- January 2019 Security Updates release notes
- List of software updates for Microsoft products
- List of the latest Windows Updates and Services Packs
- Security Updates Guide
- Microsoft Update Catalog site
- Our in-depth Windows update guide
- How to install optional updates on Windows 10
- Windows 10 Update History
- Windows 8.1 Update History
- Windows 7 Update History
Microsoft Windows Security Updates January 2019 overview

Welcome to the first Microsoft Windows Patch Day overview of 2019. Microsoft released security updates for all supported client and server versions of the Windows operating system and other company products such as Microsoft Office on January 8, 2019.
We publish a monthly overview shortly after Microsoft's release on the second Tuesday of each month. The overview lists all released security updates with links to Microsoft Support articles, known issues, downloads, and other Patch Tuesday related information.
You can check out the December 2018 Patch Day overview here.
Note: As always, we recommend to back up the system before you install updates for Windows or any other program.
Microsoft Windows Security Updates January 2019
Click on the following link to download an Excel spreadsheet that includes data about all released security updates for Microsoft Windows versions and other Microsoft products. Just click on the following link to start the download: (Download Removed)
Executive Summary
- Microsoft released security updates for all client and server versions of Windows.
- No critical vulnerabilities in Windows 8.1 and 7.
- Microsoft released security updates for Microsoft Edge, Internet Explorer, Adobe Flash Player, .NET Framework, Microsoft Office, Microsoft Exchange Server, and Microsoft Visual Studio
- Windows 10 version 1809 is in active distribution. Check out our guide on delaying feature updates for Windows 10 to avoid the installation.
- The Update Catalog lists 187 updates for January 2019.
Operating System Distribution
- Windows 7: 15 vulnerabilities of which 15 are rated important.
- Windows 8.1: 18 vulnerabilities of which 18 are rated important.
- Windows 10 version 1607:Â 23 vulnerabilities of which 1 is critical and 22 are important
- Windows 10 version 1703:Â 24 vulnerabilities of which 1 is critical and 23 are important
- Windows 10 version 1709: 24 vulnerabilities of which 1 is critical and 23 are important
- Windows 10 version 1803: 26 vulnerabilities of which 3 are critical and 23 are important
- Windows 10 version 1809: 25 vulnerabilities of which 2 are critical and 23 are important
Windows Server products
- Windows Server 2008 R2: 15 vulnerabilities of which 15 are important.
- Windows Server 2012 R2: 18 vulnerabilities of which 18 are important.
- Windows Server 2016: 23 vulnerabilities of which 1 is critical and 22 are important.
- Windows Server 2019: 25 vulnerabilities of which 2 are critical and 23 are important.
Other Microsoft Products
- Internet Explorer 11: 2 vulnerability, 1 critical, 1 important
- Microsoft Edge: 5 vulnerabilities, 4 critical, 1 important
Windows Security Updates
All Windows versions:
Starting with the January 2019 security updates, PowerShell remote endpoints cannot be configured anymore to work with non-administrator accounts.
Attempts to use non-admin accounts throws the following error after installation of the updates:
“New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered. For more information, see the about_Remote_Troubleshooting Help topic.â€
Windows 10 version 1809
Security updates to Microsoft Edge, Internet Explorer, Windows App Platform and Frameworks, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, Microsoft JET Database Engine, Windows Linux, Windows Virtualization, and the Microsoft Scripting Engine.
Windows 10 version 1803
Fixes a highly exploitable issue in Windows 10 version 1803; recommended to patch as early as possible. See Zero Day Initiative and Microsoft's guidance on the vulnerability.
- Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows Kernel, Windows Storage and Filesystems, Windows Virtualization, Windows Linux, Windows MSXML, and the Microsoft JET Database Engine .
Windows 10 version 1709
- Fixes an issue with esentutl /p which caused the repair to result in a "mostly empty database" which is corrupt and cannot be mounted.
- Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Virtualization, Windows Linux, and the Microsoft JET Database Engine.
Windows 10 version 1703
- Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows Authentication, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Virtualization, Windows Linux, and Microsoft JET Database Engine
Windows 10 version 1607
- Security updates to Internet Explorer, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows Kernel, Windows Hyper-V, Windows MSXML, and the Microsoft JET Database Engine.
Windows 8.1 and Windows Server 2012 R2
- Protection against Speculative Story Bypass CVE-2018-3639 for AMD-based computers
- Security updates to Windows App Platform and Frameworks, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.
- Same as Monthly Rollup
Windows 7 SP1 and Windows Server 2008 R2 SP1
Note: The updates may introduce issues with network shares.
- Protection against Speculative Story Bypass CVE-2018-3639 for AMD-based computers
- Security updates to Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.
- Same as Monthly Rollup
Other security updates
KB4483235 -- Windows 10 version 1809 and Windows Server 2019 -- Security update for Internet Explorer
KB4483234 -- Windows 10 version 1803 -- Security update for Internet Explorer
KB4483232 -- Windows 10 version 1709 -- Security update for Internet Explorer
KB4483230 -- Windows 10 version 1703 -- Security update for Internet Explorer
KB4483229 -- Windows 10 version 1607 and Windows Server 2016 -- Security update for Internet Explorer
KB4483187 -- Cumulative security update for Internet Explorer: December 19, 2018 -- fixes a remote code execution vulnerability.
KB4480059 -- Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008
KB4480051 -- Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012
KB4480054 -- Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2
KB4480055 -- Security and Quality Rollup for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008
KB4480057 -- Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2
KB4480058 -- Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012
KB4480061 -- Security and Quality Rollup for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012
KB4480062 -- Security and Quality Rollup for .NET Framework 2.0, 3.0 for Windows Server 2008
KB4480063 -- Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2
KB4480064 -- Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2
KB4480070 -- Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012
KB4480071 -- Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2
KB4480072 -- Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008
KB4480074 -- Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2
KB4480075 -- Security Only Update for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012
KB4480076 -- Security Only Update for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008
KB4480077 -- Security Only Update for .NET Framework 4 on WES09 and POSReady 2009
KB4480083 -- Security Only Update for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012
KB4480084 -- Security Only Update for .NET Framework 2.0, 3.0 for Windows Server 2008
KB4480085 -- Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2
KB4480086 -- Security Only Update for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2
KB4480957 -- Security Only Quality Update for Windows Server 2008
KB4480968 -- Security Monthly Quality Rollup for Windows Server 2008
KB4480965 -- Cumulative Security Update for Internet Explorer
KB4480972 -- Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012
KB4480975 -- Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012
KB4480979 -- Adobe Flash Player update
KB4481275 -- Security Update for WES09 and POSReady 2009
KB4481480 -- Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2
KB4481481 -- Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2
KB4481482 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012
KB4481483 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012
KB4481484 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2
KB4481485 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2
KB4481486 -- Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008
KB4481487 -- Security Only Update for .NET Framework 2.0 for Windows Server 2008
KB4480056 -- Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10
Notes
- ADV190001
- CVE-2019-0536
- CVE-2019-0537
- CVE-2019-0545
- CVE-2019-0549
- CVE-2019-0553
- CVE-2019-0554
- CVE-2019-0559
- CVE-2019-0560
- CVE-2019-0561
- CVE-2019-0569
- CVE-2019-0585
- CVE-2019-0588
Known Issues
Windows 10 version 1809 -- KB4480116
- Third-party applications may have difficulty authentication hotspots.
Windows 10 version 1803 -- KB4480966
- Same as Windows 10 version 1709
- Some users may not be able to pin web links to the Start Menu or Taskbar.
- After installing KB4467682, the cluster service may fail with 2245 (NERR_PasswordTooShort) if the Minimum Password Length policy is set to a value greater than 14 characters.KB4480966.
Windows 10 version 1709 -- KB4480978
Windows 10 version 1703 -- KB4480973
- Third-party applications may have difficulty authentication hotspots.
- Instantiation of SqlConnection can throw an exception.
Windows 10 version 1607 -- KB4480961
- Same as Windows 10 version 1709
- After installation of KB4467691, Windows may not start on "certain" Lenovo devices with less than 8 Gigabytes of RAM.
- After installing KB4467684, the cluster service may fail with 2245 (NERR_PasswordTooShort) if the Minimum Password Length policy is set to a value greater than 14 characters.KB4480966.
- After installation of the update on Windows Server 2016, Outlook instant searches may fail with "Outlook cannot perform the search".
- System Center Virtual Machine Manager (SCVMM) managed workloads are noticing infrastructure management issues after VMM refresh as the Windows Management Instrumentation (WMI) class around network port is being unregistered on Hyper-V hosts.
Windows 8.1 -- KB4480963
- Third-party applications may have difficulty authentication hotspots.
Windows 7 -- KB4480116
- Third-party applications may have difficulty authentication hotspots.
Security advisories and updates
ADV190001 | January 2019 Adobe Flash Update
Non-security related updates
KB4090007 -- Windows 10 version 1709 -- Intel Microcode updates around the following products (CPUs) have been revised
KB4091663 -- Windows 10 version 1703 -- Intel Microcode updates around the following products (CPUs) have been revised
KB4091664 -- Windows 10 version 1607 -- Intel Microcode updates around the following products (CPUs) have been revised
KB890830 -- Windows Malicious Software Removal Tool
Microsoft Office Updates
Microsoft released non-security updates for Office in the first week of January 2019.
The list of security updates released in January 2019 for Office is available here.
How to download and install the January 2019 security updates
Security updates are released via Windows Update for the majority of Home systems. All Home systems are set up to check for updates automatically and download these when discovered.
Administrators may run a manual check for updates to pick up the new releases early:
- Activate the Start Menu, e.g. by tapping on the Windows-key.
- Type Windows Update and select the tool from the list of results.
- Activate "check for updates" to run the manual update check.
Windows updates may be downloaded directly using third-party tools, e.g. Windows Update Minitool or wumgr, or Microsoft's Download Center. Links to the January 2019 cumulative updates are posted below.
Direct update downloads
Microsoft publishes all cumulative security updates and other updates on the Microsoft Update Catalog website. Direct download links are listed below.
Windows 7 SP1 and Windows Server 2008 R2 SP
- KB4480970 -- 2019-01 Security Monthly Quality Rollup for Windows 7
- KB4480960 -- 2019-01 Security Only Quality Update for Windows 7
Windows 8.1 and Windows Server 2012 R2
- KB4480963 -- 2019-01 Security Monthly Quality Rollup for Windows 8.1
- KB4480964 -- 2019-01 Security Only Quality Update for Windows 8.1
Windows 10 and Windows Server 2016 (version 1607)
- KB4480961 -- 2019-01 Cumulative Update for Windows 10 Version 1607
Windows 10 (version 1703)
- KB4480973 -- 2019-01 Cumulative Update for Windows 10 Version 1703
Windows 10 (version 1709)
- KB4480978 -- 2019-01 Cumulative Update for Windows 10 Version 1709
Windows 10 (version 1803)
- KB4480966 -- 2019-01 Cumulative Update for Windows 10 Version 1803
Windows 10 (version 1809)
- Â KB4480116 -- 2019-01 Cumulative Update for Windows 10 Version 1809
Additional resources


Microsoft have released a Windows 7 patch to fix network bug introduced in the January 2019 Win7 patches, KB4487345. This is a catalog-only patch.
Description of the update for Windows 7 SP1 and Windows Server 2008 R2 — January 11, 2019:
https://support.microsoft.com/en-us/help/4487345/update-for-windows-7-sp1-and-windows-server-2008-r2 (Catalog link provided on page)
So, are there no standard Windows patches for Server 2012 (non-R2)? I don’t see any in my WSUS that I synced up yesterday afternoon. That seems very strange.
Hmm, just did another WSUS Sync and now all the 2012 updates showed up. *sigh*. So much for letting everything sync and download overnight last night.
According to the Register, monthly roll-up KB4480970 and security-only update KB4480960 for Windows 7 are causing major network connectivity problems:
https://www.theregister.co.uk/2019/01/09/windows_7_network_broken/
I don’t know why but I’ve just updated windows 10 (It was forced because I was trying to fix a problem) and it’s asking me to update it AGAIN… I love how Windows asks you to update in the worsts momments
Thanks for taking the time and trouble to publish all these Martin. Saves a lot of hard work tracking them all down on the Portal site.
Again, W7 and W8.1 have less critical/important failures than W10 whatever the version.
Does it mean that both are more secure than W10 itself at current days? :(
Yes. Windows 7 has always been more secure than Windows 10 and will always stay that way.
All of them updated just fine with 1809 running. Other then waiting for a couple of driver updates, I actually felt 1809 went well after it was baked a second time. I am always amazed how drivers can’t make it out in time for new releases.
I believe the KB4481481 is for all versions of Netframework for Windows 7.
Thanks Martin
Thanks like every month’s article about the updates from Microsoft Martin.
For me, personly the January 8, 2019—KB4480966 (OS Build 17134.523) who applies to Windows 10, version 1803 installed just fine. Not yet 1809 and hopefully it stays this way till all the kinks (Like the administrator password hassel) have been smoothed out.
Funny thing this month the Office 2016 update from this mount who any outer month normally is updating office, is not updating up to right now.
But after reading your article earlier this month were you stated: “As always unless you use any of the mentioned Office applications and ran into issues fixed by these updates, it is recommended to wait with the installation.” I’m happy myself that office 2016 not updated up to right now, to the latest build.