Another Patch Tuesday in the books for the year, but not without its surprises. Have a look at the surprisingly long list of quirks and issues that emerged throughout the rest of the week.

Of course, here are the quick links to stay up to date on any developing known issues:

Patch Tuesday Follow-Up

While we try to cover all the currently known issues in the Patch Tuesday Webinar, more issues tend to come out over the remainder of the week. Here’s a list of the interesting quirks and known issues that have been discovered:

  • It looks like the two “Zero-Day” CVEs that were reported by Microsoft have been updated to report that they’re not exploited. Both CVE-2019-1214 and CVE-2019-1215 have had their pages updated to reflect Microsoft’s change, but few details have been provided outside of this fact.
  • The Windows 10 1903 update (KB4515384) resolved the 100% CPU issue mentioned in last week’s post, but it appears new issues have taken its place:
    • WindowsLatest is reporting audio issues on select machines where audio is no longer functional or is heavily reduced in applications.
    • The Reddit sysadmin Patch Tuesday thread is mentioning issues with the Start Menu where an error is thrown when opened. Only rolling back to an earlier update has resolved the issue.
  • Users of Dell Encryption should be cautious as the Windows 10 1809 (KB4515384) and Windows 10 1903 (KB4515384) updates are running into blue screens displaying BAD SYSTEM CONFIG INFO.
  • On Patch Tuesday, we noticed issues with the Windows 10 1809 x64 update (KB4512578) where the patch binary would fail to download. In our testing, we found that depending on the file server, the download size would only return around 233MB instead of 262MB and the file would be corrupt. Attempting the download multiple times seems to eventually return the proper file.
  • KB4493730, the April servicing stack update for Server 2008 is required before the next servicing stack and September updates can be installed.
  • KB4490628, the March servicing stack for Windows 7 and Server 2008 R2 is required before the next servicing stack and September updates can be installed.

Third-Party Updates

Of course, other vendors have been releasing updates for their respective software. While these updates might not have identified vulnerabilities, they still have helpful stability fixes as well as potential undisclosed security fixes:

Software Title

Ivanti ID

Ivanti KB

Apple Mobile Device Support 13.0.0.38

AMDS-026

QAMDS130038

CoreFTP LE 2.2.1941

COREFTP-040

QCFTP221941

iTunes 12.10

AI19-005

QAI1210

Microsoft Power BI Desktop 2.73.5586.661

PBID-064

QBI2735586661

Opera 63.0.3368.88

OPERA-228

QOP630336888

PDF-Xchange PRO 8.0.333.0

PDFX-033

QPDFX803330

Plex Media Player 2.41.0

PLXP-045

QPLXP2410

Thunderbird 68.1.0

TB19-6810

QTB6810

Visual Studio 2019 version 16.2.4

MSNS19-09-VS2019

QVS20191624

Visual Studio Code 1.38.1

MSNS19-0912-CODE

QVSCODE1381

Wireshark 2.6.11

WIRES-101

QWIRES2611

Wireshark 3.0.4

WIRES-102

QWIRES304

Zoom Client 4.5.3372

ZOOM-028

QZOOM453372

Free Whitepaper: What to do BEFORE all hell breaks loose