Lucene search

K
mskbMicrosoftKB4516051
HistorySep 10, 2019 - 7:00 a.m.

September 10, 2019—KB4516051 (Security-only update)

2019-09-1007:00:00
Microsoft
support.microsoft.com
750

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

High

EPSS

0.279

Percentile

96.9%

September 10, 2019—KB4516051 (Security-only update)

Improvements and fixes

This security update includes quality improvements. Key changes include:

  • Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 32-Bit (x86) versions of Windows (CVE-2019-11091, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130). Use the registry settings as described in the Windows Server article_. _(These registry settings are enabled by default for Windows Server OS editions.)
  • Security updates to Windows App Platform and Frameworks, Windows Kernel, Windows Input and Composition, Windows Media, Windows Authentication, Windows Datacenter Networking, Windows Storage and Filesystems, the Microsoft JET Database Engine, and Windows Server .
    For more information about the resolved security vulnerabilities, please refer to the Security Update Guide.

Known issues in this update

Microsoft is not currently aware of any issues with this update.

How to get this update

Before installing this updateMicrosoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. If you are using Windows Update, the latest SSU (KB4517134) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the Microsoft Update Catalog.Install this update****Release Channel Available Next Step
Windows Update and Microsoft Update No See the other options below.
Microsoft Update Catalog Yes To get the standalone package for this update, go to the Microsoft Update Catalog website.
Windows Server Update Services (WSUS) Yes This update will automatically synchronize with WSUS if you configure Products and Classifications as follows:Product: Windows Server 2008 Service Pack 2Classification: Security Updates File informationFor a list of the files that are provided in this update, download the file information for update 4516051.

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

High

EPSS

0.279

Percentile

96.9%