Microsoft launched safety updates for the corporate’s Home windows working system, and different firm merchandise on the October 2017 Patch Tuesday.

Our month-to-month collection supplies you with data on Microsoft’s Patch Day. It options an outline of all safety and non-security updates that Microsoft launched for the reason that final Patch day in September 2017.

The month-to-month information lists how completely different variations of Home windows — shopper and server — and Microsoft’s browsers Edge and Web Explorer are affected. It options hyperlinks to sources, direct obtain hyperlinks for cumulative Home windows updates, new and up to date safety advisories, and knowledge on tips on how to obtain the updates to Home windows machines.

Microsoft Safety Updates October 2017

You may obtain the next Excel spreadsheet if you would like a listing of all safety updates for all Microsoft merchandise that the corporate launched for the reason that September 2017 Patch Tuesday.

Click on on the next hyperlink to obtain the Excel spreadsheet to your machine: Safety-Updates-Microsoft-Home windows-October-2017.zip

Government Abstract

  • Home windows 10 model 1511, the November Replace, will not obtain safety updates anymore. Click on right here to open Microsoft’s weblog put up on the subject.
  • Microsoft launched safety patches for all variations of Home windows.
  • Safety updates had been additionally launched for Web Explorer, Microsoft Edge, Skype for Enterprise and Lync, and Microsoft Workplace.

Working System Distribution

  • Home windows 7: 20 vulnerabilities of which 5 are rated important, 15 essential
  • Home windows eight.1: 23 vulnerabilities of which 6 are rated important, 17 essential
  • Home windows 10 model 1607: 29 vulnerabilities, 6 important, 23 essential
  • Home windows 10 model 1703: 29 vulnerabilities of which 6 are rated important, 23 essential

Home windows Server merchandise:

  • Home windows Server 2008 R2: 18 vulnerabilities, of which three are rated important, 15 essential
  • Home windows Server 2012 and 2012 R2: 23 vulnerabilities, of which 6 are rated important, and 17 essential
  • Home windows Server 2016: 29 vulnerabilities of which 6 are rated important, 23 essential

Different Microsoft Merchandise

  • Web Explorer 11: 5 vulnerabilities, four important, 1 essential
  • Microsoft Edge: 16 vulnerabilities, 14 important, 2 essential

Safety Updates

KB4041676 — Home windows 10 Model 1703

  • Addressed concern the place some UWP and Centennial apps present a grey icon and show the error message “This app cannot open” on launch.
  • Addressed reliability concern that causes the AppReadiness service to cease working.
  • Addressed concern the place functions that use the Silverlight map stack cease working.
  • Addressed concern the place VSync prevents units from coming into Panel Self Refresh mode, which might result in lowered battery life.
  • Addressed concern the place consumer customizations (like pinned tiles) made to an enforced partial Begin structure are misplaced when upgrading to Home windows 10 1703.
  • Addressed concern the place the Common CRT brought about the linker (hyperlink.exe) to cease working for big initiatives.
  • Addressed concern that stops Home windows Error Reporting from saving error reviews in a short lived folder that’s recreated with incorrect permissions. As a substitute, the momentary folder is inadvertently deleted.
  • Addressed concern the place the MSMQ efficiency counter (MSMQ Queue) could not populate queue cases when the server hosts a clustered MSMQ function.
  • Addressed concern with the token dealer the place it was leaking a token that brought about periods to stay allotted after logoff.
  • Addressed concern the place Private Id Verification (PIV) sensible card PINs aren’t cached on a per-application foundation. This brought about customers to see the PIN immediate a number of occasions in a short while interval; usually, the PIN immediate solely shows as soon as.
  • Addressed concern the place utilizing the Cipher.exe /u instrument to replace Information Restoration Agent (DRA) encryption keys fails except consumer certification encryption already exists on the machine.
  • Addressed concern the place utilizing AppLocker to dam a Fashionable app fails. This concern happens solely with Fashionable apps that come pre-installed with Home windows.
  • Addressed concern with type submissions in Web Explorer.
  • Addressed concern with the rendering of a graphics ingredient in Web Explorer.
  • Addressed concern that stops a component from receiving focus in Web Explorer.
  • Addressed concern with the docking and undocking of Web Explorer home windows.
  • Addressed concern brought on by a pop-up window in Web Explorer.
  • Addressed concern the place a Vendor API deleted knowledge unexpectedly.
  • Addressed concern the place utilizing the Robocopy utility to repeat a SharePoint doc library, which is mounted as a drive letter, fails to repeat recordsdata. Nonetheless, on this state of affairs, Robocopy will copy folders efficiently.
  • Addressed concern the place MDM USB restrictions didn’t disable the USB port as anticipated.
  • Addressed concern the place creating an iSCSI session on a brand new OS set up could consequence within the “Initiator occasion doesn’t exist” error when trying to connect with a goal.ressed concern the place connecting to RDS functions printed utilizing Azure App Proxy fails. The error message is, “Your pc can’t hook up with the Distant Desktop Gateway server. Contact your community administrator for help”. The error can happen when the RDP cookie dimension restrict is exceeded. This replace elevated the dimensions of the RDP cookie restrict.
  • Addressed concern the place USBHUB.SYS randomly causes reminiscence corruption that ends in random system crashes which can be extraordinarily tough to diagnose.
  • Addressed concern that impacts the obtain of some video games from the Microsoft Retailer in the course of the pre-order section. Obtain fails with the error code 0x80070005, and the machine makes an attempt to restart the obtain from the start.
  • Addressed concern the place the ServerSecurityDescriptor registry worth doesn’t migrate once you improve to Home windows 10 1703. In consequence, customers may not be capable of add a printer utilizing the Citrix Print Supervisor service. Moreover, they may not be capable of print to a shopper redirected printer, a Citrix common print driver, or a community printer driver utilizing the Citrix common print driver.
  • Safety updates to Microsoft Home windows Search Element, Home windows kernel-mode drivers, Microsoft Graphics Element, Web Explorer, Home windows kernel, Microsoft Edge, Home windows Authentication, Home windows TPM, Machine Guard, Home windows Wi-fi Networking, Home windows Storage and Filesystems, Microsoft Home windows DNS, Microsoft Scripting Engine, Home windows Server, Home windows Subsystem for Linux, Microsoft JET Database Engine, and the Home windows SMB Server.
READ  Google to dam YouTube on Amazon Hearth TV

KB4041691 — Home windows 10 Model 1607 and Home windows Server 2016

  • Addressed concern the place the Common CRT brought about the linker (hyperlink.exe) to cease working for big initiatives.
  • Addressed concern with type submissions in Web Explorer.
  • Addressed concern with rendering a graphics ingredient in Web Explorer.
  • Addressed concern with docking and undocking Web Explorer home windows.
  • Addressed concern brought on by a pop-up window in Web Explorer.
  • Addressed concern the place a vendor API deleted knowledge unexpectedly.
  • Addressed concern the place SD propagation stops working once you manually set off Safety Descriptor propagation (SDPROP) by setting the RootDse attribute FixupInheritance to 1. After setting this attribute, SD propagation and permissions adjustments made on Energetic Listing objects do not propagate to youngster objects. No errors are logged.
  • Addressed entry violation in LSASS that happens throughout startup of area controller function circumstances. A race situation causes the violation when account administration calls happen whereas the database is refreshing inner metadata. A password reset or change is among the administration calls that will set off this drawback.
  • Addressed concern the place USBHUB.SYS randomly causes reminiscence corruption that ends in random system crashes which can be extraordinarily tough to diagnose.
  • Addressed concern the place the ServerSecurityDescriptor registry worth doesn’t migrate once you improve to Home windows 10 1607. In consequence, customers may not be capable of add a printer utilizing the Citrix Print Supervisor service. Moreover, they may not be capable of print to a shopper redirected printer, a Citrix common print driver, or a community printer driver utilizing the Citrix common print driver.
  • Safety updates to Microsoft Home windows Search Element, Home windows kernel-mode drivers, Microsoft Graphics Element, Web Explorer, Home windows kernel, Microsoft Edge, Home windows Authentication, Home windows TPM, Machine Guard, Home windows Wi-fi Networking, Home windows Storage and Filesystems, Microsoft Home windows DNS, Microsoft Scripting Engine, Home windows Server, Microsoft JET Database Engine, and the Home windows SMB Server.

KB4041689 — Home windows 10 Model 1511 — Finish of Help after this replace.

KB4042895 — Home windows 10 RTM

KB4041693 — Home windows eight.1 and Home windows Server 2012 Month-to-month Rollup (see additionally security-only replace KB4041687)

  • Addressed concern with docking and undocking Web Explorer home windows.
  • Addressed concern with type submissions in Web Explorer.
  • Addressed concern the place Web Explorer stops responding to a navigation request.
  • Addressed concern that happens within the WebView Management of Web Explorer in sure eventualities.
  • Addressed concern with URL encoding in Web Explorer.
  • Addressed concern that stops a component from receiving focus in Web Explorer.
  • Addressed concern brought on by a pop-up window in Web Explorer.
  • Addressed concern with the rendering of a graphics ingredient in Web Explorer.
  • Addressed concern in Web Explorer brought on by a redirection hyperlink.
  • Addressed concern the place messages that needs to be in a non-English language show in English in Web Explorer.
  • Addressed concern the place USBHUB.SYS randomly causes reminiscence corruption that ends in random system crashes which can be extraordinarily tough to diagnose.
  • Safety updates to Microsoft Home windows Search Element, Home windows kernel-mode drivers, Microsoft Graphics Element, Web Explorer, Home windows kernel, Home windows Wi-fi Networking, Home windows Storage and Filesystems, Microsoft Home windows DNS, Home windows Server, Microsoft JET Database Engine, and the Home windows SMB Server.
READ  A more in-depth take a look at Home windows 10 S, Home windows 10 on ARM and Home windows 10 IoT

KB4041681 — Home windows 7 and Home windows Server 2008 R2 Month-to-month Rollup (see additionally security-only replace KB4041678)

  • Addressed concern with docking and undocking Web Explorer home windows.
  • Addressed concern with type submissions in Web Explorer.
  • Addressed concern with URL encoding in Web Explorer.
  • Addressed concern that stops a component from receiving focus in Web Explorer.
  • Addressed concern with the rendering of a graphics ingredient in Web Explorer.
  • Addressed concern the place USBHUB.SYS randomly causes reminiscence corruption that ends in random system crashes which can be extraordinarily tough to diagnose.
  • Safety updates to Microsoft Home windows Search Element, Home windows kernel-mode drivers, Microsoft Graphics Element, Web Explorer, Home windows kernel, Home windows Wi-fi Networking, Microsoft JET Database Engine, and the Home windows SMB Server.

Identified Points

  • After putting in KB4041691, downloading updates utilizing specific set up recordsdata could fail.Workaround:
    • Obtain updates from the Microsoft Replace Catalog
    • Run the next instructions from an administrative command immediate:
      • sc config bits begin= disabled
      • web cease bits
    • Set up the replace.
    • Run the next instructions from an administrative command immediate:
      • sc config bits begin= delayed-auto
      • web begin bits
  • After putting in KB4041681, package deal customers might even see an error dialog that signifies that an utility exception has occurred when closing some functions. This may have an effect on functions that use mshtml.dll to load internet content material. The failure solely happens when a course of is already shutting down and won’t influence utility performance.
  • Putting in KB4034674 could change Czech and Arabic languages to English for Microsoft Edge and different functions.
  • Techniques with assist enabled for USB Sort-C Connector System Software program Interface (UCSI) could expertise a blue display or cease responding with a black display when a system shutdown is initiated (KB4041676).

Safety advisories and updates

ADV170012 | Vulnerability in TPM may enable Safety Function Bypass – A safety vulnerability exists in sure Trusted Platform Module (TPM) chipsets. The vulnerability weakens key energy. It is very important observe that this can be a firmware vulnerability, and never a vulnerability within the working system or a particular utility. After you’ve put in software program and/or firmware updates, you will want to re-enroll in any safety providers you’re operating to remediate these providers.

ADV170013 | September 2017 Flash Safety Replace

ADV170014 | Non-obligatory Home windows NTLM SSO authentication adjustments — Microsoft is releasing an non-obligatory safety enhancement to NT LAN Supervisor (NTLM), limiting which community sources varied shoppers within the Home windows 10 or the Home windows Server 2016 working programs can use NTLM Single Signal On(SSO) as an authentication methodology. While you deploy the brand new safety enhancement with a Community Isolation Coverage defining your group’s sources, attackers can not redirect a consumer to a malicious useful resource exterior your group to acquire the NTLM authentication messages.

ADV170015 | Microsoft Workplace Protection in Depth Replace

ADV170016 — Home windows Server 2008 Protection in Depth

ADV170017 | Workplace Protection in Depth Replace

Non-security associated updates

KB4038801 — Replace for Home windows 10 Model 1607 and Home windows Server 2016

  • Mounted a Lock Workstation setting for sensible playing cards.
  • Mounted a difficulty within the Credentials Supervisor when saving empty passwords (system may cease working when utilizing these credentials).
  • Mounted WMI question concern the place entry tokens had been improperly closed.
  • Cloned file concern on ReFS programs.
  • Mounted error STOP 0x44 in Npfs!NpFsdDirectoryControl.
  • Mounted error 0x1_SysCallNum_71_nt!KiSystemServiceExitPico.
  • Mounted pc shedding entry to its area when MSA (Managed Service Account) renews the password mechanically.
  • Mounted RemoteApp points when minimizing and restoring to full display mode.
  • Patched delay points when accessing Workplace paperwork from distant community drives.
  • Mounted consumer logon delay points.
  • Addressed concern the place the Get-AuthenticodeSignature cmdlet doesn’t listing TimeStamperCertificate regardless that the file is time stamped.
  • Mounted errors “A number of Bugcheck BAD_POOL_CALLER (c2) 0000000000000007; Try and free pool which was already freed” and “0xCC PAGE_FAULT_IN_FREED_SPECIAL_POOL”.
  • Mounted Distant Desktop idle timeout warning not being displayed.
  • Mounted “he consumer title or password is inaccurate. 0x8007052e (WIN32: 1326 ERROR_LOGON_FAILURE)” in CA administration console when revoking certificates related to disabled consumer accounts.
  • Mounted a multi-factor authentication concern on units that use customized tradition definitions.
  • Addressed concern the place the cluster node stops working when utilizing async replication on very high-speed disks.
  • Mounted kernel reminiscence leak concern brought on by ksecdd.sys.
  • Mounted extreme reminiscence utilization points in LSASS.
  • Mounted impasse throughout RDP and console logons at “Making use of consumer profile settings”.
  • Mounted “get-tpm : An inner error was detected. (Exception from HRESULT: 0x80290107). At line:1 char:1” throughout TMP-related operations utilizing PowerShell.
  • Help for OIDC logout utilizing federated LDPs added.
  • Addressed Home windows Hi there CEP and CES-based certificates concern with gMSA accounts.
  • RPC reliability improved.
  • Mounted sensible card go browsing concern on Distant Desktop Server.
  • Mounted concern the place Hibernate As soon as/Resume Many” can’t be enabled on Home windows Server 2016 IoT with Unified Write Filter.
  • Mounted error 8409: “A database error has occurred”.
  • Addressed concern the place Home windows Server 2016 area controllers (DC) could log audit occasions with ID 4625 and 4776.
  • Mounted “There’s not sufficient house obtainable on the disk to finish this operation” and “Not sufficient obtainable capability” when attempting to increase a Clustered Shared Quantity past 2 Terabyte utilizing Disk Supervisor.
  • Addressed concern the place the Home windows Inside Database (WID) on Home windows Server 2016 AD FS servers fails to synchronize some settings due to a international key constraint
  • Addressed concern the place Home windows Server Necessities Storage Service stops working if a tiered digital disk is created on a storage pool that has HDD and SSD
  • Addressed entry violation in LSASS that happens in the course of the startup of the area controller function circumstances
  • BitLocker.psm1 will not log passwords if logging is enabled.
READ  Home windows 10 Insider Construct 16226: a number of enhancements

KB4040724 — Replace for Home windows 10 Model 1703

  • Mounted efficiency points or lag in Microsoft Edge after putting in KB4038788.
  • Reliability enhancements and fixes for mobile connectivity.

KB4036479 — Replace for Home windows eight.1 and Home windows Server 2012 R2 — Get rid of restarts in digital machine preliminary configuration in Home windows Server 2012 R2

The right way to obtain and set up the October 2017 safety updates

The October 2017 safety updates are made obtainable through Home windows Updates. All shopper variations of Home windows are configured to examine for and obtain essential updates mechanically.

This isn’t a real-time examine although, and you might run a guide examine for updates to get the updates earlier.

As at all times, create a backup earlier than you replace so to restore the system to a pre-update state if issues go flawed.

  1. Faucet on the Home windows-key, sort home windows replace, and choose the consequence from the listing of things Home windows shows.
  2. Choose “examine for updates” if Home windows Replace doesn’t examine for updates mechanically on the web page.
  3. Choose the updates you need to obtain if updates which can be discovered aren’t downloaded mechanically.

You might obtain the cumulative updates for Home windows 10, Home windows eight.1 and Home windows 7 from Microsoft’s Replace Catalog web site as properly. Direct obtain hyperlinks are listed under.

Direct replace downloads

Home windows 7 SP1 and Home windows Server 2008 R2 SP

  • KB4041681– 2017-10 Safety Month-to-month High quality Rollup for Home windows 7 for x86-based Techniques
  • KB4041678 — 2017-10 Safety Solely High quality Replace for Home windows Embedded Customary 7 for x64-based Techniques

Home windows eight.1 and Home windows Server 2012 R2

  • KB4041693 — 2017-10 Safety Month-to-month High quality Rollup for Home windows eight.1 for x86-based Techniques
  • KB4041687 — 2017-10 Safety Solely High quality Replace for Home windows eight.1 for x86-based Techniques

Home windows 10 and Home windows Server 2016 (model 1607)

  • KB4041691– 2017-10  Cumulative Replace for Home windows 10 Model 1607 and Home windows Server 2016

Home windows 10 and Home windows Server 2016 (model 1703)

  • KB4041676 — 2017-10 Cumulative Replace for Home windows 10 Model 1703

Further sources