Patch Tuesday, November 2019 Edition

Microsoft today released updates to plug security holes in its software, including patches to fix at least 74 weaknesses in various flavors of Windows and programs that run on top of it. The November updates include patches for a zero-day flaw in Internet Explorer that is currently being exploited in the wild, as well as a sneaky bug in certain versions of Office for Mac that bypasses security protections and was detailed publicly prior to today’s patches.

More than a dozen of the flaws tackled in this month’s release are rated “critical,” meaning they involve weaknesses that could be exploited to install malware without any action on the part of the user, except for perhaps browsing to a hacked or malicious Web site or opening a booby-trapped file attachment.

Perhaps the most concerning of those critical holes is a zero-day flaw in Internet Exploder Explorer (CVE-2019-1429) that has already seen active exploitation. Today’s updates also address two other critical vulnerabilities in the same Windows component that handles various scripting languages.

Microsoft also fixed a flaw in Microsoft Office for Mac (CVE-2019-1457) that could allow attackers to bypass security protections in some versions of the program that could let malicious macros through.

Macros are bits of computer code that can be embedded into Office files, and malicious macros are frequently used by malware purveyors to compromise Windows systems. Usually, this takes the form of a prompt urging the user to “enable macros” once they’ve opened a booby-trapped Office document delivered via email. Thus, Office has a feature called “disable all macros without notification.”

But Microsoft says all versions of Office still support an older type of macros that do not respect this setting, and can be used as a vector for pushing malware. Will Dornan of CERT/CC reports that while Office 2016 and 2019 for Mac will still prompt the user before executing these older macro types, Office for Mac 2011 fails to warn users before opening them.

Other Windows applications or components receiving patches for critical flaws today include Microsoft Exchange and Windows Media Player. In addition, Microsoft also patched nine vulnerabilities — five of them critical — in the Windows Hyper-V, an add-on to the Windows Server OS (and Windows 10 Pro) that allows users to create and run virtual machines (other “guest” operating systems) from within Windows.

Although Adobe typically issues patches for its Flash Player browser component on Patch Tuesday, this is the second month in a row that Adobe has not released any security updates for Flash. However, Adobe today did push security fixes for a variety of its creative software suites, including Animate, Illustrator, Media Encoder and Bridge. Also, I neglected to note last month that Adobe released a critical update for Acrobat/Reader that addressed at least 67 bugs, so if you’ve got either of these products installed, please be sure they’re patched and up to date.

Finally, Google recently fixed a zero-day flaw in its Chrome Web browser (CVE-2019-13720). If you use Chrome and see an upward-facing arrow to the right of the address bar, you have an update pending; fully closing and restarting the browser should install any available updates.

Now seems like a good time to remind all you Windows 7 end users that Microsoft will cease shipping security updates after January 2020 (this end-of-life also affects Windows Server 2008 and 2008 R2). While businesses and other volume-license purchasers will have the option to pay for further fixes after that point, all other Windows 7 users who want to stick with Windows will need to consider migrating to Windows 10 soon.

Standard heads-up: Windows 10 likes to install patches all in one go and reboot your computer on its own schedule. Microsoft doesn’t make it easy for Windows 10 users to change this setting, but it is possible. For all other Windows OS users, if you’d rather be alerted to new updates when they’re available so you can choose when to install them, there’s a setting for that in Windows Update. To get there, click the Windows key on your keyboard and type “windows update” into the box that pops up.

Keep in mind that while staying up-to-date on Windows patches is a good idea, it’s important to make sure you’re updating only after you’ve backed up your important data and files. A reliable backup means you’re probably not freaking out when the odd buggy patch causes problems booting the system. So do yourself a favor and backup your files before installing any patches.

As ever, if you experience glitches or problems installing any of these patches this month, please feel free to leave a comment about it below; there’s a decent chance other readers have experienced the same and may even chime in here with some helpful tips.

Tags: adobe, CVE-2019-1429, CVE-2019-1457, Internet Explorer zero-day, macros, microsoft, Office for Mac, Windows 7 end-of-life

This entry was posted on Tuesday, November 12th, 2019 at 5:04 pm and is filed under Time to Patch. You can follow any comments to this entry through the RSS 2.0 feed. You can skip to the end and leave a comment. Pinging is currently not allowed.

Related:

  • No Related Posts

Microsoft Windows Security Updates November 2019 overview

It is the second Tuesday of November 2019 and that means that it is Microsoft Patch Day. Microsoft released security and non-security updates for its Windows operating system and other company products.

Our overview provides you with information on these updates: it starts with an executive summary and information about the number of released updates for all supported client and server versions of Windows as well as the Microsoft Edge (classic) and Internet Explorer web browsers.

What follows is information about the updates, all with links to support articles on Microsoft’s website, the list of known issues, direct download links to cumulative updates for Windows, and additional update related information.

Click here to open the October 2019 Patch Day overview.

Microsoft Windows Security Updates October 2019

Download the following Excel spreadsheet to your local system; it lists security updates that Microsoft released in November 2019: November 2019 Security Updates

Executive Summary

feature update windows 10 1909

  • Microsoft released security updates for all supported client and server versions of the Microsoft Windows operating system.
  • The following Microsoft products have received security updates as well: Internet Explorer, Microsoft Edge, Microsoft Office, Secure Boot, Microsoft Exchange Server, Visual Studio, Azure Stack.
  • The Windows 10 version 1909 features are included in the Windows 10 version 1903 update but not activated until “they are turned on using an enablement package, which is a small, quick-to-install “master switch” that simply activates the Windows 10, version 1909 features.” Microsoft released a blog post that details how to get the update. (basically, install regular 1903 update, then check for updates again and the 1909 update should be offered)
  • Windows 10 Home, Pro, Pro for Workstations and IoT Core, version 1803 have reached end of servicing. These editions won’t receive security updates or other updates after November 12, 2019.

Operating System Distribution

  • Windows 7: 35 vulnerabilities: 4 rated critical and 31 rated important
    • CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
    • CVE-2019-1441 | Win32k Graphics Remote Code Execution Vulnerability
  • Windows 8.1: 37 vulnerabilities: 3 rated critical and 34 rated important
    • Same as Windows 7 except for CVE-2019-1441 (not affected)
  • Windows 10 version 1803: 46 vulnerabilities: 5 critical and 41 important
    • CVE-2019-0721 | Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1398 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
  • Windows 10 version 1809: 46 vulnerabilities: 4 critical and 42 important
    • Same as Windows 10 version 1803 except for CVE-2019-1389 (not affected)
  • Windows 10 version 1903: 46 vulnerabilities: 2 critical and 28 important
    • Same as Windows 10 version 1809 plus
    • CVE-2019-1430 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Windows Server products

  • Windows Server 2008 R2: 35 vulnerabilities: 4 critical and 31 important.
    • CVE-2019-1441 | Win32k Graphics Remote Code Execution Vulnerability
    • CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
    • CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 37 vulnerabilities: 3 critical and 34 important.
    • same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected)
  • Windows Server 2016: 38 vulnerabilities: 2 critical and 20 important.
    • same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected)
  • Windows Server 2019: 46 vulnerabilities: 2 critical and 29 are important
    • same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected) plus
    • CVE-2019-0721 | Hyper-V Remote Code Execution Vulnerability

Other Microsoft Products

  • Internet Explorer 11: 2 vulnerabilities: 2 critical
  • Microsoft Edge: 4 vulnerabilities: 4 critical
    • CVE-2019-1413 | Microsoft Edge Security Feature Bypass Vulnerability
    • CVE-2019-1426 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1427 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1428 | Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

The security-only update resolves the following issues/makes the following changes:

  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates for various operating system components.

The monthly rollup update includes all of the updates of the security-only update plus:

  • Fixes an issue that prevented certain 16-bit Visual Basic 3 applications or other VB3 applications from running.
  • Fixes a temporary user profile issue when the policy “Delete cached copies of roaming profiles” is set.

Windows 8.1 and Server 2012 R2

The security-only update resolves the following issues/makes the following changes:

  • Same as Windows 7 SP1 and Windows Server 2008 R2.

The monthly rollup update includes all of the updates of the security-only update plus:

  • Same as Windows 7 SP1 and Windows Server 2008 R2 plus
  • Fixes an issue that prevented multiple Bluetooth Basic Rate devices from functioning properly after installing the August 2019 updates.
  • Fixes an issue that caused error 0x7E when connecting Bluetooth devices after installing the June 2019 updates.

Windows 10 version 1803

The cumulative update fixes the following issues / makes the following changes:

  • Fixes an issue that caused Windows Defender Application Control Code Integrity events to become unreadable.
  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates

Windows 10 version 1809

The cumulative update fixes the following issues / makes the following changes:

  • Fixes an issue that could cause the Microsoft Defender Advanced Threat Protection service to stop running or stop sending report data.
  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates

Windows 10 version 1903

The cumulative update lists changes for Windows 10 version 1903 and 1909. It appears that Microsoft included the changes of 1909 in the cumulative update but has not activated them at the time of writing.

  • Fixes an issue in the Keyboard Lockdown Subsystem that might not filter key input correctly.
  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates

Other security updates

  • Internet Explorer Cumulative Update: KB4525106
  • 2019-11 Security Monthly Quality Rollup for Windows Server 2008 (KB4525234)
  • 2019-11 Security Only Quality Update for Windows Server 2008 (KB4525239)
  • 2019-11 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB4525246)
  • 2019-11 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB4525253)
  • 2019-11 Cumulative Update for Windows Server, version 1909 and Windows 10 Version 1909 (KB4524570)
  • 2019-11 Cumulative Update for Windows 10 Version 1507 (KB4525232)
  • 2019-11 Cumulative Update for Windows Server 2016, and Windows 10 Version 1607 (KB4525236)
  • 2019-11 Cumulative Update for Windows 10 Version 1709 (KB4525241)
  • 2019-11 Cumulative Update for Windows 10 Version 1703 (KB4525245)
  • 2019-11 Servicing Stack Update for Windows Server 2016, and Windows 10 Version 1607 (KB4520724)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1507 (KB4523200)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1703 (KB4523201)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1709 (KB4523202)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1803, and Windows Server 2016 (KB4523203)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1809, and Windows Server 2019 (KB4523204)
  • 2019-11 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB4523206)
  • 2019-11 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012 (KB4523208)
  • 2019-11 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB4524445)
  • 2019-11 Servicing Stack Update for Windows Server, version 1909 and Windows 10 Version 1909 (KB4524569)
  • 2019-11 Servicing Stack Update for Windows Server 2008 (KB4526478)

Known Issues

Windows 8.1 and Windows Server 2012 R2

  • Certain operations may fail on Cluster Shared Volumes with the error code “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”

Windows 10 version 1803

  • Certain operations may fail on Cluster Shared Volumes with the error code “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”
  • May be unable to create a new local user during the Out of Box Experience when using Input Method Editor (IME) — Microsoft recommends setting the keyboard language to English during user creation or to use a Microsoft Account to complete the setup.

Windows 10 version 1809

  • Same as Windows 10 version 1803 plus
  • May receive error “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND” with some Asian language packs installed.

Windows 10 version 1903

  • May be unable to create a new local user during the Out of Box Experience when using Input Method Editor (IME) — Microsoft recommends setting the keyboard language to English during user creation or to use a Microsoft Account to complete the setup.

Security advisories and updates

ADV190024 | Microsoft Guidance for Vulnerability in Trusted Platform Module (TPM)

Non-security related updates

  • 2019-11 Dynamic Update for Windows 10 Version 1809 (KB4524761)
  • 2019-11 Dynamic Update for Windows 10 Version 1903 (KB4525043)
  • Windows Malicious Software Removal Tool – November 2019 (KB890830)

Microsoft Office Updates

You find Office update information here.

How to download and install the November 2019 security updates

windows updates security november 2019

Most home devices running Windows are configured to download and install security updates when they are released. Users who don’t want to wait for that to happen or have configured their systems to update manually only may run manual checks for updates or download the cumulative updates from Microsoft’s Update Catalog website.

The following needs to be done to check for updates manually:

  1. Open the Start Menu of the Windows operating system, type Windows Update and select the result.
  2. Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4525235 — 2019-11 Security Monthly Quality Rollup for Windows 7
  • KB4525233 — 2019-11 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4525243 — 2019-11 Security Monthly Quality Rollup for Windows 8.1
  • KB4525250 — 2019-11 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

  • KB4525237 — 2019-11 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4523205 — 2019-11 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4524570 — 2019-11 Cumulative Update for Windows 10 Version 1903

Additional resources

Summary
Microsoft Windows Security Updates November 2019 overview
Article Name
Microsoft Windows Security Updates November 2019 overview
Description
Microsoft released security and non-security updates for the Microsoft Windows operating system and other company products on November 12, 2019.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Ghacks Technology News
Advertisement

Related:

  • No Related Posts

Tech Q&A: Here’s how to upgrade a Mac to Windows 10

There’s only one catch. Beginning with the new version of Windows 10 that Microsoft released in May, Mac users discovered that older versions of VMware Fusion couldn’t handle the Windows upgrade. They had to upgrade to Fusion version 11.1 to get that capability. (VMware now offers an even newer upgrade to Fusion, version 11.5, for $50. See tinyurl.com/y6nzaaa8). The website also lists the Mac requirements for using Fusion 11.5, which include using macOS 10.13 (High Sierra), 10.14 (Mojave) or 10.15 (Catalina).

Related:

  • No Related Posts

Microsoft bolsters Azure Blockchain with managed tokenization service and updates

Microsoft added a smattering of updates to its blockchain offerings at Ignite 2019 as it works on “democratizing complex technologies and empowering anyone with an idea to build software,” according to its release materials. The announcements include new Azure Blockchain Service features and the preview of Azure Blockchain Tokens.

In May, Microsoft planted a big flag in the blockchain world with the launch of the fully managed Azure Blockchain Service. A little over a month later, the company joined the Hyperledger blockchain community. Both of those announcements were preceded by Azure Blockchain Workbench and Azure Blockchain Development Kit.

Although Microsoft already has a customer base for its blockchain technologies (including itself), the company is gradually adding key components of the stack, as evidenced by the aforementioned rollout that led to Azure Blockchain Service. The next component is Azure Blockchain Tokens.

“Tokenization is the mechanism that allows enterprises to take advantage of blockchain,” Microsoft explains in its release materials. Tokens are important to blockchain because they can represent almost anything, from digital rights to physical goods.

Developers can now use Azure Blockchain Tokens to tokenize, manage, and share these sorts of assets on multiple blockchain platforms, including Ethereum. They can create their own tokens using common token templates or Token Taxonomy Initiative (TTI) standards and open Microsoft APIs.

Using Visual Studio Code, developers can also integrate OpenZeppelin for smart contracts, as well as Infura in the Azure Blockchain Development Kit for Ethereum.

Microsoft did not ignore Azure Blockchain Service, rolling out several enhancements, including:

  • Azure Blockchain Data Manager in preview: enables the capture, transformation, and delivery of data to off-chain data stores, like Azure SQL DB or Azure Cosmos DB
  • Managed Corda Enterprise support for increased ledger support
  • A new Hyperledger template in the Azure Marketplace gallery to accelerate Hyperledger deployments

None of the Azure Blockchain Service updates comes as much of a surprise. Microsoft pushed out Azure Blockchain dev kit upgrades in August, and the Corda enterprise support was first announced just a couple of weeks ago.

Related:

  • No Related Posts

The connection to Microsoft Exchange is unavailable, Outlook must be online or connected

Microsoft Outlook, at times, is known to give an error saying — The action cannot be completed. The connection to Microsoft Exchange is unavailable, Outlook must be online or connected to complete this action. In this post, we will show how you can fix this problem and get back it to working as usual.

The connection to Microsoft Exchange is unavailable, Outlook must be online or connected to complete this action

The connection to Microsoft Exchange is unavailable, Outlook must be online or connected to complete this action

The connection to Microsoft Exchange is unavailable. Outlook must be online or connected to complete this action

There are two ways to fix tjis issue. First, create a new default profile. Second, Delete the default profile. Not many have multiple Outlook profiles is not always an option. So use the second method as follows:

  1. Delete Default Profile
  2. Create a New Outlook Profile
  3. Update or create your Outlook profile with RPC encryption
  4. Disable the encryption requirement on all CAS servers
  5. Deploy a Group Policy setting to update existing Outlook profiles with RPC encryption

The first, three can be configured by the end-user, while the last two are only for Servers.

1] Delete Default Profile

Change Default Outlook Profile Windows 10

  • Launch Outlook, and then click on Info > Account settings dropdown > Manage Profile
  • It will open the Mail Setup window. Click on Show Profiles button.
  • Delete the default profile by clicking on the Remove button.
  • Restart Outlook.

When you remove the profile, all offline cached content for its account will be removed. However, you can backup the OST profile to reuse it.

When you relaunch Outlook, you will have to create a new profile, and then go through the setup process again.

2] Create a New Outlook Profile

Create New Outlook Profile Windows 10

If you do not want to delete, you can create a new default profile. At the Mail Setup > Profiles section, you can click on the Add button, and then give a name to the profile. Next, you need to add the email accounts you want to add. Make sure to properly configure the email account, so the error doesn’t reappear. Also, make sure to set that as the default profile.

3] Update or create your Outlook profile with RPC encryption

create your Outlook profile with RPC encryption

Most of the users have all email accounts under one single profile. One of the email accounts may be having trouble with that is running Microsoft Exchange Server 2010, Microsoft Exchange Server 2013, or Microsoft Exchange Server 2016. These are usually corporate accounts that haven’t been configured properly.

  1. Launch Outlook, and then click on Info > Account settings dropdown > Manage Profile
  2. Click on E-mail Accounts > select the email which is configured with Exchange Server, and then click on Change > More Settings
  3. In the Microsoft Exchange window, switch to Security tab
  4. Select Encrypt data between Microsoft Office Outlook and Microsoft Exchange.
  5. Click Ok and exit

It should fix the issue if it were because of RPC encryption error.

4] Disable the encryption requirement on all CAS servers

This part is specifically for IT admins who can disable encryption requirements. Microsoft warns that it should be only used where you cannot immediately deploy the necessary RPC encryption settings on your Outlook clients. Run the following command in the Exchange Management Shell:

Set-RpcClientAccess –Server <Exchange server name> –EncryptionRequired:$False

You must run this cmdlet for all Client Access servers that are running Exchange Server 2010 or later version. Rerun this command for each Exchange server that has the Client Access Server role. Also, make sure to disable RPC encryption, which we talked about in the above step.

However, make sure to enable it back again after deployment with changes to the RPC requirement on the Outlook.

5] Deploy a Group Policy setting to update existing Outlook profiles with RPC encryption

Enable RPC Encryption Policy Settings

You can also change RPC settings on the server-side by using Group Policy. Navigate to User Configuration > Administrative Templates > Microsoft Office “Version number” > Account Settings > Exchange. Locate policy Enable RPC encryption and disable it.

We hope these methods helped you to resolve Outlook connected issues with Microsoft Exchange.

SD Times news digest: Microsoft’s AI for Accessibility grants, Hyperledger Sawtooth 1.2, and …

Microsoft announced that it is offering a grant to ObjectiveEd, the makers of the Braille Tutor app, which incorporates AI-based speech recognition to help students practice reading Braille with personalized learning plans. The grant is part of Microsoft’s AI for Accessibility program to help people using AI-powered technology.

The Braille Tutor app was created because currently, only 13% of blind or visually impaired students know Braille and in most public schools, teachers who know Braille only come to the schools once a week to teach personalized lessons, the company explained. The app aims to fix that by helping to teach Braille.

“We have a huge opportunity and a responsibility to be making technology smarter and more useful for people with disabilities,” said Mary Bellard, Microsoft senior architect lead for accessibility. The aim of the AI for Accessibility program, which began in 2018 and now has 32 grantees, is to help people “build something really useful at the intersection of AI, accessibility and disability.”

MIT researchers develop algorithm to give robots a better grip

Researchers at MIT developed a new algorithm that speeds up the planning process that robots use to adjust their grip on objects, thereby giving them a better, faster grasp.

Whereas traditional algorithms would require tens of minutes for planning out a sequence of motions, the team’s new approach shaves this pre planning process down to less than a second, according to a post.

“Seemingly simple variations, such as how hard robot grasps the object, can significantly change how the object moves in the grasp when pushed,” Rachel Hollada, a graduate student in electrical engineering and computer science at MIT, explained. “Based on how hard you’re grasping, there will be a different motion. And that’s part of the physical reasoning that the algorithm handles.”

Hyperledger Sawtooth 1.2

Hyperledger Sawtooth 1.2 is now available, adding full support for the PBFT consensus engine and for mobile application development with new SDKs for iOS and Android.

“Now, Sawtooth PBFT 1.0 is the preferred consensus for small-to-medium networks — it’s leader-based, non-forking, and fast. PBFT also provides the safety and liveness guarantees that are necessary for operating a blockchain network with adversarial trust. This makes PBFT an excellent option for smaller consortium-style networks,” the Hyperledger Foundation wrote in a post.

The release also contains transaction family compatibility with Sawtooth Sabre, enhanced performance and stability, improved documentation, better support for consensus algorithms, and overall platform refinements for a better developer experience.

Accusoft announces Barcode Xpress .NET Core

Accusoft released Barcode Xpress .NET Core, which offers support for 1D and 2D barcodes, recognition of over 30 barcode types and support for damaged and broken barcodes.

“Developers can integrate Barcode Xpress into their application with just a few lines of code,” said Steve Wilson, VP of product at Accusoft. “This new development environment enables developers from a variety of programming backgrounds to integrate leading barcode technology into their applications.”

Barcode Xpress is now available in Node.js, .NET, C/C++, ActiveX, Java, and .NET Core. The full details are available here.

Related:

  • No Related Posts

Fix Mailbox does not exist error in Microsoft Teams

If you’re using Microsoft Teams, then maybe you have come across a particular error in recent times. It’s nothing out of the ordinary, but annoying nonetheless. The issue we are talking about here is when the mailbox in Microsoft Teams is empty. You may see an error message – Mailbox does not exist.

An empty mailbox, or one that doesn’t exist, would be a surprise to anyone that had content within it before this problem. The big question right now is what caused this to happen, and whether or not if there is a way to fix it once and for all. Now, we can’t say for certain what caused the mailbox to go empty, but we can say the problem can be solved.

Mailbox does not exist error in Microsoft Teams

From what we have gathered, the mailbox does not exist error tends to happen when Microsoft Exchange is in use. Yes, many users of Microsoft Teams take big advantage of Exchange, which should come as no surprise to anyone at this point.

OK, so let’s look into how we can solve the no mailbox error, and hopefully, it will never show its ugly head ever again

Microsoft Teams – Mailbox does not exist

Fixing this problem is super easy, at least from our point of view, so don’t be discouraged because we will make it easy to understand.

  1. Check the O-auth setting
  2. Verify that Exchange Online can successfully connect

1] Check the O-auth setting

The first thing you’ll need to do is run the Test-OAuthConnectivity tool to see if things are working as they should. The idea here is to make sure your organization can successfully connect to Exchange Online because this is a very important aspect.

To get this done, please launch Windows PowerShell by right-clicking on the Start menu button, then select Windows PowerShell from the menu. We suggest choosing the admin version for a better chance of this working.

After launching the tool, please copy and paste the following into PowerShell then hit the Enter key on your keyboard:

Test-OAuthConnectivity -Service EWS -TargetUri https://outlook.office365.com/ews/exchange.asmx -Mailbox <On-Premises Mailbox> -Verbose | Format-List

2] Verify that Exchange Online can successfully connect

The next step, then, is to test if the connection is working, and yes, the task is easy to accomplish. You see, simply follow the steps above to launch Windows PowerShell, then copy and paste the following, and as usual, hit the Enter key:

Test-OAuthConnectivity -Service EWS -TargetUri <external hostname authority of your Exchange On-Premises deployment>/metadata/json/1 -Mailbox <Exchange Online Mailbox> -Verbose | Format-List

That should get the job done, 100 percent. So, go ahead and check the mailbox to see if its back to its regular setting.

All the best.

Microsoft Windows Security Updates September 2019 overview

It is September 10, 2019 and Microsoft has just released security and non-security updates for its Microsoft Windows operating system and other company products.

Our overview of the September 2019 Patch Day provides system administrators and home users with information on the released updates. It features some stats at the beginning, provides links to all support articles and direct download options, lists known issues and security advisories, and provides other relevant information.

Check out the August 2019 update overview in case you missed it.

Microsoft Windows Security Updates September 2019

Here is a handy Excel spreadsheet that lists all released security updates for Microsoft products in September 2019. Please download it with a click on the following link: Microsoft Windows Security Updates September 2019

Executive Summary

  • Microsoft released security updates for all client and server versions of the Windows operating system that it supports.
  • The following non-Windows products had security updates released as well: Internet Explorer, Microsoft Edge, Microsoft Office, Adobe Flash Player, Microsoft Lync, Visual Studio, .NET Framework, Microsoft Exchange Server, Microsoft Yammer, .NET Core, ASP.NET, Team Foundation Server, Project Rome.
  • Microsoft fixed the high CPU usage issue from SearchUI.exe in Windows 10 1903.
  • The Microsoft Update Catalog website lists 215 updates.

Operating System Distribution

  • Windows 7: 32 vulnerabilities: 4 rated critical and 28 rated important
    • CVE-2019-0787 | Remote Desktop Client Remote Code Execution Vulnerability
    • CVE-2019-1280 | LNK Remote Code Execution Vulnerability
    • CVE-2019-1290 | Remote Desktop Client Remote Code Execution Vulnerability
    • CVE-2019-1291 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows 8.1: 33 vulnerabilities: 5 rated critical and 28 rated important
    • same as Windows 7 plus
    • CVE-2019-0788 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows 10 version 1803: 46 vulnerabilities: 5 critical and 41 important
    • same as Windows 8.1
  • Windows 10 version 1809: 45 vulnerabilities: 5 critical and 40 important
    • same as Windows 8.1
  • Windows 10 version 1903: 45 vulnerabilities: 5 critical and 40 important.
    • same as Windows 8.1

Windows Server products

  • Windows Server 2008 R2: 31 vulnerabilities: 3 critical and 28 important.
    • CVE-2019-1280 | LNK Remote Code Execution Vulnerability
    • CVE-2019-1290 | Remote Desktop Client Remote Code Execution Vulnerability
    • CVE-2019-1291 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 31 vulnerabilities: 3 critical and 28 important.
    • same as Windows Server 2008 R2.
  • Windows Server 2016: 39 vulnerabilities: 3 critical and 36 important
    • same as Windows Server 2008 R2.
  • Windows Server 2019: 43 vulnerabilities: 3 critical and 40 are important.
    • same as Windows Server 2008 R2.

Other Microsoft Products

  • Internet Explorer 11: 4 vulnerabilities: 3 critical, 1 important
  • Microsoft Edge: 7 vulnerabilities: 5 critical, 2 important
    • CVE-2019-1138 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1217 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1237 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1298 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1300 | Chakra Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2 SP1

Monthly Rollup: KB4516065

Security Only: KB4516033

  • Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 32-Bit (x86) versions of Windows
  • Security Updates

Windows 8.1 and Windows Server 2012 R2

Monthly Rollup: KB4516067

Security Only: KB4516064

  • Same as Windows 7 and Server 2008 R2

Windows 10 version 1803

Cumulative Update: KB4516058

  • Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 32-Bit (x86) versions of Windows.
  • Security updates.

Windows 10 version 1809 and Windows Server 1809

Cumulative Update: KB4512578

  • Same as Windows 10 version 1803.

Windows 10 version 1903 and Windows Server version 1903

Cumulative update: KB4515384

  • Same as Windows version 1803 plus
  • Fixed the high CPU usage issue caused by SearchUI.exe.

Windows 10 version 1903 and Windows Server 1903

Other security updates

KB4516046 — Cumulative security update for Internet Explorer: September 10, 2019

KB4474419 — SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: August 13, 2019

KB4516655 — 2019-09 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB45171342019-09 Servicing Stack Update for Windows Server 2008

KB4512938 — 2019-09 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4512939 — 2019-09 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012

KB4511839 — 2019-09 Servicing Stack Update for Windows 10 Version 1703

KB4512573 — 2019-09 Servicing Stack Update for Windows 10 Version 1507

KB4512575 — 2019-09 Servicing Stack Update for Windows 10 Version 1709

KB4512576 — 2019-09 Servicing Stack Update for Windows Server Version 1803 and Windows 10 Version 1803

KB4512577 — 2019-09 Servicing Stack Update for Windows 10 Version 1809 and Windows Server 2019

KB4515383 — 2019-09 Servicing Stack Update for Windows 10 Version 1903

KB4512574 — 2019-09 Servicing Stack Update for Windows Server 1903 RTM, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows Server Version 1803, Windows 10 Version 1803, Windows Server 2016, Windows Server Version 1709, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10

Server / Embedded

KB4516026 — 2019-09 Security Monthly Quality Rollup for Windows Server 2008

KB4516051 — 2019-09 Security Only Quality Update for Windows Server 2008

KB4516055 –2019-09 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4516062 — 2019-09 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

Microsoft .NET

KB4514330 — Security Only Update for .NET Framework 4.8 for Windows Server 2012

KB4514331 — Security Only Update for .NET Framework 4.8 for Windows 8.1 and Server 2012 R2

KB4514337

KB4514338 — Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2

KB4514341 — Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Server 2012 R2

KB4514342 — Security Only Update for .NET Framework 4.5.2 for Windows Server 2012

KB4514349 — Security Only Update for .NET Framework 3.5 for Windows Server 2012

KB4514350 — Security Only Update for .NET Framework 3.5 for Windows 8.1 and Server 2012 R2

KB4514360 — Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012

KB4514361 — Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514363 — Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012

KB4514364 — Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514367 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514368 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows Server 2012

KB4514370 — Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012

KB4514371 — Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Server 2012 R2

KB4514598 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012

KB4514599 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Server 2012 R2

KB4514602 — Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Server 2008 R2 SP1

KB4514603 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012

KB4514604 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514605 — Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2

KB4514354 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607

KB4514355 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703

KB4514356 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1709

KB4514357 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803 and Windows Server 2016

KB4514358 — 2019-09 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1809

KB4514359 — 2019-09 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1903

KB4514366 — 2019-09 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809

KB4514601 — 2019-09 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809

Known Issues

Windows 7 SP1 and Windows Server 2008 R2 (monthly rollup only)

  • VBScript may not be disabled in Internet Explorer even though it should be

Windows 8.1 and Windows Server 2008 R2

  • Certain operations may fail on Cluster Shared Volumes

Windows 10 version 1803

  • Operations may fail on Cluster Shared Volumes.
  • Black screen during first logon after update installation issue

Windows 10 version 1809

  • Same as Windows 10 version 1803 plus
  • Error on some devices with certain Asian language packs installed: 0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.
  • Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries

Security advisories and updates

ADV990001 | Latest Servicing Stack Updates

ADV190022 | September 2019 Adobe Flash Security Update

Non-security related updates

Microsoft Office Updates

You find Office update information here.

How to download and install the September 2019 security updates

windows updates september 2019 microsoft

Most home systems receive updates automatically especially when they run Windows 10. Updates are not pushed in real-time to devices running Windows. Some administrators prefer to install security updates the moment they are released, others to wait to make sure that the updates don’t introduce any issues on the system.

Note: it is recommended that you back up the system partition before you install updates. Use programs like Paragon Backup & Recovery Free or Macrium Reflect for that.

Admins may check for updates manually to retrieve the released updates right away. Here is how that is done:

  • Open the Start Menu of the Windows operating system, type Windows Update and select the result.
  • Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Updates may also be downloaded from the Microsoft Update Catalog website.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4516065 — 2019-09 Security Monthly Quality Rollup for Windows 7
  • KB4516033 — 2019-09 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4516067 — 2019-09 Security Monthly Quality Rollup for Windows 8.1
  • KB4516064 — 2019-09 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

  • KB4516058 — 2019-09 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4512578 — 2019-09 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4515384 — 2019-09 Cumulative Update for Windows 10 Version 1903

Additional resources

Summary
Microsoft Windows Security Updates September 2019 overview
Article Name
Microsoft Windows Security Updates September 2019 overview
Description
It is September 10, 2019 and Microsoft has just released security and non-security updates for its Microsoft Windows operating system and other company products.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Ghacks Technology News
Advertisement

Related:

  • No Related Posts

How is URL list for application “Microsoft Update” updated

I need a solution

Hi;

My understanding is that if you wanted to exempt all URL to do with Windows Updates, you can do that by using the application “Microsoft Update”, which will know of all the URLs involved, This way you dont’ have to do it based on a changing list of URLs.

My question is: If this list of URLs is changed by Microsoft, how does the application “Microsoft Update” stay up to date with the latest URL list and how does the Proxy SG get updated with it.

Kindly

Wasfi

0

Related:

  • No Related Posts