10 replies to this topic

[Tomk]

FYI...

MS Security Updates - August 2017

- https://portal.msrc....curity-guidance
[Total items: 144] [Page: 1 / 8]- 8/8/2017

MS Security Update Summary
> https://portal.msrc....uidance/summary
[Total items: 41] [Page: 1 / 3] - 8/8/2017

>https://blogs.techne...m/msrc/2017/08/
July 11, 2017 - "Today, we released security updates to provide additional protections against malicious attackers..."

Release Notes - August 2017 Security Updates
- https://portal.msrc....dd-000d3a32fc99

Release Date: August 08, 2017 - "The August security release consists of security updates for the following software:

• Internet Explorer
• Microsoft Edge
• Microsoft Windows
• Microsoft SharePoint
• Adobe Flash Player
• Microsoft SQL Server"

___



ghacks.net:
- https://www.ghacks.n...t-2017-release/
August 8, 2017 - "... Executive Summary:

• Microsoft released security patches for all versions of Microsoft Windows.
• Other Microsoft products with patched vulnerabilities are Microsoft Edge, Internet Explorer, Microsoft SharePoint and Microsoft SQL Server

Operating System Distribution

• Windows 7:  9 vulnerabilities of which 2 are rated critical, 7 important
• Windows 8.1: 11 vulnerabilities of which 4 are rated critical, 7 important
• Windows 10 version 1703: 14 vulnerabilities of which 5 are rated critical, 9 important

Windows Server products:

• Windows Server 2008 R2: 10 vulnerabilities, of which 3 are rated critical, 7 important
• Windows Server 2012 and 2012 R2: 11 vulnerabilities, of which 4 are rated critical 7 important
• Windows Server 2016: 12 vulnerabilities of which 4 are rated critical, 8 important

Other Microsoft Products

• Internet Explorer 11: 8  vulnerabilities, 7 critical, 1 important
• Microsoft Edge: 28 vulnerabilities, 21 critical,  7 important, 1 moderate

(More at the ghacks URL above.)
___

- https://www.thezdi.c...y-update-review
August 8, 2017 - "Microsoft released 48 security patches for August covering Windows, Internet Explorer (IE), Edge, the subsystem for Linux, Kernel, SharePoint, SQL Server, and Hyper-V. Of these 48 CVEs, 25 are listed as Critical, 21 are rated Important, and two are Moderate in severity. A total of seven of these CVEs came through the ZDI program. Two of these bugs are listed as publically known prior to release, with one bug listed as having publicly available PoC."

___

Qualys analysis: https://blog.qualys....es-43-for-adobe
August 8, 2017 - "Today Microsoft released patches covering 48 vulnerabilities as part of August’s Patch Tuesday update, with 15 of them affecting Windows. Patches covering 25 of these vulnerabilities are labeled as Critical, and 27 can result in Remote Code Execution. According to Microsoft, none of these vulnerabilities are currently being exploited in the wild."
*https://portal.msrc....y/CVE-2017-8620

[ken545]

Thanks Tom 

[AplusWebMaster]

FYI...

Win7 August 2017 patches - bugzz
- http://computerworld...n-problems.html
Aug 14, 2017 - "... We now have solid reports of a -bug- in -both- of the Win-7 security patches for this month, KB 4034664* (the monthly rollup, installed by Windows Automatic Update) and KB 4034679** (the manual security-only patch). If you have a Win7 machine with two or more monitors, and there’s something weird happening with the second monitor, you may be able to solve the problem by uninstalling the bad patch..."

* https://support.micr...pdate-kb4034664
Last Review: Aug 9, 2017 - Rev: 21
Last Review: Aug 16, 2017 - Rev: 23
Last Review: Aug 18, 2017 - Rev: 25
Last Review: Aug 25, 2017 - Rev: 26

** https://support.micr...pdate-kb4034679
Last Review: Aug 9, 2017 - Rev: 23
Last Review: Aug 16, 2017 - Rev: 27
Last Review: Aug 18, 2017 - Rev: 28

Last Review: Aug 25, 2017 - Rev: 29

 

- https://www.askwoody...dering-problem/
Aug 26, 2017
 

   

Edited by AplusWebMaster, 27 August 2017 - 06:10 AM.

[AplusWebMaster]

FYI...

Win7 August 2017 patches - bugzz
- http://computerworld...n-problems.html
Aug 14, 2017 - "... We now have solid reports of a -bug- in -both- of the Win-7 security patches for this month, KB 4034664* (the monthly rollup, installed by Windows Automatic Update) and KB 4034679** (the manual security-only patch). If you have a Win7 machine with two or more monitors, and there’s something weird happening with the second monitor, you may be able to solve the problem by uninstalling the bad patch..."

* https://support.micr...pdate-kb4034664
Last Review: Aug 9, 2017 - Rev: 21
Last Review: Aug 16, 2017 - Rev: 23
Last Review: Aug 18, 2017 - Rev: 25
Last Review: Aug 25, 2017 - Rev: 26
Last Review: Aug 29, 2017 - Rev: 27
Last Review: Aug 30, 2017 - Rev: 29

** https://support.micr...pdate-kb4034679
Last Review: Aug 9, 2017 - Rev: 23
Last Review: Aug 16, 2017 - Rev: 27
Last Review: Aug 18, 2017 - Rev: 28
Last Review: Aug 25, 2017 - Rev: 29

Last Review: Aug 29, 2017 - Rev: 30
Last Review: Aug 30, 2017 - Rev: 31

- https://www.askwoody...dering-problem/
Aug 26, 2017
___

Patch Watch: August’s Follow-Up Fixes
> http://windowssecret...ollow-up-fixes/
Aug 22, 2017 - "I have a phrase I often use with technology: Keep the children on the playground the same age. This means -not- mixing older-and-younger groups; they have different skill levels and abilities. The same goes for .NET 4.7, applications and Windows 7. If you dig into various locations on the web you will see post install side effects such as the following:
    Impacting Autocad and earlier versions as noted in a forum[1]
1] https://www.cadnause...tocad-pre-2017/
    .NET 4.7 crashing Quickbooks as noted on a blog[2]
2] http://www.intuitive...s/#.WZO9HLpFw2w
    Possible issues with Arcgis Pro[3]
3] https://geonet.esri....eaks-arcgis-pro
    May have issues with touchscreen inputs as notes in this post[4]
4] https://www.reddit.c...2dp&sh=376b604f
    Techsmith Snagit impact with .NET 4.7 as noted in this forum[5]
5] https://www.reddit.c...2dp&sh=376b604f
I’ll be investigating and see if the 4.7 update is the trigger for these issues but in the meantime if you are impacted and want to block .NET 4.7 you can use a registry key as noted on the Ghacks site.[6]
6] https://www.ghacks.n...7-installation/
... What to do: Consider -blocking- .NET 4.7 on older operating systems.
Windows 10 1607 Side Effects: The release of 4034658 to Windows 10, version 1607 release had a few noticeable side effects: Naming it wiped-out-your-update-history. As an alternative, to see which quality updates have been applied, you can navigate to the inventory by going to Control Panel -> Programs -> “View Installed Updates.” In addition, the update had additional-side-effects of making any hidden updates pop back up again. So if you hid the 1703 update it -will- offer back up again. Finally in a network setting, WSUS servers will exhibit increased CPU, memory, and network utilization when Windows Update clients perform their first scan after installing KB4034658. Remember this only happens with the KB4034658* for Windows 10 1607 update."
* https://support.micr...hk/help/4034658
Last updated: 11 Aug 2017 - Rev: 21
Last Review: 28 Aug 2017 - Rev: 25
___

Fixes or workarounds for recent issues in Outlook for Windows
- https://support.offi...73-95a214ac1230
Last updated: Aug 24, 2017
___

Update for Office 2016 (KB4011093)
- https://support.micr...-2016-kb4011093
Last Review: Aug 24, 2017 - Rev: 16
Last Review: Sep 1, 2017 - Rev: 20
___

August 25, 2017 — KB4039884
> https://support.micr...pdate-kb4039884
Last Review: Aug 25, 2017 - Rev: 33
Last Review: Aug 30, 2017 - Rev: 34 - "This update addresses an issue where UI elements, including menu bars, are missing from Windows and Java applications running on computers with multiple monitors (multimon). The issue affects console and Remote Desktop logons when the main monitor is -not- in the top left area of the monitor layout in Control Panel. Applications may also stop responding or not work properly when moved between monitors. This issue impacts the following releases:
    2017-08 Monthly Rollup - KB4034664
    2017-08 Security-only update - KB4034679
    2017-08 Preview of Monthly Rollup - KB4034670
Before you install this update, you must install KB4034664 or KB4034679, and then apply this update... Microsoft is working on a resolution and will provide an update in an upcoming release..."

"... If you have problems with a Windows 7 second monitor after installing this month’s KB 4034664, there’s a new manual-install-only fix. But it’s buggy, too"
>> http://www.computerw...kb-4039884.html
Aug 28, 2017
 

Edited by AplusWebMaster, 04 September 2017 - 08:17 AM.

[AplusWebMaster]

FYI...

MS patch alert: Outstanding problems with recent updates
... Long list of -unresolved- issues
- https://www.computer...nt-updates.html
Aug 31, 2017 - "... Recommendation: Hold off on applying August Windows and Office patches."
 

[ken545]

Should I disable Windows updates from services ?

[AplusWebMaster]

 

Should I disable Windows updates ...

 

I have had mine set to "Check for updates but let me choose whether to download and install them" forever;

 

... and it will remain so until their "QC" is in place - which was lost when they laidoff the "Trustworthy Computing" group sometime ago...

 

[ken545]

I have windows 10 and dont see that option

[AplusWebMaster]

'Suggest setting Win10 to: "Metered connection" ... and see details (and other tips) in this forum:

 

>> https://www.askwoody.com/

 

[ken545]

I saw that but was not sure about it, thanks

[AplusWebMaster]

FYI...

September 2017 Non-Security Office Update Release
- https://blogs.techne...update-release/
Sep 5, 2017 - "Listed below are the non-security updates we released on the Download Center and Microsoft Update. See the linked KB articles for more information.

Office 2013
Update for Microsoft Office 2013 (KB3172484)
- https://support.micr...om/help/3172484
Update for Microsoft Office 2013 (KB3172512)
- https://support.micr...om/help/3172512
Update for Microsoft Office 2013 (KB3203486)
- https://support.micr...om/help/3203486
Update for Microsoft Office 2013 (KB3213536)
- https://support.micr...om/help/3213536
Update for Microsoft Office 2013 (KB4011087)
- https://support.micr...om/help/4011087
Update for Microsoft Office 2013 (KB4011106)
- https://support.micr...om/help/4011106
Update for Microsoft Project 2013 (KB4011109)
- https://support.micr...om/help/4011109
Update for Microsoft Visio 2013 (KB3191936)
- https://support.micr...om/help/3191936
Update for Microsoft Word 2013 (KB4011105)
- https://support.micr...om/help/4011105

Office 2016
Update for Microsoft Access 2016 (KB4011032)
- https://support.micr...om/help/4011032
Update for Microsoft Office 2016 (KB3191923)
- https://support.micr...om/help/3191923
Update for Microsoft Office 2016 (KB3191924)
- https://support.micr...om/help/3191924
Update for Microsoft Office 2016 (KB3203478)
- https://support.micr...om/help/3203478
Update for Microsoft Office 2016 (KB3203482)
- https://support.micr...om/help/3203482
Update for Microsoft Office 2016 (KB4011093)
- https://support.micr...om/help/4011093
Update for Microsoft Office 2016 (KB4011099)
- https://support.micr...om/help/4011099
Update for Microsoft Office 2016 (KB4011102)
- https://support.micr...om/help/4011102
Update for Microsoft Office 2016 Language Interface Pack (KB4011098)
- https://support.micr...om/help/4011098
Update for Microsoft OneNote 2016 (KB4011092)
- https://support.micr...om/help/4011092
Update for Microsoft Project 2016 (KB4011101)
- https://support.micr...om/help/4011101
Update for Microsoft Visio 2016 (KB4011096)
- https://support.micr...om/help/4011096
Update for Microsoft Word 2016 (KB4011039)
- https://support.micr...om/help/4011039
___

- https://www.computer...-carefully.html
Sep 5, 2017 - "August was a banner month for Windows and Office customers. If I counted correctly, we saw patches on -14- different days last month... current list of outstanding problems... it’s time for you to get the August patches out of the way..."
(More detail at the computerworld URL above.)