- November 2019 Security Updates release notes
- List of software updates for Microsoft products
- List of the latest Windows Updates and Services Packs
- Security Updates Guide
- Microsoft Update Catalog site
- Our in-depth Windows update guide
- How to install optional updates on Windows 10
- Windows 10 Update History
- Windows 8.1 Update History
- Windows 7 Update History
Microsoft Windows Security Updates November 2019 overview

It is the second Tuesday of November 2019 and that means that it is Microsoft Patch Day. Microsoft released security and non-security updates for its Windows operating system and other company products.
Our overview provides you with information on these updates: it starts with an executive summary and information about the number of released updates for all supported client and server versions of Windows as well as the Microsoft Edge (classic) and Internet Explorer web browsers.
What follows is information about the updates, all with links to support articles on Microsoft's website, the list of known issues, direct download links to cumulative updates for Windows, and additional update related information.
Click here to open the October 2019 Patch Day overview.
Microsoft Windows Security Updates November 2019
Download the following Excel spreadsheet to your local system; it lists security updates that Microsoft released in November 2019: November 2019 Security Updates
Executive Summary
- Microsoft released security updates for all supported client and server versions of the Microsoft Windows operating system.
- The following Microsoft products have received security updates as well: Internet Explorer, Microsoft Edge, Microsoft Office, Secure Boot, Microsoft Exchange Server, Visual Studio, Azure Stack.
- The Windows 10 version 1909 features are included in the Windows 10 version 1903 update but not activated until "they are turned on using an enablement package, which is a small, quick-to-install “master switch†that simply activates the Windows 10, version 1909 features." Microsoft released a blog post that details how to get the update. (basically, install regular 1903 update, then check for updates again and the 1909 update should be offered)
- Windows 10 Home, Pro, Pro for Workstations and IoT Core, version 1803 have reached end of servicing. These editions won't receive security updates or other updates after November 12, 2019.
Operating System Distribution
- Windows 7: 35 vulnerabilities: 4 rated critical and 31 rated important
- CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
- CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
- CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
- CVE-2019-1441 | Win32k Graphics Remote Code Execution Vulnerability
- Windows 8.1: 37 vulnerabilities: 3 rated critical and 34 rated important
- Same as Windows 7 except for CVE-2019-1441 (not affected)
- Windows 10 version 1803: 46 vulnerabilities: 5 critical and 41 important
- CVE-2019-0721 | Hyper-V Remote Code Execution Vulnerability
- CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
- CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
- CVE-2019-1398 | Windows Hyper-V Remote Code Execution Vulnerability
- CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
- Windows 10 version 1809: 46 vulnerabilities: 4 critical and 42Â important
- Same as Windows 10 version 1803 except for CVE-2019-1389 (not affected)
- Windows 10 version 1903: 46 vulnerabilities: 2 critical and 28 important
- Same as Windows 10 version 1809 plus
- CVE-2019-1430 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability
Windows Server products
- Windows Server 2008 R2: 35 vulnerabilities: 4 critical and 31 important.
- CVE-2019-1441 | Win32k Graphics Remote Code Execution Vulnerability
- CVE-2019-1419 | OpenType Font Parsing Remote Code Execution Vulnerability
- CVE-2019-1397 | Windows Hyper-V Remote Code Execution Vulnerability
- CVE-2019-1389 | Windows Hyper-V Remote Code Execution Vulnerability
- Windows Server 2012 R2: 37 vulnerabilities: 3 critical and 34 important.
- same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected)
- Windows Server 2016: 38 vulnerabilities: 2 critical and 20 important.
- same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected)
- Windows Server 2019: 46 vulnerabilities: 2 critical and 29 are important
- same as Windows Server 2008 R2 except for CVE-2019-1441 (not affected) plus
- CVE-2019-0721 | Hyper-V Remote Code Execution Vulnerability
Other Microsoft Products
- Internet Explorer 11: 2 vulnerabilities: 2 critical
- CVE-2019-1390 | VBScript Remote Code Execution Vulnerability
- CVE-2019-1429 | Scripting Engine Memory Corruption Vulnerability
- Microsoft Edge: 4 vulnerabilities: 4 critical
- CVE-2019-1413 | Microsoft Edge Security Feature Bypass Vulnerability
- CVE-2019-1426 | Scripting Engine Memory Corruption Vulnerability
- CVE-2019-1427 | Scripting Engine Memory Corruption Vulnerability
- CVE-2019-1428 | Scripting Engine Memory Corruption Vulnerability
Windows Security Updates
Windows 7 SP1 and Windows Server 2008 R2
The security-only update resolves the following issues/makes the following changes:
- Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
- Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
- Security updates for various operating system components.
The monthly rollup update includes all of the updates of the security-only update plus:
- Fixes an issue that prevented certain 16-bit Visual Basic 3 applications or other VB3 applications from running.
- Fixes a temporary user profile issue when the policy "Delete cached copies of roaming profiles" is set.
Windows 8.1 and Server 2012 R2
The security-only update resolves the following issues/makes the following changes:
- Same as Windows 7 SP1 and Windows Server 2008 R2.
The monthly rollup update includes all of the updates of the security-only update plus:
- Same as Windows 7 SP1 and Windows Server 2008 R2 plus
- Fixes an issue that prevented multiple Bluetooth Basic Rate devices from functioning properly after installing the August 2019 updates.
- Fixes an issue that caused error 0x7E when connecting Bluetooth devices after installing the June 2019 updates.
Windows 10 version 1803
- Support article: KB4525237
The cumulative update fixes the following issues / makes the following changes:
- Fixes an issue that caused Windows Defender Application Control Code Integrity events to become unreadable.
- Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
- Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
- Security updates
Windows 10 version 1809
- Support article: KB4523205
The cumulative update fixes the following issues / makes the following changes:
- Fixes an issue that could cause the Microsoft Defender Advanced Threat Protection service to stop running or stop sending report data.
- Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
- Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
- Security updates
Windows 10 version 1903
- Support article: KB4524570Â
The cumulative update lists changes for Windows 10 version 1903 and 1909. It appears that Microsoft included the changes of 1909 in the cumulative update but has not activated them at the time of writing.
- Fixes an issue in the Keyboard Lockdown Subsystem that might not filter key input correctly.
- Provides protections against the Intel® Processor Machine Check Error vulnerability (CVE-2018-12207). Note: the protection is not enabled by default. Consult this article for guidance.
- Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability (CVE-2019-11135). Note: the protection is not enabled by default. Consult the Windows Client or Windows Server guides for guidance.
- Security updates
Other security updates
- Internet Explorer Cumulative Update:Â KB4525106
- 2019-11 Security Monthly Quality Rollup for Windows Server 2008 (KB4525234)
- 2019-11 Security Only Quality Update for Windows Server 2008 (KB4525239)
- 2019-11 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB4525246)
- 2019-11 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB4525253)
- 2019-11 Cumulative Update for Windows Server, version 1909 and Windows 10 Version 1909 (KB4524570)
- 2019-11 Cumulative Update for Windows 10 Version 1507 (KB4525232)
- 2019-11 Cumulative Update for Windows Server 2016, and Windows 10 Version 1607 (KB4525236)
- 2019-11 Cumulative Update for Windows 10 Version 1709 (KB4525241)
- 2019-11 Cumulative Update for Windows 10 Version 1703 (KB4525245)
- 2019-11 Servicing Stack Update for Windows Server 2016, and Windows 10 Version 1607 (KB4520724)
- 2019-11 Servicing Stack Update for Windows 10 Version 1507 (KB4523200)
- 2019-11 Servicing Stack Update for Windows 10 Version 1703 (KB4523201)
- 2019-11 Servicing Stack Update for Windows 10 Version 1709 (KB4523202)
- 2019-11 Servicing Stack Update for Windows 10 Version 1803, and Windows Server 2016 (KB4523203)
- 2019-11 Servicing Stack Update for Windows 10 Version 1809, and Windows Server 2019 (KB4523204)
- 2019-11 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB4523206)
- 2019-11 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012 (KB4523208)
- 2019-11 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB4524445)
- 2019-11 Servicing Stack Update for Windows Server, version 1909 and Windows 10 Version 1909 (KB4524569)
- 2019-11 Servicing Stack Update for Windows Server 2008 (KB4526478)
Known Issues
Windows 8.1 and Windows Server 2012 R2
- Certain operations may fail on Cluster Shared Volumes with the error code "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)"
Windows 10 version 1803
- Certain operations may fail on Cluster Shared Volumes with the error code "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)"
- May be unable to create a new local user during the Out of Box Experience when using Input Method Editor (IME) -- Microsoft recommends setting the keyboard language to English during user creation or to use a Microsoft Account to complete the setup.
Windows 10 version 1809
- Same as Windows 10 version 1803 plus
- May receive error "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND" with some Asian language packs installed.
Windows 10 version 1903
- May be unable to create a new local user during the Out of Box Experience when using Input Method Editor (IME) -- Microsoft recommends setting the keyboard language to English during user creation or to use a Microsoft Account to complete the setup.
Security advisories and updates
ADV190024 | Microsoft Guidance for Vulnerability in Trusted Platform Module (TPM)
Non-security related updates
- 2019-11 Dynamic Update for Windows 10 Version 1809 (KB4524761)
- 2019-11 Dynamic Update for Windows 10 Version 1903 (KB4525043)
- Windows Malicious Software Removal Tool - November 2019 (KB890830)
Microsoft Office Updates
You find Office update information here.
How to download and install the November 2019 security updates
Most home devices running Windows are configured to download and install security updates when they are released. Users who don't want to wait for that to happen or have configured their systems to update manually only may run manual checks for updates or download the cumulative updates from Microsoft's Update Catalog website.
The following needs to be done to check for updates manually:
- Open the Start Menu of the Windows operating system, type Windows Update and select the result.
- Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.
Direct update downloads
Windows 7 SP1 and Windows Server 2008 R2 SP
- KB4525235 -- 2019-11 Security Monthly Quality Rollup for Windows 7
- KB4525233 -- 2019-11 Security Only Quality Update for Windows 7
Windows 8.1 and Windows Server 2012 R2
- KB4525243 -- 2019-11 Security Monthly Quality Rollup for Windows 8.1
- KB4525250 -- 2019-11 Security Only Quality Update for Windows 8.1
Windows 10 (version 1803)
- KB4525237 -- 2019-11 Cumulative Update for Windows 10 Version 1803
Windows 10 (version 1809)
- KB4523205Â -- 2019-11 Cumulative Update for Windows 10 Version 1809
Windows 10 (version 1903)
- KB4524570Â -- 2019-11 Cumulative Update for Windows 10 Version 1903
Additional resources


Martin, I would appreciate that you do not censor this post, as it’s informative writing.
Onur, there is a misleading statement “[…] GIFs are animated images …”. No, obviously you don’t seem to have take much notice of what you were told back in March regarding; Graphics Interchange Format (GIF).
For example, https://www.ghacks.net/2023/03/31/whats-gif-explanation-and-how-to-use-it/#comment-4562919 (if you had read my replies within that thread, you might have learnt something useful). I even mentioned, “GIF intrinsically supports animated images (GIF89a)”.
You linked to said article, [Related: …] within this article, but have somehow failed to take onboard what support you were given by several more knowledgeable people.
If you used AI to help write this article, it has failed miserably.
AI is stupid, and it will not get any better if we really know how this all works. Prove me wrong.. https://www.youtube.com/watch?v=4IYl1sTIOHI
Martin, [#comment-4569908] is only meant to be in: [https://www.ghacks.net/2023/07/09/how-to-send-gifs-on-iphone-two-different-ways/]. Whereas it appears duplicated in several recent random low-quality non relevant articles.
Obviously it [#comment-4569908] was posted: 9 July 2023. Long before this thread even existed… your database is falling over. Those comments are supposed to have unique ID values. It shouldn’t be possible to duplicate the post ID, if the database had referential integrity.
Don’t tell me!
Ghacks wants the state to step in for STATE-MANDATED associations to save jobs!!!
Bring in the dictatorship!!!
And screw Rreedom of Association – too radical for Ghacks maybe
GateKeeper ?
That’s called “appointing” businesses to do the state’s dirty work!!!!!
But the article says itself that those appointed were not happy – implying they had not choice!!!!!!
@The Dark Lady,
@KeZa,
@Database failure,
@Howard Pearce,
@Howard Allan Pearce,
Note: I replaced the quoted URI scheme: https:// with “>>” and posted.
The current ghacks.net is owned by “Softonic International S.A.” (sold by Martin in October 2019), and due to the fate of M&A, ghacks.net has changed in quality.
>> ghacks.net/2023/09/02/microsoft-is-removing-wordpad-from-windows/#comment-4573130
Many Authors of bloggers and advertisers certified by Softonic have joined the site, and the site is full of articles aimed at advertising and clickbait.
>> ghacks.net/2023/08/31/in-windows-11-the-line-between-legitimate-and-adware-becomes-increasingly-blurred/#comment-4573117
As it stands, except for articles by Martin Brinkmann, Mike Turcotte, and Ashwin, they are low quality, unhelpful, and even vicious. It is better not to read those articles.
How to display only articles by a specific author:
Added line to My filters in uBlock Origin: ghacks.net##.hentry,.home-posts,.home-category-post:not(:has-text(/Martin Brinkmann|Mike Turcotte|Ashwin/))
>> ghacks.net/2023/09/01/windows-11-development-overview-of-the-august-2023-changes/#comment-4573033
By the way, if you use an RSS reader, you can track exactly where your comments are (I’m an iPad user, so I use “Feedly Classic”, but for Windows I prefer the desktop app “RSS Guard”).
RSS Guard: Feed reader which supports RSS/ATOM/JSON and many web-based feed services.
>> github.com/martinrotter/rssguard#readme
We all live in digital surveillance glass houses under scrutiny of evil people because of people like Musk. It’s only fair that he takes his turn.
“Operating systems will be required to let the user choose the browser, virtual assistant and search engine of their choice. Microsoft cannot force users to use Bing or Edge. Apple will have to open up its iOS operating system to allow third-party app stores, aka allow sideloading of apps. Google, on the other hand, will need to provide users with the ability to uninstall preloaded apps (bloatware) from Android devices. Online services will need to allow users to unsubscribe from their platform easily. Gatekeepers need to provide interoperability with third-parties that offer similar services.”
Wonderful ! Let’s hope they’ll comply with that law more than they are doing with the GDPR.
No, they didn’t lmao.
https://twitter.com/vxunderground/status/1706523877478670542