Windows 10: Microsoft Windows Security Updates November 2019 overview

It is the second Tuesday of November 2019 and that means that it is Microsoft Patch Day. Microsoft released security and non-security updates for its Windows operating system and other company products.

Our overview provides you with information on these updates: it starts with an executive summary and information about the number of released updates for all supported client and server versions of Windows as well as the Microsoft Edge (classic) and Internet Explorer web browsers.

What follows is information about the updates, all with links to support articles on Microsoft's website, the list of known issues, direct download links to cumulative updates for Windows, and additional update related information.

Click here to open the October 2019 Patch Day overview.

Microsoft Windows Security Updates October 2019


Download the following Excel spreadsheet to your local system; it lists security updates that Microsoft released in November 2019: November 2019 Security Updates

Executive Summary

• Microsoft released security updates for all supported client and server versions of the Microsoft Windows operating system.
• The following Microsoft products have received security updates as well: Internet Explorer, Microsoft Edge, Microsoft Office, Secure Boot, Microsoft Exchange Server, Visual Studio, Azure Stack.
• The Windows 10 version 1909 features are included in the Windows 10 version 1903 update but not activated until "they are turned on using an enablement package, which is a small, quick-to-install “master switch” that simply activates the Windows 10, version 1909 features." Microsoft released a blog post that details how to get the update. (basically, install regular 1903 update, then check for updates again and the 1909 update should be offered)
• Windows 10 Home, Pro, Pro for Workstations and IoT Core, version 1803 have reached end of servicing. These editions won't receive security updates or other updates after November 12, 2019.

Operating System Distribution

• Windows 7: 35 vulnerabilities: 4 rated critical and 31 rated important
  • CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
  • CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
  • CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
  • CVE-2019-1441 | Win32k Graphics Remote Code Execution Vulnerability
• Windows 8.1: 37 vulnerabilities: 3 rated critical and 34 rated important
  • Same as Windows 7 except for CVE-2019-1441 (not affected)
• Windows 10 version 1803: 46 vulnerabilities: 5 critical and 41 important
  • CVE-2019-0721 | Hyper-V Remote Code Execution Vulnerability
  • CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
  • CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
  • CVE-2019-1398 | Windows Hyper-V Remote Code Execution Vulnerability
  • CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
• Windows 10 version 1809: 46 vulnerabilities: 4 critical and 42 important
  • Same as Windows 10 version 1803 except for CVE-2019-1389 (not affected)
• Windows 10 version 1903: 46 vulnerabilities: 2 critical and 28 important
  • Same as Windows 10 version 1809 plus
  • CVE-2019-1430 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Windows Server products

• Windows Server 2008 R2: 35 vulnerabilities: 4 critical and 31 important.
  • CVE-2019-1441 | Win32k Graphics Remote Code Execution Vulnerability
  • CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
  • CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
  • CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
• Windows Server 2012 R2: 37 vulnerabilities: 3 critical and 34 important.
  • same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected)
• Windows Server 2016: 38 vulnerabilities: 2 critical and 20 important.
  • same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected)
• Windows Server 2019: 46 vulnerabilities: 2 critical and 29 are important
  • same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected) plus
  • CVE-2019-0721 | Hyper-V Remote Code Execution Vulnerability

Other Microsoft Products

• Internet Explorer 11: 2 vulnerabilities: 2 critical
  • CVE-2019-1390 | VBScript Remote Code Execution Vulnerability
  • CVE-2019-1429 | Scripting Engine Memory Corruption Vulnerability
• Microsoft Edge: 4 vulnerabilities: 4 critical
  • CVE-2019-1413 | Microsoft Edge Security Feature Bypass Vulnerability
  • CVE-2019-1426 | Scripting Engine Memory Corruption Vulnerability
  • CVE-2019-1427 | Scripting Engine Memory Corruption Vulnerability
  • CVE-2019-1428 | Scripting Engine Memory Corruption Vulnerability

Windows Security Updates


Windows 7 SP1 and Windows Server 2008 R2

• Monthly Rollup: KB4525235
• Security-only Update: KB4525233

The security-only update resolves the following issues/makes the following changes:

• Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
• Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
• Security updates for various operating system components.

The monthly rollup update includes all of the updates of the security-only update plus:

• Fixes an issue that prevented certain 16-bit Visual Basic 3 applications or other VB3 applications from running.
• Fixes a temporary user profile issue when the policy "Delete cached copies of roaming profiles" is set.

Windows 8.1 and Server 2012 R2

• Monthly Rollup: KB4525243
• Security-only Update: KB4525250

The security-only update resolves the following issues/makes the following changes:

• Same as Windows 7 SP1 and Windows Server 2008 R2.

The monthly rollup update includes all of the updates of the security-only update plus:

• Same as Windows 7 SP1 and Windows Server 2008 R2 plus
• Fixes an issue that prevented multiple Bluetooth Basic Rate devices from functioning properly after installing the August 2019 updates.
• Fixes an issue that caused error 0x7E when connecting Bluetooth devices after installing the June 2019 updates.

Windows 10 version 1803

• Support article: KB4525237

The cumulative update fixes the following issues / makes the following changes:

• Fixes an issue that caused Windows Defender Application Control Code Integrity events to become unreadable.
• Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
• Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
• Security updates

Windows 10 version 1809

• Support article: KB4523205

The cumulative update fixes the following issues / makes the following changes:

• Fixes an issue that could cause the Microsoft Defender Advanced Threat Protection service to stop running or stop sending report data.
• Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
• Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
• Security updates

Windows 10 version 1903

• Support article: KB4524570

The cumulative update lists changes for Windows 10 version 1903 and 1909. It appears that Microsoft included the changes of 1909 in the cumulative update but has not activated them at the time of writing.

• Fixes an issue in the Keyboard Lockdown Subsystem that might not filter key input correctly.
• Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
• Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
• Security updates

Other security updates

• Internet Explorer Cumulative Update: KB4525106
• 2019-11 Security Monthly Quality Rollup for Windows Server 2008 (KB4525234)
• 2019-11 Security Only Quality Update for Windows Server 2008 (KB4525239)
• 2019-11 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB4525246)
• 2019-11 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB4525253)
• 2019-11 Cumulative Update for Windows Server, version 1909 and Windows 10 Version 1909 (KB4524570)
• 2019-11 Cumulative Update for Windows 10 Version 1507 (KB4525232)
• 2019-11 Cumulative Update for Windows Server 2016, and Windows 10 Version 1607 (KB4525236)
• 2019-11 Cumulative Update for Windows 10 Version 1709 (KB4525241)
• 2019-11 Cumulative Update for Windows 10 Version 1703 (KB4525245)
• 2019-11 Servicing Stack Update for Windows Server 2016, and Windows 10 Version 1607 (KB4520724)
• 2019-11 Servicing Stack Update for Windows 10 Version 1507 (KB4523200)
• 2019-11 Servicing Stack Update for Windows 10 Version 1703 (KB4523201)
• 2019-11 Servicing Stack Update for Windows 10 Version 1709 (KB4523202)
• 2019-11 Servicing Stack Update for Windows 10 Version 1803, and Windows Server 2016 (KB4523203)
• 2019-11 Servicing Stack Update for Windows 10 Version 1809, and Windows Server 2019 (KB4523204)
• 2019-11 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB4523206)
• 2019-11 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012 (KB4523208)
• 2019-11 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB4524445)
• 2019-11 Servicing Stack Update for Windows Server, version 1909 and Windows 10 Version 1909 (KB4524569)
• 2019-11 Servicing Stack Update for Windows Server 2008 (KB4526478)

Known Issues


Windows 8.1 and Windows Server 2012 R2

• Certain operations may fail on Cluster Shared Volumes with the error code "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)"

Windows 10 version 1803

• Certain operations may fail on Cluster Shared Volumes with the error code "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)"
• May be unable to create a new local user during the Out of Box Experience when using Input Method Editor (IME) -- Microsoft recommends setting the keyboard language to English during user creation or to use a Microsoft Account to complete the setup.

Windows 10 version 1809

• Same as Windows 10 version 1803 plus
• May receive error "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND" with some Asian language packs installed.

Windows 10 version 1903

• May be unable to create a new local user during the Out of Box Experience when using Input Method Editor (IME) -- Microsoft recommends setting the keyboard language to English during user creation or to use a Microsoft Account to complete the setup.

Security advisories and updates


ADV190024 | Microsoft Guidance for Vulnerability in Trusted Platform Module (TPM)

Non-security related updates

• 2019-11 Dynamic Update for Windows 10 Version 1809 (KB4524761)
• 2019-11 Dynamic Update for Windows 10 Version 1903 (KB4525043)
• Windows Malicious Software Removal Tool - November 2019 (KB890830)

Microsoft Office Updates


You find Office update information here.

How to download and install the November 2019 security updates




Most home devices running Windows are configured to download and install security updates when they are released. Users who don't want to wait for that to happen or have configured their systems to update manually only may run manual checks for updates or download the cumulative updates from Microsoft's Update Catalog website.

The following needs to be done to check for updates manually:

1. Open the Start Menu of the Windows operating system, type Windows Update and select the result.
2. Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Direct update downloads


Windows 7 SP1 and Windows Server 2008 R2 SP

• KB4525235 -- 2019-11 Security Monthly Quality Rollup for Windows 7
• KB4525233 -- 2019-11 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

• KB4525243 -- 2019-11 Security Monthly Quality Rollup for Windows 8.1
• KB4525250 -- 2019-11 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

• KB4525237 -- 2019-11 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

• KB4523205 -- 2019-11 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

• KB4524570 -- 2019-11 Cumulative Update for Windows 10 Version 1903

Additional resources

• November 2019 Security Updates release notes
• List of software updates for Microsoft products
• List of the latest Windows Updates and Services Packs
• Security Updates Guide
• Microsoft Update Catalog site
• Our in-depth Windows update guide
• How to install optional updates on Windows 10
• Windows 10 Update History
• Windows 8.1 Update History
• Windows 7 Update History

Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates November 2019 overview appeared first on gHacks Technology News.

read more...

 

Microsoft February 2019 Security Updates

Release Notes

February 2019 Security Updates

Release Date: February 12, 2019

The February security release consists of security updates for the following software:

Adobe Flash Player

Internet Explorer

Microsoft Edge

Microsoft Windows

Microsoft Office and Microsoft Office Services and Web Apps

ChakraCore

.NET Framework

Microsoft Exchange Server

Microsoft Visual Studio

Azure IoT SDK

Microsoft Dynamics

Team Foundation Server

Visual Studio Code

Please note the following information regarding the security updates:

A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.

Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.

Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.

For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.

In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

The following CVEs have FAQs with additional information and may include * further steps to take after installing the updates.

ADV190003

ADV190007 *

ADV990001

CVE-2019-0540 *

CVE-2019-0600

CVE-2019-0601

CVE-2019-0602

CVE-2019-0615

CVE-2019-0616

CVE-2019-0619

CVE-2019-0621

CVE-2019-0628

CVE-2019-0635

CVE-2019-0636

CVE-2019-0643

CVE-2019-0648

CVE-2019-0658

CVE-2019-0660

CVE-2019-0661

CVE-2019-0664

CVE-2019-0669

CVE-2019-0676

CVE-2019-0686 *

CVE-2019-0724 *

CVE-2019-0741

Known Issues

44****2

{{windowTitle}}

 

microsoft June 2019 Security Updates

Release Notes

June 2019 Security Updates

Release Date: June 11, 2019

The June security release consists of security updates for the following software:

Adobe Flash Player

Microsoft Windows

Internet Explorer

Microsoft Edge

Microsoft Office and Microsoft Office Services and Web Apps

ChakraCore

Skype for Business and Microsoft Lync

Microsoft Exchange Server

Azure

Please note the following information regarding the security updates:

A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.

Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.

Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.

For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.

In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

The following CVEs have FAQs with additional information and may include * further steps to take after installing the updates. Please note that this is not a complete list of CVEs for this release.

ADV190015

ADV990001

CVE-2019-0904

CVE-2019-0905

CVE-2019-0906

CVE-2019-0907

CVE-2019-0908

CVE-2019-0909

CVE-2019-0948

CVE-2019-0968

CVE-2019-0974

CVE-2019-0977

CVE-2019-0990

CVE-2019-1009

CVE-2019-1010

CVE-2019-1011

CVE-2019-1012

CVE-2019-1013

CVE-2019-1015

CVE-2019-1016

CVE-2019-1023

CVE-2019-1031

CVE-2019-1032

CVE-2019-1033

CVE-2019-1034

CVE-2019-1035

CVE-2019-1036

CVE-2019-1039

CVE-2019-1046

CVE-2019-1047

CVE-2019-1048

CVE-2019-1049

CVE-2019-1050

CVE-2019-1081

Known Issues

KB Article Applies To

4493730 Windows Server 2008 Service Pack 2 Servicing stack update

4503027 Exchange Server 2019, Exchange Server 2016

4503028 Exchange Server 2010 Service Pack 3, Exchange Server 2013

4503263 Windows Server 2012 (Security-only update)

4503267 Windows 10, version 1607, Windows Server 2016

4503276 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)

4503279 Windows 10, version 1703

4503284 Windows 10, version 1709

4503285 Windows Server 2012 (Monthly Rollup)

4503286 Windows 10, version 1803

4503290 Windows 8.1 Windows Server 2012 R2 (Security-only update)

4503291 Windows 10

4503292 Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Security-only update)

4503293 Windows 10, version 1903

4503327 Windows 10, version 1809, Windows Server 2019

{{windowTitle}}

 

Microsoft January 2019 Security Updates

Release Notes
January 2019 Security Updates

Release Date: January 08, 2019

The January security release consists of security updates for the following software:

• Adobe Flash Player
• Internet Explorer
• Microsoft Edge
• Microsoft Windows
• Microsoft Office and Microsoft Office Services and Web Apps
• ChakraCore
• .NET Framework
• ASP.NET
• Microsoft Exchange Server
• Microsoft Visual Studio

Please note the following information regarding the security updates:

• A list of the latest servicing stack updates for each operating system can be found in
  
  ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
• Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the
  
  Microsoft Update Catalog.
• Updates for Windows RT 8.1 and Microsoft Office RT software are only available via
  
  Windows Update.
• For information on lifecycle and support dates for Windows 10 operating systems, please see
  
  Windows Lifecycle Facts Sheet.
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

The following CVEs have FAQs with additional information and may include * further steps to take after installing the updates.

• ADV190001
• CVE-2019-0536
• CVE-2019-0537
• CVE-2019-0545
• CVE-2019-0549
• CVE-2019-0553
• CVE-2019-0554
• CVE-2019-0559
• CVE-2019-0560
• CVE-2019-0561
• CVE-2019-0569
• CVE-2019-0585
• CVE-2019-0588

Known Issues

• 4480961
• 4480973
• 4480978
• 4480966
• 4480970
• 4480116
• 4480962
• 4480963
• 4480975
• 4468742
• 4471389

{{windowTitle}}