Microsoft Windows Security Updates February 2019 overview

Microsoft has just released security updates and other updates for Microsoft Windows, Office, and other company products.

The updates are available through automatic updating systems, update distribution systems, and also manual download.

It is recommended that you read through our monthly overview of the Patch Day before you download and install any of the updates.

Our overview includes information about all security updates, known issues, download links, and links to support articles that are useful when it comes to finding out more about certain updates released for systems and programs.

Check out the January 2019 Patch Day here.

Tip: Make sure you back up systems before you install updates, as updates may break things.

Microsoft Windows Security Updates January 2019

Download the following Excel spreadsheet to your computer if you want a detailed list of all security updates that Microsoft released today. Just click on the following link to download it to your system:
Microsoft February 2019 Security Updates Master List

Executive Summary

• Microsoft released security updates for all supported versions of Microsoft Windows.
• The following Microsoft products received security updates as well: Microsoft Edge, Internet Explorer, Microsoft Office, .NET Framework, Microsoft Exchange Server, Microsoft Visual Studio, Azure IoT SDK, Microsoft Dynamics, Team Foundation Server, Visual Studio Code
• Microsoft released Servicing Stack Updates for supported versions of Windows.
• The Update Catalog lists 208 updates for February 2019.

Operating System Distribution

• Windows 7: 24 vulnerabilities of which 3 are rated critical and 21 are rated important.
• Windows 8.1: 25 vulnerabilities of which 3 are rated critical and 22 are rated important.
• Windows 10 version 1607: 28 vulnerabilities of which 3 are critical and 25 are important
• Windows 10 version 1703: 28 vulnerabilities of which 3 are critical and 25 are important
• Windows 10 version 1709: 29 vulnerabilities of which 3 are critical and 26 are important
• Windows 10 version 1803: 29 vulnerabilities of which 3 are critical and 26 are important
• Windows 10 version 1809: 28 vulnerabilities of which 3 are critical and 25 are important

Windows Server products

• Windows Server 2008 R2: 24 vulnerabilities of which 3 are critical and 21 are important.
• Windows Server 2012 R2: 25 vulnerabilities of which 3 are critical and 23 are important.
• Windows Server 2016: 28 vulnerabilities of which 3 are critical and 25 are important.
• Windows Server 2019: 28 vulnerabilities of which 3 are critical and 25 are important.

The critical vulnerabilities are all the same in all client and server editions:

• CVE-2019-0618 | GDI+ Remote Code Execution Vulnerability
• CVE-2019-0626 | Windows DHCP Server Remote Code Execution Vulnerability
• CVE-2019-0662 | GDI+ Remote Code Execution Vulnerability

Other Microsoft Products

• Internet Explorer 11: 3 vulnerability, 1 critical, 2 important
• Microsoft Edge: 21 vulnerabilities, 14 critical, 5 important, 2 moderate

Windows Security Updates

Windows 7 SP1

KB4486563 — Monthly Rollup

• HTTP Strict Transport Security Preload gets top-level domain support in Microsoft Edge and IE11.
• Plus all in security-only rollup.

KB4486564 — Security-only Rollup

• Fixed an issue that prevented Microsoft Jet database files from opening.
• Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Input and Composition, Windows Wireless Networking, Windows Server, and the Microsoft JET Database Engine

Windows 8.1

KB4487000 — Monthly Rollup

• HTTP Strict Transport Security Preload gets top-level domain support in Microsoft Edge and IE11.
• Plus all in security-only rollup

KB4487028 — Security-only Rollup

• Fixed an issue that prevented Microsoft Jet database files from opening.
• Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Input and Composition, Windows Wireless Networking, Internet Explorer, Windows Server, and the Microsoft JET Database Engine.

Windows 10 version 1607

KB4487026 — Cumulative Update for Windows 10 version 1607

• Fixed an issue that caused Microsoft Outlook search to fail.
• Fixed a file icon display issue in the taskbar.
• Fixed an issue the prevented the correct setting of the LmCompatibilityLevel value.
• Fixed the Microsoft JET database file access issue.
• Internet Explorer 11 layout recalculation optimization for server platforms.
• Added top-level domain support to HSTS Preload for Microsoft Edge and IE11.
• Fixed an issue that prevented Edge from connecting using an IP address.
• Security updates to Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Windows Graphics, Microsoft Graphics Component, Windows Input and Composition, Microsoft Edge, Windows Storage and Filesystems, Windows Wireless Networking, Windows Server, and the Microsoft JET Database Engine.

Windows 10 version 1703

KB4487020 — Cumulative Update for Windows 10 version 1703

• Same as KB4487017 for Windows 10 version 1803

Windows 10 version 1709

KB4486996 — Cumulative Update for Windows 10 version 1709

• Same as KB4487017 for Windows 10 version 1803

Windows 10 version 1803

KB4487017 — Cumulative Update for Windows 10 version 1803

• Fixed an issue the prevented the correct setting of the LmCompatibilityLevel value.
• Fixed the Microsoft JET database file access issue.
• Added top-level domain support to HSTS Preload for Microsoft Edge and IE11.
• Fixed an issue that prevented Edge from connecting using an IP address.
• Security updates to Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Windows Graphics, Windows Input and Composition, Microsoft Edge, Windows Wireless Networking, Windows Server, and the Microsoft JET Database Engine .

Windows 10 version 1809

KB4487044 — Cumulative Update for Windows 10 version 1809

• Addresses an issue that causes the Windows Hello for Business Hybrid Key Trust deployment sign-in to fail if Windows 2019 Server domain controllers (DC) are used for authentication.
• Fixed an issue the prevented the correct setting of the LmCompatibilityLevel value.
• Fixed the Microsoft JET database file access issue.
• Fixed an issue in Microsoft HoloLens that allowed users to bypass the lock screen sign in process.
• Security updates to Microsoft Scripting Engine, Microsoft Edge, Windows Server, the Microsoft JET Database Engine, Internet Explorer, Windows Wireless Networking, Windows Storage and Filesystems, Windows Input and Composition, Windows Graphics, and Windows App Platform and Frameworks.

Other security updates

KB4486474 — Cumulative Security Update for Internet Explorer

KB4483449 — Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4483450 — Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4483451 — Security and Quality Rollup for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4483453 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4483454 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4483455 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4483456 — Security and Quality Rollup for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4483457 — Security and Quality Rollup for .NET Framework 2.0, 3.0 for Windows Server 2008

KB4483458 — Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4483459 — Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4483468 — Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4483469 — Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4483470 — Security Only Update for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4483472 — Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4483473 — Security Only Update for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4483474 — Security Only Update for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4483475 — Security Only Update for .NET Framework 4.0 on WES09 and POSReady 2009

KB4483481 — Security Only Update for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4483482 — Security Only Update for .NET Framework 2.0, 3.0 for Windows Server 2008

KB4483483 — Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4483484 — Security Only Update for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4483485 — Security Only Update for .NET Framework 2.0 SP2 on WES09 and POSReady 2009

KB4483495 — Security Only Update for .NET Framework 3.0 SP2 on WES09 and POSReady 2009

KB4486463 — Fix for Information Disclosure Vulnerability in Windows Embedded POSReady 2009

KB4486464 — Fix for Information Disclosure Vulnerability in Windows Embedded POSReady 2009

KB4486465 — Fix for Remote Code Execution Vulnerability in Windows Embedded POSReady 2009

KB4486924 — Fix for security updates in Windows Embedded POSReady 2009

KB4487019 — Windows Server 2009 SP2 Security-only update.

KB4487023 — Windows Server 2009 SP2 Monthly Rollup update.

KB4487025 — Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4487038 — Adobe Flash Player security update

KB4487078 — Security and Quality Rollup for .NET Framework 3.5.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4487079 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4487080 — Security and Quality Rollup for .NET Framework 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4487081 — Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4487085 — Security Update for WES09 and POSReady 2009 for x86-based Systems

KB4487086 — Security Update for WES09 and POSReady 2009

KB4487121 — Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4487122 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4487123 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4487124 — Security Only Update for .NET Framework 2.0 for Windows Server 2008

KB4487385 — Security Update for WES09 and POSReady 2009

KB4487396 — Security Update for WES09 and POSReady 2009

KB4483452 — Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10

Known Issues

Windows 7, Windows 8.1

Virtual Machines may fail to restore successfully after installing the update on AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) architectures.

Workaround: Shut down of virtual machines before restarting the host.

Windows 10 version 1607 and Server 2016

Lenovo laptops with less than 8 GB of RAM may fail to start.

Workaround: Disable Secure Boot on the PC. If BitLocker is installed, you may need to use BitLocker Recovery.

The cluster service may fail to start after installing KB4467684.

Workaround: Set Minimum Password Length policy to “less than or equal to 14 characters”.

SCVMM hosts may not be able to enumerate and manage logical switches deployed on the host.

Workaround: Run mofcomp on Scvmmswitchportsettings.mof and VMMDHCPSvr.mof.

Windows 10 version 1803

Some users may not be able to pin web links on the Start menu or taskbar.

Workaround: none

Also, same local IP connecting issue as Windows 10 version 1809.

Windows 10 version 1703, 1709, 1809

Some users may not be able to load webpages using local IP addresses after installing KB4480116.

Workaround: Add the local IP address to the list of sites in the Trusted Zone.

Security advisories and updates

ADV190003 | February 2019 Adobe Flash Security Update

ADV190007 | Guidance for “PrivExchange” Elevation of Privilege Vulnerability

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB4486557 — Dynamic Update for Windows 10 Version 1507

KB890830 — Windows Malicious Software Removal Tool – February 2019

Microsoft Office Updates

You can read about the non-security Office updates released in February 2019 here. The list of security updates for Microsoft Office is available here.

How to download and install the February 2019 security updates

Windows security updates are distributed via Windows Update, WSUS, and other update management systems that Microsoft supports.

We don’t recommend that you run manual update checks as it may lead to the installation of beta updates or feature upgrades.

Still, you may do so in the following way:

1. Open the Start Menu.
2. Type Windows Update.
3. Click on the “check for updates” button to run a manual check.

You may use third-party tools like the excellent Windows Update Manager or Windows Update Minitool to download updates.

Direct update downloads

Updates that Microsoft releases for supported versions of Windows are available on the Microsoft Update Catalog website as well. The links below lead directly to these downloads on the site.

Windows 7 SP1 and Windows Server 2008 R2 SP

• KB4486563 — 2019-02 Security Monthly Quality Rollup for Windows 7
• KB4486564 — 2019-02 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

• KB4487000 — 2019-02 Security Monthly Quality Rollup for Windows 8.1
• KB4487028 — 2019-02 Security Only Quality Update for Windows 8.1

Windows 10 and Windows Server 2016 (version 1607)

• KB4487026 — 2019-02 Cumulative Update for Windows 10 Version 1607

Windows 10 (version 1703)

• KB4487020 — 2019-02 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

• KB4486996 — 2019-02 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

• KB4487017 — 2019-02 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

• KB4487044 — 2019-02 Cumulative Update for Windows 10 Version 1809

Additional resources

• February 2019 Security Updates release notes
• List of software updates for Microsoft products
• List of the latest Windows Updates and Services Packs
• Security Updates Guide
• Microsoft Update Catalog site
• Our in-depth Windows update guide
• How to install optional updates on Windows 10
• Windows 10 Update History
• Windows 8.1 Update History
• Windows 7 Update History

The post Microsoft Windows Security Updates February 2019 overview appeared first on gHacks Technology News.