Microsoft released security updates for all supported versions of Microsoft Windows and other company products on August 8, 2017.
This guide provides you with detailed information on these updates. It lists the products that are affected by vulnerabilities, and starts with an Executive Summary that highlights the most important bits of information.
The operating system and other Microsoft product distribution listing follows which highlights how Windows Client and Server products and other company products are affected this month,
The next part of the guide lists new security advisories, and non-security updates that Microsoft released this month.
You find direct links to cumulative security and monthly rollup updates for Windows 10, Windows 8.1 and Windows 7 (and server variants), and download instructions afterwards.
You can check out the July 2017 Patch day overview for information in case you missed it.
You can download the following Excel spreadsheet which lists all security updates that Microsoft released since the last Patch Tuesday in July.
Just click on the following link to download the spreadsheet to your system: microsoft-security-updates-august-2917-1.zip
Executive Summary
KB4034674 -- August 8, 2017 Cumulative update for Windows 10 Version 1703
KB4034679 -- August 8, 2017 Security only update for Windows 7 SP1 and Windows Server 2008 R2 SP1
KB4034664 -- August 8, 2017 Monthly Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1
Same as KB4034679
KB4034672 -- August 8, 2017 Security only update for Windows 8.1 and Windows Server 2012 R2
KB4034681 -- August 8, 2017 Monthly Rollup for Windows 8.1 and Windows Server 2012 R2
same as KB4034672, plus
None
Microsoft Security Advisory 4038556 -- Guidance for securing applications that host the WebBrowser Control
KB4034335 -- Update for Windows 10 Version 1703 -- Some system applications don't work as expected after you upgrade to Windows 10 Version 1703
KB4035508 -- Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7 on Windows Embedded 8 Standard and Windows Server 2012
KB4035509 -- Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7 on Windows 8.1 and Windows Server 2012 R2
KB4035510 -- Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2
KB4019276 -- Update for Windows Server 2008 -- Update to add support for TLS 1.1 and TLS 1.2 in Windows Server 2008 SP2
KB4032113 -- July, 2017 Preview of Quality Rollup for .NET Framework 3.5.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2
KB4032114 -- July, 2017 Preview of Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.7 on Windows Embedded 8 Standard and Windows Server 2012
KB4032115 -- July, 2017 Preview of Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2
KB4032116 -- July, 2017 Preview of Quality Rollup for .NET Framework 2.0 on Windows Server 2008
KB4033428 -- Update for Windows Server 2012 R2 -- Windows Server 2012 R2 processor generation detection reliability update: July 18, 2017
KB4032188 -- Windows 10 Build 15063.502 update July 31, 2017
PCs that run Windows are configured by default to search for, download, and install security updates automatically.
The check does not happen in real-time though, and you may run a manual check to have the updates for devices picked up as quickly as possible.
Note: it is suggested that you create a backup of your system before you install any update on it.
To run a manual check for updates, do the following:
Windows 7 SP1 and Windows Server 2008 R2 SP
Windows 8.1 and Windows Server 2012 R2
Windows 10 and Windows Server 2016 (version 1703)
Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.
All these updates, curiously still no option to disable telemetry and data theft to microsoft and others. Pass.
The update for version 1607 (Anniversary Update) that bumps up build version to 1593 wipes out update history in settings. Click on update history and it says no updates have been installed. The updates do show in control panel under uninstall updates. Anyone else experience this? Have not uninstalled updates to see if issue persists.
Yes, My updated history was also wiped out. Not sure why this happened….It also turned off the setting to give me updates for other Microsoft products.
Also, for some reason I never get the Creators Update. It just says it’s on the way, and I never bother to run the update manually….
*sigh*
Woody on Windows blog at Computerworld and his site askwoody.com list this as a bug in the KB 4034658 update for version 1607. Uninstalling the update may bring the update history back, but I have not tried that yet. Hopefully MS will issue a fix soon (but not holding my breath). And I still haven’t gotten the Creators Update either, but the mess MS has created, that may be a good thing.
me too ,
Searched this problem just now after installing week of Aug. 8 Cumulative Update and it brought me here. Yes, I see my update history blanked. I, too have been delaying Creators Update. I had a first time fail with this cumulative (like so many earlier this year), despite the fact that the previous two months of all updates performed smoothly.
I have used “latestwu” and “wushowhide” Troubleshooting Pack Cabinets with some success for several months; but I realize “Creators” can only be delayed for so long. Thanks for the discussion here and providing context for this Win10 issue.
Yes happened here also. I’m not sure where you see your updates under control panel under uninstall updates though. I don’t see that on my computer.
Found where you are talking about. Yep I have my all my updates showing under Control panel but no update history in settings. So it appears to me all the updates are still installed, they’re just gone. MS needs to look into this problem. I will not install creator update until all kinks are fixed. Smh
Windows 10 has ~double security hols than Windows 7, each month.
That’s incorrect, the thing is stuff getting changed more frequently which means you need to adjust it.
>> Windows 10 has ~double security hols than Windows 7, each month.
Needs to be noted that Win7 is also a good five years older than Win10. Once you take into account the total, accumulated number of patches that kind of comparison isn’t as valid. Instead of skepticism I just appreciate there are these fixes that continue to get pushed out to us.
Isn’t Microsoft pushing Windows 10 as a more secure OS than Windows 7 ? So far they are failing miserably.
@svim
Getting fixes being pushed to us is something to be expected from company as rich as Microsoft. It’s not like we don’t pay for this OS.
Ikr. And to people who keep saying that 7 is more mature and 10 is new – you’re absolutely wrong. 10 will never be on par with 7 in this regard, simply due to its so much larger attack surface. 10, on top of Win32, has an entire shell that can be exploited. Shell which is not present at all in 7 and considerably smaller in 8.1. And the numbers reflect this like a mirror:
Windows 7: 9 vulnerabilities
Windows 8.1: 11 vulnerabilities
Windows 10 version 1703: 14 vulnerabilities
Windows Server 2008 R2: 10 vulnerabilities
Windows Server 2012 and 2012 R2: 11 vulnerabilities
Windows Server 2016: 12 vulnerabilities
Both on server and client AND server vs client of the same branch.
BS, on what is your stuff based?
Windows 10 has more features but less CVE’s overall than any other OS:
https://www.cvedetails.com/top-50-products.php
Still not ready for the desktop.
Sorry, M$, I’ve tried every version and prior to that, DOS. Guess what? Still sucks. All of it. And parrots paid to defend M$’ crap ware are everywhere on the web. Very sad.
@CHEF-KOCH
Hope they’re (M$) paying you well for this. ^_^
Martin and I get millions to push the products /end of trolling :D
“Microsoft Edge: 28 vulnerabilities, 21 critical, 7 important, 1 moderate”
21+7+1 = 29
Internet Explorer download links: https://www.catalog.update.microsoft.com/Search.aspx?q=KB4034733
Stop bitchin’ and start switchin’
Freedom is one linux install away. Join us.
Nice turn of phrase! (It reminds me of, “Quit yer grinnin’ an’ drop yer linen!”) I started seeing the writing on the wall when Microsoft launched the GWX program. For now, I’m puttering along with Windows 7 and WSUS Offline Update (with the security-updates-only option checked), but I’m trialing a few Linux distros in virtual machines and will make the switch at some point before Windows 7’s end of life on 14 January 2020. Probably a good deal sooner…
I just want to thank Martin and express my appreciation for his work to continuously provide us with this comprehensive bulletin every month – especially with all those links to individual downloads. It makes my Patch Tuesdays so much easier and less stressful.
Many thanks Martin !
Ditto. The spreadsheet is really helpful, too.
First of all, I want to thank you, Martin, for this elaborate explanation of this months Microsoft update.
And may be I should not write this because maybe I am calling the crash ghosts back to a more active live from there not so many total systems crashes sleep who were before ( Think windows 3.1, Windows 93, Windows 95, XP and even Windows 7)?
Before those system crashes were so bad that I had to on a regular base reinstall the complete system with a backup/restore program, but maybe am I wrong?
Are there any statistical figures that Windows 10 is not so much completely crashing anymore in comparison to Windows 7, etc.? And I understand that the technical know how are decades beyond windows 3.1 but when you compare the number of users statistically speaking per 100.000 and even the numbers out how are the figures then?
That is what I am wondering.
Thanks Nadella (Salary US$ 18.2 million (2014), Source: https://en.wikipedia.org/wiki/Satya_Nadella) for the risk, telemetry and for the very user-friendly windows-update service.
My next step is to try out ReactOS (alpha stage), which is a Open Source Windows Replacement:
https://www.reactos.org/
https://sourceforge.net/projects/reactos/
https://github.com/reactos/reactos/pulls
https://twitter.com/reactos
https://en.wikipedia.org/wiki/ReactOS
Screenshots:
https://www.reactos.org/gallery
Changelogs:
https://www.reactos.org/wiki/Changelogs
Download ReactOS 0.4.5:
You can download ReactOS in two different flavors:
– As a Live CD so you can test it without installing into your computer.
– Or as a Boot CD so you can install ReactOS on your PC.
https://www.reactos.org/download
The ultimate goal of ReactOS is to allow you to remove Windows® and install ReactOS without the end user noticing the change:
https://web.archive.org/web/20120920030447/http://www.reactos.org/en/index.html
ReactOS, the Windows XP Alternative:
https://www.ghacks.net/2012/02/12/reactos-the-windows-xp-alternative/
ReactOS: Open source Windows:
https://www.ghacks.net/2008/10/20/reactos-open-source-windows/
The Alternatives to Windows 8:
https://www.ghacks.net/2012/02/13/the-alternatives-to-windows-8/
ReactOS Is a Promising Open Source Windows Replacement:
http://www.linuxinsider.com/story/83578.html
Sadly ReactOS will always remain a clone of XP (NT5-based operating systems) in “alpha stage”. Good luck with that.
mine aswell
Looks like my history is gone and the machines that were updated from this month are not able to report back to WSUS. I am uninstalling KB4034658 right now. I hope this will fix my issue. Anyone got input on this?
This issue has been reported by many. Check out the askwoody web site for details.
Win7x64 SP1 user here. I use WSUS Offline Update with the “security updates only” option enabled to keep my machine up to date. (I simply don’t trust Windows Update anymore, period.) I double-check my security status, before and after, using Belarc Advisor. Funny story:
A friend of mine who uses the same update strategy noticed that the fans on the computer closest to his bedroom were going into high gear in the wee hours of the morning. When that happened to me on my laptop, a few months before Windows 10 was released, it was because of a runaway Microsoft diagnostics utility. (It ended up melting away my thermal compound and burning out my fan, a really fun repair on most laptops, including mine /s.) So I checked, and lo and behold, a whole bunch of Microsoft diagnostics, telemetry, and “customer experience improvement” (or whatever they call it) utilities had been re-enabled, even though we had previously disabled all of them using WPD.
Moral of the story: After every Windows update run, run WPD (or your favorite anti-dickware utility) again and make sure that all of the things you thought had been disabled haven’t been re-enabled (or replaced with new dickware) by Microsoft’s “security-only” updates.
Apart from that, it was a smooth update for both me (who uses LibreOffice) and my friend (who uses MS Office). Belarc gives me a completely clean bill of health, and my friend has a missing security update that WSUS flags as problematic and that supposedly fixes a vulnerability that will never affect him in practice.
I use Belarc frequently as a home user. I love it, but notice there is sometimes a 2-3 day delay after installing a Windows 10 update where Belarc says an update is missing. When Belarc gets around to updating their database, all is well, so their analysis has to be understood in that light.
Well, I’ve definitely noticed that Belarc takes at least a couple of days after Patch Tuesday to incorporate Patch Tuesday updates in Advisor’s database. This August, the Advisor database didn’t get updated until sometime in the afternoon on Thursday, Pacific Time. I’ve had a few positives in Belarc after patching, but they usually involve updates that WSUS has blacklisted because they have problems. And sometimes they’re just false positives. (Over the previous month, I had one “missing” security update that Microsoft itself said yielded false positives after being properly installed.)
At any rate, the delay is not a big deal for me, since I always wait for at least a few days after Patch Tuesday before installing Windows updates, to be able to check out the real-world fallout first. (Windows 7 doesn’t seem to get as many buggy updates as Windows 10 does, but it’s been known to happen.)
Hi, thanks for all your work on this, great site!
Under Security updates section above, where it says:
KB4034681 — August 8, 2017 Monthly Rollup for Windows 8.1 and Windows Server 2012 R2, same as KB4034672, plus ……
Where did you find all the information for the 22 extra bullet points included??
Thanks!
Users are not able to access database after installing August patch of Microsoft. Please suggest. Its urgent