- August 2019 Security Updates release notes
- List of software updates for Microsoft products
- List of the latest Windows Updates and Services Packs
- Security Updates Guide
- Microsoft Update Catalog site
- Our in-depth Windows update guide
- How to install optional updates on Windows 10
- Windows 10 Update History
- Windows 8.1 Update History
- Windows 7 Update History
Amazing that the actual download link to Windows 8.1 security only patch takes place via an http link. The actual error is SSL_ERROR_BAD_CERT_DOMAIN since it’s only applicable to a handful of akamai sites.
I tried adding the “s” to the URL at http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/08/windows8.1-kb4512489-x64_be2ed8f4ee800d8c39e5025c5d95808858077c05.msu but Waterfox still displays the warning that the site isn’t secure.
So much for security eh Microsoft?
* Update to my previous post *
Well it would appear that the certificate has been issued to *clo.footprintdns.com which appears to be a tracker owned by Microsoft: https://whotracks.me/trackers/footprintdns.com.html so I guess it’s safe though a little misconcerting. https://whotracks.me/trackers/footprintdns.com.html
Thanks Martin,
Much appreciated like every mouth.
It stays a ferry helpful guide in the monthly windows update forest. What more and more start the looks like the Nottingham forest, around the time 13th/14th century AD.
Please keep up the good work.
It looks like Flash Player died in the 1903 version for M$. Still in version 32.0.0.207. Already in version 32.0.0.238 for Firefox and Chrome.
Flash Player from M$ still stuck with KB4503308 (32.0.0.207) for all Win10 versions [that includes v1507 to v1809] except v1511, JJ. that’s bcuz Adobe didn’t give M$ the .238 files and .238 is once again a non-security release
Thanks for explanation EP. :)
Thanks again Sir for the heads-up Mr Martin, You’re a good man for exposin this again
Sure is a lot of remote code Vulnerabilities
and I don’t think Win7 ever came loaded with
Hyper-V either…anyone else see what i’m seein
Windows 7: CVE-2019-0720 | Hyper-V Remote Code Execution Vulnerability
Win7 64 – did 3 updates, reboot, Windows no longer boots. Regular old platter hd, works fine as I can get to data booting from usb and chkdsk and sfc both report no problems. Was using ahci mode in bios and not the uefi secure boot setup. Unknown issue at this time. Boot drive Mbr repair is probably my next step. I will report back if I figure it out.
@7 troubles,
This can happen in you have either Symantec or Norton AV installed apparently. For details see: https://www.bleepingcomputer.com/news/microsoft/windows-7-sha-2-updates-blocked-if-symantec-norton-avs-installed/
Oh, No, not again!
All these vulnerabilities; are they designed in for job security? Kinda pathetic.
I have updated LTSC1809, manually. All seems well. No new SSU since last update, it’s the same released in July.
Speaking of WinUpdate and 1809, regarding that USB-C issue which would delay restarts/sleep and what not if you had anything connected through such a port: I have tested on my laptop, I connected through Tunderbolt 3 both an audio dongle and a portable HDD, and my laptop behaves normally. Shuts down and goes to sleep, and boots, in the expected amount of time.
>SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: August 13, 2019
Is it different than the one released in June?
There’s no items for Server 2016 in Windows Security Updates and Known Issues ? or are they just for server 2012 RF2 repeated therefore omitted ?
Hi the Windows Security Updates and Known Issues sections of the article don’t contain sections for Windows Server 2016, is that because they are just the same as the server 2012 R2 Critical and important vulnerabilities ?
It is remarkable that KB4023057 (https://support.microsoft.com/en-us/kb/4023057/) is showing up even if hidden previously. Apparently, Microsoft cannot resist to forcibly install crapware. Anyone who has hidden that one should hide it again and wait until Windows Update fetches updates again!
The piece says,
Known Issues
Windows 7 and Server 2008 R2
Devices that use Preboot Execution Environment may fail to start.
IA64 devices may fail to start. Solution: install KB4474419 .
Systems with Symantec or Norton software installed may block or delete Windows updates which causes Windows to stop working or fail to start. Upgrade block is in place. Symantec support article for the issue.”
However the “Symantec support article” only refers to users of their product “Symantec Endpoint Protection”. I’m using a less comprehensive product called “Norton Security” on my Windows 7 SP-1×64 system; nonetheless, I wasn’t offered the update.
Ridiculous, ended up reinstalling windows 7 (p64) because could not get gpt repaired trying about 15 different methods. 1 of the 3 updates I casually installed (like an idiot) somehow wiped out my c:/boot directory entirely. Bcd gone like it was never there. 3 updates all finished and rebooted as usual, nothing weird to userland. The usual bcd/bootrec/fixmbr etc repairs did not work because they require boot/cbd to be there to be repaired.
“Windows installations discovered : 0”
PITA rabbithole, waste of half a day.
That’s the last time I run windows updates without cloning, this is getting ridiculous. This whole year has been nuts.
Yeah, I’d rather take my chances with “vulnerabilities” in the wild, than open the door to the system slayer known as Windows Update.
looks like updates KB4512486 AND KB4512506 kills Windows 7 with nvme SSD drives. two out of ~100 pc’s won’t boot with these updates installed, and only these two has nvme SSD as boot drives.
tried to remove both and install separately – it’s enough one of these patches to kill Windows 7 machine.
The august update KB4511553 is shown here for 1809 but no download is done. I have tried all possible fixing solutions offered around the web with no success at all. Such a mess every month.
Manually installed and update problem solved, thank you @Yuliya, I read your post too late. :)
Manual updates never failed on me :)
kb4512506 refuses to install, fails with error 80092004.
This is on a clean install of 7 x64 and all other critical updates are installed one after another.
I’m on 2.5″ SATA SSD with uefi setup. (Not nvme.)
I guess I should be happy the update is failing as opposed to spending another 1/2 day trying to revert and failing.
After installing kb4512486, my Windows 7 (home premium edition) desktop doesn’t boot anymore:
https://support.hp.com/us-en/product/hp-pavilion-hpe-h9-1200-phoenix-desktop-pc-series/5258492/model/5286948
Fortunately, I was as able to retrieve my important files using a Linux live DVD.
Update : One of my issues = Wupdate was not offering me the SSU servicing stack update = kb4490628, which is supposed to be automatic but for me wasn’t. So I did it manually, which allowed the August rollup to be installed, but only after I’d installed all the other rollups which weren’t immediately visible. Before I installed the SSU I went through the “optional” updates, which weren’t actually optional really considering “critical” updates were not being shown unless they were installed, (such as the 2048-bit encryption update for one, probably 6-8 in all) which then “unlocked” the critical rollups in between, which eventually (with the SSU update) allowed the final new rollup.
Whew. Oh yeah, and this one booted me into a WinXP/PE setup to “repair” my boot volume – only this time it worked, and I can boot, but it also unlocks THREE MORE “important” updates !!!
TLDR: The Wupdate dependency chain is borked for Win7 AFAIK, you shouldn’t be installing “optional” updates to unlock “critical” security update rollups, even in an EOL OS!
Final update – 4512506 is a fail. This time with the recovery partition in place and the proper uefi setup it auto-reverted successfully but I can’t keep *506 installed despite it reporting installed and rebooting. It’s wiping out my bcd for whatever reason IIAC. HudsonD4-W7P64 on Samsung 850 pro uefi boot mode.
I got it down to a single update that fails. All in a day’s waste.
Installing Windows updates in August was never a good idea. It’s vacation season in Redmond and the script kiddies run the show while the geeks zip water at the beach.
After January 2020, Windows 7 updates won’t cause any trouble.
does the world end then ?
At least for some people cause the support for win 7 ends.
I just (automatically) got this (KB4512508).
It created 28 new allow rules in my firewall. To me this opened 28 new holes in my security instead of improving it.
For example “Shell input application” – Any address local or remote, any domain, any port local or remote, any protocol, all interface types, applies to all programs and services.
First, WTF is “Shell Input Application”? Of course M$ can’t name it actually what is /rolleyes. Simply put, it’s Touchscreen.
Well, I have no touchscreen, never have, never will, (and will never use most of the other 27 things M$ feels need internet access) so why does M$ feel this needs a firewall rule?