Microsoft July 2017 patch day

Microsoft has released on July 11, 2017 a couple of cumulative updates for Windows 10, Rollup Updates for Windows 7 SP1 and Windows 8.1 and some other updates for Internet Explorer, .Net Framework and so on.


Advertising


Internet Explorer 11 Updates are fixing IE 11 crashed observed after the last IE update. Here are the update categories:

  • Internet Explorer
  • Microsoft Edge
  • Microsoft Windows
  • Microsoft Office und Microsoft Office Services sowie Web Apps
  • .NET Framework
  • Adobe Flash Player
  • Microsoft Exchange Server

Windows 10 Version 1507 is out of support since May 9, 2017, except Windows 10 Enterprise 2015 LTSB. For CVE-2017-8563 see KB4034879. An overview of all patches may be found here. Here is a list of updates from Juli 11, 2017:

  • KB4025342: Windows 10 Version 1703
  • KB4025339: Windows 10 Version 1607
  • KB4025344: Windows 10 Version 1511
  • KB4025338: Windows 10 Version 1507
  • KB4025336: (Monthly Rollup) for Windows 8.1/Windows Server 2012 R2
  • KB4025333: (Security-only update) for Windows 8.1/Windows Server 2012 R2
  • KB4025341: (Monthly Rollup) for Windows 7/Windows Server 2008 R2 SP1
  • KB4025337: (Security-only update) for Windows 7/Server 2008 R2 SP1
  • KB4022746: Security Update for Windows Server 2008 and Windows XP Embedded
  • KB4022748: Security Update for Windows Server 2008
  • KB4022883: Security Update for Windows Server 2008
  • KB4022914: Security Update for Windows Server 2008
  • KB4025240: Security Update for Windows Server 2008
  • KB4025252: Cumulative Security Update for Internet Explorer
  • KB4025397: Security Update for Windows Server 2008
  • KB4025398: Security Update for Windows Server 2008
  • KB4025409: Security Update for Windows Server 2008
  • KB4025497: Security Update for Windows Server 2008
  • KB4025674: Security Update for Windows Server 2008
  • KB4025872: Security Update for Windows Server 2008
  • KB4025877: Security Update for Windows Server 2008
  • KB4026059: Security Update for Windows Server 2008
  • KB4026061: Security Update for Windows Server 2008
  • KB4032955: Security Update for Windows Server 2008

And there is update KB4034374 (2017-07 Dynamic Update for Windows 10 Version 1703. Updates for .Net, Office etc. are not listed here. Below are the details from Microsoft’s Security Bulletins.

Microsoft Security Bulletin July 2017

********************************************************************
Microsoft Security Update Summary for July 2017
Issued: July 11, 2017
********************************************************************

This summary lists security updates released for July 2017.

Complete information for the July 2017 security update release can
Be found at https://portal.msrc.microsoft.com/en-us/security-guidance.

Critical Security Updates
============================

Critical    Adobe Flash Player
Critical    Internet Explorer 9
Critical    Internet Explorer 11
Critical    Microsoft Edge
Critical    Windows 7 for 32-bit Systems Service Pack 1
Critical    Windows 7 for x64-based Systems Service Pack 1
Critical    Windows 8.1 for 32-bit systems
Critical    Windows 8.1 for x64-based systems
Critical    Windows RT 8.1
Critical    Windows 10 for 32-bit Systems
Critical    Windows 10 for x64-based Systems
Critical    Windows 10 Version 1511 for 32-bit Systems
Critical    Windows 10 Version 1511 for x64-based Systems
Critical    Windows 10 Version 1607 for 32-bit Systems
Critical    Windows 10 Version 1607 for x64-based Systems
Critical    Windows 10 Version 1703 for 32-bit Systems
Critical    Windows 10 Version 1703 for x64-based Systems
Critical    Windows Server 2008 for 32-bit Systems Service Pack 2
Critical    Windows Server 2008 for 32-bit Systems Service Pack 2
            (Server Core installation)
Critical    Windows Server 2008 for Itanium-Based Systems Service
            Pack 2
Critical    Windows Server 2008 for x64-based Systems Service
            Pack 2
Critical    Windows Server 2008 for x64-based Systems Service
            Pack 2 (Server Core installation)
Critical    Windows Server 2008 R2 for Itanium-Based Systems
            Service Pack 1
Critical    Windows Server 2008 R2 for x64-based Systems Service
            Pack 1
Critical    Windows Server 2008 R2 for x64-based Systems Service
            Pack 1 (Server Core installation)
Critical    Windows Server 2012
Critical    Windows Server 2012 (Server Core installation)
Critical    Windows Server 2012 R2
Critical    Windows Server 2012 R2 (Server Core installation)
Critical    Windows Server 2016
Critical    Windows Server 2016 (Server Core installation)

Important Security Updates
============================

Important    Excel Services installed on Microsoft SharePoint Server 2010
            Service Pack 2
Important    Microsoft Business Productivity Servers 2010 Service Pack 2
Important    Microsoft Excel 2007 Service Pack 3
Important    Microsoft Excel 2010 Service Pack 2 (32-bit editions)
Important    Microsoft Excel 2010 Service Pack 2 (64-bit editions)
Important    Microsoft Excel 2013 RT Service Pack 1
Important    Microsoft Excel 2016 (32-bit edition)
Important    Microsoft Excel 2016 (64-bit edition)
Important    Microsoft Excel Viewer 2007 Service Pack 3
Important    Microsoft Office 2007 Service Pack 3
Important    Microsoft Office 2010 Service Pack 2 (32-bit editions)
Important    Microsoft Office 2010 Service Pack 2 (64-bit editions)
Important    Microsoft Office 2013 RT Service Pack 1
Important    Microsoft Office 2013 Service Pack 1 (32-bit editions)
Important    Microsoft Office 2013 Service Pack 1 (64-bit editions)
Important    Microsoft Office 2016 (32-bit edition)
Important    Microsoft Office 2016 (64-bit edition)
Important    Microsoft Office 2016 for Mac
Important    Microsoft Office for Mac 2011
Important    Microsoft Office Compatibility Pack Service Pack 3
Important    Microsoft Office Online Server 2016
Important    Microsoft Office Web Apps 2010 Service Pack 2
Important    Microsoft SharePoint Enterprise Server 2013
Important    Microsoft SharePoint Enterprise Server 2016
Important    Microsoft .NET Framework 4.6
Important    Microsoft .NET Framework 4.6.1
Important    Microsoft .NET Framework 4.6.2/4.7
Important    Microsoft .NET Framework 4.7
Important    Microsoft Exchange Server 2013 Service Pack 1
Important    Microsoft Exchange Server 2013 Cumulative Update 16
Important    Microsoft Exchange Server 2016 Cumulative Update 5

Moderate Security Updates
============================

Moderate    Internet Explorer 10
Moderate    Microsoft Exchange Server 2010 Service Pack 3

********************************************************************
Title: Microsoft Security Update Releases
Issued: July 11, 2017
********************************************************************

Summary
=======

The following CVEs and Microsoft security bulletins have undergone
a major revision increment.

* CVE-2016-3305
* CVE-2017-0292
* CVE-2017-8543
* MS16-111
* MS16-SEP

CVE Revision Information:
=====================

CVE-2016-3305

– Title: CVE-2016-3305 | Windows Session Object Elevation of
   Privilege Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: Revised the Affected Products table to
   include 10 Version 1703 for 32-bit Systems and Windows 10 Version
   1703 for x64-based Systems because they are affected by
   CVE-2016-3305. Microsoft recommends that customers running Windows
   10 Version 1703 should install update 4025342 to be protected from
   this vulnerability.
– Originally posted: September 13, 2016 
– CVE Severity Rating: Important
– Version: 2.0

CVE-2017-0292

– Title: CVE-2017-0292 | Windows PDF Remote Code Execution
   Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: To address a known issue customers
   may have experienced when rendering PDF files, Microsoft
   has released an update with the July security and monthly
   rollup updates. Microsoft recommends that customers who
   have experienced this known issue should install the July
   security or monthly rollup updates.
– Originally posted: June 13, 2017
– Updated: June 13, 2017
– CVE Severity Rating: Critical
– Version: 5.0

CVE-2017-8543

– CVE-2017-8543 | Windows Search Remote Code Execution
   Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance
– Reason for Revision: To more comprehensively address
   CVE-2017-8543, Microsoft is releasing security update 4025339
   for affected editions of Windows 10 Version 1607 and security
   update 4025342 for affected editions of Windows 10 Version 1703.
   Microsoft recommends that customers running these versions of
   Windows 10 install the updates to be protected from this
   vulnerability.
– Originally posted: June 13, 2017 
– Updated: July 11, 2017
– CVE Severity Rating: Critical
– Version: 5.0

Microsoft Becurity Bulletin Revision Information:
=====================

MS16-111

– Title: Security Update for Windows Kernel (3186973)
https://technet.microsoft.com/library/security/ms16-111
– Reason for Revision: Revised the Windows Affected Software
   and Vulnerability Severity Ratings  table to include 10 Version
   1703 for 32-bit Systems and Windows 10 Version 1703 for x64-based
   Systems because they are affected by CVE-2016-3305. Microsoft
   recommends that customers running Windows 10 Version 1703 should
   install update 4025342 to be protected from this vulnerability.
– Originally posted: September 13, 2016 
– CVE Severity Rating: Important
– Version: 2.0

MS16-SEP

– Title: Microsoft Security Bulletin Summary for September 2016
https://technet.microsoft.com/library/security/ms16-SEP
– Reason for Revision: For MS16-111, added Windows 10 Version
   1703 for 32-bit Systems and Windows 10 Version 1703 for
   x64-based Systems to the Affected Software table because
   they are affected by CVE-2016-3305. Microsoft recommends that
   customers running Windows 10 Version 1703 should install
   update 4025342 to be protected from this vulnerability.
– Originally posted: September 13, 2016 
– CVE Severity Rating: N/A
– Version: 2.0


Advertising



This entry was posted in Update, Windows and tagged , , . Bookmark the permalink.

2 Responses to Microsoft July 2017 patch day

  1. Michael Hall says:

    Looks like there is a problem with KB4025252 installing multiple times and then still says it is needed.

Leave a Reply

Your email address will not be published. Required fields are marked *