Welcome to the first Microsoft Windows Patch Day overview of 2019. Microsoft released security updates for all supported client and server versions of the Windows operating system and other company products such as Microsoft Office on January 8, 2019.
We publish a monthly overview shortly after Microsoft's release on the second Tuesday of each month. The overview lists all released security updates with links to Microsoft Support articles, known issues, downloads, and other Patch Tuesday related information.
You can check out the December 2018 Patch Day overview here.
Note: As always, we recommend to back up the system before you install updates for Windows or any other program.
Microsoft Windows Security Updates January 2019
Click on the following link to download an Excel spreadsheet that includes data about all released security updates for Microsoft Windows versions and other Microsoft products. Just click on the following link to start the download: security-updates-microsoft-january-2019-windows.zip
Executive Summary
- Microsoft released security updates for all client and server versions of Windows.
- No critical vulnerabilities in Windows 8.1 and 7.
- Microsoft released security updates for Microsoft Edge, Internet Explorer, Adobe Flash Player, .NET Framework, Microsoft Office, Microsoft Exchange Server, and Microsoft Visual Studio
- Windows 10 version 1809 is in active distribution. Check out our guide on delaying feature updates for Windows 10 to avoid the installation.
- The Update Catalog lists 187 updates for January 2019.
Operating System Distribution
- Windows 7: 15 vulnerabilities of which 15 are rated important.
- Windows 8.1: 18 vulnerabilities of which 18 are rated important.
- Windows 10 version 1607: 23 vulnerabilities of which 1 is critical and 22 are important
- CVE-2019-0551
- Windows 10 version 1703: 24 vulnerabilities of which 1 is critical and 23 are important
- CVE-2019-0551
- Windows 10 version 1709: 24 vulnerabilities of which 1 is critical and 23 are important
- CVE-2019-0551
- Windows 10 version 1803: 26 vulnerabilities of which 3 are critical and 23 are important
- CVE-2019-0547
- CVE-2019-0550
- CVE-2019-0551
- Windows 10 version 1809: 25 vulnerabilities of which 2 are critical and 23 are important
- CVE-2019-0550
- CVE-2019-0551
Windows Server products
- Windows Server 2008 R2: 15 vulnerabilities of which 15 are important.
- Windows Server 2012 R2: 18 vulnerabilities of which 18 are important.
- Windows Server 2016: 23 vulnerabilities of which 1 is critical and 22 are important.
- CVE-2019-0551
- Windows Server 2019: 25 vulnerabilities of which 2 are critical and 23 are important.
- CVE-2019-0550
- CVE-2019-0551
Other Microsoft Products
- Internet Explorer 11: 2 vulnerability, 1 critical, 1 important
- CVE-2018-8653
- Microsoft Edge: 5 vulnerabilities, 4 critical, 1 important
- CVE-2019-0539
- CVE-2019-0565
- CVE-2019-0567
- CVE-2019-0568
Windows Security Updates
All Windows versions:
Starting with the January 2019 security updates, PowerShell remote endpoints cannot be configured anymore to work with non-administrator accounts.
Attempts to use non-admin accounts throws the following error after installation of the updates:
“New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered. For more information, see the about_Remote_Troubleshooting Help topic.”
Windows 10 version 1809
KB4480116
Security updates to Microsoft Edge, Internet Explorer, Windows App Platform and Frameworks, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, Microsoft JET Database Engine, Windows Linux, Windows Virtualization, and the Microsoft Scripting Engine.
Windows 10 version 1803
Fixes a highly exploitable issue in Windows 10 version 1803; recommended to patch as early as possible. See Zero Day Initiative and Microsoft's guidance on the vulnerability.
KB4480966
- Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows Kernel, Windows Storage and Filesystems, Windows Virtualization, Windows Linux, Windows MSXML, and the Microsoft JET Database Engine .
Windows 10 version 1709
KB4480978
- Fixes an issue with esentutl /p which caused the repair to result in a "mostly empty database" which is corrupt and cannot be mounted.
- Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Virtualization, Windows Linux, and the Microsoft JET Database Engine.
Windows 10 version 1703
KB4480973
- Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows Authentication, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Virtualization, Windows Linux, and Microsoft JET Database Engine
Windows 10 version 1607
KB4480961
- Security updates to Internet Explorer, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows Kernel, Windows Hyper-V, Windows MSXML, and the Microsoft JET Database Engine.
Windows 8.1 and Windows Server 2012 R2
KB4480963 Monthly Rollup
- Protection against Speculative Story Bypass CVE-2018-3639 for AMD-based computers
- Security updates to Windows App Platform and Frameworks, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.
KB4480964 Security-only
- Same as Monthly Rollup
Windows 7 SP1 and Windows Server 2008 R2 SP1
Note: The updates may introduce issues with network shares.
KB4480970 Monthly Rollup
- Protection against Speculative Story Bypass CVE-2018-3639 for AMD-based computers
- Security updates to Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.
KB4480960 -- Security-only
- Same as Monthly Rollup
Other security updates
KB4483235 -- Windows 10 version 1809 and Windows Server 2019 -- Security update for Internet Explorer
KB4483234 -- Windows 10 version 1803 -- Security update for Internet Explorer
KB4483232 -- Windows 10 version 1709 -- Security update for Internet Explorer
KB4483230 -- Windows 10 version 1703 -- Security update for Internet Explorer
KB4483229 -- Windows 10 version 1607 and Windows Server 2016 -- Security update for Internet Explorer
KB4483187 -- Cumulative security update for Internet Explorer: December 19, 2018 -- fixes a remote code execution vulnerability.
KB4480059 -- Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008
KB4480051 -- Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012
KB4480054 -- Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2
KB4480055 -- Security and Quality Rollup for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008
KB4480057 -- Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2
KB4480058 -- Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012
KB4480061 -- Security and Quality Rollup for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012
KB4480062 -- Security and Quality Rollup for .NET Framework 2.0, 3.0 for Windows Server 2008
KB4480063 -- Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2
KB4480064 -- Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2
KB4480070 -- Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012
KB4480071 -- Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2
KB4480072 -- Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008
KB4480074 -- Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2
KB4480075 -- Security Only Update for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012
KB4480076 -- Security Only Update for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008
KB4480077 -- Security Only Update for .NET Framework 4 on WES09 and POSReady 2009
KB4480083 -- Security Only Update for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012
KB4480084 -- Security Only Update for .NET Framework 2.0, 3.0 for Windows Server 2008
KB4480085 -- Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2
KB4480086 -- Security Only Update for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2
KB4480957 -- Security Only Quality Update for Windows Server 2008
KB4480968 -- Security Monthly Quality Rollup for Windows Server 2008
KB4480965 -- Cumulative Security Update for Internet Explorer
KB4480972 -- Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012
KB4480975 -- Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012
KB4480979 -- Adobe Flash Player update
KB4481275 -- Security Update for WES09 and POSReady 2009
KB4481480 -- Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2
KB4481481 -- Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2
KB4481482 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012
KB4481483 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012
KB4481484 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2
KB4481485 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2
KB4481486 -- Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008
KB4481487 -- Security Only Update for .NET Framework 2.0 for Windows Server 2008
KB4480056 -- Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10
Notes
- ADV190001
- CVE-2019-0536
- CVE-2019-0537
- CVE-2019-0545
- CVE-2019-0549
- CVE-2019-0553
- CVE-2019-0554
- CVE-2019-0559
- CVE-2019-0560
- CVE-2019-0561
- CVE-2019-0569
- CVE-2019-0585
- CVE-2019-0588
Known Issues
Windows 10 version 1809 -- KB4480116
- Third-party applications may have difficulty authentication hotspots.
Windows 10 version 1803 -- KB4480966
- Same as Windows 10 version 1709
- Some users may not be able to pin web links to the Start Menu or Taskbar.
- After installing KB4467682, the cluster service may fail with 2245 (NERR_PasswordTooShort) if the Minimum Password Length policy is set to a value greater than 14 characters.KB4480966.
Windows 10 version 1709 -- KB4480978
Windows 10 version 1703 -- KB4480973
- Third-party applications may have difficulty authentication hotspots.
- Instantiation of SqlConnection can throw an exception.
Windows 10 version 1607 -- KB4480961
- Same as Windows 10 version 1709
- After installation of KB4467691, Windows may not start on "certain" Lenovo devices with less than 8 Gigabytes of RAM.
- After installing KB4467684, the cluster service may fail with 2245 (NERR_PasswordTooShort) if the Minimum Password Length policy is set to a value greater than 14 characters.KB4480966.
- After installation of the update on Windows Server 2016, Outlook instant searches may fail with "Outlook cannot perform the search".
- System Center Virtual Machine Manager (SCVMM) managed workloads are noticing infrastructure management issues after VMM refresh as the Windows Management Instrumentation (WMI) class around network port is being unregistered on Hyper-V hosts.
Windows 8.1 -- KB4480963
- Third-party applications may have difficulty authentication hotspots.
Windows 7 -- KB4480116
- Third-party applications may have difficulty authentication hotspots.
Security advisories and updates
ADV190001 | January 2019 Adobe Flash Update
Non-security related updates
KB4090007 -- Windows 10 version 1709 -- Intel Microcode updates around the following products (CPUs) have been revised
KB4091663 -- Windows 10 version 1703 -- Intel Microcode updates around the following products (CPUs) have been revised
KB4091664 -- Windows 10 version 1607 -- Intel Microcode updates around the following products (CPUs) have been revised
KB890830 -- Windows Malicious Software Removal Tool
Microsoft Office Updates
Microsoft released non-security updates for Office in the first week of January 2019.
The list of security updates released in January 2019 for Office is available here.
How to download and install the January 2019 security updates
Security updates are released via Windows Update for the majority of Home systems. All Home systems are set up to check for updates automatically and download these when discovered.
Administrators may run a manual check for updates to pick up the new releases early:
- Activate the Start Menu, e.g. by tapping on the Windows-key.
- Type Windows Update and select the tool from the list of results.
- Activate "check for updates" to run the manual update check.
Windows updates may be downloaded directly using third-party tools, e.g. Windows Update Minitool or wumgr, or Microsoft's Download Center. Links to the January 2019 cumulative updates are posted below.
Direct update downloads
Microsoft publishes all cumulative security updates and other updates on the Microsoft Update Catalog website. Direct download links are listed below.
Windows 7 SP1 and Windows Server 2008 R2 SP
- KB4480970 -- 2019-01 Security Monthly Quality Rollup for Windows 7
- KB4480960 -- 2019-01 Security Only Quality Update for Windows 7
Windows 8.1 and Windows Server 2012 R2
- KB4480963 -- 2019-01 Security Monthly Quality Rollup for Windows 8.1
- KB4480964 -- 2019-01 Security Only Quality Update for Windows 8.1
Windows 10 and Windows Server 2016 (version 1607)
- KB4480961 -- 2019-01 Cumulative Update for Windows 10 Version 1607
Windows 10 (version 1703)
- KB4480973 -- 2019-01 Cumulative Update for Windows 10 Version 1703
Windows 10 (version 1709)
- KB4480978 -- 2019-01 Cumulative Update for Windows 10 Version 1709
Windows 10 (version 1803)
- KB4480966 -- 2019-01 Cumulative Update for Windows 10 Version 1803
Windows 10 (version 1809)
- KB4480116 -- 2019-01 Cumulative Update for Windows 10 Version 1809
Additional resources
- January 2019 Security Updates release notes
- List of software updates for Microsoft products
- List of the latest Windows Updates and Services Packs
- Security Updates Guide
- Microsoft Update Catalog site
- Our in-depth Windows update guide
- How to install optional updates on Windows 10
- Windows 10 Update History
- Windows 8.1 Update History
- Windows 7 Update History