Microsoft Windows Security Updates February 2019 overview

Martin Brinkmann
Feb 12, 2019
Updated • Feb 13, 2019
Companies, Microsoft
|
30

Microsoft has just released security updates and other updates for Microsoft Windows, Office, and other company products.

The updates are available through automatic updating systems, update distribution systems, and also manual download.

It is recommended that you read through our monthly overview of the Patch Day before you download and install any of the updates.

Our overview includes information about all security updates, known issues, download links, and links to support articles that are useful when it comes to finding out more about certain updates released for systems and programs.

Check out the January 2019 Patch Day here.

Tip: Make sure you back up systems before you install updates, as updates may break things.

Microsoft Windows Security Updates January 2019

Download the following Excel spreadsheet to your computer if you want a detailed list of all security updates that Microsoft released today. Just click on the following link to download it to your system: (Download Removed)

Executive Summary

  • Microsoft released security updates for all supported versions of Microsoft Windows.
  • The following Microsoft products received security updates as well: Microsoft Edge, Internet Explorer, Microsoft Office, .NET Framework, Microsoft Exchange Server, Microsoft Visual Studio, Azure IoT SDK, Microsoft Dynamics, Team Foundation Server, Visual Studio Code
  • Microsoft released Servicing Stack Updates for supported versions of Windows.
  • The Update Catalog lists 208 updates for February 2019.

Operating System Distribution

  • Windows 7: 24 vulnerabilities of which 3 are rated critical and 21 are rated important.
  • Windows 8.1: 25 vulnerabilities of which 3 are rated critical and 22 are rated important.
  • Windows 10 version 1607:  28 vulnerabilities of which 3 are critical and 25 are important
  • Windows 10 version 1703:  28 vulnerabilities of which 3 are critical and 25 are important
  • Windows 10 version 1709: 29 vulnerabilities of which 3 are critical and 26 are important
  • Windows 10 version 1803: 29 vulnerabilities of which 3 are critical and 26 are important
  • Windows 10 version 1809: 28 vulnerabilities of which 3 are critical and 25 are important

Windows Server products

  • Windows Server 2008 R2: 24 vulnerabilities of which 3 are critical and 21 are important.
  • Windows Server 2012 R2: 25 vulnerabilities of which 3 are critical and 23 are important.
  • Windows Server 2016: 28 vulnerabilities of which 3 are critical and 25 are important.
  • Windows Server 2019: 28 vulnerabilities of which 3 are critical and 25 are important.

The critical vulnerabilities are all the same in all client and server editions:

Other Microsoft Products

  • Internet Explorer 11: 3 vulnerability, 1 critical, 2 important
  • Microsoft Edge: 21 vulnerabilities, 14 critical, 5 important, 2 moderate

Windows Security Updates

Windows 7 SP1

KB4486563 -- Monthly Rollup

  • HTTP Strict Transport Security Preload gets top-level domain support in Microsoft Edge and IE11.
  • Plus all in security-only rollup.

KB4486564 -- Security-only Rollup

  • Fixed an issue that prevented Microsoft Jet database files from opening.
  • Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Input and Composition, Windows Wireless Networking, Windows Server, and the Microsoft JET Database Engine

Windows 8.1

KB4487000 -- Monthly Rollup

  • HTTP Strict Transport Security Preload gets top-level domain support in Microsoft Edge and IE11.
  • Plus all in security-only rollup

KB4487028 -- Security-only Rollup

  • Fixed an issue that prevented Microsoft Jet database files from opening.
  • Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Input and Composition, Windows Wireless Networking, Internet Explorer, Windows Server, and the Microsoft JET Database Engine.

Windows 10 version 1607

KB4487026 -- Cumulative Update for Windows 10 version 1607

  • Fixed an issue that caused Microsoft Outlook search to fail.
  • Fixed a file icon display issue in the taskbar.
  • Fixed an issue the prevented the correct setting of the LmCompatibilityLevel value.
  • Fixed the Microsoft JET database file access issue.
  • Internet Explorer 11 layout recalculation optimization for server platforms.
  • Added top-level domain support to HSTS Preload for Microsoft Edge and IE11.
  • Fixed an issue that prevented Edge from connecting using an IP address.
  • Security updates to Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Windows Graphics, Microsoft Graphics Component, Windows Input and Composition, Microsoft Edge, Windows Storage and Filesystems, Windows Wireless Networking, Windows Server, and the Microsoft JET Database Engine.

Windows 10 version 1703

KB4487020 -- Cumulative Update for Windows 10 version 1703

  • Same as KB4487017 for Windows 10 version 1803

Windows 10 version 1709

KB4486996 -- Cumulative Update for Windows 10 version 1709

  • Same as KB4487017 for Windows 10 version 1803

Windows 10 version 1803

KB4487017 -- Cumulative Update for Windows 10 version 1803

  • Fixed an issue the prevented the correct setting of the LmCompatibilityLevel value.
  • Fixed the Microsoft JET database file access issue.
  • Added top-level domain support to HSTS Preload for Microsoft Edge and IE11.
  • Fixed an issue that prevented Edge from connecting using an IP address.
  • Security updates to Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Windows Graphics, Windows Input and Composition, Microsoft Edge, Windows Wireless Networking, Windows Server, and the Microsoft JET Database Engine .

Windows 10 version 1809

KB4487044 -- Cumulative Update for Windows 10 version 1809

  • Addresses an issue that causes the Windows Hello for Business Hybrid Key Trust deployment sign-in to fail if Windows 2019 Server domain controllers (DC) are used for authentication.
  • Fixed an issue the prevented the correct setting of the LmCompatibilityLevel value.
  • Fixed the Microsoft JET database file access issue.
  • Fixed an issue in Microsoft HoloLens that allowed users to bypass the lock screen sign in process.
  • Security updates to Microsoft Scripting Engine, Microsoft Edge, Windows Server, the Microsoft JET Database Engine, Internet Explorer, Windows Wireless Networking, Windows Storage and Filesystems, Windows Input and Composition, Windows Graphics, and Windows App Platform and Frameworks.

Other security updates

KB4486474 -- Cumulative Security Update for Internet Explorer

KB4483449 -- Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4483450 -- Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4483451 -- Security and Quality Rollup for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4483453 -- Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4483454 -- Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4483455 -- Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4483456 -- Security and Quality Rollup for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4483457 -- Security and Quality Rollup for .NET Framework 2.0, 3.0 for Windows Server 2008

KB4483458 -- Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4483459 -- Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4483468 -- Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4483469 -- Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4483470 -- Security Only Update for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4483472 -- Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4483473 -- Security Only Update for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4483474 -- Security Only Update for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4483475 -- Security Only Update for .NET Framework 4.0 on WES09 and POSReady 2009

KB4483481 -- Security Only Update for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4483482 -- Security Only Update for .NET Framework 2.0, 3.0 for Windows Server 2008

KB4483483 -- Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4483484 -- Security Only Update for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4483485 -- Security Only Update for .NET Framework 2.0 SP2 on WES09 and POSReady 2009

KB4483495 -- Security Only Update for .NET Framework 3.0 SP2 on WES09 and POSReady 2009

KB4486463 -- Fix for Information Disclosure Vulnerability in Windows Embedded POSReady 2009

KB4486464 -- Fix for Information Disclosure Vulnerability in Windows Embedded POSReady 2009

KB4486465 -- Fix for Remote Code Execution Vulnerability in Windows Embedded POSReady 2009

KB4486924 -- Fix for security updates in Windows Embedded POSReady 2009

KB4487019 -- Windows Server 2009 SP2 Security-only update.

KB4487023 -- Windows Server 2009 SP2 Monthly Rollup update.

KB4487025 -- Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4487038 -- Adobe Flash Player security update

KB4487078 -- Security and Quality Rollup for .NET Framework 3.5.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4487079 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4487080 -- Security and Quality Rollup for .NET Framework 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4487081 -- Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4487085 -- Security Update for WES09 and POSReady 2009 for x86-based Systems

KB4487086 -- Security Update for WES09 and POSReady 2009

KB4487121 -- Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4487122 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4487123 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4487124 -- Security Only Update for .NET Framework 2.0 for Windows Server 2008

KB4487385 -- Security Update for WES09 and POSReady 2009

KB4487396 -- Security Update for WES09 and POSReady 2009

KB4483452 -- Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10

Known Issues

Windows 7, Windows 8.1

Virtual Machines may fail to restore successfully after installing the update on AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) architectures.

Workaround: Shut down of virtual machines before restarting the host.

Windows 10 version 1607 and Server 2016

Lenovo laptops with less than 8 GB of RAM may fail to start.

Workaround: Disable Secure Boot on the PC. If BitLocker is installed, you may need to use BitLocker Recovery.

The cluster service may fail to start after installing KB4467684.

Workaround: Set Minimum Password Length policy to "less than or equal to 14 characters".

SCVMM hosts may not be able to enumerate and manage logical switches deployed on the host.

Workaround: Run mofcomp on Scvmmswitchportsettings.mof and  VMMDHCPSvr.mof.

Windows 10 version 1803

Some users may  not be able to pin web links on the Start menu or taskbar.

Workaround: none

Also, same local IP connecting issue as Windows 10 version 1809.

Windows 10 version 1703, 1709, 1809

Some users may not be able to load webpages using local IP addresses after installing KB4480116.

Workaround: Add the local IP address to the list of sites in the Trusted Zone.

Security advisories and updates

ADV190003 | February 2019 Adobe Flash Security Update

ADV190007 | Guidance for "PrivExchange" Elevation of Privilege Vulnerability

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB4486557 -- Dynamic Update for Windows 10 Version 1507

KB890830 -- Windows Malicious Software Removal Tool - February 2019

Microsoft Office Updates

You can read about the non-security Office updates released in February 2019 here. The list of security updates for Microsoft Office is available here.

How to download and install the February 2019 security updates

microsoft windows security updates 2019 february

Windows security updates are distributed via Windows Update, WSUS, and other update management systems that Microsoft supports.

We don't recommend that you run manual update checks as it may lead to the installation of beta updates or feature upgrades.

Still, you may do so in the following way:

  1. Open the Start Menu.
  2. Type Windows Update.
  3. Click on the "check for updates" button to run a manual check.

You may use third-party tools like the excellent Windows Update Manager or Windows Update Minitool to download updates.

Direct update downloads

Updates that Microsoft releases for supported versions of Windows are available on the Microsoft Update Catalog website as well. The links below lead directly to these downloads on the site.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4486563 -- 2019-02 Security Monthly Quality Rollup for Windows 7
  • KB4486564 -- 2019-02 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4487000 -- 2019-02 Security Monthly Quality Rollup for Windows 8.1
  • KB4487028 -- 2019-02 Security Only Quality Update for Windows 8.1

Windows 10 and Windows Server 2016 (version 1607)

  •  KB4487026 -- 2019-02 Cumulative Update for Windows 10 Version 1607

Windows 10 (version 1703)

  • KB4487020 -- 2019-02 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  • KB4486996 -- 2019-02 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4487017 -- 2019-02 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  •  KB4487044 -- 2019-02 Cumulative Update for Windows 10 Version 1809

Additional resources

Summary
Microsoft Windows Security Updates February 2019 overview
Article Name
Microsoft Windows Security Updates February 2019 overview
Description
Microsoft has just released security updates and other updates for Microsoft Windows, Office, and other company products.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Nikhil.GS said on April 3, 2019 at 2:11 pm
    Reply

    Please assist on checking on this issue as almost 2000 machines are having the same error on installing KB4486463 via sccm

    It is also saying on the Error Description: “Software update still detected as actionable after apply” in sccm status.

    As per checking on the machine, KB4486463 is already installed on it.

  2. xppos2009 said on February 15, 2019 at 11:56 pm
    Reply

    KB4487085 has been re-released (V2):

    http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/02/windowsxp-kb4487085-v2-x86-embedded-enu_667f051ffe98ff99495e9b6ede2b8c321aba1ca3.exe

    Also available via AU/WU/MU (clears it if previously hidden as per usual)

    Package files are correctly platformed and versioned now – tested fine

  3. Anon said on February 15, 2019 at 12:43 pm
    Reply

    4486474 appears to have stopped IE from rendering images with a backslash in the path in our legacy application.

  4. Anonymous said on February 14, 2019 at 10:24 am
    Reply

    My web application is not loading properly. I am browsing it using its IP. I have tried adding it up among Trusted site. Still doesn’t work.

  5. CS Neha said on February 14, 2019 at 7:06 am
    Reply

    can anyone fix “The procedure entry point GetDateFormatEx could not be located in the dynamic link library KERNEL32.dll.” mine is Windows XP

    1. XPPOS2009 said on February 14, 2019 at 5:25 pm
      Reply

      Remove the KB4487085 patch/update.

  6. Jacki B said on February 14, 2019 at 6:36 am
    Reply

    Update: I don’t know what did the trick, but I did a System Restore, deleted the adapters, restarted the computer, plus a couple other things again that I originally did, and was able to restore the wireless capability. Whew! I know just enough to get me into trouble, and sometimes out of trouble.

  7. Jacki B said on February 14, 2019 at 5:39 am
    Reply

    Just did the latest Windows 7 update and now I do not have wireless capability on my laptop. Have done all of the suggestions I can find online and nothing has worked to restore the wifi. So now am doing a system restore to before the latest update. If it doesn’t work, I am really going to be frustrated more than I already am.
    I did uninstall the updates and restarted the laptop and still no wifi. It worked just fine until the laptop restarted after the update. Am I the only one?

  8. Justin said on February 13, 2019 at 8:16 pm
    Reply

    Are 1809 LTSC updates coming through WSUS yet? I have “LTSB” checked off and the only 1809 updates I see are .net FrameWork updates. No CU’s are coming through.

  9. Matt said on February 13, 2019 at 7:35 pm
    Reply

    Both KB4486563 (Win7 security monthly quality rollup) and KB4486474 (IE11 cumulative security update) broke our Centricity RIS software today; it’s a medical record system that runs inside IE11. If users click the “Tools” button inside the application, they immediately get kicked out back to the login page so none of the affected users could scan or view documents.

    The only fix I could find was to uninstall both updates, as uninstalling only one or the other wouldn’t fix it. Didn’t see any event viewer entries, either. Wish there was an easy way to tell MS about this but there’s no Windows 7 feedback hub.

    1. David Balažic said on February 15, 2019 at 10:28 am
      Reply

      Yeah, here also a web page stopped working in IE (compatibility view, it is an ancient page)

  10. XPPOS2009 said on February 13, 2019 at 9:29 am
    Reply

    KB4487085 for XP/POSReady 2009 is broken/incorrectly packaged with vista/7 files/components causing boot failures and other app crashes and must be uninstalled to regain functionality.

    KB4486463 for XP/POSReady 2009 is broken on uniprocessor/single core/non-HT installs causing looping repeat installs.

    1. glnz said on February 14, 2019 at 4:02 am
      Reply

      KB4487085 no longer shows on the AU yellow shield.

      1. XPPOS2009 said on February 16, 2019 at 3:26 am
        Reply

        KB4487085 has been re-released (V2):

        http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/02/windowsxp-kb4487085-v2-x86-embedded-enu_667f051ffe98ff99495e9b6ede2b8c321aba1ca3.exe

        Also available via AU/WU/MU (clears it if previously hidden as per usual)

        Package files are correctly platformed and versioned now – tested fine

    2. NPickles said on February 13, 2019 at 1:58 pm
      Reply

      We have found an issue with KB4487085 where you get a ‘The procedure entry point sprintf_s could not be located in the dynamic link library msvcrt.dll’ error, even though msvcrt.dll isn’t included in the update.
      You have to uninstall it to fix it.
      Made our helpdesk very busy this morning.

      1. RTejada said on February 13, 2019 at 4:09 pm
        Reply

        whats the best way to uninstall about 800 PCs? this is affecting our machines.

  11. MartinFan said on February 13, 2019 at 6:20 am
    Reply

    Does anyone know if this months updates include telemtry/diagnostics for Windows 7, I just got rid of all of them last month Thanks to an article here at Ghacks with a link to Tweakhound and don’t want anymore from Microsoft. I’m almost tempted to turn off Windows Updates early since there’s less than a year left and would if it wasn’t for Microsoft Security Essentials.

  12. supergirl said on February 13, 2019 at 4:00 am
    Reply

    Whoa! I have set aside all of the Windows hard drives to my many LInux installs.

    3 of these would need to be redone from before w7sp1 to resell with Windows.

    I guess they will go with Linux or be stripped & recycled.

    Thanks M$…..

  13. Robert G. said on February 13, 2019 at 3:04 am
    Reply

    Thanks again Martin for the details.

  14. stefann said on February 13, 2019 at 1:20 am
    Reply

    Title should really be: “Microsoft Windows Bugs Updates February 2019 overview”…….

  15. Paul(us) said on February 12, 2019 at 10:58 pm
    Reply

    Thanks, Martin, For this monthly article hopefully Windows 10 version 1803 will soon automatically kick in to update, this month 29 vulnerabilities (from which 3 seem to be critical & also 26 who are important.). Every month I am thinking “Yet again a crazy high amounts of fixes again this month.

  16. John IL said on February 12, 2019 at 10:11 pm
    Reply

    Ah, time to roll the dice again.

  17. Andrej said on February 12, 2019 at 9:36 pm
    Reply

    Hey,
    How about express updates for win2016 servers which were anounced to be reenabled in 2018 november. Am I only one who still can’t see these updates in WSUS and SCCM?

  18. BAR said on February 12, 2019 at 9:00 pm
    Reply

    No, sorry, I’m not certain about no SSUs; it now seems the ADV990001 page has issues refreshing:
    https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV990001
    (but I don’t think there’s one for 1809 today)

    1. Martin Brinkmann said on February 12, 2019 at 9:01 pm
      Reply

      The first hour or so is always problematic as you may run into all kinds of caching or publishing delays or issues.

      1. BAR said on February 12, 2019 at 9:32 pm
        Reply

        Yep, thanks. Sorry for the misinformation.

        You do have “Microsoft Windows Security Updates *January* 2019” near the top of this February page though. ;-)

  19. BAR said on February 12, 2019 at 8:52 pm
    Reply

    > Microsoft released Servicing Stack Updates for supported versions of Windows.

    None were released today.

    1. Martin Brinkmann said on February 12, 2019 at 8:57 pm
      Reply

      Are you certain? Microsoft published Servicing Stack Updates for Win 10 v1607, 1703, 1709 and 1803.

      1. ilev said on February 13, 2019 at 8:54 am
        Reply
  20. Belga said on February 12, 2019 at 8:35 pm
    Reply

    2019-02 Security Only Quality Update for Windows 7 (KB4486564)
    “The update does not apply to your computer.” ??? This is the first time…
    Thank you anyway Martin.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.