Several groups of nation states hack Microsoft Exchange servers

Several groups of nation states hack Microsoft Exchange servers

A number of government-supported hacking groups exploit a recent patch vulnerability in Microsoft Exchange email servers.

The exploits were first detected by British cybersecurity company Volexity on Friday and confirmed to ZDNet today by a DOD source.

Volexity did not share the names of the hacking groups that exploit this Exchange vulnerability. Volexity did not return a comment request for additional details.

The DOD source described the hacking groups as “all great players”, who also denied naming groups or countries.

Microsoft Exchange vulnerability

These state-sponsored hacking groups exploit a vulnerability in the Microsoft Exchange email servers that Microsoft hacked last month, on the Patch Tuesday in February 2020.

The vulnerability is traced under the ID of CVE-2020-0688. The following is a summary of the technical details of the vulnerability:

  • During installation, Microsoft Exchange servers do not create a unique cryptographic key for the Exchange Control Panel.
  • This means that all Microsoft Exchange email servers launched over the past ten years use the same cryptographic keys (validationKey and decryptionKey) for control panel support.
  • Attackers can submit malicious requests to the Exchange Control Panel that contain malicious serialized data.
  • Since hackers know the encryption keys in the control panel, they can make sure that serialized data is not serialized, which generates malicious code that runs on the backend of the Exchange server.
  • The malicious code is executed with system privileges, giving the attackers full control of the server.

Microsoft released patches for this error on February 11, when it also warned sysadmins to install solutions as soon as possible, foreseeing future attacks.

Nothing happened for almost two weeks. However, things got even closer to the end of the month when the Zero-Day Initiative, which reported the bug to Microsoft, released a technical report detailing the error and how it worked.

The report served as a roadmap for security researchers, who used the information contained in the design concept holdings to test their own servers and create detection rules and mitigation.

At least three of these proof-of-concept concepts found their way to GitHub (1, 2, 3). A Metasploit module was soon followed.

As in many other cases before, when the technical details and proof-of-concept code were made public, hackers also began to pay attention.

On February 26, a day after the Zero-Day Initiative was broadcast live, hackers began scanning the Internet for Exchange servers, collecting lists of vulnerable servers that they could target at a later date. The first such scans were detected by the intelligence company Bad Packets.

CVE-2020-0688 started mass scanning activity. Please refer to our API for “tags = CVE-2020-0688” to locate hosts performing scans. #threatintel

– Wrong Package Report (@bad_packets) February 25, 2020

Now, according to Volexity, Exchange server scans have become real attacks.

The first to address this error were APTs – “advanced persistent threats”, a term often used to describe state-sponsored pirate groups.

However, other groups are also expected to follow suit. Security researchers whom ZDNet spoke with earlier said they anticipate the bug to become very popular with ransomware bands that regularly run enterprise networks.

Harmonize older and useless phishing credentials

This Exchange vulnerability, however, is not easy to exploit. Security experts do not see this bug being abused by kiddies (a term used to describe low-level hackers).

To exploit CVE-2020-0688 Exchange Error, hackers need the credentials for an email account on the Exchange server, which script scripts usually do not have.

CVE-2020-0688 Security Default is an error called post-authentication. The hackers must first log in and then execute the malicious payload hijacked by the victim’s email server.

But while that limitation will keep the script kiddies out, APTs and ransomware bands do not apply, experts said.

APTs and ransomware bands often spend most of their time launching phishing campaigns, after they get email credentials for their employees.

If an organization applies 2-Factor Authentication (2FA) for email accounts, then those credentials are essentially useless, as 2FA can not be hacked by hackers.

Error CVE-2020-0688 allows APTs to finally find a purpose for those older 2FA-protected accounts that had spit months or years earlier.

They can use any of these older credentials as part of the CVE-2020-0688 operation without the need to bypass 2FA, but still take over the victim’s Exchange server.

Good point about this: Sometimes an APT will get some valid passwords for user accounts in a target organism, but will not be able to use them immediately because of 2FA. However, you can add the credits and patiently wait for new opportunities to emerge. https://t.co/HzY8CmSepM

– Brian at Pittsburgh (@arekfurt) March 7, 2020

Organizations with “APT” or “ransomware” in their threat array are encouraged to upgrade their Exchange email servers with the February 2020 security updates as soon as possible.

All Microsoft Exchange servers are considered vulnerable, even life-threatening (EoL) versions. For EoL versions, organizations should look for the upgrade to a newer Exchange version. If updating the Exchange server is not an option, companies are encouraged to reset a password for all Exchange accounts.

Grabbing email servers is the Holy Grail of APT attacks, as this allows nation-state groups to intercept and read a company’s email communications.

Historically, APTs have previously served with Exchange servers. Previous APTs that have hacked Exchange include Turla (a Russia-linked group) and APT33 (an Iranian group).

This post on the TrustedSec blog contains instructions on how to detect if an Exchange server has already been hacked by this error.

Related:

  • No Related Posts

Microsoft Windows Security Updates November 2019 overview

It is the second Tuesday of November 2019 and that means that it is Microsoft Patch Day. Microsoft released security and non-security updates for its Windows operating system and other company products.

Our overview provides you with information on these updates: it starts with an executive summary and information about the number of released updates for all supported client and server versions of Windows as well as the Microsoft Edge (classic) and Internet Explorer web browsers.

What follows is information about the updates, all with links to support articles on Microsoft’s website, the list of known issues, direct download links to cumulative updates for Windows, and additional update related information.

Click here to open the October 2019 Patch Day overview.

Microsoft Windows Security Updates October 2019

Download the following Excel spreadsheet to your local system; it lists security updates that Microsoft released in November 2019: November 2019 Security Updates

Executive Summary

feature update windows 10 1909

  • Microsoft released security updates for all supported client and server versions of the Microsoft Windows operating system.
  • The following Microsoft products have received security updates as well: Internet Explorer, Microsoft Edge, Microsoft Office, Secure Boot, Microsoft Exchange Server, Visual Studio, Azure Stack.
  • The Windows 10 version 1909 features are included in the Windows 10 version 1903 update but not activated until “they are turned on using an enablement package, which is a small, quick-to-install “master switch” that simply activates the Windows 10, version 1909 features.” Microsoft released a blog post that details how to get the update. (basically, install regular 1903 update, then check for updates again and the 1909 update should be offered)
  • Windows 10 Home, Pro, Pro for Workstations and IoT Core, version 1803 have reached end of servicing. These editions won’t receive security updates or other updates after November 12, 2019.

Operating System Distribution

  • Windows 7: 35 vulnerabilities: 4 rated critical and 31 rated important
    • CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
    • CVE-2019-1441 | Win32k Graphics Remote Code Execution Vulnerability
  • Windows 8.1: 37 vulnerabilities: 3 rated critical and 34 rated important
    • Same as Windows 7 except for CVE-2019-1441 (not affected)
  • Windows 10 version 1803: 46 vulnerabilities: 5 critical and 41 important
    • CVE-2019-0721 | Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1398 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
  • Windows 10 version 1809: 46 vulnerabilities: 4 critical and 42 important
    • Same as Windows 10 version 1803 except for CVE-2019-1389 (not affected)
  • Windows 10 version 1903: 46 vulnerabilities: 2 critical and 28 important
    • Same as Windows 10 version 1809 plus
    • CVE-2019-1430 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Windows Server products

  • Windows Server 2008 R2: 35 vulnerabilities: 4 critical and 31 important.
    • CVE-2019-1441 | Win32k Graphics Remote Code Execution Vulnerability
    • CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
    • CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 37 vulnerabilities: 3 critical and 34 important.
    • same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected)
  • Windows Server 2016: 38 vulnerabilities: 2 critical and 20 important.
    • same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected)
  • Windows Server 2019: 46 vulnerabilities: 2 critical and 29 are important
    • same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected) plus
    • CVE-2019-0721 | Hyper-V Remote Code Execution Vulnerability

Other Microsoft Products

  • Internet Explorer 11: 2 vulnerabilities: 2 critical
  • Microsoft Edge: 4 vulnerabilities: 4 critical
    • CVE-2019-1413 | Microsoft Edge Security Feature Bypass Vulnerability
    • CVE-2019-1426 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1427 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1428 | Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

The security-only update resolves the following issues/makes the following changes:

  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates for various operating system components.

The monthly rollup update includes all of the updates of the security-only update plus:

  • Fixes an issue that prevented certain 16-bit Visual Basic 3 applications or other VB3 applications from running.
  • Fixes a temporary user profile issue when the policy “Delete cached copies of roaming profiles” is set.

Windows 8.1 and Server 2012 R2

The security-only update resolves the following issues/makes the following changes:

  • Same as Windows 7 SP1 and Windows Server 2008 R2.

The monthly rollup update includes all of the updates of the security-only update plus:

  • Same as Windows 7 SP1 and Windows Server 2008 R2 plus
  • Fixes an issue that prevented multiple Bluetooth Basic Rate devices from functioning properly after installing the August 2019 updates.
  • Fixes an issue that caused error 0x7E when connecting Bluetooth devices after installing the June 2019 updates.

Windows 10 version 1803

The cumulative update fixes the following issues / makes the following changes:

  • Fixes an issue that caused Windows Defender Application Control Code Integrity events to become unreadable.
  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates

Windows 10 version 1809

The cumulative update fixes the following issues / makes the following changes:

  • Fixes an issue that could cause the Microsoft Defender Advanced Threat Protection service to stop running or stop sending report data.
  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates

Windows 10 version 1903

The cumulative update lists changes for Windows 10 version 1903 and 1909. It appears that Microsoft included the changes of 1909 in the cumulative update but has not activated them at the time of writing.

  • Fixes an issue in the Keyboard Lockdown Subsystem that might not filter key input correctly.
  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
  • Security updates

Other security updates

  • Internet Explorer Cumulative Update: KB4525106
  • 2019-11 Security Monthly Quality Rollup for Windows Server 2008 (KB4525234)
  • 2019-11 Security Only Quality Update for Windows Server 2008 (KB4525239)
  • 2019-11 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB4525246)
  • 2019-11 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB4525253)
  • 2019-11 Cumulative Update for Windows Server, version 1909 and Windows 10 Version 1909 (KB4524570)
  • 2019-11 Cumulative Update for Windows 10 Version 1507 (KB4525232)
  • 2019-11 Cumulative Update for Windows Server 2016, and Windows 10 Version 1607 (KB4525236)
  • 2019-11 Cumulative Update for Windows 10 Version 1709 (KB4525241)
  • 2019-11 Cumulative Update for Windows 10 Version 1703 (KB4525245)
  • 2019-11 Servicing Stack Update for Windows Server 2016, and Windows 10 Version 1607 (KB4520724)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1507 (KB4523200)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1703 (KB4523201)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1709 (KB4523202)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1803, and Windows Server 2016 (KB4523203)
  • 2019-11 Servicing Stack Update for Windows 10 Version 1809, and Windows Server 2019 (KB4523204)
  • 2019-11 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB4523206)
  • 2019-11 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012 (KB4523208)
  • 2019-11 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB4524445)
  • 2019-11 Servicing Stack Update for Windows Server, version 1909 and Windows 10 Version 1909 (KB4524569)
  • 2019-11 Servicing Stack Update for Windows Server 2008 (KB4526478)

Known Issues

Windows 8.1 and Windows Server 2012 R2

  • Certain operations may fail on Cluster Shared Volumes with the error code “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”

Windows 10 version 1803

  • Certain operations may fail on Cluster Shared Volumes with the error code “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”
  • May be unable to create a new local user during the Out of Box Experience when using Input Method Editor (IME) — Microsoft recommends setting the keyboard language to English during user creation or to use a Microsoft Account to complete the setup.

Windows 10 version 1809

  • Same as Windows 10 version 1803 plus
  • May receive error “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND” with some Asian language packs installed.

Windows 10 version 1903

  • May be unable to create a new local user during the Out of Box Experience when using Input Method Editor (IME) — Microsoft recommends setting the keyboard language to English during user creation or to use a Microsoft Account to complete the setup.

Security advisories and updates

ADV190024 | Microsoft Guidance for Vulnerability in Trusted Platform Module (TPM)

Non-security related updates

  • 2019-11 Dynamic Update for Windows 10 Version 1809 (KB4524761)
  • 2019-11 Dynamic Update for Windows 10 Version 1903 (KB4525043)
  • Windows Malicious Software Removal Tool – November 2019 (KB890830)

Microsoft Office Updates

You find Office update information here.

How to download and install the November 2019 security updates

windows updates security november 2019

Most home devices running Windows are configured to download and install security updates when they are released. Users who don’t want to wait for that to happen or have configured their systems to update manually only may run manual checks for updates or download the cumulative updates from Microsoft’s Update Catalog website.

The following needs to be done to check for updates manually:

  1. Open the Start Menu of the Windows operating system, type Windows Update and select the result.
  2. Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4525235 — 2019-11 Security Monthly Quality Rollup for Windows 7
  • KB4525233 — 2019-11 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4525243 — 2019-11 Security Monthly Quality Rollup for Windows 8.1
  • KB4525250 — 2019-11 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

  • KB4525237 — 2019-11 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4523205 — 2019-11 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4524570 — 2019-11 Cumulative Update for Windows 10 Version 1903

Additional resources

Summary
Microsoft Windows Security Updates November 2019 overview
Article Name
Microsoft Windows Security Updates November 2019 overview
Description
Microsoft released security and non-security updates for the Microsoft Windows operating system and other company products on November 12, 2019.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Ghacks Technology News
Advertisement

Related:

  • No Related Posts

PowerEdge & Microsoft: Better Together at Microsoft Ignite 2019

This is a big year for the Microsoft community with two of the most ubiquitous platforms – Microsoft Windows Server 2008 and SQL Server 2008 going End of Support. That’s sure to be a hot topic at Ignite 2019 next week (November 4-8) in Orlando, Florida.

If you’ve visited Dell Technologies at a trade show, attended a roadshow, or even listened to one of our webinars throughout the year, you’ve seen our Real Transformation booth. There’s never been a clearer “this just got REAL” moment like facing an End of Support event. So we’re taking that theme to the “House of the Mouse” and looking forward to some engaging discussions.

Dell EMC and Microsoft have been partners for more than three decades, and today we’re doing more exciting work together than ever before. That’s in part due to the fact that the challenges for our customers have never been greater. And that gives us a chance to bring more than just world-class infrastructure to the market by offering solutions combining the best in hardware, software, services and management tools to address those complex challenges.

Dell’s partnership with Microsoft goes back more than thirty years during which time we’ve co-developed innovative hardware and software solutions with the goal of simplifying IT for our customers. Never has this been more important than today where hybrid cloud, AI and hyper-converged infrastructure are making it even more challenging for organizations to keep pace with change. Looking ahead to the release of Microsoft SQL Server 2019, we have been testing early versions of the software and the results are amazing. On the latest generation of Dell EMC PowerEdge Servers, we’ve seen upwards of 2.7x transaction processing speed. 1 This is an early indication of the power of our platforms and the strength of our partnership with Microsoft. We are looking forward to a very engaging Ignite and hope you will come speak with us at the event! – Chad Fenner, Senior Director, PowerEdge Product Management

From a PowerEdge perspective, we have plenty of cool things up our sleeve that we’re excited to share with you. I don’t want to spoil the fun, but here’s a preview of what’s happening with PowerEdge at Ignite:

Dell Technologies Booth # 1547

If you’re in Orlando, come see us in the Dell Technologies booth! We’ll have experts ready to answer all of your End of Support questions, in-booth theater presentations, and some cool giveaways. We’ll have some of our new hardware including the PowerEdge MX that you can open, explore, and even swap some components. We’ll be running a demo of our OpenManage integration with Windows Admin Center and some live diagnostics on the PowerEdge R740xd. Yes, we know this is a cloud and software show, but we like to throw in a subtle reminder that all this modern software needs the best2 in modern hardware.

There are some fun interactive ways to learn more about our joint PowerEdge and Microsoft solutions. Highlights include:

OpenManage Monster Hunter, sponsored by KIOXIA – Halloween may be the week before but that doesn’t mean the fun has to end. In this game you’ll fight zombies and bats to modernize your datacenter. You’ll work your way through our OpenManage Integration with Windows Admin Center on AzureStack HCI, integration with Microsoft System Center, and OpenManage Enterprise on the PowerEdge MX. There will be a leaderboard, and some excellent prizes, so challenge your friends.

Tech Trivia – This Jeopardy! style game will help you learn more about the entirety of the Dell Technologies portfolio – from servers to storage to services. Of course, that also includes our full line of laptops and gaming hardware. Play Tech Trivia and you’ll be entered into a raffle to win a Ring Doorbell.

Dell Technologies Scavenger Hunt – Engage, learn and become more social with our Dell Technologies booth, solutions and activities. Dust off your hashtags and earn stamps, make sure you redeem your card in the booth for fantastic daily prizes including a GoPro HERO7 and a grand prize drawing on Thursday for a set of BOSE noise-cancelling headphones.

RHEL Button Contest – Grab a button, pin it on, snap a creative pic somewhere at the event and post to Instagram with the hashtag #SQLonRHELonDell. First place DAILY winners will receive a 2-in-1 Dell Inspiron laptop.

Breakout Sessions

PowerEdge will be represented in the following breakout sessions:

It’s all about the data: Abstraction beyond virtualization

Speaker: Stephen McMaster, Engineering Technologist, Dell EMC

Wednesday, November 06, 10:55 AM in Theatre 7

In the data driven age, information is as valuable as currency. Only when you can harness data from multiple sources and formats can you accelerate business innovation. Containerization enables agility at hyperscale and is a critical step towards achieving true data abstraction beyond just virtualization. Join us to learn how Dell EMC delivers foundational solutions to support Microsoft SQL Server 2019, including big data clusters, enabling businesses to take advantage of next-generation analytics, and go behind their data to draw valuable insights.

There is a new era in data management – Dell Technologies makes data innovation a reality

Speaker: Stephen McMaster, Engineering Technologist, Dell EMC

Thursday November 07, 10:15 AM in OCCC West

There are many paths towards modernizing the Microsoft Data Estate. Designing the right solution that meets today’s needs while laying the foundation for where your business will need to be tomorrow is a critical step in becoming an innovation leader. Join us as we outline the modernization strategies organizations need to consider in this new era of data abstraction and how Dell Technologies can guide you on this journey.

Evening Events

The fun doesn’t stop when the show floor closes. We have a great line-up of invitation-only events for our customers and those who want to learn more about Dell Technologies solutions.

Customer Appreciation Celebration at the Andretti Racing Center

We love our customers and the chance to celebrate with them! So rev up your engines for this fast-paced racing experience on November 6 at 6:30pm at Andretti Indoor Karting and Games. This event is by invite-only and will likely reach capacity so please reach out to your account team for more information to register.

Dell Technologies Hospitality Suite – Monday/Tuesday/Wednesday

Relax in the Dell Tech Hospitality suite – complete with food, beverages, and a place to unwind. Open Monday – Wednesday, this suite will give you the opportunity to learn from Dell Technologies, Red Hat, and Intel experts while recharging yourself (and your phone if it needs some charging too). Registration is required.

SQL Server 2019 Conversations and Cocktails – Tuesday November 5 4:00-6:30

Connect with your peers at this informal gathering of like-minded SQL Server connoisseurs to share the technical pitfalls, gotchas and successes learned. Share a beverage, enjoy hors d’oeuvres and meet the experts from Dell Technologies, Intel and Red Hat who are ready to answer your questions and better arm you to take your business further, faster. This exclusive celebration will take place at the Oceanaire Seafood Room and is available by registration only, until full, here:

If you’re running an End of Support platform or one that will be soon, come talk to us. We make modernizing easy and can get you back on a supported platform and can even help you transform the way you look at IT.

We look forward to seeing you next week at Ignite!

To learn more about PowerEdge, visit dellemc.com/servers, or join the conversation on Twitter @DellEMCservers.

[1] IDC WW Quarterly x86 Server Tracker, 2018Q4, Mar. 6, 2019 – Units & Vendor Revenue

[2] Persistent Memory Performance in vSphere 6.7 with Intel Optane DC Persistent Memory – VMware, April 2019

Related:

  • No Related Posts

The connection to Microsoft Exchange is unavailable, Outlook must be online or connected

Microsoft Outlook, at times, is known to give an error saying — The action cannot be completed. The connection to Microsoft Exchange is unavailable, Outlook must be online or connected to complete this action. In this post, we will show how you can fix this problem and get back it to working as usual.

The connection to Microsoft Exchange is unavailable, Outlook must be online or connected to complete this action

The connection to Microsoft Exchange is unavailable, Outlook must be online or connected to complete this action

The connection to Microsoft Exchange is unavailable. Outlook must be online or connected to complete this action

There are two ways to fix tjis issue. First, create a new default profile. Second, Delete the default profile. Not many have multiple Outlook profiles is not always an option. So use the second method as follows:

  1. Delete Default Profile
  2. Create a New Outlook Profile
  3. Update or create your Outlook profile with RPC encryption
  4. Disable the encryption requirement on all CAS servers
  5. Deploy a Group Policy setting to update existing Outlook profiles with RPC encryption

The first, three can be configured by the end-user, while the last two are only for Servers.

1] Delete Default Profile

Change Default Outlook Profile Windows 10

  • Launch Outlook, and then click on Info > Account settings dropdown > Manage Profile
  • It will open the Mail Setup window. Click on Show Profiles button.
  • Delete the default profile by clicking on the Remove button.
  • Restart Outlook.

When you remove the profile, all offline cached content for its account will be removed. However, you can backup the OST profile to reuse it.

When you relaunch Outlook, you will have to create a new profile, and then go through the setup process again.

2] Create a New Outlook Profile

Create New Outlook Profile Windows 10

If you do not want to delete, you can create a new default profile. At the Mail Setup > Profiles section, you can click on the Add button, and then give a name to the profile. Next, you need to add the email accounts you want to add. Make sure to properly configure the email account, so the error doesn’t reappear. Also, make sure to set that as the default profile.

3] Update or create your Outlook profile with RPC encryption

create your Outlook profile with RPC encryption

Most of the users have all email accounts under one single profile. One of the email accounts may be having trouble with that is running Microsoft Exchange Server 2010, Microsoft Exchange Server 2013, or Microsoft Exchange Server 2016. These are usually corporate accounts that haven’t been configured properly.

  1. Launch Outlook, and then click on Info > Account settings dropdown > Manage Profile
  2. Click on E-mail Accounts > select the email which is configured with Exchange Server, and then click on Change > More Settings
  3. In the Microsoft Exchange window, switch to Security tab
  4. Select Encrypt data between Microsoft Office Outlook and Microsoft Exchange.
  5. Click Ok and exit

It should fix the issue if it were because of RPC encryption error.

4] Disable the encryption requirement on all CAS servers

This part is specifically for IT admins who can disable encryption requirements. Microsoft warns that it should be only used where you cannot immediately deploy the necessary RPC encryption settings on your Outlook clients. Run the following command in the Exchange Management Shell:

Set-RpcClientAccess –Server <Exchange server name> –EncryptionRequired:$False

You must run this cmdlet for all Client Access servers that are running Exchange Server 2010 or later version. Rerun this command for each Exchange server that has the Client Access Server role. Also, make sure to disable RPC encryption, which we talked about in the above step.

However, make sure to enable it back again after deployment with changes to the RPC requirement on the Outlook.

5] Deploy a Group Policy setting to update existing Outlook profiles with RPC encryption

Enable RPC Encryption Policy Settings

You can also change RPC settings on the server-side by using Group Policy. Navigate to User Configuration > Administrative Templates > Microsoft Office “Version number” > Account Settings > Exchange. Locate policy Enable RPC encryption and disable it.

We hope these methods helped you to resolve Outlook connected issues with Microsoft Exchange.

Microsoft Windows Security Updates September 2019 overview

It is September 10, 2019 and Microsoft has just released security and non-security updates for its Microsoft Windows operating system and other company products.

Our overview of the September 2019 Patch Day provides system administrators and home users with information on the released updates. It features some stats at the beginning, provides links to all support articles and direct download options, lists known issues and security advisories, and provides other relevant information.

Check out the August 2019 update overview in case you missed it.

Microsoft Windows Security Updates September 2019

Here is a handy Excel spreadsheet that lists all released security updates for Microsoft products in September 2019. Please download it with a click on the following link: Microsoft Windows Security Updates September 2019

Executive Summary

  • Microsoft released security updates for all client and server versions of the Windows operating system that it supports.
  • The following non-Windows products had security updates released as well: Internet Explorer, Microsoft Edge, Microsoft Office, Adobe Flash Player, Microsoft Lync, Visual Studio, .NET Framework, Microsoft Exchange Server, Microsoft Yammer, .NET Core, ASP.NET, Team Foundation Server, Project Rome.
  • Microsoft fixed the high CPU usage issue from SearchUI.exe in Windows 10 1903.
  • The Microsoft Update Catalog website lists 215 updates.

Operating System Distribution

  • Windows 7: 32 vulnerabilities: 4 rated critical and 28 rated important
    • CVE-2019-0787 | Remote Desktop Client Remote Code Execution Vulnerability
    • CVE-2019-1280 | LNK Remote Code Execution Vulnerability
    • CVE-2019-1290 | Remote Desktop Client Remote Code Execution Vulnerability
    • CVE-2019-1291 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows 8.1: 33 vulnerabilities: 5 rated critical and 28 rated important
    • same as Windows 7 plus
    • CVE-2019-0788 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows 10 version 1803: 46 vulnerabilities: 5 critical and 41 important
    • same as Windows 8.1
  • Windows 10 version 1809: 45 vulnerabilities: 5 critical and 40 important
    • same as Windows 8.1
  • Windows 10 version 1903: 45 vulnerabilities: 5 critical and 40 important.
    • same as Windows 8.1

Windows Server products

  • Windows Server 2008 R2: 31 vulnerabilities: 3 critical and 28 important.
    • CVE-2019-1280 | LNK Remote Code Execution Vulnerability
    • CVE-2019-1290 | Remote Desktop Client Remote Code Execution Vulnerability
    • CVE-2019-1291 | Remote Desktop Client Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 31 vulnerabilities: 3 critical and 28 important.
    • same as Windows Server 2008 R2.
  • Windows Server 2016: 39 vulnerabilities: 3 critical and 36 important
    • same as Windows Server 2008 R2.
  • Windows Server 2019: 43 vulnerabilities: 3 critical and 40 are important.
    • same as Windows Server 2008 R2.

Other Microsoft Products

  • Internet Explorer 11: 4 vulnerabilities: 3 critical, 1 important
  • Microsoft Edge: 7 vulnerabilities: 5 critical, 2 important
    • CVE-2019-1138 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1217 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1237 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1298 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1300 | Chakra Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2 SP1

Monthly Rollup: KB4516065

Security Only: KB4516033

  • Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 32-Bit (x86) versions of Windows
  • Security Updates

Windows 8.1 and Windows Server 2012 R2

Monthly Rollup: KB4516067

Security Only: KB4516064

  • Same as Windows 7 and Server 2008 R2

Windows 10 version 1803

Cumulative Update: KB4516058

  • Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 32-Bit (x86) versions of Windows.
  • Security updates.

Windows 10 version 1809 and Windows Server 1809

Cumulative Update: KB4512578

  • Same as Windows 10 version 1803.

Windows 10 version 1903 and Windows Server version 1903

Cumulative update: KB4515384

  • Same as Windows version 1803 plus
  • Fixed the high CPU usage issue caused by SearchUI.exe.

Windows 10 version 1903 and Windows Server 1903

Other security updates

KB4516046 — Cumulative security update for Internet Explorer: September 10, 2019

KB4474419 — SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: August 13, 2019

KB4516655 — 2019-09 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB45171342019-09 Servicing Stack Update for Windows Server 2008

KB4512938 — 2019-09 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4512939 — 2019-09 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012

KB4511839 — 2019-09 Servicing Stack Update for Windows 10 Version 1703

KB4512573 — 2019-09 Servicing Stack Update for Windows 10 Version 1507

KB4512575 — 2019-09 Servicing Stack Update for Windows 10 Version 1709

KB4512576 — 2019-09 Servicing Stack Update for Windows Server Version 1803 and Windows 10 Version 1803

KB4512577 — 2019-09 Servicing Stack Update for Windows 10 Version 1809 and Windows Server 2019

KB4515383 — 2019-09 Servicing Stack Update for Windows 10 Version 1903

KB4512574 — 2019-09 Servicing Stack Update for Windows Server 1903 RTM, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows Server Version 1803, Windows 10 Version 1803, Windows Server 2016, Windows Server Version 1709, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10

Server / Embedded

KB4516026 — 2019-09 Security Monthly Quality Rollup for Windows Server 2008

KB4516051 — 2019-09 Security Only Quality Update for Windows Server 2008

KB4516055 –2019-09 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4516062 — 2019-09 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

Microsoft .NET

KB4514330 — Security Only Update for .NET Framework 4.8 for Windows Server 2012

KB4514331 — Security Only Update for .NET Framework 4.8 for Windows 8.1 and Server 2012 R2

KB4514337

KB4514338 — Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2

KB4514341 — Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Server 2012 R2

KB4514342 — Security Only Update for .NET Framework 4.5.2 for Windows Server 2012

KB4514349 — Security Only Update for .NET Framework 3.5 for Windows Server 2012

KB4514350 — Security Only Update for .NET Framework 3.5 for Windows 8.1 and Server 2012 R2

KB4514360 — Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012

KB4514361 — Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514363 — Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012

KB4514364 — Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514367 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514368 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows Server 2012

KB4514370 — Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012

KB4514371 — Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Server 2012 R2

KB4514598 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012

KB4514599 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Server 2012 R2

KB4514602 — Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Server 2008 R2 SP1

KB4514603 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012

KB4514604 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514605 — Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2

KB4514354 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607

KB4514355 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703

KB4514356 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1709

KB4514357 — 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803 and Windows Server 2016

KB4514358 — 2019-09 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1809

KB4514359 — 2019-09 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1903

KB4514366 — 2019-09 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809

KB4514601 — 2019-09 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809

Known Issues

Windows 7 SP1 and Windows Server 2008 R2 (monthly rollup only)

  • VBScript may not be disabled in Internet Explorer even though it should be

Windows 8.1 and Windows Server 2008 R2

  • Certain operations may fail on Cluster Shared Volumes

Windows 10 version 1803

  • Operations may fail on Cluster Shared Volumes.
  • Black screen during first logon after update installation issue

Windows 10 version 1809

  • Same as Windows 10 version 1803 plus
  • Error on some devices with certain Asian language packs installed: 0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.
  • Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries

Security advisories and updates

ADV990001 | Latest Servicing Stack Updates

ADV190022 | September 2019 Adobe Flash Security Update

Non-security related updates

Microsoft Office Updates

You find Office update information here.

How to download and install the September 2019 security updates

windows updates september 2019 microsoft

Most home systems receive updates automatically especially when they run Windows 10. Updates are not pushed in real-time to devices running Windows. Some administrators prefer to install security updates the moment they are released, others to wait to make sure that the updates don’t introduce any issues on the system.

Note: it is recommended that you back up the system partition before you install updates. Use programs like Paragon Backup & Recovery Free or Macrium Reflect for that.

Admins may check for updates manually to retrieve the released updates right away. Here is how that is done:

  • Open the Start Menu of the Windows operating system, type Windows Update and select the result.
  • Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Updates may also be downloaded from the Microsoft Update Catalog website.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4516065 — 2019-09 Security Monthly Quality Rollup for Windows 7
  • KB4516033 — 2019-09 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4516067 — 2019-09 Security Monthly Quality Rollup for Windows 8.1
  • KB4516064 — 2019-09 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

  • KB4516058 — 2019-09 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4512578 — 2019-09 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4515384 — 2019-09 Cumulative Update for Windows 10 Version 1903

Additional resources

Summary
Microsoft Windows Security Updates September 2019 overview
Article Name
Microsoft Windows Security Updates September 2019 overview
Description
It is September 10, 2019 and Microsoft has just released security and non-security updates for its Microsoft Windows operating system and other company products.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Ghacks Technology News
Advertisement

Related:

  • No Related Posts

Microsoft Windows Security Updates June 2019 overview

Microsoft released security updates for all supported versions of the Microsoft Windows operating system on the June 11, 2019 Patch Day.

Our overview of the June 2019 Patch Tuesday provides with you information about security and non-security updates that Microsoft released on this day.

The overview includes an executive summary, statistics, links to all updates, the list of known issues sorted by operating system, download links, and more.

Microsoft released the May 2019 Update for Windows 10 recently but it is available to users who seek for updates manually only at the time and only if the system is compatible.

You can check out the May 2019 Update overview here in case you missed it.

Microsoft Windows Security Updates June 2019

The following Excel spreadsheet lists security update information for June 2019. Click on the following link to download it to your system: Microsoft Windows Security Updates June 2019 Overview

Executive Summary

  • Microsoft released security updates for all supported versions of the Windows operating system in June 2019.
  • All client and server versions have critically rated vulnerabilities patched.
  • Microsoft released security updates for other products such as Internet Explorer, Microsoft Edge, Microsoft Office, Azure, Microsoft Exchange Server, and Skype.

Operating System Distribution

  • Windows 7: 42 vulnerabilities of which 3 are rated critical and 39 are rated important
    • CVE-2019-0722 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0888 | ActiveX Data Objects (ADO) Remote Code Execution Vulnerability
    • CVE-2019-0985 | Microsoft Speech API Remote Code Execution Vulnerability
  • Windows 8.1: 35 vulnerabilities of which 3 are rated critical and 32 are rated important
    • same as 1903
  • Windows 10 version 1703: 41 vulnerabilities of which 4 is critical and 37 are important
    • same as 1709
  • Windows 10 version 1709: 43 vulnerabilities of which 4 is critical and 39 are important
    • CVE-2019-0709 | Windows Hyper-V Remote Code Execution Vulnerability
    • same as 1903
  • Windows 10 version 1803: 45 vulnerabilities of which 3 are critical and 43 are important
    • same as 1903
  • Windows 10 version 1809: 47 vulnerabilities of which 3 are critical and 44 are important
    • same as 1903
  • Windows 10 version 1903: 42 vulnerabilities of which 3 are critical and 39 are important.
    • CVE-2019-0620 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0722 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0888 | ActiveX Data Objects (ADO) Remote Code Execution Vulnerability

Windows Server products

  • Windows Server 2008 R2: 42 vulnerabilities: 3 are critical and 39 are important.
    • CVE-2019-0722 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0888 | ActiveX Data Objects (ADO) Remote Code Execution Vulnerability
    • CVE-2019-0985 | Microsoft Speech API Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 34 vulnerabilities: 3 are critical and 31 are important.
    • Same as Server 2019
  • Windows Server 2016: 39 vulnerabilities: 4 are critical and 35 are important
    • CVE-2019-0709 | Windows Hyper-V Remote Code Execution Vulnerability
    • Same as Server 2019
  • Windows Server 2019: 47 vulnerabilities: 3 are critical and 44 are important.
    • CVE-2019-0620 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0722 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0888 | ActiveX Data Objects (ADO) Remote Code Execution Vulnerability

Other Microsoft Products

  • Internet Explorer 11: 7 vulnerability, 5 critical, 2 important
    • CVE-2019-1080 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1055 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1038 | Microsoft Browser Memory Corruption Vulnerability
    • CVE-2019-0988 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0920 | Scripting Engine Memory Corruption Vulnerability
  • Microsoft Edge: 14 vulnerabilities, 12 critical, 2 important
    • CVE-2019-0989 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0990 | Scripting Engine Information Disclosure Vulnerability
    • CVE-2019-0991 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0992 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0993 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1002 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1003 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1023 | Scripting Engine Information Disclosure Vulnerability
    • CVE-2019-1024 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1038 | Microsoft Browser Memory Corruption Vulnerability
    • CVE-2019-1051 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1052 | Chakra Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Server 2008 R2

KB4503292 — Monthly Rollup

  • Fixed a HTTP and HTTPS string character limit issue in Internet Explorer.
  • Security updates

KB4503269 — Security-only Update

  • Security updates only

Windows 8.1 and Server 2012 R2

KB4503276 — Monthly Rollup

  • Patched a security vulnerability by “intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections”.
  • Fixed the Preboot Execution Environment known issue.
  • Fixed a HTTP and HTTPS string character limit issue in Internet Explorer.
  • Security updates.

KB4503290 — Security-only Rollup

  • Same as KB4503276 with the exception of the IE string character limit issue.

Windows 10 version Windows 10 version 1709

KB4503284

  • Fixed Bluetooth vulnerability.
  • Fixed an IE11 issue that could prevent IE from opening if no or a malformed search provider was set as the default.
  • security updates

Windows 10 version 1803

  • Fixed the Preboot Execution Environment issue.
  • Same as 1709

Windows 10 version 1809

  • Fixed a Windows Mixed Reality keyboard rendering issue.
  • Fixed a Bluetooth vulnerability.
  • Fixed the Preboot environment issue.
  • Updated Broadcom Wi-Fi firmware to Microsoft HoloLens.
  • Fixed the IE11 default search provider issue.
  • Security updates

Windows 10 version 1903

  • Fixed Bluetooth vulnerability.
  • Security updates.

Other security updates

KB4503259 — Cumulative security update for Internet Explorer: June 11, 2019

KB4474419 — SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: March 12, 2019

KB4503285 — Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4503287 — Security Only Quality Update for Windows Server 2008

KB4503308 — Security update for Adobe Flash Player

KB4503267 — Cumulative Update for Windows 10 Version 1607 and Windows Server Version 1607

KB4503291 — Cumulative Update for Windows 10 Version 1507

KB4503537 — Servicing Stack Update for Windows 10 Version 1607, and Windows Server 2016

KB4504369 — Servicing Stack Update for Windows 10 Version 1809, and Windows Server 2019

Known Issues

Windows 7 SP1 and Server 2008 R2

  1. Issue with McAfee Enterprise products that may cause the system to have slow startups or become unresponsive.
  2. Internet Explorer 11 may stop working when “loading or interacting with Power BI reports”.
    • Workaround: republish with Markers turned off.

Windows 8.1 and Server 2012 R2

  1. Same as Windows 7 SP1 and Server 2008 R2
  2. Certain operations on Cluster Shared Volumes still fail. Workaround is still valid.

Windows 10 version 1709, 1803

  1. Certain operations on Cluster Shared Volumes still fail. Workaround is still valid.

Windows 10 version 1809

  1. Certain operations on Cluster Shared Volumes still fail. Workaround is still valid.
  2. A printing issue in Microsoft Edge and other UWP apps that throws “Your printer has experienced an unexpected configuration problem. 0x80070007e.” errors.
    • Workaround: use another browser to print.
  3. Error “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND”after installing KB4493509 on devices with certain Asian languages.

Windows 10 version 1903

  1. Windows Sandbox may fail to start with ERROR_FILE_NOT_FOUND (0x80070002)

Security advisories and updates

ADV190015 | June 2019 Adobe Flash Security Update

ADV190016 | Bluetooth Low Energy Advisory

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB4497935 for Windows 10 version 1903 and Windows Server 1903

KB4497934 for Windows 10 version 1809 and Windows Server 2019

KB4505056 for Windows 10 version 1809 and Windows Server 2019

KB4499183 for Windows 10 version 1803

KB4505064 for Windows 10 version 1803

KB4499147 for Windows 10 version 1709

KB4505062 for Windows 10 version 1709

KB4499162 for Windows 10 version 1703

KB4505055 for Windows 10 version 1703

KB4499177 for Windows 10 version 1607 and Windows Server 2016

KB4505052 for Windows 10 version 1607 and Windows Server 2016

KB4503539 — Dynamic Update for Windows 10 Version 1803

KB4494454 — Update for Windows 10

KB4501226 — Update for POSReady 2009

KB890830 — Windows Malicious Software Removal Tool – June 2019

Microsoft Office Updates

You find Office update information here.

How to download and install the June 2019 security updates

windows security updates june 2019

All Windows client systems are configured to download and install security updates automatically shortly after release. It is possible to run manual checks for updates to install these as early as possible.

We suggest that backups are created before any updates are installed as updates may introduce issues of their own or in worst case, break the system.

You can run a manual check for updates in the following way:

  1. Tap on the Windows-key, type Windows Update, and select the result.
  2. A click on “check for updates” runs a manual check. Updates may be installed automatically or on user request depending on system settings.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4503292 — 2019-06 Security Monthly Quality Rollup for Windows 7
  • KB4503269 — 2019-06 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4503276 — 2019-06 Security Monthly Quality Rollup for Windows 8.1
  • KB4503290 — 2019-06 Security Only Quality Update for Windows 8.1

Windows 10 (version 1709)

  • KB4503279 — 2019-06 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4503286 — 2019-06 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4503327 — 2019-06 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4503293 — 2019-06 Cumulative Update for Windows 10 Version 1903

Additional resources

Summary
Article Name
Microsoft Windows Security Updates June 2019 overview
Description
Detailed overview of the Microsoft June 2019 Patch Day covering Windows security and non-security updates, advisories, known issues, and more.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Ghacks Technology News
Advertisement

Related:

  • No Related Posts

Windows 10 19H1 (Insider Preview Builds) – Citrix Known Issues

Microsoft releases regular builds of the next version of Windows 10 through their Insider Preview Program. Citrix does not support Insider Preview builds as stated on CTX224843 – Windows 10 Compatibility with Citrix XenDesktop.

This article is intended to capture known issues with Windows 10 19H1 that have been identified so far through Citrix internal testing and customer reports for the benefit of customers who are conducting early testing in preparation for when the Semi-Annual Channel release of 19H1 becomes available.

  • Citrix Virtual Delivery Agent (VDA) for Windows Desktop OS
  • Citrix Receiver for Windows
  • Citrix Provisioning Services (PVS)
  • Citrix Workspace Environment Management (WEM)
  • Citrix User Profile Management (UPM)

Note:

  • This is a live article and is updated as and when new information is available.
  • All the issues mentioned in this article have been noticed with 19H1 builds up to 18261.

Known Issues

The following are the known issues:

Issue 1

Issue Description

Print command from inside an ICA session of Windows 10 19H1 client fails to print using mapped Citrix UPS configured XPS Printer.

[HDX-13664]

Problem Cause

XPS Viewer is not available on Windows 10 v1803 and later versions by default. It is available as a Feature on Demand.

Solution

To install XPS Viewer, follow the below steps:

  • Open Command Prompt in elevated mode
  • Run the command “Dism /online /add-capability /CapabilityName:XPS.Viewer~~~~0.0.1.0”

Note:

  • The machine should be connected to the Internet for above command to acquire and install XPS Viewer.


Issue 2

Issue Description

Citrix User Profile Manager (UPM) stops working after Windows 10 is upgraded to Windows 10 19H1.

[TPV-1307]

Problem Cause

Some of the registry keys related to Citrix UPM are getting removed during upgrade process.


Solution

This issue is fixed with the Microsoft’s March 2019 Updates for Windows 10. Install the respective March 2019 update OR its replacement on your existing Windows 10 version before upgrading to Windows 10 19H1.

Issue 3

Issue Description

After HDX 3D Pro VDA is upgraded from Windows 10 to 19H1, the policy “Use hardware encoding for video codec” is not in effect and Hardware Encoding is disabled. The Registry information related to BitMap Provider is also not as expected post upgrade.

[LCM-4955, LCM-4956]

Solution

Citrix is working with Microsoft to resolve this issue.

Workaround:

  • After upgrading to 19H1, restart the VDA and run below commands:

C:Program FilesCitrixICAServiceNvFBCEnable.exe -enable

  • Make sure FBC is enabled by running

C:Program FilesCitrixICAServiceNvFBCEnable.exe -checkstatus


Note – If status is still shown as disabled, then Nvidia driver may need to be reinstalled. After reinstalling the driver, try to enable FBC again.

Issue 4

Issue Description

Users are unable to uninstall Desktop Lock if Windows 10 was upgraded to 19H1 with Desktop Lock installed.

[TPV-744]

Problem Cause

During the upgrade,the key CtxBackupShell is getting removed under [HKLM -> SOFTWARE -> Microsoft -> Windows NT -> CurrentVersion -> Winlogon] . As a result, an error message “1: Read failed HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogonCtxBackupShell=(32bit on 32bit)” is displayed.

Solution

Citrix is working with Microsoft to resolve this issue. As a workaround, the user may manually add the registry key manually and then uninstall Citrix Desktop Lock by following below steps:

Caution! Refer to the Disclaimer at the end of this article before making changes to Registry

  1. Right click on Start button and choose Run
  2. Type ‘Regedit’ and click Ok.
  • On x86 machine, browse to HKEY_LOCAL_MACHINE -> Software -> Microsoft -> Windows NT -> CurrentVersion -> Winlogon
  • On x64 machine, browse to HKEY_LOCAL_MACHINE -> Software -> WOW6432Node -> Microsoft -> Windows NT -> CurrentVersion -> Winlogon
  1. Right click on Winlogon in left pane, choose New -> String Value
  2. Enter the value as ‘CtxBackUpShell ’ and hit enter.
  3. Double click on ‘CtxBackUpShell ’ and enter the value as ‘explorer.exe’.
  4. Close Registry Editor and uninstall Desktop Lock.

Issue 5

Issue Description

Pass-Through Authentication (SSON) fails to work when Windows 10 is upgraded to 19H1 with Workspace App installed.

[TPV-1916]

Problem Cause

While upgrading to 19H1, few registry entries required by SSON gets removed under HKLM > System > CurrentControlSet > Control > NetworkProvider.

Solution

This issue is resolved with builds 18358 and newer.

Issue 6

Issue Description

Printers part of Universal Print Server are no longer mapped after Windows 10 is upgraded to Windows 10 19H1. This issue is not seen with fresh install of Windows 10 19H1.

[LCM-5677]

Solution

There is no solution at this time. Citrix is working with Microsoft to resolve this issue.

Issue 7

Issue Description

Unable to print using Universal Print Drivers for printers mapped from a Universal Print Server on Windows 10 19H1 build 18342

[LCM-5691]

Solution

Citrix is investigating this issue.

Issue 8

Issue Description

While upgrading to 19H1 build 18346, the upgrade fails and rolls back to earlier Windows 10 version. This issue is noticed even when Citrix products are not installed.

[TPV-2159]

Problem Cause

This issue is not noticed on x86 platforms. Changes in build 18348 is causing this issue. This issue was not noticed with earlier builds.

Solution

This issue is no longer seen with builds 18361 and newer.


Issue 9

Issue Description

“Direct3D11 error: out of memory” error message may be seen within VDA with Applications like Unigine Heaven 3.0 in DirectX 11 mode on Windows 10 19H1 x64 build 18342

[LCM-5714]

Problem Cause

DirectX 11 enabled apps inside VDA with a GPU assigned fails to work with an out of memory error.

Solution

There is no solution at this time. Citrix is working with Microsoft to resolve this issue.

Related:

  • No Related Posts

Microsoft Windows Security Updates April 2019 overview

Microsoft released security updates for supported versions of Windows and other company today on the April 9, 2019 Patch Tuesday.

Updates are provided in various ways: via Windows Update, as direct downloads, and through Enterprise updating systems.

Our monthly overview of Microsoft’s Patch Day offers detailed information on updates, additional information that is relevant, and links to supported articles.

It starts with an executive summary, and is followed by the statistics, the list of released updates, known issues, and direct download links.

You can check out last month’s Patch Day in case you have missed it. As always, it is recommended that systems are backed up before new patches are installed. Note that some users had troubles installing the last cumulative update for Windows 10 version 1809; you can check a possible fix for System Service Exception blue screens here.

Attention: Reports of Windows 7 and 8.1, and Server 2008 R2 / 2012 R2 machines freezing after update installation. Is apparently related to Sophos products, only solution right now is to uninstall the update.

Microsoft Windows Security Updates April 2019

Download the following Excel spreadsheet listing security updates and related information for updates that Microsoft released in April 2019. Click on the following link to download the spreadsheet to your local system: microsoft-windows-security-updates-april-2019.zip

Executive Summary

  • Windows 10 version 1607 reached end of support for Enterprise and Education customers today.
  • Windows 10 version 1709 reached end of support for Home, Pro and Pro for Workstations today.
  • Microsoft released security updates for all client and server versions of Windows.
  • Other Microsoft software with security updates: Microsoft Edge, Internet Explorer, Microsoft Exchange Server, Team Foundation Server, Azure DevOps Server, Windows Admin Center, Microsoft Office
  • Microsoft fixed many long standing known issues.
  • The Update Catalog lists 133 updates.

Operating System Distribution

  • Windows 7: 29 vulnerabilities of which 6 are rated critical and 23 are rated important (links see W10 1809)
    • CVE-2019-0791 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0792 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0793 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0795 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0845 | Windows IOleCvt Interface Remote Code Execution Vulnerability
    • CVE-2019-0853 | GDI+ Remote Code Execution Vulnerability
  • Windows 8.1: 31 vulnerabilities of which 7 are rated critical and 24 are rated important (links see W10 1809)
    • CVE-2019-0790 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0791 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0792 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0793 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0795 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0845 | Windows IOleCvt Interface Remote Code Execution Vulnerability
    • CVE-2019-0853 | GDI+ Remote Code Execution Vulnerability
  • Windows 10 version 1607: 33 vulnerabilities of which 7 are critical and 26 are important
    • critical issues same as W10 1809 except for CVE-2019-0786 which is not listed.
  • Windows 10 version 1703: 35 vulnerabilities of which 7 are critical and 28 are important
    • critical issues same as W10 1809 except for CVE-2019-0786 which is not listed.
  • Windows 10 version 1709: 37 vulnerabilities of which 8 are critical and 29 are important
    • critical issues same as W10 1809
  • Windows 10 version 1803: 37 vulnerabilities of which 8 are critical and 29 are important
    • critical issues same as W10 1809
  • Windows 10 version 1809: 36 vulnerabilities of which 8 are critical and 28 are important

Windows Server products

  • Windows Server 2008 R2: 29 vulnerabilities of which 6 are critical and 23 are important.
    • same as Windows 7
  • Windows Server 2012 R2: 31 vulnerabilities of which 7 are critical and 24 are important.
    • critical issues same as W10 1809 except CVE-2019-0786 which is not listed.
  • Windows Server 2016: 33 vulnerabilities of which 7 are critical and 26 are important
    • critical issues same as W10 1809 except CVE-2019-0786 which is not listed.
  • Windows Server 2019: 36 vulnerabilities of which 8 are critical and 28 are important.
    • Critical issues same as W10 1809

Other Microsoft Products

  • Internet Explorer 11: 5 vulnerability, 1 critical, 4 important
  • Microsoft Edge: 9 vulnerabilities, 7 critical, 2 important

Windows Security Updates

Windows 7 Service Pack 1

Monthly rollups won’t include PciClearStaleCache.exe anymore starting with this update. Microsoft advises that administrators make sure that updates between April 20, 2018 and March 12, 2019 are installed prior to installing this update and future monthly rollup updates to make sure that the program is on the system.

The following symptoms may be experienced if the file is not available:

  • Existing NIC definitions in control panel networks may be replaced with a new Ethernet Network Interface Card (NIC) but with default settings. Any custom settings on the previously NIC persist in the registry but were unused.
  • Loss of static IP address settings.
  • Network Flyout does not display certain Wi-Fi profile settings.
  • Disabling of Wi-Fi network adapters.

KB4493472 — Monthly Rollup

  • Provides protections against Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754) for VIA-based computers.
  • Fixed an issue that caused the error “0x3B_c0000005_win32k!vSetPointer”.
  • Fixed the netdom.exe error “The command failed to complete successfully” appears.
  • Fixed the Custom URI Schemes issue.
  • Fixed the WININET.DLL issue.
  • Security updates

KB4493448 — Security only update

  • Same as monthly rollup except for error “0x3B_c0000005_win32k!vSetPointer” and Custom URI Schemes.

Windows 8.1

KB4493446 — Monthly Rollup

  • Provides protections against Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754) for VIA-based computers.
  • Fixes an issue with MSXML6 that could cause programs to stop responding.
  • Fixed an issue with the Group Policy Editor that caused it to stop responding when editing Group Policy Preferences for Internet Explorer 10 Internet settings.
  • Fixed an issue with Custom URI schemes for Application Protocol Handlers.
  • Fixed an authentication issue in Internet Explorer 11 and other apps that use WININET.DLL.
  • Security updates for various components.

KB4493467 — Security-only Update

  • Same as the Monthly rollup except the Custom URI schemes fix (not listed)

Windows 10 version 1607

KB4493470

  • Fixed several known issues.
  • Fixed an issue to meet GB18030 certificate requirements.
  • Security updates.

Windows 10 version 1703

KB4493474

  • Fixed several known issues
  • Security Updates

Windows 10 version 1709

KB4493441

  • Fixed several known issues
  • Security Updates

Windows 10 version 1803

KB4493464

  • Fixed several known issues
  • Addresses a stop error that occurs when attempting to start the Secure Shell (SSH) client program from Windows Subsystem for Linux (WSL) with agent forwarding enabled using a command line switch (ssh –A) or a configuration setting.
  • Security updates.

Windows 10 version 1809

KB4493509

  • Fixed several known issues including EUDC blue screen, MXSML6 stop responding, Group Policy Editor stops responding, WININET.DLL
  • Security updates

Other security updates

KB4493435 — Cumulative Security Update for Internet Explorer

KB4491443 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493448 — Security Only Quality Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4493450 — Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4493451 — Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4493458 — Security Only Quality Update for Windows Server 2008

KB4493471 — Security Monthly Quality Rollup for Windows Server 2008

KB4493472 — Security Monthly Quality Rollup for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4493478 — Security Update for Adobe Flash Player

KB4493563 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493730 — Security Update for Windows Server 2008

KB4493790 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493793 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493794 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493795 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493796 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493797 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493927 — Information disclosure vulnerability in Windows Embedded POSReady 2009

KB4494059 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4494528 — You receive an Error 1309 message when you install an .msi file on Windows Embedded POSReady 2009

KB4495022 — Information disclosure vulnerability in Windows Embedded POSReady 2009

Known Issues

Windows 7 Service Pack 1

After installing this update, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. Workarounds available.

Windows 8.1

Authentication may fail for services that require unconstrained delegation after the Kerberos ticket expires. Workarounds available.

Windows 10 version 1607

For hosts managed by System Center Virtual Machine Manager (SCVMM), SCVMM cannot enumerate and manage logical switches deployed on the host after installing the update.

After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.

And the Windows 7 SP1 issue.

Windows 10 version 1607 and newer

After installing the Internet Explorer cumulative update, custom URI schemes for application protocol handlers may not work properly in Internet Explorer. Workaround available.

Windows 10 version 1803

Same as Windows 7 SP1

Windows 10 version 1809, Windows Server 2016

Same as Windows 7 SP1

Security advisories and updates

ADV190011 | April 2019 Adobe Flash Security Update

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB4487990 — Update for POSReady 2009

KB890830 — Windows Malicious Software Removal Tool – April 2019

Microsoft Office Updates

You find a list of all released updates for Microsoft Office — security and non-security – here.

How to download and install the April 2019 security updates

microsoft updates windows april 2019

Windows Updates get installed automatically on Home systems by default. You can block or delay the installation of updates on these systems.

It is not recommended to run a manual check for updates as it may lead to the installation of preview updates or feature updates, but you may do so in the following way:

  1. Open the Start Menu.
  2. Type Windows Update.
  3. Click on the “check for updates” button to run a manual check.

You may use third-party tools like the excellent Windows Update Manager or Windows Update Minitool to download updates.

Direct update downloads

Microsoft makes available all cumulative updates that it releases for Windows as direct downloads on the Microsoft Update Catalog website. Follow the links listed below to go there for the listed version of Windows.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4493472 — 2019-04 Security Monthly Quality Rollup for Windows 7
  • KB4493448 — 2019-04 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4493446 — 2019-04 Security Monthly Quality Rollup for Windows 8.1
  • KB4493467 — 2019-04 Security Only Quality Update for Windows 8.1

Windows 10 and Windows Server 2016 (version 1607)

  • KB4493470 — 2019-04 Cumulative Update for Windows 10 Version 1607

Windows 10 (version 1703)

  • KB4493474 — 2019-04 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  • KB4493441 — 2019-04 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4493464 — 2019-04 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4493509 — 2019-04 Cumulative Update for Windows 10 Version 1809

Additional resources

Summary
Microsoft Windows Security Updates April 2019 overview
Article Name
Microsoft Windows Security Updates April 2019 overview
Description
Microsoft released security updates for supported versions of Windows and other company today on the April 9, 2019 Patch Tuesday.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Ghacks Technology News
Advertisement

Related:

  • No Related Posts