Lucene search
MicrosoftKB4530730HistoryDec 10, 2019 - 8:00 a.m.
December 10, 2019—KB4530730 (Security-only update)
2019-12-1008:00:00
Microsoft
support.microsoft.com
157
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.7 Medium
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.968 High
EPSS
Percentile
99.7%
December 10, 2019—KB4530730 (Security-only update)
Improvements and fixes
This security update includes quality improvements. Key changes include:
- Security updates to Windows Virtualization, Windows Kernel, Windows Peripherals, and Windows Server.
For more information about the resolved security vulnerabilities, please refer to the Security Update Guide.
Known issues in this update
| Symptom | Workaround |
|---|---|
| Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. | Do one of the following: |
- Perform the operation from a process that has administrator privilege.
- Perform the operation from a node that doesn’t have CSV ownership.
Microsoft is working on a resolution and will provide an update in an upcoming release.
How to get this update
| Before installing this updateMicrosoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. If you are using Windows Update, the latest SSU (KB4524445) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the Microsoft Update Catalog.Install this update****Release Channel | Available | Next Step |
|---|---|---|
| Windows Update and Microsoft Update | No | See the other options below. |
| Microsoft Update Catalog | Yes | To get the standalone package for this update, go to the Microsoft Update Catalog website. |
| Windows Server Update Services (WSUS) | Yes | This update will automatically synchronize with WSUS if you configure Products and Classifications as follows:Product: Windows 8.1, Windows Server 2012 R2, Windows Embedded 8.1 Industry Enterprise, Windows Embedded 8.1 Industry ProClassification: Security Updates File informationFor a list of the files that are provided in this update, download the file information for update 4530730. |
Related
mskb
mskb
December 10, 2019—KB4530698 (Security-only update)
2019-12-10 08:00:00
December 10, 2019—KB4530702 (Monthly Rollup)
2019-12-10 08:00:00
December 10, 2019—KB4530691 (Monthly Rollup)
2019-12-10 08:00:00
nessus
nessus
KB4530698: Windows Server 2012 December 2019 Security Update
2019-12-10 00:00:00
KB4530681: Windows 10 December 2019 Security Update
2019-12-10 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4530702)
2019-12-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4530681)
2019-12-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4530689)
2019-12-11 00:00:00
kaspersky
kaspersky
KLA11862 Multiple vulnerabilities in Microsoft Products (ESU)
2019-12-10 00:00:00
KLA11868 Multiple vulnerabilities in Microsoft Windows
2019-12-10 00:00:00
KLA11616 Multiple vulnerabilities in Microsoft Windows
2019-12-11 00:00:00
cve
cve
prion
prion
Information disclosure
2019-12-10 22:15:00
Information disclosure
2019-12-10 22:15:00
Information disclosure
2019-12-10 22:15:00
talosblog
talosblog
Microsoft Patch Tuesday — Dec. 2019: Vulnerability disclosures and Snort coverage
2019-12-10 10:41:37
Vulnerability Spotlight: Two vulnerabilities in RDP for Windows 7, XP
2019-12-10 11:46:38
krebs
krebs
Patch Tuesday, December 2019 Edition
2019-12-11 01:51:25
Microsoft Patch Tuesday, January 2021 Edition
2021-01-13 01:32:20
mscve
mscve
Windows GDI Information Disclosure Vulnerability
2019-12-10 08:00:00
Windows Hyper-V Information Disclosure Vulnerability
2019-12-10 08:00:00
Windows Kernel Information Disclosure Vulnerability
2019-12-10 08:00:00
talos
talos
checkpoint_advisories
checkpoint_advisories
Microsoft Win32k Elevation of Privilege (CVE-2019-1458)
2019-12-10 00:00:00
metasploit
metasploit
Google Chrome 67, 68 and 69 Object.create exploit
2020-02-14 22:10:52
Microsoft Windows Uninitialized Variable Local Privilege Elevation
2020-10-15 15:59:44
githubexploit
githubexploit
Exploit for Vulnerability in Microsoft
2020-03-03 17:55:07
Exploit for Vulnerability in Microsoft
2020-03-11 08:30:14
zdt
zdt
Microsoft Windows Uninitialized Variable Local Privilege Escalation Exploit
2020-10-15 00:00:00
Microsoft Windows - (WizardOpium) Local Privilege Escalation Exploit
2020-03-09 00:00:00
packetstorm
packetstorm
Microsoft Windows Uninitialized Variable Local Privilege Escalation
2020-10-15 00:00:00
Microsoft Windows WizardOpium Local Privilege Escalation
2020-03-06 00:00:00
zdi
zdi
cisa_kev
cisa_kev
Microsoft Win32k Privilege Escalation Vulnerability
2022-01-10 00:00:00
symantec
symantec
googleprojectzero
googleprojectzero
TFW you-get-really-excited-you-patch-diffed-a-0day-used-in-the-wild-but-then-find-out-it-is-the-wrong-vuln
2020-04-02 00:00:00
Root Cause Analyses for 0-day In-the-Wild Exploits
2020-07-29 00:00:00
Detection Deficit: A Year in Review of 0-days Used In-The-Wild in 2019
2020-07-29 00:00:00
threatpost
threatpost
SAS@Home Virtual Summit Showcases New Threat Intel, Industry Changes
2020-04-24 20:44:05
Microsoft Issues Out-of-Band Update for SharePoint Bug
2019-12-18 19:14:55
Microsoft Zaps Actively Exploited Zero-Day Bug
2019-12-10 21:21:24
attackerkb
attackerkb
Chrome 0-day exploit CVE-2019-13720 used in Operation WizardOpium
2019-10-10 00:00:00
CVE-2019-1458
2019-12-10 00:00:00
thn
thn
Sophisticated Phishing Campaign Targeting Chinese Users with ValleyRAT and Gh0st RAT
2023-09-20 09:56:00
Latest Microsoft Update Patches New Windows 0-Day Under Active Attack
2019-12-11 06:19:00
DirtyMoe Botnet Gains New Exploits in Wormable Module to Spread Rapidly
2022-03-17 12:59:00
securelist
securelist
Windows 0-day exploit CVE-2019-1458 used in Operation WizardOpium
2019-12-10 20:00:39
APT trends report Q3 2020
2020-11-03 10:00:37
The zero-day exploits of Operation WizardOpium
2020-05-28 10:00:09
qualysblog
qualysblog
December 2019 Patch Tuesday – 36 Vulns, 7 Critical, Actively Attacked Win32k vuln, Adobe vulns
2019-12-10 19:04:23
Assess Your Risk From Ransomware Attacks, Powered by Qualys Research
2021-10-05 12:50:00
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00
trellix
trellix
Take a "NetWalk" on the Wild Side
2020-08-03 00:00:00
Take a "NetWalk" on the Wild Side
2020-08-03 00:00:00
rapid7blog
rapid7blog
Metasploit Wrap-Up
2020-10-23 18:56:55
cisa
cisa
CISA Adds 15 Known Exploited Vulnerabilities to Catalog
2022-01-10 00:00:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.7 Medium
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.968 High
EPSS
Percentile
99.7%
Related for KB4530730