Virtual Administrator’s January 2017 Patch Recommendations

4 Security Bulletins were released – 1 Critical, 3 Important, and 0 Moderate

This Month In Brief

We have not uncovered any widespread problems with any of these patches and are releasing all of them.

MS17-003 is rated Critical. After your next patch cycle completes you should follow up and make sure this is installed. There is a known issue with the Windows 10 Edge patch – see below.
This is the lightest Patch Tuesday we can remember. There is no rollup for Windows 8.1 or Server 2012/2012R2

No out-of-band security updates were released during the last month.

Heads Up: Known Issues with Windows 10 cumulative
The 3D rendering apps affects all 3 versions while the Cluster Service issue affects Windows 10 version 1607 only. There are not a lot of complaints posted about the 3D rendering apps so I do not think it affects a large number of machines. Unfortunately the only known workaround is to disable the additional monitor(s). The workaround for the Cluster Service issue is to manually start the service or reboot a second time.

KB3210720,KB3210721,KB3213986-Users may experience delayed or clipped screens while running 3D rendering apps (such as games) on systems with more than one monitor.

KB3213986-The Cluster Service may not start automatically on the first reboot after applying the update.

January 10, 2017—KB3213986 (OS Build 14393.693)
https://support.microsoft.com/en-us/help/4009938/january-10-2017-kb3213986-os-build-14393-693

Win10 cumulative updates: 14393.693, 10586.753, both with known problems
https://www.askwoody.com/2017/win10-cumulative-updates-14393-693-10586-753-both-with-known-problems/

Cumulative update for Windows 10 and Server 2016

  • KB3210720 – Original release
  • KB3210721 – Version 1511
  • KB3213986 – Version 1607 (Anniversary Update)
  • KB3213986 – Server 2016
  • Note: Server 2016 uses the same KB as Windows 10 Version 1607

Exploitability

Requires Restart

  • Servers:True
  • Workstations:True

New Security Bulletins

(MS#/Affected Software/Type)

CRITICAL

MS17-003 Security Update for Adobe Flash Player (3214628) (Adobe Flash Player) This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.
Details
Affected Software: Windows 8.1/10, Server 2012/2012R2/2016, Windows RT 8.1
Known Issues per MS:

IMPORTANT

MS17-001 Security Update for Microsoft Edge (3214288) (Microsoft Edge) This vulnerability could allow an elevation of privilege if a user views a specially crafted webpage using Microsoft Edge.
Details
Affected Software: Edge
Known Issues per MS:
MS17-002 Security Update for Microsoft Office (3214291) (Microsoft Office) he vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office file.
Details
Affected Software: Microsoft Word 2016, SharePoint Server 2016
Known Issues per MS:
MS17-004 Security Update for Local Security Authority Subsystem Service (3216771) (Microsoft Windows) A denial of service vulnerability exists in the way the Local Security Authority Subsystem Service (LSASS) handles authentication requests
Details
Affected Software: Vista, Windows 7, Server 2008/2008R2
Known Issues per MS: