Windows 10: Microsoft Windows Security Updates July 2020 overview

It is the second Tuesday of the month and that means that it is Patch Day for Windows and other Microsoft products. The Microsoft Windows July 2020 Patch Day brings security updates for all supported client and server versions of Microsoft's Windows operating system as well as other company products such as Microsoft Edge.

Our monthly overview provides you with detailed information about the updates that Microsoft released today.

You can download an Excel spreadsheet that contains a list of released security updates, and check out the updates released for any version of Windows. The overview includes download links, links to resources on Microsoft's support website, and known issues.

If you have missed out last month's Patch Day overview, check it out here.

Microsoft Windows Security Updates July 2020


Click on the following link to download the July 2020 spreadsheet to your system. It lists released security updates of the July 2020 Patch Day. Click on the following link to start the download: microsoft-windows-updates-july-2020

Executive Summary

• Microsoft released updates for all client and server versions of the Windows operating system that it supports.
• Updates are also available for products such as Windows Defender, Internet Explorer, Microsoft OneDrive, Microsoft Edge, Microsoft Office, Visual Studio and Skype for Business.

Operating System Distribution

• Windows 7 (extended support only): 35 vulnerabilities: 6 critical and 29 important
  • CVE-2020-1374 | Remote Desktop Client Remote Code Execution Vulnerability
  • CVE-2020-1409 | DirectWrite Remote Code Execution Vulnerability
  • CVE-2020-1410 | Windows Address Book Remote Code Execution Vulnerability
  • CVE-2020-1421 | LNK Remote Code Execution Vulnerability
  • CVE-2020-1435 | GDI+ Remote Code Execution Vulnerability
  • CVE-2020-1436 | Windows Font Library Remote Code Execution Vulnerability
• Windows 8.1: 40 vulnerabilities: 6 rated critical and 34 rated important
  • same as Windows 7
• Windows 10 version 1803: 78 vulnerabilities: 6 critical and 72 important
  • CVE-2020-1374 | Remote Desktop Client Remote Code Execution Vulnerability
  • CVE-2020-1409 | DirectWrite Remote Code Execution Vulnerability
  • CVE-2020-1410 | Windows Address Book Remote Code Execution Vulnerability
  • CVE-2020-1421 | LNK Remote Code Execution Vulnerability
  • CVE-2020-1435 | GDI+ Remote Code Execution Vulnerability
  • CVE-2020-1436 | Windows Font Library Remote Code Execution Vulnerability
• Windows 10 version 1809: 81 vulnerabilities: 4 critical and 78 important
  • same as Windows 10 version 1803
• Windows 10 version 1903: 85 vulnerabilities: 5 critical and 73 important
  • same as Windows 10 version 1803
• Windows 10 version 1909:
  • same as Windows 10 version 1803
• Windows 10 version 2004:

Windows Server products

• Windows Server 2008 R2 (extended support only): 42 vulnerabilities: 13 critical and 29 important
  • same as Windows Server 2016
• Windows Server 2012 R2: 48 vulnerabilities: 13 critical and 35 important.
  • same as Windows Server 2016
• Windows Server 2016: 70 vulnerabilities: 13 critical and 57 important.
  • CVE-2020-1032 | Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability
  • CVE-2020-1036 | Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability
  • CVE-2020-1040 | Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability
  • CVE-2020-1041 | Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability
  • CVE-2020-1042 | Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability
  • CVE-2020-1043 | Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability
  • CVE-2020-1350 | Windows DNS Server Remote Code Execution Vulnerability
  • CVE-2020-1374 | Remote Desktop Client Remote Code Execution Vulnerability
  • CVE-2020-1409 | DirectWrite Remote Code Execution Vulnerability
  • CVE-2020-1410 | Windows Address Book Remote Code Execution Vulnerability
  • CVE-2020-1421 | LNK Remote Code Execution Vulnerability
  • CVE-2020-1435 | GDI+ Remote Code Execution Vulnerability
  • CVE-2020-1436 | Windows Font Library Remote Code Execution Vulnerability
• Windows Server 2019: 83 vulnerabilities: 7 critical and 77 are important
  • CVE-2020-1350 | Windows DNS Server Remote Code Execution Vulnerability
  • CVE-2020-1374 | Remote Desktop Client Remote Code Execution Vulnerability
  • CVE-2020-1409 | DirectWrite Remote Code Execution Vulnerability
  • CVE-2020-1410 | Windows Address Book Remote Code Execution Vulnerability
  • CVE-2020-1421 | LNK Remote Code Execution Vulnerability
  • CVE-2020-1435 | GDI+ Remote Code Execution Vulnerability
  • CVE-2020-1436 | Windows Font Library Remote Code Execution Vulnerability

Other Microsoft Products

• Internet Explorer 11: 2 vulnerability: 1 critical, 1 important
  • CVE-2020-1403 | VBScript Remote Code Execution Vulnerability
• Microsoft Edge: 2 vulnerabilities: 0 critical, 2 important
• Microsoft Edge on Chromium:
  • see here (latest security patches from the Chromium project)

Windows Security Updates


Windows 7 SP1 and Windows Server 2008 R2

• Monthly Rollup: KB4565524
• Security Only: KB4565539

Fixes and improvements

• Security Updates

Windows 8.1 and Server 2012 R2

• Monthly Rollup: KB4565541
• Security Only: KB4565540

Fixes and improvements

• Security Updates

Windows 10 version 1803

• Support page: KB4565489

Fixes and improvements

• Fixed an issue that might cause lsass.exe to fail with the error "A critical system process, C:\WINDOWS\system32\lsass.exe, failed with status code c0000008. The machine must now be restarted."
• Fixed an issue that prevented some applications from printing large file documents or documents with graphics.
• Security updates.

Windows 10 version 1809

• Support page: KB4558998

Fixes and improvements

• Fixed an issue when loading Browser Helper Objects in IE Mode in Microsoft Edge.
• Fixed an issue that might cause lsass.exe to fail with the error "A critical system process, C:\WINDOWS\system32\lsass.exe, failed with status code c0000008. The machine must now be restarted."
• Fixed an issue that prevented some applications from printing large file documents or documents with graphics.
• Security updates.

Windows 10 version 1903 and 1909

• Support page: KB4565483

Fixes and improvements

• Same as Windows 10 version 1809

Windows 10 version 2004

• Support page: KB4565503

Fixes and improvements

• Fixed issues in certain apps that use the ImeMode property to control the Input Method Editor mode.
• Fixed an issue that prevented changing the system local on Server Core platforms using PowerShell.
• Fixed a game and app distortion issue when switching from full screen mode to window mode, or resizing windowed mode windows.
• Fixed a OneDrive app connecting issue.
• Fixed an issue that might cause lsass.exe to fail with the error "A critical system process, C:\WINDOWS\system32\lsass.exe, failed with status code c0000008. The machine must now be restarted."
• Fixed an issue that prevented some applications from printing large file documents or documents with graphics.
• Security updates.

Other security updates

KB4565479 -- 2020-07 Cumulative Security Update for Internet Explorer

KB4565529 -- 2020-07 Security Only Quality Update for Windows Server 2008

KB4565535 -- 2020-07 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4565536 -- 2020-07 Security Monthly Quality Rollup for Windows Server 2008

KB4565537 -- 2020-07 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4565513 -- 2020-07 Cumulative Update for Windows 10 Version 1507

KB4565499 -- 2020-07 Cumulative Update for Windows 10 Version 1703

KB4565508 -- 2020-07 Cumulative Update for Windows 10 Version 1709

.NET Framework

KB4565577 -- 2020-07 Security Only Update for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4565578 -- 2020-07 Security Only Update for .NET Framework 2.0, 3.0 for Windows Server 2008

KB4565579 -- 2020-07 Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4565580 -- 2020-07 Security Only Update for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4565581 -- 2020-07 Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4565582 -- 2020-07 Security Only Update for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4565583 -- 2020-07 Security Only Update for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4565584 -- 2020-07 Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4565585 -- 2020-07 Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4565586 -- 2020-07 Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4565587 -- 2020-07 Security Only Update for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4565588 -- 2020-07 Security Only Update for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2

KB4565589 -- 2020-07 Security Only Update for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4565610 -- 2020-07 Security and Quality Rollup for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4565611 -- 2020-07 Security and Quality Rollup for .NET Framework 2.0, 3.0 for Windows Server 2008

KB4565612 -- 2020-07 Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4565613 -- 2020-07 Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R

KB4565614 -- 2020-07 Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4565615 -- 2020-07 Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4565616 -- 2020-07 Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4565621 -- 2020-07 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4565622 -- 2020-07 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4565623 -- 2020-07 Security and Quality Rollup for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4565634 -- 2020-07 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4565635 -- 2020-07 Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2

KB4565636 -- 2020-07 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7 and Windows Server 2008 R2

KB4566466 -- 2020-07 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4566467 -- 2020-07 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4566468 -- 2020-07 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2

KB4566469 -- 2020-07 Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

KB4566517 -- 2020-07 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4566518 -- 2020-07 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4566519 -- 2020-07 Security and Quality Rollup for .NET Framework 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2

KB4566520 -- 2020-07 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

KB4565625 -- 2020-07 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809

KB4565627 -- 2020-07 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 2004 and Windows 10 Version 2004

KB4565628 -- 2020-07 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607

KB4565629 -- 2020-07 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703

KB4565630 -- 2020-07 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1709

KB4565631 -- 2020-07 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803 and Windows Server 2016 (1803)

KB4565632 -- 2020-07 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 2019 and Windows 10 Version 1809

KB4565633 -- 2020-07 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 1909, Windows 10 Version 1909, Windows Server 2019 (1903), and Windows 10 Version 1903

KB4566516 -- 2020-07 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows Server 2019 and Windows 10 Version 1809

Servicing Stack Updates

KB4558997 -- 2020-07 Servicing Stack Update for Windows Server 2019 and Windows 10 Version 1809

KB4565353 -- 2020-07 Servicing Stack Update for Windows Server 2008

KB4565354 -- 2020-07 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4565551 -- 2020-07 Servicing Stack Update for Windows 10 Version 1703

KB4565552 -- 2020-07 Servicing Stack Update for Windows 10 Version 1803

KB4565553 -- 2020-07 Servicing Stack Update for Windows 10 Version 1709

KB4565554 -- 2020-07 Servicing Stack Update for Windows Server, version 2004, Windows Server, version 1909, Windows 10 Version 1909, Windows Server 2019 (1903), and Windows 10 Version 1903

KB4565912 -- 2020-07 Servicing Stack Update for Windows Server 2016 and Windows 10 Version 1607

KB4566425 -- 2020-07 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4566426 -- 2020-07 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012

KB4565911 -- 2020-07 Servicing Stack Update for Windows 10 Version 1507

KB4566785 -- 2020-07 Servicing Stack Update for Windows Server, version 2004 and Windows 10 Version 2004

Known Issues


Windows 7 SP1 and Windows Server 2008 R2

Windows 8.1 and Windows Server 2012 R2

• Certain operations such as rename may fail on Cluster Shared Volumes. The error received is "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)" in that case.
  • Solution 1: Run the operation from a process with elevated rights.
  • Solution 2: Perform the operation from a node that does not have CSV ownership.

Windows 10 version 1809

• Devices with some Asian language packs may receive error "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND".
  • Solution 1: Uninstall and reinstall any language packs that were installed recently. Check for updates afterwards.
  • Solution 2: Reset this PC.

Windows 10 version 1903 and 1909

• Internet access may not be available after installing this update on a device with a WWAN LTE modem.
  • Microsoft is working on a solution.

Windows 10 version 2004

• Some apps, such as Microsoft Excel, may throw errors for for users of the Microsoft Input Method Editor for Chinese and Japanese.
  • Workaround explained here.

Security advisories and updates


ADV200008 | Microsoft Guidance for Enabling Request Smuggling Filter on IIS Servers

Non-security related updates

Microsoft Office Updates


You find Office update information here.

How to download and install the July 2020 security updates




Security updates are released via Windows Update and other update management systems such as WSUS. Administrators may download updates manually as well to install them directly.

Note: We recommend that systems are backed up fully before updates are installed.

The following instructions guide you through the process of checking for updates via Windows Update:

1. Open the Start Menu of the Windows operating system, type Windows Update and select the result.
2. Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Direct update downloads


Windows 7 and Server 2008 R2

• KB4565524 -- 2020-07 Security Monthly Quality Rollup for Windows 7
• KB4565539 -- 2020-07 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

• KB4565541 -- 2020-07 Security Monthly Quality Rollup for Windows 8.1
• KB4565540 -- 2020-07 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

• KB4565489 -- 2020-07 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

• KB4558998 -- 2020-07 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

• KB4565483 -- 2020-07 Cumulative Update for Windows 10 Version 1903

Windows 10 (version 1909)

• KB4565483 -- 2020-07 Cumulative Update for Windows 10 Version 1909

Windows 10 (version 2004)

• KB4565503 -- 2020-07 Cumulative Update for Windows 10 Version 2004

Additional resources

• July 2020 Security Updates release notes
• List of software updates for Microsoft products
• List of the latest Windows Updates and Services Packs
• Security Updates Guide
• Microsoft Update Catalog site
• Our in-depth Windows update guide
• How to install optional updates on Windows 10
• Windows 10 Update History
• Windows 8.1 Update History
• Windows 7 Update History

Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates July 2020 overview appeared first on gHacks Technology News.

read more...

 

Microsoft January 2020 Security Updates

Release Notes

January 2020 Security Updates

Release Date: January 14, 2020

The January security release consists of security updates for the following software:

• Microsoft Windows
• Internet Explorer
• Microsoft Office and Microsoft Office Services and Web Apps
• ASP.NET Core
• .NET Core
• .NET Framework
• OneDrive for Android
• Microsoft Dynamics

Please note the following information regarding the security updates:

• For information regarding enabling Windows 10, version 1909 features, please see
  
  Microsoft Update Catalog.
• For information on lifecycle and support dates for Windows 10 operating systems, please see
  
  Windows Lifecycle Facts Sheet.
• A list of the latest servicing stack updates for each operating system can be found in
  
  ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
• Starting in May 2019, Internet Explorer 11 is available on Windows Server 2012. This configuration is present only in the IE Cumulative package.
• Updates for Windows RT 8.1 and Microsoft Office RT software are only available via
  
  Windows Update.
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
• Note: Support for Windows 7, Windows Server 2008 R2, and Windows Server 2008 ends January 14, 2020. For more information please see
  
  Lifecycle FAQ-Extended Security Updates.

The following CVEs have FAQs with additional information and may include * further steps to take after installing the updates. Please note that this is not a complete list of CVEs for this release.

• CVE-2020-0601 *
• CVE-2020-0607
• CVE-2020-0608
• CVE-2020-0615
• CVE-2020-0622
• CVE-2020-0637
• CVE-2020-0639
• CVE-2020-0643
• CVE-2020-0647
• CVE-2020-0650
• CVE-2020-0651
• CVE-2020-0652
• CVE-2020-0653
• CVE-2020-0654 *

Known Issues

The f****ssues with the security updates. For a complete list of security update KBs, please see

2****ssues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

[table][tr][td]4534271[/td][td]Windows 10, version 1607, Windows Server 2016[/td][/tr][tr][td]4534273[/td][td]Windows 1****809[/td][/tr][tr][td]4534276[/td][td]Windows 10, version 1709[/td][/tr][tr][td]4534283[/td][td]Windows Server 2012 (Monthly Rollup)[/td][/tr][tr][td]4534288[/td][td]Windows Server 2012 (Security-only update)[/td][/tr][tr][td]4534293[/td][td]Windows 10, version 1803, Windows Server version 1803[/td][/tr][tr][td]4534297[/td][td]Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)[/td][/tr][tr][td]4534306[/td][td]Windows 10[/td][/tr][tr][td]4534309[/td][td]Windows 8.1, Windows Server 2012 R2 (Security-only update[/td][/tr][/table]

 

Microsoft March 2020 Security Updates

Release Notes
March 2020 Security Updates
Release Date: March 10, 2020

The March 2020 security release consists of security updates for the following software:

• Microsoft Windows
• Microsoft Edge (EdgeHTML-based)
• Microsoft Edge (Chromium-based)
• ChakraCore
• Internet Explorer
• Microsoft Exchange Server
• Microsoft Office and Microsoft Office Services and Web Apps
• Azure DevOps
• Windows Defender
• Visual Studio
• Open Source Software
• Azure
• Microsoft Dynamics

Please note the following information regarding the security updates:

• A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever
  a new servicing stack update is released. It is important to install the latest servicing stack update.
• Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft
  Update Catalog.
• Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
• For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
• Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for
  more information.

The following CVEs have additional information and may include * further steps to take after installing the updates. Please note that this is not a complete list of CVEs for this release.

• CVE-2020-0765
• CVE-2020-0774
• CVE-2020-0775
• CVE-2020-0795
• CVE-2020-0813
• CVE-2020-0820
• CVE-2020-0850
• CVE-2020-0851
• CVE-2020-0852
• CVE-2020-0853
• CVE-2020-0855
• CVE-2020-0859
• CVE-2020-0861
• CVE-2020-0863
• CVE-2020-0871
• CVE-2020-0874
• CVE-2020-0876
• CVE-2020-0879
• CVE-2020-0880
• CVE-2020-0882
• CVE-2020-0885
• CVE-2020-0891
• CVE-2020-0892
• CVE-2020-0893
• CVE-2020-0894
• CVE-2020-0902 *

Known Issues

The following KBs contain information about known issues with the security updates. For a complete list of security update KBs, please see 20200310

KB Article Applies To
4538032 Visual Studio
4538461 Windows 10 Version 1809, Windows Server 2019
4540123 Microsoft Exchange Server
4540670 Windows 10, version 1607, Windows Server 2016
4540671 Internet Explorer
4540673 Windows 10, version 1809, Windows Server version 1809, Windows 10, version 1809, Windows Server version 1809
4540688 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
4540694 Windows Server 2012 (Security-only update)
4541500 Windows 7, Windows Server 2008 R2 (Security-only update)
4541504 Windows Server 2008 (Security-only update)
4541505 Windows 8.1, Windows Server 2012 R2 (Security-only update)
4541506 Windows Server 2008 Service Pack 2 (Monthly Rollup)
4541509 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
4541510 Windows Server 2012 (Monthly Rollup)

{{windowTitle}}

 

Microsoft May 2020 Security Updates

Release Notes
May 2020 Security Updates
Release Date: May 12, 2020




The May 2020 security release consists of security updates for the following software:

• Microsoft Windows
• Microsoft Edge (EdgeHTML-based)
• Microsoft Edge (Chromium-based)
• ChakraCore
• Internet Explorer
• Microsoft Office and Microsoft Office Services and Web Apps
• Windows Defender
• Visual Studio
• Microsoft Dynamics
• .NET Framework
• .NET Core
• Power BI

Please note the following information regarding the security updates:

• For information regarding enabling Windows 10, version 1909 features, please see Windows 10, version 1909 delivery options. Note that Windows 10, versions 1903 and 1909 share a common core operating system with an identical set of system files. They will also share the same security update KBs.
• Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
• For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
• A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
• Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
• Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

The following CVEs have FAQs with additional information and may include * further steps to take after installing the updates. Please note that this is not a complete list of CVEs for this release.

• CVE-2020-0901
• CVE-2020-0963
• CVE-2020-1072
• CVE-2020-1075
• CVE-2020-1103
• CVE-2020-1116
• CVE-2020-1141
• CVE-2020-1145
• CVE-2020-1173
• CVE-2020-1179

Known Issues


The following KBs contain information about known issues with the security updates. For a complete list of security update KBs, please see 20200512. For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).


KB Article Applies To
4551853 Windows 10 Version 1809, Windows Server 2019
4556813 Windows 10, version 1607, Windows Server 2016
4556836 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
4556843 Windows 7, Windows Server 2008 R2 (Security-only update)
4556854 Windows Server 2008 Service Pack 2 (Security-only update)
4556860 Windows Server 2008 Service Pack 2 (Monthly Rollup)


https://portal.msrc.microsoft.com/en...etail/2020-May