Home / Technology / Microsoft Windows Security Updates April 2019 overview

Microsoft Windows Security Updates April 2019 overview

Microsoft launched safety updates for supported variations of Windows and different firm as we speak on the April 9, 2019 Patch Tuesday.

Updates are supplied in numerous methods: by way of Windows Update, as direct downloads, and thru Enterprise updating methods.

Our month-to-month overview of Microsoft’s Patch Day affords detailed data  on updates, extra data that’s related, and hyperlinks to supported articles.

It begins with an government abstract, and is adopted by the statistics, the checklist of launched updates, identified points, and direct obtain hyperlinks.

You can take a look at last month’s Patch Day in case you may have missed it. As all the time, it is strongly recommended that systems are backed up earlier than new patches are put in. Note that some customers had troubles putting in the final cumulative replace for Windows 10 model 1809; you possibly can test a possible fix for System Service Exception blue screens right here.

Microsoft Windows Security Updates April 2019

Download the next Excel spreadsheet itemizing safety updates and associated data for updates that Microsoft launched in April 2019. Click on the next hyperlink to obtain the spreadsheet to your native system: microsoft-windows-security-updates-april-2019.zip

Executive Summary

  • Windows 10 version 1607 reached end of support for Enterprise and Education clients as we speak.
  • Windows 10 model 1709 reached finish of assist for Home, Pro and Pro for Workstations as we speak.
  • Microsoft launched safety updates for all shopper and server variations of Windows.
  • Other Microsoft software program with safety updates: Microsoft Edge, Internet Explorer, Microsoft Exchange Server, Team Foundation Server, Azure DevOps Server, Windows Admin Center, Microsoft Office
  • Microsoft fastened many lengthy standing identified points.
  • The Update Catalog lists 133 updates.

Operating System Distribution

  • Windows 7: 29 vulnerabilities of which 6 are rated crucial and 23 are rated vital (hyperlinks see W10 1809)
    • CVE-2019-0791 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0792 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0793 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0795 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0845 | Windows IOleCvt Interface Remote Code Execution Vulnerability
    • CVE-2019-0853 | GDI+ Remote Code Execution Vulnerability
  • Windows eight.1: 31 vulnerabilities of which 7 are rated crucial and 24 are rated vital (hyperlinks see W10 1809)
    • CVE-2019-0790 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0791 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0792 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0793 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0795 | MS XML Remote Code Execution Vulnerability
    • CVE-2019-0845 | Windows IOleCvt Interface Remote Code Execution Vulnerability
    • CVE-2019-0853 | GDI+ Remote Code Execution Vulnerability
  • Windows 10 model 1607:  33 vulnerabilities of which 7 are crucial and 26 are vital
    • crucial points similar as W10 1809 aside from CVE-2019-0786 which isn’t listed.
  • Windows 10 model 1703:  35 vulnerabilities of which 7 are crucial and 28 are vital
    • crucial points similar as W10 1809 aside from CVE-2019-0786 which isn’t listed.
  • Windows 10 model 1709: 37 vulnerabilities of which eight are crucial and 29 are vital
    • crucial points similar as W10 1809
  • Windows 10 model 1803: 37 vulnerabilities of which eight are crucial and 29 are vital
    • crucial points similar as W10 1809
  • Windows 10 model 1809: 36 vulnerabilities of which eight are crucial and 28 are vital

Windows Server merchandise

  • Windows Server 2008 R2: 29 vulnerabilities of which 6 are crucial and 23 are vital.
  • Windows Server 2012 R2: 31 vulnerabilities of which 7 are crucial and 24 are vital.
    • crucial points similar as W10 1809 besides CVE-2019-0786 which isn’t listed.
  • Windows Server 2016: 33 vulnerabilities of which 7 are crucial and 26 are vital
    • crucial points similar as W10 1809 besides CVE-2019-0786 which isn’t listed.
  • Windows Server 2019: 36 vulnerabilities of which eight are crucial and 28 are vital.
    • Critical points similar as W10 1809

Other Microsoft Products

  • Internet Explorer 11: 5 vulnerability, 1 crucial, four vital
  • Microsoft Edge: 9 vulnerabilities, 7 crucial, 2 vital

Windows Security Updates

Windows 7 Service Pack 1

KB4493446 — Monthly Rollup

  • Provides protections towards Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754) for VIA-based computer systems.
  • Fixes a problem with MSXML6 that might trigger applications to cease responding.
  • Fixed a problem with the Group Policy Editor that precipitated it to cease responding when enhancing Group Policy Preferences for Internet Explorer 10 Internet settings.
  • Fixed a problem with Custom URI schemes for Application Protocol Handlers.
  • Fixed an authentication problem in Internet Explorer 11 and different apps that use WININET.DLL.
  • Security updates for numerous parts.

KB4493467 — Security-only Update

  • Same because the Monthly rollup besides the Custom URI schemes repair (not listed)

Windows eight.1

Monthly rollups will not embrace PciClearStaleCache.exe anymore beginning with this replace. Microsoft advises that directors be sure that updates between April 20, 2018 and March 12, 2019 are put in previous to putting in this replace and future month-to-month rollup updates to be sure that this system is on the system.

The following signs could also be skilled if the file isn’t accessible:

  • Existing NIC definitions in management panel networks could also be changed with a brand new Ethernet Network Interface Card (NIC) however with default settings. Any customized settings on the beforehand NIC persist within the registry however had been unused.
  • Loss of static IP tackle settings.
  • Network Flyout doesn’t show sure Wi-Fi profile settings.
  • Disabling of Wi-Fi community adapters.

KB4493472 — Monthly Rollup

  • Provides protections towards Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754) for VIA-based computer systems.
  • Fixed a problem that precipitated the error “0x3B_c0000005_win32okay!vSetPointer”.
  • Fixed the netdom.exe error “The command failed to finish efficiently” seems.
  • Fixed the Custom URI Schemes problem.
  • Fixed the WININET.DLL problem.
  • Security updates

KB4493448 — Security solely replace

  • Same as month-to-month rollup aside from error “0x3B_c0000005_win32okay!vSetPointer” and Custom URI Schemes.

Windows 10 model 1607

KB4493470

  • Fixed a number of identified points.
  • Fixed a problem to fulfill GB18030 certificates necessities.
  • Security updates.

Windows 10 model 1703

KB4493474

  • Fixed a number of identified points
  • Security Updates

Windows 10 model 1709

KB4493441

  • Fixed a number of identified points
  • Security Updates

Windows 10 model 1803

KB4493464

  • Fixed a number of identified points
  • Addresses a cease error that happens when making an attempt to begin the Secure Shell (SSH) shopper program from Windows Subsystem for Linux (WSL) with agent forwarding enabled utilizing a command line change (ssh –A) or a configuration setting.
  • Security updates.

Windows 10 model 1809

KB4493509

  • Fixed a number of identified points together with EUDC blue display screen, MXSML6 cease responding, Group Policy Editor stops responding, WININET.DLL
  • Security updates

Other safety updates

KB4493435 — Cumulative Security Update for Internet Explorer

KB4491443 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493448 — Security Only Quality Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4493450 — Security Only Quality Update for Windows Embedded eight Standard and Windows Server 2012

KB4493451 — Security Monthly Quality Rollup for Windows Embedded eight Standard and Windows Server 2012

KB4493458 — Security Only Quality Update for Windows Server 2008

KB4493471 — Security Monthly Quality Rollup for Windows Server 2008

KB4493472 — Security Monthly Quality Rollup for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4493478 — Security Update for Adobe Flash Player

KB4493563 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493730 — Security Update for Windows Server 2008

KB4493790 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493793 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493794 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493795 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493796 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493797 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4493927 — Information disclosure vulnerability in Windows Embedded POSReady 2009

KB4494059 — Remote code execution vulnerability in Windows Embedded POSReady 2009

KB4494528 — You obtain an Error 1309 message whenever you set up an .msi file on Windows Embedded POSReady 2009

KB4495022 — Information disclosure vulnerability in Windows Embedded POSReady 2009

Known Issues

Windows 7 Service Pack 1

After putting in this replace, there could also be points utilizing the Preboot Execution Environment (PXE) to begin a tool from a Windows Deployment Services (WDS) server configured to make use of Variable Window Extension. Workarounds accessible.

Windows eight.1

Authentication might fail for providers that require unconstrained delegation after the Kerberos ticket expires. Workarounds accessible.

Windows 10 model 1607

For hosts managed by System Center Virtual Machine Manager (SCVMM), SCVMM can not enumerate and handle logical switches deployed on the host after putting in the replace.

After putting in KB4467684, the cluster service might fail to begin with the error “2245 (NERR_PasswordTooShort)” if the group coverage “Minimum Password Length” is configured with higher than 14 characters.

And the Windows 7 SP1 problem.

Windows 10 model 1607 and newer

After putting in the Internet Explorer cumulative replace, customized URI schemes for software protocol handlers might not work correctly in Internet Explorer. Workaround accessible.

Windows 10 model 1803

Same as Windows 7 SP1

Windows 10 model 1809, Windows Server 2016

Same as Windows 7 SP1

Security advisories and updates

ADV190011 | April 2019 Adobe Flash Security Update

ADV990001 | Latest Servicing Stack Updates

Non-security associated updates

KB4487990 — Update for POSReady 2009

KB890830 — Windows Malicious Software Removal Tool – April 2019

Microsoft Office Updates

You discover a checklist of all launched updates for Microsoft Office — safety and non-security – right here.

How to obtain and set up the April 2019 safety updates

microsoft updates windows april 2019

Windows Updates get put in mechanically on Home methods by default. You can block or delay the set up of updates on these methods.

It isn’t really useful to run a handbook test for updates as it might lead to the installation of preview updates or feature updates, however you could achieve this within the following manner:

  1. Open the Start Menu.
  2. Type Windows Update.
  3. Click on the “test for updates” button to run a handbook test.

You might use third-party instruments like the superb Windows Update Manager or Windows Update Minitool to obtain updates.

Direct replace downloads

Microsoft makes accessible all cumulative updates that it releases for Windows as direct downloads on the Microsoft Update Catalog web site. Follow the hyperlinks listed beneath to go there for the listed model of Windows.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4493472 — 2019-04 Security Monthly Quality Rollup for Windows 7
  • KB4493448 — 2019-04 Security Only Quality Update for Windows 7

Windows eight.1 and Windows Server 2012 R2

  • KB4493446 — 2019-04 Security Monthly Quality Rollup for Windows eight.1
  • KB4493467 — 2019-04 Security Only Quality Update for Windows eight.1

Windows 10 and Windows Server 2016 (model 1607)

  • KB4493470 — 2019-04 Cumulative Update for Windows 10 Version 1607

Windows 10 (model 1703)

  • KB4493474 — 2019-04 Cumulative Update for Windows 10 Version 1703

Windows 10 (model 1709)

  • KB4493441 — 2019-04 Cumulative Update for Windows 10 Version 1709

Windows 10 (model 1803)

  • KB4493464 — 2019-04 Cumulative Update for Windows 10 Version 1803

Windows 10 (model 1809)

  • KB4493509 — 2019-04 Cumulative Update for Windows 10 Version 1809

Additional sources

Check Also

Looking for a new writer for Ghacks

I am wanting for a new writer for Ghacks to enhance the articles that I …

Leave a Reply

Your email address will not be published. Required fields are marked *