This security update includes improvements and fixes that were a part of update KB4499182 (released May 23, 2019) and addresses the following issues:
- Addresses a security vulnerability by intentionally preventing connections between Windows and Bluetooth devices that are not secure and use well-known keys to encrypt connections, including security fobs. If BTHUSB Event 22 in the Event Viewer states, “Your Bluetooth device attempted to establish a debug connection….”, then your system is affected. Contact your Bluetooth device manufacturer to determine if a device update exists. For more information, see CVE-2019-2102 and KB4507623.
- Addresses an issue that may prevent the Preboot Execution Environment (PXE) from starting a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.
- Addresses an issue with the HTTP and HTTPS string character limit for URLs when using Internet Explorer.
- Security updates to Windows App Platform and Frameworks, Windows Input and Composition, Windows Shell, Windows Server, Windows Authentication, Windows Datacenter Networking, Windows Storage and Filesystems, Windows Virtualization, Internet Information Services, and the Microsoft JET Database Engine.
For more information about the resolved security vulnerabilities, please refer to the Security Update Guide.