Flexis January 2019 Patch Review And Recommendations

• KB4480961 – 2019-01 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4480961)
• KB4481484 – 2019-01 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 for x64
• KB4480963 – 2019-01 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems and Windows 8.1 for x64-based Systems
• KB4480979 – 2019-01 Security Update for Adobe Flash Player for Windows Server 2012 R2 for x64-based Systems and Windows 8.1 for x64-based Systems
• KB4480970 – 2019-01 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems and Windows 7 for x64-based Systems
• KB4480966 – 2019-01 Cumulative Update for Windows 10 Version 1803 for x64-based Systems

 

 

Impacted Products:

• Adobe Flash Player
• Internet Explorer
• Microsoft Edge
• Microsoft Windows
• Microsoft Office and Microsoft Office Services and Web Apps
• .NET Framework
• ASP .NET
• Microsoft Exchange Server
• Microsoft Visual Studio

 

Please note the following information regarding the security updates:

• A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
• Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
• Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
• For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

 

Microsoft Security Advisories:

• ADV190001 | January 2019 Adobe Flash Update

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190001

 

Known Issues:

KB4480961, KB4480973, KB4480978, KB4480966, KB4480970, KB4480116, KB4480962, KB4480963, KB4480975, 4468742, KB4471389

 

 

KB4480961 Applies to: Windows 10, version 1607, Windows Server 2016

https://support.microsoft.com/en-us/help/4480961/windows-10-update-kb4480961

Symptoms:

1. System Center Virtual Machine Manager (SCVMM) managed workloads are noticing infrastructure management issues after VMM refresh as the Windows Management Instrumentation (WMI) class around network port is being unregistered on Hyper-V hosts.
2. After installing this update on Windows Server 2016, instant search in Microsoft Outlook clients fail with the error, “Outlook cannot perform the search”.
3. After installing KB4467691, Windows may fail to startup on certain Lenovo laptops that have less than 8 GB of RAM.
4. After installing this update, third-party applications may have difficulty authenticating hotspots.

Workaround:

1. Run mofcompfor the mof, VMMDHCPSvr.mof, and other relevant SCVMM MOF Files. Please upgrade thru the SCVMM 2016 Update Rollup 6 (UR6) to expedite the Host Refresh activities after running mofcomp command.
2. To alleviate the symptoms, run sfc /scannow as described in step 3 of Use the System File Checker tool to repair missing or corrupted system files. Then restart Microsoft Outlook. Microsoft is working on a resolution and will provide an update in an upcoming release.
3. Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.
   If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.
   Microsoft is working with Lenovo and will provide an update in an upcoming release.
4. Microsoft is working on a resolution and estimates a solution will be available mid-January.

 

 

KB4480973 Applies to: Windows 10, version 1703

https://support.microsoft.com/en-us/help/4480973/windows-10-update-kb4480973

Symptoms: After installing this update, third-party applications may have difficulty authenticating hotspots.

Workaround: Microsoft is working on a resolution and estimates a solution will be available mid-January.

 

 

KB4480978 Applies to: Windows 10, version 1709

https://support.microsoft.com/en-us/help/4480978/windows-10-update-kb4480978

Symptoms: After installing this update, third-party applications may have difficulty authenticating hotspots.

Workaround: Microsoft is working on a resolution and estimates a solution will be available mid-January.

 

 

KB4480966 Applies to: Windows 10, version 1803

https://support.microsoft.com/en-us/help/4480966/windows-10-update-kb4480966

Symptoms:

1. After you install the August Preview of Quality Rollupor September 11, 2018 .NET Framework update, instantiation of SqlConnection can throw an exception. For more information about this issue, see the following article in the Microsoft Knowledge Base: 4470809 SqlConnection instantiation exception on .NET 4.6 and later after August-September 2018 .NET Framework updates.
2. After installing this update, some users cannot pin a web link on the Startmenu or the taskbar.
3. After installing KB4467682, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.
4. After installing this update, third-party applications may have difficulty authenticating hotspots.

Workaround:

1. Microsoft is working on a resolution and will provide an update in an upcoming release.
2. Microsoft is working on a resolution and will provide an update in an upcoming release.
3. Set the domain default “Minimum Password Length” policy to less than or equal to 14 characters.
   Microsoft is working on a resolution and will provide an update in an upcoming release.
4. Microsoft is working on a resolution and estimates a solution will be available mid-January.

 

 

KB4480970 Applies to: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1

https://support.microsoft.com/en-us/help/4480970/windows-7-update-kb4480970

Symptoms:

1. After you apply this update, the network interface controller may stop working on some client software configurations. This occurs because of an issue related to a missing file, oem<number>.inf. The exact problematic configurations are currently unknown.
2. After installing this update, some users are reporting the KMS Activation error, “Not Genuine”, 0xc004f200 on Windows 7 devices.
3. Local users who are part of the local “Administrators“ group may not be able to remotely access shares on Windows Server 2008 R2 and Windows 7 machines after installing the January 8th, 2019 security updates. This does not affect domain accounts in the local “Administrators” group.

Workaround:

1. To locate the network device, launch devmgmt.msc. It may appear under Other Devices.

• To automatically rediscover the NIC and install drivers, select Scan for Hardware Changes from the Action menu.
  • Alternatively, install the drivers for the network device by right-clicking the device and choosing Update. Then choose Search automatically for updated driver software or Browse my computer for driver software.

2. We are aware of this incident and are presently investigating it. We will provide an update when available.
3. To work around this issue use either a local account that is not part of the local “Administrators” group or any domain user (including domain administrators).
   We recommend this workaround until a fix is available in a future release.

 

 

KB4480116 Applies to: Windows 10, version 1809, Windows Server 2019, all versions

https://support.microsoft.com/en-us/help/4480116/windows-10-update-kb4480116

Symptoms: After installing this update, third-party applications may have difficulty authenticating hotspots.

Workaround: Microsoft is working on a resolution and estimates a solution will be available late January.

 

 

KB4480962 Applies to: Windows 10

https://support.microsoft.com/en-us/help/4480962/windows-10-update-kb4480962

Symptoms: After installing this update, third-party applications may have difficulty authenticating hotspots.

Workaround: Microsoft is working on a resolution and estimates a solution will be available early February.

 

 

KB4480963 Applies to: Windows 8.1, Windows Server 2012 R2

https://support.microsoft.com/en-us/help/4480963/windows-8-1-update-kb4480963

Symptoms: After installing this update, third-party applications may have difficulty authenticating hotspots.

Workaround: Microsoft is working on a resolution and estimates a solution will be available mid-January.

 

KB4480975 Applies to: Windows Server 2012, Windows Embedded 8 Standard

https://support.microsoft.com/en-us/help/4480975/windows-server-2012-update-kb4480975

Symptoms: After installing this update, third-party applications may have difficulty authenticating hotspots.

Workaround: Microsoft is working on a resolution and estimates a solution will be available mid-January.

 

4468742 Applies to: Exchange Server 2010

https://support.microsoft.com/en-us/help/4468742/update-rollup-25-for-exchange-server-2010-service-pack-3

Symptoms: When you try to manually install this security update by double-clicking the update file (.msp) to run it in “normal mode” (that is, not as an administrator), some files are not correctly updated.

When this issue occurs, you don’t receive an error message or any indication that the security update was not correctly installed. Also, Outlook Web Access (OWA) and the Exchange Control Panel (ECP) may stop working. This issue occurs on servers that are using user account control (UAC). The issue occurs because the security update doesn’t correctly stop certain Exchange-related services.

Workaround: To avoid this issue, follow these steps to manually install this security update:

1. Select Start, select All Programs, and then select Accessories.

2. Right-click Command prompt, and then select Run as administrator.

3. If the User Account Control dialog box appears, verify that the default action is the action that you want, and then select Continue.

4. Type the full path of the .msp file, and then press Enter.

This issue does not occur when you install the update from Microsoft Update.

 

4471389 Applies to: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019

https://support.microsoft.com/en-us/help/4471389/description-of-the-security-update-for-microsoft-exchange-server-2019

Symptoms: When you try to manually install this security update by double-clicking the update file (.msp) to run it in “normal mode” (that is, not as an administrator), some files are not correctly updated.

When this issue occurs, you don’t receive an error message or any indication that the security update was not correctly installed. Also, Outlook Web Access (OWA) and the Exchange Control Panel (ECP) may stop working. This issue occurs on servers that are using user account control (UAC). The issue occurs because the security update doesn’t correctly stop certain Exchange-related services.

Workaround: To avoid this issue, follow these steps to manually install this security update:

1. Select Start, select All Programs, and then select Accessories.

2. Right-click Command prompt, and then select Run as administrator.

3. If the User Account Control dialog box appears, verify that the default action is the action that you want, and then select Continue.

4. Type the full path of the .msp file, and then press Enter.

This issue does not occur when you install the update from Microsoft Update.