Microsoft Windows Security Updates December 2019 overview

Welcome to the overview of the last Patch Tuesday of 2019. Microsoft released security and non-security updates for all supported products on December 11, 2019.

Our monthly series provides system administrators and interested users with information about the updates that Microsoft released in the month that is covered. It includes statistics, links to security and non-security updates, as well as download links, and links to resources and other official pages.

Microsoft Windows Security Updates December 2019

You may download the following (zipped) Excel spreadsheet that contains a list of released updates in December 2019: microsoft-windows-security-updates-december-2019

Executive Summary

• This is the last Patch Tuesday of 2019.
• Microsoft released security updates for all versions of Windows as well as other company products such as Microsoft Office, SQL Server, Visual Studio, and Skype for Business.
• Windows 10 version 1903 and 1909 share the same security KBs.
• Microsoft’s Windows 7 operating system won’t receive updates anymore after the January 2020 Patch Day (Small Businesses and Enterprises may buy extensions) Microsoft plans to display a full-screen notification on January 15, 2020 on Starter, Home Basic, Home Premium, Professional (without ESU) and Ultimate editions of Windows 7.

Operating System Distribution

• Windows 7: 14 vulnerabilities: 1 rated critical and 13 rated important
  • CVE-2019-1468 | Win32k Graphics Remote Code Execution Vulnerability
• Windows 8.1: 11 vulnerabilities: 1 rated critical and 10 rated important
  • CVE-2019-1468 | Win32k Graphics Remote Code Execution Vulnerability
• Windows 10 version 1803: 14 vulnerabilities: 2 critical and 12 important
  • CVE-2019-1468 | Win32k Graphics Remote Code Execution Vulnerability
  • CVE-2019-1471 | Windows Hyper-V Remote Code Execution Vulnerability
• Windows 10 version 1809: 15 vulnerabilities: 2 critical and 13 important
  • Same as Windows 10 version 1803
• Windows 10 version 1903: 14 vulnerabilities: 2 critical and 12 important
• Windows 10 version 1909: same as Windows 10 version 1903

Windows Server products

• Windows Server 2008 R2: 12 vulnerabilities: 1 critical and 11 important.
  • CVE-2019-1468 | Win32k Graphics Remote Code Execution Vulnerability
• Windows Server 2012 R2: 11 vulnerabilities: 1 critical and 10 important.
  • Same as Windows Server 2008 R2
• Windows Server 2016: 13 vulnerabilities: 1 critical and 12 important.
  • Same as Windows Server 2008 R2
• Windows Server 2019: 15 vulnerabilities: 22 critical and 13 are important
  • CVE-2019-1468 | Win32k Graphics Remote Code Execution Vulnerability
  • CVE-2019-1471 | Windows Hyper-V Remote Code Execution Vulnerability

Other Microsoft Products

• Internet Explorer 11: 1 vulnerability: 1 important
• Microsoft Edge: none?
• Microsoft Edge on Chromium: none?

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

• Monthly Rollup: KB4530734
• Security-only Update: KB4530692 — The security-only update is only available through the Microsoft Update Catalog website and WSUS.

Changes:

• Security updates to Windows Input and Composition, Windows Virtualization, Windows Kernel, Windows Peripherals, the Microsoft Scripting Engine, and Windows Server.

Windows 8.1 and Server 2012 R2

• Monthly Rollup: KB4530702
• Security-only Update: KB4530730

Changes:

Security updates to Windows Virtualization, Windows Kernel, Windows Peripherals, the Microsoft Scripting Engine, and Windows Server.

Windows 10 version 1803

• Support article: KB4530717

Changes:

• Fixes an issue that prevented Microsoft Store from opening on Windows on Arm.
• Security updates to Windows Virtualization, Windows Kernel, Windows Peripherals, the Microsoft Scripting Engine, and Windows Server

Windows 10 version 1809

• Support article: KB4530715

Changes:

• Fixed a diagnostic data processing issue for devices on which the setting was set to Basic.
• Same as Windows 10 version 1803.

Windows 10 version 1903

• Support article: KB4530684

Changes:

• Fixed an issue that could cause error 0x3B in cldflt.sys on some devices.
• Fixed an issue that could prevent the creation of local user accounts when IME is used.
• Security updates to Windows Virtualization, Windows Kernel, the Microsoft Scripting Engine, and Windows Server.

Windows 10 version 1909

• Support article: KB4530684

Changes:

• Same as Windows 10 version 1903

Other security updates

KB4530677 — 2019-12 Cumulative Security Update for Internet Explorer

KB4530691 — 2019-12 Security Monthly Quality Rollup for Windows Embedded 8 Standard, and Windows Server 2012

KB4530695 — 2019-12 Security Monthly Quality Rollup for Windows Server 2008

KB4530698 — 2019-12 Security Only Quality Update for Windows Embedded 8 Standard, and Windows Server 2012

KB4530719 — 2019-12 Security Only Quality Update for Windows Server 2008

KB4530681 — 2019-12 Cumulative Update for Windows 10 Version 1507

KB4530689 — 2019-12 Cumulative Update for Windows 10 Version 1607

KB4530711 — 2019-12 Cumulative Update for Windows 10 Version 1703

KB4530714 — 2019-12 Cumulative Update for Windows 10 Version 1709

KB4531787 — 2019-12 Servicing Stack Update for Windows Server 2008

KB4532920 — 2019-12 Servicing Stack Update for Windows Embedded 8 Standard, and Windows Server 2012

Known Issues

Windows 7 SP1 and Server 2008 R2:

Microsoft does not list any known issues on the KB support article but the release notes state that there is an (unnamed) issue.

Windows 8.1 and Server 2012 R2:

• Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail

Windows 10 version 1803:

• Same as Windows 8.1 and Server 2012 R2.
• Problem creating local user accounts during the Out of Box Experienced when using Input Method Editor (IME).

Windows 10 version 1809:

• Same as Windows 10 version 1803
• Devices with “some” Asian language packs may throw error 0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.

Security advisories and updates

ADV990001 | Latest Servicing Stack Updates

ADV190026 | Microsoft Guidance for cleaning up orphaned keys generated on vulnerable TPMs and used for Windows Hello for Business

Non-security related updates

KB4532997 — 2019-12 Cumulative Update for .NET Framework 4.8 Windows 10 Version 1607, and Windows Server 2016

KB4532998 — 2019-12 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703

KB4532999 — 2019-12 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1709

KB4533000 –2019-12 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1903,and Windows Server 2016

KB4533001 — 2019-12 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1809, and Windows Server 2019

KB4533002 — 2019-12 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 1909 and Windows 10 Version 1909

KB4533013 — 2019-12 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809, and Windows Server 2019

KB4533094 — 2019-12 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809, and Windows Server 2019

KB4533003 — 2019-12 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8 Standard, and Windows Server 2012

KB4533004 — 2019-12 Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1, and Windows Server 2012 R2

KB4533005 — 2019-12 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4533010 — 2019-12 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard, and Windows Server 2012

KB4533011 — 2019-12 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 , and Windows Server 2012 R2

KB4533012 — 2019-12 Security and Quality Rollup for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4533095 — 2019-12 Security and Quality Rollup for .NET Framework 3.5.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4533096 — 2019-12 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard, and Windows Server 2012

KB4533097 — 2019-12 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4533098 — 2019-12 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

KB890830 — Windows Malicious Software Removal Tool – December 2019

Microsoft Office Updates

You find Office update information here.

How to download and install the December 2019 security updates

Security updates are downloaded and installed automatically on most (Home) Windows systems. Windows runs checks for updates regularly to download and install security updates released by Microsoft.

Windows administrators may run manual checks for updates to speed up the process or download patches from the Microsoft Update Catalog website.

Note: we recommend that backups are created before updates are installed.

Do this to run a manual check for updates:

1. Open the Start Menu of the Windows operating system, type Windows Update and select the result.
2. Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

• KB4530734 — 2019-12 Security Monthly Quality Rollup for Windows 7
• KB4530692 — 2019-12 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

• KB4530702 — 2019-12 Security Monthly Quality Rollup for Windows 8.1
• KB4530730 — 2019-12 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

• KB4530717 — 2019-12 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1809)

• KB4530715 — 2019-12 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

• KB4530684 — 2019-12 Cumulative Update for Windows 10 Version 1903

Windows 10 (version 1909)

• KB4530684 — 2019-12 Cumulative Update for Windows 10 Version 1909

Additional resources

• December 2019 Security Updates release notes
• List of software updates for Microsoft products
• List of the latest Windows Updates and Services Packs
• Security Updates Guide
• Microsoft Update Catalog site
• Our in-depth Windows update guide
• How to install optional updates on Windows 10
• Windows 10 Update History
• Windows 8.1 Update History
• Windows 7 Update History

gHacks Technology News.