Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET
Windows 10

Patch Tuesday April 2019

This month Windows is patched for two zero-day flaws, Windows 7 and Windows Server 2008 R2 users report that devices with Sophos Antivirus can’t log in after installing KB4493472 and authentication failures to services configured with unconstrained delegation.

Windows 10, Windows Server 2016, and Windows Server 2019

This month there are 36 fixes for flaws in Windows 10 version 1809. CVE-2019-0803 and CVE-2019-0859 are zero-days reported by Alibaba Cloud Intelligence Security Team and Kaspersky Lab respectively. Both are an elevation of privilege (EOP) flaws where the Win32k component improperly handles objects in memory, potentially allowing an attacker to run arbitrary code in kernel mode. An attacker would need to log in to Windows to be able to exploit this flaw. There are no further details about the vulnerabilities other than that they have both been actively exploited.

8 remote code execution (RCE) bugs rated critical have been patched. One in the Windows IOleCvt interface could let an attacker run malicious code from an ASP webpage, or Microsoft Office document with embedded ActiveX Control, and take control of a system. A flaw in the Windows Graphics Device Interface (GDI) could also let an attacker take control of a system. Similar vulnerabilities affect Hyper-V vSMB and Microsoft XML Core Services.

Sponsored Content

Say Goodbye to Traditional PC Lifecycle Management

Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.

Windows 7 and Windows Server 2008 R2

Windows 7 gets patches for 6 critical bugs affecting the IOleCvt interface, the Windows Graphics Device Interface (GDI), and Microsoft XML Core Services. It also gets patches for the CVE-2019-0803 and CVE-2019-0859 zero-days which affect Windows 10.

After installing this month’s monthly rollup for Windows 7 SP1 (KB4493472), some users are reporting that after rebooting, they are unable to log in to their systems. At present, this seems to affect users that have Sophos Endpoint Antivirus software installed. Microsoft has announced that it is now blocking KB4493472 for devices running Sophos Endpoint until a solution has been found.

Another issue being reported is that authentication fails for services that require unconstrained delegation after the Kerberos ticket expires. You might see this manifest itself in the SQL Server service failing. Microsoft has published a few workarounds which involve changing to constrained delegation, restarting the affected application, or purging Kerberos tickets on the application server. For more information on both issues affecting KB4493472, see Microsoft’s website here.

Microsoft Office

7 vulnerabilities are patched in Office 365 ProPlus, all rated important. 6 are RCEs and the remaining bug EOP. CVE-2019-0822 is a Microsoft Graphics Components flaw that could allow an attacker to run arbitrary code by tricking users into opening a specially crafted file. Both SharePoint and Exchange get patches for 2 spoofing vulnerabilities.


This month Adobe released patches for Flash Player, Adobe Reader, and Acrobat. Flash updates are automatically downloaded by Windows Update for Internet Explorer and Edge. Google Chrome users will also receive the updates automatically.

Adobe also announced end-of-life for Shockwave Player. Remember that? What this announcement means is that there will be no more security updates for Shockwave. If you have Shockwave installed on your systems, you should look at removing it as quickly as possible.

Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

IT consultant, Contributing Editor @PetriFeed, and trainer @Pluralsight. All about Microsoft, Office 365, Azure, and Windows Server.
Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: