Cumulative security update for Internet Explorer: November 10, 2020

Applies to: Internet Explorer 11 on Windows Server 2012 R2Internet Explorer 11 on Windows Server 2012Internet Explorer 11 on Windows Server 2008 R2 SPTag

About this update

This cumulative security update does not include an update for Internet Explorer 9 for Windows Server 2008 Service Pack 2 (SP2). For the latest update, see KB4577010.

Summary


This security update resolves vulnerabilities in Internet Explorer. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures.

Additionally, see the following articles for more information about cumulative updates:

Important

  • The fixes that are included in this update are also included in the November 2020 Security Monthly Quality Rollup. Installing either this update or the Security Monthly Quality Rollup installs the same fixes.
  • This update is not applicable for installation on a device on which the Security Monthly Quality Rollup or the Preview of Monthly Quality Rollup from November 2020 (or a later month) is already installed. This is because those updates contain all the same fixes that are included in this update.
  • If you use update management processes other than Windows Update and you automatically approve all security update classifications for deployment, this update, the November 2020 Security Only Quality Update, and the November 2020 Security Monthly Quality Rollup are deployed. We recommend that you review your update deployment rules to make sure that the desired updates are deployed.
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

Known issues in this security update


We are currently not aware of any issues in this update.

How to get and install this update


Before installing this update

To install Windows 7 SP1, Windows Server 2008 R2 SP1, or Windows Server 2008 SP2 updates released on or after July 2019, you must have the following required updates installed. If you use Windows Update, these required updates will be offered automatically as needed.

  • You must have the SHA-2 update (KB4474419) that is dated September 23, 2019 or a later SHA-2 update installed and then restart your device before you apply this update. For more information about SHA-2 updates, see 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.

    You must have installed the servicing stack update (SSU) (KB4490628) that is dated March 12, 2019. After update KB4490628 is installed, you must install the October 13, 2020 SSU (KB4580970) or a later SSU update. For more information about the latest SSU updates, see ADV990001 | Latest Servicing Stack Updates.
     
  • For Windows 7 SP1 and Windows Server 2008 R2 SP1, you must have purchased the Extended Security Update (ESU) for on-premises versions of these operating systems and follow the procedures in KB4522133 to continue receiving security updates after extended support ends. Extended support ends as follows:
    • For Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1, extended support ends on January 14, 2020.
    • For Windows Embedded Standard 7, extended support ends on October 13, 2020.

    For more information about ESU and which editions are supported, see KB4497181.

    Notes

    • For Windows Embedded Standard 7, Windows Management Instrumentation (WMI) must be enabled to get updates from Windows Update or Windows Server Update Services.
    • For Windows Thin PC, you must have the August 11, 2020 SSU (KB4570673) or a later SSU installed to make sure you continue to get the extended security updates starting with the October 13, 2020 updates.
  • For Windows Server 2008 SP2, you must have installed the servicing stack update (SSU) (KB4493730) that is dated April 9, 2019. After update KB4493730 is installed, you must install the October 13, 2020 SSU (KB4580971) or a later SSU update.  For more information about the latest SSU updates, see ADV990001 | Latest Servicing Stack Updates.

  • To get this security update, you must reinstall the "Extended Security Updates (ESU) Licensing Preparation Package" (KB4538483) or the "Update for the Extended Security Updates (ESU) Licensing Preparation Package" (KB4575903) even if you previously installed the ESU key. The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the Microsoft Update Catalog.

Important You must restart your device after you install these required updates.

Install this update

To install this update, use one of the following release channels.

Release Channel Available Next Step
Windows Update and Microsoft Update Yes

None. This update will be downloaded and installed automatically from Windows Update for  the following versions:

  • Internet Explorer 11 for Windows Server 2012 and Windows Embedded 8 Standard

For all other versions, see the other options below.

Microsoft Update Catalog Yes To get the standalone package for this update, go to the Microsoft Update Catalog website.
Windows Server Update Services (WSUS) Yes

This update will automatically synchronize with WSUS if you configure Products and Classifications as follows:

Product: Windows Server 2008 Service Pack 2, Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Server 2012, Windows Embedded 8 Standard, Windows 8.1, Windows Server 2012 R2

Classification: Security Updates

File information


File verification

File attributes

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables.

Note The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

Windows 8.1, Windows RT 8.1 and Windows Server 2012 R2

Windows Server 2012

Windows 7 and Windows Server 2008 R2

Information about protection and security


References


Learn about the terminology that Microsoft uses to describe software updates.