Flexis June 2020 Patch Review And Recommendations

• KB4561608 – 2020-06 Cumulative Update for Windows Server 2019 for x64-based Systems
• KB4561616 – 2020-06 Cumulative Update for Windows Server 2016 for x64-based Systems
• KB4562561 – 2020-06 Servicing Stack Update for Windows Server 2016 for x64-based Systems
• KB4561666 – 2020-06 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems

Impacted Products:

• Microsoft Windows
• Microsoft Edge (EdgeHTML-based)
• Microsoft Edge (Chromium-based) in IE Mode
• Internet Explorer
• Microsoft Office and Microsoft Office Services and Web Apps
• Windows Defender
• Microsoft Dynamics
• Visual Studio
• Azure DevOps
• Adobe Flash Player
• Microsoft Apps for Android
• Windows App Store
• System Center
• Android App

 

Please note the following information regarding the security updates:

 

• For information regarding enabling Windows 10, version 1909 features, please see Windows 10, version 1909 delivery options. Note that Windows 10, versions 1903 and 1909 share a common core operating system with an identical set of system files. They will also share the same security update KBs.
• Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
• For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
• A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
• Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
• Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

Microsoft Security Advisories:

• ADV200010 | June 2020 Adobe Flash Security Update

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200010

 

Known Issues:

 KB4560960 Applies to: Windows 10 version 1903 all editions; Windows Server version 1903; Windows 10 version 1909 all editions; Windows Server version 1909

https://support.microsoft.com/en-us/help/4560960/windows-10-update-kb4560960

 Symptoms:

After installing this update on a Windows 10 device with a wireless wide area network (WWAN) LTE modem, reaching the internet might not be possible. However, the Network Connectivity Status Indicator (NCSI) in the notification area might still indicate that you are connected to the internet.

 

Workaround:

 Microsoft is working on a resolution and will provide an update in an upcoming release.

 

 KB4561608 Applies to: Windows 10 version 1809 all editions; Windows Server version 1809; Windows Server 2019 all editions

https://support.microsoft.com/en-us/help/4561608/windows-10-update-kb4561608

Symptoms:

After installing KB4493509, devices with some Asian language packs installed may receive the error, “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.”

 

Workaround:

1.  Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10.
2. Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10.

 

Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows:

1. Go to the Settings app > Recovery.
2. Select Get Started under the Reset this PC recovery option.
3. Select Keep my Files.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

 KB4561616 Applies to: Windows 10 version 1607 all editions; Windows Server 2016

https://support.microsoft.com/en-us/help/4561616/windows-10-update-kb4561616

 Symptoms:

After installing KB4467684, the cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum Password Length” is configured with greater than 14 characters.

 

Workaround:

 Set the domain default “Minimum Password Length” policy to less than or equal to 14 characters.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

 KB4561643 Applies to: Windows 7 Service Pack 1; Windows Server 2008 R2 Service Pack 1; Windows Embedded Standard 7 Service Pack 1; Windows Embedded POSReady 7; Windows Thin PC

 https://support.microsoft.com/en-us/help/4561643/windows-7-update-kb4561643

 Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

 This is expected in the following circumstances:

• If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
• If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get this update” section of this article.

Do one of the following:

• Perform the operation from a process that has administrator privilege.
• Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4561645 Applies to: Windows Server 2008 Service Pack 2

 https://support.microsoft.com/en-us/help/4561645/windows-server-2008-update-kb4561645

Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

 This is expected in the following circumstances:

• If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
• If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get this update” section of this article.

Do one of the following:

• Perform the operation from a process that has administrator privilege.
• Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

 KB4561669 Applies to: Windows 7 Service Pack 1; Windows Server 2008 R2 Service Pack 1; Windows Embedded Standard 7 Service Pack 1; Windows Embedded POSReady 7; Windows Thin PC

 https://support.microsoft.com/en-us/help/4561669/windows-7-update-kb4561669

 Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

This is expected in the following circumstances:

• If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
• If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get and install this update” section of this article.

Do one of the following:

• Perform the operation from a process that has administrator privilege.
• Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.

 

KB4561670 Applies to: Windows Server 2008 Service Pack 2

 https://support.microsoft.com/en-us/help/4561670/windows-server-2008-update-kb4561670

 Symptoms:

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

 

Workaround:

This is expected in the following circumstances:

• If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
• If you do not have an ESU MAK add-on key installed and activated.

 

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the “How to get and install this update” section of this article.

Do one of the following:

• Perform the operation from a process that has administrator privilege.
• Perform the operation from a node that doesn’t have CSV ownership.

 

Microsoft is working on a resolution and will provide an update in an upcoming release.