Skip to main content

Microsoft Security Updates July 2017 release

Microsoft released security updates for all supported versions of Microsoft Windows and other company products on July 11, 2017.

The following guide provides you with in-depth information on the July 2017 Microsoft Patch Day. It starts with an executive summary that covers important to-know bits about the updates.

What follows is the distribution of updates for individual operating systems, server and client, and other Microsoft products.

It lists security updates, security advisories, and non-security updates afterwards, each with a short description and link to the Microsoft Knowledgebase article.

Last but not least, you get direct links to download the cumulative security and non-security, and only-security updates for all supported operating systems, and download information.

 

Microsoft Security Updates July 2017

You can download this Excel spreadsheet for a list of all security updates that Microsoft released on the July 2017 Patch Day. Just click on the following link to download the document to your computer: Microsoft Security Updates july 2017

Tip: Make sure you create a backup of your system before you install the patches.

Executive Summary

  • Microsoft released security updates for all client and server versions of Windows that the company supports.
  • All operating systems are affected by critical vulnerabilities.
  • Security updates have been released for other Microsoft products as well including Microsoft Office, Microsoft Edge, and Internet Explorer.
  • Windows 10 version 1507 won't receive security updates anymore.

Operating System Distribution

  • Windows 7:  22 vulnerabilities of which 2 are rated critical, 19 important, and 1 moderate
  • Windows 8.1: 24 vulnerabilities of which 2 are rated critical, 21 important, and 1 moderate
  • Windows RT 8.1: 21 vulnerabilities of which 2 are rated critical, and 21 important
  • Windows 10 version 1703: 27vulnerabilities of which 2 are rated critical, 23 important and 1 moderate

Windows Server products:

  • Windows Server 2008:  22 vulnerabilities, of which 2 are rated critical, 19 important, and 1 moderate
  • Windows Server 2008 R2: 23 vulnerabilities, of which 2 are rated critical, 20 important, and 1 moderate
  • Windows Server 2012 and 2012 R2: 24 vulnerabilities, of which 2 are rated critical 21 important, and 1 moderate
  • Windows Server 2016: 29 vulnerabilities of which 3 are rated critical, 25 important, and 1 moderate

Other Microsoft Products

  • Internet Explorer 11: 7 vulnerabilities, 5 critical, 2  important
  • Microsoft Edge: 19 vulnerabilities, 15 critical, 3 important,  1 moderate
  • Microsoft Office 2010 Service Pack 2: 2 vulnerabilities, 2 important
  • Microsoft Office 2013 Service Pack 1: 1 vulnerabilities, 1 important
  • Microsoft Office 2016: 1 vulnerability, 1 important

Security Updates

Windows 10 version 1703 -- July 11, 2017 -- KB4025342 (OS Build 15063.483)

  • Addressed issue introduced by KB4022716 where Internet Explorer 11 may close unexpectedly when you visit some websites.
  • Addressed issue to improve MediaCreationTool.exe support for Setup Tourniquet scenarios.
  • Addressed issue with CoreMessaging.dll that may cause 32-bit apps to crash on the 64-bit version of the Windows OS.
  • Addressed an issue where Visual Studio or a WPF application may terminate unexpectedly (stops responding, followed by a crash) when running on a pen and/or touch enabled machine with Windows 10 Creators Update.
  • Addressed issue that causes the system to crash when certain USB devices are unplugged while the system is asleep.
  • Addressed issues with screen orientation that stops working after lid close and lid open transitions.
  • Addressed issue that causes .jpx and .jbig2 images to stop rendering in PDF files.
  • Addressed issue where users could not elevate to Administrator through the User Account Control (UAC) dialog when using a smart card.
  • Addressed issue where input using the Korean handwriting feature dropped the last character of a word or moved it to the next line incorrectly.
  • Addressed issue with a race condition between the App-V Catalog Manager and the Profile Roaming Service. A new registry key is available to control the waiting period for App-V Catalog Manager, which allows any third-party Profile Roaming Service to complete.
    Security updates to Internet Explorer 11, Microsoft Edge, Windows Search, Windows kernel, Windows shell, Microsoft Scripting Engine, Windows Virtualization, Datacenter Networking, Windows Server, Windows Storage and File Systems, Microsoft Graphics Component, Windows kernel-mode drivers, ASP.NET, Microsoft PowerShell, and the .NET Framework.

Windows 8.1 and Windows Server 2012 R2 -- July 11, 2017—KB4025333 (Security-only update)

  • Security updates to Windows kernel, ASP.NET, Internet Explorer 11, Windows Search, Windows Storage and File Systems, Datacenter Networking, Windows Virtualization, Windows Server, Windows shell, Microsoft NTFS, Microsoft PowerShell, Windows Kernel-Mode Drivers, and Microsoft Graphics Component.

Windows 8.1 and Windows Server 2012 R2 -- July 11, 2017—KB4025336 (Monthly Rollup)

  • Addressed issue called out in KB4022720 where Internet Explorer 11 may close unexpectedly when you visit some websites.
  • Addressed issue that causes .jpx and .jbig2 images to stop rendering in PDF files.
  • And all security updates of KB4025333

Windows 7 SP1 and Windows Server 2008 R2 SP1 -- July 11, 2017—KB4025337 (Security-only update)

  • Security updates to Microsoft Graphics Component, Windows Search, Windows kernel-mode drivers, Windows Virtualization, Windows Server, Windows Storage and File Systems, Datacenter Networking, Windows shell, ASP.NET, Microsoft PowerShell, Windows kernel, and Microsoft NTFS.

Windows 7 SP1 and Windows Server 2008 R2 SP1 -- July 11, 2017 -- KB4025341 (Monthly Rollup)

  • Addressed issue called out in KB4022168 where Internet Explorer 11 may close unexpectedly when you visit some websites.
  • And all security updates of KB4025337.

KB4022746 -- Security Update for Windows Server 2008 and Windows XP Embedded -- Security update for the Kerberos SNAME security feature bypass vulnerability in Windows Server 2008: July 11, 2017

KB4022748 -- Security Update for Windows Server 2008 -- Security update for the Windows kernel information disclosure vulnerability in Windows Server 2008: July 11, 2017

KB4022883 -- Security Update for WES09 and POSReady 2009 -- Windows kernel information disclosure vulnerability: June 13, 2017

KB4022914 -- Security Update for Windows Server 2008 -- Security update for the Windows kernel information disclosure vulnerability in Windows Server 2008: July 11, 2017

KB4025240 -- Security Update for Windows Server 2008 and Windows XP Embedded -- Security update for the Microsoft browser security feature bypass vulnerability in Windows Server 2008: July 11, 2017

KB4025252 -- Cumulative Security Update for Internet Explorer

  • Addressed issue introduced by KB 4032782 where Internet Explorer may close unexpectedly when you visit some websites.
  • Addressed issue in Internet Explorer 11 where a text node returned from the DOMParser may be incorrect when MutationObserver for childList and subtree is active.
  • Addressed issue in Internet Explorer 11 where a crash can occur in limited scenarios when using the Find feature (Ctrl-F).
  • Addressed issue where the onhashchange event fails to trigger when navigating some hashed URLs in Internet Explorer 11.
  • Addressed issue where the NewWindow3 event handler is never called in a managed WebBrowser class of .NET 4.6.
  • Addressed issue that can cause cursor flicker when hovering over a pop-up menu option in Internet Explorer 11 and Microsoft Edge.
  • Addressed issue where Internet Explorer 11 crashes when a user clicks an empty column header and then quickly does a Shift + double click.
  • Addressed issue where Internet Explorer 11 crashes with certain Browser Helper Objects after the July Internet Explorer updates.
  • Addressed issue where certain elements (input or select) cannot be active targets of any action in Internet Explorer 11. This occurs after removing an iframe that contained a cursor inside certain elements (input or select) and adding a new iframe.

KB4025397 -- Security Update for Windows Server 2008 -- Security update for the Windows Performance Monitor information disclosure vulnerability in Windows Server 2008: July 11, 2017

KB4025398 -- Security Update for Windows Server 2008 and Windows XP Embedded -- Security update for the MSINFO.exe information disclosure vulnerability in Windows Server 2008: July 11, 2017

KB4025409 -- Security Update for Windows Server 2008 and Windows XP Embedded -- Security update for the Windows elevation of privilege vulnerability in Windows Server 2008: July 11, 2017

KB4025497 -- Security Update for Windows Server 2008 and Windows XP Embedded -- Security update for the Windows Explorer remote code execution vulnerability in Windows Server 2008: July 11, 2017

KB4025674 -- Security Update for Windows Server 2008 -- Security update for the Windows Explorer denial of service vulnerability in Windows Server 2008: July 11, 2017

KB4025872 -- Security Update for Windows Server 2008 -- Security update for the Windows PowerShell remote code execution vulnerability in Windows Server 2008: July 11, 2017

KB4025877 -- Security Update for WES09 and POSReady 2009 -- This security update resolves vulnerabilities in Windows Server 2008 that could allow elevation of privilege or information disclosure.

KB4026059- Security Update for Windows Server 2008 --Security update for the Windows CLFS elevation of privilege vulnerability in Windows Server 2008: July 11, 2017

KB4026061 -- Security Update for Windows Server 2008 and Windows XP Embedded -- Security update for the WordPad remote code execution vulnerability in Windows Server 2008: July 11, 2017

KB4032955 -- Security Update for Windows Server 2008 and Windows XP Embedded -- Security update for the Windows Search remote code execution vulnerability in Windows Server 2008: July 11, 2017

KB4033107 -- July 11, 2017, update for Microsoft Office

Known Issues

Important note for CVE-2017-8563: After installing the updates for CVE-2017-8563, to make LDAP authentication over SSL/TLS more secure, administrators need to create a LdapEnforceChannelBinding registry setting on a Domain Controller.

Security advisories and updates

Microsoft Security Advisory 4033453 -- Vulnerability in Azure AD Connect Could Allow Elevation of Privilege

The update addresses a vulnerability that could allow elevation of privilege if Azure AD Connect Password writeback is misconfigured during enablement. An attacker who successfully exploited this vulnerability could reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts.

The issue is addressed in the latest version (1.1.553.0) of Azure AD Connect by not allowing arbitrary password reset to on-premises AD privileged user accounts.

Non-security related updates

KB4034374 -- 2017-07 Dynamic Update for Windows 10 Version 1703 -- Compatibility update for upgrading to Windows 10 Version 1703: July 11, 2017

KB890830 -- Windows Malicious Software Removal Tool - July 2017 -- Remove specific prevalent malware with Windows Malicious Software Removal Tool

How to download and install the July 2017 security updates

windows updates july 2017

Windows PCs are configured by default to search for, download and install updates automatically. This is not a real-time action, and if time is of the essence, you may run a manual check for updates at any time.

  1. Tap on the Windows-key, type Windows Update, and hit the Enter-key.
  2. Depending on how Windows Update is configured, you either need to click on the "check for updates" button, or that happens automatically.
  3. Again, depending on the configuration, Windows may download and install these updates automatically when found, or on user request.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • kb4025341 -- July 11, 2017 Monthly Rollup
  • kb4025337 --  July 11, 2017 Security-only update

Windows 8.1 and Windows Server 2012 R2

  • kb4025336 -- July 11, 2017 Monthly Rollup
  • kb4025333 -- July 11, 2017 Security-only update

Windows 10 and Windows Server 2016 (version 1703)

  • kb4025342 -- Cumulative Update for Windows 10 Version 1703

Additional resources

 

This article was first seen on ComTek's "TekBits" Technology News

HOME