Microsoft Windows Security Updates September 2019 overview

by Martin Brinkmann on September 10, 2019 in Companies, Microsoft, Windows - Last Update: September 10, 2019 - 27 comments

It is September 10, 2019 and Microsoft has just released security and non-security updates for its Microsoft Windows operating system and other company products.

Our overview of the September 2019 Patch Day provides system administrators and home users with information on the released updates. It features some stats at the beginning, provides links to all support articles and direct download options, lists known issues and security advisories, and provides other relevant information.

Check out the August 2019 update overview in case you missed it.

Microsoft Windows Security Updates September 2019

Here is a handy Excel spreadsheet that lists all released security updates for Microsoft products in September 2019. Please download it with a click on the following link: Microsoft Windows Security Updates September 2019

Executive Summary

Microsoft released security updates for all client and server versions of the Windows operating system that it supports.
The following non-Windows products had security updates released as well: Internet Explorer, Microsoft Edge, Microsoft Office, Adobe Flash Player, Microsoft Lync, Visual Studio, .NET Framework, Microsoft Exchange Server, Microsoft Yammer, .NET Core, ASP.NET, Team Foundation Server, Project Rome.
Microsoft fixed the high CPU usage issue from SearchUI.exe in Windows 10 1903.
The Microsoft Update Catalog website lists 215 updates.

Operating System Distribution

Windows 7: 32 vulnerabilities: 4 rated critical and 28 rated important
- CVE-2019-0787 | Remote Desktop Client Remote Code Execution Vulnerability
- CVE-2019-1280 | LNK Remote Code Execution Vulnerability
- CVE-2019-1290 | Remote Desktop Client Remote Code Execution Vulnerability
- CVE-2019-1291 | Remote Desktop Client Remote Code Execution Vulnerability
Windows 8.1: 33 vulnerabilities: 5 rated critical and 28 rated important
- same as Windows 7 plus
- CVE-2019-0788 | Remote Desktop Client Remote Code Execution Vulnerability
Windows 10 version 1803: 46 vulnerabilities: 5 critical and 41 important
- same as Windows 8.1
Windows 10 version 1809: 45 vulnerabilities: 5 critical and 40 important
- same as Windows 8.1
Windows 10 version 1903: 45 vulnerabilities: 5 critical and 40 important.
- same as Windows 8.1

Windows Server products

Windows Server 2008 R2: 31 vulnerabilities: 3 critical and 28 important.
- CVE-2019-1280 | LNK Remote Code Execution Vulnerability
- CVE-2019-1290 | Remote Desktop Client Remote Code Execution Vulnerability
- CVE-2019-1291 | Remote Desktop Client Remote Code Execution Vulnerability
Windows Server 2012 R2: 31 vulnerabilities: 3 critical and 28 important.
- same as Windows Server 2008 R2.
Windows Server 2016: 39 vulnerabilities: 3 critical and 36 important
- same as Windows Server 2008 R2.
Windows Server 2019: 43 vulnerabilities: 3 critical and 40 are important.
- same as Windows Server 2008 R2.

Other Microsoft Products

Internet Explorer 11: 4 vulnerabilities: 3 critical, 1 important
- CVE-2019-1208 | VBScript Remote Code Execution Vulnerability
- CVE-2019-1221 | Scripting Engine Memory Corruption Vulnerability
- CVE-2019-1236 | VBScript Remote Code Execution Vulnerability
Microsoft Edge: 7 vulnerabilities: 5 critical, 2 important
- CVE-2019-1138 | Chakra Scripting Engine Memory Corruption Vulnerability
- CVE-2019-1217 | Chakra Scripting Engine Memory Corruption Vulnerability
- CVE-2019-1237 | Chakra Scripting Engine Memory Corruption Vulnerability
- CVE-2019-1298 | Chakra Scripting Engine Memory Corruption Vulnerability
- CVE-2019-1300 | Chakra Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2 SP1

Monthly Rollup: KB4516065

Security Only: KB4516033

Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 32-Bit (x86) versions of Windows
Security Updates

Windows 8.1 and Windows Server 2012 R2

Monthly Rollup: KB4516067

Security Only: KB4516064

Same as Windows 7 and Server 2008 R2

Windows 10 version 1803

Cumulative Update: KB4516058

Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 32-Bit (x86) versions of Windows.
Security updates.

Windows 10 version 1809 and Windows Server 1809

Cumulative Update: KB4512578

Same as Windows 10 version 1803.

Windows 10 version 1903 and Windows Server version 1903

Cumulative update: KB4515384

Same as Windows version 1803 plus
Fixed the high CPU usage issue caused by SearchUI.exe.

Windows 10 version 1903 and Windows Server 1903

Other security updates

KB4516046 -- Cumulative security update for Internet Explorer: September 10, 2019

KB4474419 -- SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: August 13, 2019

KB4516655 -- 2019-09 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4517134 -- 2019-09 Servicing Stack Update for Windows Server 2008

KB4512938 -- 2019-09 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4512939 -- 2019-09 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012

KB4511839 -- 2019-09 Servicing Stack Update for Windows 10 Version 1703

KB4512573 -- 2019-09 Servicing Stack Update for Windows 10 Version 1507

KB4512575 -- 2019-09 Servicing Stack Update for Windows 10 Version 1709

KB4512576 -- 2019-09 Servicing Stack Update for Windows Server Version 1803 and Windows 10 Version 1803

KB4512577 -- 2019-09 Servicing Stack Update for Windows 10 Version 1809 and Windows Server 2019

KB4515383 -- 2019-09 Servicing Stack Update for Windows 10 Version 1903

KB4512574 -- 2019-09 Servicing Stack Update for Windows Server 1903 RTM, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows Server Version 1803, Windows 10 Version 1803, Windows Server 2016, Windows Server Version 1709, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10

Server / Embedded

KB4516026 -- 2019-09 Security Monthly Quality Rollup for Windows Server 2008

KB4516051 -- 2019-09 Security Only Quality Update for Windows Server 2008

KB4516055 --2019-09 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4516062 -- 2019-09 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

Microsoft .NET

KB4514330 -- Security Only Update for .NET Framework 4.8 for Windows Server 2012

KB4514331 -- Security Only Update for .NET Framework 4.8 for Windows 8.1 and Server 2012 R2

KB4514337 --

KB4514338 -- Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2

KB4514341 -- Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Server 2012 R2

KB4514342 -- Security Only Update for .NET Framework 4.5.2 for Windows Server 2012

KB4514349 -- Security Only Update for .NET Framework 3.5 for Windows Server 2012

KB4514350 -- Security Only Update for .NET Framework 3.5 for Windows 8.1 and Server 2012 R2

KB4514360 -- Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012

KB4514361 -- Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514363 -- Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012

KB4514364 -- Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514367 -- Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514368 -- Security and Quality Rollup for .NET Framework 4.5.2 for Windows Server 2012

KB4514370 -- Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012

KB4514371 -- Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Server 2012 R2

KB4514598 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012

KB4514599 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Server 2012 R2

KB4514602 -- Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Server 2008 R2 SP1

KB4514603 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012

KB4514604 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, RT 8.1, and Server 2012 R2

KB4514605 -- Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2

KB4514354 -- 2019-09 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607

KB4514355 -- 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703

KB4514356 -- 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1709

KB4514357 -- 2019-09 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803 and Windows Server 2016

KB4514358 -- 2019-09 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1809

KB4514359 -- 2019-09 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1903

KB4514366 -- 2019-09 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809

KB4514601 -- 2019-09 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809

Known Issues

Windows 7 SP1 and Windows Server 2008 R2 (monthly rollup only)

VBScript may not be disabled in Internet Explorer even though it should be

Windows 8.1 and Windows Server 2008 R2

Certain operations may fail on Cluster Shared Volumes

Windows 10 version 1803

Operations may fail on Cluster Shared Volumes.
Black screen during first logon after update installation issue

Windows 10 version 1809

Same as Windows 10 version 1803 plus
Error on some devices with certain Asian language packs installed: 0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries

Security advisories and updates

ADV990001 | Latest Servicing Stack Updates

ADV190022 | September 2019 Adobe Flash Security Update

Non-security related updates

Microsoft Office Updates

You find Office update information here.

How to download and install the September 2019 security updates

Most home systems receive updates automatically especially when they run Windows 10. Updates are not pushed in real-time to devices running Windows. Some administrators prefer to install security updates the moment they are released, others to wait to make sure that the updates don't introduce any issues on the system.

Note: it is recommended that you back up the system partition before you install updates. Use programs like Paragon Backup & Recovery Free or Macrium Reflect for that.

Admins may check for updates manually to retrieve the released updates right away. Here is how that is done:

Open the Start Menu of the Windows operating system, type Windows Update and select the result.
Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Updates may also be downloaded from the Microsoft Update Catalog website.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

KB4516065 -- 2019-09 Security Monthly Quality Rollup for Windows 7
KB4516033 -- 2019-09 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

KB4516067 -- 2019-09 Security Monthly Quality Rollup for Windows 8.1
KB4516064 -- 2019-09 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

KB4516058 -- 2019-09 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

KB4512578 -- 2019-09 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

KB4515384 -- 2019-09 Cumulative Update for Windows 10 Version 1903

Additional resources

Summary

Article Name

Microsoft Windows Security Updates September 2019 overview

Description

It is September 10, 2019 and Microsoft has just released security and non-security updates for its Microsoft Windows operating system and other company products.

Author

Martin Brinkmann

Publisher

Ghacks Technology News

Logo

Comments

Belga said on September 10, 2019 at 8:27 pm
No link for KB4516064 — 2019-09 Security Only Quality Update for Windows 8.1
Thank you !
Martin Brinkmann said on September 10, 2019 at 8:59 pm
Thanks, added!
1. Belga said on September 11, 2019 at 8:48 am
  Added two telemetry tasks under Win 8.1, as was the case under Win 7!
  1. Mothy said on September 12, 2019 at 2:02 am
    @Belga
    Where did you find the two additional telemetry tasks?
    I just installed the full monthly rollups on a Windows 7 Pro and a Windows 8.1 Pro system via Windows Update and there were no additional tasks added on either system. All previously disabled telemetry tasks as well as Diagnostic services are all still disabled as they were before the updates.
chesscanoe said on September 10, 2019 at 9:14 pm
Your info is super, and accurate per my Microsoft Windows [Version 10.0.18362.356] install. No noticed problems for my Home system.
1. Allan said on September 29, 2019 at 6:21 pm
  When i install kb4516067 it did install the Diagnostics Tracking Service which is telemetry.The good news is you can disable it and delete it under C:\windows\system32\diagtrack.dll,other than that this update is safe to install.I also recommend to use Blackbird privacy tool which is very good at detecting unnecessary services running,and disables unnecessary scheduled tasks too which will also protect your privacy.
John G. said on September 10, 2019 at 10:15 pm
Microsoft should fix as much vulnerabilities they found before releasing new ISO versions of W10. It’s quite unacceptable to see 45 problems in just single month, near half thousand in this year. This level of security is mostly ridiculous.
Benoit said on September 10, 2019 at 11:12 pm
Hello,
What update i should take for a Windows 10 LTSC 2019 from Microsoft Catalog ?
I know for a LTSB 2016 but there is nothing about it on Microsoft Catalog…
Update for Windows 1809 Pro works ?
Thanks You
Jimmy James said on September 11, 2019 at 3:17 am
“Remote Desktop Client Remote Code Execution Vulnerability”.
Didn’t this get patched on the last update too? Or is this a completely new RDP vulnerability?
John said on September 11, 2019 at 6:26 am
After installing KB4515384, desktop search completely stopped working on my Windows 10 Enterprise box.
1. capm32 said on September 11, 2019 at 9:55 am
  I had the same issue. After uninstalling KB4515384 the search is back. Additionally, DPC latency issues are still not fixed making the audio stutter once in a while.
  Great job on Microsoft’s part once again.
ilev said on September 11, 2019 at 8:05 am
Sept. update KB4516033 for Windows 7 Security Only contains again TELEMETRY.
1. TelV said on September 11, 2019 at 1:53 pm
  @ilev,
  See Martin’s advice on the subject: https://www.ghacks.net/2017/02/11/blocking-telemetry-in-windows-7-and-8-1/
2. Peterc said on September 12, 2019 at 4:41 am
  @ilev: I was just thinking: if Casablanca’s Captain Renault had had to live through the past four-plus years of Windows updates, he wouldn’t have been “shocked — SHOCKED!” at *anything*! ;-)
  I haven’t updated yet — per Woody, the risks of remaining unpatched this month aren’t high, and I like to leave time for hidden bugs to transpire when I have that luxury — but when I do, I’ll be looking for the telemetry and disabling it in WPD. I would have caught it, but thanks for the heads-up nonetheless.
TelV said on September 11, 2019 at 12:49 pm
All Windows 8.1 patches installed without mishap. I noticed that Microsoft didn’t release an MSRT update this month, or at least I don’t see KB890830 anywhere on Windows Update.
Anyway, thanks for all the hard work Martin. You deserve a knighthood! :D
Paul(us) said on September 11, 2019 at 1:59 pm
Thankx a lot Martin,
much appreciated.
Like every month you’re making Christal clear what is going on in the densely wooded forest called Microsoft updates.
ULBoom said on September 11, 2019 at 3:48 pm
These summaries are so thorough, Woody, the de facto Windows Wizard, always refers them on his site. Nice!
The Cortana high CPU issue was fixed with KB4515384, Win 10 Pro v.1903. Still ran Windows10Debloater to stop all the junk Updates reinstalls. Windows Insecure VPN switches were enabled with last two updates. Another data collector?
FWIW, clicking End Task 5 or 6 times in Task Manager each time Cortana reappears makes it disappear until reboot. In my machine, after this update, Cortana is visible in Task Manager but now starts suspended. Hmmm… Explorer Search is now almost instantaneous vs. snail slow before. Another Hmmm…
Is MS fixing more than they’re breaking? With interns back in school, will we see scorched earth updates until next summer?
Cinikal said on September 11, 2019 at 9:01 pm
2 laptops with broken search high cpu fixed after update woowoo
jupiter said on September 12, 2019 at 3:15 am
Does anyone know why there’s no update for Malicious Software Removal Tool?
This page specifically says that there’s no update available this month.
https://support.microsoft.com/en-us/help/890830/remove-specific-prevalent-malware-with-windows-malicious-software-remo
Jeffrey Olsen said on September 14, 2019 at 3:51 am
Dear Microsoft,
Have all my updates been delivered? Are there more updates to come? Are there any updates that have been blocked? Jeffrey Olsen, 2/30 Lawn Road, Noble Park, 3174.
1. Jeffrey Olsen said on September 14, 2019 at 3:53 am
  message sent
Sanjay Nayak said on September 15, 2019 at 9:50 am
Martin, I am stuck at W10 1803 with latest patches. What is the best way to upgrade to W10 1809? I do not want to upgrade to 1903 as there may still be bugs. Thank you.
1. Martin Brinkmann said on September 15, 2019 at 10:20 am
  Best option is to use a ISO image. Download Rufus, make sure updates are enabled, and select the Download option in the program to download the Windows 10 version 1809 ISO: https://www.ghacks.net/2019/03/18/rufus-3-5-with-windows-10-and-8-1-download-option/
Pierre said on September 17, 2019 at 11:29 am
Hello,
What update i should take for a Windows 10 LTSC 2019 from Microsoft Catalog ?
I know for a LTSB 2016 but there is nothing about it on Microsoft Catalog…
Update for Windows 1809 Pro works ?
Thanks You
Robert Affleck said on October 3, 2019 at 7:41 pm
My company has several Win 10 1903 Virtual Machines and about 1/4 exhibit the high cpu issue post update. No discernible pattern. Have all available updates. Tried the HKLM “AllowCortana” = 0 to no high CPU still happens. Only way to regain access to machine is to Turn Off and then turn back on in Hyper-V UI.
lovejit said on March 28, 2020 at 1:27 pm
If you’re just starting with ASP.NET you’ll want a Course that covers the basics of C#, and perhaps a tutorial ASP.Net 3.5 using C# course if you learn better that way, but if this Course isn’t your first purchase you should make it your second or third.
grace said on April 30, 2020 at 2:20 pm
Microsoft update reviews.google play store update

Microsoft Windows Security Updates September 2019 overview