{"id":11115,"date":"2019-09-11T08:12:53","date_gmt":"2019-09-11T06:12:53","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=11115"},"modified":"2024-10-05T18:51:54","modified_gmt":"2024-10-05T16:51:54","slug":"patchday-updates-for-windows-7-8-1-server-sept-10-2019","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2019\/09\/11\/patchday-updates-for-windows-7-8-1-server-sept-10-2019\/","title":{"rendered":"Patchday: Updates for Windows 7\/8.1\/Server (Sept. 10, 2019)"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline; border-width: 0px;\" title=\"Update\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/02\/Update.jpg\" alt=\"Windows Update\" width=\"54\" height=\"54\" align=\"left\" border=\"0\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2019\/09\/11\/patchday-updates-fr-windows-7-8-1-server-10-sept-2019\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]On September 10, 2019, Microsoft released various (security) updates for Windows 7 SP1 and other updates for Windows 8.1 as well as the corresponding server versions. Here is an overview of these updates.<\/p>\n<p><!--more--><\/p>\n<h2>Updates for Windows 7\/Windows Server 2008 R2<\/h2>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg06.met.vgwort.de\/na\/16eaabb7f9dc433e9b1e0cefeb282e61\" alt=\"\" width=\"1\" height=\"1\" \/>For Windows 7 SP1 and Windows Server 2008 R2 SP1, a rollup and a security-only update have been released. The update history for Windows 7 can be found on <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4009469\" target=\"_blank\" rel=\"noopener noreferrer\">this Microsoft page<\/a>. Installation requires installed SHA2 support to successfully install the security updates.<\/p>\n<h3>KB4516065 (Monthly Rollup) for Windows 7\/Windows Server 2008 R2<\/h3>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4516065\" target=\"_blank\" rel=\"noopener noreferrer\">KB4516065<\/a> (Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1) contains improvements and bug fixes and addresses the following items:<\/p>\n<ul>\n<li>Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as <em>Microarchitectural Data Sampling<\/em>, for 32-Bit (x86) versions of Windows (<a href=\"https:\/\/web.archive.org\/web\/20200916142137\/https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/ADV190013\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2019-11091<\/a>,<a href=\"https:\/\/web.archive.org\/web\/20200916142137\/https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/ADV190013\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2018-12126<\/a>, <a href=\"https:\/\/web.archive.org\/web\/20200916142137\/https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/ADV190013\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2018-12127<\/a>, <a href=\"https:\/\/web.archive.org\/web\/20200916142137\/https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/ADV190013\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2018-12130<\/a>). Use the registry settings as described in the <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4073119\/protect-against-speculative-execution-side-channel-vulnerabilities-in\" target=\"_blank\" rel=\"noopener noreferrer\">Windows Client<\/a> and <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4072698\/windows-server-speculative-execution-side-channel-vulnerabilities-prot\" target=\"_blank\" rel=\"noopener noreferrer\">Windows Server<\/a> articles<em>. <\/em>(These registry settings are enabled by default for Windows Client OS editions and Windows Server OS editions.)<\/li>\n<li>Security updates to Windows App Platform and Frameworks, Windows Input and Composition, Windows Media, Windows Fundamentals, Windows Kernel, Windows Authentication, Windows Datacenter Networking, Windows Storage and Filesystems, the Microsoft JET Database Engine, and Windows Server.<\/li>\n<\/ul>\n<p>In addition to the many unnamed vulnerabilities, the update once again addresses vulnerabilities caused by speculative side-channel attacks. This update is automatically downloaded and installed via Windows Update. The package is also available via <a href=\"https:\/\/www.catalog.update.microsoft.com\/Search.aspx?q=KB4516065\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Update Catalog<\/a> and again distributed via WSUS. The installation requires that the latest SSU (<a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4516655\" target=\"_blank\" rel=\"noopener noreferrer\">KB4516655<\/a>) is already installed. If you install it via Windows Update, it will be installed automatically.<\/p>\n<blockquote><p>Since August 2019, the SHA-2 update (KB447444419) must be installed before installing this security update. This update will only be delivered via SHA-2 Code Signing for Windows Update and WSUS.<\/p><\/blockquote>\n<p>For this update, Microsoft lists the known issue that users may receive an error when opening or using the Toshiba Qosmio AV Center after installing this update. Errors may also occur in the event log associated with cryptnet.dll. Microsoft is working with Toshiba to resolve this issue and will provide a fix with upcoming updates.<\/p>\n<p>But there is a second problem: VBScript in Internet Explorer 11 should be disabled by default after installing KB4507437 (preview of monthly rollup) or KB4511872 (Internet Explorer cumulative update) and later. Under certain circumstances, however, VBScript may not be disabled as intended. The KB article contains instructions on how to solve the issue.<\/p>\n<h3>KB4516033 (Security Only) for Windows 7\/Windows Server 2008 R2<\/h3>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4516033\/\" target=\"_blank\" rel=\"noopener noreferrer\">KB4516033<\/a> (Security-only update) is available for Windows 7 SP1 and Windows Server 2008 R2 SP1. The update addresses the same issues as Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4516065\" target=\"_blank\" rel=\"noopener noreferrer\">KB4516065<\/a> (see above). The update is available via WSUS or in the <a href=\"http:\/\/catalog.update.microsoft.com\/v7\/site\/Search.aspx?q=KB4516033\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Update Catalog<\/a>. If you install the update, you must first install the latest Servicing Stack Update (SSU) (see above). You should also install the security update <a href=\"https:\/\/support.microsoft.com\/help\/4516046\" target=\"_blank\" rel=\"noopener noreferrer\">KB4516046<\/a> or IE. In this update, Microsoft lists the same Toshiba AV Security Center issues as for update KB4516033.<\/p>\n<h2>Updates fo\u00fcr Windows 8.1\/Windows Server 2012 R2<\/h2>\n<p>For Windows 8.1 and Windows Server 2012 R2 a rollup and a security-only update have been released. The update history for Windows 8.1 can be found on <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4009470\/windows-8-1-windows-server-2012-r2-update-history\" target=\"_blank\" rel=\"noopener noreferrer\">this Microsoft page<\/a>.<\/p>\n<h3>KB4516067 (Monthly Rollup) for Windows 8.1\/Server 2012 R2<\/h3>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4516067\" target=\"_blank\" rel=\"noopener noreferrer\">KB4516067<\/a> (Monthly Rollup for Windows 8.1 and Windows Server 2012 R2) contains improvements and fixes, and addresses the following istems.<\/p>\n<ul>\n<li>Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as <em>Microarchitectural Data Sampling<\/em>, for 32-Bit (x86) versions of Windows (<a href=\"https:\/\/web.archive.org\/web\/20200916142137\/https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/ADV190013\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2019-11091<\/a>,<a href=\"https:\/\/web.archive.org\/web\/20200916142137\/https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/ADV190013\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2018-12126<\/a>, <a href=\"https:\/\/web.archive.org\/web\/20200916142137\/https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/ADV190013\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2018-12127<\/a>, <a href=\"https:\/\/web.archive.org\/web\/20200916142137\/https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/ADV190013\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2018-12130<\/a>). Use the registry settings as described in the <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4073119\/protect-against-speculative-execution-side-channel-vulnerabilities-in\" target=\"_blank\" rel=\"noopener noreferrer\">Windows Client<\/a> and <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4072698\/windows-server-speculative-execution-side-channel-vulnerabilities-prot\" target=\"_blank\" rel=\"noopener noreferrer\">Windows Server<\/a> articles<em>. <\/em>(These registry settings are enabled by default for Windows Client OS editions and Windows Server OS editions.)<\/li>\n<li>Security updates to Windows App Platform and Frameworks, Windows Kernel, Windows Input and Composition, Windows Media, Windows Fundamentals, Windows Authentication, Windows Datacenter Networking, Windows Storage and Filesystems, the Microsoft JET Database Engine, and Windows Server.<\/li>\n<\/ul>\n<p>This update is automatically downloaded and installed by Windows Update, but is also available from the <a href=\"http:\/\/catalog.update.microsoft.com\/v7\/site\/Search.aspx?q=KB4516067\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Update Catalog<\/a> For manual installation, the latest Servicing Stack Update (SSU) must be installed first.<\/p>\n<p>The update has a known problem: Certain operations, such as renaming files or folders located on a cluster shared volume (CSV), may fail with the error \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the action on a CSV owner node from a process that does not have administrator privileges. See the KB article for details.<\/p>\n<h3>KB4516064 (Security-only update) for Windows 8.1\/Server 2012 R2<\/h3>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4516064\" target=\"_blank\" rel=\"noopener noreferrer\">KB4516064<\/a> (Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2) addresses the same points as update KB4516067. The update is available via WSUS or via the <a href=\"http:\/\/catalog.update.microsoft.com\/v7\/site\/Search.aspx?q=KB4516064\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Update Catalog<\/a>. The update also has known issues that are described in the KB article. For a manual installation, the latest Servicing Stack Update (SSU) must be installed beforehand. For this update, Microsoft lists the same issues as for update KB4512488.\u00a0 You should also install the <a href=\"https:\/\/support.microsoft.com\/help\/4516046\" target=\"_blank\" rel=\"noopener noreferrer\">KB4516046<\/a> update for IE.<\/p>\n<p><strong>Similar articles:<br \/>\n<\/strong><a href=\"https:\/\/web.archive.org\/web\/20230204151838\/https:\/\/borncity.com\/win\/2019\/09\/04\/microsoft-office-patchday-september-3-2019\/\">Microsoft Office Patchday (September 3, 2019)<\/a><br \/>\nAdobe Flash Player 32.0.0.255<br \/>\n<a href=\"https:\/\/web.archive.org\/web\/20230320122900\/https:\/\/borncity.com\/win\/2019\/09\/11\/microsoft-security-update-summary-september-10-2019\/\">Microsoft Security Update Summary (September 10, 2019)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2019\/09\/11\/patchday-updates-for-windows-7-8-1-server-sept-10-2019\/\">Patchday: Updates for Windows 7\/8.1\/Server (Sept. 10, 2019)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2019\/09\/11\/patchday-windows-10-updates-september-10-2019\/\">Patchday: Windows 10 Updates (September 10, 2019)<\/a><br \/>\n<a href=\"https:\/\/web.archive.org\/web\/20230328114820\/https:\/\/borncity.com\/win\/2019\/09\/11\/patchday-microsoft-office-updates-september-10-2019\/\">Patchday Microsoft Office Updates (September 10, 2019)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]On September 10, 2019, Microsoft released various (security) updates for Windows 7 SP1 and other updates for Windows 8.1 as well as the corresponding server versions. Here is an overview of these updates.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,22,2],"tags":[2096,2098,2095,2097,69,195,194],"class_list":["post-11115","post","type-post","status-publish","format-standard","hentry","category-security","category-update","category-windows","tag-kb4516033","tag-kb4516064","tag-kb4516065","tag-kb4516067","tag-security","tag-update","tag-windows"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/11115","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=11115"}],"version-history":[{"count":1,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/11115\/revisions"}],"predecessor-version":[{"id":35585,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/11115\/revisions\/35585"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=11115"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=11115"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=11115"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}