Windows 10: Microsoft Windows Security Updates April 2020 overview

Welcome to the overview for Microsoft's April 2020 Patch Day; Microsoft released security updates for all supported versions of the Windows operating system -- client and server -- as well as other company products such as Microsoft Office.

Our overview provides you with links and information that you may use to better understand the releases. It includes links to direct downloads, the list of known issues according to Microsoft, an overview of critical security issues, the operating system distribution of vulnerabilities, and more.

Feel free to check out the March 2020 Patch Day overview here.

Microsoft Windows Security Updates April 2020




You may download the following Excel spreadsheet to get a full list of all security updates that Microsoft released on the April 2020 Patch Day. Just click on the following link to download the spreadsheet to your system: microsoft-windows-security-updates-april-2020

Executive Summary

• Microsoft released security updates for all supported versions of Windows.
• Security updates are also available for Microsoft Edge, Internet Explorer, Microsoft Office, Windows Defender, Visual Studio, Microsoft Dynamics, Microsoft Apps for Android and Mac.
• New msi application installation issue for domain devices on some versions of Windows.

Operating System Distribution

• Windows 7 (extended support only): 37 vulnerabilities: 5 critical and 32 important
  • CVE-2020-0907 | Microsoft Graphics Components Remote Code Execution Vulnerability
  • CVE-2020-0687 | Microsoft Graphics Remote Code Execution Vulnerability
  • CVE-2020-0938 | Adobe Font Manager Library Remote Code Execution Vulnerability
  • CVE-2020-1020 | Adobe Font Manager Library Remote Code Execution Vulnerability
  • CVE-2020-0965 | Microsoft Windows Codecs Library Remote Code Execution Vulnerability
• Windows 8.1: 39 vulnerabilities: 3 rated critical and 52 rated important
  • same as Windows 7
• Windows 10 version 1803: 60 vulnerabilities: 6 critical and 54 important
  • CVE-2020-0907 | Microsoft Graphics Components Remote Code Execution Vulnerability
  • CVE-2020-0687 | Microsoft Graphics Remote Code Execution Vulnerability
  • CVE-2020-0948 | Media Foundation Memory Corruption Vulnerability
  • CVE-2020-0949 | Media Foundation Memory Corruption Vulnerability
  • CVE-2020-0950 | Media Foundation Memory Corruption Vulnerability
  • CVE-2020-0965 | Microsoft Windows Codecs Library Remote Code Execution Vulnerability
• Windows 10 version 1809: 63 vulnerabilities: 7 critical and 56 important
  • Same as Windows 10 version 1803 plus
  • CVE-2020-0910 | Windows Hyper-V Remote Code Execution Vulnerability
• Windows 10 version 1903: 67 vulnerabilities: 8 critical and 59 important
  • Same as Windows 10 version 1809 plus
  • CVE-2020-0796 | Windows SMBv3 Client/Server Remote Code Execution Vulnerability
• Windows 10 version 1909:
  • same as Windows 10 version 1903

Windows Server products

• Windows Server 2008 R2 (extended support only): 32 vulnerabilities, 5 critical, 42 important
  • CVE-2020-0907 | Microsoft Graphics Components Remote Code Execution Vulnerability
  • CVE-2020-0687 | Microsoft Graphics Remote Code Execution Vulnerability
  • CVE-2020-0938 | Adobe Font Manager Library Remote Code Execution Vulnerability
  • CVE-2020-0965 | Microsoft Windows Codecs Library Remote Code Execution Vulnerability
  • CVE-2020-1020 | Adobe Font Manager Library Remote Code Execution Vulnerability
• Windows Server 2012 R2: 37 vulnerabilities: 4 critical and 32 important.
  • Same as Windows Server 2008 R2.
• Windows Server 2016: 51 vulnerabilities: 6 critical and 45 important.
  • CVE-2020-0907 | Microsoft Graphics Components Remote Code Execution Vulnerability
  • CVE-2020-0965 | Microsoft Windows Codecs Library Remote Code Execution Vulnerability
  • CVE-2020-0950 | Media Foundation Memory Corruption Vulnerability
  • CVE-2020-0949 | Media Foundation Memory Corruption Vulnerability
  • CVE-2020-0948 | Media Foundation Memory Corruption Vulnerability
  • CVE-2020-0687 | Microsoft Graphics Remote Code Execution Vulnerability
• Windows Server 2019: 63 vulnerabilities: 7 critical and 65 are important
  • same as Windows Server 2016 plus
  • CVE-2020-0910 | Windows Hyper-V Remote Code Execution Vulnerability

Other Microsoft Products

• Internet Explorer 11: 4 vulnerability: 2 critical, 2 important
  • CVE-2020-0967 | VBScript Remote Code Execution Vulnerability
  • CVE-2020-0968 | Scripting Engine Memory Corruption Vulnerability
• Microsoft Edge: 2 vulnerabilities: 2 critical
  • CVE-2020-0969 | Chakra Scripting Engine Memory Corruption Vulnerability
  • CVE-2020-0970 | Scripting Engine Memory Corruption Vulnerability
• Microsoft Edge on Chromium:
  • see here (latest security patches from the Chromium project)

Windows Security Updates


Windows 7 SP1 and Server 2008 R2

• Monthly Rollup: KB4550964
• Security Only Update: KB4550965

Fixes and improvements:

• Fixed the long-standing issue on Cluster Shared Volumes that caused some operations to fail.
• Security updates.

Windows 8.1 and Windows Server 2012 R2

• Monthly Rollup: KB4550961
• Security Only Update: KB4550970

Fixes and improvements:

• Security updates.

Windows 10 version 1803

• Update: KB4550922

Fixes and improvements:

• Security updates.

Windows 10 version 1809

• Update: KB4549949

Fixes and improvements:

• Fixed an issue that prevented apps from installing if they are published using GPO.
• Security updates.

Windows 10 version 1903 and 1909

• Update: KB4549951

Fixes and improvements:

• Fixed an issue that prevented apps from installing if they are published using GPO.
• Security updates.

Other security updates

KB4550905 -- Cumulative security update for Internet Explorer: April 14, 2020

KB4550917 -- Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4550951 -- Security Monthly Quality Rollup for Windows Server 2008

KB4550957 -- Security Only Quality Update for Windows Server 2008

KB4550971 -- Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4549947 -- Servicing Stack Update for Windows Server 2019 and Windows 10 Version 1809

KB4550737 -- Servicing Stack Update for Windows Server 2008

KB4550738 -- Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4550927 -- Cumulative Update for Windows 10 Version 1709

KB4550929 -- Cumulative Update for Windows Server 2016 and Windows 10 Version 1607

KB4550930 -- Cumulative Update for Windows 10 Version 1507

KB4550939 -- Cumulative Update for Windows 10 Version 1703

KB4550992 -- Servicing Stack Update for Windows 10 Version 1703

KB4550994 -- Servicing Stack Update for Windows Server 2016 and Windows 10 Version 1607

KB4552152 -- Servicing Stack Update for Windows Server, version 1909, Windows 10 Version 1909, Windows Server, version 1903, and Windows 10 Version 1903

Known Issues


Windows 7 SP1 and Server 2008 R2

• Device may display the error "Failure to configure Windows updates. Reverting Changes. Do not turn off your computer" after installing the update.
• Devices on domains may fail to install apps published using GPO. Affects only app installations that use .msi files. (mitigation: manual install) (only affects Monthly Rollup)

Windows 8.1 and Windows Server 2012 R2

• Certain operations on Cluster Shared Volumes may fail.
• Devices on domains may fail to install apps published using GPO. Affects only app installations that use .msi files. (mitigation: manual install) (only affects Monthly Rollup)

Windows 10 version 1803

• Devices on domains may fail to install apps published using GPO. Affects only app installations that use .msi files. (mitigation: manual install)

Windows 10 version 1809

• Installations with some Asian language packs installed may throw the error "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND".

Security advisories and updates


ADV200006 | Type 1 Font Parsing Remote Code Execution Vulnerability

Non-security related updates


KB4549950 -- Dynamic Update for Windows 10 Version 1909, and Windows 10 Version 1903

Microsoft Office Updates


You find Office update information here.

How to download and install the April 2020 security updates


Microsoft releases security updates through various channels including Windows Update, WSUS, other update services, as well as the Microsoft Update Catalog website.

It is highly recommended that backups are created before any type of update is installed.

Do the following to check for new updates:

1. Open the Start Menu of the Windows operating system, type Windows Update and select the result.
2. Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Direct update downloads


Windows 7 and Server 2008 R2

• KB4550964 -- 2020-04 Security Monthly Quality Rollup for Windows 7
• KB4550965 -- 2020-04 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

• KB4550961 -- 2020-04 Security Monthly Quality Rollup for Windows 8.1
• KB4550970 -- 2020-04 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

• KB4550922 -- 2020-04 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1809)

• KB4549949 -- 2020-04 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

• KB4549951 -- 2020-04 Cumulative Update for Windows 10 Version 1903

Windows 10 (version 1909)

• KB4549951 -- 2020-04 Cumulative Update for Windows 10 Version 1909

Additional resources

• April 2020 Security Updates release notes
• List of software updates for Microsoft products
• List of the latest Windows Updates and Services Packs
• Security Updates Guide
• Microsoft Update Catalog site
• Our in-depth Windows update guide
• How to install optional updates on Windows 10
• Windows 10 Update History
• Windows 8.1 Update History
• Windows 7 Update History

Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates April 2020 overview appeared first on gHacks Technology News.

read more...

 

Microsoft March 2020 Security Updates

Release Notes
March 2020 Security Updates
Release Date: March 10, 2020




The March 2020 security release consists of security updates for the following software:

• Microsoft Windows
• Microsoft Edge (EdgeHTML-based)
• Microsoft Edge (Chromium-based)
• ChakraCore
• Internet Explorer
• Microsoft Exchange Server
• Microsoft Office and Microsoft Office Services and Web Apps
• Azure DevOps
• Windows Defender
• Visual Studio
• Open Source Software
• Azure
• Microsoft Dynamics

Please note the following information regarding the security updates:

• A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
• Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
• Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
• For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
• Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

The following CVEs have additional information and may include * further steps to take after installing the updates. Please note that this is not a complete list of CVEs for this release.

• CVE-2020-0765
• CVE-2020-0774
• CVE-2020-0775
• CVE-2020-0795
• CVE-2020-0813
• CVE-2020-0820
• CVE-2020-0850
• CVE-2020-0851
• CVE-2020-0852
• CVE-2020-0853
• CVE-2020-0855
• CVE-2020-0859
• CVE-2020-0861
• CVE-2020-0863
• CVE-2020-0871
• CVE-2020-0874
• CVE-2020-0876
• CVE-2020-0879
• CVE-2020-0880
• CVE-2020-0882
• CVE-2020-0885
• CVE-2020-0891
• CVE-2020-0892
• CVE-2020-0893
• CVE-2020-0894
• CVE-2020-0902 *

Known Issues


The following KBs contain information about known issues with the security updates. For a complete list of security update KBs, please see 20200310


KB Article Applies To
4538032 Visual Studio
4538461 Windows 10 Version 1809, Windows Server 2019
4540123 Microsoft Exchange Server
4540670 Windows 10, version 1607, Windows Server 2016
4540671 Internet Explorer
4540673 Windows 10, version 1809, Windows Server version 1809, Windows 10, version 1809, Windows Server version 1809
4540688 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
4540694 Windows Server 2012 (Security-only update)
4541500 Windows 7, Windows Server 2008 R2 (Security-only update)
4541504 Windows Server 2008 (Security-only update)
4541505 Windows 8.1, Windows Server 2012 R2 (Security-only update)
4541506 Windows Server 2008 Service Pack 2 (Monthly Rollup)
4541509 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
4541510 Windows Server 2012 (Monthly Rollup)


https://portal.msrc.microsoft.com/en...etail/2020-Mar

 

Microsoft January 2020 Security Updates

Release Notes



January 2020 Security Updates

Release Date: January 14, 2020
The January security release consists of security updates for the following software:

• Microsoft Windows
• Internet Explorer
• Microsoft Office and Microsoft Office Services and Web Apps
• ASP.NET Core
• .NET Core
• .NET Framework
• OneDrive for Android
• Microsoft Dynamics

Please note the following information regarding the security updates:

• For information regarding enabling Windows 10, version 1909 features, please see Windows 10, version 1909 delivery options. Note that Windows 10, versions 1903 and 1909 share a common core operating system with an identical set of system files. They will also share the same security update KBs.
• Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
• For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
• A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
• Starting in May 2019, Internet Explorer 11 is available on Windows Server 2012. This configuration is present only in the IE Cumulative package.
• Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
• Note: Support for Windows 7, Windows Server 2008 R2, and Windows Server 2008 ends January 14, 2020. For more information please see Lifecycle FAQ-Extended Security Updates.

The following CVEs have FAQs with additional information and may include * further steps to take after installing the updates. Please note that this is not a complete list of CVEs for this release.

• CVE-2020-0601 *
• CVE-2020-0607
• CVE-2020-0608
• CVE-2020-0615
• CVE-2020-0622
• CVE-2020-0637
• CVE-2020-0639
• CVE-2020-0643
• CVE-2020-0647
• CVE-2020-0650
• CVE-2020-0651
• CVE-2020-0652
• CVE-2020-0653
• CVE-2020-0654 *

Known IssuesThe following KBs contain information about known issues with the security updates. For a complete list of security update KBs, please see 20200114. For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).[table][tr]KB Article Applies To [/tr] [tr][td]4534271[/td] [td]Windows 10, version 1607, Windows Server 2016[/td] [/tr] [tr][td]4534273[/td] [td]Windows 10, version 1809, Windows Server version 1809, Windows 10, version 1809, Windows Server version 1809[/td] [/tr] [tr][td]4534276[/td] [td]Windows 10, version 1709[/td] [/tr] [tr][td]4534283[/td] [td]Windows Server 2012 (Monthly Rollup)[/td] [/tr] [tr][td]4534288[/td] [td]Windows Server 2012 (Security-only update)[/td] [/tr] [tr][td]4534293[/td] [td]Windows 10, version 1803, Windows Server version 1803[/td] [/tr] [tr][td]4534297[/td] [td]Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)[/td] [/tr] [tr][td]4534306[/td] [td]Windows 10[/td] [/tr] [tr][td]4534309[/td] [td]Windows 8.1, Windows Server 2012 R2 (Security-only update)[/td] [/tr] [/table]

https://portal.msrc.microsoft.com/en...etail/2020-Jan

 

Microsoft January 2020 Security Updates

Release Notes

January 2020 Security Updates

Release Date: January 14, 2020

The January security release consists of security updates for the following software:

• Microsoft Windows
• Internet Explorer
• Microsoft Office and Microsoft Office Services and Web Apps
• ASP.NET Core
• .NET Core
• .NET Framework
• OneDrive for Android
• Microsoft Dynamics

Please note the following information regarding the security updates:

• For information regarding enabling Windows 10, version 1909 features, please see
  
  Microsoft Update Catalog.
• For information on lifecycle and support dates for Windows 10 operating systems, please see
  
  Windows Lifecycle Facts Sheet.
• A list of the latest servicing stack updates for each operating system can be found in
  
  ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
• Starting in May 2019, Internet Explorer 11 is available on Windows Server 2012. This configuration is present only in the IE Cumulative package.
• Updates for Windows RT 8.1 and Microsoft Office RT software are only available via
  
  Windows Update.
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
• Note: Support for Windows 7, Windows Server 2008 R2, and Windows Server 2008 ends January 14, 2020. For more information please see
  
  Lifecycle FAQ-Extended Security Updates.

The following CVEs have FAQs with additional information and may include * further steps to take after installing the updates. Please note that this is not a complete list of CVEs for this release.

• CVE-2020-0601 *
• CVE-2020-0607
• CVE-2020-0608
• CVE-2020-0615
• CVE-2020-0622
• CVE-2020-0637
• CVE-2020-0639
• CVE-2020-0643
• CVE-2020-0647
• CVE-2020-0650
• CVE-2020-0651
• CVE-2020-0652
• CVE-2020-0653
• CVE-2020-0654 *

Known Issues

The f****ssues with the security updates. For a complete list of security update KBs, please see

2****ssues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

[table][tr][td]4534271[/td][td]Windows 10, version 1607, Windows Server 2016[/td][/tr][tr][td]4534273[/td][td]Windows 1****809[/td][/tr][tr][td]4534276[/td][td]Windows 10, version 1709[/td][/tr][tr][td]4534283[/td][td]Windows Server 2012 (Monthly Rollup)[/td][/tr][tr][td]4534288[/td][td]Windows Server 2012 (Security-only update)[/td][/tr][tr][td]4534293[/td][td]Windows 10, version 1803, Windows Server version 1803[/td][/tr][tr][td]4534297[/td][td]Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)[/td][/tr][tr][td]4534306[/td][td]Windows 10[/td][/tr][tr][td]4534309[/td][td]Windows 8.1, Windows Server 2012 R2 (Security-only update[/td][/tr][/table]