They’re marked: IMPORTANT This is a required security update that expands the out-of-band update dated September 23, 2019. This security update includ
[See the full post at: Heads up! 50 new security patches just pushed to the Update Catalog]
![]() |
There are isolated problems with current patches, but they are well-known and documented on this site. |
SIGN IN | Not a member? | REGISTER | PLUS MEMBERSHIP |
-
Heads up! 50 new security patches just pushed to the Update Catalog
Home » Forums » Newsletter and Homepage topics » Heads up! 50 new security patches just pushed to the Update Catalog
- This topic has 71 replies, 31 voices, and was last updated 3 years, 4 months ago.
AuthorTopicwoody
ManagerViewing 30 reply threadsAuthorReplies-
Microfix
AskWoody MVP -
PKCano
Manager -
Microfix
AskWoody MVP -
PKCano
ManagerSorry, wrong tense, but I was quoting (my bolding).
IMPORTANT This is a required security update that will be offered to all customers automatically. To help secure your devices, we recommend that you install this update as soon as a possible and restart your PC to fully apply the mitigations. Like all rollup updates, this update supersedes any preceding update.
Note This update does not replace the upcoming October 2019 monthly update, which is scheduled to release on October 8, 2019.
-
-
-
grant.gardner
AskWoody Plus-
woody
ManagerYes. Patch Tuesday this month will include previous cumulative updates (unless somebody changes their mind again).
Big questions at this point: (1) Is an attack imminent and (2) Are there any additional bugs?
Patches like this are notorious for triggering an absolute shirtstorm of bugs.
-
Tom-R
AskWoody Plus -
woody
ManagerGood question. The concomitant question is whether we should go to MS-DEFCON 4 or 5.
At this point, I’m watching for evidence of bugs in this for-real out-of-band patch. If it looks clean, I’ll probably advise that people install it.
But it’s still too early to tell – and I still have no indication whether CVE-2019-1367 is an ongoing concern for the 95% of all Windows users who don’t use IE. The Security Advisory has been updated to show the new patches – but there’s no change in the wimpy description. Clément Lecigne hasn’t said anything, either.
-
anonymous
Guest
-
-
Bluetrix
AskWoody MVPIs it safe to assume that these updates will be incorporated into the standard patch Tuesday updates that are due out next week?
For:
KB4524147 CU for 1903 (build 18362.388)
KB4524148 CU for 1809 (build 17763.775)
KB4524149 CU for 1803 (build 17134.1040)Note This update does not replace the upcoming October 2019 monthly update, which is scheduled to release on October 8, 2019.
That’s from Microsoft
Edit to add: Like Woody said, (unless somebody changes their mind again).
-
grant.gardner
AskWoody PlusIs it safe to assume that these updates will be incorporated into the standard patch Tuesday updates that are due out next week?
For:
KB4524147 CU for 1903 (build 18362.388)
KB4524148 CU for 1809 (build 17763.775)
KB4524149 CU for 1803 (build 17134.1040)Note This update does not replace the upcoming October 2019 monthly update, which is scheduled to release on October 8, 2019.
That’s from Microsoft
Edit to add: Like Woody said, (unless somebody changes their mind again).
We don’t use IE on any of our servers and don’t have the printing issue. Would rather wait for the standard Patch Tuesday stuff and install later this month once its given the go ahead by “the patch lady”. Heck, I just installed Septembers updates this week.
PKCano
Managerarmond
AskWoody Lounger-
woody
Manager -
Susan Bradley
ManagerDid into the printer driver setting and make sure that rebooting hasn’t moved a printer from the setup you like/that works to one that doesnt.
I have a home pc that on occasion will reboot and my HP multi will move from tcp/ip setup to that web stupid printer driver thingy that never works.
Susan Bradley Patch Lady
Alex5723
AskWoody PlusThey’re marked: IMPORTANT This is a required security update that expands the out-of-band update dated September 23, 2019. This security update includ
[See the full post at: Heads up! 50 new security patches just pushed to the Update Catalog]?
You meant September 23.
1 user thanked author for this post.
-
woody
Manager
IndyPilot80
AskWoody Lounger-
grant.gardner
AskWoody Plus
DrBonzo
AskWoody PlusScroll to the bottom of the following link under Revisions and it reads as though the only purpose of today’s new update is to fix the printer issue.
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1367
This is what it says:
To address a known printing issue customers might experience after installing the Security Updates or IE Cumulative updates that were released on September 23, 2019 for CVE-2019-1367, Microsoft is releasing new Security Updates, IE Cumulative Updates, and Monthly Rollup updates for all applicable installations of Internet Explorer 9, 10, or 11 on Microsoft Windows. Please see the Security Updates table for CVE-2019-1367 for the new updates. Note that these updates are available automatically via Windows Update, WSUS, or manually from the Microsoft Update Catalog. This release is separate from the October Update Tuesday release, which is scheduled for October 8, 2019
2 users thanked author for this post.
-
armond
AskWoody LoungerAs far as I know and tested, HP printer issue have nothing to do with the Print Spooler service, as I did not have any printing issue with other priters I tried with any of the recent Windows 10 Cumulative Update updates.
Hopefully at least HP comes up with a solution, as I really like my HP printer and its Instant Ink free plan. Thanks so much for your time. -
cogx
AskWoody LoungerNot just HP for us, but Ricoh printers are causing us fits now too. In one such case, installed today’s (10/3/19) update (for Windows 8.1) and it didn’t fix the application crashing when trying to print to that particular Ricoh. It’s not the spooler crashing, it is the application trying to print to that particular Ricoh USB connected printer (Word, Chrome, etc.)
The user’s other printer (network printer, also a copier Ricoh model) works and the Adobe PDF printer driver works.I know we scream about a lot of buggy patches, but the truth is, with the ~450 computers I directly support, and the three thousand more where I work, we rarely run into the “known issues” from various MS patches. The last one I can recall was a bad MS AV update.
Every year or two a screwy Word or Excel patch will get us. But, now they have really gone and done it, breaking printing is like the number one cardinal sin where I work. Printing is all anyone cares about.
-
woody
ManagerIt could be that this out-of-band patch was re-issued to fix both the printer and .NET 3.5 installation bugs. But more importantly, it’s a for-real out-of-band update, with appropriate distribution.
It’s also been ten days since MS initially dropped the CVE. Is it possible that this is a real threat? If so, why haven’t we heard anything about it? At least MS is giving it more attention.
-
WildBill
AskWoody PlusCan confirm it’s a real out-of-band update, since KB4521456 replaced KB4516067 on my Win8.1 machine. Main Question: Besides possibly fixing the breaking .NET 3.5 problem & the breaking printers problem (no printer attached on my laptop), does it properly fix CVE-2019-1367? That’s the $64,000,000 question! You just bumped us to MS-DEFCON 3 yesterday; been slow in patching, but I’d hate to patch today & find we’re still getting messed up. As Patch Lady said in Monday’s Plus Newsletter, Issue 16.35.0:
Bottom line: Microsoft handled these updates poorly. At this time, the IE exploits appear to be highly targeted and narrowly applied. But the company hasn’t clearly spelled out the extent of the threat — except indirectly by making the fix relatively difficult to get.
2 Machines for Now!
#1: Windows 8.1, 64-bit, back in Group A.
#2: Getting close to buying a refurbished Windows 10 64-bit, recently updated to v1909. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...1 user thanked author for this post.
CADesertRat
AskWoody PlusIt’s been an interesting morning, I have 4 computers (W10 Pro 1809) which all started out with the same updates until WU this morning. See my results in another post. MS is changing updates FAST.
Don't take yourself so seriously, no one else does 🙂
All W10 Pro at 22H2,(2 Desktops, 1 Laptop).Mr. Natural
AskWoody Loungerbbearren
AskWoody MVPI got KB4524147 earlier today. Nothing unusual, as usual for me.
Create a fresh drive image before making system changes/Windows updates, in case you need to start over!We all have our own reasons for doing the things that we do. We don't all have to do the same things.1 user thanked author for this post.
Barry
AskWoody LoungerI got KB4524147 earlier today. Nothing unusual, as usual for me.
Downloading it now. I might add it did not give the option to defer. As soon as i hit check for update it started downloading.
Barry
Windows 10 Home V 20H21 user thanked author for this post.
-
woody
Manager -
Barry
AskWoody Lounger -
woody
ManagerOops. I should’ve looked at your signature.
Yeah, that would be in keeping with the new updating method – in fact, unless you’ve clicked “Defer updates,” today’s cumulative update would’ve installed whether you clicked Check for updates or not.
1 user thanked author for this post.
-
-
Microfix
AskWoody MVPsatirical view/
so in essence these patches seem to suggest the following:
IE zeroday is now fixed, we think!..but
RPC may or may not work so..
If your printer works, the patch will bork it
If your printer didn’t work before this patch, it’s still borked.
If you don’t have a printer think yourself lucky punk.
And to top it all off…there’s skeletal documentation about these patchesAha! no IE zeroday patch printer works..oh dear, rock and a hard place. /satirical view
popcorn time on linux..WaaS = Windows as a Syphon...suckers!
Geo
AskWoody Plus-
KP
AskWoody PlusWin 7 – 32 bit (KB4524157)
I say back to DefCon 1 or 2 for this.
DefCon 3 for the September Patches. Unfortunately it means you have to manually download the patches from the Microsoft Update Catalog.
-
jburk07
AskWoody Plus@KP –
When I hid KB4524157, the September patches reappeared in Windows Update, so you could do that instead of downloading them from the catalog.Linux Mint Cinnamon 19.3
Group A:
Win7 Pro x64 SP1 Haswell, 0patch Pro, dual boot with Linux
Win7 Home Premium x64 SP1 Ivy Bridge, 0patch Pro
Win 10 Pro x64 v21H2 Ivy Bridge, dual boot with Linux-
This reply was modified 3 years, 4 months ago by
jburk07.
1 user thanked author for this post.
-
This reply was modified 3 years, 4 months ago by
-
Mr. Natural
AskWoody LoungerSo is this the new norm now? Put them out on Microsoft Download Catalog first so that the “seekers” can beta test before releasing to Windows Update. Then let the Windows Update “seekers” have at it for the second round of beta testing.
Perhaps not a bad idea the way this whole A.I. thing is going. 🙁
Red Ruffnsore
3 users thanked author for this post.
anonymous
GuestToo Much KB overload and I have skipped the Telemetry “Security Only” months and really I’m only interested in the 2019 Oct W7 Security Only(If No telemetry is included) and the Oct IE cumulative security only updates for Windows 7.
It’s just too much to worry about all of the out of band IE updates with IE getting its usual cumulative security patching each month anyways.
I’m using only Firefox for browsing until the Oct 2019 IE cumulative updates get DEFCON 3/higher rated, and actually Firefox is a lot better for browsing than IE regardless of any IE Zero Days.
Hopper15
AskWoody LoungerT
AskWoody PlusI’m so confused by this – if this is a monthly rollup then does that mean it includes all the junk those of us who are security only wish to avoid? I’m now conditioned to avoid anything rollup in the title and checking the file information for this update shows it does contain files like diagtrack and such. Therefore, where is the security only version? I want that one, i’m not about to start installing rollups.
-
PKCano
ManagerThe fix is in the IE11 CU which Group B installs.
Since Group A doesn’t have separate patches, and theri IE11 fix is part of the Rollup, Group A gets a Rollup (yes, it is a Rollup)
AKB200003 has been updated with the IE11 patch, but Woody has not blessed it yet.WAIT.
1 user thanked author for this post.
-
T
AskWoody Plus
-
ashfan212
AskWoody LoungerWindows 7 x64 Home Premium Group A
KB4524157 is described as a monthly rollup. Therefore, all of its enhancements will be contained (presumably) in next Tuesday’s scheduled October monthly rollup.
Accordingly, I cannot conceive why today’s monthly rollup can be deemed “important” and mandatory when its replacement will be available in 5 days.
I assume that the consensus advice would be to ignore this rollup update.
anonymous
Guestabbodi86
AskWoody_MVP-
woody
Manager
Speccy
AskWoody Loungerrozmansi
AskWoody LoungerThe KB4524135 and KB4524156 installed on our Windows Server 2012R2 over the night and all JScript legacy ASP websites broke: heap corruption, unknown variable values, garbage in error responses. Event log was full of “Error: File /index.asp Unexpected error. A trappable error (C0000005) occurred in an external object. The script cannot continue running..” messages. Clicking refresh on any website gave a couple of successful responses, followed by a 500 Internal Server Error, and again some sucessful responses…
VBScript pages were unaffected.
Uninstalling both updates made websites stable again.
JScript.dll broken?
1 user thanked author for this post.
-
Susan Bradley
Manager -
woody
Manager
-
anonymous
Guestglnz
AskWoody Plusanonymous
GuestKB4524147 and KB4524148 also causes the exact same spoolsv jscript error! I have customers that never installed KB4517211 last week but today installed KB4524147 and 48 through automatic updates, which is supposed to fix the printer problem. They did not have the printer problem before and now after installing up the new update, they HAVE the problem. I have 2 entire offices down because of these 2 updates.
1 user thanked author for this post.
-
EP
AskWoody_MVPwhat printers do you have?
I’m not experiencing the printing problems with these recent updates like KB4524147 & KB4524148.
btw, I have an HP envy 4500 and an HP envy photo 7855 series printers and they both work okay whether using a local usb cable connection or a wifi networked connection. one of them had a driver issue that required uninstalling and reinstalling the printer drivers to actually fix a printing problem.-
This reply was modified 3 years, 4 months ago by
EP.
-
This reply was modified 3 years, 4 months ago by
Microfix
AskWoody MVP-
woody
Manager -
Microfix
AskWoody MVPRecently (August) we had the VBScript patch fiasco when the interns had the reigns and was eventually fixed (or so we were led to believe)..I wonder if something has been overlooked? Perhaps printer issues are the outcome and the issue lays within the relationship between the IE zeroday patch and VBScript patch which affects MS JScript in dotNET depending on what version is installed. (I ain’t no expert her BTW, just looking at facts.)
These are two things we know that have changed recently.
Ref this Jscript Wiki
WaaS = Windows as a Syphon...suckers!
-
Speccy
AskWoody Loungeranonymous
GuestI just had a PC with the HP won’t print issue. It installed KB4524148 last night. I uninstalled it, still no print. It was installed as a Web Services printer like most recent HP devices. I installed the UPD configured to an IPv4 IP and it worked. I suspect it is something in the web services it borks. This seems consistent with other reports that the UPD fixes it.
glnz
AskWoody PlusThis is weird – I saw KB4524157 in Windows Update for my WIn 7 Pro 64-bit machine just now (Friday Oct 4 10pm ET). Said the last search for updates was about 6:50am.
I didn’t install it but instead ran Check for Updates, and it disappeared!!!!!
Did MS pull it ?????
2 users thanked author for this post.
-
DrBonzo
AskWoody PlusI don’t know if they pulled it since it still shows up in MS Support and also the MS Catalog.
I do know that on three Win 7 machines sometime on Friday evening the 2019-10 Rollup was no longer offered in Windows Update and had been replaced with the 2019-09 Rollup.
1 user thanked author for this post.
anonymous
GuestSynoptic12
AskWoody LoungerUpon installing Microsoft update (KB4524157 ) in Windows 7 64-bit, “Aero” was terminated. I was unable to repair the issue using the troubleshooter. Furthermore, Windows 7 would not shut down after ‘shutting down’, only remaining with the desktop theme. A manual shutdown was necessary.
* I uninstalled the aforesaid update and the system reverted back to normal. To alleviate further issues, I now have ‘System Restore’ enabled to avoid any further complications.
- Sorry for the bad photos.
1 user thanked author for this post.
Dave
AskWoody PlusVery important observation. Thanks!
If you roll back KB 4524147, does your printer work again?
I’m having the print problems on one of our systems. Document would go to spooler but hang. Eventually printer would print a timeout error page. Pulling KB4524147 didn’t change. Pulling KB4522016 in addition did allow documents to print, but after significant (1-2 Min) delay before spooler would release document from buffer. No start menu problems however.
Viewing 30 reply threads -

Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 11, Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.
Search Newsletters
Search Forums
View the Forum
Search for Topics
Recent Topics
-
Want to stop auto dimming
by
Vincenzo
2 hours, 53 minutes ago -
Why doesn’t a file shortcut work in a ‘Links’ folder?
by
WCHS
3 hours, 34 minutes ago -
Anyone want six Surface covers?
by
Susan Bradley
2 hours, 25 minutes ago -
MSFT Edge adopting Adobe pdf reader
by
Microfix
6 hours, 29 minutes ago -
Google shares dive 8% after AI chatbot Bard flubs answer in ad
by
Alex5723
5 hours, 21 minutes ago -
I asked ChatGPT to describe its humanoid form and feed its output to Dall-E…
by
Alex5723
19 hours, 8 minutes ago -
Malware lockup Dell laptop Win 11
by
WSpfeldmann
10 hours, 21 minutes ago -
February 2023 Office non-Security updates
by
PKCano
1 day ago -
Introducing the new Bing with chatGPT
by
Alex5723
2 hours, 21 minutes ago -
Has Windows become Spyware?
by
Alex5723
5 hours, 47 minutes ago -
Want to buy a huge stock of Vintage Macs and hardware..?
by
Alex5723
1 day, 8 hours ago -
Windows resetting Microphone Levels
by
WSbilllh
12 hours, 20 minutes ago -
Outlook.com is down for many
by
Alex5723
15 hours, 58 minutes ago -
What the heck is this bunch of lists?
by
Cthru
1 day, 3 hours ago -
Win 10 SATA Blu-Ray
by
DaveH52
1 day, 2 hours ago -
iOS 16.3 and Advanced Data Protection
by
pmcjr6142
1 day, 6 hours ago -
Lost Battery Condition Icon from Sys Tray
by
doneager
1 day, 16 hours ago -
Global ransomware attack targets VMware ESXi servers
by
Alex5723
18 hours, 26 minutes ago -
Remote Desktop using MSTSC
by
John Davis
1 day, 5 hours ago -
Have the product key, but don’t know the MS account that was used to install
by
AAronoff
1 day, 8 hours ago -
My data is too large for one hdd
by
shermank
1 day, 18 hours ago -
Abraham Lempel one of the fathers of the LZ family..died at the age of 86
by
Alex5723
2 days, 15 hours ago -
How to fix File Explorer folder views in Windows 10 and 11
by
B. Livingston
6 hours, 10 minutes ago -
Changes to Outlook and OneDrive have fallout
by
Peter Deegan
1 day, 6 hours ago -
Would you ever run an MS-DOS program in 64-bit Windows?
by
Ben Myers
5 minutes ago -
Lunch with Brian
by
Will Fastie
23 hours, 27 minutes ago -
Getting Outlook to behave
by
Susan Bradley
2 days, 17 hours ago -
Possible Data Scraper “Lusha” on the prowl
by
Nibbled To Death By Ducks
2 days, 18 hours ago -
Turbotax 2021 won’t activate on my Windows 11 computer
by
Alan F
2 days, 17 hours ago -
Laptop Battery
by
Rush2112
2 days, 10 hours ago
Recent blog posts
- February 2023 Office non-Security updates
- How to fix File Explorer folder views in Windows 10 and 11
- Changes to Outlook and OneDrive have fallout
- Would you ever run an MS-DOS program in 64-bit Windows?
- Lunch with Brian
- Getting Outlook to behave
- Cables are very important
- Sometimes it’s the little things
Key Links
Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.
Mastodon profile for DefConPatch
Mastodon profile for AskWoody
Home • About • FAQ • Posts & Privacy • Forums • My Account
Register • Free Newsletter • Plus Membership • Gift Certificates • MS-DEFCON Alerts
Copyright ©2004-2023 by AskWoody Tech LLC. All Rights Reserved.