Windows 10: Microsoft Windows Security Updates September 2019 overview

It is September 10, 2019 and Microsoft has just released security and non-security updates for its Microsoft Windows operating system and other company products.

Our overview of the September 2019 Patch Day provides system administrators and home users with information on the released updates. It features some stats at the beginning, provides links to all support articles and direct download options, lists known issues and security advisories, and provides other relevant information.

Check out the August 2019 update overview in case you missed it.

Microsoft Windows Security Updates September 2019


Here is a handy Excel spreadsheet that lists all released security updates for Microsoft products in September 2019. Please download it with a click on the following link: Microsoft Windows Security Updates September 2019

Executive Summary

• Microsoft released security updates for all client and server versions of the Windows operating system that it supports.
• The following non-Windows products had security updates released as well: Internet Explorer, Microsoft Edge, Microsoft Office, Adobe Flash Player, Microsoft Lync, Visual Studio, .NET Framework, Microsoft Exchange Server, Microsoft Yammer, .NET Core, ASP.NET, Team Foundation Server, Project Rome.
• Microsoft fixed the high CPU usage issue from SearchUI.exe in Windows 10 1903.
• The Microsoft Update Catalog website lists 215 updates.

Operating System Distribution

• Windows 7: 32 vulnerabilities: 4 rated critical and 28 rated important
  • CVE-2019-0787 | Remote Desktop Client Remote Code Execution Vulnerability
  • CVE-2019-1280 | LNK Remote Code Execution Vulnerability
  • CVE-2019-1290 | Remote Desktop Client Remote Code Execution Vulnerability
  • CVE-2019-1291 | Remote Desktop Client Remote Code Execution Vulnerability
• Windows 8.1: 33 vulnerabilities: 5 rated critical and 28 rated important
  • same as Windows 7 plus
  • CVE-2019-0788 | Remote Desktop Client Remote Code Execution Vulnerability
• Windows 10 version 1803: 46 vulnerabilities: 5 critical and 41 important
  • same as Windows 8.1
• Windows 10 version 1809: 45 vulnerabilities: 5 critical and 40 important
  • same as Windows 8.1
• Windows 10 version 1903: 45 vulnerabilities: 5 critical and 40 important.
  • same as Windows 8.1

Windows Server products

• Windows Server 2008 R2: 31 vulnerabilities: 3 critical and 28 important.
  • CVE-2019-1280 | LNK Remote Code Execution Vulnerability
  • CVE-2019-1290 | Remote Desktop Client Remote Code Execution Vulnerability
  • CVE-2019-1291 | Remote Desktop Client Remote Code Execution Vulnerability
• Windows Server 2012 R2: 31 vulnerabilities: 3 critical and 28 important.
  • same as Windows Server 2008 R2.
• Windows Server 2016: 39 vulnerabilities: 3 critical and 36 important
  • same as Windows Server 2008 R2.
• Windows Server 2019: 43 vulnerabilities: 3 critical and 40 are important.
  • same as Windows Server 2008 R2.

Other Microsoft Products

• Internet Explorer 11: 4 vulnerabilities: 3 critical, 1 important
  • CVE-2019-1208 | VBScript Remote Code Execution Vulnerability
  • CVE-2019-1221 | Scripting Engine Memory Corruption Vulnerability
  • CVE-2019-1236 | VBScript Remote Code Execution Vulnerability
• Microsoft Edge: 7 vulnerabilities: 5 critical, 2 important
  • CVE-2019-1138 | Chakra Scripting Engine Memory Corruption Vulnerability
  • CVE-2019-1217 | Chakra Scripting Engine Memory Corruption Vulnerability
  • CVE-2019-1237 | Chakra Scripting Engine Memory Corruption Vulnerability
  • CVE-2019-1298 | Chakra Scripting Engine Memory Corruption Vulnerability
  • CVE-2019-1300 | Chakra Scripting Engine Memory Corruption Vulnerability

Windows Security Updates


Windows 7 SP1 and Windows Server 2008 R2 SP1

Monthly Rollup: KB4516065

Security Only: KB4516033

• Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 32-Bit (x86) versions of Windows
• Security Updates

Windows 8.1 and Windows Server 2012 R2

Monthly Rollup: KB4516067

Security Only: KB4516064

• Same as Windows 7 and Server 2008 R2

Windows 10 version 1803

Cumulative Update: KB4516058

• Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 32-Bit (x86) versions of Windows.
• Security updates.

Windows 10 version 1809 and Windows Server 1809

Cumulative Update: KB4512578

• Same as Windows 10 version 1803.

Windows 10 version 1903 and Windows Server version 1903

Cumulative update: KB4515384

• Same as Windows version 1803 plus
• Fixed the high CPU usage issue caused by SearchUI.exe.

Windows 10 version 1903 and Windows Server 1903

Other security updates

KB4516046 -- Cumulative security update for Internet Explorer: September 10, 2019

KB4474419 -- SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: August 13, 2019

KB4516655 -- 2019-09 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4517134 -- 2019-09 Servicing Stack Update for Windows Server 2008

KB4512938 -- 2019-09 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4512939 -- 2019-09 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012

KB4511839 -- 2019-09 Servicing Stack Update for Windows 10 Version 1703

KB4512573 -- 2019-09 Servicing Stack Update for Windows 10 Version 1507

KB4512575 -- 2019-09 Servicing Stack Update for Windows 10 Version 1709

KB4512576 -- 2019-09 Servicing Stack Update for Windows Server Version 1803 and Windows 10 Version 1803

KB4512577 -- 2019-09 Servicing Stack Update for Windows 10 Version 1809 and Windows Server 2019

KB4515383 -- 2019-09 Servicing Stack Update for Windows 10 Version 1903

KB4512574 -- 2019-09 Servicing Stack Update for Windows Server 1903 RTM, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows Server Version 1803, Windows 10 Version 1803, Windows Server 2016, Windows Server Version 1709, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10

Server / Embedded

KB4516026 -- 2019-09 Security Monthly Quality Rollup for Windows Server 2008

KB4516051 -- 2019-09 Security Only Quality Update for Windows Server 2008

KB4516055 --2019-09 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4516062 -- 2019-09 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

Microsoft .NET

KB4514330 -- Security Only Update for .NET Framework 4.8 for Windows Server 2012

KB4514331 -- Security Only Update for .NET Framework 4.8 for Windows 8.1 and Server 2012 R2

KB4514337 --

KB4514338 -- Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2

KB4514341 -- Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Server 2012 R2

KB4514342 -- Security Only Update for .NET Framework 4.5.2 for Windows Server 2012

KB4514349 -- Security Only Update for .NET Framework 3.5 for Windows Server 2012

KB4514350 -- Security Only Update for .NET Framework 3.5 for Windows 8.1 and Server 2012 R2

KB4514360 -- Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012

KB4514361 -- Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514363 -- Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012

KB4514364 -- Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514367 -- Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514368 -- Security and Quality Rollup for .NET Framework 4.5.2 for Windows Server 2012

KB4514370 -- Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012

KB4514371 -- Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Server 2012 R2

KB4514598 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012

KB4514599 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Server 2012 R2

KB4514602 -- Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Server 2008 R2 SP1

KB4514603 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012

KB4514604 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514605 -- Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2

KB4514354 -- 2019-09 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607

KB4514355 -- 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703

KB4514356 -- 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1709

KB4514357 -- 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803 and Windows Server 2016

KB4514358 -- 2019-09 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1809

KB4514359 -- 2019-09 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1903

KB4514366 -- 2019-09 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809

KB4514601 -- 2019-09 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809

Known Issues


Windows 7 SP1 and Windows Server 2008 R2 (monthly rollup only)

• VBScript may not be disabled in Internet Explorer even though it should be

Windows 8.1 and Windows Server 2008 R2

• Certain operations may fail on Cluster Shared Volumes

Windows 10 version 1803

• Operations may fail on Cluster Shared Volumes.
• Black screen during first logon after update installation issue

Windows 10 version 1809

• Same as Windows 10 version 1803 plus
• Error on some devices with certain Asian language packs installed: 0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.
• Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries

Security advisories and updates


ADV990001 | Latest Servicing Stack Updates

ADV190022 | September 2019 Adobe Flash Security Update

Non-security related updates

Microsoft Office Updates


You find Office update information here.

How to download and install the September 2019 security updates




Most home systems receive updates automatically especially when they run Windows 10. Updates are not pushed in real-time to devices running Windows. Some administrators prefer to install security updates the moment they are released, others to wait to make sure that the updates don't introduce any issues on the system.

Note: it is recommended that you back up the system partition before you install updates. Use programs like Paragon Backup & Recovery Free or Macrium Reflect for that.

Admins may check for updates manually to retrieve the released updates right away. Here is how that is done:

• Open the Start Menu of the Windows operating system, type Windows Update and select the result.
• Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Updates may also be downloaded from the Microsoft Update Catalog website.

Direct update downloads


Windows 7 SP1 and Windows Server 2008 R2 SP

• KB4516065 -- 2019-09 Security Monthly Quality Rollup for Windows 7
• KB4516033 -- 2019-09 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

• KB4516067 -- 2019-09 Security Monthly Quality Rollup for Windows 8.1
• KB4516064 -- 2019-09 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

• KB4516058 -- 2019-09 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

• KB4512578 -- 2019-09 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

• KB4515384 -- 2019-09 Cumulative Update for Windows 10 Version 1903

Additional resources

• September 2019 Security Updates release notes
• List of software updates for Microsoft products
• List of the latest Windows Updates and Services Packs
• Security Updates Guide
• Microsoft Update Catalog site
• Our in-depth Windows update guide
• How to install optional updates on Windows 10
• Windows 10 Update History
• Windows 8.1 Update History
• Windows 7 Update History

Ghacks needs you. You can find out how to support us here (https://www.ghacks.net/support/) or support the site directly by becoming a Patreon (https://www.patreon.com/ghacks/). Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates September 2019 overview appeared first on gHacks Technology News.

read more...

 

Microsoft Security Bulletin for September 2007

Microsoft released yesterday the September Security Bulletin for Windows operating system, as part of its monthly security cycle. This bulletin summary lists one critical and three important updates. For more information, see Microsoft Security Bulletin Summary for September 2007.

Source: Microsoft

 

Microsoft February 2019 Security Updates

Release Notes

February 2019 Security Updates

Release Date: February 12, 2019

The February security release consists of security updates for the following software:

Adobe Flash Player

Internet Explorer

Microsoft Edge

Microsoft Windows

Microsoft Office and Microsoft Office Services and Web Apps

ChakraCore

.NET Framework

Microsoft Exchange Server

Microsoft Visual Studio

Azure IoT SDK

Microsoft Dynamics

Team Foundation Server

Visual Studio Code

Please note the following information regarding the security updates:

A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.

Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.

Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.

For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.

In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

The following CVEs have FAQs with additional information and may include * further steps to take after installing the updates.

ADV190003

ADV190007 *

ADV990001

CVE-2019-0540 *

CVE-2019-0600

CVE-2019-0601

CVE-2019-0602

CVE-2019-0615

CVE-2019-0616

CVE-2019-0619

CVE-2019-0621

CVE-2019-0628

CVE-2019-0635

CVE-2019-0636

CVE-2019-0643

CVE-2019-0648

CVE-2019-0658

CVE-2019-0660

CVE-2019-0661

CVE-2019-0664

CVE-2019-0669

CVE-2019-0676

CVE-2019-0686 *

CVE-2019-0724 *

CVE-2019-0741

Known Issues

44****2

{{windowTitle}}

 

Microsoft January 2019 Security Updates

Release Notes
January 2019 Security Updates

Release Date: January 08, 2019

The January security release consists of security updates for the following software:

• Adobe Flash Player
• Internet Explorer
• Microsoft Edge
• Microsoft Windows
• Microsoft Office and Microsoft Office Services and Web Apps
• ChakraCore
• .NET Framework
• ASP.NET
• Microsoft Exchange Server
• Microsoft Visual Studio

Please note the following information regarding the security updates:

• A list of the latest servicing stack updates for each operating system can be found in
  
  ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
• Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the
  
  Microsoft Update Catalog.
• Updates for Windows RT 8.1 and Microsoft Office RT software are only available via
  
  Windows Update.
• For information on lifecycle and support dates for Windows 10 operating systems, please see
  
  Windows Lifecycle Facts Sheet.
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

The following CVEs have FAQs with additional information and may include * further steps to take after installing the updates.

• ADV190001
• CVE-2019-0536
• CVE-2019-0537
• CVE-2019-0545
• CVE-2019-0549
• CVE-2019-0553
• CVE-2019-0554
• CVE-2019-0559
• CVE-2019-0560
• CVE-2019-0561
• CVE-2019-0569
• CVE-2019-0585
• CVE-2019-0588

Known Issues

• 4480961
• 4480973
• 4480978
• 4480966
• 4480970
• 4480116
• 4480962
• 4480963
• 4480975
• 4468742
• 4471389

{{windowTitle}}