Corrine Administrator, Microsoft MVP, Security Analyst Staff member Joined Feb 22, 2012 Posts 12,059 Location Upstate, NY May 14, 2019 #1 The May security updates have been released and consist of 79 CVEs along with two advisories. Of these 79 CVEs, 22 are rated Critical and 57 are rated Important in severity. Two of these bugs are listed as publicly known and one is listed as under active attack at the time of release. The updates address Remote Code Execution, Elevation of Privilege, Security Feature Bypass, Information Disclosure, Denial of Service, Spoofing, and Security Feature Bypass and apply to the following: The updates cover Internet Explorer, Edge, Windows, ChakraCore, Microsoft Office and Microsoft Office Services and Web Apps, .NET Framework and ASP.NET, Skype for Android, Azure DevOps Server, and the NuGet Package Manager. Known Issues: See the Known Issues and accompanying work-around in the KB Articles for your version of Windows 10: Windows 10, Version 1809: KB4494441 (OS Build 17763.503). Prerequisite: The servicing stack update (SSU) (KB4499728) must be installed before installing the latest cumulative update (LCU). The LCU will not be reported as applicable until the SSU is installed. For more information, see Servicing stack updates. Windows 10, Version 1803: KB4499167 (OS Build 17134.765) Recommended Reading: See Dustin Childs review and analysis in Zero Day Initiative — The May 2019 Security Update Review.
The May security updates have been released and consist of 79 CVEs along with two advisories. Of these 79 CVEs, 22 are rated Critical and 57 are rated Important in severity. Two of these bugs are listed as publicly known and one is listed as under active attack at the time of release. The updates address Remote Code Execution, Elevation of Privilege, Security Feature Bypass, Information Disclosure, Denial of Service, Spoofing, and Security Feature Bypass and apply to the following: The updates cover Internet Explorer, Edge, Windows, ChakraCore, Microsoft Office and Microsoft Office Services and Web Apps, .NET Framework and ASP.NET, Skype for Android, Azure DevOps Server, and the NuGet Package Manager. Known Issues: See the Known Issues and accompanying work-around in the KB Articles for your version of Windows 10: Windows 10, Version 1809: KB4494441 (OS Build 17763.503). Prerequisite: The servicing stack update (SSU) (KB4499728) must be installed before installing the latest cumulative update (LCU). The LCU will not be reported as applicable until the SSU is installed. For more information, see Servicing stack updates. Windows 10, Version 1803: KB4499167 (OS Build 17134.765) Recommended Reading: See Dustin Childs review and analysis in Zero Day Initiative — The May 2019 Security Update Review.
Corrine Administrator, Microsoft MVP, Security Analyst Staff member Joined Feb 22, 2012 Posts 12,059 Location Upstate, NY May 14, 2019 #2 Due to the severity of CVE-2019-0708, Microsoft also released KB 4500331 for versions of Windows that no longer receive mainstream support: Windows XP SP3 x86, Windows XP Professional X64 SP2, Windows XP Embedded SP3 x86 as well as Windows Server 2003.
Due to the severity of CVE-2019-0708, Microsoft also released KB 4500331 for versions of Windows that no longer receive mainstream support: Windows XP SP3 x86, Windows XP Professional X64 SP2, Windows XP Embedded SP3 x86 as well as Windows Server 2003.