Patchday Windows 10 Updates (November 12, 2019)

Posted on 2019-11-13 by guenni

[German]On November 12, 2019 (second Tuesday of the month, patchday at Microsoft), several cumulative updates were released for the supported Windows 10 builds. Here are some details about each update.

Advertising

A list of the updates can be found on this Microsoft Web page. I've pulled out the details below. The update installation requires an existing current Servicing Stack Updates (SSUs). Microsoft now publishes an overview of current Servicing Stack Updates (SSUs) at ADV990001.

Updates for Windows 10 Version 190x

For the Windows 10 builds 1903 and 1909 released in 2019, Microsoft provides the same update packages. The following updates are available for the Windows 10 May 2019 Update (Version 1903) and the Windows 10 November 2019 Update (Version 1909).

Update KB4524570 for Windows 10 Version 190x

Cumulative Update KB4524570 raises the OS build to 18362.476 (Windows 10 V1903) or 18363.476 (Windows 10 V1909). The update is available for Windows 10 Version 1903 (and the Hololense), for Windows 10 Version 1909, and for Windows Server Version 1903 and Windows Server Version 1909. It contains quality improvements but no new operating system features. Here is the list of improvements, called highlights by Microsoft:

Updates to improve security when using Internet Explorer and Microsoft Edge.

The following fixes and improvements to Windows 10 Version 1909 have been added:

  • This build includes all the improvements from Windows 10, version 1903.
  • No additional issues were documented for this release.

For Windows 10 Version 1903 the following fixes and improvements have been added:

Advertising
  • Addresses an issue in the Keyboard Lockdown Subsystem that might not filter key input correctly. 
  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Use the registry setting as described in the Guidance KB article. (This registry setting is disabled by default.)
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Use the registry settings as described in the Windows Client and Windows Server articles. (These registry settings are enabled by default for Windows Client OS editions and Windows Server OS editions.)
  • Security updates to Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Microsoft Edge, Windows Fundamentals, Windows Cryptography, Windows Virtualization, Windows Linux, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.

In addition, Microsoft has released an update directly for the Windows Update Client to improve its reliability. This will be rolled out outside of Windows Update if the machine is compatible and not a LTSC variant and updates have not been blocked by GPO.

This update is automatically downloaded and installed by Windows Update. This update is also available in the Microsoft Update Catalog and via WSUS. Microsoft strongly recommends that you install the latest Service Stack Update (SSU) for your operating system before installing the latest Cumulative Update (LCU). For the update, Microsoft specifies a known setup issue during the OOBE phase (no user can be created during a reinstallation if the IME is used for Asian fonts).

Updates for Windows 10 Version 1809

The following updates are available for Windows 10 October 2018 Update (version 1809) and Windows Server 2019.

Update KB4523205 for Windows 10 Version 1809

Cumulative Update KB4523205  raises the OS build (according to MS) to 17763.864 and includes quality improvements but no new operating system features. Here is the list of improvements, called highlights by Microsoft:

  • Updates to improve security when using Internet Explorer and Microsoft Edge.
  • Updates to improve security when using external devices (such as game controllers, printers, and web cameras) and input devices such as a mouse, keyboard, or stylus.
  • Updates to improve security when using Microsoft Office products.

The following fixes and improvements have been added to the Windows version:

  • Addresses an issue that might cause the Microsoft Defender Advanced Threat Protection (ATP) service to stop running and stop sending reporting data.
  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Use the registry setting as described in the Guidance KB article. (This registry setting is disabled by default.)
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Use the registry settings as described in the Windows Client and Windows Server articles. (These registry settings are enabled by default for Windows Client OS editions and Windows Server OS editions.)
  • Security updates to Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Input and Composition, Microsoft Edge, Windows Fundamentals, Windows Cryptography, Windows Virtualization, Windows Linux, Windows Kernel, Windows Datacenter Networking, Windows Peripherals, and the Microsoft JET Database Engine.

In addition, Microsoft has released an update directly for the Windows Update Client to improve its reliability. This will be rolled out outside of Windows Update if the machine is compatible and not a LTSC variant and updates have not been blocked by GPO.

This update is automatically downloaded and installed by Windows Update. This update is also available in the Microsoft Update Catalog. Microsoft strongly recommends that you install the latest Service Stack Update (SSU) for your operating system before installing the latest Cumulative Update (LCU). Microsoft lists several known issues that the update causes. See the KB article for details.

Updates for Windows 10 Version 1803

For Windows 10 April Update (version 1803) these are the last updates for Home and Pro, as their support expires on November 12, 2019. The following updates are available.

Update KB4525237 for Windows 10 Version 1803

Cumulative Update KB4525237 contains quality improvements but no new operating system functions and raises the OS build to 17134.1069. Here is the list of improvements, this time described by Microsoft as highlights: 

  • Updates to improve security when using Internet Explorer and Microsoft Edge.
  • Updates to improve security when using external devices (such as game controllers, printers, and web cameras) and input devices such as a mouse, keyboard, or stylus.
  • Updates to improve security when using Microsoft Office products.

And here is the list of fixes and changes:

  • addresses an issue that causes events that are based on Windows Defender Application Control Code Integrity to be unreadable.
  • Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Use the registry setting as described in the Guidance KB article. (This registry setting is disabled by default.)
  • Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Use the registry settings as described in the Windows Client and Windows Server articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)
  • Security updates to Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Input and Composition, Microsoft Edge, Windows Cryptography, Windows Virtualization, Windows Linux, Windows Kernel, Windows Datacenter Networking, Windows Peripherals, and the Microsoft JET Database Engine.

This update is automatically downloaded and installed by Windows Update. This update is also available in the Microsoft Update Catalog. Microsoft empfiehlt strongly recommends that you install the latest Service Stack Update (SSU) for your operating system before installing the latest Cumulative Update (LCU). Microsoft lists several known issues that the update causes in the KB article.

Updates for Windows 10 Version 1507 till 1709

For Windows 10 RTM up to version 1709 different updates are available for the LTSC versions and Enterprise versions. Here is a short overview. 

  • Windows 10 Version 1709: Update KB4525241 is only available for Enterprise and Education. The update raises the OS build to 16299.1508. The fixes mentioned in the KB article are included. This update is automatically downloaded and installed by Windows Update, but can be downloaded from the Update Catalog. Vor The latest Servicing Stack Update (SSU) must be installed prior to manual installation. Details, including known issues, can be found in the KB article.
  • Windows 10 Version 1703: Update KB4525245 is only available for Enterprise and Education – it is the last security update as support is now ended. The update raises the OS build to 15063.2172 and includes the fixes mentioned in the KB article. This update is automatically downloaded and installed by Windows Update, but can be downloaded from the Microsoft Update Catalog. The latest Servicing Stack Update (SSU) must be installed before manual installation. Details, including known issues, can be found in the KB article. 
  • Windows 10 Version 1607: Update KB4525236 only for Enterprise and Education as well as Windows Server 2016. The update raises the OS build to 14393.3226 and includes the fixes mentioned in the KB article. This update is automatically downloaded and installed by Windows Update, but is available in the Microsoft Update Catalog. The latest Servicing Stack Update (SSU) must be installed before manual installation. Details, including known issues, can be found in the KB article..
  • Windows 10 Version 1507: Update KB44525232 is available for the RTM version (LTSC). The update raises the OS build to 10240.18395 and includes the fixes mentioned in the KB article. This update is automatically downloaded and installed by Windows Update, but is available in the Microsoft Update Catalog. The latest Servicing Stack Update (SSU) must be installed before manual installation. Details, including known issues, can be found in the KB article.

There was no update for Windows 10 V1511, because this version was dropped from support. Details about the above updates can be found in the respective Microsoft KB articles in case of doubt.

Similar articles:
Microsoft Office Patchday (November 5, 2019)
Microsoft Security Update Summary (November 12, 2019)
Patchday: Updates für Windows 7/8.1/Server (12. Nov. 2019)
Patchday Windows 10 Updates (November 12, 2019)

Office November 2019 Updates are causing Access Error 3340

Cookies helps to fund this blog: Cookie settings
Advertising

This entry was posted in Security, Update, Windows and tagged , , , , , , , , . Bookmark the permalink.

One Response to Patchday Windows 10 Updates (November 12, 2019)

  1. EP says:
    2019-11-14 at 6:18

    KB4525245 article has the following note:


    Current status of Windows 10, version 1703

    Windows 10, version 1703 has reached end of service for all editions. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.

    Surface Hub devices remain in support. Starting on November 12, 2019, updates for Windows 10, version 1703 will be available only for Surface Hub devices. Update information and Surface Hub known issues will be listed on this page.

    Reply

Leave a Reply to EP Cancel reply

Your email address will not be published. Required fields are marked *