Microsoft Windows Security Updates October 2019 overview

by Martin Brinkmann on October 08, 2019 in Companies, Microsoft - Last Update: October 08, 2019 - 19 comments

Microsoft released security and non-security updates for the Microsoft Windows operating system and other company products on October 8, 2019.

Our overview of the monthly release of patches provides administrators and home users with information.

The overview links to all released updates, provides information on fixes and known issues, links to support articles and download pages, and provides statistics about the released updates of the month.

You can check out the September 2019 overview here in case you missed it.

Microsoft Windows Security Updates October 2019

Here is a handy Excel spreadsheet that lists all released security updates for Microsoft products in October 2019. Please download it with a click on the following link: microsoft-windows-october-2019-update list

Executive Summary

Microsoft released security updates for all supported versions of Microsoft Windows.
Security updates were also released for the following company products: Internet Explorer, Microsoft Edge, Microsoft Office, SQL Server Management Studio, Microsoft Dynamics, Windows Update Assistant
The latest Servicing Stack Update and SHA-2 updates need to be installed before this month's patches for Windows 7 and Windows Server 2008 R2 are installed.
Windows 10 version 1803 reaches end of servicing next month for Home and Pro editions.

Operating System Distribution

Windows 7: 20 vulnerabilities: 1 rated critical and 18 rated important
- CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
Windows 8.1: 20 vulnerabilities: 2 rated critical and 17 rated important and 1 moderate
- CVE-2019-1060 | MS XML Remote Code Execution Vulnerability
- CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
Windows 10 version 1803: 29 vulnerabilities: 2 critical and 26 important and 1 moderate
- CVE-2019-1060 | MS XML Remote Code Execution Vulnerability
- CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
Windows 10 version 1809: 32 vulnerabilities: 2 critical and 29 important and 1 moderate
- Same as Windows 10 version 1803
Windows 10 version 1903: 31 vulnerabilities: 2 critical and 28 important and 1 moderate
- Same as Windows 10 version 1803

Windows Server products

Windows Server 2008 R2: 20 vulnerabilities: 1 critical,18 important and 1 moderate.
- CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
Windows Server 2012 R2: 20 vulnerabilities: 2 critical, 17 important and 1 moderate
- CVE-2019-1060 | MS XML Remote Code Execution Vulnerability
- CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
Windows Server 2016: 23 vulnerabilities: 2 critical, 20 important and 1 moderate.
- Same as Server 2012 R2.
Windows Server 2019: 32 vulnerabilities: 2 critical, 29 are important and 1 moderate.
- Same as Server 2012 R2.

Other Microsoft Products

Internet Explorer 11: 6 vulnerabilities: 3 critical, 3 important
- CVE-2019-1238 | VBScript Remote Code Execution Vulnerability
- CVE-2019-1239 | VBScript Remote Code Execution Vulnerability
- CVE-2019-1367 | Scripting Engine Memory Corruption Vulnerability
Microsoft Edge: 7 vulnerabilities: 4 critical, 3 important
- CVE-2019-1307 | Chakra Scripting Engine Memory Corruption Vulnerability
- CVE-2019-1308 | Chakra Scripting Engine Memory Corruption Vulnerability
- CVE-2019-1335 | Chakra Scripting Engine Memory Corruption Vulnerability
- CVE-2019-1366 | Chakra Scripting Engine Memory Corruption Vulnerability

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

Security only: KB4520003

Fixed an issue with security bulletin CVE-2019-1318 that could cause clients or servers that don't support Extended Master Secret RFC 7626 to have increased latency and CPU utilization.
Security updates

Monthly Rollup: KB4519976

Fixed an issue that could prevent the disabling of VBScript in IE by default.
Fixed a printing issue.
Security fixes.

Windows 8.1 and Server 2012 R2

Security-only: KB4519990

Security updates.

Monthly Rollup: KB4520005

Same as security-only.
Fixed an issue with applications and printer drivers that use Windows JavaScript engine for processing print jobs.

Windows 10 version 1803

Cumulative Update: KB4520008

Fixed a Keyboard Lockdown Subsystem issue that prevented the correct filtering of key input.
Fixed a Bluetooth hardening issue that could cause the error "0x133 DPC_WATCHDOG_VIOLATION".
Fixed an issue with security bulletin CVE-2019-1318 that could cause clients or servers that don't support Extended Master Secret RFC 7626 to have increased latency and CPU utilization.
Fixed a printing issue.
Security updates

Windows 10 version 1809 and Server 1809 and Windows Server 2019

Cumulative Update: KB4519338

Fixed a Keyboard Lockdown Subsystem issue that prevented the correct filtering of key input.
Fixed an issue with security bulletin CVE-2019-1318 that could cause clients or servers that don't support Extended Master Secret RFC 7626 to have increased latency and CPU utilization.
Fixed a printing issue.
Security updates

Windows 10 version 1903 and Server 1903

Cumulative Update: KB4517389

Fixed an issue with security bulletin CVE-2019-1318 that could cause clients or servers that don't support Extended Master Secret RFC 7626 to have increased latency and CPU utilization.
Fixed a printing issue.
Security updates

Other security updates

KB4519974 -- Cumulative security update for Internet Explorer: October 8, 2019

KB4520004 -- 2019-10 Cumulative Update for Windows 10 Version 1709

KB4520010 -- 2019-10 Cumulative Update for Windows 10 Version 1703

KB4520011 -- 2019-10 Cumulative Update for Windows 10 Version 1507

KB4521856 -- 2019-10 Servicing Stack Update for Windows 10 Version 1507

KB4521857 -- 2019-10 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012

KB4521858 -- 2019-10 Servicing Stack Update for Windows Server 2016 and Windows 10 Version 1607

KB4521859 -- 2019-10 Servicing Stack Update for Windows 10 Version 1703

KB4521860 -- 2019-10 Servicing Stack Update for Windows 10 Version 1709

KB4521861 -- 2019-10 Servicing Stack Update for Windows 10 Version 1803 and Windows Server 2016

KB4521862 -- 2019-10 Servicing Stack Update for Windows 10 Version 1809 and Windows Server 2019

KB4521863 -- 2019-10 Servicing Stack Update for Windows Server 1909 and Windows 10 Version 1909

KB4521864 -- 2019-10 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

Server products

KB4519985 -- Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4520002 -- 2019-10 Security Monthly Quality Rollup for Windows Server 2008

KB4520007 -- 2019-10 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4520009 -- 2019-10 Security Only Quality Update for Windows Server 2008

KB4519998 -- 2019-10 Cumulative Update for Windows 10 Version 1607 and Windows Server 2016

Known Issues

Windows 8.1

Certain operations on Cluster Shared Volumes may fail.

Windows 10 version 1803

Same as Windows 8.1.
Black screen issue on first boot after the installation of updates.
Mixed Reality Portal error issue.

Windows 10 version 1809

Same as Windows 10 version 1809.
Issue on devices with certain Asian language packs installed.

Security advisories and updates

ADV990001 | Latest Servicing Stack Updates

Non-security related updates

KB4524102 -- 2019-10 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4524103 -- 2019-10 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012

KB4524104 -- 2019-10 Security and Quality Rollup for .NET Framework 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4524105 -- 2019-10 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

KB4519335 -- 2019-10 Dynamic Update for Windows 10 Version 1607

KB4519336 -- 2019-10 Dynamic Update for Windows 10 Version 1703

KB4519337 -- 2019-10 Dynamic Update for Windows 10 Version 1809

KB4519764 -- 2019-10 Dynamic Update for Windows 10 Version 1709

KB4519765 -- 2019-10 Dynamic Update for Windows 10 Version 1803

KB4524095 -- 2019-10 Cumulative Update for .NET Framework 4.8 for Windows Server 1903, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows 10 Version 1803, Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524096 -- 2019-10 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1903, Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524097 -- 2019-10 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1903, Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524098 -- 2019-10 Cumulative Update for .NET Framework 4.8 for Windows Server 1903, Windows 10 Version 1903, Windows Server 2019, Windows 10 Version 1809, Windows 10 Version 1803, Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524099 -- 2019-10 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows Server 2019, Windows 10 Version 1903, Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4524100 --2019-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 1903 and Windows 10 Version 1903

KB4524101 -- 2019-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 1909 and Windows 10 Version 1909

KB890830 -- Windows Malicious Software Removal Tool - October 2019

Microsoft Office Updates

You find Office update information here.

How to download and install the October 2019 security updates

Note: we suggest that you create a full system backup before applying any updates; Microsoft's track record of releasing updates without known issues has not been the best lately and while most updates may install fine and without issues on most systems, a backup ensures that you can restore the previous version if you encounter any issues.

Windows Updates are pushed to home devices automatically. You can run a manual check for updates to speed up the process.

Open the Start Menu of the Windows operating system, type Windows Update and select the result.
Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Cumulative updates may also be downloaded from the Microsoft Update Catalog website to install them manually. Note that you need to make sure that a compatible Service Stack Update is installed on the device.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

KB4519976 -- 2019-10 Security Monthly Quality Rollup for Windows 7
KB4520003 -- 2019-10 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

KB4520005 -- 2019-10 Security Monthly Quality Rollup for Windows 8.1
KB4519990 -- 2019-10 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

KB4520008 -- 2019-10 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

KB4519338 -- 2019-10 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

KB4517389 -- 2019-10 Cumulative Update for Windows 10 Version 1903

Additional resources

Summary

Article Name

Microsoft Windows Security Updates October 2019 overview

Description

Microsoft released security and non-security updates for the Microsoft Windows operating system and other company products on October 8, 2019.

Author

Martin Brinkmann

Publisher

Ghacks Technology News

Logo

Comments

Pepe said on October 8, 2019 at 7:40 pm
Test
Yuliya said on October 8, 2019 at 7:46 pm
Neat, I was waiting for these. I’ve installed already kb4521862-x64, now installing kb4519338-x64 on my LTSC1809.
JoeyG said on October 8, 2019 at 8:19 pm
In the Direct Update Downloads section, the numbers are reversed: KB4520003 is security only and KB4519976 is the rollup.
Windows 7 SP1 and Windows Server 2008 R2 SP
KB4520003 — 2019-10 Security Monthly Quality Rollup for Windows 7
KB4519976 — 2019-10 Security Only Quality Update for Windows 7
JoeyG said on October 8, 2019 at 8:40 pm
Thanks for the quick fix.
1. Martin Brinkmann said on October 8, 2019 at 9:34 pm
  You are welcome, thanks for letting me know about it!
Scott said on October 8, 2019 at 9:59 pm
Hi martin, thanks for your work,
Typo probably –
Known Issues – Windows 10 version 1809
Same as Windows 10 version 1809.
Paul(us) said on October 8, 2019 at 10:01 pm
Thanks, Martin,
Like always its a ferry handy guide to know what Microsoft is doing this mouth with main windows 1903 bld.18362.418.
Hopefully, this cumulative Update: KB4517389 will not have any issues.
P.s. When I wanted to post this I was getting the message when I wanted to post “You are posting to slow”?
So hopefully you receiving this second attempt?
VioletMoon said on October 9, 2019 at 12:41 am
1903–Not a problem. Went ahead and upgraded from 1809 to 1903 on a test machine and on to the main computers encountering nothing but good, great, and better font rendering on a 4K display.
Anyway, I have a question for Martin or anyone else. I wanted to copy/paste my Firefox profile from the 4K display machine to a machine with a smaller screen. When I do that, the result is a super huge screen on the 1920 x 1080–text is legible, nothing is stretched, but trying to resize doesn’t work.
Do I need to change the pref.js file in the copy?
Never had the problem.
Thanks!
1. Cinikal said on October 9, 2019 at 7:50 pm
  Had that problem with Wise Cleaner maximized on a larger display. I went back and made the window as small as possible then copied it back to my tablet.
Mothy said on October 9, 2019 at 5:26 am
After creating full Macrium images (always do before making any major changes), I had no issues installing monthly rollups for a Win 7 SP1 and a Win 8.1 system. All telemetry tasks and services on both are still disabled after install and each system is running as well as they did before the updates.
AJNorth said on October 9, 2019 at 8:45 am
Adobe have updated their Flash Player for all platforms to version 32.0.0.270 (though as of this post, their latest security bulletin has not yet been released, so it is not known whether this is security-related).
w10notforever said on October 9, 2019 at 8:55 am
I just ‘love’ the ‘smell’ of updates in the morning!!!
Let me be honest: it sucks!
owl said on October 9, 2019 at 11:06 am
System audit with Belarc Advisor:
Windows 10 Home (x64) Version 1903 (build 18362.388)
System Security Status
Security Updates: Alert! 3 missing
Hotfix Id Severity Description (click to see security bulletin)
HT210635 Critical Apple iTunes security update for iTunes 12.10.0.7
Q4517389 Critical Microsoft security update (KB4517389)
Q4521863 Critical Microsoft security update (KB4521863)
AskWoody’s rating is:
Search Results for ‘KB4517389’
https://www.askwoody.com/forums/search/KB4517389/
MS-DEFCON 1:
Current Microsoft patches are causing havoc. Don’t patch.
October 2019 Patch Tuesday – watch out
https://www.askwoody.com/2019/october-2019-patch-tuesday-watch-out/
MS-DEFCON 1:
Current Microsoft patches are causing havoc. Don’t patch.
Although the evaluation with those information was in conflict, I trusted the evaluation of “Belarc Advisor” and manually installed a standalone version of the patch.
KB4517389 has a huge file size of 313.2 MB, so it took about an hour to complete the installation.
Apple’s updates were also large in size and required a restart, so wasted about 2 hours to apply these updates!
The “black screen at restart and logon” that occurred frequently during the update in 1909 did not occur, and it proceeded smoothly and was able to log on.
at last, it seems to have realized a decent user experience.
More than anything else, there seems to be no trouble (abnormality) that I was concerned about.
System audit with Belarc Advisort after applying the update:
Windows 10 Home (x64) Version 1903 (build 18362.418)
System Security Status
Security Updates: OK Up-to-date
Summary of them:
Apple security updates | Apple
https://support.apple.com/en-sg/HT201222
October 8, 2019—KB4517389 (OS Build 18362.418) | Windows support
https://support.microsoft.com/en-us/help/4517389/windows-10-update-kb4517389
Servicing stack update for Windows 10 version 1903: October 8, 2019 | Windows support
https://support.microsoft.com/en-us/help/4521863/compatibility-update-for-installing-windows-10-version-1903
Loxia said on October 9, 2019 at 1:55 pm
Printing problem solved with this update for Win 10 1903.
TelV said on October 9, 2019 at 2:07 pm
Martin,
You have .NET Framework updates listed under the header “non-security related’ but Microsoft lists them as security related i.e. this one for .NET 3.5: https://support.microsoft.com/en-us/help/4514371/sep-10-2019-kb4514371
1. Martin Brinkmann said on October 9, 2019 at 2:21 pm
  The update that you have mentioned is from September 2019 IIRC.
Cinikal said on October 9, 2019 at 7:56 pm
Made it through another update but I think Windows 10 is giving me PTSD.
John G. said on October 10, 2019 at 12:09 am
Updated with no issues noticed after 3 hours of installation. Amazing amount of time!
Anonymous said on October 16, 2019 at 12:41 am
just wanted to say that the KB4520010 update for Windows 10 v1703 enterprise/education is the very last cumulative security update released as the 1703 version has been fully EOS (end of support) on 10/8/2019

Microsoft Windows Security Updates October 2019 overview