Patchday: Updates for Windows 7/8.1/Server (Jan. 14, 2020)

Windows Update[German]On 14 January 2020, Microsoft released various (security) updates for Windows 7 SP1 and further updates for Windows 8.1 and the corresponding server versions. Here is an overview of these updates.


Advertising

Updates for Windows 7/Windows Server 2008 R2

A rollup and a security-only update have been released for Windows 7 SP1 and Windows Server 2008 R2 SP1. The update history for Windows 7 can be found on this Microsoft page. Installation requires installed SHA2 support for successful installation of the security updates.

Beginning January 15, 2020, Windows 7 will display a full-screen end-of-support notification in Starter, Home Basic, Home Premium, Professional (without ESU license), and Ultimate. This must then be closed by the user.

As of January 14, 2020, Windows 7 SP1 and Windows Server 2008 R2 SP1 will reach the end of support and will only receive paid security updates under the ESU program.

KB4534310 (Monthly Rollup) for Windows 7/Windows Server 2008 R2

Update KB4534310 (Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1)contains (besides the security fixes of October 2019) improvements and bug fixes and addresses the following:

Security updates to the Microsoft Scripting Engine, Windows Input and Composition, Windows Storage and Filesystems, and Windows Server.

Windows 7 does not appear to be affected by the CryptoAPI vulnerability reported for Windows.

This update is automatically downloaded and installed via Windows Update. The package is also available from the Microsoft Update Catalog and is distributed via WSUS. The installation requires that the SSU (KB4490628 dated March 2019 and the SHA-2 update KB4474419 dated September 10, 2019) is already installed. If installed via Windows Update, this will be installed automatically. After the update installation Microsoft recommends to install the SSU KB4536952 ((if not already installed). This SSU was released on January 14, 2020 and brings improvements to the service stack.

Since August 2019, the SHA-2 update (KB4474419) must be installed before installing this security update. This is because newer updates are only delivered via SHA-2 Code Signing for Windows Update and WSUS. Microsoft has made an update on October 8, 2019. The update should be updated automatically.

Microsoft does not list any known issues for this update. I received feedback within my German blog, that some readers ending with a black background image and no option to change that. Try the workaround: Change the settings to centralize the background image and then switch the settings back to the previous value – maybe that helps.


Advertising

KB4534314 (Security Only) for Windows 7/Windows Server 2008 R2

Update KB4534314 (Security-only update) is available for Windows 7 SP1 and Windows Server 2008 R2 SP1. The update addresses the following issues.

Security updates to Windows Input and Composition, Windows Storage and Filesystems, and Windows Server.

The update is available via WSUS or in the Microsoft Update Catalog.

To install the update, the prerequisites listed in the KB article and above for the rollup update must be met.

When deploying WSUS, please make sure that the above mentioned SSU and SHA-2 updates are installed – the automatic installation is not done via Windows Update. After installation, Windows must be restarted before the security-only update is installed. You should also install the security update KB4534251 for IE. Microsoft does not list any known issues for this update.

Updates f0r Windows 8.1/Windows Server 2012 R2

For Windows 8.1 and Windows Server 2012 R2 a rollup and a security-only update have been released. The update history for Windows 8.1 can be found on this Microsoft page.

KB4534297 (Monthly Rollup) for Windows 8.1/Server 2012 R2

Update KB4534297 (Monthly Rollup for Windows 8.1 and Windows Server 2012 R2) contains improvements and fixes, and addresses the following.

  • Addresses an issue to support new SameSite cookie policies by default for release 80 of Google Chrome.
  • Security updates to the Microsoft Scripting Engine, Windows Input and Composition, Windows Media, Windows Storage and Filesystems, and Windows Server.

This update is automatically downloaded and installed by Windows Update, but is also available in the Microsoft Update Catalog and via WSUS. In case of a manual installation, the latest Servicing Stack Update (SSU KB4524445) must be installed before.

The update has a known issue: Certain actions, such as renaming, that you perform on files or folders that are located on a cluster shared volume (CSV) may fail with the error “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the action on a CSV owner node from a process that does not have administrator privileges. See the KB article for details.

KB4534309 (Security-only update) for Windows 8.1/Server 2012 R2

Update KB4534309 (Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2) addresses the following items.

Security updates to Windows Virtualization, Windows Kernel, Windows Peripherals, and Windows  Server.

The update is available via WSUS or in the Microsoft Update Catalog. The update has the same known issues as the rollup update, these are described in the KB article. In case of a manual installation the latest Servicing Stack Update (SSU) must be installed before. You should also install the security update KB4534251  for IE. For this update, Microsoft lists the same known issues as for rollup update.

Similar articles:
Microsoft Office Patchday (January 7, 2020)
Microsoft Security Update Summary (January 14, 2020)
Patchday: Updates for Windows 7/8.1/Server (Jan. 14, 2020)


Advertising
This entry was posted in Security, Update, Windows and tagged , , , , , , , , . Bookmark the permalink.

2 Responses to Patchday: Updates for Windows 7/8.1/Server (Jan. 14, 2020)

  1. Dan Frazier says:

    What’s the point to KB4536952. Since today’s updates are the last Win7 will get, why does Win7 need an update to make Windows Update work better?

    • guenni says:

      Don’t forget the folks using Extended Security Update program (ESU). They may receive updates until Jan 2023.

Leave a Reply

Your email address will not be published. Required fields are marked *