Microsoft Alerts

AplusWebMaster · Jun 28, 2017

MS releases - 6.27-28.2017

FYI...

Security Update Summary
> https://portal.msrc.microsoft.com/en-us/security-guidance/summary
See -all- KB's dated 06/28/2017
___

June 27, 2017, update for Outlook 2010 (KB3015545)
- https://support.microsoft.com/en-us/help/3015545/june-27-2017-update-for-outlook-2010-kb3015545
Last Review: Jun 28, 2017 - Rev. 14
Last Review: Jun 28, 2017 - Rev: 20

June 27, 2017, update for Outlook 2013 (KB3191849)
- https://support.microsoft.com/en-us/help/3191849/june-27-2017-update-for-outlook-2013-kb3191849
Last Review: Jun 27, 2017 - Rev: 13
Last Review: Jun 30, 2017 - Rev: 16
___

New ransomware, old techniques: Petya adds worm capabilities
- https://blogs.technet.microsoft.com...-old-techniques-petya-adds-worm-capabilities/
June 27, 2017

Update on Petya malware attacks
- https://blogs.technet.microsoft.com/msrc/2017/06/28/update-on-petya-malware-attacks/
June 28, 2017

- https://www.us-cert.gov/ncas/alerts/TA17-181A
July 01, 2017 - "... Petya ransomware encrypts the master boot records of infected Windows computers, making affected machines unusable... US-CERT received a sample of this Petya ransomware variant and performed a detailed malware analysis. The team found that this Petya variant encrypts the victim’s files with a dynamically generated, 128-bit key and creates a unique ID of the victim. However, there is no evidence of a relationship between the encryption key and the victim’s ID, which means it may not be possible for the attacker to decrypt the victim’s files even if the ransom is paid..."
___

- https://www.catalog.update.microsoft.com/Search.aspx?q=KB4022716
2017-06 Cumulative Update for Windows 10 Version 1703 for x64-based Systems (KB4022716)
Last Modified: 6/28/2017

- https://support.microsoft.com/en-us/help/4022716/windows-10-update-kb4022716
Last Review: Jun 27, 2017 - Rev: 25
___

- https://www.catalog.update.microsoft.com/Search.aspx?q=KB4022723
2017-06 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4022723)
2017-06 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4022723)
2017-06 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB4022723)

- https://support.microsoft.com/en-us/help/4022723/windows-10-update-kb4022723
Last Review: Jun 27, 2017 - Rev: 29
Last Review: Jun 29, 2017 - Rev: 36
___

- https://www.catalog.update.microsoft.com/Search.aspx?q=KB4032693
2017-06 Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB4032693)
Last Modified: 6/26/2017
2017-06 Cumulative Update for Windows 10 Version 1511 for x86-based Systems (KB4032693)
Last Modified: 6/26/2017

- https://support.microsoft.com/en-us/help/4032693/windows-10-update-kb4032693
Last Review: Jun 27, 2017 - Rev: 12
Last Review: Jun 29, 2017 - Rev: 19

> https://www.neowin.net/news/windows...-and-10586965-now-available---heres-whats-new
Jun 27, 2017 [More detail...]

:fear::fear::fear:

AplusWebMaster · Jul 3, 2017

Outlook 2010 - KB3015545 / Win7 SP1 - KB4022719 Monthly Rollup

FYI...

Outlook 2010 (KB3015545)...
- https://support.microsoft.com/en-us/help/3015545/june-27-2017-update-for-outlook-2010-kb3015545
Last Review: Jun 28, 2017 - Rev: 20
"... Note: A new update for 32-bit Outlook 2010 is under development and will be posted in this article when it becomes available. The original download package for the 32-bit version was removed from the Download Center after a problem was discovered that could cause Outlook to crash when you preview messages that have attachments. If you already downloaded and installed the 32-bit update, we recommend that you remove it until a new version is available..."
___

Windows 7 SP1 and Windows Server 2008 R2 SP1 - KB4022719 (Monthly Rollup)
- https://support.microsoft.com/en-us/help/4022719/windows-7-update-kb4022719
Last Review: Jun 27, 2017 - Rev: 41

MS Security Update Summary
> https://portal.msrc.microsoft.com/en-us/security-guidance/summary
Latest dated 06/28/2017 as of date/time of this post.

:fear::fear:

AplusWebMaster · Jul 11, 2017

MS Security Updates - July 2017

FYI...

MS Security Updates - July 2017

- https://portal.msrc.microsoft.com/en-us/security-guidance
[Total items: 989] [Page: 1/10] - 7/11/2017

MS Security Update Summary
> https://portal.msrc.microsoft.com/en-us/security-guidance/summary
Total items: 63 - 7/11/2017

> https://blogs.technet.microsoft.com/msrc/2017/07/11/july-2017-security-update-release/
July 11, 2017 - "Today, we released security updates to provide additional protections against malicious attackers..."

Release Notes - July 2017 Security Updates
- https://portal.msrc.microsoft.com/e...tedetail/f2b16606-4945-e711-80dc-000d3a32fc99
July 11, 2017 - "The July security release consists of security updates for the following software:
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
.NET Framework
Adobe Flash Player
Microsoft Exchange Server..."
___

MS Office updates
> https://blogs.technet.microsoft.com...g/2017/07/11/july-2017-office-update-release/
July 11, 2017 - "... This month, there are -17- security updates and 30 non-security updates. All of the security and non-security updates are listed in KB article 4033107*..."
* - https://support.microsoft.com/en-us/help/4033107/july-11-2017-update-for-microsoft-office
Last Review: Jul 11, 2017 - Rev: 12
"... Microsoft released the following security and nonsecurity updates. These monthly updates are intended to help our customers keep their computers up-to-date. We recommend that you install all updates that apply to you..."
Office 2016, Office 2013, Office 2010, Office 2007
___

Additional information/reference:
- http://www.securitytracker.com/id/1038848
- http://www.securitytracker.com/id/1038849
- http://www.securitytracker.com/id/1038850
- http://www.securitytracker.com/id/1038851
- http://www.securitytracker.com/id/1038852
- http://www.securitytracker.com/id/1038853
- http://www.securitytracker.com/id/1038854
- http://www.securitytracker.com/id/1038855
- http://www.securitytracker.com/id/1038856
- http://www.securitytracker.com/id/1038857
- http://www.securitytracker.com/id/1038858
- http://www.securitytracker.com/id/1038859
- http://www.securitytracker.com/id/1038860
- http://www.securitytracker.com/id/1038861
- http://www.securitytracker.com/id/1038862
- http://www.securitytracker.com/id/1038863
- http://www.securitytracker.com/id/1038864
- http://www.securitytracker.com/id/1038865
- http://www.securitytracker.com/id/1038866
___

ghacks.net:
- https://www.ghacks.net/2017/07/11/microsoft-security-updates-july-2017-release/
July 11, 2017 - "... Executive Summary:
Microsoft released security updates for all client and server versions of Windows that the company supports.
All operating systems are affected by critical vulnerabilities.
Security updates have been released for other Microsoft products as well including Microsoft Office, Microsoft Edge, and Internet Explorer.
Windows 10 version 1507 won't receive security updates anymore.
Operating System Distribution:
Windows 7: 22 vulnerabilities of which 2 are rated critical, 19 important, and 1 moderate
Windows 8.1: 24 vulnerabilities of which 2 are rated critical, 21 important, and 1 moderate
Windows RT 8.1: 21 vulnerabilities of which 2 are rated critical, and 21 important
Windows 10 version 1703: 27 vulnerabilities of which 2 are rated critical, 23 important and 1 moderate ..."
(More at the ghacks URL above.)
___

- https://www.thezdi.com/blog/2017/7/11/the-july-2017-security-update-review
July 11, 2017 - "... 57 security patches impacting Windows, Internet Explorer, Edge, Office, SharePoint, .NET Framework, Exchange, and Hololens... some of these vulns were first disclosed to Microsoft during the most recent Pwn2Own competition back in March... all affected vendors were able to produce patches within 120 days... A few of the CVEs addressed by Microsoft this month deserve some extra attention..."

CVE-2017-8463 | Windows Explorer Remote Code Execution Vulnerability
Security Vulnerability
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8463
7/11/2017
CVE-2017-8584 | HoloLens Remote Code Execution Vulnerability
Security Vulnerability
> https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8584
7/11/2017
___

Qualys analysis: https://blog.qualys.com/laws-of-vul...es-from-microsoft-plus-critical-adobe-patches
July 11, 2017 - "Today Microsoft released patches covering 54 vulnerabilities as part of July’s Patch Tuesday, with 26 of them affecting Windows. Patches covering 19 of these vulnerabilities are labeled as Critical, all of which can result in Remote Code execution. According to Microsoft, none of these vulnerabilities are currently being exploited in the wild.
Top priority for patching should go to CVE-2017-8589*, which is a vulnerability in the Windows Search service. This vulnerability can be exploited remotely via SMB to take complete control of a system, and can impact both servers and workstations. The issue affects Windows Server 2016, 2012, 2008 R2, 2008 as well as desktop systems like Windows 10, 7 and 8.1. While this vulnerability can leverage SMB as an attack vector, this is not a vulnerability in SMB itself, and is not related to the recent SMB vulnerabilities leveraged by EternalBlue, WannaCry, and Petya... Today’s release is normal in size, and covers 54 vulnerabilities in Windows, Internet Explorer, Edge, Office, .net Framework, Adobe Flash, and Exchange..."
* https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8589

.

AplusWebMaster · Jul 15, 2017

Patch Watch: July’s releases fix June’s Issues

FYI...

Patch Watch: July’s releases fix June’s Issues
> http://windowssecrets.com/windows-secrets/patch-watch-julys-releases-fix-junes-issues/
July 13, 2017
"... Status recommendations: Skip — patch not needed; Hold — do not install until its problems are resolved; Wait — hold off temporarily while the patch is tested; Optional — not critical, use if wanted; Install — OK to apply."
___

> https://www.askwoody.com/
"Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it."

:fear::fear::fear:

AplusWebMaster · Jul 17, 2017

MS yanks bad Outlook patches...

FYI...

Outlook 2010 (KB4011042)
- https://support.microsoft.com/en-us/help/4011042/july-5-2017-update-for-outlook-2010-kb4011042
Last Review: Jul 11, 2017 - Rev: 17
"Notice: Update 4011042 for Microsoft Outlook 2010 that was released on July 5, 2017, is not currently available. This article will be updated as soon as the update is available again..."

Outlook 2013 (KB3191849)
- https://support.microsoft.com/en-us/help/3191849/june-27-2017-update-for-outlook-2013-kb3191849
Last Review: Jul 11, 2017 - Rev: 19
"Notice: Update 3191849 for Microsoft Outlook 2013 that was released on June 27, 2017, is not currently available. This article will be updated as soon as the update is available again..."

Outlook 2016 (KB3213654)
- https://support.microsoft.com/en-us/help/3213654/june-30-2017-update-for-outlook-2016-kb3213654
Last Review: Jul 11, 2017 - Rev: 21
"Notice: Update 3213654 for Microsoft Outlook 2016 that was released on June 30, 2017, is not currently available. This article will be updated as soon as the update is available again..."

... as of July 17, 2017
___

Win7 SP1 and Windows Server 2008 R2 SP1
... 2017 July monthly rollup
- https://support.microsoft.com/en-us/help/4025341/windows-7-update-kb4025341
Last Review: Jul 14, 2017 - Rev: -40-
___

- https://www.askwoody.com/2017/micro...patches-of-patches-kb-3191849-3213654-401042/
July 15, 2017
- http://www.computerworld.com/articl...hes-of-patches-kb-3191849-3213654-401042.html
July 15, 2017 - "... earlier versions of the bad patches-of-patches had a nasty habit of crashing Outlook."
___

Win10: https://blogs.msmvps.com/bradley/2017/07/17/getting-1703-on-systems-another-way/
July 17, 2017 - "Next way to get 1703 on systems – again go back to that download page:
- https://www.microsoft.com/en-us/software-download/windows10
and use the download tool to make the iso/media. Park the iso on a network share and expand it out.
Next use the command switches noted in this blog post:
– https://blogs.technet.microsoft.com...09/14/windows-10-setup-command-line-switches/
Specifically you want to ensure that you do -not- trigger a 'clean install' but an upgrade."

Tracking known issues with Win10 1703:
> https://techcommunity.microsoft.com...-known-issues-with-Windows-10-1703/td-p/67122

:fear::fear::fear:

AplusWebMaster · Jul 28, 2017

MS Office Outlook updates - 7.27.2017

FYI...

New updates are available for Outlook
- https://blogs.technet.microsoft.com.../07/27/new-updates-are-available-for-outlook/
July 27, 2017 - "We released security updates for Outlook today. See the following KB articles for more information:
- https://support.microsoft.com/en-us/help/4011052
- https://support.microsoft.com/en-us/help/4011078
- https://support.microsoft.com/en-us/help/2956078
- https://support.microsoft.com/en-us/help/3213643
A new version of Office 2013 Click-To-Run is available: 15.0.4953.1001
A new version of Office 2010 Click-To-Run is available: 14.0.7187.5000"
___

CVE-2017-8572 | Microsoft Office Outlook Information Disclosure Vuln
Security Vulnerability
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8572
07/27/2017

- http://www.securitytracker.com/id/1039010
CVE Reference: CVE-2017-8572
Jul 27 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, 2010 C2R, 2013 C2R, 2016 C2R ...
Impact: A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix...
___

CVE-2017-8663 | Microsoft Office Outlook Memory Corruption Vuln
Security Vulnerability
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8663
07/27/2017

- http://www.securitytracker.com/id/1039011
CVE Reference: CVE-2017-8663
Jul 27 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, 2010 C2R, 2013 C2R, 2016 C2R ...
Impact: A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix...
___

CVE-2017-8571 | Microsoft Office Outlook Security Feature Bypass Vuln
Security Vulnerability
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8571
07/27/2017

- http://www.securitytracker.com/id/1039012
CVE Reference: CVE-2017-8571
Jul 27 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, 2010 C2R, 2013 C2R, 2016 C2R ...
Impact: A remote user can create a file that, when loaded and interacted with by the target user, will execute arbitrary commands on the target user's system.
Solution: The vendor has issued a fix...
___

Description of the security update for Outlook 2007
- https://support.microsoft.com/en-us...security-update-for-outlook-2007-july-27-2017
Last Review: Jul 27, 2017 - Rev: 15

Description of the security update for Outlook 2010
- https://support.microsoft.com/en-us...security-update-for-outlook-2010-july-27-2017
Last Review: Jul 27, 2017 - Rev: 14

Description of the security update for Outlook 2013
- https://support.microsoft.com/en-us...security-update-for-outlook-2013-july-27-2017
Last Review: Jul 27, 2017 - Rev: 18

Description of the security update for Outlook 2016
- https://support.microsoft.com/en-us...security-update-for-outlook-2016-july-27-2017
Last Review: Jul 27, 2017 - Rev: 15
___

MS Security Update Summary
- https://portal.msrc.microsoft.com/en-us/security-guidance/summary
Latest dated: 7/27/2017 - Total items: 68
___

> http://www.computerworld.com/articl...011052-to-fix-june-outlook-security-bugs.html
Jul 27, 2017

:fear::fear::fear:

tashi · Aug 8, 2017

Microsoft Security Updates for August, 2017

Security Update Summary
https://portal.msrc.microsoft.com/en-us/security-guidance/summary

The August 2017 Security Update Review
August 08, 2017 | Dustin Childs

"For this month, Adobe released two Critical-rated updates for Adobe Flash, Digital Edition, and Reader, and one Important-rated update for Adobe Experience Manager."

"Microsoft released 48 security patches for August covering Windows, Internet Explorer (IE), Edge, the subsystem for Linux, Kernel, SharePoint, SQL Server, and Hyper-V. Of these 48 CVEs, 25 are listed as Critical, 21 are rated Important, and two are Moderate in severity. A total of seven of these CVEs came through the ZDI program. Two of these bugs are listed as publically known prior to release, with one bug listed as having publicly available PoC."

https://www.zerodayinitiative.com/blog/2017/8/8/the-august-2017-security-update-review

AplusWebMaster · Aug 14, 2017

Win7 August 2017 patches - bugzz

FYI...

Win7 August 2017 patches - bugzz
- http://computerworld.com/article/32...7-patches-causing-second-screen-problems.html
Aug 14, 2017 - "... We now have solid reports of a -bug- in -both- of the Win-7 security patches for this month, KB 4034664* (the monthly rollup, installed by Windows Automatic Update) and KB 4034679** (the manual security-only patch). If you have a Win7 machine with two or more monitors, and there’s something weird happening with the second monitor, you may be able to solve the problem by uninstalling the bad patch..."

* https://support.microsoft.com/en-us...1-windows-server-2008-r2-sp1-update-kb4034664
~~Last Review: Aug 9, 2017 - Rev: 21~~
~~Last Review: Aug 16, 2017 - Rev: 23~~
~~Last Review: Aug 18, 2017 - Rev: 25~~
Last Review: Aug 25, 2017 - Rev: 26

** https://support.microsoft.com/en-us...1-windows-server-2008-r2-sp1-update-kb4034679
~~Last Review: Aug 9, 2017 - Rev: 23~~
~~Last Review: Aug 16, 2017 - Rev: 27~~
~~Last Review: Aug 18, 2017 - Rev: 28~~
Last Review: Aug 25, 2017 - Rev: 29

- https://www.askwoody.com/2017/micro...84-solves-the-dual-monitor-rendering-problem/
Aug 26, 2017

:fear::fear: :sad:

AplusWebMaster · Aug 24, 2017

Patch Watch: August’s 'Follow-Up' Fixes

FYI...

Win7 August 2017 patches - bugzz
- http://computerworld.com/article/32...7-patches-causing-second-screen-problems.html
Aug 14, 2017 - "... We now have solid reports of a -bug- in -both- of the Win-7 security patches for this month, KB 4034664* (the monthly rollup, installed by Windows Automatic Update) and KB 4034679** (the manual security-only patch). If you have a Win7 machine with two or more monitors, and there’s something weird happening with the second monitor, you may be able to solve the problem by uninstalling the bad patch..."

* https://support.microsoft.com/en-us...1-windows-server-2008-r2-sp1-update-kb4034664
~~Last Review: Aug 9, 2017 - Rev: 21~~
~~Last Review: Aug 16, 2017 - Rev: 23~~
~~Last Review: Aug 18, 2017 - Rev: 25~~
~~Last Review: Aug 25, 2017 - Rev: 26~~
~~Last Review: Aug 29, 2017 - Rev: 27~~
Last Review: Aug 30, 2017 - Rev: 29

** https://support.microsoft.com/en-us...1-windows-server-2008-r2-sp1-update-kb4034679
~~Last Review: Aug 9, 2017 - Rev: 23~~
~~Last Review: Aug 16, 2017 - Rev: 27~~
~~Last Review: Aug 18, 2017 - Rev: 28~~
~~Last Review: Aug 25, 2017 - Rev: 29~~
~~Last Review: Aug 29, 2017 - Rev: 30~~
Last Review: Aug 30, 2017 - Rev: 31

- https://www.askwoody.com/2017/micro...84-solves-the-dual-monitor-rendering-problem/
Aug 26, 2017
___

Patch Watch: August’s Follow-Up Fixes
> http://windowssecrets.com/windows-secrets/patch-watch-augusts-follow-up-fixes/
Aug 22, 2017 - "I have a phrase I often use with technology: Keep the children on the playground the same age. This means -not- mixing older-and-younger groups; they have different skill levels and abilities. The same goes for .NET 4.7, applications and Windows 7. If you dig into various locations on the web you will see post install side effects such as the following:
Impacting Autocad and earlier versions as noted in a forum[1]
1] https://www.cadnauseam.com/2017/07/15/automated-net-4-7-update-kills-autocad-pre-2017/
.NET 4.7 crashing Quickbooks as noted on a blog[2]
2] http://www.intuitiveaccountant.com/...t-framework-crashing-quickbooks/#.WZO9HLpFw2w
Possible issues with Arcgis Pro[3]
3] https://geonet.esri.com/thread/196265-net-47-upgrade-breaks-arcgis-pro
May have issues with touchscreen inputs as notes in this post[4]
4] https://www.reddit.com/r/sysadmin/c..._has_some_issues_and/?st=j6pg42dp&sh=376b604f
Techsmith Snagit impact with .NET 4.7 as noted in this forum[5]
5] https://www.reddit.com/r/sysadmin/c..._has_some_issues_and/?st=j6pg42dp&sh=376b604f
I’ll be investigating and see if the 4.7 update is the trigger for these issues but in the meantime if you are impacted and want to block .NET 4.7 you can use a registry key as noted on the Ghacks site.[6]
6] https://www.ghacks.net/2017/06/12/blocking-net-framework-4-7-installation/
... What to do: Consider -blocking- .NET 4.7 on older operating systems.
Windows 10 1607 Side Effects: The release of 4034658 to Windows 10, version 1607 release had a few noticeable side effects: Naming it wiped-out-your-update-history. As an alternative, to see which quality updates have been applied, you can navigate to the inventory by going to Control Panel -> Programs -> “View Installed Updates.” In addition, the update had additional-side-effects of making any hidden updates pop back up again. So if you hid the 1703 update it -will- offer back up again. Finally in a network setting, WSUS servers will exhibit increased CPU, memory, and network utilization when Windows Update clients perform their first scan after installing KB4034658. Remember this only happens with the KB4034658* for Windows 10 1607 update."
* https://support.microsoft.com/en-hk/help/4034658
~~Last updated: 11 Aug 2017 - Rev: 21~~
Last Review: 28 Aug 2017 - Rev: 25
___

Fixes or workarounds for recent issues in Outlook for Windows
- https://support.office.com/en-us/ar...-Windows-ecf61305-f84f-4e13-bb73-95a214ac1230
Last updated: Aug 24, 2017
___

Update for Office 2016 (KB4011093)
- https://support.microsoft.com/en-us/help/4011093/august-22-2017-update-for-office-2016-kb4011093
~~Last Review: Aug 24, 2017 - Rev: 16~~
Last Review: Sep 1, 2017 - Rev: 20
___

August 25, 2017 — KB4039884
> https://support.microsoft.com/en-us/help/4039884/windows-7-update-kb4039884
~~Last Review: Aug 25, 2017 - Rev: 33~~
Last Review: Aug 30, 2017 - Rev: 34 - "This update addresses an issue where UI elements, including menu bars, are missing from Windows and Java applications running on computers with multiple monitors (multimon). The issue affects console and Remote Desktop logons when the main monitor is -not- in the top left area of the monitor layout in Control Panel. Applications may also stop responding or not work properly when moved between monitors. This issue impacts the following releases:
2017-08 Monthly Rollup - KB4034664
2017-08 Security-only update - KB4034679
2017-08 Preview of Monthly Rollup - KB4034670
Before you install this update, you must install KB4034664 or KB4034679, and then apply this update... Microsoft is working on a resolution and will provide an update in an upcoming release..."

"... If you have problems with a Windows 7 second monitor after installing this month’s KB 4034664, there’s a new manual-install-only fix. But it’s buggy, too"
>> http://www.computerworld.com/articl...urity-patch-with-buggy-hotfix-kb-4039884.html
Aug 28, 2017

:fear::fear::fear:

AplusWebMaster · Sep 1, 2017

MS patch alert - Outstanding problems with recent updates

FYI...

MS patch alert: Outstanding problems with recent updates
... Long list of -unresolved- issues
- https://www.computerworld.com/artic...outstanding-problems-with-recent-updates.html
Aug 31, 2017 - "... Recommendation: Hold off on applying August Windows and Office patches."

:fear::fear::fear:

AplusWebMaster · Sep 6, 2017

Sep 2017 Non-Security Office Update Release

FYI...

September 2017 Non-Security Office Update Release
- https://blogs.technet.microsoft.com...mber-2017-non-security-office-update-release/
Sep 5, 2017 - "Listed below are the non-security updates we released on the Download Center and Microsoft Update. See the linked KB articles for more information.

Office 2013
Update for Microsoft Office 2013 (KB3172484)
- https://support.microsoft.com/help/3172484
Update for Microsoft Office 2013 (KB3172512)
- https://support.microsoft.com/help/3172512
Update for Microsoft Office 2013 (KB3203486)
- https://support.microsoft.com/help/3203486
Update for Microsoft Office 2013 (KB3213536)
- https://support.microsoft.com/help/3213536
Update for Microsoft Office 2013 (KB4011087)
- https://support.microsoft.com/help/4011087
Update for Microsoft Office 2013 (KB4011106)
- https://support.microsoft.com/help/4011106
Update for Microsoft Project 2013 (KB4011109)
- https://support.microsoft.com/help/4011109
Update for Microsoft Visio 2013 (KB3191936)
- https://support.microsoft.com/help/3191936
Update for Microsoft Word 2013 (KB4011105)
- https://support.microsoft.com/help/4011105

Office 2016
Update for Microsoft Access 2016 (KB4011032)
- https://support.microsoft.com/help/4011032
Update for Microsoft Office 2016 (KB3191923)
- https://support.microsoft.com/help/3191923
Update for Microsoft Office 2016 (KB3191924)
- https://support.microsoft.com/help/3191924
Update for Microsoft Office 2016 (KB3203478)
- https://support.microsoft.com/help/3203478
Update for Microsoft Office 2016 (KB3203482)
- https://support.microsoft.com/help/3203482
Update for Microsoft Office 2016 (KB4011093)
- https://support.microsoft.com/help/4011093
Update for Microsoft Office 2016 (KB4011099)
- https://support.microsoft.com/help/4011099
Update for Microsoft Office 2016 (KB4011102)
- https://support.microsoft.com/help/4011102
Update for Microsoft Office 2016 Language Interface Pack (KB4011098)
- https://support.microsoft.com/help/4011098
Update for Microsoft OneNote 2016 (KB4011092)
- https://support.microsoft.com/help/4011092
Update for Microsoft Project 2016 (KB4011101)
- https://support.microsoft.com/help/4011101
Update for Microsoft Visio 2016 (KB4011096)
- https://support.microsoft.com/help/4011096
Update for Microsoft Word 2016 (KB4011039)
- https://support.microsoft.com/help/4011039
___

- https://www.computerworld.com/artic...ust-windows-and-office-patches-carefully.html
Sep 5, 2017 - "August was a banner month for Windows and Office customers. If I counted correctly, we saw patches on -14- different days last month... current list of outstanding problems... it’s time for you to get the August patches out of the way..."
(More detail at the computerworld URL above.)

:fear::fear:

AplusWebMaster · Sep 12, 2017

MS Security Updates - Sept 2017

FYI...

- https://blogs.technet.microsoft.com/msrc/2017/09/12/september-2017-security-update-release/
Sep 12, 2017 - "... we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically..."

- https://portal.msrc.microsoft.com/e...tedetail/5984735e-f651-e711-80dd-000d3a32fc99
Sep 12, 2017 - "The September security release consists of security updates for the following software:
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
Adobe Flash Player
Skype for Business and Lync
.NET Framework
Microsoft Exchange Server ..."

> https://portal.msrc.microsoft.com/en-us/security-guidance/summary
Total items: 96 - Page: 1/1
___

Sept 2017 Office Update Release
- https://blogs.technet.microsoft.com...7/09/12/september-2017-office-update-release/
Sep 12, 2017 - "... This month, there are -45- security updates and 30 non-security updates. All of the security and non-security updates are listed in KB article 4040279*.
* https://support.microsoft.com/en-us/help/4040279/september-2017-updates-for-microsoft-office
Last Review: Sep 12, 2017 - Rev: 9

A new version of Office 2013 Click-To-Run is available: 15.0.4963.1002

A new version of Office 2010 Click-To-Run is available: 14.0.7188.5002"
___

Description of Software Update Services and Windows Server Update Services changes in content for 2017
- https://support.microsoft.com/en-us...and-windows-server-update-services-changes-in
Last Review: Sep 12, 2017 - Rev: 125
___

Additional info:
- http://www.securitytracker.com/id/1039320
- http://www.securitytracker.com/id/1039322
- http://www.securitytracker.com/id/1039323
- http://www.securitytracker.com/id/1039324
- http://www.securitytracker.com/id/1039325

- http://www.securitytracker.com/id/1039326
- http://www.securitytracker.com/id/1039327
- http://www.securitytracker.com/id/1039328
- http://www.securitytracker.com/id/1039329
- http://www.securitytracker.com/id/1039330

- http://www.securitytracker.com/id/1039331
- http://www.securitytracker.com/id/1039333
- http://www.securitytracker.com/id/1039337
- http://www.securitytracker.com/id/1039338
- http://www.securitytracker.com/id/1039339

- http://www.securitytracker.com/id/1039340
- http://www.securitytracker.com/id/1039341
- http://www.securitytracker.com/id/1039342
- http://www.securitytracker.com/id/1039343
- http://www.securitytracker.com/id/1039344

- http://www.securitytracker.com/id/1039352
- http://www.securitytracker.com/id/1039369
___

Qualys analysis: https://blog.qualys.com/laws-of-vul...es-from-microsoft-plus-critical-adobe-patches
Sep 12, 2017 - "Today Microsoft released a fairly large batch of patches covering 81 vulnerabilities as part of September’s Patch Tuesday update, with 38 of them impacting Windows. Patches covering -27- of these vulnerabilities are labeled as -Critical- and -39- can result in Remote Code Execution (RCE). According to Microsoft, one vulnerability impacting HoloLens has a public exploit.
Top priority for patching should go to CVE-2017-0161, an RCE vulnerability in NetBIOS that impacts both servers and workstations. For users of Microsoft’s DHCP server, priority should also be given to CVE-2017-8686, especially if using failover mode, due to another potential RCE.
Out of the 26 vulnerabilities that are both Critical and RCE, -22- of them impact Microsoft’s browsers. Many of these vulnerabilities involve the Scripting Engine, which can impact both browsers and Microsoft Office, and should be considered for prioritizing for workstation-type systems that use email and access the internet via a browser. Adobe has also released patches covering 5 critical vulnerabilities, 2 of which are for Flash. The other patches are for Adobe ColdFusion and RoboHelp."

ghacks.net: https://www.ghacks.net/2017/09/12/microsoft-security-updates-september-2017-release/
Sep 12, 2017 - "... Executive Summary:
Microsoft released security patches for all versions of Windows. Security updates were also released for Internet Explorer, Microsoft Edge, Microsoft Office, Skype for Business and Lync, Microsoft Exchange Server, Adobe Flash Player, and the .Net Framework.
Operating System Distribution:
- Windows 7: 22 vulnerabilities of which 3 are rated critical, 19 important
- Windows 8.1: 26 vulnerabilities of which 4 are rated critical, 22 important
- Windows 10 version 1703: 25 vulnerabilities of which 2 are rated critical, 23 important
Windows Server products:
- Windows Server 2008 R2: 23 vulnerabilities, of which 3 are rated critical, 20 important
- Windows Server 2012 and 2012 R2: 26 vulnerabilities, of which 4 are rated critical 21 important and 1 moderate
- Windows Server 2016: 28 vulnerabilities of which 2 are rated critical, 26 important
Other Microsoft Products:
- Internet Explorer 11: 7 vulnerabilities, 5 critical, 2 important
- Microsoft Edge: 28 vulnerabilities, 19 critical, 7 important, 2 moderate..."
___

- https://www.us-cert.gov/ncas/curren...soft-Releases-September-2017-Security-Updates
Sep 12, 2017

:fear::fear:

AplusWebMaster · Sep 19, 2017

MS Sep 2017 patch issues

FYI...

MS Sep 2017 patch issues
> https://www.askwoody.com/
"... Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it."

Outlook security patches intentionally break custom forms
> https://www.computerworld.com/artic...patches-intentionally-break-custom-forms.html
Sep 19, 2017 - "... Those of you who have installed any of this month’s Outlook security patches:
Outlook 2007 KB 4011086:
> https://support.microsoft.com/en-us...esecurityupdateforoutlook2007september12-2017
Outlook 2010 KB 4011089:
> https://support.microsoft.com/en-us...esecurityupdateforoutlook2010september12-2017
Outlook 2013 KB 4011090:
> https://support.microsoft.com/en-us...esecurityupdateforoutlook2013september12-2017
Outlook 2016 KB 4011091:
> https://support.microsoft.com/en-us...esecurityupdateforoutlook2016september12-2017
... will have to dive into the Registry if you want to enable any custom form scripts, including the VBScript printing capability. It’s complicated, and the method varies, depending on which version of Office you’re using... Of course, Microsoft didn’t tell us about the change when it released the security patches. To this date, there’s no notice in the associated KB articles either. The change is intended to make it harder for bad guys to break into your computer. That’s a noble goal, but it sure could’ve been communicated in a much better way..."
>> https://www.slipstick.com/outlook/custom-form-security/
Sep 18, 2017
___

Ongoing list of problems with this month’s Win10 Creators Update cumulative update KB 4038788
- https://www.askwoody.com/2017/ongoi...creators-update-cumulative-update-kb-4038788/
Sep 19, 2017
> https://support.microsoft.com/en-us/help/4038788/windows-10-update-kb4038788
Last Review: Sep 18, 2017 - Rev: 40 - See: "Known issues in this update... Microsoft is working on a resolution and will provide an update in an upcoming release..."

Some OEM factory images causing devices to black screen
- https://support.microsoft.com/en-us/help/4043345
Last Review: Sep 18, 2017 - Rev: 8 - "After installing a Windows Store application update, some users may experience a black screen on their device for 5-10 minutes upon rebooting the OS.
Cause: Some OEM factory images create incorrect registry keys during image creation. These registry keys conflict with the app readiness service. After 5-10 minutes of black screen the user will regain use of their device. This issue is triggered on every reboot.
Resolution: Microsoft is working on a resolution and will provide an update in an upcoming release..."
___

Outlook.com was out for 18 hours in Europe
> https://www.askwoody.com/2017/outlook-com-was-out-for-18-hours-in-europe/
Sep 19, 2017
- http://www.reuters.com/article/us-m...m-services-back-up-after-outage-idUSKCN1BT2FY
Sep 18, 2017

Outlook outage map
>> http://downdetector.co.uk/problems/outlook/map/

Skype messaging and connecting issues
- https://heartbeat.skype.com/2017/09/skype_messaging_and_connecting.html
Sep 18, 2017

Report of KB 4038777 breaking activation on Dell machines
- https://www.askwoody.com/2017/report-of-kb-4038777-breaking-activation-on-dell-machines/
Sep 18, 2017
> https://support.microsoft.com/en-us/help/4038777/windows-7-update-kb4038777
Last Review: Sep 14, 2017 - Rev: 19

Running a Win10 beta build on a Surface Pro 3? Don’t shut down.
Apparently there was no reboot testing on SP3 with the latest Win10 beta, and the SP3 bricks on reboot. Some SP4 owners have complained, too.
- https://www.computerworld.com/artic...-build-on-a-surface-pro-3-dont-shut-down.html
Sep 18, 2017

Outlook 2007 and 2010 security patches scramble languages, break printing on custom forms
> https://www.askwoody.com/2017/outlo...ble-languages-break-printing-on-custom-forms/
Sep 15, 2017

Outlook 2010 Tower of Babel patch KB 4011089 breaks VBScript print
In the second significant bug in Outlook security patches this month, installing the September Outlook 2010 security patch disables the VBScript print function in custom forms.
> https://www.computerworld.com/artic...l-patch-kb-4011089-breaks-vbscript-print.html

> https://www.computerworld.com/artic...nths-windows-and-office-security-patches.html
Sep 14, 2017

> https://marc.info/?l=patchmanagement&r=1&b=201709&w=2
2017-09-19

>> https://www.ghacks.net/2017/09/16/microsoft-september-2017-patch-day-issues-overview/
2017-09-16 - "... it appears that the updates have caused quite a -large- number of issues that users and administrators experience when they install or try to install these patches..."
___

> https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV170015
Last Updated : 09/19/2017

Description of the security update for Outlook 2007
>> https://support.microsoft.com/en-us...esecurityupdateforoutlook2007september19-2017
Last Review: Sep 19, 2017 - Rev: 17
> https://www.catalog.update.microsoft.com/Search.aspx?q=4011110

KB4038803 (Preview of Monthly Rollup)
Windows 7 SP1 and Windows Server 2008 R2 SP1
- https://support.microsoft.com/en-us/help/4038803/windows-7-update-kb4038803
Last Review: Sep 19, 2017 - Rev: 10
___

Cumulative Update 18 for Exchange Server 2013
- https://support.microsoft.com/en-us/help/4022631/cumulative-update-18-for-exchange-server-2013
Last Review: Sep 19, 2017 - Rev: 9
___

More to come?...

:fear::fear::fear:

AplusWebMaster · Sep 22, 2017

Outlook 2010, 2013 and 2016 - Email retrieval fails after installing Patch

FYI...

Email retrieval fails after installing Security Patch for Outlook 2010, 2013 and 2016
- https://www.veritas.com/support/en_US/article.000127958
2017-09-20 - "Problem: Users will not be able to retrieve emails after installing the associated Microsoft Outlook Security patch, listed below, released on September 12, 2017.
KB4011089 for Outlook 2010
KB4011090 for Outlook 2013
KB4011091 for Outlook 2016
When this Microsoft Security patch for Outlook is installed on the client, users are unable to access archived emails.Upon double clicking on the shortcut it will open the shortcut only with the banner: "The item has archived by Enterprise vault. Click here to view the original link"
Outlook will become unresponsive, when clicking on the banner.
Cause: These Microsoft Office security updates have disabled scripts for custom forms. Enterprise Vault's archived item shortcuts are custom forms that require scripting for their retrieval functionality.
>> Note: Outlook clients without this patch are not affected..."

Custom form script is now disabled by default
Applies To: Outlook 2016 Outlook 2013 Outlook 2010 Outlook 2007
> https://support.office.com/en-gb/ar...-default-bd8ea308-733f-4728-bfcc-d7cce0120e94
Last updated: Sep 19, 2017
ISSUE: Custom form script is now disabled by default and requires setting registry keys to re-enable it..."
___

Where we stand with messy September Windows and .NET patches
... Bugs galore — IE won’t start or looks odd, custom controls turn black, Edge goes AWOL — with Windows 10 Creators Update getting more than its fair share.
> https://www.computerworld.com/artic...-messy-september-windows-and-net-patches.html
Sep 21, 2017
___

Maintaining Windows 10 security tops list of enterprise challenges
- https://www.helpnetsecurity.com/2017/09/21/maintaining-windows-10-security/
Sep 21, 2017 - "Companies are experiencing significant challenges in their attempts to keep their endpoints secure. Maintaining Windows 10 security topped the list of challenges with over half of respondents to an Adaptiva survey indicating it can take a -month- or -more- for IT teams to execute Windows OS updates, which ultimately leaves systems vulnerable..."
(More detail at the helpnetsecurity URL above.)

:fear::fear::fear:

AplusWebMaster · Sep 26, 2017

MS Sept 2017 Windows and Office patches

FYI...

Where we stand with MS Sept 2017 Windows and Office patches ...
- https://www.computerworld.com/artic...th-septembers-windows-and-office-patches.html
Sep 26, 2017 - "... Recommendations: Assuming you don’t click “Enable Editing” in Word, there are no immediately pressing September patches. I say it’s wise to wait-and-see if any of the outstanding bugs get fixed — and wait to see if the patches-of-patches generate new problems of their own..."
(More detail at the computerworld URL above.)

> https://www.askwoody.com/
Sep 26, 2017 - "... Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it..."

:fear::fear::fear:

AplusWebMaster · Sep 30, 2017

MS Sep 2017 - patch status ...

FYI...

It’s time to install the September patches for Windows and Office
... The September patches were problematic — a couple of them got pulled, a couple more replaced — but most of the bugs are now reasonably well known and understood
- https://www.computerworld.com/artic...september-patches-for-windows-and-office.html
Sep 29, 2017 11:31 AM PT
(Many details at the computerworld URL above.)

> https://www.askwoody.com/
Sep 30, 2017 at 12:09 - "Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems."
> https://www.askwoody.com/2017/work-is-continuing-on-the-askwoody-site/

- https://twitter.com/woodyleonhard/status/914135736215105536
7:31 AM - 30 Sep 2017 - "... AskWoody.com is under attack, going up and down, mostly down. We're working on it..."

- https://www.facebook.com/WoodyOnWindows/

:fear::fear::fear:

AplusWebMaster · Oct 10, 2017

Turn MS 'Auto Update' off ...

FYI...

Check to see that MS 'Auto Update' is turned off
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it...
- https://askwoody.com/2017/ms-defcon-2-check-to-see-that-auto-update-is-turned-off/
Oct 10, 2017 - "... a slew of patches waiting, for a dozen different platforms, including all versions of Windows (even RT 8.1!), Office, IE, Skype and more..."

... delay Automatic Update at least a few days, until the bugs have shaken out...
> https://www.computerworld.com/artic...ck-windows-and-office-patches-are-coming.html
Oct 10, 2017 - "If you’re running Windows, do yourself a favor and put Automatic Update on a temporary hold..."

:fear::fear:

AplusWebMaster · Oct 10, 2017

MS Security Updates - Oct 2017

FYI...

October 2017 security update release
- https://blogs.technet.microsoft.com/msrc/2017/10/10/october-2017-security-update-release/
Oct 10, 2017 - "Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically..."

- https://portal.msrc.microsoft.com/e...tedetail/313ae481-3088-e711-80e2-000d3a32fc99
Oct 10, 2017 - "The October security release consists of security updates for the following software:
• Internet Explorer
• Microsoft Edge
• Microsoft Windows
• Microsoft Office and Microsoft Office Services and Web Apps
• Skype for Business and Lync
• Chakra Core ...

Known issues:
- https://support.microsoft.com/en-us/help/4041691
- https://support.microsoft.com/en-us/help/4042895
- https://support.microsoft.com/en-us/help/4041676
- https://support.microsoft.com/en-us/help/4041681
"... Microsoft is working on a resolution and will provide an update in an upcoming release."

Security Update Summary
> https://portal.msrc.microsoft.com/en-us/security-guidance/summary
10/10/2017
___

October 2017 Office Update Release
- https://blogs.technet.microsoft.com...017/10/10/october-2017-office-update-release/
Oct 10, 2017 - "... This month, there are 26 security updates and 27 non-security updates. All of the security and non-security updates are listed in KB article 4043461*.
A new version of Office 2013 Click-To-Run is available: 15.0.4971.1002
A new version of Office 2010 Click-To-Run is available: 14.0.7189.5001

* https://support.microsoft.com/en-us/help/4043461/october-2017-updates-for-microsoft-office
Last Review: Oct 10, 2017 - Rev: 10
___

Additional information:
- http://www.securitytracker.com/id/1039526
- http://www.securitytracker.com/id/1039527
- http://www.securitytracker.com/id/1039528
- http://www.securitytracker.com/id/1039529
- http://www.securitytracker.com/id/1039530

- http://www.securitytracker.com/id/1039532
- http://www.securitytracker.com/id/1039533
- http://www.securitytracker.com/id/1039534
- http://www.securitytracker.com/id/1039535
- http://www.securitytracker.com/id/1039536

- http://www.securitytracker.com/id/1039537
- http://www.securitytracker.com/id/1039538
- http://www.securitytracker.com/id/1039539
- http://www.securitytracker.com/id/1039540
- http://www.securitytracker.com/id/1039541

- http://www.securitytracker.com/id/1039542
___

ghacks.net: https://www.ghacks.net/2017/10/10/microsoft-security-updates-october-2017-release/
Oct 10, 2017 - "... Our monthly series provides you with information on Microsoft's Patch Day. It features an overview of all security and non-security updates that Microsoft released since the last Patch day in September 2017. The monthly guide lists how different versions of Windows -- client and server -- and Microsoft's browsers Edge and Internet Explorer are affected. It features links to resources, direct download links for cumulative Windows updates, new and updated security advisories, and information on how to download the updates to Windows machines...
Windows 7: 20 vulnerabilities of which 5 are rated critical, 15 important
Windows 8.1: 23 vulnerabilities of which 6 are rated critical, 17 important
Windows 10 version 1607: 29 vulnerabilities, 6 critical, 23 important
Windows 10 version 1703: 29 vulnerabilities of which 6 are rated critical, 23 important ..."
(More detail at the URL above.)

Qualys analysis: https://blog.qualys.com/laws-of-vul...tuesday-28-critical-microsoft-vulnerabilities
Oct 10, 2017 - "Today Microsoft released patches covering 62 vulnerabilities as part of August’s Patch Tuesday update, with 30 of them affecting Windows. Patches covering 28 of these vulnerabilities are labeled as Critical, and 33 can result in Remote Code Execution. According to Microsoft, a vulnerability in Microsoft Office is being actively exploited in the wild. Top priority for patching should go to a vulnerability in Microsoft Office, CVE-2017-11826, which Microsoft has ranked as “Important” is actively being exploited in the wild.
Priority should also be given to CVE-2017-11771, which is a vulnerability in the Windows Search service. This is the fourth Patch Tuesday this year to feature a vulnerability in this service. As with the others, this vulnerability can be exploited remotely via SMB to take complete control of a system, and can impact both servers and workstations. While an exploit against this vulnerability can leverage SMB as an attack vector, this is not a vulnerability in SMB itself, and is not related to the recent SMB vulnerabilities leveraged by EternalBlue, WannaCry, and Petya.
Also of note are two vulnerabilities in the Windows font library, CVE-2017-11762 and CVE-2017-11763, that can be exploited through a browser or malicious file, as well as a vulnerability in DNSAPI, CVE-2017-11779, that could allow a malicious DNS server to execute code on a client system.
A vulnerability in certain TPM chips is addressed by ADV170012. This vulnerability is in the TPM chip itself, and not in Windows, but could result in weak cryptographic keys. These keys are used for BitLocker, Biometric auth, and other areas of Windows. The updates provide a workaround for the weak keys leveraging additional logging and an option to use software-derived keys. Full remediation requires a firmware update from the device manufacturer.
As with several of the last Patch Tuesdays, the majority of the vulnerabilities in this month’s release involve the Scripting Engine, which can impact both browsers and Microsoft Office, and should be considered for prioritizing for workstation-type systems that use email and access the internet via a browser..."
___

- https://www.us-cert.gov/ncas/curren...rosoft-Releases-October-2017-Security-Updates
Oct 10, 2017

:fear::fear::fear:

AplusWebMaster · Oct 12, 2017

Microsoft 'Patch Tuesday' problems

FYI...

Microsoft 'Patch Tuesday' problems ...
... It's been less than a day since the Patch Tuesday patches rolled out, and we're already seeing lots of complaints – and a few unexpected explanations
- https://www.computerworld.com/artic...-myriad-microsoft-patch-tuesday-problems.html
Oct 11, 2017

... Every version of Windows gets patched, as well as Edge, IE, Skype for Business and Office. Pay special attention to the Word zero-day, the DNS security problem, and the TPM patching madness....
- https://www.computerworld.com/artic...ay-with-a-word-zero-day-and-several-bugs.html
Oct 10, 2017
___

Microsoft patch problems persist...
... Blue screens, bungled releases, stealthy .NET upgrades, CRM blocks and complex manual fixes
- https://www.computerworld.com/artic...ad-release-sequences-crm-blocks-and-more.html
Oct 12, 2017

:fear::fear::fear:

AplusWebMaster · Oct 14, 2017

MS Oct 2017- known issues

FYI...

Microsoft Dynamics 365 for Outlook is unable to render webpages after installing the October 2017 Microsoft Outlook security update
- https://support.microsoft.com/en-us...or-outlook-is-unable-to-render-webpages-after
Last Review: Oct 13, 2017 - Rev: 5

Fixes or workarounds for recent issues in Outlook for Windows
Applies To: Outlook 2016 Outlook 2013
- https://support.office.com/en-us/ar...e13-bb73-95a214ac1230?ui=en-US&rs=en-US&ad=US
Last updated: October 2017
___

- https://askwoody.com/ms-defcon-system/
"... Current Microsoft patches are causing havoc. Don’t patch."

... Blue screens, bungled releases, stealthy .NET upgrades, CRM blocks and complex manual fixes
- https://www.computerworld.com/artic...ad-release-sequences-crm-blocks-and-more.html
Oct 12, 2017
___

> https://askwoody.com/2017/ms-defcon-2-october-windows-updates-and-krack/
Oct 17, 2017 - "... Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it."

Excel, Access, external DB driver errors linked to this month’s patches
... If you’re seeing new “Unexpected error from external database driver” error messages, chances are good you recently installed KB 4041681 (Win7), KB4041676 (Win10 1703), or any of this month's Windows security patches
- https://www.computerworld.com/artic...er-errors-linked-to-this-month-s-patches.html
Oct 17, 2017
___

Windows 7 SP1 and Windows Server 2008 R2 SP1
Windows 7 SP1 and Windows Server 2008 R2 SP1
- https://support.microsoft.com/en-us/help/4041681/windows-7-update-kb4041681
Oct 17, 2017 - "... Microsoft is working on a resolution and will provide an update in an upcoming release..."
Last Review: Oct 17, 2017 - Rev: 17

Windows 7 SP1 and Windows Server 2008 R2 SP1
October 17, 2017—KB4041686 (Preview of Monthly Rollup)
- https://support.microsoft.com/en-us/help/4041686/windows-7-update-kb4041686
"... Microsoft is working on a resolution and will provide an update in an upcoming release..."
Last Review: Oct 17, 2017 - Rev: 10
___

MS ADV170018 | October Flash Security Update
> https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV170018
10/17/2017
___

Announcing the .NET Framework 4.7.1
- https://blogs.msdn.microsoft.com/dotnet/2017/10/17/announcing-the-net-framework-4-7-1/
October 17, 2017

Windows 10 release information
- https://technet.microsoft.com/en-us/windows/release-info.aspx
Latest revision date - 10/17/2017 - 'Microsoft recommends'

October 17, 2017—KB4043961 (OS Build 16299.19)
Windows 10 Version 1709
- https://support.microsoft.com/en-us/help/4043961/windows-10-update-kb4043961
"... Microsoft is working on a resolution and will provide an update in an upcoming release..."
Last Review: Oct 17, 2017 - Rev: 19

:fear::fear::fear:

Microsoft Alerts

New member

New member

New member

New member

New member

New member

Member of Team Spybot

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member