Microsoft Security Updates September 2017 release

Martin Brinkmann
Sep 12, 2017
Updated • Jan 4, 2018
Companies, Microsoft, Windows Updates
|
41

Security updates for all supported versions of Microsoft Windows and other Microsoft products have been released on September 12, 2017.

This guide offers extensive information on the release; important to get a clearer picture on what has been released this month, and how the updates should be deployed.

It begins with an executive summary that lists the most important facts about the guide. What follows is the distribution of operating systems -- by client and server versions of Windows -- and other Microsoft products.

All security updates, security advisories, and non-security updates are listed afterwards. Each links to a Microsoft support page to look up information that Microsoft published on the particular update.

The last part of the guide links to direct security update downloads for Windows, and offers additional resource links that you may follow.

Check out the August 2017 Patch day if you missed it.

Microsoft Security Updates September 2017

Download the following Excel spreadsheet that lists all security updates and detailed information released by Microsoft since the August 2017 Patch Day.

Click on the following link to download the -- zipped -- spreadsheet to your local system: microsoft-Security-Updates-september-2017.zip

Executive Summary

  • Microsoft released security patches for all versions of Windows.
  • Security updates were also released for Internet Explorer, Microsoft Edge, Microsoft Office, Skype for Business and Lync, Microsoft Exchange Server, Adobe Flash Player, and the .Net Framework.

Operating System Distribution

  • Windows 7:  22 vulnerabilities of which 3 are rated critical, 19 important
  • Windows 8.1: 26 vulnerabilities of which 4 are rated critical, 22 important
  • Windows 10 version 1703: 25 vulnerabilities of which 2 are rated critical, 23 important

Windows Server products:

  • Windows Server 2008 R2: 23  vulnerabilities, of which 3 are rated critical, 20 important
  • Windows Server 2012 and 2012 R2: 26 vulnerabilities, of which 4 are rated critical 21 important and 1 moderate
  • Windows Server 2016: 28 vulnerabilities of which 2 are rated critical, 26 important

Other Microsoft Products

  • Internet Explorer 11: 7  vulnerabilities, 5 critical, 2 important
  • Microsoft Edge: 28 vulnerabilities, 19 critical,  7 important, 2 moderate

Security Updates

KB4038788 -- Windows 10 Version 1703

  • Addressed issue where the color profiles do not revert to the user-specified settings after playing a full-screen game.
  • Updated HDR feature to be turned off by default in the OS.
  • Addressed issue where you can't open the Start menu when you add a third-party IME.
  • Addressed issue with scanners that rely on inbox driver support.
  • Addressed issue in a Mobile Device Manager Enterprise feature to allow headsets to work correctly.
  • Addressed issue where some machines fail to load wireless WAN devices when they resume from Sleep.
  • Addressed issue where Windows Error Reporting doesn't clean up temporary files when there is a redirection on a folder.
  • Addressed issue where revoking a certificate associated with a disabled user account in the CA management console fails. The error is "The user name or password is incorrect.
  • 0x8007052e (WIN32: 1326 ERROR_LOGON_FAILURE)”.
  • Addressed issue where LSASS is leaking large amounts of memory.
  • Addressed issue where enabling encryption using syskey.exe renders the system unbootable.
  • Updated the BitLocker.psm1 PowerShell script to not log passwords when logging is enabled.
  • Addressed issue where saving a credential with an empty password to Credential Manager causes the system to crash when attempting to use that credential.
  • Updates to Internet Explorer 11’s navigation bar with search box.
  • Addressed issue in Internet Explorer where undo is broken if character conversion is canceled using IME.
  • Addressed issue with the EMIE where Microsoft Edge and Internet Explorer repeatedly switched between each other.
  • Addressed issue where a device may stop responding for several minutes and then stop working with error 0x9F (SYSTEM_POWER_STATE_FAILURE) when a USB network adapter is attached.
  • Addressed issue where some apps cannot be opened because the IPHlpSvc service stops responding during the Windows boot procedure.
  • Addressed issue where spoolsv.exe stops working.
  • Addressed issue where the Get-AuthenticodeSignature cmdlet does not list TimeStamperCertificate even though the file is time stamped.
  • Addressed issue where, after upgrading to Windows 10, users may experience long delays when running applications hosted on Windows Server 2008 SP2.
  • Addressed RemoteApp display issues that occur when you minimize and restore a RemoteApp to full-screen mode.
  • Addressed issue that sometimes causes Windows File Explorer to stop responding and causes the system to stop working.
  • Addressed issue that causes the Export-StartLayout cmdlet to fail when exporting the layout of tiles at startup.
  • Addressed issue where the option to join Azure AAD is sometimes unavailable during the out-of-box experience.
  • Addressed issue where clicking the buttons on Windows Action Center notifications results in no action being taken.
  • Re-release of MS16-087- Security update for Windows print spooler components.
  • Security updates to Microsoft Graphics Component, Windows kernel-mode drivers, Windows shell, Microsoft Uniscribe, Microsoft Edge, Device Guard, Windows TPM, Internet Explorer, Microsoft Scripting Engine, Windows Hyper-V, Windows kernel, and Windows Virtualization.

KB4038792 -- Windows 8.1 and Windows Server 2012 R2 Monthly Rollup

  • Updates to Internet Explorer 11’s navigation bar with search box.
  • Addressed issue in Internet Explorer where undo is broken if character conversion is canceled using IME.
  • Addressed issue in Internet Explorer where graphics render incorrectly.
  • Addressed issue in Internet Explorer where the Delete key functioned improperly.
  • and all updates of KB4038793

KB4038793 -- Windows 8.1 and Windows Server 2012 R2 Security-only update

  • Re-release of MS16-087- Security update for Windows print spooler components.
  • Security updates to Microsoft Graphics Component, Windows kernel-mode drivers, Windows shell, Microsoft Uniscribe, Microsoft Windows PDF Library, Windows TPM, Windows Hyper-V, Windows kernel, and the Windows DHCP Server.

KB4038799 -- 2017-09 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

  • Same as KB4038793

KB4038786 -- 2017-09 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

  • Same as KB4038793

KB4038777 -- Windows 7 SP1 and Windows Server 2008 R2 SP1 Monthly Rollup

  • Updates to Internet Explorer 11’s navigation bar with search box.
  • Addressed issue in Internet Explorer where undo is broken if character conversion is canceled using IME.
  • Addressed issue in Internet Explorer where graphics render incorrectly.
  • Addressed issue in Internet Explorer where the Delete key functioned improperly.
  • and all updates of KB4038779

KB4038779 -- Windows 7 SP1 and Windows Server 2008 R2 SP1 Security-only Update

  • Addressed issue where applications that have LDAP referral chasing options enabled use a TCP dynamic port connection that doesn’t close until the applications close or the calling OS restarts. With sufficient time and volume, these applications may completely consume all TCP dynamic ports. If that occurs, network communications will fail for any protocol or operation that uses dynamic ports. This issue was introduced by the July and August 2017 cumulative updates starting with KB4025337 and KB4025341.
  • Re-release of MS16-087- Security update for Windows print spooler components.
  • Security updates to Microsoft Graphics Component, Windows kernel-mode drivers, Windows shell, Windows Hyper-V, Windows kernel, and Windows Virtualization.

KB4036586 -- Cumulative security update for Internet Explorer

KB3170455 -- Security Update for Windows Server 2008 -- security update for Windows print spooler components (July 2016, re-release September 2017)

KB4032201 -- Security update for the Windows kernel information disclosure vulnerability in Windows Server 2008 -- An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory.

  • Note: You need to re-install the update after you install language packs on the system.

KB4034786 -- Security Update for Windows Server 2008 -- Security update for the Microsoft Bluetooth driver spoofing vulnerability in Windows Server 2008.

  • Note: You need to re-install the update after you install language packs on the system.

KB4038806 -- 2017-09 Security Update for Adobe Flash Player for Windows 10 Version 1607, Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows Embedded 8 Standard, and Windows Server 2012

KB4038874 -- Security Update for Windows Server 2008 -- Security update for the Windows Kernel information disclosure vulnerability in Windows Server 2008.

  • Note: You need to re-install the update after you install language packs on the system.

KB4039038 -- Security Update for Windows Server 2008 -- Security update for the information disclosure vulnerability in Windows Server 2008

  • Note: You need to re-install the update after you install language packs on the system.

KB4039266 -- Security Update for Windows Server 2008 -- Security update for the Windows shell remote code execution vulnerability in Windows Server 2008

  • Note: You need to re-install the update after you install language packs on the system.

KB4039325 -- Security Update for Windows Server 2008 -- No information yet

KB4039384 -- Security Update for Windows Server 2008 and Windows XP Embedded -- Security update for the Windows Uniscribe vulnerabilities in Windows Server 2008

  • Note: You need to re-install the update after you install language packs on the system.

KB4041083 -- 2017-09 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4041084 -- 2017-09 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows Embedded 8 Standard and Windows Server 2012

KB4041085 -- 2017-09 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4041086 -- 2017-09 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4041090 -- 2017-09 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4041091 -- 2017-09 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows Embedded 8 Standard and Windows Server 2012

KB4041092 -- 2017-09 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows 8.1 and Windows Server 2012 R2

KB4041093 -- 2017-09 Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4038781 -- 2017-09 Dynamic Cumulative Update for Windows 10 Version 1607

KB4038783 -- 2017-09 Dynamic Cumulative Update for Windows 10 Version 1511

KB4038788 -- 2017-09 Cumulative Update for Windows 10 Version 1607 and Windows 10

KB3203474 -- Security update for Office 2016: September 12, 2017

  • This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

KB3213551 -- Security update for Office 2016: September 12, 2017

  • Same as KB3203474

KB4011050 -- Excel 2016 Security Update September 12, 2017

  • Same as KB3203474
  • Also includes large list of non-security improvements that improve performance and fix crashes among other things.

KB3213564 -- Security update for Office 2013: September 12, 2017

  • Same as KB3203474

KB3213638, KB3213631, KB3213626  -- Security update for Office 2010: September 12, 2017

  • Same as KB3203474

Known Issues

KB4038788

  • Installing KB4034674 may change Czech and Arabic languages to English for Microsoft Edge and other applications.
    • No workaround yet.

KB4038792 and KB4038793

  • NPS authentication may break, and wireless clients may fail to connect.
    • Workaround: Set SYSTEM\CurrentControlSet\Services\RasMan\PPP\EAP\13\DisableEndEntityClientCertCheck to value 0.
  • Japanese IME may hang in certain scenarios.

Security advisories and updates

ADV170015 -- Microsoft Office Defense in Depth Update

KB4025398 -- Security Update for WES09 and POSReady 2009 -- Fixes an information disclosure vulnerability in the Windows System Information Console.

Non-security related updates

KB3186568 -- Microsoft .NET Framework 4.7 for Windows 10

KB3186607 -- Microsoft .NET Framework 4.7 Language Packs for Windows 10

KB4039111 -- Update for WEPOS and POSReady 2009

KB4039556 -- 2017-09 Dynamic Update for Windows 10 Version 1607

KB890830 -- Windows Malicious Software Removal Tool for Windows - September 2017

KB4038921 -- Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7 on Windows Embedded 8 Standard and Windows Server 2012

KB4038922 -- Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7 on Windows 8.1 and Windows Server 2012 R2

KB4038923 -- Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7 on Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4035036 -- August, 2017 Preview of Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4035037 -- August, 2017 Preview of Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows Embedded 8 Standard and Windows Server 2012

KB4035038 -- August, 2017 Preview of Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4035039 -- August, 2017 Preview of Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4019276 -- Update for Windows Server 2008 -- Adds support for TLS 1.1 and TLS 1.2.

KB4036162 -- Update for Windows Server 2008 -- Fixes a crash in WordPad.

KB4037616 -- Update for Windows Server 2008 -- Fixes a crash in spoolsv.exe.

KB4022633 -- 2017-05 Update for Windows 10 Version 1511 -- OOBE update for Windows 10 Version 1511

How to download and install the September 2017 security updates

windows security updates september 2017

Suggestion: Windows updates may backfire; they may introduce issues or even block the PC from booting or functioning properly. I suggest you create a backup of the system before you install updates.

Windows PCs are configured to download and install important updates -- like security updates -- automatically. This is not a real-time process though, and you may want to run a manual check for updates at times, or download updates manually to install them without direct connection to Microsoft's servers.

You may run a manual check for updates on Windows in the following way:

  • Select the Windows-key on the keyboard, type Windows Update, and select the Enter-key.
  • Windows may run a check automatically when the page opens, or after you click on the "check for updates" link or button.
  • Updates may be downloaded automatically if they are found, or only after you accept them.

You may download updates directly from Microsoft's Update Catalog website as well. The links are listed below:

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4038777 -- 2017-09 Security Monthly Quality Rollup for Windows 7 for x86-based Systems
  • KB4038779 -- 2017-09 Security Only Quality Update for Windows Embedded Standard 7 for x64-based Systems

Windows 8.1 and Windows Server 2012 R2

  • KB4038792 -- 2017-09 Security Monthly Quality Rollup for Windows 8.1 for x86-based Systems
  • KB4038793 -- 2017-09 Security Only Quality Update for Windows 8.1 for x86-based Systems

Windows 10 and Windows Server 2016 (version 1703)

  • KB4038788 -- 2017-09 Cumulative Update for Windows 10 Version 1703

Additional resources

Summary
Microsoft Security Updates September 2017 release
Article Name
Microsoft Security Updates September 2017 release
Description
Security updates for all supported versions of Microsoft Windows and other Microsoft products have been released on September 12, 2017.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. The Dark Lady said on July 9, 2023 at 11:19 am
    Reply

    Martin, I would appreciate that you do not censor this post, as it’s informative writing.

    Onur, there is a misleading statement “[…] GIFs are animated images …”. No, obviously you don’t seem to have take much notice of what you were told back in March regarding; Graphics Interchange Format (GIF).

    For example, https://www.ghacks.net/2023/03/31/whats-gif-explanation-and-how-to-use-it/#comment-4562919 (if you had read my replies within that thread, you might have learnt something useful). I even mentioned, “GIF intrinsically supports animated images (GIF89a)”.

    You linked to said article, [Related: …] within this article, but have somehow failed to take onboard what support you were given by several more knowledgeable people.

    If you used AI to help write this article, it has failed miserably.

  2. KeZa said on August 17, 2023 at 5:58 pm
    Reply

    AI is stupid, and it will not get any better if we really know how this all works. Prove me wrong.. https://www.youtube.com/watch?v=4IYl1sTIOHI

  3. Database failure said on August 18, 2023 at 5:21 pm
    Reply

    Martin, [#comment-4569908] is only meant to be in: [https://www.ghacks.net/2023/07/09/how-to-send-gifs-on-iphone-two-different-ways/]. Whereas it appears duplicated in several recent random low-quality non relevant articles.

    Obviously it [#comment-4569908] was posted: 9 July 2023. Long before this thread even existed… your database is falling over. Those comments are supposed to have unique ID values. It shouldn’t be possible to duplicate the post ID, if the database had referential integrity.

  4. Howard Pearce said on August 25, 2023 at 12:24 pm
    Reply

    Don’t tell me!

    Ghacks wants the state to step in for STATE-MANDATED associations to save jobs!!!

    Bring in the dictatorship!!!

    And screw Rreedom of Association – too radical for Ghacks maybe

  5. Howard Allan Pearce said on September 7, 2023 at 9:13 am
    Reply

    GateKeeper ?

    That’s called “appointing” businesses to do the state’s dirty work!!!!!

    But the article says itself that those appointed were not happy – implying they had not choice!!!!!!

  6. owl said on September 7, 2023 at 9:50 am
    Reply

    @The Dark Lady,
    @KeZa,
    @Database failure,
    @Howard Pearce,
    @Howard Allan Pearce,

    Note: I replaced the quoted URI scheme: https:// with “>>” and posted.

    The current ghacks.net is owned by “Softonic International S.A.” (sold by Martin in October 2019), and due to the fate of M&A, ghacks.net has changed in quality.
    >> ghacks.net/2023/09/02/microsoft-is-removing-wordpad-from-windows/#comment-4573130
    Many Authors of bloggers and advertisers certified by Softonic have joined the site, and the site is full of articles aimed at advertising and clickbait.
    >> ghacks.net/2023/08/31/in-windows-11-the-line-between-legitimate-and-adware-becomes-increasingly-blurred/#comment-4573117
    As it stands, except for articles by Martin Brinkmann, Mike Turcotte, and Ashwin, they are low quality, unhelpful, and even vicious. It is better not to read those articles.
    How to display only articles by a specific author:
    Added line to My filters in uBlock Origin: ghacks.net##.hentry,.home-posts,.home-category-post:not(:has-text(/Martin Brinkmann|Mike Turcotte|Ashwin/))
    >> ghacks.net/2023/09/01/windows-11-development-overview-of-the-august-2023-changes/#comment-4573033

    By the way, if you use an RSS reader, you can track exactly where your comments are (I’m an iPad user, so I use “Feedly Classic”, but for Windows I prefer the desktop app “RSS Guard”).
    RSS Guard: Feed reader which supports RSS/ATOM/JSON and many web-based feed services.
    >> github.com/martinrotter/rssguard#readme

  7. Anonymous said on September 14, 2023 at 6:41 pm
    Reply

    We all live in digital surveillance glass houses under scrutiny of evil people because of people like Musk. It’s only fair that he takes his turn.

  8. Anonymous said on September 18, 2023 at 1:31 pm
    Reply

    “Operating systems will be required to let the user choose the browser, virtual assistant and search engine of their choice. Microsoft cannot force users to use Bing or Edge. Apple will have to open up its iOS operating system to allow third-party app stores, aka allow sideloading of apps. Google, on the other hand, will need to provide users with the ability to uninstall preloaded apps (bloatware) from Android devices. Online services will need to allow users to unsubscribe from their platform easily. Gatekeepers need to provide interoperability with third-parties that offer similar services.”

    Wonderful ! Let’s hope they’ll comply with that law more than they are doing with the GDPR.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.