Microsoft Security Updates May 2017

  • 9 May 2017
  • 1 reply
  • 32 views

Userlevel 7
Badge +52
Executive Summary
  • No more Windows Vista patches.
  • This is the last patch day for the Windows 10 RTM release. It won't be supported anymore after today.
  • Updates were released for all supported client and server versions of Windows.
  • Other Microsoft products with patches are: Internet Explorer, Microsoft Edge, Microsoft Office, the Microsoft .NET Framework, and Adobe Flash Player

Operating System Distribution

  • Windows 7:  26 vulnerabilities of which 4 are rated critical, and 22 important
  • Windows 8.1: 22 vulnerabilities of which 4 are rated critical, and the remaining 18 important
  • Windows RT 8.1: 20 vulnerabilities of which 4 are rated critical, and 16 important
  • Windows 10 version 1703: 22 vulnerabilities of which four are rated critical, and 16 important.
Windows Server products:
  • Windows Server 2008:  27 vulnerabilities, of which 4 are rated critical, and 23 important
  • Windows Server 2008 R2: 27 vulnerabilities, of which 4 are rated critical, and 23 important
  • Windows Server 2012 and 2012 R2: 24 vulnerabilities, of which 4 are rated critical and 20 important
  • Windows Server 2016: 23 vulnerabilities of which 4 are rated critical, and 19 important
Other Microsoft Products
  • Internet Explorer 11: 10 vulnerabilities, 2 critical, 6 important, 2 moderate
  • Microsoft Edge: 28 vulnerabilities, 16 critical, the rest important
  • Microsoft Office: varies depending on version.

Security Updates

KB4019263 -- Security-only update for Windows 7 and Windows Server 2008 R2
  • Updated Windows Cryptography API to deprecate SHA-1 for SSL/TLS Server Authentication, including in Microsoft Edge and Internet Explorer 11 . See Advisory 4010323 for more information.
  • Security updates to Microsoft Graphics Component, Windows COM, Microsoft ActiveX, Windows Server, Windows kernel, and Microsoft Windows DNS.
KB4019213 -- Security-only update for Windows 8.1 and Windows Server 2012 R2
  • Updated Windows Cryptography API to deprecate SHA-1 for SSL/TLS Server Authentication, including in Microsoft Edge and Internet Explorer 11. See Advisory 4010323 for more information.
  • Security updates to Microsoft Graphics Component, Microsoft Windows DNS, Windows COM, Windows Server and Windows kernel.
KB4018271 -- Cumulative security update for Internet Explorer: May 9, 2017
KB4019216 -- not published yet
KB4019108 -- Security Only update for the .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, and 4.6.2 updates for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: May 9, 2017
KB4019109 -- Security Only update for the .NET Framework 2.0 Service Pack 2, 4.5.2, and 4.6 updates for Windows Server 2008 Service Pack 2: May 9, 2017
KB4019110 --  Security Only update for the .NET Framework 3.5 Service Pack 1, 4.5.2, 4.6, 4.6.1, and 4.6.2 updates for Windows Server 2012: May 9, 2017
KB4019111 -- Security Only update for the .NET Framework 3.5 Service Pack 1, 4.5.2, 4.6, 4.6.1, and 4.6.2 updates for Windows 8.1 and Windows Server 2012 R2: May 9, 2017

Security advisories and updates

Microsoft Security Advisory 4022344 -- Security Update for Microsoft Malware Protection Engine (check out our coverage here)

Non-security related updates

KB4019264 -- Monthly rollup for Windows 7 and Windows Server 2008 R2
  • Addressed issue where, after installing security update KB4015549, applications that use msado15.dll stop working.
  • Updated Internet Explorer 11’s New Tab Page with an integrated newsfeed.
  • Deprecated SHA-1 Microsoft Edge and Internet Explorer 11 for SSL/TLS Server Authentication. See Advisory 4010323 for more information.
  • Security updates to Internet Explorer, Microsoft Graphics Component, Windows COM, Microsoft ActiveX, Windows Server, Windows kernel, and Microsoft Windows DNS.
KB4019215 -- Monthly rollup for Windows 8.1 and Windows Server 2012 R2
  • same as KB4019264
KB4016871 -- Cumulative update for Windows 10 Version 1703 (OS Build 15063.296 and 15063.297)
  • Addressed issue with Surface Hub devices waking from sleep approximately every four minutes after the first two hours.
  • Addressed issue where autochk.exe can randomly skip drive checks and not fix corruptions, which may lead to data loss.
  • Addressed an issue where Microsoft Edge users in networking environments that do not fully support the TCP Fast Open standard may have problems connecting to some websites. Users can re-enable TCP Fast Open in about:flags.
  • Addressed issues with Arc Touch mouse Bluetooth connectivity.
  • Security updates to Microsoft Edge, Internet Explorer, Microsoft Graphics Component, Windows SMB Server, Windows COM, Microsoft Scripting Engine, Windows kernel, Windows Server, and the .NET Framework.
KB4020498 -- Update for .NET Framework 4.6.2 on Windows Server 2012 for x64
KB4020499 -- Update for .NET Framework 4.6.2 on Windows 8.1 and Windows Server 2012 R2
KB4020500 -- Update for .NET Framework 4.6, 4.6.1 on Windows Embedded 8 Standard and Windows Server 2012
KB4020502 -- Update for .NET Framework 4.6, 4.6.1 on Windows 8.1 and Windows Server 2012 R2
KB4020503 -- Update for .NET Framework 4.6 on Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008
KB4020505 -- Update for .NET Framework 4.5.2 on Windows 8.1 and Windows Server 2012 R2
KB4020506 -- Update for .NET Framework 4.5.2 on Windows Embedded 8 Standard and Windows Server 2012
KB4020507 -- Update for .NET Framework 4.5.2 on Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008
KB4020510 -- Update for .NET Framework 4 on WES09 and POSReady 2009
KB4020511 -- Update for .NET Framework 2.0 on Windows Server 2008
KB4020512 -- Update for .NET Framework 3.5 on Windows Embedded 8 Standard and Windows Server 2012
KB4020513 -- Update for .NET Framework 3.5.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2
KB4020514 -- Update for .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2
KB4020517 -- Update for .NET Framework 2.0 SP2 on WES09 and POSReady 2009
KB4015193 -- Update for Windows 8.1, Windows Server 2012 R2, Windows Embedded 8 Standard, Windows Server 2012, Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, Windows Server 2008, and Windows XP Embedded
KB4015552 -- April, 2017 Preview of Monthly Quality Rollup for Windows 7 and Windows Server 2008 R2
KB4015553 -- April, 2017 Preview of Monthly Quality Rollup for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2
KB4015554 -- April, 2017 Preview of Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012
KB4016240 -- Windows 10 Version 1703 OS Build 15063.250 upgrade
  • Addressed issue where VMs might experience loss in network connectivity while provisioning IP addresses.
  • Addressed issue that does not initiate a remote ring on the device when RemoteRing Configuration Service Provider (CSP) is used.
  • Addressed issue where a memory leak occurs in Internet Explorer when hosting pages containing nested framesets that load cross-domain content.
  • Addressed issue where Internet Explorer 11 does not save JavaScript files when exporting to an MHT file.
  • Addressed issue that causes users to get logged out from Web applications intermittently.
  • Addressed issue with a very dim internal monitor that may occur when booting with the external monitor only and then switching to the built-in panel only.
  • Addressed issue where running Win32 Direct3D applications or games in full-screen exclusive mode causes the system to become unresponsive when resuming from Connected Standby.
  • Addressed issue where when upgrading to Windows 10, version 1703, with the system language set to Chinese, the progress page displays geometric shapes instead of the correct localized strings.
  • Addressed issue that prevents the lock screen from being disabled using Group Policy on Professional SKUs.
  • Addressed issue in Windows Forms configuration options, which causes antivirus applications to stop working at startup.
  • Addressed additional issues with compatibility, Internet Explorer, and Microsoft Edge

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP1
Windows 8.1 and Windows Server 2012 R2
Windows 10 and Windows Server 2016 (version 1703)
 May 2017 Security Updates release notes
List of software updates for Microsoft products
List of security advisories
Security Updates Guide
Microsoft Update Catalog site
Our in-depth Windows update guide
Windows 10 Update History
Windows 8.1 Update History
Windows 7 Update History
 
via ghacks.net

1 reply

Userlevel 7
Badge +54
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
 
********************************************************************
Microsoft Security Update Summary for May 2017
Issued: May 9, 2017
********************************************************************
 
This summary lists security updates released for May 2017.
 
Complete information for the May 2017 security update release can Be found at <https://portal.msrc.microsoft.com/en-us/security-guidance>.
 
Critical Security Updates
============================
 
Critical           Adobe Flash Player
Critical           Internet Explorer 10
Critical           Internet Explorer 11
Critical           Internet Explorer 9
Critical           Microsoft Edge
Critical           Microsoft Business Productivity Servers 2010
Critical           Microsoft Office 2007 Service Pack 3
Critical           Microsoft Office 2010 Service Pack 2 (32-bit editions)
Critical           Microsoft Office 2010 Service Pack 2 (64-bit editions)
Critical           Microsoft Office 2013 RT Service Pack 1
Critical           Microsoft Office 2013 Service Pack 1 (32-bit editions)
Critical           Microsoft Office 2013 Service Pack 1 (64-bit editions)
Critical           Microsoft Office 2016 (32-bit edition)
Critical           Microsoft Office 2016 (64-bit edition)
Critical           Microsoft Office 2016 for Mac
Critical           Microsoft Office Compatibility Pack Service Pack 3
Critical           Microsoft Office for Mac 2011
Critical           Microsoft Office Web Apps 2010 Service Pack 2
Critical           Microsoft Office Web Apps 2013 Service Pack 1
Critical           Microsoft Office Word Viewer
Critical           Microsoft Office Web Apps Server 2013
Critical           Microsoft Office Online Server
Critical           Microsoft Project Server 2013
Critical           Microsoft SharePoint Enterprise Server 2016
Critical           Microsoft SharePoint Foundation 2013 Service Pack 1
Critical           Microsoft SharePoint Server 2010
Critical           Microsoft SharePoint Foundation 2013
Critical           Microsoft SharePoint Enterprise Server 2013
Critical           Word Automation Services
Critical           Microsoft Word 2007 Service Pack 3
Critical           Microsoft Word 2010 Service Pack 2 (32-bit editions)
Critical           Microsoft Word 2010 Service Pack 2 (64-bit editions)
Critical           Microsoft Word 2013 RT Service Pack 1
Critical           Microsoft Word 2013 Service Pack 1 (32-bit editions)
Critical           Microsoft Word 2013 Service Pack 1 (64-bit editions)
Critical           Microsoft Word 2016 (32-bit edition)
Critical           Microsoft Word 2016 (64-bit edition)
Critical           Skype for Business 2016
Critical           Windows 7 for 32-bit Systems Service Pack 1
Critical           Windows 7 for x64-based Systems Service Pack 1
Critical           Windows 8.1 for 32-bit systems
Critical           Windows 8.1 for x64-based systems
Critical           Windows RT 8.1
Critical           Windows 10 for 32-bit Systems
Critical           Windows 10 for x64-based Systems
Critical           Windows 10 Version 1511 for 32-bit Systems
Critical           Windows 10 Version 1511 for x64-based Systems
Critical           Windows 10 Version 1607 for 32-bit Systems
Critical           Windows 10 Version 1607 for x64-based Systems
Critical           Windows 10 Version 1703 for 32-bit Systems
Critical           Windows 10 Version 1703 for x64-based Systems
Critical           Windows Server 2008 for 32-bit Systems Service Pack 2
Critical           Windows Server 2008 for 32-bit Systems Service Pack 2
            (Server Core installation)
Critical           Windows Server 2008 for Itanium-Based Systems Service
            Pack 2
Critical           Windows Server 2008 for x64-based Systems Service
            Pack 2
Critical           Windows Server 2008 for x64-based Systems Service
            Pack 2 (Server Core installation)
Critical           Windows Server 2008 R2 for Itanium-Based Systems
            Service Pack 1
Critical           Windows Server 2008 R2 for x64-based Systems Service
            Pack 1
Critical           Windows Server 2008 R2 for x64-based Systems Service
            Pack 1 (Server Core installation)
Critical           Windows Server 2012
Critical           Windows Server 2012 (Server Core installation)
Critical           Windows Server 2012 R2
Critical           Windows Server 2012 R2 (Server Core installation)
Critical           Windows Server 2016
Critical           Windows Server 2016 (Server Core installation)
 
Important Security Updates
============================
 
Important     Microsoft .NET Framework 2.0 Service Pack 2
Important     Microsoft .NET Framework 3.5
Important     Microsoft .NET Framework 3.5.1
Important     Microsoft .NET Framework 4.5.2
Important     Microsoft .NET Framework 4.6
Important     Microsoft .NET Framework 4.6.1
Important     Microsoft .NET Framework 4.6.2
Important     Microsoft .NET Framework 4.6/4.6.1
Important     Microsoft .NET Framework 4.7
 
 
Other Information
=================
 
Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.

Reply