9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.902 High
EPSS
Percentile
98.8%
IMPORTANTVerify that you have installed the updates listed in the How to get this update section before installing this update. For all updates starting with August 13, 2019, we strongly recommend that you install these updates to prevent any issues.
This security update includes improvements and fixes that were a part of update KB4507437 (released July 16, 2019) and addresses the following issues:
Symptom | Workaround |
---|---|
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error “Status: 0xc0000001, Info: A required device isn’t connected or can’t be accessed” after installing this update on a WDS server. | This issue is resolved in KB4512514. |
IA64 devices (in any configuration) and x64 devices using EFI boot that were provisioned after the July 9th updates and/or skipped the recommended update (KB3133977), may fail to start with the following error: “File: \Windows\system32\winload.efiStatus: 0xc0000428Info: Windows cannot verify the digital signature for this file.” | To resolve this issue please follow the steps outlined in the SHA-2 support FAQ article for error code 0xc0000428. |
Symantec identified the potential for a negative interaction that may occur after Windows Updates code signed with SHA-2 only certificates are installed on devices with Symantec or Norton antivirus programs installed. The software may not correctly identify files included in the update as code signed by Microsoft, putting the device at risk for a delayed or incomplete update. | The safeguard hold has been removed. Symantec has completed its evaluation of the impact of this update and future updates to Windows 7 and Windows 2008 R2. Symantec has determined that there is no increased risk of a false positive detection for all in-field versions of Symantec Endpoint Protection and Norton antivirus programs. See the Symantec support article for additional details and please reach out to Symantec or Norton support if you encounter any issues. |
After installing this update, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an “invalid procedure call error.” | This issue is resolved in KB4517297, which is an optional update. It is now available on Microsoft Update Catalog and Windows Server Update Services (WSUS). |
VBScript in Internet Explorer 11 should be disabled by default after installing KB4507437 (Preview of Monthly Rollup) or KB4511872 (Internet Explorer Cumulative Update) and later. However, in some circumstances, VBScript may not be disabled as intended. | This issue is resolved in KB4519976. |
After installing this update, you may receive an error when opening or using the Toshiba Qosmio AV Center. You may also receive an error in the Event Log related to cryptnet.dll. | This issue is resolved in KB4516048. |
Before installing this updateYou must install the updates listed below andrestart your device before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup.
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.902 High
EPSS
Percentile
98.8%