Microsoft Security Updates December 2017 release - gHacks Tech News

Microsoft Security Updates December 2017 release

This overview offers information on security updates and non-security updates that Microsoft released for Windows, Office and other company products in December 2017.

The guide is divided into different parts: it starts with an executive summary that highlights the most important bits. This is followed by the operating system distribution which highlights how different versions of Windows are affected this month.

The list of security updates, known issues, security advisories and non-security updates comes next. The last part of the overview links directly to cumulative update downloads for Windows 7, 8.1 and 10 systems, and to resources that you will find useful to look up further information.

Check out the November 2017 Patch Day for information on last month's patches.

Microsoft Security Updates December 2017

You may download the following Excel spreadsheet listing all security updates for all products released in December 2017 by Microsoft. Download it with a click on the following link: windows-security-updates-december-2017.zip

Executive Summary

  • Microsoft released security updates for all versions of Windows the company supports (client and server).
  • No critical updates for Windows, but for IE and Edge.
  • Other Microsoft products with security updates are: Microsoft Office, Microsoft Exchange Server, Microsoft Edge and Internet Explorer.

Operating System Distribution

  • Windows 7: 2 vulnerabilities of which 2 are rated important
  • Windows 8.1: 2 vulnerabilities of which 2 are rated important
  • Windows 10 version 1607: 3 vulnerabilities of which 3 are rated important
  • Windows 10 version 1703: 3 vulnerabilities of which 3 are rated important
  • Windows 10 version 1709: 3 vulnerabilities of which 3 are rated important

Windows Server products

  • Windows Server 2008: 2 vulnerabilities of which 2 are rated important
  • Windows Server 2008 R2: 2 vulnerabilities of which 2 are rated important
  • Windows Server 2012 and 2012 R2: 2 vulnerabilities of which 2 are rated important
  • Windows Server 2016: 3 vulnerabilities of which 3 are rated important

Other Microsoft Products

  • Internet Explorer 11: 13 vulnerabilities,  9 critical, 4 important
  • Microsoft Edge: 13 vulnerabilities, 12 critical, 1 important

Security Updates

KB4054518 -- Windows 7 SP1 and Windows Server 2008 R2 SP1 Monthly Rollup

  • Addresses issue where users of SQL Server Reporting Services may not be able to use the scrollbar in a drop-down list.
  • Addresses additional issues with updated time zone information.
  • Security updates to the Microsoft Scripting Engine and Windows Server.

KB4054521 -- Windows 7 SP1 and Windows Server 2008 R2 SP1 Security Only Update

  • Addresses additional issues with updated time zone information.
  • Security updates to the Microsoft Scripting Engine and Windows Server.

KB4054519 -- Windows 8.1 and Windows Server 2012 R2 Monthly Rollup

  • Addresses issue where users of SQL Server Reporting Services may not be able to use the scrollbar in a drop-down list.
  • Addresses additional issues with updated time zone information.
  • Security updates to the Microsoft Scripting Engine and Windows Server.

KB4054522 -- Windows 8.1 and Windows Server 2012 R2 Security only update

  • Addresses additional issues with updated time zone information.
  • Security updates to the Microsoft Scripting Engine and Windows Server.

KB4054517 -- Cumulative update for Windows 10 Version 1709 to build 16299.125

  • Updates Internet Explorer’s default visibility for the button that launches Microsoft Edge.
  • Addresses issue where Windows Defender Device Guard and Application Control block some applications from running, even in Audit-Only Enforcement Mode.
  • Addresses issue to reset PLC bit on U0/U3 transitions.
  • Addresses issue with personalized Bluetooth devices that don't support bonding.
  • here the touch keyboard doesn’t support the standard layout for 88 languages.
  • Addresses issue where the touch keyboard for a third-party Input Method Editor (IME) has no IME ON/OFF key.
  • Addresses additional issues with updated time zone information.
  • Addresses issue where, when using System Center Virtual Machine
  • Manager (VMM), the user can't copy or clone virtual machines (VM). The error message is "0x80070057- Invalid parameter". This issue affects the VMM UI and PowerShell scripts used for VM cloning and copying.
  • Security updates to the Microsoft Scripting Engine, Microsoft Edge, and Windows Server.

KB4053580 -- Cumulative update for Windows 10 Version 1703 to build 15063.786

  • Updates Internet Explorer’s default visibility for the button that launches Microsoft Edge.
  • Addresses issue where users of SQL Server Reporting Services may not be able to use the scrollbar in a drop-down list.
  • Addresses issue that caused Windows Pro devices on the Current Branch for Business (CBB) to upgrade unexpectedly.
  • Adresses issue where applications may stop responding for customers who have internet or web proxies enabled using PAC script configurations. This is a result of a reentrancy deadlock in WinHTTP.dll.
  • Addresses additional issues with updated time zone information.
  • Security updates to the Microsoft Scripting Engine, Microsoft Edge, and Windows Server.

KB4053579 -- Cumulative update for Windows 10 Version 1607 to build 14393.1944

  • Addresses issue where users of SQL Server Reporting Services may not be able to use the scrollbar in a drop-down list.
  • Addresses additional issues with updated time zone information.
  • Addresses issue where, after you install KB4041688, KB4052231, or KB4048953, the error "CDPUserSvc_XXXX has stopped working" appears. Additionally, this resolves the logging of Event ID 1000 in the Application event log. It notes that svchost.exe_CDPUserSvc_XXXX stopped working and the faulting module name is "cdp.dll".
  • Security updates to the Microsoft Scripting Engine and Microsoft Edge.

KB4053578 -- Cumulative update for Windows 10 Version 1511 to build 10586.1295

  • Addresses additional issues with updated time zone information.
  • Addresses issue that affected some Epson SIDM (Dot Matrix) and TM (POS) printers, which were failing to print on x86-based and x64-based systems. This issue affects KB4048952.
  • Security updates to the Microsoft Scripting Engine, Microsoft Edge, and Windows Server.

KB4052978 -- Cumulative security update for Internet Explorer: December 12, 2017

KB4047170 -- Security Update for Windows Server 2008 -- fixes an information disclosure vulnerability in Windows Media Player.

KB4052303 -- Security Update for Windows Server 2008 and Windows XP Embedded -- fixes Windows RRAS Service remote code execution vulnerability.

KB4053473 -- Security Update for Windows Server 2008 -- fixes information disclosure vulnerability in the its:// protocol handler

KB4053577 -- Security Update for Adobe Flash Player

KB4054520 -- Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4054523 -- Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

Known Issues

None

Security advisories and updates

CVE-2017-11940 -- Microsoft Malware Protection Engine Remote Code Execution Vulnerability

Non-security related updates

KB4055994 -- Dynamic Update for Windows Version 1709 -- Compatibility update for upgrading to and recovering Windows 10 Version 1709

KB4056457 -- Dynamic Update for Windows Version 1709 -- Reliability update for upgrading to Windows 10 Version 1709

KB4051956 -- Update for Windows 8.1, Windows Server 2012 R2, Windows Embedded 8 Standard, Windows Server 2012, Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, Windows Server 2008, and Windows XP Embedded -- Time zone and DST changes in Windows for Northern Cyprus, Sudan, and Tonga

KB890830 -- Windows Malicious Software Removal Tool - December 2017

KB4049068 -- Time zone changes in Windows for Fiji

Microsoft Office Updates

Microsoft released non-security updates for Microsoft Office on December 6, 2017. You can check out our overview here.

KB4011095 -- Office 2016 -- This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

KB4011575 -- Word 2016 -- Resolves issue described in 4011575. Includes a list of improvements on top of that:

  • This update improves the performance for style properties in VBA in Word 2016.
  • When you save a document in Track Changes mode, some text is lost from the document.
  • The line spacing is displayed incorrectly when you use OpenType (*.otf) fonts in Word 2016.
  • You cannot set the paragraph ID for the first paragraph in a text box through Word VBA.
  • The text in a cell overlaps after you adjust the width of the column in a table.
  • When you try to activate an OLE object in Word 2016, the object is unexpectedly activated in a newly opened application.
  • When you create and edit a document that's based on a template that’s located in the Temporary Internet Files folder and then print the document, the trust bar reappears unexpectedly. When you click Enable Editing again, Word crashes.
  • Horizontal lines disappear in Word 2016 when you change the zoom level.
  • When you save a right-to-left Word document as a PDF or XPS file, the line numbers are on the left side of the text instead of the right side.
  • Word 2016 crashes when you open a binary document (*.doc) that contains a Horizontal Line shape.
  • The Arabic decimal separator is displayed as a comma character instead of a period character when you use a Hindi numeral in Office 2016 applications.
  • Word 2016 crashes after you use the navigation pane when the Word application is embedded as an OLE object in another application.
  • Word 2016 crashes when you try to change the grammar options for a legacy grammar checker in Office 2016.

KB4011277 -- Office 2013 -- Same as 4011575.

KB4011590 -- Word 2013 -- Same as 4011575

KB4011612 -- Office 2010 -- Same as 4011575

KB4011614 -- Word 2010 -- Same as 4011575

KB4011608 -- Word 2007 -- Same as 4011575

KB4011576 -- SharePoint Server 2016 -- Fixes an elevation of privileges vulnerability in SharePoint server.

KB4011578 -- SharePoint Enterprise Sever 2016 -- Features translation improvements, and improvements to the SharePoint Health Analyzer algorithm.

KB4011587 -- Office Web Apps Server 2013

  • Assume that you have inserted the SaveDate field through Quick Parts in a Word document. In this situation, when you view the document in Word Online Viewer, the SaveDate field reports the current server time instead of the last time that the document was saved.
  • When you view documents and then click the hyperlinks that contain certain characters (such as Hebrew and Arabic language) in the Word Online Viewer, the hyperlinks don’t work.

KB4011598 -- Project Server 2013 -- Various improvements to tasks, timesheets, and other issues.

KB4011589 -- Cumulative update for Project Server 2013

  • The Microsoft Office 2013 hotfixes are now multilingual. This cumulative update package contains updates for all languages.
  • This cumulative update package includes all the server component packages. Additionally, this cumulative update package updates only those components that are installed on the system.

KB4011601 -- SharePoint Enterprise Server 2013  -- Health Analyzer improvements.

KB4011582 -- SharePoint Enterprise Server 2013  -- Lots of fixes and improvements.

KB4011596 -- SharePoint Foundation 2013  -- Lots of fixes and improvements.

KB4011588 -- Cumulative update for SharePoint Foundation 2013 -- Same as KB4011589.

KB4011593 -- Cumulative update for SharePoint Server 2013 -- Same as KB4011589.

How to download and install the December 2017 security updates

windows updates december 2017 security

The security updates are released as individual or cumulative updates by Microsoft. All security updates that apply to a specific version of Windows are offered through Windows Updates on most home systems.

Windows is set up by default to download and install important updates such as security updates automatically.

You can run a manual check for updates to speed up the process:

  1. Tap on the Windows-key to bring up Start.
  2. Type Windows Update and select the item from the list of search results.
  3. Click on check for updates if Windows does not do so automatically when the Windows Update page opens.
  4. Updates are either installed automatically or on user request then.

Here are direct download links to cumulative updates for 32-bit and 64-bit versions of Windows 7, Windows 8.1 and Windows 10 (all supported versions).

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4054518 -- 2017-12 Security Monthly Quality Rollup for Windows 7 for x86-based Systems
  • KB4054521 -- 2017-12 Security Only Quality Update for Windows Embedded Standard 7 for x64-based Systems

Windows 8.1 and Windows Server 2012 R2

  • KB4054519 -- 2017-12 Security Monthly Quality Rollup for Windows 8.1 for x86-based Systems

  •  KB4054522 -- 2017-12 Security Only Quality Update for Windows 8.1 for x86-based Systems

Windows 10  (version 151)

  • KB4053578 -- Cumulative update for Windows 10 Version 1511

Windows 10 and Windows Server 2016 (version 1607)

  • KB4053579-- 2017-12  Cumulative Update for Windows 10 Version 1607 and Windows Server 2016

Windows 10 (version 1703)

  • KB4053580 -- 2017-12 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  • KB4054517 -- 2017-12 Cumulative Update for Windows 10 Version 1709

Additional resources

Summary
Microsoft Security Updates December 2017 release
Article Name
Microsoft Security Updates December 2017 release
Description
Microsoft Security Updates December 2017 release provides you with a detailed overview of all security and non-security updates that Microsoft released for Windows in December 2017.
Author
Publisher
Ghacks Technology News
Logo

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

  1. Sir Pixelot said on December 12, 2017 at 8:06 pm
    Reply

    While updating, I noticed that Windows Defender definition updates are now showing as “Windows Defender Antivirus” in my Windows 8.1 PC update history. I guess Windows Defender in Windows 8.1 and Windows 10 uses the same engine/definitions.

  2. ecsjjgg said on December 12, 2017 at 10:58 pm
    Reply

    My main Windows 10 1709 computer reports that the installation failed for KB4054517, but winver shows OS Build 16299.125, so I guess it’s alright anyway… the error code is: 0x80070643

    1. pk said on December 13, 2017 at 2:13 pm
      Reply

      My W10 system lists failed install for KB4054517 but event logs show it as successful, winver shows 16299.125, when I check to uninstall, it shows it has been installed, yet lists it as failed. Debating removing it and manually installing it again.

  3. BB3 said on December 12, 2017 at 11:05 pm
    Reply

    My 12/17 updates completed ok but the malicious software removal tool for 11/17 is still listed along with the 12/17 msrt. Is this something new?

    1. Jody Thornton said on December 13, 2017 at 4:15 pm
      Reply

      If you don’t run the tool or hide it, I think it still shows up. I hope that’s the case.

  4. Chris said on December 13, 2017 at 4:36 pm
    Reply

    any idea why the security updates spreadsheet shows the severity as important but the descriptions on Microsoft shows critical?

    2017-12 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB4054520)

    Locale: All
    Deployment: Important/Automatic Updates, WSUS, and Catalog
    Classification: Security Updates
    Security severity rating: Critical
    Supersedes: KB4050945 on Windows Embedded 8 Standard and Windows Server 2012
    Target platforms: Windows Embedded 8 Standard and Windows Server 2012
    Approximate file sizes:
    2017-12 Security Monthly Quality Rollup for Windows Embedded 8 Standard/Windows Server 2012 x64 update: ~ 190812KB
    2017-12 Security Monthly Quality Rollup for Windows Embedded 8 Standard for x86-based Systems update: ~ 119746KB

    Description:
    A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article. After you install this update, you may have to restart your system.
    http://support.microsoft.com/help/4054520

    1. Martin Brinkmann said on December 13, 2017 at 8:16 pm
      Reply

      That’s a good question. I cannot say unfortunately. Maybe it is a copy/paste error, would not be the first.

  5. Dave said on December 13, 2017 at 5:57 pm
    Reply

    Why does every monthly rollup have to scramble my start menu tiles? :(

  6. Bored said on December 13, 2017 at 6:03 pm
    Reply

    WIN7x64 – kb4054521 > critical error 1603 at the installation, then NO NETWORK, NO INTERNET CONNEXION ANYMORE. Forced to reinstall a backup.

    1. Belga said on December 13, 2017 at 6:49 pm
      Reply

      @ Bored
      Why KB4054521 and not KB4054518 (version x64) ?
      No problem with the last here.

      1. Anonymous said on December 13, 2017 at 7:17 pm
        Reply

        Because I use WSUS with Security Only Quality Update for Windows x64 checked. I tried with the KB4054521 downloaded using the link from the Microsoft server, same error, same punition.

  7. Angela said on December 13, 2017 at 6:13 pm
    Reply

    anyone found a way how to update professional version 1511 (November) with security patches, which are available only for Enterprise version?

    can’t update to 1607 or 1703, have to stay with 1511 due to compatibility

    thanks

  8. AJ North said on December 18, 2017 at 5:57 pm
    Reply

    Those who install the Security Only Quality Updates for Windows 7 & 8.1 instead of the Security Monthly Quality Rollups must also install the [separate] monthly Internet Explorer 11 Cumulative Security Update.

    A comprehensive up-to-date list with download links for both sets of updates (x32 & x64 systems) can be found at:
    https://www.askwoody.com/forums/topic/2000003-ongoing-list-of-group-b-monthly-updates-for-win7-and-8-1/ .

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.