Microsoft Windows Security Updates March 2020 overview

Martin Brinkmann
Mar 10, 2020
Updated • Mar 10, 2020
Companies, Microsoft, Windows, Windows Updates
|
26

Welcome to the overview for Microsoft's March 2020 Patch Day; the company released security updates for all supported versions of Microsoft Windows as well as other company products.

The overview provides you with important information about released patches. It includes links to support articles and summaries of patches, links to security advisories, non-security updates, as well as direct download links for Windows updates.

Feel free to check out the February 2020 Patch Day overview here.

Microsoft Windows Security Updates March 2020

windows-security updates march 2020

You may download the following Excel spreadsheet to get a full tabular listing of patches and updates that Microsoft released on the March 2020 Patch Day. Click on the following link to download the Excel spreadsheet to your local system: microsoft-security-updates-windows-march-2020

Executive Summary

  • Microsoft released updates for all supported versions of the Windows operating system.
  • Updates were also released for Microsoft Edge (classic and new), Internet Explorer, Microsoft Exchange Server, Microsoft Office, Windows Defender, Visual Studio, Azure, Azure DevOps, Microsoft Dynamics.
  • The Microsoft Update Catalog lists 113 patches.

Operating System Distribution

  • Windows 7  (extended support only):39 vulnerabilities: 3 critical and 36 important
  • Windows 8.1: 55 vulnerabilities: 3 rated critical and 52 rated important
  • Windows 10 version 1803: 71 vulnerabilities: 7 critical and 64 important
  • Windows 10 version 1809: 73 vulnerabilities: 7 critical and 66 important
    • same as Windows 10 version 1803
  • Windows 10 version 1903: 75 vulnerabilities: 7 critical and 68 important
    • same as Windows 10 version 1803
  • Windows 10 version 1909: same as Windows 10 version 1903

Windows Server products

  • Windows Server 2008 R2 (extended support only): 47 vulnerabilities, 5 critical, 42 important
  • Windows Server 2012 R2: 55 vulnerabilities: 3 critical and 52 important.
  • Windows Server 2016: 71 vulnerabilities: 6 critical and 65 important.
  • Windows Server 2019: 72 vulnerabilities: 7 critical and 65 are important
    • Same as Windows Server 2016 plus
    • CVE-2020-0807 | Media Foundation Memory Corruption Vulnerability

Other Microsoft Products

  • Internet Explorer 11: 6 vulnerability: 6 critical
  • Microsoft Edge:  14 vulnerabilities: 13 critical, 1 important
    • CVE-2020-0768 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2020-0811 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2020-0812 | Chakra Scripting Engine Memory Corruption Vulnerability
    • CVE-2020-0816 | Microsoft Edge Memory Corruption Vulnerability
    • CVE-2020-0823 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2020-0825 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2020-0826 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2020-0827 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2020-0828 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2020-0829 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2020-0830 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2020-0831 | Scripting Engine Memory Corruption Vulnerability
    • CVE-2020-0848 | Scripting Engine Memory Corruption Vulnerability
  • Microsoft Edge on Chromium:
    • see here (latest security patches from the Chromium project)

Windows Security Updates

Windows 7

Improvements and fixes:

  • Fixed an issue that might prevent icons and cursors from appearing as expected. (monthly-rollup only)
  • Security updates

Windows 8.1

Improvements and fixes:

  • Fixed an issue that might prevent ActiveX content from loading.
  • Fixed an issue that might prevent icons and cursors from appearing as expected.
  • Security updates

Windows 10 version 1803

Improvements and fixes:

  • Security updates

Windows 10 version 1809

  • Support article: support

Improvements and fixes:

  • Security updates

Windows 10 version 1903 and 1909

Improvements and fixes:

  • Fixed an issue that prevented some users from upgrading the operating system "because of corrupted third-party assemblies".
  • Security updates.

Other security updates

KB4540671 -- 2020-03 Cumulative Security Update for Internet Explorer

KB4540694 -- 2020-03 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4541504 -- 2020-03 Security Only Quality Update for Windows Server 2008

KB4541506 -- 2020-03 Security Monthly Quality Rollup for Windows Server 2008

KB4541510 -- 2020-03 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4539571 -- 2020-03 Servicing Stack Update for Windows Server 2019 and Windows 10 Version 1809

KB4540670 -- 2020-03 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607

KB4540681 -- 2020-03 Cumulative Update for Windows 10 Version 1709

KB4540693 -- 2020-03 Cumulative Update for Windows 10 Version 1507

KB4540705 -- 2020-03 Cumulative Update for Windows 10 Version 1703

KB4540721 -- 2020-03 Servicing Stack Update for Windows 10 Version 1507

KB4540722 -- 2020-03 Servicing Stack Update for Windows 10 Version 1703

KB4540723 -- 2020-03 Servicing Stack Update for Windows Server 2016 and Windows 10 Version 1607

KB4540724 -- 2020-03 Servicing Stack Update for Windows 10 Version 1803

KB4540725 -- 2020-03 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4540726 -- 2020-03 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012

KB4541338 -- 2020-03 Servicing Stack Update for Windows Server, version 1909, Windows 10 Version 1909, Windows Server, version 1903, and Windows 10 Version 1903

KB4541731 -- 2020-03 Servicing Stack Update for Windows 10 Version 1709

KB4550735 -- 2020-03 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4550736 -- 2020-03 Servicing Stack Update for Windows Server 2008

Known Issues

Windows 7

  • May receive "failure to configure Windows updates. Reverting Changes. Do not turn off your computer" if the update is installed on non-ESU systems.
  • Certain operations that are performed on files or folders on Cluster Shared Volumes may fail with the error "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)".

Windows 8.1

  • Certain operations that are performed on files or folders on Cluster Shared Volumes may fail with the error "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)".

Windows 10 version 1809

  • After installing KB4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND."
    • Mitigation: uninstall and reinstall the language pack, then install the April 2019 Cumulative Update. If that does not help, Microsoft suggests Resetting the PC.
  • May encounter issues in Windows Server containers and 32-bit applications and process.

Windows 10 version 1903 and 1909

Security advisories and updates

Non-security related updates

KB890830 -- Windows Malicious Software Removal Tool - March 2020

Microsoft Office Updates

You find Office update information here.

How to download and install the March 2020 security updates

Security updates for all supported version of Windows and products included in Windows, e.g. Microsoft Edge, are made available via Windows Update, WSUS, and other update distribution systems. Administrators may download standalone patches to systems to apply these directly without using Windows Updates.

We recommend that backups are created of important date or, better, the entire system, before patches are installed.

Do the following to check for new updates:

  1. Open the Start Menu of the Windows operating system, type Windows Update and select the result.
  2. Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.

Direct update downloads

Windows 7 and Server 2008 R2

  • KB4540688 -- 2020-03 Security Monthly Quality Rollup for Windows 7
  • KB4541500 -- 2020-03 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4541509 -- 2020-03 Security Monthly Quality Rollup for Windows 8.1
  • KB4541505 -- 2020-03 Security Only Quality Update for Windows 8.1

Windows 10 (version 1803)

  • KB4540689  -- 2020-03 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1809)

  • KB4538461  -- 2020-03 Cumulative Update for Windows 10 Version 1809

Windows 10 (version 1903)

  • KB4540673  -- 2020-03 Cumulative Update for Windows 10 Version 1903

Windows 10 (version 1909)

  • KB4540673  -- 2020-03 Cumulative Update for Windows 10 Version 1909

Additional resources

Summary
Microsoft Windows Security Updates March 2020 overview
Article Name
Microsoft Windows Security Updates March 2020 overview
Description
Welcome to the overview for Microsoft's March 2020 Patch Day; the company released security updates for all supported versions of Microsoft Windows as well as other company products.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. bindiver said on April 4, 2020 at 9:27 pm
    Reply

    I have currently updated my Windows 10 Home to OS Build 18363.753 without any problems at all.

  2. Riki said on March 23, 2020 at 8:52 pm
    Reply

    Can someone help me clarify this please? Per ” https://support.microsoft.com/en-us/help/4520412/2020-ldap-channel-binding-and-ldap-signing-requirements-for-windows “, are we safe to deploy all updates from March released and also from ” https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190023 “? There is not binding policy made ready yet by our Active Directory Group Policy team yet at this moment.

  3. Michael Crawley said on March 17, 2020 at 3:33 pm
    Reply

    Server KB4494175 and KB4540670 – The error is on server “An existing connection was forcibly closed by the remote host” which we believe is SSL related error. Eventually the job would run correctly but would fail initially and this was causing all kinds of issues. The host server is a MS SQL server which is where we uninstalled the updates. Once we removed the two patches above it seemed to have fixed the issue. I think I got this right I do the security not the IT stuff.

    Has anyone seen any issues with the two KB’s above?

    1. Lars said on April 21, 2020 at 3:47 pm
      Reply

      Hi Michael,

      do you have any update on this issue? We’re having the exact same issue.

      Thank you in advance.

  4. chesscanoe said on March 12, 2020 at 10:08 pm
    Reply

    Per https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796 I successfully installed KB4551762 using Windows Update, bringing me to Microsoft Windows [Version 10.0.18363.720].

  5. EP said on March 12, 2020 at 6:09 pm
    Reply
    1. EP said on March 12, 2020 at 6:11 pm
      Reply

      DOH! I meant “1903 & 1909 users”

  6. TelV said on March 11, 2020 at 5:46 pm
    Reply

    Windows 8.1 here. Message on screen during reboot of KB4541505, “We couldn’t complete the update. Undoing changes”. Anyone else see that?

    Prior to that installation attempt KB4540725 which is the SSU for this month installed without a problem.

    1. TelV said on March 11, 2020 at 8:02 pm
      Reply

      Well, I fixed it. Error code according to the Reliability Monitor was 0x800F0921. Couldn’t find anything relevant with that code on the web so ran DISM.exe with the Restorehealth flag, downloaded and ran the installer again and lo and behold KB4541505 installed without a hitch. :)

  7. Deo et Patriae said on March 11, 2020 at 1:50 pm
    Reply

    I’m currently downloading this update on 1909. I wonder what is going to happen given the recent issues that came up from the previous optional update. I didn’t try to remove it since I didn’t notice anything suspicious. Will this update override the previous one? Will it fix the problems?

    1. Deo et Patriae said on March 11, 2020 at 1:54 pm
      Reply

      Also, I stay firm on my belief that MS should focus on only fixing things for one month at least, and then improve and introduce new features. Having constantly new features is a bug-fixing nightmare.

      That’s why Windows 7 eventually became the best OS ever built. Because they weren’t introducing new features, just fixing bugs and improving the existing ones for long time.

      1. Iron Heart said on March 12, 2020 at 8:38 am
        Reply

        @Deo et Patriae

        Windows 8.1 + Classic Shell was and is better than Windows 7 in every aspect imaginable. Metro was the only weakness of Windows 8.1, but it can be turned off, if you know how.

      2. Steve said on March 15, 2020 at 1:56 am
        Reply

        Problem is some hardware doesn’t have support (i.e. drivers, in particular) for Windows 8/8.1.

        There are even worse cases: Ryzen motherboards that work only with Windows 7 or 10. I know you will probably say, what? Then, I invite you to Google MSI B450 based motherboards and see their OS support specs.

      3. StompsMeNot said on March 15, 2020 at 5:27 am
        Reply

        Yes that was very nefarious of the CPU/GPU/MB makers and MS and that skipping over 8/8.1 for driver support to force more folks onto that 10/Rolling Release madness that’s rolling over its end users on a monthly basis.

        But I’ve got a new laptop running 1809 Home and maybe I’ll be forced to install 1909 before 2004 comes in April, if 2004 is going to be forced on me before 1809 goes EOL. But I’m really waiting for the Linux 5.6 Kernel to become available for Linux Mint and better support for my laptop’s Ryzen 3000 series APU’s power management.

        I’m keeping the 1809 laptop offline as a March 2019 patch delay option and will keep that laptop offline for another week or so just in case for patch vetting reasons. But really I’ve got 4 other laptops running Linux Mint 19.3 and 7(EOL) dual boot and maybe I’ll mothball the new laptop until Kernel 5.6 is offered for Mint 19.3/later. With all the other things going on I’ve got plenty of time and available laptops that boot into Mint to do most of what I need currently. And 7’s kept around on those laptops for offline only legacy Windows usage.

        I’m not going to be a forced BETA tester for the folks in Redmond and It’s only a matter of time before my newest laptop gets Mint/Kernel 5.6 installed alongside 1809/1909, and Kept offline like 7/EOL as well. The Ryzen 3000 series APUs have been on the market since Q1 2019 so a little more time for that support to be fully included mostly by Kernel 5.6 and most issues resolved for getting that laptop running under Mint 19.3/later so I can avoid most of these 10 issues forced upon the 10/Home end users. The old Windows 7 laptops sure are a bit more responsive and boot faster under Mint 19.3 and that’s not so bad for my complete control over my own laptops’ update management unlike 10’s forced madness.

  8. ESU-Barabbas said on March 11, 2020 at 12:51 pm
    Reply

    I can confirm the “Lite” method to keep receiving Windows 7 updates, found in MDL forums, also works with all March 2020 updates. MUUUUAAAHHHHAAAHHHHHHAAAAAA!

  9. Anonymous said on March 11, 2020 at 10:47 am
    Reply

    If running Windows 7 SSU released in January 2020 (which allows ESU updates to install with BypassESU v4), the new March 2020 Security Only Update and Security Monthly Quality Rollup packages will request a newer SSU (these newer SSUs will render the BypassESU useless). Wait for a new BypassESU version that can workaround this.

  10. kaskuser said on March 11, 2020 at 12:46 am
    Reply

    I didn’t see any comment. Just test if I can see this comment. Need to make sure, is it my browser or is it no comment at all.

    1. kaskuser said on March 11, 2020 at 12:48 am
      Reply

      At first it’s hidden. After I post the comment I can see all the comment. it’s weird.

  11. Yuliya said on March 10, 2020 at 10:52 pm
    Reply

    >Windows 10 version 1809: 73 vulnerabilities: 7 critical and 66 important
    Since last month? o.O

  12. chesscanoe said on March 10, 2020 at 10:34 pm
    Reply

    The current Servicing Stack Update (SSU) information at
    https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV990001
    shows what SSU Windows Update should automatically pick up if run today. A home user can confirm this by running Belarc Advisor.

  13. kaskuser said on March 10, 2020 at 10:12 pm
    Reply

    Thanks martin. Already update security-only using bypass version-four and it works.

  14. Paul(us) said on March 10, 2020 at 9:56 pm
    Reply

    Thanks, Martin, For this ferry helpfull body of work you deliver every mounth!

  15. clake said on March 10, 2020 at 8:40 pm
    Reply

    7 critical vulnerabilities, and I just uupdated last month. ‘ Time speeds up when…

  16. JohnIL said on March 10, 2020 at 7:56 pm
    Reply

    After 5 years I think if Microsoft does not have a handle on keeping these updates reasonably free of issues that it probably never will. I’ve mostly been OK with these updates but I have not installed them as soon as they are released. I certainly do not install any update that is not required. If your going to Windows update and begging for updates and install anything listed. Your volunteering for a headache and problems. You have agreed to be a beta tester for Microsoft.

    1. phoobear said on March 16, 2020 at 3:19 am
      Reply

      I install security updates right away, as I don’t want to volunteer to be exploited by malware.

      In over 30 years with Microsoft I have never had an issue with my updates.

      Also, if you study the actual numbers involved with OS updates and related issues, Microsoft is not alone in these complex tasks.

      1. Michael Crawley said on March 17, 2020 at 3:06 pm
        Reply

        I always install updates and in 10 years of doing kind of work I have only seen two times where the udpates have actually caused an issue. I have installed thousands of updates on tens of thousands of servers and workstations updates rarely cause issues.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.