• Heads up! 50 new security patches just pushed to the Update Catalog

    Posted on October 3, 2019 at 13:10 CDT by Comment in the Forums

    Sometime in the past hour-or-so we got 50 new patches in the Catalog. They’re marked:

    IMPORTANT This is a required security update that expands the out-of-band update dated September 23, 2019. This security update includes the Internet Explorer scripting engine security vulnerability (CVE-2019-1367) mitigation and corrects a recent printing issue some users have experienced. Customers using Windows Update or Windows Server Update Services (WSUS) will be offered this update automatically. To help secure your devices, we recommend that you install this update as soon as a possible and restart your PC to fully apply the mitigations. Like all cumulative updates, this update supersedes any preceding update.

    Note This update does not replace the upcoming October 2019 monthly update, which is scheduled to release on October 8, 2019.

    According to @EP, we’re being treated to:

    KB4524135 IE update for IE9/IE10/IE11
    KB4524147 CU for 1903 (build 18362.388)
    KB4524148 CU for 1809 (build 17763.775)
    KB4524149 CU for 1803 (build 17134.1040)
    KB4524150 CU for 1709
    KB4524151 CU for 1703
    KB4524152 CU for 1607
    KB4524156 Rollup for Win8.1
    KB4524157 Rollup for Win7

    More info as we find out what the Sam Hill is going on.

    UPDATE: The KB article also says that it fixes the .NET 3.5 installation problem introduced in both the second and third September cumulative updates for all Win10 versions:

    This security update includes quality improvements. Key changes include:

    Addresses an intermittent issue with the print spooler service that may cause print jobs to fail. Some apps may close or generate errors, such as the remote procedure call (RPC) error.

    Addresses an issue that may result in an error when you install Features On Demand (FOD), such as .Net 3.5. The error is, “The changes couldn’t be complete. Please reboot your computer and try again. Error code: 0x800f0950.”

    That tells me somebody’s listening – but it also tells me that MS is doing a very poor job of updating their Windows Release Information page. I think I’ll write about that in Monday’s Plus Newsletter.

    By the way… depending on your definition, the September 23 cumulative update was absolutely NOT an out-of-band patch. A real out-of-band patch goes out to everybody (the Sept. 23 patch was download only), gets distributed through the update servers, and it’s reasonably well documented. This patch is an out-of-band update — except we still don’t know much about the zero day.

    Windows Patches/Security
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    March 2025
    S M T W T F S
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.