They’re marked: IMPORTANT This is a required security update that expands the out-of-band update dated September 23, 2019. This security update includ
[See the full post at: Heads up! 50 new security patches just pushed to the Update Catalog]
![]() |
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
SIGN IN | Not a member? | REGISTER | PLUS MEMBERSHIP |
-
Heads up! 50 new security patches just pushed to the Update Catalog
Home » Forums » Newsletter and Homepage topics » Heads up! 50 new security patches just pushed to the Update Catalog
- This topic has 71 replies, 31 voices, and was last updated 3 years, 11 months ago.
AuthorTopicwoody
ManagerViewing 30 reply threadsAuthorReplies-
Microfix
AskWoody MVPGetting October SMQR offered via WU on Win8.1..declined
posted my WU screenshot hereMS-DEFCON still at 3..
Have they nudged this months patches back due to the release of 1909 on patch tuesday 8th of this month?
No problem can be solved from the same level of consciousness that created IT- AE -
PKCano
Manager -
Microfix
AskWoody MVP -
PKCano
ManagerSorry, wrong tense, but I was quoting (my bolding).
IMPORTANT This is a required security update that will be offered to all customers automatically. To help secure your devices, we recommend that you install this update as soon as a possible and restart your PC to fully apply the mitigations. Like all rollup updates, this update supersedes any preceding update.
Note This update does not replace the upcoming October 2019 monthly update, which is scheduled to release on October 8, 2019.
-
-
-
grant.gardner
AskWoody Plus-
woody
ManagerYes. Patch Tuesday this month will include previous cumulative updates (unless somebody changes their mind again).
Big questions at this point: (1) Is an attack imminent and (2) Are there any additional bugs?
Patches like this are notorious for triggering an absolute shirtstorm of bugs.
-
Tom-R
AskWoody Plus -
woody
ManagerGood question. The concomitant question is whether we should go to MS-DEFCON 4 or 5.
At this point, I’m watching for evidence of bugs in this for-real out-of-band patch. If it looks clean, I’ll probably advise that people install it.
But it’s still too early to tell – and I still have no indication whether CVE-2019-1367 is an ongoing concern for the 95% of all Windows users who don’t use IE. The Security Advisory has been updated to show the new patches – but there’s no change in the wimpy description. Clément Lecigne hasn’t said anything, either.
-
anonymous
Guest
-
-
Bluetrix
AskWoody MVPIs it safe to assume that these updates will be incorporated into the standard patch Tuesday updates that are due out next week?
For:
KB4524147 CU for 1903 (build 18362.388)
KB4524148 CU for 1809 (build 17763.775)
KB4524149 CU for 1803 (build 17134.1040)Note This update does not replace the upcoming October 2019 monthly update, which is scheduled to release on October 8, 2019.
That’s from Microsoft
Edit to add: Like Woody said, (unless somebody changes their mind again).
-
grant.gardner
AskWoody PlusIs it safe to assume that these updates will be incorporated into the standard patch Tuesday updates that are due out next week?
For:
KB4524147 CU for 1903 (build 18362.388)
KB4524148 CU for 1809 (build 17763.775)
KB4524149 CU for 1803 (build 17134.1040)Note This update does not replace the upcoming October 2019 monthly update, which is scheduled to release on October 8, 2019.
That’s from Microsoft
Edit to add: Like Woody said, (unless somebody changes their mind again).
We don’t use IE on any of our servers and don’t have the printing issue. Would rather wait for the standard Patch Tuesday stuff and install later this month once its given the go ahead by “the patch lady”. Heck, I just installed Septembers updates this week.
PKCano
Managerarmond
AskWoody Lounger-
woody
Manager -
Susan Bradley
ManagerDid into the printer driver setting and make sure that rebooting hasn’t moved a printer from the setup you like/that works to one that doesnt.
I have a home pc that on occasion will reboot and my HP multi will move from tcp/ip setup to that web stupid printer driver thingy that never works.
Susan Bradley Patch Lady/Prudent patcher
Alex5723
AskWoody PlusThey’re marked: IMPORTANT This is a required security update that expands the out-of-band update dated September 23, 2019. This security update includ
[See the full post at: Heads up! 50 new security patches just pushed to the Update Catalog]?
You meant September 23.
1 user thanked author for this post.
-
woody
Manager
IndyPilot80
AskWoody Lounger-
grant.gardner
AskWoody Plus
DrBonzo
AskWoody PlusScroll to the bottom of the following link under Revisions and it reads as though the only purpose of today’s new update is to fix the printer issue.
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1367
This is what it says:
To address a known printing issue customers might experience after installing the Security Updates or IE Cumulative updates that were released on September 23, 2019 for CVE-2019-1367, Microsoft is releasing new Security Updates, IE Cumulative Updates, and Monthly Rollup updates for all applicable installations of Internet Explorer 9, 10, or 11 on Microsoft Windows. Please see the Security Updates table for CVE-2019-1367 for the new updates. Note that these updates are available automatically via Windows Update, WSUS, or manually from the Microsoft Update Catalog. This release is separate from the October Update Tuesday release, which is scheduled for October 8, 2019
2 users thanked author for this post.
-
armond
AskWoody LoungerAs far as I know and tested, HP printer issue have nothing to do with the Print Spooler service, as I did not have any printing issue with other priters I tried with any of the recent Windows 10 Cumulative Update updates.
Hopefully at least HP comes up with a solution, as I really like my HP printer and its Instant Ink free plan. Thanks so much for your time. -
cogx
AskWoody LoungerNot just HP for us, but Ricoh printers are causing us fits now too. In one such case, installed today’s (10/3/19) update (for Windows 8.1) and it didn’t fix the application crashing when trying to print to that particular Ricoh. It’s not the spooler crashing, it is the application trying to print to that particular Ricoh USB connected printer (Word, Chrome, etc.)
The user’s other printer (network printer, also a copier Ricoh model) works and the Adobe PDF printer driver works.I know we scream about a lot of buggy patches, but the truth is, with the ~450 computers I directly support, and the three thousand more where I work, we rarely run into the “known issues” from various MS patches. The last one I can recall was a bad MS AV update.
Every year or two a screwy Word or Excel patch will get us. But, now they have really gone and done it, breaking printing is like the number one cardinal sin where I work. Printing is all anyone cares about.
-
woody
ManagerIt could be that this out-of-band patch was re-issued to fix both the printer and .NET 3.5 installation bugs. But more importantly, it’s a for-real out-of-band update, with appropriate distribution.
It’s also been ten days since MS initially dropped the CVE. Is it possible that this is a real threat? If so, why haven’t we heard anything about it? At least MS is giving it more attention.
-
WildBill
AskWoody PlusCan confirm it’s a real out-of-band update, since KB4521456 replaced KB4516067 on my Win8.1 machine. Main Question: Besides possibly fixing the breaking .NET 3.5 problem & the breaking printers problem (no printer attached on my laptop), does it properly fix CVE-2019-1367? That’s the $64,000,000 question! You just bumped us to MS-DEFCON 3 yesterday; been slow in patching, but I’d hate to patch today & find we’re still getting messed up. As Patch Lady said in Monday’s Plus Newsletter, Issue 16.35.0:
Bottom line: Microsoft handled these updates poorly. At this time, the IE exploits appear to be highly targeted and narrowly applied. But the company hasn’t clearly spelled out the extent of the threat — except indirectly by making the fix relatively difficult to get.
Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...1 user thanked author for this post.
CADesertRat
AskWoody PlusIt’s been an interesting morning, I have 4 computers (W10 Pro 1809) which all started out with the same updates until WU this morning. See my results in another post. MS is changing updates FAST.
Don't take yourself so seriously, no one else does 🙂
All W10 Pro at 22H2,(2 Desktops, 1 Laptop).Mr. Natural
AskWoody Loungerbbearren
AskWoody MVPI got KB4524147 earlier today. Nothing unusual, as usual for me.
Always create a fresh drive image before making system changes/Windows updates; you may need to start over!We were all once "Average Users". We all have our own reasons for doing the things that we do with our systems, we don't need anyone's approval, and we don't all have to do the same things.1 user thanked author for this post.
Barry
AskWoody LoungerI got KB4524147 earlier today. Nothing unusual, as usual for me.
Downloading it now. I might add it did not give the option to defer. As soon as i hit check for update it started downloading.
Barry
Windows 11 v22H21 user thanked author for this post.
-
woody
Manager -
Barry
AskWoody Lounger -
woody
ManagerOops. I should’ve looked at your signature.
Yeah, that would be in keeping with the new updating method – in fact, unless you’ve clicked “Defer updates,” today’s cumulative update would’ve installed whether you clicked Check for updates or not.
1 user thanked author for this post.
-
-
Microfix
AskWoody MVPsatirical view/
so in essence these patches seem to suggest the following:
IE zeroday is now fixed, we think!..but
RPC may or may not work so..
If your printer works, the patch will bork it
If your printer didn’t work before this patch, it’s still borked.
If you don’t have a printer think yourself lucky punk.
And to top it all off…there’s skeletal documentation about these patchesAha! no IE zeroday patch printer works..oh dear, rock and a hard place. /satirical view
popcorn time on linux..No problem can be solved from the same level of consciousness that created IT- AEGeo
AskWoody Plus-
KP
AskWoody PlusWin 7 – 32 bit (KB4524157)
I say back to DefCon 1 or 2 for this.
DefCon 3 for the September Patches. Unfortunately it means you have to manually download the patches from the Microsoft Update Catalog.
-
jburk07
AskWoody Plus@KP –
When I hid KB4524157, the September patches reappeared in Windows Update, so you could do that instead of downloading them from the catalog.Linux Mint Cinnamon 21.1
Group A:
Win7 Pro x64 SP1 Haswell, 0patch Pro, dual boot with Linux, mostly offline
Win7 Home Premium x64 SP1 Ivy Bridge, 0patch Pro,offline
Win 10 Pro x64 v22H2 Ivy Bridge, dual boot with Linux-
This reply was modified 3 years, 11 months ago by
jburk07.
1 user thanked author for this post.
-
This reply was modified 3 years, 11 months ago by
-
Mr. Natural
AskWoody LoungerSo is this the new norm now? Put them out on Microsoft Download Catalog first so that the “seekers” can beta test before releasing to Windows Update. Then let the Windows Update “seekers” have at it for the second round of beta testing.
Perhaps not a bad idea the way this whole A.I. thing is going. 🙁
Red Ruffnsore
3 users thanked author for this post.
anonymous
GuestToo Much KB overload and I have skipped the Telemetry “Security Only” months and really I’m only interested in the 2019 Oct W7 Security Only(If No telemetry is included) and the Oct IE cumulative security only updates for Windows 7.
It’s just too much to worry about all of the out of band IE updates with IE getting its usual cumulative security patching each month anyways.
I’m using only Firefox for browsing until the Oct 2019 IE cumulative updates get DEFCON 3/higher rated, and actually Firefox is a lot better for browsing than IE regardless of any IE Zero Days.
Hopper15
AskWoody PlusT
AskWoody PlusI’m so confused by this – if this is a monthly rollup then does that mean it includes all the junk those of us who are security only wish to avoid? I’m now conditioned to avoid anything rollup in the title and checking the file information for this update shows it does contain files like diagtrack and such. Therefore, where is the security only version? I want that one, i’m not about to start installing rollups.
-
PKCano
ManagerThe fix is in the IE11 CU which Group B installs.
Since Group A doesn’t have separate patches, and theri IE11 fix is part of the Rollup, Group A gets a Rollup (yes, it is a Rollup)
AKB200003 has been updated with the IE11 patch, but Woody has not blessed it yet.WAIT.
1 user thanked author for this post.
-
T
AskWoody Plus
-
ashfan212
AskWoody LoungerWindows 7 x64 Home Premium Group A
KB4524157 is described as a monthly rollup. Therefore, all of its enhancements will be contained (presumably) in next Tuesday’s scheduled October monthly rollup.
Accordingly, I cannot conceive why today’s monthly rollup can be deemed “important” and mandatory when its replacement will be available in 5 days.
I assume that the consensus advice would be to ignore this rollup update.
anonymous
Guestabbodi86
AskWoody_MVP-
woody
Manager
Speccy
AskWoody Loungerrozmansi
AskWoody LoungerThe KB4524135 and KB4524156 installed on our Windows Server 2012R2 over the night and all JScript legacy ASP websites broke: heap corruption, unknown variable values, garbage in error responses. Event log was full of “Error: File /index.asp Unexpected error. A trappable error (C0000005) occurred in an external object. The script cannot continue running..” messages. Clicking refresh on any website gave a couple of successful responses, followed by a 500 Internal Server Error, and again some sucessful responses…
VBScript pages were unaffected.
Uninstalling both updates made websites stable again.
JScript.dll broken?
1 user thanked author for this post.
-
Susan Bradley
Manager -
woody
Manager
-
anonymous
Guestglnz
AskWoody Loungeranonymous
GuestKB4524147 and KB4524148 also causes the exact same spoolsv jscript error! I have customers that never installed KB4517211 last week but today installed KB4524147 and 48 through automatic updates, which is supposed to fix the printer problem. They did not have the printer problem before and now after installing up the new update, they HAVE the problem. I have 2 entire offices down because of these 2 updates.
1 user thanked author for this post.
-
EP
AskWoody_MVPwhat printers do you have?
I’m not experiencing the printing problems with these recent updates like KB4524147 & KB4524148.
btw, I have an HP envy 4500 and an HP envy photo 7855 series printers and they both work okay whether using a local usb cable connection or a wifi networked connection. one of them had a driver issue that required uninstalling and reinstalling the printer drivers to actually fix a printing problem.-
This reply was modified 3 years, 11 months ago by
EP.
-
This reply was modified 3 years, 11 months ago by
Microfix
AskWoody MVPOur Canon printer works fine on Win8.1 Pro x64 (USB) after installing SMQR kb4524156..I wonder if certain proprietary driver files are at play here. .it just seems a mixed bag of issues
No problem can be solved from the same level of consciousness that created IT- AE1 user thanked author for this post.
-
woody
Manager -
Microfix
AskWoody MVPRecently (August) we had the VBScript patch fiasco when the interns had the reigns and was eventually fixed (or so we were led to believe)..I wonder if something has been overlooked? Perhaps printer issues are the outcome and the issue lays within the relationship between the IE zeroday patch and VBScript patch which affects MS JScript in dotNET depending on what version is installed. (I ain’t no expert her BTW, just looking at facts.)
These are two things we know that have changed recently.
Ref this Jscript Wiki
No problem can be solved from the same level of consciousness that created IT- AE
-
Speccy
AskWoody Loungeranonymous
GuestI just had a PC with the HP won’t print issue. It installed KB4524148 last night. I uninstalled it, still no print. It was installed as a Web Services printer like most recent HP devices. I installed the UPD configured to an IPv4 IP and it worked. I suspect it is something in the web services it borks. This seems consistent with other reports that the UPD fixes it.
glnz
AskWoody LoungerThis is weird – I saw KB4524157 in Windows Update for my WIn 7 Pro 64-bit machine just now (Friday Oct 4 10pm ET). Said the last search for updates was about 6:50am.
I didn’t install it but instead ran Check for Updates, and it disappeared!!!!!
Did MS pull it ?????
2 users thanked author for this post.
-
DrBonzo
AskWoody PlusI don’t know if they pulled it since it still shows up in MS Support and also the MS Catalog.
I do know that on three Win 7 machines sometime on Friday evening the 2019-10 Rollup was no longer offered in Windows Update and had been replaced with the 2019-09 Rollup.
1 user thanked author for this post.
anonymous
GuestSynoptic12
AskWoody LoungerUpon installing Microsoft update (KB4524157 ) in Windows 7 64-bit, “Aero” was terminated. I was unable to repair the issue using the troubleshooter. Furthermore, Windows 7 would not shut down after ‘shutting down’, only remaining with the desktop theme. A manual shutdown was necessary.
* I uninstalled the aforesaid update and the system reverted back to normal. To alleviate further issues, I now have ‘System Restore’ enabled to avoid any further complications.
- Sorry for the bad photos.
1 user thanked author for this post.
Dave
AskWoody PlusVery important observation. Thanks!
If you roll back KB 4524147, does your printer work again?
I’m having the print problems on one of our systems. Document would go to spooler but hang. Eventually printer would print a timeout error page. Pulling KB4524147 didn’t change. Pulling KB4522016 in addition did allow documents to print, but after significant (1-2 Min) delay before spooler would release document from buffer. No start menu problems however.
Viewing 30 reply threads -

Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 11, Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.
Search Newsletters
Search Forums
View the Forum
Search for Topics
Recent Topics
-
Startup loop after adding new user and installing File Explore Patch
by
PFC
1 hour, 21 minutes ago -
RoboCops comes to NYPD. You have the right to remain cyborg
by
Alex5723
1 hour, 56 minutes ago -
iOS 17 : New Safari Privat Search Engines
by
Alex5723
3 hours, 2 minutes ago -
Photos App running in background
by
Tom
53 minutes ago -
IPV6 Issue Win10 22H2 August Update
by
Win7and10
1 hour, 14 minutes ago -
Windows 11 Insider Preview build 23550 released to DEV
by
joep517
1 day, 1 hour ago -
Windows 11 Build 22621.2361 (22H2) released to Release Preview
by
joep517
1 day, 1 hour ago -
Lately I’ve been getting qr code spam attacks
by
Susan Bradley
1 day, 4 hours ago -
ghacks Wants Edge – FF Browser Update to View – hack/redirect
by
CraigS26
2 hours, 20 minutes ago -
iOS 17 : If your new iPhone gets stuck on the Apple logo when you transfer…
by
Alex5723
1 day, 12 hours ago -
Apple zero days out – September 2023
by
Susan Bradley
1 day, 7 hours ago -
No shortcuts to files on Taskbar in Win11
by
KingGeorgeN
1 day, 4 hours ago -
“New” Google Sites vs Network Solutions: domain resolution
by
Towson_Steve
14 hours, 45 minutes ago -
Topic: Privacy Report on Modern Cars
by
oldfry
1 day, 17 hours ago -
Microsoft’s massive Windows 11 update, featuring Copilot AI, begins rolling out
by
Alex5723
1 day, 13 hours ago -
MailStore Home updates
by
Alex5723
2 days, 14 hours ago -
T-Mobile users say they see other people’s account information
by
Alex5723
3 days, 1 hour ago -
Retirement of Exchange Web Services in Exchange Online
by
Alex5723
3 days, 13 hours ago -
What Remote Desktop credentials do I use to access a MS Account computer
by
JP
2 days, 3 hours ago -
Office 2003 Compatibility with One Drive in Windows 11
by
langsjw
4 days ago -
Has KB5030219 been pulled for Windows 11 Pro for Workstations?
by
jharri46
1 day, 3 hours ago -
By default encryption on Apple
by
Susan Bradley
3 days, 18 hours ago -
KB5029331 Macrium/Reflect
by
fpefpe
3 days, 19 hours ago -
Windows 10 Build 19045.3513 (22H2) to Release Preview Channel
by
joep517
4 days, 6 hours ago -
Microsoft worker accidentally exposes 38TB of sensitive data in GitHub blunder
by
Nibbled To Death By Ducks
3 days, 16 hours ago -
Change CPU/Mainboard without reinstallation of OS and Apps – Win10
by
schmersa
3 days, 21 hours ago -
Mouse slows to crawl if Edge in focus
by
bryash
5 days, 2 hours ago -
Windows and Surface chief Panos Panay is leaving Microsoft
by
Alex5723
4 days, 15 hours ago -
Essential Office Portable
by
Microfix
5 days, 3 hours ago -
Essential Office: Disable Spell Check
by
Bob Blum
5 days, 3 hours ago
Recent blog posts
Key Links
Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.
Mastodon profile for DefConPatch
Mastodon profile for AskWoody
Home • About • FAQ • Posts & Privacy • Forums • My Account
Register • Free Newsletter • Plus Membership • Gift Certificates • MS-DEFCON Alerts
Copyright ©2004-2023 by AskWoody Tech LLC. All Rights Reserved.