• September Security patches for Windows and Office are out

    Posted on September 12, 2017 at 12:06 CDT by

    I’ll keep this post updated (as I furtively watch the Apple announcement – there’s a reliable one on YouTube).

    Overall list here. I see 259 individual security patches.

    Martin Brinkmann just posted his overview on the Ghacks site.

    • Windows 7:  22 vulnerabilities of which 3 are rated critical, 19 important
    • Windows 8.1: 26 vulnerabilities of which 4 are rated critical, 22 important
    • Windows 10 version 1703: 25 vulnerabilities of which 2 are rated critical, 23 important

    I swear, I don’t know how Martin gets his list out so quickly.

    The release notes still refer to the 1507 LTSB edition (now known as the Win10 2015 LTSC).

    Win10 1703 (Creators Update) cumulative update announced, build 15063.608. It’s huge – many dozens of bug fixes, in addition to multiple security patches. Watch out for this one!

    Win10 1607 (Anniversary Update) cumulative update announced, build 14393.1715. A half dozen bug fixes and all those security updates.

    September Office Updates for all versions are available here. Considering the recent track record, you may want to wait on these.

    The Windows Update release list now has the Sept. 12 entries.

    For those of you who only want to install “Group B” security patches (NOTE: I strongly recommend against it; much too early!) PKCano advises:

    Win 7 KB 4038779 – Download 32-bit or 64-bit  IE11 KB 4036586- Download 32-bit or 64-bit

    Win8.1 Security-only KB 4038793 – Download 32-bit or 64-bit  IE11 KB 4036586- Download 32-bit or 64-bit

    While this site is broken, if you want to retrieve an old version of the list of “Group B” patches, start with the Internet Archive.

    Microsoft posted an advisory about a specific security hole in Word, CVE-2017-8759, that involves opening an RTF file, then changing from Protected View to enable edits. If you’re opening RTF files in Word, then switching them to enable edits, and fear an infection from the Russian-linked NEODYMIUM group, you need to get a bunch of Windows and .NET patches installed. Yes, all versions of Windows are susceptible, including all the Win10 variants, as well as all versions of .NET, including the very new .NET Framework 4.6. Full list of patches here.

    Two critical security holes in Adobe Flash Player, security update APSB17-28.

    Windows Patches/Security
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    March 2025
    S M T W T F S
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.