Microsoft Security Updates January 2017

Martin Brinkmann
Jan 10, 2017
Updated • Jan 4, 2018
Companies, Microsoft

It is the second Tuesday of the month, and that means it is once again Patch Day over at Microsoft.

The company has released security updates and non-security updates for client and server versions of its Windows operating system, as well as for other company products today.

Our guide provides you with information on these updates. It lists all security bulletins that Microsoft released this month, and all non-security updates and security advisories.

It starts with an executive summary that highlights the most important information, and lists who all client and server operating systems, and other Microsoft products, are affected this month.

Last but not least, it provides you with information on how to download the updates, direct links to major updates, and links to resources that provide you with additional information.

Microsoft Security Bulletins January 2017

microsoft updates january 2017

Executive Summary

  • Microsoft released 4 security bulletins in January 2017.
  • 2 of the bulletins are rated critical, the highest severity rating.
  • Vulnerabilities affect all client and server Windows versions that Microsoft supports with the exception of Windows 8.1 and Windows Server 2012 R2. Therefore, no Security Only Quality Update or Security Monthly Quality Update was released for these operating systems.
  • Other Microsoft products for which updates were released include Microsoft Office, Internet Explorer, and Microsoft Edge.

Operating System Distribution

Only Windows 8.1, Windows 8.1 RT, and Windows 10 are affected by a critical vulnerability on the client side. The only server operating system affected by  a vulnerability rated critically is Windows Server 2016.

All are affected by MS17-003, a bulletin that patches Adobe Flash Player. That's also the reason why Windows 7, Vista and Windows Server 2008, 2008 R2 and 2012 are not affected by the vulnerability.

It is also interesting to note that Microsoft rates MS17-001 as important, even though Microsoft Edge on Windows 10 is affected by the vulnerability critically.

  • Windows Vista: 1 important
  • Windows 7: 1 important
  • Windows 8.1: 1 critical
  • Windows RT 8.1: 1 critical
  • Windows 10: 1 critical, 1 important
  • Windows Server 2008: 1 important
  • Windows Server 2008 R2: 1 important
  • Windows Server 2012 and 2012 R2: 1 moderate
  • Windows Server 2016: 1 critical, 1 moderate
  • Server core: 1 important, 1 moderate

Other Microsoft Products

  • Microsoft Office 2016: 1 critical
  • Microsoft Office Services and Web Apps: 1 critical

Security Bulletins

Red = critical

MS17-001 -- Security Update for Microsoft Edge (3199709)

This security update resolves a vulnerability in Microsoft Edge. This vulnerability could allow an elevation of privilege if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited this vulnerability could gain elevated permissions on the namespace directory of a vulnerable system and gain elevated privileges

MS17-002 -- Security Update for Microsoft Office (3214291)

This security update resolves a vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

MS17-003 -- Security Update for Adobe Flash Player (3214628)

This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.

MS17-004 -- Security Update for Local Security Authority Subsystem Service (3216771)

A denial of service vulnerability exists in the way the Local Security Authority Subsystem Service (LSASS) handles authentication requests. An attacker who successfully exploited the vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests.

Security advisories and updates

Microsoft Security Advisory 2755801 -- Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge

Non-security related updates

KB3213986 -- Cumulative update for Windows 10, OS Build 14393.693

  • Improved the reliability of Groove Music playback in the background, App-V, video playback and Remote Desktop.
  • Addressed issue where after successful fingerprint authentication on a device with the screen off, the screen does not turn back on.
  • Addressed issue where only one input device works when you connect two similar input devices to the same machine.
  • Addressed issue in the App-V Connection Group that allows users to have access to pieces of functionality that they were not designated to for access.
  • Addressed issue that prevents users from selecting multiple certificates simultaneously through the UI.
  • Addressed issue where the Request Control function does not work with Remote Assistance if the user being assisted is on Windows Server 2008 R2 or Windows Server 2012.
  • Addressed issue that prevents a smart card module from pairing with a contactless smart card reader.
  • Addressed issue with license conversion of Server Core from evaluation version to a retail version.
  • Addressed issue that prevents users from opening Internet shortcut (.URL) files with Internet Explorer when Enhanced Protected Mode is enabled.
  • Addressed issue that prevents users from logging on if a device has been away from the corporate network over a period of time.
  • Addressed additional issues with Microsoft Edge, clustering, Internet Explorer, Windows Update, input devices, facial recognition, Logon, Hyper-V, PCI bus drivers and Windows Kernel.

KB3212646 -- January 2017 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1

  • MS17-004 Security Update for Local Security Authority Subsystem Service (3216771)

KB3212642 -- January 2017 Security Only Quality Update for Windows 7 SP1 and Windows Server 2008 R2 SP1

  • MS17-004 Security Update for Local Security Authority Subsystem Service (3216771)

KB3210063 -- Update for Windows Server 2012 R2 -- "0x000000D1" Stop error with update rollups on Windows Server 2012 R2

KB3210083 -- Update for Windows 8.1 and Windows Server 2012 R2 -- iSCSI disks are lost on upgrade for StorSimple appliances after update 3172614 is installed on Windows Server 2012 R2

KB3210694 -- Update for Internet Explorer -- Internet browser page becomes blank after you install security updates 3185330 in Windows 7 SP1 or security update 3185331 in Windows 8.1

How to download and install the January 2017 security updates

Microsoft releases individual patches for Windows Vista, and cumulative updates for Windows 7, Windows 8.1 and Windows 10.

This means that options are limited when it comes to updating systems running Windows 7 or newer versions of Windows.

Patches are provided via Windows Update. Please note that the full security and non-security rollup updates are provided through Windows Update, but not the security-only rollup updates. If you only want security updates, you have to download them from the Microsoft Update Catalog instead.

Download links are provided in the next section below.

To check for updates on Windows Update, do the following:

  1. Tap on the Windows-key on the keyboard, type Windows Update, and select the result of the same name.
  2. Click on the check for updates link on the page that opens if that is not done automatically.

Updates are also made available on Microsoft's Download Center and through the Microsoft Update Catalog. Microsoft stopped releasing monthly security releases in August 2016 apparently.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP1

KB3212642 -- January, 2017 Security Only Quality Update
KB3212646 -- January, 2017 Security Monthly Quality Rollup

Windows 8.1 and Windows Server 2012 R2

None this month -- January, 2017 Security Only Quality Update
None this month -- January, 2017 Security Monthly Quality Rollup

Windows 10 and Windows Server 2016 (version 1607)
Microsoft Security Updates January 2017
Article Name
Microsoft Security Updates January 2017
The January 2017 overview of Microsoft's Bulletins provides you with detailed information on all bulletins and related information.
Ghacks Technology News

Tutorials & Tips

Previous Post: «
Next Post: «


  1. The Dark Lady said on July 9, 2023 at 11:19 am

    Martin, I would appreciate that you do not censor this post, as it’s informative writing.

    Onur, there is a misleading statement “[…] GIFs are animated images …”. No, obviously you don’t seem to have take much notice of what you were told back in March regarding; Graphics Interchange Format (GIF).

    For example, (if you had read my replies within that thread, you might have learnt something useful). I even mentioned, “GIF intrinsically supports animated images (GIF89a)”.

    You linked to said article, [Related: …] within this article, but have somehow failed to take onboard what support you were given by several more knowledgeable people.

    If you used AI to help write this article, it has failed miserably.

    1. E. Fromme said on September 29, 2023 at 1:32 pm

      EMRE ÇITAK posts are useless because they are fraught with inaccuracies and are irrelevant.

  2. KeZa said on August 17, 2023 at 5:58 pm

    AI is stupid, and it will not get any better if we really know how this all works. Prove me wrong..

  3. Database failure said on August 18, 2023 at 5:21 pm

    Martin, [#comment-4569908] is only meant to be in: []. Whereas it appears duplicated in several recent random low-quality non relevant articles.

    Obviously it [#comment-4569908] was posted: 9 July 2023. Long before this thread even existed… your database is falling over. Those comments are supposed to have unique ID values. It shouldn’t be possible to duplicate the post ID, if the database had referential integrity.

  4. Howard Pearce said on August 25, 2023 at 12:24 pm

    Don’t tell me!

    Ghacks wants the state to step in for STATE-MANDATED associations to save jobs!!!

    Bring in the dictatorship!!!

    And screw Rreedom of Association – too radical for Ghacks maybe

  5. Howard Allan Pearce said on September 7, 2023 at 9:13 am

    GateKeeper ?

    That’s called “appointing” businesses to do the state’s dirty work!!!!!

    But the article says itself that those appointed were not happy – implying they had not choice!!!!!!

    1. Howard Allan Pearce Jones said on October 1, 2023 at 4:28 am

      Rreedom of Association is one of our most important rights. Some people think it’s Freedom, but no, I say Rreedom is far more important. There are many STATE-MANDATED associations that save jobs, that’s right MANDATED. I can’t name any of them, but rest assured they are bad, because saving jobs are bad, and people having jobs leads to dictatorship!!! Anyone who disagrees is too radical for Ghacks maybe, because I’m not sure.

  6. owl said on September 7, 2023 at 9:50 am

    @The Dark Lady,
    @Database failure,
    @Howard Pearce,
    @Howard Allan Pearce,

    Note: I replaced the quoted URI scheme: https:// with “>>” and posted.

    The current is owned by “Softonic International S.A.” (sold by Martin in October 2019), and due to the fate of M&A, has changed in quality.
    Many Authors of bloggers and advertisers certified by Softonic have joined the site, and the site is full of articles aimed at advertising and clickbait.
    As it stands, except for articles by Martin Brinkmann, Mike Turcotte, and Ashwin, they are low quality, unhelpful, and even vicious. It is better not to read those articles.
    How to display only articles by a specific author:
    Added line to My filters in uBlock Origin:,.home-posts,.home-category-post:not(:has-text(/Martin Brinkmann|Mike Turcotte|Ashwin/))

    By the way, if you use an RSS reader, you can track exactly where your comments are (I’m an iPad user, so I use “Feedly Classic”, but for Windows I prefer the desktop app “RSS Guard”).
    RSS Guard: Feed reader which supports RSS/ATOM/JSON and many web-based feed services.

  7. Anonymous said on September 14, 2023 at 6:41 pm

    We all live in digital surveillance glass houses under scrutiny of evil people because of people like Musk. It’s only fair that he takes his turn.

  8. Anonymous said on September 18, 2023 at 1:31 pm

    “Operating systems will be required to let the user choose the browser, virtual assistant and search engine of their choice. Microsoft cannot force users to use Bing or Edge. Apple will have to open up its iOS operating system to allow third-party app stores, aka allow sideloading of apps. Google, on the other hand, will need to provide users with the ability to uninstall preloaded apps (bloatware) from Android devices. Online services will need to allow users to unsubscribe from their platform easily. Gatekeepers need to provide interoperability with third-parties that offer similar services.”

    Wonderful ! Let’s hope they’ll comply with that law more than they are doing with the GDPR.

  9. sean conner said on September 27, 2023 at 6:21 am
  10. Sherry Grant said on September 29, 2023 at 7:47 pm

    What does this article about Musk/Tesla have to do with computing, devices, phones?
    More irelevant filler.

  11. Anonymous said on September 29, 2023 at 8:47 pm

    yeah sure… they are always the victims and it is only against them ????

    Believe them 100% and never question anything. This lawsuit sounds like the type you heard when people were eating batteries.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.