Cisco NX-OS Software Remote Management Memory Leak Denial of Service Vulnerability

A vulnerability in the Virtual Shell (VSH) session management for Cisco NX-OS Software could allow an authenticated, remote attacker to cause a VSH process to fail to delete upon termination. This can lead to a build-up of VSH processes that overtime can deplete system memory. When there is no system memory available, this can cause unexpected system behaviors and crashes.

The vulnerability is due to the VSH process not being properly deleted when a remote management connection to the device is disconnected. An attacker could exploit this vulnerability by repeatedly performing a remote management connection to the device and terminating the connection in an unexpected manner. A successful exploit could allow the attacker to cause the VSH processes to fail to delete, which can lead to a system-wide denial of service (DoS) condition. The attacker must have valid user credentials to log in to the device using the remote management connection.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-memleak-dos

This advisory is part of the August 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication, which includes five Cisco Security Advisories that describe five vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: August 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.

Security Impact Rating: High

CVE: CVE-2019-1965

Related:

  • No Related Posts

Microsoft Windows Security Updates July 2019 overview

Microsoft released security updates and non-security updates for Microsoft Windows (client and server) and other company products on the July 9, 2019 Patch Day.

Our overview provides system administrators, organizations, and home users with detailed information on released patches, known issues, and other relevant information.

The overview starts with an executive summary; it is followed by the operating system distribution, and the list of security updates for all versions of Windows.

The list of known issues, security advisories released by Microsoft, and download information follow.

Here is the link to the June 2019 Patch Day in case you missed it.

Microsoft Windows Security Updates July 2019

Here is an Excel spreadsheet listing security updates that Microsoft released for its products in July 2019. You can download the archive with a click on the following link: Microsoft Windows Security Updates July 2019 Overview

Executive Summary

  • Microsoft released security updates for all client and server versions of the Windows operating system.
  • All versions of Windows are affected by (at least) 1 critical security issue.
  • Security updates were also released for other company products such as Internet Explorer, Microsoft Edge, Microsoft Office, Azure DevOps, .NET Framework, Azure, SQL Server, ASP.NET, Visual Studio, and Microsoft Exchange Server
  • The Microsoft Update Catalog lists 212 entries.

Operating System Distribution

  • Windows 7: 21 vulnerabilities: 1 rated critical and 20 rated important
  • Windows 8.1: 19 vulnerabilities: 1 rated critical and 18 rated important
  • Windows 10 version 1703: 24 vulnerabilities: 1 critical and 23 important
  • Windows 10 version 1709: 36 vulnerabilities: 1 critical and 35 important
  • Windows 10 version 1803: 37 vulnerabilities: 1 critical and 36 important
  • Windows 10 version 1809: 36 vulnerabilities: 1 critical and 35 important
  • Windows 10 version 1903: 36 vulnerabilities: 1 critical and 35 important.

Windows Server products

  • Windows Server 2008 R2: 21 vulnerabilities: 1 critical and 20 important.
  • Windows Server 2012 R2: 22 vulnerabilities: 2 critical and 20 important.
    • CVE-2019-0785 | Windows DHCP Server Remote Code Execution Vulnerability
    • CVE-2019-1102 | GDI+ Remote Code Execution Vulnerability
  • Windows Server 2016: 27 vulnerabilities: 2 critical and 25 important
    • CVE-2019-0785 | Windows DHCP Server Remote Code Execution Vulnerability
    • CVE-2019-1102 | GDI+ Remote Code Execution Vulnerability
  • Windows Server 2019: 40 vulnerabilities: 2 critical and 38 are important.
    • CVE-2019-0785 | Windows DHCP Server Remote Code Execution Vulnerability
    • CVE-2019-1102 | GDI+ Remote Code Execution Vulnerability

Other Microsoft Products

  • Internet Explorer 11: 6 vulnerabilities: 6 critical
    • CVE-2019-1001 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1004 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1056 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1059 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1063 | Internet Explorer Memory Corruption Vulnerability
    • CVE-2019-1104 | Microsoft Browser Memory Corruption Vulnerability
  • Microsoft Edge: 7 vulnerabilities: 7 critical
    • CVE-2019-1001 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1062 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1092 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1103 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1104 | Microsoft Browser Memory Corruption Vulnerability
    • CVE-2019-1106 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1107 | Chakra Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 Service Pack 1 and Windows Server 2008 R2

KB4507449 — Monthly Rollup

  • Same as KB4507456.

KB4507456 — Security-only Update

  • Security updates to Windows Server, Microsoft Graphics Component, Windows Storage and Filesystems, Windows Shell, Windows Input and Composition, and Windows Kernel.

Windows 8.1 and Windows Server 2012 R2

KB4507448 — Monthly Rollup

  • Fixed a Bitlocker issue that caused Bitlocker to go into recovery mode.
  • Same as KB4507457.

KB4507457 — Security-only Update

  • Security updates to Windows Wireless Networking, Windows Server, Windows Storage and Filesystems, Microsoft Graphics Component, Windows Input and Composition, Windows Kernel, and Windows App Platform and Frameworks

Windows 10 version 1803

KB4507435

  • Fixed a Bitlocker issue that caused the encryption software to go into recover mode.
  • Security updates to Windows Wireless Networking, Windows Server, Microsoft Scripting Engine, Windows Storage and Filesystems, Microsoft Graphics Component, Windows Kernel, Internet Explorer, Windows Input and Composition, Windows Virtualization, Windows App Platform and Frameworks, Microsoft Edge, Windows Cryptography, and Windows Fundamentals.

Windows 10 version 1809 and Windows Server 2019

KB4507469

  • Fixed a Bitlocker issue that caused the encryption software to go into recover mode.
  • Fixed an issue that caused the camera to become unresponsive.
  • Security updates to Windows Server, Microsoft Scripting Engine, Microsoft Graphics Component, Internet Explorer, Windows Input and Composition, Windows Virtualization, Windows App Platform and Frameworks, Windows Kernel, Microsoft Edge, Windows Cryptography, and Windows Fundamentals.

Windows 10 version 1903

KB4507453

Other security updates

KB4506954 — 2019-07 Security Only Update for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4506955 — 2019-07 Security Only Update for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2

KB4506956 — 2019-07 Security Only Update for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4506961 — 2019-07 Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4506962 — 2019-07 Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4506963 — 2019-07 Security Only Update for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4506964 — 2019-07 Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4506965 — 2019-07 Security Only Update for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4506966 — 2019-07 Security Only Update for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4506974 — 2019-07 Security Only Update for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4506975 — 2019-07 Security Only Update for .NET Framework 2.0, 3.0 for Windows Server 2008

KB4506976 — 2019-07 Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4506977 — 2019-07 Security Only Update for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4506992 — 2019-07 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4506993 — 2019-07 Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2

KB4506994 — 2019-07 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4506995 — 2019-07 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4506996 — 2019-07 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4506997 — 2019-07 Security and Quality Rollup for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4506999 — 2019-07 Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4507000 — 2019-07 Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4507001 — 2019-07 Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4507002 — 2019-07 Security and Quality Rollup for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4507003 — 2019-07 Security and Quality Rollup for .NET Framework 2.0 for Windows Server 2008

KB4507004 — 2019-07 Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4507005 — 2019-07 Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4507411 — 2019-07 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4507412 — 2019-07 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4507413 — 2019-07 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2

KB4507414 — 2019-07 Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

KB4507420 — 2019-07 Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4507421 — 2019-07 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 on Windows Embedded 8 Standard and Windows Server 2012

KB4507422 — 2019-07 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4507423 — 2019-07 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4507434 — 2019-07 Cumulative Security Update for Internet Explorer

KB4507452 — 2019-07 Security Monthly Quality Rollup for Windows Server 2008

KB4507461 — 2019-07 Security Only Quality Update for Windows Server 2008

KB4507462 — 2019-07 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4507464 — 2019-07 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4504418 — 2019-07 Servicing Stack Update for Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows Embedded 8 Standard, and Windows Server 2012

KB4506986 — 2019-07 Cumulative Update for .NET Framework 4.8 for Windows Server 2016, Windows 10 Version 1607

KB4506987 — 2019-07 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703

KB4506988 — 2019-07 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1709

KB4506989 — 2019-07 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803

KB4506990 — 2019-07 Cumulative Update for .NET Framework 3.5, 4.8 for Windows 10 Version 1809 and Windows Server 2019

KB4506991 — 2019-07 Cumulative Update for .NET Framework 3.5, 4.8 for Winodws 10 version 1903

KB4506998 — 2019-07 Cumulative Update for .NET Framework 3.5, 4.7.2 for Windows 10 Version 1809 and Windows Server 2019

KB4507419 — 2019-07 Cumulative Update for .NET Framework 3.5, 4.7.2, 4.8 for Windows 10 Version 1809 and Windows Server 2019

KB4507435 — 2019-07 Dynamic Cumulative Update for Windows 10 Version 1803

KB4507450 — 2019-07 Cumulative Update for Windows 10 Version 1703

KB4507455 — 2019-07 Cumulative Update for Windows 10 Version 1709

KB4507458 — 2019-07 Dynamic Cumulative Update for Windows 10 Version 1507

KB4507460 — 2019-07 Cumulative Update for Windows 10 Version 1607 and Windows Server 2016

KB4509090 — 2019-07 Servicing Stack Update for Windows 10 Version 1507

KB4509091 — 2019-07 Servicing Stack Update for Windows Server 2016, and Windows 10 Version 1607

KB4509092 — 2019-07 Servicing Stack Update for Windows 10 Version 1703

KB4509093 — 2019-07 Servicing Stack Update for Windows 10 Version 1709

KB4509094 — 2019-07 Servicing Stack Update for Windows 10 Version 1803, and Windows Server 2016

KB4509095 — 2019-07 Servicing Stack Update for Windows 10 Version 1809, and Windows Server 2019

KB4509096 — 2019-07 Servicing Stack Update for Windows 10 Version 1903

Known Issues

Windows 7 Service Pack 1 and Windows Server 2008 R2

  • Issue with McAfee Enterprise software that causes slow startup or the system to become unresponsive.

Windows 8.1 and Windows Server 2012 R2

  • Still the long standing issue with Cluster Shared Volumes that throws the error “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.
  • Issue with McAfee Enterprise software that causes slow startup or the system to become unresponsive.
  • Windows-Eyes screen reader may may throw errors on launch or during use, and some features may not work properly.

Windows 10 version 1803

  • Still the long standing issue with Cluster Shared Volumes that throws the error “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.
  • Black screen during first logon after installing updates.
  • Issue with Window-Eyes screen reader app that may not work correctly.

Windows 10 version 1809 and Server 2019

  • Long standing issue with Cluster Shared Volumes.
  • Error “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND” on devices with “some Asian language packs installed”.
  • Black screen during first logon after installing updates.
  • Issue with Window-Eyes screen reader app that may not work correctly.

Windows 10 version 1903

  • Windows Sandbox may fail to start.
  • The Remote Access Connection Manager (RASMAN) service may stop working and you may receive the error “0xc0000005” on devices where the diagnostic data level is manually configured to the non-default setting of 0.

Security advisories and updates

ADV190020 | Linux Kernel TCP SACK Denial of Service Vulnerability

ADV190021 | Outlook on the web Cross-Site Scripting Vulnerability

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB890830 — Windows Malicious Software Removal Tool – July 2019

KB4501375 –Windows 10 version 1903 and Windows Server version 1903

KB4509479 — Windows 10 version 1809 and Windows Server 2019

  • Fixed a Storage Area Network (SAN) connection issue.

KB4501371 –Windows 10 version 1809 and Windows Server 2019

KB4509478 — Windows 10 version 1803

  • Same as KB4509479 for Windows 10 version 1809.

KB4503288 — Windows 10 version 1803

KB4509477 — Windows 10 version 1709

  • Same as KB4509479 for Windows 10 version 1809.

KB4503281 — Windows 10 version 1709

Microsoft Office Updates

You find Office update information here.

How to download and install the July 2019 security updates

microsoft windows security updates july 2019

The July 2019 security updates are distributed through Windows Update, WSUS, and other means. Most client-based Windows systems are configured to check for updates automatically.

Windows administrators who don’t want to wait may run manual checks for updates. It is generally not recommended as bugs may be discovered after the general availability. Backups are recommended if the installation of updates can’t be delayed.

Do the following to run a manual check for updates:

  1. Tap on the Windows-key, type Windows Update, and select the result.
  2. A click on “check for updates” runs a manual check. Updates may be installed automatically or on user request depending on system settings.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4507449 — 2019-07 Security Monthly Quality Rollup for Windows 7
  • KB4507456 — 2019-07 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4507448 — 2019-07 Security Monthly Quality Rollup for Windows 8.1
  • KB4507457 — 2019-07 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

  • KB4507435 — 2019-07 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4507469 — 2019-07 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4501375 — 2019-07 Cumulative Update for Windows 10 Version 1903

Additional resources

Summary
Microsoft Windows Security Updates June 2019 overview
Article Name
Microsoft Windows Security Updates June 2019 overview
Description
Detailed overview of the Microsoft July 2019 Patch Day covering Windows security and non-security updates, advisories, known issues, and more.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Ghacks Technology News
Advertisement

Related:

  • No Related Posts

XP/Legacy client and SEPM 14…

I need a solution

Greetings..

Cutting to the chase here..

I have 3 SEP environments to manage.  One is 14.x, the other 2 are 12.1.x, and we are trying to decomm those.  On both old servers, I have XP clients that can’t have their OS upgraded due to application support for what they do.

Do I need to install a new SEPM 14 Legacy client to these XP devices, or can I simply send a Comm update and have them report and receive updates from the SEP 14 side with no other client changes?

Thanks..

0

Related:

  • No Related Posts

Microsoft Windows Security Updates June 2019 overview

Microsoft released security updates for all supported versions of the Microsoft Windows operating system on the June 11, 2019 Patch Day.

Our overview of the June 2019 Patch Tuesday provides with you information about security and non-security updates that Microsoft released on this day.

The overview includes an executive summary, statistics, links to all updates, the list of known issues sorted by operating system, download links, and more.

Microsoft released the May 2019 Update for Windows 10 recently but it is available to users who seek for updates manually only at the time and only if the system is compatible.

You can check out the May 2019 Update overview here in case you missed it.

Microsoft Windows Security Updates June 2019

The following Excel spreadsheet lists security update information for June 2019. Click on the following link to download it to your system: Microsoft Windows Security Updates June 2019 Overview

Executive Summary

  • Microsoft released security updates for all supported versions of the Windows operating system in June 2019.
  • All client and server versions have critically rated vulnerabilities patched.
  • Microsoft released security updates for other products such as Internet Explorer, Microsoft Edge, Microsoft Office, Azure, Microsoft Exchange Server, and Skype.

Operating System Distribution

  • Windows 7: 42 vulnerabilities of which 3 are rated critical and 39 are rated important
    • CVE-2019-0722 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0888 | ActiveX Data Objects (ADO) Remote Code Execution Vulnerability
    • CVE-2019-0985 | Microsoft Speech API Remote Code Execution Vulnerability
  • Windows 8.1: 35 vulnerabilities of which 3 are rated critical and 32 are rated important
    • same as 1903
  • Windows 10 version 1703: 41 vulnerabilities of which 4 is critical and 37 are important
    • same as 1709
  • Windows 10 version 1709: 43 vulnerabilities of which 4 is critical and 39 are important
    • CVE-2019-0709 | Windows Hyper-V Remote Code Execution Vulnerability
    • same as 1903
  • Windows 10 version 1803: 45 vulnerabilities of which 3 are critical and 43 are important
    • same as 1903
  • Windows 10 version 1809: 47 vulnerabilities of which 3 are critical and 44 are important
    • same as 1903
  • Windows 10 version 1903: 42 vulnerabilities of which 3 are critical and 39 are important.
    • CVE-2019-0620 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0722 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0888 | ActiveX Data Objects (ADO) Remote Code Execution Vulnerability

Windows Server products

  • Windows Server 2008 R2: 42 vulnerabilities: 3 are critical and 39 are important.
    • CVE-2019-0722 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0888 | ActiveX Data Objects (ADO) Remote Code Execution Vulnerability
    • CVE-2019-0985 | Microsoft Speech API Remote Code Execution Vulnerability
  • Windows Server 2012 R2: 34 vulnerabilities: 3 are critical and 31 are important.
    • Same as Server 2019
  • Windows Server 2016: 39 vulnerabilities: 4 are critical and 35 are important
    • CVE-2019-0709 | Windows Hyper-V Remote Code Execution Vulnerability
    • Same as Server 2019
  • Windows Server 2019: 47 vulnerabilities: 3 are critical and 44 are important.
    • CVE-2019-0620 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0722 | Windows Hyper-V Remote Code Execution Vulnerability
    • CVE-2019-0888 | ActiveX Data Objects (ADO) Remote Code Execution Vulnerability

Other Microsoft Products

  • Internet Explorer 11: 7 vulnerability, 5 critical, 2 important
    • CVE-2019-1080 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1055 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1038 | Microsoft Browser Memory Corruption Vulnerability
    • CVE-2019-0988 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0920 | Scripting Engine Memory Corruption Vulnerability
  • Microsoft Edge: 14 vulnerabilities, 12 critical, 2 important
    • CVE-2019-0989 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0990 | Scripting Engine Information Disclosure Vulnerability
    • CVE-2019-0991 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0992 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-0993 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1002 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1003 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1023 | Scripting Engine Information Disclosure Vulnerability
    • CVE-2019-1024 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1038 | Microsoft Browser Memory Corruption Vulnerability
    • CVE-2019-1051 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2019-1052 | Chakra Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Server 2008 R2

KB4503292 — Monthly Rollup

  • Fixed a HTTP and HTTPS string character limit issue in Internet Explorer.
  • Security updates

KB4503269 — Security-only Update

  • Security updates only

Windows 8.1 and Server 2012 R2

KB4503276 — Monthly Rollup

  • Patched a security vulnerability by “intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections”.
  • Fixed the Preboot Execution Environment known issue.
  • Fixed a HTTP and HTTPS string character limit issue in Internet Explorer.
  • Security updates.

KB4503290 — Security-only Rollup

  • Same as KB4503276 with the exception of the IE string character limit issue.

Windows 10 version Windows 10 version 1709

KB4503284

  • Fixed Bluetooth vulnerability.
  • Fixed an IE11 issue that could prevent IE from opening if no or a malformed search provider was set as the default.
  • security updates

Windows 10 version 1803

  • Fixed the Preboot Execution Environment issue.
  • Same as 1709

Windows 10 version 1809

  • Fixed a Windows Mixed Reality keyboard rendering issue.
  • Fixed a Bluetooth vulnerability.
  • Fixed the Preboot environment issue.
  • Updated Broadcom Wi-Fi firmware to Microsoft HoloLens.
  • Fixed the IE11 default search provider issue.
  • Security updates

Windows 10 version 1903

  • Fixed Bluetooth vulnerability.
  • Security updates.

Other security updates

KB4503259 — Cumulative security update for Internet Explorer: June 11, 2019

KB4474419 — SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: March 12, 2019

KB4503285 — Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4503287 — Security Only Quality Update for Windows Server 2008

KB4503308 — Security update for Adobe Flash Player

KB4503267 — Cumulative Update for Windows 10 Version 1607 and Windows Server Version 1607

KB4503291 — Cumulative Update for Windows 10 Version 1507

KB4503537 — Servicing Stack Update for Windows 10 Version 1607, and Windows Server 2016

KB4504369 — Servicing Stack Update for Windows 10 Version 1809, and Windows Server 2019

Known Issues

Windows 7 SP1 and Server 2008 R2

  1. Issue with McAfee Enterprise products that may cause the system to have slow startups or become unresponsive.
  2. Internet Explorer 11 may stop working when “loading or interacting with Power BI reports”.
    • Workaround: republish with Markers turned off.

Windows 8.1 and Server 2012 R2

  1. Same as Windows 7 SP1 and Server 2008 R2
  2. Certain operations on Cluster Shared Volumes still fail. Workaround is still valid.

Windows 10 version 1709, 1803

  1. Certain operations on Cluster Shared Volumes still fail. Workaround is still valid.

Windows 10 version 1809

  1. Certain operations on Cluster Shared Volumes still fail. Workaround is still valid.
  2. A printing issue in Microsoft Edge and other UWP apps that throws “Your printer has experienced an unexpected configuration problem. 0x80070007e.” errors.
    • Workaround: use another browser to print.
  3. Error “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND”after installing KB4493509 on devices with certain Asian languages.

Windows 10 version 1903

  1. Windows Sandbox may fail to start with ERROR_FILE_NOT_FOUND (0x80070002)

Security advisories and updates

ADV190015 | June 2019 Adobe Flash Security Update

ADV190016 | Bluetooth Low Energy Advisory

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB4497935 for Windows 10 version 1903 and Windows Server 1903

KB4497934 for Windows 10 version 1809 and Windows Server 2019

KB4505056 for Windows 10 version 1809 and Windows Server 2019

KB4499183 for Windows 10 version 1803

KB4505064 for Windows 10 version 1803

KB4499147 for Windows 10 version 1709

KB4505062 for Windows 10 version 1709

KB4499162 for Windows 10 version 1703

KB4505055 for Windows 10 version 1703

KB4499177 for Windows 10 version 1607 and Windows Server 2016

KB4505052 for Windows 10 version 1607 and Windows Server 2016

KB4503539 — Dynamic Update for Windows 10 Version 1803

KB4494454 — Update for Windows 10

KB4501226 — Update for POSReady 2009

KB890830 — Windows Malicious Software Removal Tool – June 2019

Microsoft Office Updates

You find Office update information here.

How to download and install the June 2019 security updates

windows security updates june 2019

All Windows client systems are configured to download and install security updates automatically shortly after release. It is possible to run manual checks for updates to install these as early as possible.

We suggest that backups are created before any updates are installed as updates may introduce issues of their own or in worst case, break the system.

You can run a manual check for updates in the following way:

  1. Tap on the Windows-key, type Windows Update, and select the result.
  2. A click on “check for updates” runs a manual check. Updates may be installed automatically or on user request depending on system settings.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4503292 — 2019-06 Security Monthly Quality Rollup for Windows 7
  • KB4503269 — 2019-06 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4503276 — 2019-06 Security Monthly Quality Rollup for Windows 8.1
  • KB4503290 — 2019-06 Security Only Quality Update for Windows 8.1

Windows 10 (version 1709)

  • KB4503279 — 2019-06 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4503286 — 2019-06 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4503327 — 2019-06 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4503293 — 2019-06 Cumulative Update for Windows 10 Version 1903

Additional resources

Summary
Article Name
Microsoft Windows Security Updates June 2019 overview
Description
Detailed overview of the Microsoft June 2019 Patch Day covering Windows security and non-security updates, advisories, known issues, and more.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Ghacks Technology News
Advertisement

Related:

  • No Related Posts

Microsoft Windows Security Updates April 2019 overview

Microsoft released security updates for supported versions of Windows and other company today on the April 9, 2019 Patch Tuesday.

Updates are provided in various ways: via Windows Update, as direct downloads, and through Enterprise updating systems.

Our monthly overview of Microsoft’s Patch Day offers detailed information on updates, additional information that is relevant, and links to supported articles.

It starts with an executive summary, and is followed by the statistics, the list of released updates, known issues, and direct download links.

You can check out last month’s Patch Day in case you have missed it. As always, it is recommended that systems are backed up before new patches are installed. Note that some users had troubles installing the last cumulative update for Windows 10 version 1809; you can check a possible fix for System Service Exception blue screens here.

Attention: Reports of Windows 7 and 8.1, and Server 2008 R2 / 2012 R2 machines freezing after update installation. Is apparently related to Sophos products, only solution right now is to uninstall the update.

Microsoft Windows Security Updates April 2019

Download the following Excel spreadsheet listing security updates and related information for updates that Microsoft released in April 2019. Click on the following link to download the spreadsheet to your local system: microsoft-windows-security-updates-april-2019.zip

Executive Summary

  • Windows 10 version 1607 reached end of support for Enterprise and Education customers today.
  • Windows 10 version 1709 reached end of support for Home, Pro and Pro for Workstations today.
  • Microsoft released security updates for all client and server versions of Windows.
  • Other Microsoft software with security updates: Microsoft Edge, Internet Explorer, Microsoft Exchange Server, Team Foundation Server, Azure DevOps Server, Windows Admin Center, Microsoft Office
  • Microsoft fixed many long standing known issues.
  • The Update Catalog lists 133 updates.

Operating System Distribution

  • Windows 7: 29 vulnerabilities of which 6 are rated critical and 23 are rated important (links see W10 1809)
    • CVE-2019-0791 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0792 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0793 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0795 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0845 | Windows IOleCvt Interface Remote Code Execution Vulnerability
    • CVE-2019-0853 | GDI+ Remote Code Execution Vulnerability
  • Windows 8.1: 31 vulnerabilities of which 7 are rated critical and 24 are rated important (links see W10 1809)
    • CVE-2019-0790 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0791 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0792 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0793 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0795 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0845 | Windows IOleCvt Interface Remote Code Execution Vulnerability
    • CVE-2019-0853 | GDI+ Remote Code Execution Vulnerability
  • Windows 10 version 1607: 33 vulnerabilities of which 7 are critical and 26 are important
    • critical issues same as W10 1809 except for CVE-2019-0786 which is not listed.
  • Windows 10 version 1703: 35 vulnerabilities of which 7 are critical and 28 are important
    • critical issues same as W10 1809 except for CVE-2019-0786 which is not listed.
  • Windows 10 version 1709: 37 vulnerabilities of which 8 are critical and 29 are important
    • critical issues same as W10 1809
  • Windows 10 version 1803: 37 vulnerabilities of which 8 are critical and 29 are important
    • critical issues same as W10 1809
  • Windows 10 version 1809: 36 vulnerabilities of which 8 are critical and 28 are important

Windows Server products

  • Windows Server 2008 R2: 29 vulnerabilities of which 6 are critical and 23 are important.
    • same as Windows 7
  • Windows Server 2012 R2: 31 vulnerabilities of which 7 are critical and 24 are important.
    • critical issues same as W10 1809 except CVE-2019-0786 which is not listed.
  • Windows Server 2016: 33 vulnerabilities of which 7 are critical and 26 are important
    • critical issues same as W10 1809 except CVE-2019-0786 which is not listed.
  • Windows Server 2019: 36 vulnerabilities of which 8 are critical and 28 are important.
    • Critical issues same as W10 1809

Other Microsoft Products

  • Internet Explorer 11: 5 vulnerability, 1 critical, 4 important
  • Microsoft Edge: 9 vulnerabilities, 7 critical, 2 important

Windows Security Updates

Windows 7 Service Pack 1

Monthly rollups won’t include PciClearStaleCache.exe anymore starting with this update. Microsoft advises that administrators make sure that updates between April 20, 2018 and March 12, 2019 are installed prior to installing this update and future monthly rollup updates to make sure that the program is on the system.

The following symptoms may be experienced if the file is not available:

  • Existing NIC definitions in control panel networks may be replaced with a new Ethernet Network Interface Card (NIC) but with default settings. Any custom settings on the previously NIC persist in the registry but were unused.
  • Loss of static IP address settings.
  • Network Flyout does not display certain Wi-Fi profile settings.
  • Disabling of Wi-Fi network adapters.

KB4493472 — Monthly Rollup

  • Provides protections against Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754) for VIA-based computers.
  • Fixed an issue that caused the error “0x3B_c0000005_win32k!vSetPointer”.
  • Fixed the netdom.exe error “The command failed to complete successfully” appears.
  • Fixed the Custom URI Schemes issue.
  • Fixed the WININET.DLL issue.
  • Security updates

KB4493448 — Security only update

  • Same as monthly rollup except for error “0x3B_c0000005_win32k!vSetPointer” and Custom URI Schemes.

Windows 8.1

KB4493446 — Monthly Rollup

  • Provides protections against Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754) for VIA-based computers.
  • Fixes an issue with MSXML6 that could cause programs to stop responding.
  • Fixed an issue with the Group Policy Editor that caused it to stop responding when editing Group Policy Preferences for Internet Explorer 10 Internet settings.
  • Fixed an issue with Custom URI schemes for Application Protocol Handlers.
  • Fixed an authentication issue in Internet Explorer 11 and other apps that use WININET.DLL.
  • Security updates for various components.

KB4493467 — Security-only Update

  • Same as the Monthly rollup except the Custom URI schemes fix (not listed)

Windows 10 version 1607

KB4493470

  • Fixed several known issues.
  • Fixed an issue to meet GB18030 certificate requirements.
  • Security updates.

Windows 10 version 1703

KB4493474

  • Fixed several known issues
  • Security Updates

Windows 10 version 1709

KB4493441

  • Fixed several known issues
  • Security Updates

Windows 10 version 1803

KB4493464

  • Fixed several known issues
  • Addresses a stop error that occurs when attempting to start the Secure Shell (SSH) client program from Windows Subsystem for Linux (WSL) with agent forwarding enabled using a command line switch (ssh –A) or a configuration setting.
  • Security updates.

Windows 10 version 1809

KB4493509

  • Fixed several known issues including EUDC blue screen, MXSML6 stop responding, Group Policy Editor stops responding, WININET.DLL
  • Security updates

Other security updates

KB4493435 — Cumulative Security Update for Internet Explorer

KB4491443 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493448 — Security Only Quality Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4493450 — Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4493451 — Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4493458 — Security Only Quality Update for Windows Server 2008

KB4493471 — Security Monthly Quality Rollup for Windows Server 2008

KB4493472 — Security Monthly Quality Rollup for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4493478 — Security Update for Adobe Flash Player

KB4493563 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493730 — Security Update for Windows Server 2008

KB4493790 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493793 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493794 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493795 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493796 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493797 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493927 — Information disclosure vulnerability in Windows Embedded POSReady 2009

KB4494059 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4494528 — You receive an Error 1309 message when you install an .msi file on Windows Embedded POSReady 2009

KB4495022 — Information disclosure vulnerability in Windows Embedded POSReady 2009

Known Issues

Windows 7 Service Pack 1

After installing this update, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. Workarounds available.

Windows 8.1

Authentication may fail for services that require unconstrained delegation after the Kerberos ticket expires. Workarounds available.

Windows 10 version 1607

For hosts managed by System Center Virtual Machine Manager (SCVMM), SCVMM cannot enumerate and manage logical switches deployed on the host after installing the update.

After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.

And the Windows 7 SP1 issue.

Windows 10 version 1607 and newer

After installing the Internet Explorer cumulative update, custom URI schemes for application protocol handlers may not work properly in Internet Explorer. Workaround available.

Windows 10 version 1803

Same as Windows 7 SP1

Windows 10 version 1809, Windows Server 2016

Same as Windows 7 SP1

Security advisories and updates

ADV190011 | April 2019 Adobe Flash Security Update

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB4487990 — Update for POSReady 2009

KB890830 — Windows Malicious Software Removal Tool – April 2019

Microsoft Office Updates

You find a list of all released updates for Microsoft Office — security and non-security – here.

How to download and install the April 2019 security updates

microsoft updates windows april 2019

Windows Updates get installed automatically on Home systems by default. You can block or delay the installation of updates on these systems.

It is not recommended to run a manual check for updates as it may lead to the installation of preview updates or feature updates, but you may do so in the following way:

  1. Open the Start Menu.
  2. Type Windows Update.
  3. Click on the “check for updates” button to run a manual check.

You may use third-party tools like the excellent Windows Update Manager or Windows Update Minitool to download updates.

Direct update downloads

Microsoft makes available all cumulative updates that it releases for Windows as direct downloads on the Microsoft Update Catalog website. Follow the links listed below to go there for the listed version of Windows.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4493472 — 2019-04 Security Monthly Quality Rollup for Windows 7
  • KB4493448 — 2019-04 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4493446 — 2019-04 Security Monthly Quality Rollup for Windows 8.1
  • KB4493467 — 2019-04 Security Only Quality Update for Windows 8.1

Windows 10 and Windows Server 2016 (version 1607)

  • KB4493470 — 2019-04 Cumulative Update for Windows 10 Version 1607

Windows 10 (version 1703)

  • KB4493474 — 2019-04 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  • KB4493441 — 2019-04 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4493464 — 2019-04 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4493509 — 2019-04 Cumulative Update for Windows 10 Version 1809

Additional resources

Summary
Microsoft Windows Security Updates April 2019 overview
Article Name
Microsoft Windows Security Updates April 2019 overview
Description
Microsoft released security updates for supported versions of Windows and other company today on the April 9, 2019 Patch Tuesday.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Ghacks Technology News
Advertisement

Related:

  • No Related Posts

Citrix Files Utilizing Image File Folders

We recommend following changes for better user experience with folder having large number of images/video files.

If you need to access the thumbnails view or large icons view of explorer to navigate through images, then:

Enable offline access and select the folder(s) with images/video file to be available offline. Wait for these folders to sync and then you can work with those folders without experiencing hang or slowness.


If you DO NOT need thumbnails view and can work with just list view/details view of windows explorer to navigate images / video files then we recommend enabling following explorer optimizations:

  1. Disable automatic folder type discovery utilizing the Windows Registry Editor:
"HKCUSOFTWAREClassesLocal SettingsSoftwareMicrosoftWindowsShellBagsAllFoldersShell" /V FolderType /T REG_SZ /D NotSpecified /F
  1. Disable thumbnail previews for windows explorer

Disable automatic folder type discovery utilizing the one of the following three methods:

  1. Run the following command prompt command:
reg add HKCUSOFTWAREClassesLocal SettingsSoftwareMicrosoftWindowsShellBagsAllFoldersShell /V FolderType /T REG_SZ /D NotSpecified /F
  1. Create the following entry under:
"HKCUSOFTWAREClassesLocal SettingsSoftwareMicrosoftWindowsShellBagsAllFoldersShell"- String Value with Value data: NotSpecified
  1. Download the ready-to-use Registry files:
NOTE:

Making any changes to these settings will affect windows explorer globally and not just the Citrix Files drive.

Related:

  • No Related Posts

SEPC Installation Package Refresh

I need a solution

Hello all,

First time poster on this forum. I have a question regarding the latest 22.17 Windows upgrade. The upgrade news article states the following:

    Action Required

    Windows device restart
    All users with Windows devices will be prompted to restart their devices after the update. Even if they delay the restart, their Windows clients remain protected.

    Windows installation package refresh
    Administrators who created a Windows installation package before April 3 should create and distribute a new one after April 3 to use for new Windows package deployments.

    As a hub with multiple sites (and multiple installation packages) does this mean we will need to recreate all the installation packages?

    0

    1554209202

    Related:

    • No Related Posts

    [Workspace App for Windows] – Display Issues when user re-docks their Notebook on the docking station and reconnecting to Citrix Session with Multiple Monitors

    Test with below registries on the client side (create them if not present on the client machine):

    Set ProcessWM_SETTINGCHANGE to 1

    On Windows 32-bit systems:

    HKEY_LOCAL_MACHINESOFTWARECitrixICA Client

    Name: ProcessWM_SETTINGCHANGE

    Type: DWORD

    Value: 1 (default value is zero) (this fix is only for users who disable CDViewer Bar and run Desktop in full-screen mode)

    On Windows 64-bit systems:

    HKEY_LOCAL_MACHINESOFTWAREWow6432NodeCitrixICA Client

    Name: ProcessWM_SETTINGCHANGE

    Type: DWORD

    Value: 1 (default value is zero) (this fix is only for users who disable CDViewer Bar and run Desktop in full-screen mode)


    Set MonitorLayoutUpdateDelay to 4

    On Windows 32-bit systems:

    HKEY_LOCAL_MACHINESOFTWARECitrixICA Client

    Name: MonitorLayoutUpdateDelay

    Type: DWORD

    Value: 0 to 4 (default value is zero)

    On Windows 64-bit systems:

    HKEY_LOCAL_MACHINESOFTWAREWow6432NodeCitrixICA Client

    Name: MonitorLayoutUpdateDelay

    Type: DWORD

    Value: 0 to 4 (default value is zero)

    If the issue still exists and if you see a grey screen, then try the below registry key.

    NOTE: The usage of registry key ResolutionUpdateDelay is required only for issue where customer experiences grey screen issue even after applying the other two registry keys .

    Set ResolutionUpdateDelay to 2000

    On 32-bit Windows:

    HKEY_LOCAL_MACHINESoftwareCitrixICA Client

    Name: ResolutionUpdateDelay

    Type: REG_DWORD

    Data: 1000, 1500, 2000 and so on (time in milliseconds, 2000 is the recommended value)

    On 64-bit Windows:

    HKEY_LOCAL_MACHINESoftwareWow6432NodeCitrixICA Client

    Name: ResolutionUpdateDelay

    Type: REG_DWORD

    Data: 1000, 1500, 2000 and so on (time in milliseconds, 2000 is the recommended value)


    For reference:

    https://support.citrix.com/article/CTX138197

    https://support.citrix.com/article/CTX140962

    Related:

    • No Related Posts