News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Patch Tuesday patches start rolling out

    Posted on February 12th, 2019 at 12:14 woody Comment on the AskWoody Lounge

    Martin Brinkmann is out with his usual monthly overview

    • Windows 7: 24 vulnerabilities of which 3 are rated critical and 21 are rated important.
    • Windows 8.1: 25 vulnerabilities of which 3 are rated critical and 22 are rated important.
    • Windows 10 version 1709: 29 vulnerabilities of which 3 are critical and 26 are important
    • Windows 10 version 1803: 29 vulnerabilities of which 3 are critical and 26 are important
    • Windows 10 version 1809: 28 vulnerabilities of which 3 are critical and 25 are important

    All versions of Windows, all versions of Server, Edge, IE, Office, .NET, and much more.

    May the odds be forever in your.. oh, nevermind.

    Dustin Childs has his Zero Day Initiative post – always good reading.

    …security patches for 77 CVEs along with three new advisories.

    Of these 74 CVEs, 20 are rated Critical, 54 are rated Important, and three are rated Moderate in severity. A total of 21 of these CVEs came through the ZDI program. Four of these bugs are listed as public and one is listed as being under active attack at the time of release.

    The actively exploited vulnerability:

    An attacker could use this to check for files on a target system if a user browses [with Internet Explorer] to a specially crafted website. Microsoft doesn’t list how this bug is being exploited in the wild, but it’s likely restricted to targeted attacks.

    And of course you aren’t using IE. Right?

    There are new Servicing Stack Updates for:
    Win10 v1607  KB 4485447
    Win10 v1703  KB 4487327
    Win10 v1709  KB 4485448
    Win10 v1803  KB 4485449
    Servicing stack updates only count if you manually install the Windows 10 cumulative updates. And, of course, you followed my Block Monday advice and wouldn’t dream of installing any patches, much less manually install Win10 cumulative updates.
    February 2019 Security Updates for Microsoft Office 2010, Office 2013, Office 2016, the Office Viewers, and SharePoint Servers are available on the Office Support Pages. These Updates are for the .msi versions of Office, not Office 365 or C2R.
    If that helped, take a second to support AskWoody on Patreon

    Home Forums Patch Tuesday patches start rolling out

    This topic contains 45 replies, has 21 voices, and was last updated by

     PKCano 1 month, 3 weeks ago.

    • Author
      Posts
    • #325634 Reply

      woody
      Da Boss

      Weird. At this moment, I see the Win8.1 Monthly Rollup, but none of the others. Updates as things progress. (Assuming they do.)
      [See the full post at: Patch Tuesday patches start rolling out]

      5 users thanked author for this post.
    • #325662 Reply

      EP
      AskWoody_MVP

      KB4486563 (security monthly) and KB4486564 (security-only) updates for Windows 7
      https://www.catalog.update.microsoft.com/Search.aspx?q=4486563
      https://www.catalog.update.microsoft.com/Search.aspx?q=4486564

      • #326326 Reply

        PKCano
        Da Boss

        Group B Security-only  and IE11 CU Updates for both Win7 and Win8.1 are downloadable from AKB2000003  on this site immediately after their release on Patch Tuesday each month.

        1 user thanked author for this post.
    • #325708 Reply

      WildBill
      AskWoody Plus

      Everything for Win 8.1 is in the Update Catalog now; I see @pkcano added the usual suspects to AKB2000003 while I was doing a full list:

      KB4487080 – Security & Quality Rollup for .NET Framework

      KB4487038 – Security Update for Adobe Flash Player

      Windows 8.1, 64-bit, now in Group B!
      Wild Bill Rides Again...

      • This reply was modified 2 months, 1 week ago by
         WildBill.
      1 user thanked author for this post.
    • #325709 Reply

      PKCano
      Da Boss

      Group B Security-only and IE11 Cumulative Updates have been updated Feb 12, 2019 on AKB2000003.

      7 users thanked author for this post.
    • #325710 Reply

      Barry
      AskWoody Plus

      Installed on my 1809 Machine.

      cumulative update for 1809, Adobe security update and another .net update(nothing about it being a preview)

      All installed with no problems.

      Barry

       

      Barry (Seeker)

    • #325720 Reply

      Microfix
      Da Boss

      Martin Brinkmann has the February 2019 patch roundup over at Ghacks:
      https://www.ghacks.net/2019/02/12/microsoft-windows-security-updates-february-2019-overview/

      | W8.1 Pro x64 | Linux x64 Hybrids | W7 Pro x86 | XP Pro O/L
      3 users thanked author for this post.
    • #325775 Reply

      anonymous

      Big batch of Exchange Server updates too, to address the security issue posted here a while back.

    • #325830 Reply

      anonymous

      How about win 2016 express updates which were anounced to be reenabled in 2018 November? Am I only one who cant find these updates?

    • #325869 Reply

      anonymous

      Win 8.1 x64 – updated, no problems.

      Win XP  – updated, problems – uninstalled KB4487085 which might have something to do with file  mf3216.dll – no further problems.   Was getting things like no entry point for function sprintf_s and some other non-specific errors.   But, all better now.

      1 user thanked author for this post.
    • #325904 Reply

      Zaphyrus
      AskWoody Lounger

      Since this news has to do with Windows Update, I will report it here, fellow Loungers, I would like to report that there are some that are stil lhaving problems with Windows Update

      I ignore if we are the 1% or the 0.0000000000001%

      what I want to say is that there are still some users having issues with the WU servers

      Just someone who don't want Windows to mess with its computer.
    • #325966 Reply

      anonymous

      There were four non-security updates that came out a week ago – KB4462172 (Office 2010), KB4462182 (Outlook 2010), KB4462187 (Office 2010), and KB3115314 (Visio 2010). These were all unchecked in Windows Update when they appeared, and are still unchecked. Any idea what the issue is with these?

    • #326002 Reply

      LTL
      AskWoody Plus

      Can someone please enlighten me about the following:

      Today my Win10 showed the message “We’re adding additional features” accompanied by the word “Monday”.

      When I click on it, I see this list:
      English (US): optical character recognition + speech recogniton + text-to-speech + typing (<seperately ordered)
      Internet Explorer 11
      Math recognition
      Microsoft Quick Assist
      OpenSSH Client
      Windows Hello Face
      Windows Media Player

      Apart from the fact that I don’t need or want most features, I wonder how the message and list got through? I have updates scrambled/blocked by WuMgr (and indeed no updates are downloaded or installed without my consent).

      So how does this work on Windows 10 (Pro 1809)?
      Can I keep my pc free of this kind of ‘spam’?

      EDIT: I found part of the ‘what is it?’. Turns out they are additional features that you CAN install.
      But the question remains: how and why did they pop up all over sudden?

       

      P.S. @woody & crew: I couldn’t insert the list as an image, because I still don’t see the ‘Attach file’ option. What’s up with that?

      • This reply was modified 2 months, 1 week ago by
         LTL. Reason: EDIT
      • This reply was modified 2 months, 1 week ago by
         LTL.
    • #326113 Reply

      woody
      Da Boss

      I couldn’t insert the list as an image, because I still don’t see the ‘Attach file’ option. What’s up with that?

      Attach file comes and goes for no discernible reason. Fixing it’s not yet top priority. We have a big whale looming, and if we don’t get it swallowed, it may well disappear….

      1 user thanked author for this post.
      LTL
      • #326116 Reply

        LTL
        AskWoody Plus

        I’m sure Ahab Leonard will manage that Moby Dick  🙂

    • #326169 Reply

      b
      AskWoody Plus

      There are new Servicing Stack Updates for:
      Win10 v1607 KB 4485447
      Win10 v1703 KB 4487327
      Win10 v1709 KB 4485448
      Win10 v1803 KB 4485449

      The list of SSUs at ADV990001 | Latest Servicing Stack Updates currently lists KB4485449 as the latest SSU for 1809/x64. But that’s incorrect. That one’s for 1803 and 1809 didn’t get one today; the latest for 1809 being KB4470788 from December.

      Cannon fodder Chump Daft glutton Idiot Sucker More intrepid Crazy/ignorant Toxic drinker Saluted blockhead "Finger sharpener" (Group ASAP) WX1903

      1 user thanked author for this post.
    • #326178 Reply

      mbhelwig
      AskWoody Lounger

      KB4486563 — Monthly Rollup for Windows 7 — February 12, 2019 arrived this morning —

      NOTE — The notes have been updated in the last 4 hours (Last Updated: Feb 13, 2019) —   A note about Japanese formatting was not there at 7am Brisbane (Australian time) and is there now at 12 noon.

      A couple of questions —

      The note about “After you apply this update, the network interface controller may stop working on some client software configurations. This occurs because of an issue related to a missing file, oem<number>.inf. The exact problematic configurations are currently unknown.Known issues in this update” has been there since March 2018 and is now missing.

      Does this mean that this has now been fixed ????

      Can anyone verify that the Jet Database problem introduced by M$ in January 2019 updates has been fixed — both in Win 7 and Win 10  1809.

      Apart from a win 10  1809 computer (experimental use only), all other win 7 computers that I am responsible for are updated to December 2017 only — until M$ sorts out their inability to publish non destructive updates.

      mbhelwig

      1 user thanked author for this post.
    • #326188 Reply

      anonymous

      ? says:

      i think i will take the good advice and wait awhile on this batch. my friends over at msfn are reporting various snafu’s on the February XP patches on Pp. 181 and 182:

      https://msfn.org/board/topic/171814-posready-2009-updates-ported-to-windows-xp-sp3-enu/?page=181

      https://msfn.org/board/topic/171814-posready-2009-updates-ported-to-windows-xp-sp3-enu/?page=182

      njoy!

       

       

    • #326223 Reply

      glnz
      AskWoody Lounger

      MS has even screwed up the updates for POS 2009 (which we XP users have been using to update our XP machines).

      See THIS POST AT MSFN and following entries.

    • #326224 Reply

      anonymous

      KB4486564 is called this on the windows update catalog”

      “2019-02 Security Only Quality Update for Windows 7″[ Specific Version/Other hardware related , x86, x64, othe info etc.] (KB4486564)

      And Martin Brinkmann of ghacks is calling it: “KB4486564 — Security-only Rollup”

      And that’s confusing as I thought that the “Security Only Quality Update for Windows 7” is not a rollup and is not cumulative.

      From Microsoft’s Description of the standard terminology that is used to describe Microsoft software updates webpage:

      “Security-only update

      Definition: An update that collects all the new security updates for a given month and for a given product, addressing security-related vulnerabilities and distributed through Windows Server Update Services (WSUS), System Center Configuration Manager and Microsoft Update Catalog. Security vulnerabilities are rated by their severity. The severity rating is indicated in the Microsoft security bulletin as critical, important, moderate, or low. This Security-only update would be displayed under the title Security Only Quality Update when you download or install the update and will be classified as an “Important” update.

      • Monthly RollupDefinition: A tested, cumulative set of updates. They include both security and reliability updates that are packaged together and distributed over Windows Update, WSUS, System Center Configuration Manager and Microsoft Update Catalog for easy deployment. The Monthly Rollup is product specific, addresses both new security issues and nonsecurity issues in a single update and will proactively include updates that were released in the past. Security vulnerabilities are rated by their severity. The severity rating is indicated in the Microsoft security bulletin as critical, important, moderate, or low. This Monthly Rollup would be displayed under the title Security Monthly Quality Rollup when you download or install. This Monthly Rollup will be classified as an “Important” update on Windows Update and will automatically download and install if your Windows Update settings are configured to automatically download and install Important updates.”
      • Why are folks in the press not using the Microsoft’s nomencalture to avoid confusion!

      (1)

      “Description of the standard terminology that is used to describe Microsoft software updates”

      https://support.microsoft.com/en-us/help/824684/description-of-the-standard-terminology-that-is-used-to-describe-micro

       

      Edited for HTML. Please use the text tab for copy/paste.

       

      1 user thanked author for this post.
      Ed
      • #326243 Reply

        Elly
        AskWoody MVP

        And that’s confusing as I thought that the “Security Only Quality Update for Windows 7” is not a rollup and is not cumulative.

        It is a rollup of what would have been separate security KBs issued in the past… a rollup of all of that month’s security updates, that is why there is only one. They aren’t just fixing one thing each month.

        It is not cumulative in that it only has one month’s worth of fixes… and you have to apply each month’s Security Only Quality Updates all the way back to when the Monthly Rollups started, to get all the security updates accumulated/included in a single Monthly Quality and Security Rollup.

         

        Win 7 Home, 64 bit, Group B

        • #326499 Reply

          Ed
          AskWoody Lounger

          No disrespect to you Elly but @anonymous is right, Brinkman’s wording there is confusing. However, in the “Direct update downloads” section further down in his article he does word both of them properly.

          Since Groups A and B began existence the easiest distinguishing factor to separate the monthly Security update for Groups A and B is the word “Rollup” in the title. If it has the word “Rollup” in it then it’s for the Group A folks.

          This advice has been given here at Woody’s countless times.

          1 user thanked author for this post.
          • #326567 Reply

            Elly
            AskWoody MVP

            Per Microsoft’s description Security Only “collects(not rolls up- you are right @ed) all the new security updates for a given month and for a given product” while the Monthly Rollup rolls security and reliability updates together.

            But tell me that Microsoft wasn’t deliberately trying to obfuscate the differences by using the same words in each of them- ex- Security, Quality, and Update being used in both ‘titles’.

            I think that most people here at AskWoody simply use Security Only vs Monthly Rollup as that seems to clarify better than Microsoft’s usage and definitions.

            For just one example of why journalists are as confused as any one else, Microsoft started using the word “seeker” and when I search for an “official” definition within Microsoft, none comes up, today, except a totally unrelated usage on a development page:

            Wi-Fi Direct Services are the way that one device (a Service Advertiser) offers capabilities to another device (a Service Seeker) over a Wi-Fi Direct connection. A seeker makes use of an advertised service by establishing a session. A given device can advertise multiple services and also seek multiple services. The Seeker and Advertiser roles are defined with respect to how the devices interact in a particular session.

            Or bringing up a bunch of games that have that word associated with them. Maybe some game-playing Microsoft employee simply brought the word forward from those, as an apt description of how seekers get trapped into applying updates?

            And that is not defining W10 seekers… No matter, Microsoft started using the term and it was and is up to the rest of us, including journalists, to figure it out. Woody in 1802 Pushy Upgrads Never Give a Seeker an Even Break explained the term as used for updating for the rest of us.

            Microsoft’s lack of documentation, along with changes in expected behavior happening on a regular basis leaves everyone confused… and I think they like it that way… Microsoft uses it as another way of not being accountable to their customers.

            Windows is no longer defined as an operating system in their privacy statement…

            Windows is a personalized computing environment that enables you to seamlessly roam and access services, preferences, and content across your computing devices from phones to tablets to the Surface Hub. Rather than residing as a static software program on your device, key components of Windows are cloud-based

            You actually have to follow a link to another page to find the word operating system… and the definition of that is being morphed, too.

            Surprising for those of us who purchased an operating system’s license…

            My sympathies to Ed Bott, and Woody, and Susan Bradley, and all the other long time Windows experts that try to keep us informed… Its absolutely remarkable that more ‘mistakes’ aren’t made.

            Win 7 Home, 64 bit, Group B

            1 user thanked author for this post.
    • #326258 Reply

      anonymous

      My Win 7pro system just had Silverlight offered as an optional install. First time I’ve seen it in a few years. I always hid it in the past (probably ten times) and did so again now. Surprising to see it again considering they stopped developing it a few years ago.

      1 user thanked author for this post.
      • #326576 Reply

        Geo
        AskWoody Plus

        I uninstalled  Silverlight but  a up date keeps showing up.  I hide it but it shows up the next day.

        • #326613 Reply

          Microfix
          Da Boss

          Even when uninstalling ‘sliverlight’ it still leaves hundreds of useless keys in the registry, I’ve been there and NEVER again will I make that mistake.

          | W8.1 Pro x64 | Linux x64 Hybrids | W7 Pro x86 | XP Pro O/L
    • #326267 Reply

      Terring
      AskWoody Lounger

      Can somebody explain me why my Windows 10 is automatically updating right now, while having my connection marked as metered?

      My English is far from perfect and I want to improve it. If you find any mistakes (especially the grammar ones), feel free to correct me.

    • #326317 Reply

      Microfix
      Da Boss

      Report on 2 laptop devices using Windows 8.1 Pro x64 (Not VM’s)
      Performed the usual imaging prior to installation.
      Installed the following:

      kb4487000 – 2019-02 Security and Quality Rollup for Windows 8.1
      Event servicing:
      Package KB4487000 was successfully changed to the Installed state.
      no errors in event viewer

      kb4487080 – 2019-02 Security and Quality Rollup for .NET Framework
      Installation status: Succeeded
      no errors in event viewer

      Habitual post patch install maintenance:
      ‘Replaced WinSxS Assembly’ and ‘Net Assembly Cache’ clean-up
      (removes installation data within OS) using dism++
      (restart), ran Disk clean-up, performed W8.1 maintenance and ‘Optimise drives’ (SSD’s)

      After post install maintenance both laptops are stable, lean and snappy.

      | W8.1 Pro x64 | Linux x64 Hybrids | W7 Pro x86 | XP Pro O/L
      2 users thanked author for this post.
    • #327502 Reply

      EP
      AskWoody_MVP

      So far no serious problems with KB4486563 on my Win7 SP1 machines and with KB4487000 on my dad’s Win8.1 laptop.

      Unrelated note but I saw this recent blog on Born’s Tech and Windows World site yesterday about new Win7 SP1 ISOs:
      https://borncity.com/win/2019/02/15/tip-new-windows-7-sp1-isos-install-image-downloadable/

      I was unable to create a separate topic about that, even when I logged in to the askwoody web site as it would not let me.

      • #327534 Reply

        PaulK
        AskWoody Lounger

        The ‘HomePremium x64’ file – – Size: 5.68 GB (6,101,768,192 bytes)

    • #328236 Reply

      EEEVA
      AskWoody Lounger

      …Habitual post patch install maintenance: ‘Replaced WinSxS Assembly’ and ‘Net Assembly Cache’ clean-up (removes installation data within OS) using dism++ (restart), ran Disk clean-up, performed W8.1 maintenance and ‘Optimise drives’ (SSD’s) After post install maintenance both laptops are stable, lean and snappy.

      Can you please describe your post-cleanup procedure in a little more detail? I think there are many of us who’d like to do the same.

      • #328407 Reply

        anonymous

        Microfix will best describe that routine for you. I only wanted to insert my interpretation of the parenthetical notes. I also would do a thorough cleaning after every month’s update cycle, and was surprised to read some recommendations to do your deep cleaning before each month’s patches. Took me a bit to understand why.

        Turns out I was defeating some built-in tools for rolling back by deleting the files that make that possible. On the other hand, there were two policies that lessened the danger. First is following the MS-DEFCON rating and Woody’s instructions. This makes it very unlikely I will need to rollback because I have waited to learn of bugs in the patches. Second is having disk images, or full and incremental backups, available. This means in that very unlikely event I want to rollback I do not have to rely on Windows tools to do it. Instead I will revert to a saved image, or recover from backup media.

        So for my use, I continue with removing clutter as soon as I am happy with how things function. But I wanted to show there are trusted opinions that do it differently than I do.

      • #328665 Reply

        Microfix
        Da Boss

        New topic posted for your assistance:
        windows-8-1-post-patch-maintenance

        | W8.1 Pro x64 | Linux x64 Hybrids | W7 Pro x86 | XP Pro O/L
    • #330853 Reply

      anonymous

      Win 10 1709 64 bit.  February delta and cumulative updates stable after 4 days.

    • #334876 Reply

      anonymous

      How do I install Windows Xp updates that MS release two months ago?

      Notice: your post was off-topic where it was originally submitted and has been mover to this thread on Windows patching. Please be sure to post in an appropriate Topic.

       

      • #334885 Reply

        PKCano
        Da Boss

        The patches released for Win XP are listed on MS Software Update Services Pages. You can get the KB numbers from there. You can download the individual patches from the MS Update Catalog by entering the KB numbers and install them manually. The patches are for Win XP POSReady 2009.

        Or, you can use Windows Update through Win XP if yours is POSReady 2009.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Patch Tuesday patches start rolling out

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information: