- December 2020 Security Updates release notes
- List of software updates for Microsoft products
- List of the latest Windows Updates and Services Packs
- Security Updates Guide
- Microsoft Update Catalog site
- Our in-depth Windows update guide
- How to install optional updates on Windows 10
- Windows 10 Update History
- Windows 8.1 Update History
- Windows 7 Update History
Microsoft Windows Security Updates December 2020 overview
Today is the last Microsoft Patch Day of the year 2020. Microsoft released security updates and non-security updates for all supported client and server versions of the company's Windows operating system, and updates for other company products such as Microsoft Office, Microsoft Edge, Internet Explorer, or the .NET Framework.
Our Patch Day overview provides you with detailed information on released patches, security issues, and related information. You can download an Excel spreadsheet of the released security updates, check out the operating system distribution, find links to all support pages, and the list of known issues here in this guide.
Check out the November 2020 Security Updates overview here in case you missed it.
Microsoft Windows Security Updates December 2020
Download the following Excel spreadsheet that contains the released security updates to your system. Note that Microsoft's new platform is quite slow and that it may be possible that updates are missing. Let us know in the comments if you notice anything missing: Security Updates 2020 12 Microsoft Windows
Executive Summary
- Microsoft released security updates for all supported versions of Windows.
- Security updates were also released for the following Microsoft products: Microsoft Edge (desktop and Android), Microsoft Office, Microsoft Exchange Server, Azure DevOps, Visual Studio, Azure SDK, Azure Sphere
- Windows 10 version 1903 has reached end of servicing today.
- There won't be any Preview updates for Windows in December 2020.
- Microsoft .NET Core updates will be offered via Windows Updates from this month on.
Operating System Distribution
- Windows 7Â Â (extended support only): 9 vulnerabilities: 0 critical and 9 important
- Windows 8.1: 5 vulnerabilities: 0 rated critical and 5 rated important
- Windows 10 version 1809: 19 vulnerabilities: 1 critical and 18 important
- CVE 2020 17095 -- Hyper-V Remote Code Execution Vulnerability
- Windows 10 version 1903 and 1909: 18 vulnerabilities: 1 critical and 17 important
- CVE 2020 17095 -- Hyper-V Remote Code Execution Vulnerability
- Windows 10 version 2004 and 20H2:Â 19 vulnerabilities, 1 critical, 18 important
- CVE 2020 17095 -- Hyper-V Remote Code Execution Vulnerability
Windows Server products
- Windows Server 2008 R2 (extended support only):Â 9 vulnerabilities: 0 critical and 9 important
- Windows Server 2012 R2: 6 vulnerabilities: 0 critical and 6 important.
- Windows Server 2016: 16 vulnerabilities: 1 critical and 15 important.
- CVE 2020 17095 -- Hyper-V Remote Code Execution Vulnerability
- Windows Server 2019: 20Â vulnerabilities: 1 critical and 19 are important
- CVE 2020 17095 -- Hyper-V Remote Code Execution Vulnerability
Other Microsoft Products
- Internet Explorer 11: 0 vulnerabilities:
- Microsoft Edge (classic): 1 vulnerabilities: 1 critical
- CVE 2020 17131 -- Chakra Scripting Engine Memory Corruption Vulnerability
- Microsoft Edge (Chromium)
- see here (latest security patches from the Chromium project)
Windows Security Updates
Windows 7 SP1 and Windows Server 2008 R2
- Monthly Rollup: KB4592471
- Security-only: KB4592503Â
Updates and improvements:
- Fixed a security vulnerability by preventing programs that runs as System from printing to FILE ports.
- Security updates
Windows 8.1 and Windows Server 2012 R2
- Monthly Rollup: KB4592484
- Security-only: KB4592495Â
Updates and improvements:
- Fixed an issue that prevented PDF24 Creator version 9.1.1 from opening .txt files. (Monthly Rollup only)
- Fixed a security vulnerability by preventing programs that runs as System from printing to FILE ports.
- Security updates
Windows 10 version 1809
- Support page: KB4592440
Updates and improvements:
- Fixed a security vulnerability by preventing programs that runs as System from printing to FILE ports.
- Security updates
Windows 10 version 1903 and 1909
- Support page: KB4592449
Updates and improvements:
- Fixed a security vulnerability by preventing programs that runs as System from printing to FILE ports.
- Security updates
Windows 10 version 2004 and 20H2
- Support page: KB4592438
Updates and improvements:
- Fixed a security vulnerability by preventing programs that runs as System from printing to FILE ports.
- Security updates
Other security updates
KB4592468 -- 2020-12 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB4592468)
KB4592497 -- 2020-12 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB4592497)
KB4592498 -- 2020-12 Security Monthly Quality Rollup for Windows Server 2008 (KB4592498)
KB4592504 -- 2020-12 Security Only Quality Update for Windows Server 2008 (KB4592504)
KB4592464 -- 2020-12 Cumulative Update for Windows 10 Version 1507 (KB4592464)
KB4593226 -- 2020-12 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB4593226)
KB4592473 -- 2020-12 Cumulative Update for Windows 10 Version 1703 (KB4592473)
KB4592446 -- 2020-12 Cumulative Update for Windows 10 Version 1803 (KB4592446)
Servicing Stack Updates:
2020-12 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB4592510)
2020-12 Servicing Stack Update for Windows Server, version 20H2, Windows 10 Version 20H2, Windows Server, version 2004, and Windows 10 Version 2004 (KB4593175)
Known Issues
Windows 7 SP1 and Windows Server 2008 R2
- Updates will fail to install with the error "“Failure to configure Windows updates. Reverting Changes. Do not turn off your computer" if ESU is not supported or activated.
- Certain operations may fail on cluster shared volumes. Workarounds available.
Windows 8.1 and Server 2012 R2
- Certain operations may fail on cluster shared volumes. Workarounds available.
Windows 10 version 1809
- Devices with "some" Asian language packs may throw the error "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.". Microsoft suggests to either try and uninstall the language packs and make sure that a recent version of Windows 10 is installed, or to reset the PC.
Windows 10 version 1903 and 1909
- System and user certificates may be lost when updating a device from Windows 10 version 1809 or later, to a later version of Windows 10. Does not affect Windows Update devices or Windows Update for business devices. Workaround available.
Windows 10 version 2004 and 20H2
- System and user certificates may be lost when updating a device from Windows 10 version 1809 or later, to a later version of Windows 10. Does not affect Windows Update devices or Windows Update for business devices. Workaround available.
- The correct Furigana characters may not be displayed when using the Microsoft Japanese Input Method Editor. Microsoft is working on a resolution.
Security advisories and updates
ADV 200013 -- Microsoft Guidance for Addressing Spoofing Vulnerability in DNS Resolver
ADV 990001Â -- Latest Servicing Stack Updates
Non-security related updates
Microsoft Office Updates
You find Office update information here.
How to download and install the December 2020 security updates
Updates are already available via Windows Updates and other update management systems. Default Windows installations are configured to find and install updates automatically, but it is also possible to download updates manually to install them.
Tip: it is essential that you create a backup of the system before you install Windows updates as things may go wrong and backups help you restore the previous status quo.
You can check manually for updates in the following way:
- Open the Start Menu of the Windows operating system, type Windows Update and select the result.
- Select check for updates in the application that opens. Updates may be installed automatically when they are found or offered by Windows; this depends on the operating system and version that is used, and update settings.
Direct update downloads
Below are resource pages with direct download links, if you prefer to download the updates to install them manually.
Windows 7 and Server 2008 R2
- KB4592471 -- 2020-12 Security Monthly Quality Rollup for Windows 7
- KB4592503 -- 2020-12 Security Only Quality Update for Windows 7
Windows 8.1 and Windows Server 2012 R2
- KB4592484 -- 2020-12 Security Monthly Quality Rollup for Windows 8.1
- KB4592495 -- 2020-12 Security Only Quality Update for Windows 8.1
Windows 10 (version 1809)
- KB4592440 -- 2020-12 Cumulative Update for Windows 10 Version 1809
Windows 10 (version 1903)
- KB4592449 -- 2020-12 Cumulative Update for Windows 10 Version 1903
Windows 10 (version 1909)
- KB4592449 -- 2020-12 Cumulative Update for Windows 10 Version 1909
Windows 10 (version 2004)
- KB4592438 -- 2020-12 Cumulative Update for Windows 10 Version 2004
Windows 10 (version 20H2)
- KB4592438 -- 2020-12 Cumulative Update for Windows 10 Version 20H2
Additional resources
Summary
Article Name
Microsoft Windows Security Updates December 2020 overview
Description
Microsoft released security updates and non-security updates for all supported versions of the company's Windows operating system, client and server, as well as other company products such as Microsoft Office on the December 2020 Patch Day.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Hello Support, please update me ASAP.
Hello support on my two domain controllers and two other Windows 2012 R2.
These both KB not able to install, its failing to install. it downloads then install, when i restart the VM windows 2012 R2, it gets to 75% then says reverting changes.
Please, help ASAP, i tried everything from fixing and attempting to manual install.
I tried everything for last two weeks nothing worked.
The remote host is missing one of the following rollup KBs :
– 4592495
– 4592484
C:\Windows\system32\gdiplus.dll has not been patched.
Remote version : 6.3.9600.19867
Should be : 6.3.9600.19880
Hello Support, please update me ASAP.
Hello support on my two domain controllers and two other Windows 2012 R2.
These both KB not able to install, its failing to install. it downloads then install, when i restart the VM windows 2012 R2, it gets to 75% then says reverting changes.
Please, help ASAP, i tried everything from fixing and attempting to manual install.
I tried everything for last two weeks nothing worked.
The remote host is missing one of the following rollup KBs :
– 4592495
– 4592484
C:\Windows\system32\gdiplus.dll has not been patched.
Remote version : 6.3.9600.19867
Should be : 6.3.9600.19880
Hello support on my two domain controllers and two other Windows 2012 R2.
These both KB not able to install, its failing to install. it downloads then install, when i restart the VM windows 2012 R2, it gets to 75% then says reverting changes.
Please, help ASAP, i tried everything from fixing and attempting to manual install.
I tried everything for last two weeks nothing worked.
The remote host is missing one of the following rollup KBs :
– 4592495
– 4592484
C:\Windows\system32\gdiplus.dll has not been patched.
Remote version : 6.3.9600.19867
Should be : 6.3.9600.19880
Again a security update causes problems. Most of my url’s don’t work now. None work from my gmail account and many from my Chrome Browser Bookmarks. I’ve tried to find work arounds to no avail. This is one of the few links that works.
1 weird thing i noticed. not sure if it’s an update to the calendar app or if it’s the monthly update… but all the events have disappeared from calendar (i use local account only)… but they do (or at least 1 did.. i don’t have many events) pop up on the notification area.
don’t remember seeing this before..
Updated LTSC 1809 on two machines. One weird new behaviour I have noticed since last moth, and this month is no differemt, is that now I always get one (1) notification about my Windows Firewall being disabled after a reboot. This used to not be the case, as the “Windows Security notification” application is not running in background. Turning off the Windows Defender Firewall service “mpssvc” also did not fix this issue – unless Microsoft considers this to be the indended behaviour.
Notifications are disabled alltogether on my machine, so this bypasses (almost) anything user-facing. I did not dig deep wnough into Group Policy, yet.
For some reason, my desktop was forced to install 2004 whereas, my laptop continued with installing security updates for 1909.
Is there a way to revert back to 1909? Or is 2004 usable at the current state?
Thanks Martin for the useful info.
> My Windows 10 system hasn’t gotten borked by an update yet
What a strange thing to be concerned about with something as important as an OS
> Any new unwanted or trickery features enabled?
Would you audit it for us? Oh, wait, we can’t. We don’t have access to the source code, nor can we make reproducible builds! HA, HA!
I see they’ve taken to reinstalling Edge (Chromium) for those of us who’ve uninstalled it, with the “DoNotUpdateToEdgeWithChromium” registry setting no longer working does anyone know of how to block it from installing now?
Something in the administrative templates for Edge maybe?
interestingly… the windows experience thing popped up upon restarting to finish the update.. 2 options… continue.. or remind me in 3 days.
Any new unwanted or trickery features enabled?
that’s entirely dependant on what OS you are using
8.1 is fine, as is 7 with ESU, however, can’t speak for 10
Thanks Martin, for guiding me thru this mounts update.
I updated main system to Windows 10 version 20H2 build 19042.685.
Hey, everyone! It’s pre-update-system-drive-cloning-and-imaging Tuesday!
Full Disclosure: My Windows 10 system hasn’t gotten borked by an update yet, and the built-in rollback feature on my dad’s Windows 10 computer worked flawlessly when a version upgrade borked *his* Windows 10 system, but I’ve seen enough irrecoverable borkings in Windows 7 and read about enough of them in Windows 8/8.1 and 10 to stay on my guard. I used to clone before applying Patch Tuesday updates, on old laptops where swapping out drives took only around five minutes. Now I image.
I use a local account rather than a “Microsoft account” because of privacy concerns, but I have a question for Microsoft-account users who back up their settings online and who’ve had to reinstall Windows 10 from scratch: How completely were your pre-borkage system and app settings restored after the reinstall? How many hours or days did you have to put in to return your system to more or less the same state it was in before it got borked?
Kerberos authentication of ticket renewals on domain controllers has been fix with Dec. CU.
No excel spreadsheet this month?
Hello support on my two domain controllers and two other Windows 2012 R2.
These both KB not able to install, its failing to install. it downloads then install, when i restart the VM windows 2012 R2, it gets to 75% then says reverting changes.
Please, help ASAP, i tried everything from fixing and attempting to manual install.
I tried everything for last two weeks nothing worked.
The remote host is missing one of the following rollup KBs :
– 4592495
– 4592484
C:\Windows\system32\gdiplus.dll has not been patched.
Remote version : 6.3.9600.19867
Should be : 6.3.9600.19880
Microsoft’s new platform is very slow. Not sure if the Excel spreadsheet is complete but it took longer than usual.
Hello support, the latest windows 2012 security updates failed on couple my servers VM, please assist ASAP and if anyone else this issue please tell how to resolve