Microsoft Windows Security Updates February 2019 overview

by Martin Brinkmann on February 12, 2019 in Companies, Microsoft - Last Update: February 13, 2019 - 30 comments

Microsoft has just released security updates and other updates for Microsoft Windows, Office, and other company products.

The updates are available through automatic updating systems, update distribution systems, and also manual download.

It is recommended that you read through our monthly overview of the Patch Day before you download and install any of the updates.

Our overview includes information about all security updates, known issues, download links, and links to support articles that are useful when it comes to finding out more about certain updates released for systems and programs.

Check out the January 2019 Patch Day here.

Tip: Make sure you back up systems before you install updates, as updates may break things.

Microsoft Windows Security Updates January 2019

Download the following Excel spreadsheet to your computer if you want a detailed list of all security updates that Microsoft released today. Just click on the following link to download it to your system: Microsoft February 2019 Security Updates Master List

Executive Summary

Microsoft released security updates for all supported versions of Microsoft Windows.
The following Microsoft products received security updates as well: Microsoft Edge, Internet Explorer, Microsoft Office, .NET Framework, Microsoft Exchange Server, Microsoft Visual Studio, Azure IoT SDK, Microsoft Dynamics, Team Foundation Server, Visual Studio Code
Microsoft released Servicing Stack Updates for supported versions of Windows.
The Update Catalog lists 208 updates for February 2019.

Operating System Distribution

Windows 7: 24 vulnerabilities of which 3 are rated critical and 21 are rated important.
Windows 8.1: 25 vulnerabilities of which 3 are rated critical and 22 are rated important.
Windows 10 version 1607:Â 28 vulnerabilities of which 3 are critical and 25 are important
Windows 10 version 1703:Â 28 vulnerabilities of which 3 are critical and 25 are important
Windows 10 version 1709: 29 vulnerabilities of which 3 are critical and 26 are important
Windows 10 version 1803: 29 vulnerabilities of which 3 are critical and 26 are important
Windows 10 version 1809: 28 vulnerabilities of which 3 are critical and 25 are important

Windows Server products

Windows Server 2008 R2: 24 vulnerabilities of which 3 are critical and 21 are important.
Windows Server 2012 R2: 25 vulnerabilities of which 3 are critical and 23 are important.
Windows Server 2016: 28 vulnerabilities of which 3 are critical and 25 are important.
Windows Server 2019: 28 vulnerabilities of which 3 are critical and 25 are important.

The critical vulnerabilities are all the same in all client and server editions:

CVE-2019-0618 | GDI+ Remote Code Execution Vulnerability
CVE-2019-0626 | Windows DHCP Server Remote Code Execution Vulnerability
CVE-2019-0662 | GDI+ Remote Code Execution Vulnerability

Other Microsoft Products

Internet Explorer 11: 3 vulnerability, 1 critical, 2 important
Microsoft Edge: 21 vulnerabilities, 14 critical, 5 important, 2 moderate

Windows Security Updates

Windows 7 SP1

KB4486563 -- Monthly Rollup

HTTP Strict Transport Security Preload gets top-level domain support in Microsoft Edge and IE11.
Plus all in security-only rollup.

KB4486564 -- Security-only Rollup

Fixed an issue that prevented Microsoft Jet database files from opening.
Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Input and Composition, Windows Wireless Networking, Windows Server, and the Microsoft JET Database Engine

Windows 8.1

KB4487000 -- Monthly Rollup

HTTP Strict Transport Security Preload gets top-level domain support in Microsoft Edge and IE11.
Plus all in security-only rollup

KB4487028 -- Security-only Rollup

Fixed an issue that prevented Microsoft Jet database files from opening.
Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Input and Composition, Windows Wireless Networking, Internet Explorer, Windows Server, and the Microsoft JET Database Engine.

Windows 10 version 1607

KB4487026 -- Cumulative Update for Windows 10 version 1607

Fixed an issue that caused Microsoft Outlook search to fail.
Fixed a file icon display issue in the taskbar.
Fixed an issue the prevented the correct setting of the LmCompatibilityLevel value.
Fixed the Microsoft JET database file access issue.
Internet Explorer 11 layout recalculation optimization for server platforms.
Added top-level domain support to HSTS Preload for Microsoft Edge and IE11.
Fixed an issue that prevented Edge from connecting using an IP address.
Security updates to Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Windows Graphics, Microsoft Graphics Component, Windows Input and Composition, Microsoft Edge, Windows Storage and Filesystems, Windows Wireless Networking, Windows Server, and the Microsoft JET Database Engine.

Windows 10 version 1703

KB4487020 -- Cumulative Update for Windows 10 version 1703

Same as KB4487017 for Windows 10 version 1803

Windows 10 version 1709

KB4486996 -- Cumulative Update for Windows 10 version 1709

Same as KB4487017 for Windows 10 version 1803

Windows 10 version 1803

KB4487017 -- Cumulative Update for Windows 10 version 1803

Fixed an issue the prevented the correct setting of the LmCompatibilityLevel value.
Fixed the Microsoft JET database file access issue.
Added top-level domain support to HSTS Preload for Microsoft Edge and IE11.
Fixed an issue that prevented Edge from connecting using an IP address.
Security updates to Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Windows Graphics, Windows Input and Composition, Microsoft Edge, Windows Wireless Networking, Windows Server, and the Microsoft JET Database Engine .

Windows 10 version 1809

KB4487044 -- Cumulative Update for Windows 10 version 1809

Addresses an issue that causes the Windows Hello for Business Hybrid Key Trust deployment sign-in to fail if Windows 2019 Server domain controllers (DC) are used for authentication.
Fixed an issue the prevented the correct setting of the LmCompatibilityLevel value.
Fixed the Microsoft JET database file access issue.
Fixed an issue in Microsoft HoloLens that allowed users to bypass the lock screen sign in process.
Security updates to Microsoft Scripting Engine, Microsoft Edge, Windows Server, the Microsoft JET Database Engine, Internet Explorer, Windows Wireless Networking, Windows Storage and Filesystems, Windows Input and Composition, Windows Graphics, and Windows App Platform and Frameworks.

Other security updates

KB4486474 -- Cumulative Security Update for Internet Explorer

KB4483449 -- Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4483450 -- Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4483451 -- Security and Quality Rollup for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4483453 -- Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4483454 -- Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4483455 -- Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4483456 -- Security and Quality Rollup for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4483457 -- Security and Quality Rollup for .NET Framework 2.0, 3.0 for Windows Server 2008

KB4483458 -- Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4483459 -- Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4483468 -- Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4483469 -- Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4483470 -- Security Only Update for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4483472 -- Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4483473 -- Security Only Update for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4483474 -- Security Only Update for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4483475 -- Security Only Update for .NET Framework 4.0 on WES09 and POSReady 2009

KB4483481 -- Security Only Update for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4483482 -- Security Only Update for .NET Framework 2.0, 3.0 for Windows Server 2008

KB4483483 -- Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4483484 -- Security Only Update for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4483485 -- Security Only Update for .NET Framework 2.0 SP2 on WES09 and POSReady 2009

KB4483495 -- Security Only Update for .NET Framework 3.0 SP2 on WES09 and POSReady 2009

KB4486463 -- Fix for Information Disclosure Vulnerability in Windows Embedded POSReady 2009

KB4486464 -- Fix for Information Disclosure Vulnerability in Windows Embedded POSReady 2009

KB4486465 -- Fix for Remote Code Execution Vulnerability in Windows Embedded POSReady 2009

KB4486924 -- Fix for security updates in Windows Embedded POSReady 2009

KB4487019 -- Windows Server 2009 SP2 Security-only update.

KB4487023 -- Windows Server 2009 SP2 Monthly Rollup update.

KB4487025 -- Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4487038 -- Adobe Flash Player security update

KB4487078 -- Security and Quality Rollup for .NET Framework 3.5.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4487079 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4487080 -- Security and Quality Rollup for .NET Framework 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4487081 -- Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4487085 -- Security Update for WES09 and POSReady 2009 for x86-based Systems

KB4487086 -- Security Update for WES09 and POSReady 2009

KB4487121 -- Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4487122 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4487123 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4487124 -- Security Only Update for .NET Framework 2.0 for Windows Server 2008

KB4487385 -- Security Update for WES09 and POSReady 2009

KB4487396 -- Security Update for WES09 and POSReady 2009

KB4483452 -- Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10

Known Issues

Windows 7, Windows 8.1

Virtual Machines may fail to restore successfully after installing the update on AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) architectures.

Workaround: Shut down of virtual machines before restarting the host.

Windows 10 version 1607 and Server 2016

Lenovo laptops with less than 8 GB of RAM may fail to start.

Workaround: Disable Secure Boot on the PC. If BitLocker is installed, you may need to use BitLocker Recovery.

The cluster service may fail to start after installing KB4467684.

Workaround: Set Minimum Password Length policy to "less than or equal to 14 characters".

SCVMM hosts may not be able to enumerate and manage logical switches deployed on the host.

Workaround: Run mofcomp on Scvmmswitchportsettings.mof andÂ VMMDHCPSvr.mof.

Windows 10 version 1803

Some users mayÂ not be able to pin web links on the Start menu or taskbar.

Workaround: none

Also, same local IP connecting issue as Windows 10 version 1809.

Windows 10 version 1703, 1709, 1809

Some users may not be able to load webpages using local IP addresses after installing KB4480116.

Workaround: Add the local IP address to the list of sites in the Trusted Zone.

Security advisories and updates

ADV190003 | February 2019 Adobe Flash Security Update

ADV190007 | Guidance for "PrivExchange" Elevation of Privilege Vulnerability

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB4486557 -- Dynamic Update for Windows 10 Version 1507

KB890830 -- Windows Malicious Software Removal Tool - February 2019

Microsoft Office Updates

You can read about the non-security Office updates released in February 2019 here. The list of security updates for Microsoft Office is available here.

How to download and install the February 2019 security updates

microsoft windows security updates 2019 february

Windows security updates are distributed via Windows Update, WSUS, and other update management systems that Microsoft supports.

We don't recommend that you run manual update checks as it may lead to the installation of beta updates or feature upgrades.

Still, you may do so in the following way:

Open the Start Menu.
Type Windows Update.
Click on the "check for updates" button to run a manual check.

You may use third-party tools like the excellent Windows Update Manager or Windows Update Minitool to download updates.

Direct update downloads

Updates that Microsoft releases for supported versions of Windows are available on the Microsoft Update Catalog website as well. The links below lead directly to these downloads on the site.

Windows 7 SP1 and Windows Server 2008 R2 SP

KB4486563 -- 2019-02 Security Monthly Quality Rollup for Windows 7
KB4486564 -- 2019-02 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

KB4487000 -- 2019-02 Security Monthly Quality Rollup for Windows 8.1
KB4487028 -- 2019-02 Security Only Quality Update for Windows 8.1

Windows 10 and Windows Server 2016 (version 1607)

Â KB4487026 -- 2019-02 Cumulative Update for Windows 10 Version 1607

Windows 10 (version 1703)

KB4487020Â -- 2019-02 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

KB4486996Â -- 2019-02 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

KB4487017 -- 2019-02 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

Â KB4487044 -- 2019-02 Cumulative Update for Windows 10 Version 1809

Additional resources

Summary

Article Name

Microsoft Windows Security Updates February 2019 overview

Description

Microsoft has just released security updates and other updates for Microsoft Windows, Office, and other company products.

Author

Martin Brinkmann

Publisher

Ghacks Technology News

Logo

Comments

Belga said on February 12, 2019 at 8:35 pm
2019-02 Security Only Quality Update for Windows 7 (KB4486564)
“The update does not apply to your computer.” ??? This is the first time…
Thank you anyway Martin.
BAR said on February 12, 2019 at 8:52 pm
> Microsoft released Servicing Stack Updates for supported versions of Windows.
None were released today.
1. Martin Brinkmann said on February 12, 2019 at 8:57 pm
  Are you certain? Microsoft published Servicing Stack Updates for Win 10 v1607, 1703, 1709 and 1803.
  1. ilev said on February 13, 2019 at 8:54 am
    https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV990001
    Service Stack for Win10, 8.1, 7 and servers
BAR said on February 12, 2019 at 9:00 pm
No, sorry, I’m not certain about no SSUs; it now seems the ADV990001 page has issues refreshing:
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV990001
(but I don’t think there’s one for 1809 today)
1. Martin Brinkmann said on February 12, 2019 at 9:01 pm
  The first hour or so is always problematic as you may run into all kinds of caching or publishing delays or issues.
  1. BAR said on February 12, 2019 at 9:32 pm
    Yep, thanks. Sorry for the misinformation.
    You do have “Microsoft Windows Security Updates *January* 2019” near the top of this February page though. ;-)
Andrej said on February 12, 2019 at 9:36 pm
Hey,
How about express updates for win2016 servers which were anounced to be reenabled in 2018 november. Am I only one who still canâ€™t see these updates in WSUS and SCCM?
John IL said on February 12, 2019 at 10:11 pm
Ah, time to roll the dice again.
Paul(us) said on February 12, 2019 at 10:58 pm
Thanks, Martin, For this monthly article hopefully Windows 10 version 1803 will soon automatically kick in to update, this month 29 vulnerabilities (from which 3 seem to be critical & also 26 who are important.). Every month I am thinking “Yet again a crazy high amounts of fixes again this month.
stefann said on February 13, 2019 at 1:20 am
Title should really be: “Microsoft Windows Bugs Updates February 2019 overview”…….
Robert G. said on February 13, 2019 at 3:04 am
Thanks again Martin for the details.
supergirl said on February 13, 2019 at 4:00 am
Whoa! I have set aside all of the Windows hard drives to my many LInux installs.
3 of these would need to be redone from before w7sp1 to resell with Windows.
I guess they will go with Linux or be stripped & recycled.
Thanks M$…..
MartinFan said on February 13, 2019 at 6:20 am
Does anyone know if this months updates include telemtry/diagnostics for Windows 7, I just got rid of all of them last month Thanks to an article here at Ghacks with a link to Tweakhound and don’t want anymore from Microsoft. I’m almost tempted to turn off Windows Updates early since there’s less than a year left and would if it wasn’t for Microsoft Security Essentials.
XPPOS2009 said on February 13, 2019 at 9:29 am
KB4487085 for XP/POSReady 2009 is broken/incorrectly packaged with vista/7 files/components causing boot failures and other app crashes and must be uninstalled to regain functionality.
KB4486463 for XP/POSReady 2009 is broken on uniprocessor/single core/non-HT installs causing looping repeat installs.
1. NPickles said on February 13, 2019 at 1:58 pm
  We have found an issue with KB4487085 where you get a â€˜The procedure entry point sprintf_s could not be located in the dynamic link library msvcrt.dllâ€™ error, even though msvcrt.dll isn’t included in the update.
  You have to uninstall it to fix it.
  Made our helpdesk very busy this morning.
  1. RTejada said on February 13, 2019 at 4:09 pm
    whats the best way to uninstall about 800 PCs? this is affecting our machines.
2. glnz said on February 14, 2019 at 4:02 am
  KB4487085 no longer shows on the AU yellow shield.
  1. XPPOS2009 said on February 16, 2019 at 3:26 am
    KB4487085 has been re-released (V2):
    http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/02/windowsxp-kb4487085-v2-x86-embedded-enu_667f051ffe98ff99495e9b6ede2b8c321aba1ca3.exe
    Also available via AU/WU/MU (clears it if previously hidden as per usual)
    Package files are correctly platformed and versioned now – tested fine
Matt said on February 13, 2019 at 7:35 pm
Both KB4486563 (Win7 security monthly quality rollup) and KB4486474 (IE11 cumulative security update) broke our Centricity RIS software today; it’s a medical record system that runs inside IE11. If users click the “Tools” button inside the application, they immediately get kicked out back to the login page so none of the affected users could scan or view documents.
The only fix I could find was to uninstall both updates, as uninstalling only one or the other wouldn’t fix it. Didn’t see any event viewer entries, either. Wish there was an easy way to tell MS about this but there’s no Windows 7 feedback hub.
1. David BalaÅ¾ic said on February 15, 2019 at 10:28 am
  Yeah, here also a web page stopped working in IE (compatibility view, it is an ancient page)
Justin said on February 13, 2019 at 8:16 pm
Are 1809 LTSC updates coming through WSUS yet? I have “LTSB” checked off and the only 1809 updates I see are .net FrameWork updates. No CU’s are coming through.
Jacki B said on February 14, 2019 at 5:39 am
Just did the latest Windows 7 update and now I do not have wireless capability on my laptop. Have done all of the suggestions I can find online and nothing has worked to restore the wifi. So now am doing a system restore to before the latest update. If it doesn’t work, I am really going to be frustrated more than I already am.
I did uninstall the updates and restarted the laptop and still no wifi. It worked just fine until the laptop restarted after the update. Am I the only one?
Jacki B said on February 14, 2019 at 6:36 am
Update: I don’t know what did the trick, but I did a System Restore, deleted the adapters, restarted the computer, plus a couple other things again that I originally did, and was able to restore the wireless capability. Whew! I know just enough to get me into trouble, and sometimes out of trouble.
CS Neha said on February 14, 2019 at 7:06 am
can anyone fix “The procedure entry point GetDateFormatEx could not be located in the dynamic link library KERNEL32.dll.” mine is Windows XP
1. XPPOS2009 said on February 14, 2019 at 5:25 pm
  Remove the KB4487085 patch/update.
Anonymous said on February 14, 2019 at 10:24 am
My web application is not loading properly. I am browsing it using its IP. I have tried adding it up among Trusted site. Still doesn’t work.
Anon said on February 15, 2019 at 12:43 pm
4486474 appears to have stopped IE from rendering images with a backslash in the path in our legacy application.
xppos2009 said on February 15, 2019 at 11:56 pm
KB4487085 has been re-released (V2):
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/02/windowsxp-kb4487085-v2-x86-embedded-enu_667f051ffe98ff99495e9b6ede2b8c321aba1ca3.exe
Also available via AU/WU/MU (clears it if previously hidden as per usual)
Package files are correctly platformed and versioned now – tested fine
Nikhil.GS said on April 3, 2019 at 2:11 pm
Please assist on checking on this issue as almost 2000 machines are having the same error on installing KB4486463 via sccm
It is also saying on the Error Description: â€œSoftware update still detected as actionable after applyâ€ in sccm status.
As per checking on the machine, KB4486463 is already installed on it.

Microsoft Windows Security Updates February 2019 overview