Microsoft just released the May 2019 cumulative update with important security patches. Along with the security patches, the update package also contains non-security updates. The update patches the Specter variant 2 and new subclass of speculative execution side-channel vulnerabilities. It is recommended that you install the update as soon as possible. Direct download links for KB4494441 can be found below.
To update Windows 10 1903 with KB4494441, open the settings, go to “Update & Security -> Windows Update” and click on the “Check for updates” button. This action will force Windows to search for any and all available update and install them automatically.
KB4494441 Offline Installer Download Link
Alternatively, use the below links to download KB4494441 offline installer. If you are using a 64-bit system, follow the 64-bit download. If you are running a 32-bit system, follow the 32-bit download link. For your convenience, I’ve also added the effective download size.
If you are on ARM or Server versions, use the below link to download those versions. In the Microsoft website, click on the Download button next to your version and then click on the link in the pop-up window. The download will start instantly.
KB4494441 Change Log
- Enables “Retpoline” by default if Spectre Variant 2 (CVE-2017-5715) is enabled. Make sure previous OS protections against the Spectre Variant 2 vulnerability are enabled using the registry settings described in the Windows Client and Windows Server articles. (These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions). For more information about “Retpoline”, see Mitigating Spectre variant 2 with Retpoline on Windows.
- Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 64-Bit (x64) versions of Windows (CVE-2019-11091, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130). Use the registry settings as described in the Windows Client and Windows Server articles. (These registry settings are enabled by default for Windows Client OS editions and Windows Server OS editions).
- Adds “uk.gov” into the HTTP Strict Transport Security Top Level Domains (HSTS TLD) for Internet Explorer and Microsoft Edge.
- Addresses an issue that may cause “Error 1309” while installing or uninstalling certain types of .msi and .msp files on a virtual drive.
- Addresses an issue that prevents the Microsoft Visual Studio Simulator from starting.
- Addresses an issue that may cause zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) to fail.
- Addresses an issue that causes the Simple Network Management Protocol (SNMP) Management Information Base registration to fail when the Windows Management Instrumentation (WMI) provider uses the Windows tool SMI2SMIR.exe.
- Addresses an issue that may cause the text, layout, or cell size to become narrower or wider than expected in Microsoft Excel when using the MS UI Gothic or MS PGothic fonts.
- Security updates to Microsoft Edge, Internet Explorer, Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Graphics, Windows Storage and Filesystems, Windows Cryptography, the Microsoft JET Database Engine, Windows Kernel, Windows Virtualization, and Windows Server.
That is it.