KB4514350 — Security Only Update for .NET Framework 3.5 for Windows 8.1 and Server 2012 R2

KB4514360 — Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012

KB4514361 — Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514363 — Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012

KB4514364 — Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514367 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514368 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows Server 2012

KB4514370 — Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012

KB4514371 — Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Server 2012 R2

KB4514598 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012

KB4514599 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Server 2012 R2

KB4514602 — Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Server 2008 R2 SP1

KB4514603 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012

KB4514604 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514605 — Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2

KB4514354 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607

KB4514355 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703

KB4514356 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1709

KB4514357 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803 and Windows Server 2016

KB4514358 — 2019-09 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1809

KB4514359 — 2019-09 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1903

KB4514366 — 2019-09 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809

KB4514601 — 2019-09 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809

Known Issues

Windows 7 SP1 and Windows Server 2008 R2 (monthly rollup only)

  • VBScript may not be disabled in Internet Explorer even though it should be

Windows 8.1 and Windows Server 2008 R2

  • Certain operations may fail on Cluster Shared Volumes

Windows 10 version 1803

  • Operations may fail on Cluster Shared Volumes.
  • Black screen during first logon after update installation issue

Windows 10 version 1809

  • Same as Windows 10 version 1803 plus
  • Error on some devices with certain Asian language packs installed: 0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.
  • Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries

Security advisories and updates

ADV990001 | Latest Servicing Stack Updates

ADV190022 | September 2019 Adobe Flash Security Update

Non-security related updates

Microsoft Office Updates

You find Office update information here.

How to download and install the September 2019 security updates

windows updates september 2019 microsoft

Most home systems receive updates automatically especially when they run Windows 10. Updates are not pushed in real-time to devices running Windows. Some administrators prefer to install security updates the moment they are released, others to wait to make sure that the updates don’t introduce any issues on the system.

Note: it is recommended that you back up the system partition before you install updates. Use programs like Paragon Backup & Recovery Free or Macrium Reflect for that.

Admins may check for updates manually to retrieve the released updates right away. Here is how that is done:

  • Open the Start Menu of the Windows operating system, type Windows Update and select the result.
  • Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Updates may also be downloaded from the Microsoft Update Catalog website.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4516065 — 2019-09 Security Monthly Quality Rollup for Windows 7
  • KB4516033 — 2019-09 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4516067 — 2019-09 Security Monthly Quality Rollup for Windows 8.1
  • KB4516064 — 2019-09 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

  • KB4516058 — 2019-09 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4512578 — 2019-09 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4515384 — 2019-09 Cumulative Update for Windows 10 Version 1903

Additional resources

Summary
Microsoft Windows Security Updates September 2019 overview
Article Name
Microsoft Windows Security Updates September 2019 overview
Description
It is September 10, 2019 and Microsoft has just released security and non-security updates for its Microsoft Windows operating system and other company products.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Ghacks Technology News
Advertisement

Related:

  • No Related Posts