November 2022 Cumulative Updates available for Windows 7 SP1 and 8.1

New Monthly Rollup and Security-only updates available for older Windows 8.1 and Windows 7 users who signup for Extended Security Updates (ESU) Here what's new

- Advertisement -

Along with the November 2022 Patch, Tuesday updates KB5019980, KB5019961 and KB5019959 for all supported windows 11 and windows 10 devices. Microsoft also released updates KB5020023 and KB5020010 for older devices as well. As you know Windows 7 reached the end of support on 14th January 2020 these updates are only applicable for Windows 8.1 and Server 2012. And the Extended Security Updates KB5020000 and KB5020013 are available for Windows 7, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2 who have paid for Extended Security Updates (ESU).

For Windows 8.1

Microsoft fixed 23 vulnerabilities with Windows 8, Here 4 Vulnerabilities critical classified as Critical as they allow Denial of Service (DoS), Elevation of Privilege (EoP), and Remote Code Execution (RCE) and the remaining 19 are important. The following are four critical Vulnerabilities.

  • Windows Scripting Languages Remote Code Execution Vulnerability — CVE-2022-41128
  • Windows Scripting Languages Remote Code Execution Vulnerability — CVE-2022-41118
  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-41088
  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-41039

Again Both KB5020023 (Monthly Rollup) and KB5020010 (Security-only update) contains miscellaneous security improvements to internal OS functionality.

  • Addresses a Distributed Component Object Model (DCOM) authentication hardening issue to automatically raise authentication level for all non-anonymous activation requests from DCOM clients. This will occur if the authentication level is less than RPC_C_AUTHN_LEVEL_PKT_INTEGRITY.
  • Updates the daylight-saving time (DST) for Jordan to prevent moving the clock back 1 hour on October 28, 2022. Additionally, changes the display name of Jordan standard time from “(UTC+02:00) Amman” to “(UTC+03:00) Amman”.
  • Addresses an issue where Microsoft Azure Active Directory (AAD) Application Proxy Connector cannot retrieve a Kerberos ticket on behalf of the user because of the following general API error: “The handle specified is invalid (0x80090301).”
  • Addresses an issue where, after installing the January 11, 2022 or later update, the Forest Trust creation process fails to populate the DNS name suffixes into the trust information attributes.
  • Addresses an issue where the Microsoft Visual C++ Redistributable Runtime does not load into the Local Security Authority Server Service (LSASS) when Protected Process Light (PPL) is enabled.
  • Addresses security vulnerabilities in the Kerberos and Netlogon protocols as outlined in CVE-2022-38023CVE-2022-37966, and CVE-2022-37967.

Windows 7 SP1

- Advertisement -

Important Note:
Starting today 14 January 2020  Windows 7 reached the end of life, which means devices running windows 7 sp1 no longer receive any other security patches. Microsoft recommends upgrade windows 11 or windows 10 for the latest security features and protection against malicious software.
Windows 7 end of life warning

Microsoft fixed 21 vulnerabilities with Windows 7, Here 4 Vulnerabilities critical classified as Critical as they allow Denial of Service (DoS), Elevation of Privilege (EoP), and Remote Code Execution (RCE) and the remaining 17 are important. The following are four critical Vulnerabilities.

  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-41039
  • Windows Scripting Languages Remote Code Execution Vulnerability — CVE-2022-41128
  • Windows Scripting Languages Remote Code Execution Vulnerability — CVE-2022-41118
  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-41044

Windows 7 KB5020000 and KB5020013 also bring similar changes that include:

  • Addresses a Distributed Component Object Model (DCOM) authentication hardening issue to automatically raise authentication level for all non-anonymous activation requests from DCOM clients. This will occur if the authentication level is less than RPC_C_AUTHN_LEVEL_PKT_INTEGRITY.
  • Updates the daylight-saving time (DST) for Jordan to prevent moving the clock back 1 hour on October 28, 2022. Additionally, changes the display name of Jordan standard time from “(UTC+02:00) Amman” to “(UTC+03:00) Amman”.
  • Addresses an issue where Microsoft Azure Active Directory (AAD) Application Proxy Connector cannot retrieve a Kerberos ticket on behalf of the user because of the following general API error: “The handle specified is invalid (0x80090301).”
  • Addresses an issue where, after installing the January 11, 2022 or later update, the Forest Trust creation process fails to populate the DNS name suffixes into the trust information attributes.
  • Addresses security vulnerabilities in the Kerberos and Netlogon protocols as outlined in CVE-2022-38023CVE-2022-37966, and CVE-2022-37967.

Known issues: 

- Advertisement -

After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

The company says this issue is expected in the following circumstances:

  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated.
- Advertisement -

If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated.

Windows 7 SP1 and Windows Server 2008 R2 SP Download links

Also Microsoft mentioned these updates are not available via Windows Update this can only be installed with a manual download. You can download these updates from the Microsoft Update Catalog website using the links below.

You must install the updates listed below and restart your device before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.

  1. The March 12, 2019 servicing stack update (SSU) (KB4490628).  To get the standalone package for this SSU, search for it in the Microsoft Update Catalog. This update is required to install updates that are only SHA-2 signed.
  2. The latest SHA-2 update (KB4474419) released September 10, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.
  3. The January 14, 2020 SSU (KB4536952) or later. To get the standalone package for this SSU, search for it in the Microsoft Update Catalog.
  4. The Extended Security Updates (ESU) Licensing Preparation Package (KB4538483) was released on February 11, 2020. The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the Microsoft Update Catalog.

After installing the items above, Microsoft strongly recommends that you install the latest SSU (KB4537829). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer.

Windows 8.1 and Windows Server 2012 R2

  • KB5020023 — 2022-11 Security Monthly Quality Rollup for Windows 8.1
  • KB5020010 — 2022-11 Security Only Quality Update for Windows 8.1

Also, New cumulative updates are available for the latest Windows 10 22H2, read the changelog from here.

Also read:

- Advertisement -

Advertisment

ALSO READ:-

- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here
Captcha verification failed!
CAPTCHA user score failed. Please contact us!