Microsoft Windows Security Updates October 2019 overview

[Karlston]

Microsoft Windows Security Updates October 2019 overview

Microsoft released security and non-security updates for the Microsoft Windows operating system and other company products on October 8, 2019.

 

Our overview of the monthly release of patches provides administrators and home users with information.

 

The overview links to all released updates, provides information on fixes and known issues, links to support articles and download pages, and provides statistics about the released updates of the month.

 

You can check out the September 2019 overview here in case you missed it.

Microsoft Windows Security Updates October 2019

Here is a handy Excel spreadsheet that lists all released security updates for Microsoft products in October 2019. Please download it with a click on the following link: microsoft-windows-october-2019-update list

Executive Summary

• Microsoft released security updates for all supported versions of Microsoft Windows.
• Security updates were also released for the following company products: Internet Explorer, Microsoft Edge, Microsoft Office, SQL Server Management Studio, Microsoft Dynamics, Windows Update Assistant
• The latest Servicing Stack Update and SHA-2 updates need to be installed before this month's patches for Windows 7 and Windows Server 2008 R2 are installed.
• Windows 10 version 1803 reaches end of servicing next month for Home and Pro editions.

Operating System Distribution

• Windows 7: 20 vulnerabilities: 1 rated critical and 18 rated important
  • CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
• Windows 8.1: 20 vulnerabilities: 2 rated critical and 17 rated important and 1 moderate
  • CVE-2019-1060 | MS XML Remote Code Execution Vulnerability
  • CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
• Windows 10 version 1803: 29 vulnerabilities: 2 critical and 26 important and 1 moderate
  • CVE-2019-1060 | MS XML Remote Code Execution Vulnerability
  • CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
• Windows 10 version 1809: 32 vulnerabilities: 2 critical and 29  important and 1 moderate
  • Same as Windows 10 version 1803
• Windows 10 version 1903: 31 vulnerabilities: 2 critical and 28 important and 1 moderate
  • Same as Windows 10 version 1803

Windows Server products

• Windows Server 2008 R2: 20 vulnerabilities: 1 critical,18 important and 1 moderate.
  • CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
• Windows Server 2012 R2: 20 vulnerabilities: 2 critical, 17 important and 1 moderate
  • CVE-2019-1060 | MS XML Remote Code Execution Vulnerability
  • CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
• Windows Server 2016: 23 vulnerabilities: 2 critical, 20 important and 1 moderate.
  • Same as Server 2012 R2.
• Windows Server 2019: 32 vulnerabilities: 2 critical, 29 are important and 1 moderate.
  • Same as Server 2012 R2.

Other Microsoft Products

• Internet Explorer 11: 6 vulnerabilities: 3 critical, 3 important
  • CVE-2019-1238 | VBScript Remote Code Execution Vulnerability
  • CVE-2019-1239 | VBScript Remote Code Execution Vulnerability
  • CVE-2019-1367 | Scripting Engine Memory Corruption Vulnerability
• Microsoft Edge: 7 vulnerabilities: 4 critical, 3 important
  • CVE-2019-1307 | Chakra Scripting Engine Memory Corruption Vulnerability
  • CVE-2019-1308 | Chakra Scripting Engine Memory Corruption Vulnerability
  • CVE-2019-1335 | Chakra Scripting Engine Memory Corruption Vulnerability
  • CVE-2019-1366 | Chakra Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

Security only: KB4520003 

• Fixed an issue with security bulletin CVE-2019-1318 that could cause clients or servers that don't support Extended Master Secret RFC 7626 to have increased latency and CPU utilization.
• Security updates

Monthly Rollup: KB4519976

• Fixed an issue that could prevent the disabling of VBScript in IE by default.
• Fixed a printing issue.
• Security fixes.

Windows 8.1 and Server 2012 R2

Security-only: KB4519990

• Security updates.

Monthly Rollup: KB4520005

• Same as security-only.
• Fixed an issue with applications and printer drivers that use Windows JavaScript engine for processing print jobs.

Windows 10 version 1803

Cumulative Update: KB4520008

• Fixed a Keyboard Lockdown Subsystem issue that prevented the correct filtering of key input.
• Fixed a Bluetooth hardening issue that could cause the error "0x133 DPC_WATCHDOG_VIOLATION".
• Fixed an issue with security bulletin CVE-2019-1318 that could cause clients or servers that don't support Extended Master Secret RFC 7626 to have increased latency and CPU utilization.
• Fixed a printing issue.
• Security updates

Windows 10 version 1809 and Server 1809 and Windows Server 2019

Cumulative Update: KB4519338

• Fixed a Keyboard Lockdown Subsystem issue that prevented the correct filtering of key input.
• Fixed an issue with security bulletin CVE-2019-1318 that could cause clients or servers that don't support Extended Master Secret RFC 7626 to have increased latency and CPU utilization.
• Fixed a printing issue.
• Security updates

Windows 10 version 1903 and Server 1903

Cumulative Update: KB4517389 

• Fixed an issue with security bulletin CVE-2019-1318 that could cause clients or servers that don't support Extended Master Secret RFC 7626 to have increased latency and CPU utilization.
• Fixed a printing issue.
• Security updates

Other security updates

KB4519974 -- Cumulative security update for Internet Explorer: October 8, 2019

KB4520004 -- 2019-10 Cumulative Update for Windows 10 Version 1709

KB4520010 -- 2019-10 Cumulative Update for Windows 10 Version 1703

KB4520011 -- 2019-10 Cumulative Update for Windows 10 Version 1507

KB4521856 -- 2019-10 Servicing Stack Update for Windows 10 Version 1507

KB4521857 -- 2019-10 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012

KB4521858 -- 2019-10 Servicing Stack Update for Windows Server 2016 and Windows 10 Version 1607

KB4521859 -- 2019-10 Servicing Stack Update for Windows 10 Version 1703

KB4521860 -- 2019-10 Servicing Stack Update for Windows 10 Version 1709

KB4521861 -- 2019-10 Servicing Stack Update for Windows 10 Version 1803 and Windows Server 2016

KB4521862 -- 2019-10 Servicing Stack Update for Windows 10 Version 1809 and Windows Server 2019

KB4521863 -- 2019-10 Servicing Stack Update for Windows Server 1909 and Windows 10 Version 1909

KB4521864 -- 2019-10 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

Server products

KB4519985 -- Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4520002 -- 2019-10 Security Monthly Quality Rollup for Windows Server 2008

KB4520007  -- 2019-10 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4520009 -- 2019-10 Security Only Quality Update for Windows Server 2008

KB4519998 -- 2019-10 Cumulative Update for Windows 10 Version 1607 and Windows Server 2016

Known Issues

Windows 8.1

• Certain operations on Cluster Shared Volumes may fail.

Windows 10 version 1803

• Same as Windows 8.1.
• Black screen issue on first boot after the installation of updates.
• Mixed Reality Portal error issue.

Windows 10 version 1809

• Same as Windows 10 version 1809.
• Issue on devices with certain Asian language packs installed.

Security advisories and updates

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB4524102 -- 2019-10 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4524103 -- 2019-10 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4524104 -- 2019-10 Security and Quality Rollup for .NET Framework 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4524105 -- 2019-10 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

KB4519335 -- 2019-10 Dynamic Update for Windows 10 Version 1607

KB4519336 -- 2019-10 Dynamic Update for Windows 10 Version 1703

KB4519337 -- 2019-10 Dynamic Update for Windows 10 Version 1809

KB4519764 -- 2019-10 Dynamic Update for Windows 10 Version 1709

KB4519765 -- 2019-10 Dynamic Update for Windows 10 Version 1803

KB4524095 -- 2019-10 Cumulative Update for .NET Framework 4.8 for Windows Server 1903, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows 10 Version 1803, Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524096 -- 2019-10 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1903, Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524097 -- 2019-10 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1903, Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524098 -- 2019-10 Cumulative Update for .NET Framework 4.8 for Windows Server 1903, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows 10 Version 1803, Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524099 -- 2019-10 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows Server 2019, Windows 10 Version 1903, Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524100 --2019-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 1903 and Windows 10 Version 1903

KB4524101 -- 2019-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 1909 and Windows 10 Version 1909

KB890830 -- Windows Malicious Software Removal Tool - October 2019

Microsoft Office Updates

You find Office update information here.

How to download and install the October 2019 security updates

 

Note: we suggest that you create a full system backup before applying any updates; Microsoft's track record of releasing updates without known issues has not been the best lately and while most updates may install fine and without issues on most systems, a backup ensures that you can restore the previous version if you encounter any issues.

 

Windows Updates are pushed to home devices automatically. You can run a manual check for updates to speed up the process.

1. Open the Start Menu of the Windows operating system, type Windows Update and select the result.
2. Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Cumulative updates may also be downloaded from the Microsoft Update Catalog website to install them manually. Note that you need to make sure that a compatible Service Stack Update is installed on the device.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

• KB4519976 -- 2019-10 Security Monthly Quality Rollup for Windows 7
• KB4520003 -- 2019-10 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

• KB4520005 -- 2019-10 Security Monthly Quality Rollup for Windows 8.1
• KB4519990 -- 2019-10 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

• KB4520008  -- 2019-10 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

• KB4519338  -- 2019-10 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

• KB4517389  -- 2019-10 Cumulative Update for Windows 10 Version 1903

Additional resources

• October 2019 Security Updates release notes
• List of software updates for Microsoft products
• List of the latest Windows Updates and Services Packs
• Security Updates Guide
• Microsoft Update Catalog site
• Our in-depth Windows update guide
• How to install optional updates on Windows 10
• Windows 10 Update History
• Windows 8.1 Update History
• Windows 7 Update History

 

 

Source: Microsoft Windows Security Updates October 2019 (gHacks - Martin Brinkmann)