Microsoft released security updates for the company's Windows operating system, and other company products on the October 2017 Patch Tuesday.
Our monthly series provides you with information on Microsoft's Patch Day. It features an overview of all security and non-security updates that Microsoft released since the last Patch day in September 2017.
The monthly guide lists how different versions of Windows -- client and server -- and Microsoft's browsers Edge and Internet Explorer are affected. It features links to resources, direct download links for cumulative Windows updates, new and updated security advisories, and information on how to download the updates to Windows machines.
You can download the following Excel spreadsheet if you want a list of all security updates for all Microsoft products that the company released since the September 2017 Patch Tuesday.
Click on the following link to download the basic Excel spreadsheet to your device: Security-Updates-Microsoft-Windows-October-2017.zip
Click on this link to download the full (with all details) Excel spreadsheet instead: october-2017-full-updates-security-windows.zip
Operating System Distribution
Windows Server products:
Other Microsoft Products
KB4041676 -- Windows 10 Version 1703
KB4041691 -- Windows 10 Version 1607 and Windows Server 2016
KB4041689 -- Windows 10 Version 1511 -- End of Support after this update.
KB4042895 -- Windows 10 RTM
KB4040685 -- Cumulative Security Update for Internet Explorer -- The fixes are included in the Security Monthly Quality Rollup.
KB4041671 -- Security Update for Windows Server 2008 -- Patches information disclosure vulnerability that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass.
KB4041679 -- 2017-10 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012.
KB4041681 -- 2017-10 Security Monthly Quality Rollup for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2
KB4041683 -- 2017-10 Security Update for Adobe Flash Player for Windows 10 Version 1607, Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows Embedded 8 Standard, and Windows Server 2012
KB4041690 -- 2017-10 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012
KB4041944 -- Security Update for Windows Server 2008
KB4041995 -- Security Update for Windows Server 2008 and Windows XP Embedded
KB4042007 -- Security Update for Windows Server 2008 and Windows XP Embedded
KB4042050 -- Security Update for Windows Server 2008
KB4042067 -- Security Update for Windows Server 2008 and Windows XP Embedded
KB4042120 -- Security Update for Windows Server 2008 and Windows XP Embedded
KB4042121 -- Security Update for Windows Server 2008 and Windows XP Embedded
KB4042122 -- Security Update for Windows Server 2008 and Windows XP Embedded
KB4042123 -- Security Update for Windows Server 2008
KB4042723 -- Security Update for Windows Server 2008 and Windows XP Embedded
ADV170012 | Vulnerability in TPM could allow Security Feature Bypass - A security vulnerability exists in certain Trusted Platform Module (TPM) chipsets. The vulnerability weakens key strength. It is important to note that this is a firmware vulnerability, and not a vulnerability in the operating system or a specific application. After you have installed software and/or firmware updates, you will need to re-enroll in any security services you are running to remediate those services.
ADV170013 | September 2017 Flash Security Update
ADV170014 | Optional Windows NTLM SSO authentication changes -- Microsoft is releasing an optional security enhancement to NT LAN Manager (NTLM), limiting which network resources various clients in the Windows 10 or the Windows Server 2016 operating systems can use NTLM Single Sign On(SSO) as an authentication method. When you deploy the new security enhancement with a Network Isolation Policy defining your organization's resources, attackers can no longer redirect a user to a malicious resource outside your organization to obtain the NTLM authentication messages.
ADV170015 | Microsoft Office Defense in Depth Update
ADV170016 -- Windows Server 2008 Defense in Depth
ADV170017 | Office Defense in Depth Update
KB4043766 -- 2017-10 Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2
KB4043767 -- 2017-10 Quality Rollup for .NET Framework 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2
KB4043768 -- 2017-10 Quality Rollup for .NET Framework 2.0 on Windows Server 2008
KB4043769 -- 2017-10 Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows Embedded 8 Standard and Windows Server 2012
KB890830 -- Windows Malicious Software Removal Tool - October 201
KB4038801 -- Update for Windows 10 Version 1607 and Windows Server 2016
KB4040724 -- Update for Windows 10 Version 1703
KB4036479 -- Update for Windows 8.1 and Windows Server 2012 R2 -- Eliminate restarts in virtual machine initial configuration in Windows Server 2012 R2
Microsoft Office 2016
Microsoft Office 2013
SharePoint Server 2016
SharePoint Server 2013, Project Server 2013, and SharePoint Foundation 2013
SharePoint Server 2010
The October 2017 security updates are made available via Windows Updates. All client versions of Windows are configured to check for and download important updates automatically.
This is not a real-time check though, and you may run a manual check for updates to get the updates earlier.
As always, create a backup before you update so that you can restore the system to a pre-update state if things go wrong.
You may download the cumulative updates for Windows 10, Windows 8.1 and Windows 7 from Microsoft's Update Catalog website as well. Direct download links are listed below.
Windows 7 SP1 and Windows Server 2008 R2 SP
Windows 8.1 and Windows Server 2012 R2
Windows 10 and Windows Server 2016 (version 1607)
Windows 10 and Windows Server 2016 (version 1703)
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.