Microsoft has brought Patch Tuesday Update for Windows 7 SP1 and Windows 8.1. As usual, this update brings no new features and offers lots of bug fixes and performance improvements.

PCs running Windows 7 SP1 or Windows Server 2008 R2 SP1 will get KB4503292 with following fixes.

  • Addresses an issue with the HTTP and HTTPS string character limit for URLs when using Internet Explorer.
  • Security updates to Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Input and Composition, Windows Shell, Windows Server, Windows Authentication, Windows Datacenter Networking, Windows Storage and Filesystems, Windows Virtualization, Internet Information Services, and the Microsoft JET
  • Database Engine.

You can manually download it here

The update, however, can cause you trouble as it contains the following known issues. But thankfully you will be able to fix them.

SymptomWorkaround
Microsoft and McAfee have identified an issue on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or McAfee VirusScan Enterprise (VSE) 8.8 installed. It may cause the system to have slow startup or become unresponsive at restart after installing this update.We are presently investigating this issue with McAfee.

Guidance for McAfee customers can be found in the following McAfee support articles:

Internet Explorer 11 may stop working when loading or interacting with Power BI reports that have line charts with markers. This issue may also occur when viewing other content that contains Scalable Vector Graphics (SVG) markers.To mitigate the issue with Power BI reports, the report needs to be republished with markers turned off. Markers can be turned off by selecting the line chart that is having issues and going to the Visualizations pane. Then on the Format tab under Shapes, set the Show marker slider to off.

We are working on a resolution and estimate a solution will be available in mid-July.

If you’re running Windows 8.1 or Windows Server 2012 R2, the update you’ll get is KB4503276, and it contains the following fixes:

  • Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, “Your Bluetooth device attempted to establish a debug connection….”, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see CVE-2019-2102 and KB4507623.
  • Addresses an issue that may prevent the Preboot Execution Environment (PXE) from starting a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.
  • Addresses an issue with the HTTP and HTTPS string character limit for URLs when using Internet Explorer.
  • Security updates to Windows App Platform and Frameworks, Windows Input and Composition, Windows Shell, Windows Server, Windows Authentication, Windows Datacenter Networking, Windows Storage and Filesystems, Windows Virtualization, Internet Information Services, and the Microsoft JET Database Engine.

You can manually download it here.

KB4503276 update also comes with known issues.

SymptomWorkaround
Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.Do one of the following:

  • Perform the operation from a process that has administrator privilege.
  • Perform the operation from a node that doesn’t have CSV ownership.

Microsoft is working on a resolution and will provide an update in an upcoming release.

Microsoft and McAfee have identified an issue on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or McAfee VirusScan Enterprise (VSE) 8.8 installed. It may cause the system to have slow startup or become unresponsive at restart after installing this update.We are presently investigating this issue with McAfee.

Guidance for McAfee customers can be found in the following McAfee support articles:

Internet Explorer 11 may stop working when loading or interacting with Power BI reports that have line charts with markers. This issue may also occur when viewing other content that contains Scalable Vector Graphics (SVG) markers.To mitigate the issue with Power BI reports, the report needs to be republished with markers turned off. Markers can be turned off by selecting the line chart that is having issues and going to the Visualizations pane. Then on the Format tab under Shapes, set the Show marker slider to off.

We are working on a resolution and estimate a solution will be available in mid-July.

The security-only update, KB4503290 contains the following fixes:

  • Addresses an issue that may prevent the Preboot Execution Environment (PXE) from starting a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.
  • Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, “Your Bluetooth device attempted to establish a debug connection….”, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see CVE-2019-2102 and KB4507623.
  • Security updates to Windows App Platform and Frameworks, Windows Input and Composition, Windows Shell, Windows Server, Windows Authentication, Windows Datacenter Networking, Windows Storage and Filesystems, Windows Virtualization, Internet Information Services, and the Microsoft JET Database Engine.

you can manually download it here.

Via: Neowin

Comments