Windows 10: Microsoft Windows Security Updates February 2020 overview

Welcome to the February 2020 overview of the Microsoft February 2020 Patch Day. It is a special Patch Day, as it is the first after support for Microsoft's Windows 7 and Windows Server 2008 R2 operating system ended officially for Home users (organizations and Enterprise customers may extend support by up to three years).

Microsoft continues to release Windows 7 updates but these are only supported on ESU machines.

Our overview provides you with extensive Patch Day information including an overview of security and non-security updates, direct download links, known issues, and links to resources.

Feel free to check out the January 2020 Patch Day overview here.

Microsoft Windows Security Updates February 2020


Download the following (zipped) Excel spreadsheet that includes a list of released security updates by Microsoft in February 2002: microsoft-windows-february-2020-security-updates-list

Executive Summary

• Microsoft released updates for all supported versions of the Windows operating system.
• Updates were also released for Microsoft Edge (both old and new), Internet Explorer, Microsoft Office, Microsoft Exchange Server, Microsoft SQL Server, Windows Surface Hub, and Windows Malicious Software Removal Tool.

Operating System Distribution

• Windows 7 (extended support only): 47 vulnerabilities: 5 critical and 42 important
  • CVE-2020-0662 | Windows Remote Code Execution Vulnerability
  • CVE-2020-0681 | Remote Desktop Client Remote Code Execution Vulnerability
  • CVE-2020-0729 | LNK Remote Code Execution Vulnerability
  • CVE-2020-0734 | Remote Desktop Client Remote Code Execution Vulnerability
  • CVE-2020-0738 | Media Foundation Memory Corruption Vulnerability
• Windows 8.1: 50 vulnerabilities: 5 rated critical and 45 rated important
  • same as Windows 7
• Windows 10 version 1803: 71 vulnerabilities: 5 critical and 66 important
  • CVE-2020-0662 | Windows Remote Code Execution Vulnerability
  • CVE-2020-0681 | Remote Desktop Client Remote Code Execution Vulnerability
  • CVE-2020-0729 | LNK Remote Code Execution Vulnerability
  • CVE-2020-0734 | Remote Desktop Client Remote Code Execution Vulnerability
  • CVE-2020-0738 | Media Foundation Memory Corruption Vulnerability
• Windows 10 version 1809: 72 vulnerabilities: 5 critical and 68 important
  • same as Windows 10 version 1803
• Windows 10 version 1903: 72 vulnerabilities: 5 critical and 68 important
  • same as Windows 10 version 1803
• Windows 10 version 1909: same as Windows 10 version 1903

Windows Server products

• Windows Server 2008 R2 (extended support only): 47 vulnerabilities, 5 critical, 42 important
  • CVE-2020-0662 | Windows Remote Code Execution Vulnerability
  • CVE-2020-0681 | Remote Desktop Client Remote Code Execution Vulnerability
  • CVE-2020-0729 | LNK Remote Code Execution Vulnerability
  • CVE-2020-0734 | Remote Desktop Client Remote Code Execution Vulnerability
  • CVE-2020-0738 | Media Foundation Memory Corruption Vulnerability
• Windows Server 2012 R2: 50 vulnerabilities: 5 critical and 45 important.
  • same as Windows Server 2008 R2
• Windows Server 2016: 65 vulnerabilities: 5 critical and 60 important.
  • same as Windows Server 2008 R2
• Windows Server 2019: 73 vulnerabilities: 5 critical and 68 are important
  • same as Windows Server 2008 R2

Other Microsoft Products

• Internet Explorer 11: 3 vulnerability: 2 critical, 1 important
  • CVE-2020-0673 | Scripting Engine Memory Corruption Vulnerability
  • CVE-2020-0674 | Scripting Engine Memory Corruption Vulnerability
• Microsoft Edge: 7 vulnerabilities: 5 critical, 2 important
  • CVE-2020-0710 | Scripting Engine Memory Corruption Vulnerability
  • CVE-2020-0711 | Scripting Engine Memory Corruption Vulnerability
  • CVE-2020-0712 | Scripting Engine Memory Corruption Vulnerability
  • CVE-2020-0713 | Scripting Engine Memory Corruption Vulnerability
  • CVE-2020-0767 | Scripting Engine Memory Corruption Vulnerability
• Microsoft Edge on Chromium:
  • see here (latest security patches from the Chromium project)

Windows Security Updates


Windows 7

• Monthly Rollup: KB4537820
• Security-only: KB4537813

Improvements and fixes:

• Security updates

Windows 8.1

• Monthly Rollup: KB4537821
• Security-only: KB4537821

Improvements and fixes:

• Security updates

Windows 10 version 1803

• 
  Support article: KB4537762
  

Improvements and fixes:

• Security updates

Windows 10 version 1809

• 
  Support article: KB4537762
  

Improvements and fixes:

• Security updates

Windows 10 version 1903 and 1909

• 
  Support article: KB4532693
  

Improvements and fixes:

• Security updates
• Fixes an issue that occurs when migrating cloud printers during upgrades.
• "Improves the installation experience".

Other security updates

• KB4538674 -- 2020-02 Servicing Stack Update for Windows Server, version 1909, Windows Server, version 1903, Windows 10 Version 1909, and Windows 10 Version 1903
• KB4537762 -- 2020-02 Dynamic Cumulative Update for Windows 10 Version 1803 and Windows Server 2016
• KB4537764 -- 2020-02 Cumulative Update for Windows 10 Version 1607, and Windows Server 2016
• KB4537776 -- 2020-02 Cumulative Update for Windows 10 Version 1507
• KB4537765 -- 2020-02 Cumulative Update for Windows 10 Version 1703
• KB4537789 -- 2020-02 Cumulative Update for Windows 10 Version 1709
• KB4537829 -- 2020-02 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2
• KB4537830 -- 2020-02 Servicing Stack Update for Windows Server 2008
• KB4532693 -- 2020-02 Cumulative Update for Windows Server, version 1909, Windows 10 Version 1909, Windows Server 2019, and Windows 10 Version 1903
• KB4532691 -- 2020-02 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809
• KB4502496 -- 2020-02 Security Update for Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows Embedded 8 Standard, and Windows Server 2012
• KB4524244 -- Security Update for Windows Server, version 1909, Windows Server 2019 (1903), Windows Server 2019, Windows 10 Version 1809, Windows 10 Version 1803, Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, and Windows 10 Version 1607
• KB4537759 -- 2020-02 Security Update for Adobe Flash Player for Windows Server, version 2004, Windows Server, version 1909, Windows 10 Version 1909, Windows Server 2019 (1903), Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows 10 Version 1803, Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows Embedded 8 Standard, and Windows Server 2012
• KB4537767 -- 2020-02 Cumulative Security Update for Internet Explorer
• KB4537794 -- 2020-02 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012
• KB4537810 -- 2020-02 Security Monthly Quality Rollup for Windows Server 2008
• KB4537813 -- 2020-02 Security Only Quality Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2
• KB4537822 -- 2020-02 Security Only Quality Update for Windows Server 2008

Known Issues


Windows 7

Error message "“Failure to configure Windows updates. Reverting Changes. Do not turn off your computer" may be displayed after the installation of the update.

Microsoft notes that this may happen when a) the update is installed on a device that is not supported for ESU or b) if an ESU MAK add-on key is not installed and activated.

Windows 10 version 1803

• Certain operations on Cluster Shared Volumes may fail.

Windows 10 version 1809

• Same as version 1803 plus
• Asian language packs may throw an error after installing KB4493509.

Security advisories and updates

• ADV200001 | Microsoft Guidance on Scripting Engine Memory Corruption Vulnerability
• ADV200002 | Chromium Security Updates for Microsoft Edge based on Chromium

Non-security related updates

• KB4538123 -- 2020-02 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012
• KB4538124 -- 2020-02 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2
• KB4534126 -- 2020-02 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607
• KB4534129 -- 2020-02 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1709
• KB4534130 -- 2020-02 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803 and Windows Server 2016 for x64
• KB4534132 -- 2020-02 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 1909, Windows Server 2019, Windows 10 Version 1909, and Windows 10 Version 1903 for x64
• KB4537557 -- 2020-02 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703
• KB4538122 -- 2020-02 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows Server 2019 and Windows 10 Version 1809
• KB890830 -- Windows Malicious Software Removal Tool - February 2020
• KB4532820 -- 2020-02 Dynamic Update for Windows 10 Version 1607
• KB4532689 -- 2020-02 Dynamic Update for Windows 10 Version 1709
• KB4532690 -- 2020-02 Dynamic Update for Windows 10 Version 1809
• KB4532692 -- 2020-02 Dynamic Update for Windows 10 Version 1909

Microsoft Office Updates


You find Office update information here.

How to download and install the February 2020 security updates




The security updates that Microsoft released on February 11, 2020 are made available via Windows Update, WSUS, and other updating tools and services. The updates may also be downloaded manually and installed just like any other application on Windows machines (check the section below for direct download links).

Note: Since Windows updates may introduce bugs or issues, it is highly recommended to create backups of important data -- better the entire system -- before running any updates.

To check for updates manually, do the following:

1. Open the Start Menu of the Windows operating system, type Windows Update and select the result.
2. Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Direct update downloads


Windows 7 and Server 2008 R2

• KB4537820 -- 2020-02 Security Monthly Quality Rollup for Windows 7
• KB4537813 -- 2020-02 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

• KB4537821 -- 2020-02 Security Monthly Quality Rollup for Windows 8.1
• KB4537803 -- 2020-02 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

• KB4537762 -- 2020-02 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1809)

• KB4532691 -- 2020-02 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

• KB4532693 -- 2020-02 Cumulative Update for Windows 10 Version 1903

Windows 10 (version 1909)

• KB4532693 -- 2020-02 Cumulative Update for Windows 10 Version 1909

Additional resources

• February 2020 Security Updates release notes
• List of software updates for Microsoft products
• List of the latest Windows Updates and Services Packs
• Security Updates Guide
• Microsoft Update Catalog site
• Our in-depth Windows update guide
• How to install optional updates on Windows 10
• Windows 10 Update History
• Windows 8.1 Update History
• Windows 7 Update History

Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates February 2020 overview appeared first on gHacks Technology News.

read more...

 

Microsoft January 2020 Security Updates

Release Notes

January 2020 Security Updates

Release Date: January 14, 2020

The January security release consists of security updates for the following software:

• Microsoft Windows
• Internet Explorer
• Microsoft Office and Microsoft Office Services and Web Apps
• ASP.NET Core
• .NET Core
• .NET Framework
• OneDrive for Android
• Microsoft Dynamics

Please note the following information regarding the security updates:

• For information regarding enabling Windows 10, version 1909 features, please see
  
  Microsoft Update Catalog.
• For information on lifecycle and support dates for Windows 10 operating systems, please see
  
  Windows Lifecycle Facts Sheet.
• A list of the latest servicing stack updates for each operating system can be found in
  
  ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
• Starting in May 2019, Internet Explorer 11 is available on Windows Server 2012. This configuration is present only in the IE Cumulative package.
• Updates for Windows RT 8.1 and Microsoft Office RT software are only available via
  
  Windows Update.
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
• Note: Support for Windows 7, Windows Server 2008 R2, and Windows Server 2008 ends January 14, 2020. For more information please see
  
  Lifecycle FAQ-Extended Security Updates.

The following CVEs have FAQs with additional information and may include * further steps to take after installing the updates. Please note that this is not a complete list of CVEs for this release.

• CVE-2020-0601 *
• CVE-2020-0607
• CVE-2020-0608
• CVE-2020-0615
• CVE-2020-0622
• CVE-2020-0637
• CVE-2020-0639
• CVE-2020-0643
• CVE-2020-0647
• CVE-2020-0650
• CVE-2020-0651
• CVE-2020-0652
• CVE-2020-0653
• CVE-2020-0654 *

Known Issues

The f****ssues with the security updates. For a complete list of security update KBs, please see

2****ssues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

[table][tr][td]4534271[/td][td]Windows 10, version 1607, Windows Server 2016[/td][/tr][tr][td]4534273[/td][td]Windows 1****809[/td][/tr][tr][td]4534276[/td][td]Windows 10, version 1709[/td][/tr][tr][td]4534283[/td][td]Windows Server 2012 (Monthly Rollup)[/td][/tr][tr][td]4534288[/td][td]Windows Server 2012 (Security-only update)[/td][/tr][tr][td]4534293[/td][td]Windows 10, version 1803, Windows Server version 1803[/td][/tr][tr][td]4534297[/td][td]Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)[/td][/tr][tr][td]4534306[/td][td]Windows 10[/td][/tr][tr][td]4534309[/td][td]Windows 8.1, Windows Server 2012 R2 (Security-only update[/td][/tr][/table]

 

Microsoft January 2020 Security Updates

Release Notes



January 2020 Security Updates

Release Date: January 14, 2020
The January security release consists of security updates for the following software:

• Microsoft Windows
• Internet Explorer
• Microsoft Office and Microsoft Office Services and Web Apps
• ASP.NET Core
• .NET Core
• .NET Framework
• OneDrive for Android
• Microsoft Dynamics

Please note the following information regarding the security updates:

• For information regarding enabling Windows 10, version 1909 features, please see Windows 10, version 1909 delivery options. Note that Windows 10, versions 1903 and 1909 share a common core operating system with an identical set of system files. They will also share the same security update KBs.
• Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
• For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
• A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
• Starting in May 2019, Internet Explorer 11 is available on Windows Server 2012. This configuration is present only in the IE Cumulative package.
• Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
• Note: Support for Windows 7, Windows Server 2008 R2, and Windows Server 2008 ends January 14, 2020. For more information please see Lifecycle FAQ-Extended Security Updates.

The following CVEs have FAQs with additional information and may include * further steps to take after installing the updates. Please note that this is not a complete list of CVEs for this release.

• CVE-2020-0601 *
• CVE-2020-0607
• CVE-2020-0608
• CVE-2020-0615
• CVE-2020-0622
• CVE-2020-0637
• CVE-2020-0639
• CVE-2020-0643
• CVE-2020-0647
• CVE-2020-0650
• CVE-2020-0651
• CVE-2020-0652
• CVE-2020-0653
• CVE-2020-0654 *

Known IssuesThe following KBs contain information about known issues with the security updates. For a complete list of security update KBs, please see 20200114. For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).[table][tr]KB Article Applies To [/tr] [tr][td]4534271[/td] [td]Windows 10, version 1607, Windows Server 2016[/td] [/tr] [tr][td]4534273[/td] [td]Windows 10, version 1809, Windows Server version 1809, Windows 10, version 1809, Windows Server version 1809[/td] [/tr] [tr][td]4534276[/td] [td]Windows 10, version 1709[/td] [/tr] [tr][td]4534283[/td] [td]Windows Server 2012 (Monthly Rollup)[/td] [/tr] [tr][td]4534288[/td] [td]Windows Server 2012 (Security-only update)[/td] [/tr] [tr][td]4534293[/td] [td]Windows 10, version 1803, Windows Server version 1803[/td] [/tr] [tr][td]4534297[/td] [td]Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)[/td] [/tr] [tr][td]4534306[/td] [td]Windows 10[/td] [/tr] [tr][td]4534309[/td] [td]Windows 8.1, Windows Server 2012 R2 (Security-only update)[/td] [/tr] [/table]

https://portal.msrc.microsoft.com/en...etail/2020-Jan

 

Microsoft February 2019 Security Updates

Release Notes
February 2019 Security Updates
Release Date: February 12, 2019

The February security release consists of security updates for the following software:


Adobe Flash Player
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
ChakraCore
.NET Framework
Microsoft Exchange Server
Microsoft Visual Studio
Azure IoT SDK
Microsoft Dynamics
Team Foundation Server
Visual Studio Code
Please note the following information regarding the security updates:


A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
The following CVEs have FAQs with additional information and may include * further steps to take after installing the updates.


ADV190003
ADV190007 *
ADV990001
CVE-2019-0540 *
CVE-2019-0600
CVE-2019-0601
CVE-2019-0602
CVE-2019-0615
CVE-2019-0616
CVE-2019-0619
CVE-2019-0621
CVE-2019-0628
CVE-2019-0635
CVE-2019-0636
CVE-2019-0643
CVE-2019-0648
CVE-2019-0658
CVE-2019-0660
CVE-2019-0661
CVE-2019-0664
CVE-2019-0669
CVE-2019-0676
CVE-2019-0686 *
CVE-2019-0724 *
CVE-2019-0741
Known Issues


4487026
4487020
4486996
4487017
4487044
4483452
4345836
4471392
4471391
4487052
https://portal.msrc.microsoft.com/en...3-000d3a33c573