ADVERTISEMENT
Today is the August 2019 Patch Day over at Microsoft. The company released security and non-security updates for all supported versions of Microsoft Windows and other company products today.
We publish detailed information for system administrators, organizations, and interested home users on each Microsoft Patch Day. These cover links information and links to patches, the list of known issues, links to resource pages, and other relevant information to make educated updating decisions.
You can check out the July 2019 Update overview if you missed it.
The following Excel spreadsheet lists updates that Microsoft released for its products in August 2019. You can download it with a click on the following link: Microsoft Windows Security Updates August 2019 List
Windows Server products
Other Microsoft Products
Windows 7 SP1 and Windows Server 2008 R2 SP1
KB4512506 -- Monthly Rollup
KB4512486 -- Security-only update
Windows 8.1 and Windows Server 2012 R2
KB4512488 -- Monthly Rollup
KB4512489 -- Security-only update
Windows 10 version 1709
KB4512516 -- Cumulative Update
Windows 10 version 1803
KB4512501 -- Cumulative Update
Windows 10 version 1809 and Windows Server 1809
KB4511553 -- Cumulative Update
Windows 10 version 1903 and Windows Server 1903
KB4512508 -- Cumulative Update
Other security updates
KB4511872 -- Cumulative security update for Internet Explorer: August 13, 2019
KB4474419 -- SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: August 13, 2019
KB4512476 -- Windows Server 2008 SP2 Monthly Rollup
KB4512491 -- Windows Server 2008 SP2 Security-Only Update
KB4512518 -- Windows Server 2012 and Windows Embedded 8 Standard Monthly Rollup
KB4512482 -- Windows Server 2012 and Windows Embedded 8 Standard Security-Only Update
Windows 7 and Server 2008 R2
Windows 8.1 and Server 2012 R2
Windows 10 version 1709
Windows 10 version 1803
Windows 10 version 1809 and Server 1809
Windows 10 version 1903 and Server 1903
ADV190014 | Microsoft Live Accounts Elevation of Privilege Vulnerability
KB4087513 -- Microsoft .NET Framework 4.8 Language Packs for Windows Embedded 8 Standard and Windows Server 2012
KB4087514 -- Microsoft .NET Framework 4.8 Language Packs for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2
KB4087515 -- Microsoft .NET Framework 4.8 Language Packs for Windows Server 1903, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows 10 Version 1803, Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10 Version 1507
KB4087642 -- Microsoft .NET Framework 4.8 Language Packs for Windows Server 1903, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows 10 Version 1803, Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10 Version 1507
KB4486081 -- Microsoft .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012
KB4486105 -- Microsoft .NET Framework 4.8 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2
KB4486129 -- Microsoft .NET Framework 4.8 for Windows Server 1703, Windows Server and Windows 10 Version 1607
KB4486153 -- Microsoft .NET Framework 4.8 for Windows Server 1903, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows 10 Version 1803, Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10 Version 1507
KB4497410 -- Microsoft .NET Framework 4.8 Language Packs for Windows 7 and Server 2008 R2
KB4503548 -- Microsoft .NET Framework 4.8 for Windows 7 and Windows Server 2008 R2
KB4511552 -- 2019-08 Dynamic Update for Windows 10 Version 1809
KB890830 -- Windows Malicious Software Removal Tool - August 2019
KB4505903 -- Windows 10 version 1903 and Windows Server version 1903
KB4505658 -- Windows 10 version 1809 and Windows Server 1809
KB4507466 -- Windows 10 version 1803
KB4507465 -- Windows 10 version 1709
KB4507467 -- Windows 10 version 1703
You find Office update information here.
Home computer systems running Windows are configured to download and install updates automatically. It is recommended to wait with the installation of updates or create backups of the system before updates are installed; updates may introduce issues of their own on systems including major issues that may prevent PCs from booting into Windows.
You may run manual checks for updates to speed up the installation of the new updates
Another option that you have is to download the updates manually from the Microsoft Update Catalog website.
Windows 7 SP1 and Windows Server 2008 R2 SP
Windows 8.1 and Windows Server 2012 R2
Windows 10 (version 1803)
Windows 10 (version 1809)
Windows 10 (version 1903)
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.
Amazing that the actual download link to Windows 8.1 security only patch takes place via an http link. The actual error is SSL_ERROR_BAD_CERT_DOMAIN since it’s only applicable to a handful of akamai sites.
I tried adding the “s” to the URL at http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/08/windows8.1-kb4512489-x64_be2ed8f4ee800d8c39e5025c5d95808858077c05.msu but Waterfox still displays the warning that the site isn’t secure.
So much for security eh Microsoft?
* Update to my previous post *
Well it would appear that the certificate has been issued to *clo.footprintdns.com which appears to be a tracker owned by Microsoft: https://whotracks.me/trackers/footprintdns.com.html so I guess it’s safe though a little misconcerting. https://whotracks.me/trackers/footprintdns.com.html
Thanks Martin,
Much appreciated like every mouth.
It stays a ferry helpful guide in the monthly windows update forest. What more and more start the looks like the Nottingham forest, around the time 13th/14th century AD.
Please keep up the good work.
It looks like Flash Player died in the 1903 version for M$. Still in version 32.0.0.207. Already in version 32.0.0.238 for Firefox and Chrome.
Flash Player from M$ still stuck with KB4503308 (32.0.0.207) for all Win10 versions [that includes v1507 to v1809] except v1511, JJ. that’s bcuz Adobe didn’t give M$ the .238 files and .238 is once again a non-security release
Thanks for explanation EP. :)
Thanks again Sir for the heads-up Mr Martin, You’re a good man for exposin this again
Sure is a lot of remote code Vulnerabilities
and I don’t think Win7 ever came loaded with
Hyper-V either…anyone else see what i’m seein
Windows 7: CVE-2019-0720 | Hyper-V Remote Code Execution Vulnerability
Win7 64 – did 3 updates, reboot, Windows no longer boots. Regular old platter hd, works fine as I can get to data booting from usb and chkdsk and sfc both report no problems. Was using ahci mode in bios and not the uefi secure boot setup. Unknown issue at this time. Boot drive Mbr repair is probably my next step. I will report back if I figure it out.
@7 troubles,
This can happen in you have either Symantec or Norton AV installed apparently. For details see: https://www.bleepingcomputer.com/news/microsoft/windows-7-sha-2-updates-blocked-if-symantec-norton-avs-installed/
Oh, No, not again!
All these vulnerabilities; are they designed in for job security? Kinda pathetic.
I have updated LTSC1809, manually. All seems well. No new SSU since last update, it’s the same released in July.
Speaking of WinUpdate and 1809, regarding that USB-C issue which would delay restarts/sleep and what not if you had anything connected through such a port: I have tested on my laptop, I connected through Tunderbolt 3 both an audio dongle and a portable HDD, and my laptop behaves normally. Shuts down and goes to sleep, and boots, in the expected amount of time.
>SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: August 13, 2019
Is it different than the one released in June?
There’s no items for Server 2016 in Windows Security Updates and Known Issues ? or are they just for server 2012 RF2 repeated therefore omitted ?
Hi the Windows Security Updates and Known Issues sections of the article don’t contain sections for Windows Server 2016, is that because they are just the same as the server 2012 R2 Critical and important vulnerabilities ?
It is remarkable that KB4023057 (https://support.microsoft.com/en-us/kb/4023057/) is showing up even if hidden previously. Apparently, Microsoft cannot resist to forcibly install crapware. Anyone who has hidden that one should hide it again and wait until Windows Update fetches updates again!
The piece says,
Known Issues
Windows 7 and Server 2008 R2
Devices that use Preboot Execution Environment may fail to start.
IA64 devices may fail to start. Solution: install KB4474419 .
Systems with Symantec or Norton software installed may block or delete Windows updates which causes Windows to stop working or fail to start. Upgrade block is in place. Symantec support article for the issue.”
However the “Symantec support article” only refers to users of their product “Symantec Endpoint Protection”. I’m using a less comprehensive product called “Norton Security” on my Windows 7 SP-1×64 system; nonetheless, I wasn’t offered the update.
Ridiculous, ended up reinstalling windows 7 (p64) because could not get gpt repaired trying about 15 different methods. 1 of the 3 updates I casually installed (like an idiot) somehow wiped out my c:/boot directory entirely. Bcd gone like it was never there. 3 updates all finished and rebooted as usual, nothing weird to userland. The usual bcd/bootrec/fixmbr etc repairs did not work because they require boot/cbd to be there to be repaired.
“Windows installations discovered : 0”
PITA rabbithole, waste of half a day.
That’s the last time I run windows updates without cloning, this is getting ridiculous. This whole year has been nuts.
Yeah, I’d rather take my chances with “vulnerabilities” in the wild, than open the door to the system slayer known as Windows Update.
looks like updates KB4512486 AND KB4512506 kills Windows 7 with nvme SSD drives. two out of ~100 pc’s won’t boot with these updates installed, and only these two has nvme SSD as boot drives.
tried to remove both and install separately – it’s enough one of these patches to kill Windows 7 machine.
The august update KB4511553 is shown here for 1809 but no download is done. I have tried all possible fixing solutions offered around the web with no success at all. Such a mess every month.
Manually installed and update problem solved, thank you @Yuliya, I read your post too late. :)
Manual updates never failed on me :)
kb4512506 refuses to install, fails with error 80092004.
This is on a clean install of 7 x64 and all other critical updates are installed one after another.
I’m on 2.5″ SATA SSD with uefi setup. (Not nvme.)
I guess I should be happy the update is failing as opposed to spending another 1/2 day trying to revert and failing.
After installing kb4512486, my Windows 7 (home premium edition) desktop doesn’t boot anymore:
https://support.hp.com/us-en/product/hp-pavilion-hpe-h9-1200-phoenix-desktop-pc-series/5258492/model/5286948
Fortunately, I was as able to retrieve my important files using a Linux live DVD.
Update : One of my issues = Wupdate was not offering me the SSU servicing stack update = kb4490628, which is supposed to be automatic but for me wasn’t. So I did it manually, which allowed the August rollup to be installed, but only after I’d installed all the other rollups which weren’t immediately visible. Before I installed the SSU I went through the “optional” updates, which weren’t actually optional really considering “critical” updates were not being shown unless they were installed, (such as the 2048-bit encryption update for one, probably 6-8 in all) which then “unlocked” the critical rollups in between, which eventually (with the SSU update) allowed the final new rollup.
Whew. Oh yeah, and this one booted me into a WinXP/PE setup to “repair” my boot volume – only this time it worked, and I can boot, but it also unlocks THREE MORE “important” updates !!!
TLDR: The Wupdate dependency chain is borked for Win7 AFAIK, you shouldn’t be installing “optional” updates to unlock “critical” security update rollups, even in an EOL OS!
Final update – 4512506 is a fail. This time with the recovery partition in place and the proper uefi setup it auto-reverted successfully but I can’t keep *506 installed despite it reporting installed and rebooting. It’s wiping out my bcd for whatever reason IIAC. HudsonD4-W7P64 on Samsung 850 pro uefi boot mode.
I got it down to a single update that fails. All in a day’s waste.
Installing Windows updates in August was never a good idea. It’s vacation season in Redmond and the script kiddies run the show while the geeks zip water at the beach.
After January 2020, Windows 7 updates won’t cause any trouble.
does the world end then ?
At least for some people cause the support for win 7 ends.
I just (automatically) got this (KB4512508).
It created 28 new allow rules in my firewall. To me this opened 28 new holes in my security instead of improving it.
For example “Shell input application” – Any address local or remote, any domain, any port local or remote, any protocol, all interface types, applies to all programs and services.
First, WTF is “Shell Input Application”? Of course M$ can’t name it actually what is /rolleyes. Simply put, it’s Touchscreen.
Well, I have no touchscreen, never have, never will, (and will never use most of the other 27 things M$ feels need internet access) so why does M$ feel this needs a firewall rule?