- As of February 11, 2020, Internet Explorer 10 is no longer in support. To get Internet Explorer 11 for Windows Server 2012 or Windows 8 Embedded Standard, see KB4492872. Install one of the following applicable updates to stay updated with the latest security fixes:
- Cumulative Update for Internet Explorer 11 for Windows Server 2012.
- Cumulative Update for Internet Explorer 11 for Windows 8 Embedded Standard.
- The May 2020 Monthly Rollup.
- Some customers using Windows Server 2008 R2 SP1 who activated their ESU multiple activation key (MAK) add-on before installing the January 14, 2020 updates might need to re-activate their key. Re-activation on affected devices should only be required once. For information on activation, see this blog post.
- WSUS scan cab files will continue to be available for Windows 7 SP1 and Windows Server 2008 R2 SP1. If you have a subset of devices running these operating systems without ESU, they might show as non-compliant in your patch management and compliance toolsets.
- Customers who have purchased the Extended Security Update (ESU) for on-premises versions of this OS must follow the procedures in KB4522133 to continue receiving security updates after extended support ends on January 14, 2020. For more information on ESU and which editions are supported, see KB4497181.
This security update resolves vulnerabilities in Internet Explorer. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures.
Additionally, see the following articles for more information about cumulative updates:
- The fixes that are included in this update are also included in the May 2020 Security Monthly Quality Rollup. Installing either this update or the Security Monthly Quality Rollup installs the same fixes.
- This update is not applicable for installation on a device on which the Security Monthly Quality Rollup or the Preview of Monthly Quality Rollup from May 2020 (or a later month) is already installed. This is because those updates contain all the same fixes that are included in this update.
- If you use update management processes other than Windows Update and you automatically approve all security update classifications for deployment, this update, the May 2020 Security Only Quality Update, and the May 2020 Security Monthly Quality Rollup are deployed. We recommend that you review your update deployment rules to make sure that the desired updates are deployed.
If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.
Known issues in this security update
We are currently not aware of any issues in this update.
How to get and install this update
Before installing this update
To install Windows 7 SP1, Windows Server 2008 R2 SP1, or Windows Server 2008 SP2 updates released on or after July 2019, you must have the following required updates installed. If you use Windows Update, these required updates will be offered automatically as needed.
- You must have the SHA-2 update (KB4474419) that is dated September 23, 2019 or a later SHA-2 update installed and then restart your device before you apply this update. For more information about SHA-2 updates, see 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.
- For Windows 7 SP1 and Windows Server 2008 R2 SP1, you must have installed the servicing stack update (SSU) (KB4490628) that is dated March 12, 2019. After update KB4490628 is installed, you must install the April 12, 2020 SSU (KB4550738) or a later SSU update. For more information about the latest SSU updates, see ADV990001 | Latest Servicing Stack Updates.
- For Windows Server 2008 SP2, you must have installed the servicing stack update (SSU) (KB4493730) that is dated April 9, 2019. After update KB4493730 is installed, you must install the April 14, 2020 SSU (KB4550737) or a later SSU update. For more information about the latest SSU updates, see ADV990001 | Latest Servicing Stack Updates.
Important You must restart your device after you install these required updates.
Install this update
To install this update, use one of the following release channels.
|Release Channel||Available||Next Step|
|Windows Update and Microsoft Update||Yes|| |
None. This update will be downloaded and installed automatically from Windows Update for the following versions:
For all other versions, see the other options below.
|Microsoft Update Catalog||Yes||To get the standalone package for this update, go to the Microsoft Update Catalog website.|
|Windows Server Update Services (WSUS)||Yes|| |
This update will automatically synchronize with WSUS if you configure Products and Classifications as follows:
Product: Windows Server 2008 Service Pack 2, Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Server 2012, Windows Embedded 8 Standard, Windows 8.1, Windows Server 2012 R2
Classification: Security Updates
The English (United States) version of this software update installs files that have the attributes that are listed in the following tables.
Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.
Windows 8.1, Windows RT 8.1 and Windows Server 2012 R2