Microsoft Security Updates January 2018 release

Martin Brinkmann
Jan 9, 2018
Updated • Jan 9, 2018
Microsoft, Windows Updates
|
22

Welcome to the first Microsoft Patch Day review of the year 2018. Microsoft released security updates for all supported versions of Windows and other company products on January 9, 2018.

This overview offers information on the release. It covers all security updates and non-security updates that Microsoft released since the last Patch Day in December.

It begins with an executive summary that lists the highlights of this month's Patch Day. The operating system distribution, and the actual patches that Microsoft released follow afterward. If Microsoft published Security Advisories and if there are Known Issues, those are covered as well.

The last part guides you through the downloading and installing of the updates on Windows PCs. You find direct downloads for all cumulative updates and a resource section there.

Check out the December 2017 Patch Day for information on last month’s patches.

Microsoft Security Updates January 2018

The following Excel spreadsheet lists all security updates for all Microsoft products that the company released in January 2018. Download it with a click on the following link: Microsoft-windows-updates-january-2018.zip

Microsoft released an out-of-band update for Windows 10 and other supported versions of Windows on January 4, 2018. Microsoft expects users who use systems with 2015 or older CPUs to see a decrease in performance after installing the patches.

Executive Summary

  • Microsoft released security patches for all supported client and server versions of the Windows operating system.
  • Security updates are also released for Microsoft Edge, Internet Explorer, Microsoft Office, SQL Server, .NET Framework, .NET Core, ASP.NET Core and Adobe Flash
  • No critical updates for any supported version of Windows.
  • Cumulative updates are only distributed to systems who did not install them earlier (released as out-of-bound patches on January 4).

Operating System Distribution

  • Windows 7: 7 vulnerabilities of which 7 are rated important
  • Windows 8.1: 10 vulnerabilities of which 10 are rated important
  • Windows 10 version 1607: 11 vulnerabilities of which 11 are rated important
  • Windows 10 version 1703: 11 vulnerabilities of which 11 are rated important
  • Windows 10 version 1709: 11 vulnerabilities of which 11 are rated important

Windows Server products

  • Windows Server 2008: 7 vulnerabilities of which 7 are rated important
  • Windows Server 2008 R2: 7 vulnerabilities of which 7 are rated important
  • Windows Server 2012 and 2012 R2: 10 vulnerabilities of which 10 are rated important
  • Windows Server 2016: 9 vulnerabilities of which 9 are rated important

Other Microsoft Products

  • Internet Explorer 11: 2 vulnerabilities,  2 critical
  • Microsoft Edge: 17 vulnerabilities, 14 critical, 3 important

Security Updates

KB4054173 -- Security Only Update for .NET Framework 4 on WES09 and POSReady 2009

KB4054178 -- Security Only Update for .NET Framework 2.0 on WES09 and POSReady 2009

KB4055229 -- Security Only Update for .NET Framework 3.0 on WES09 and POSReady 2009

KB4055265 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows Embedded 8 Standard and Windows Server 2012

KB4055266 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4055267 -- Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4055269 -- Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4055270 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows Embedded 8 Standard and Windows Server 2012

KB4055271 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 8.1 and Windows Server 2012 R2

KB4055272 -- Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4055532 -- Security and Quality Rollup for .NET Framework 3.5.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4056888 -- Windows 10 version 1511 cumulative update

  • Security updates to Microsoft Edge, Internet Explorer, Microsoft Scripting Engine, Windows Graphics, Windows Kernel, Windows Datacenter Networking, Windows Virtualization and Kernel, and the Windows SMB Server.

KB4056899 -- Security only Quality Update for Windows Server 2012 and Windows Embedded 8 Standard

KB4056890 -- Windows 10 version 1607 cumulative update

  • Security updates to Microsoft Edge, Internet Explorer, Windows Graphics, Windows Kernel, Windows Datacenter Networking, and Windows SMB Server.

KB4056891 -- Windows 10 version 1703 cumulative update

  • Security updates to Internet Explorer, Microsoft Scripting Engine, Microsoft Edge, Windows Graphics, Windows Kernel, Windows Subsystem for Linux, and the Windows SMB Server.

KB4056892 -- Windows 10 version 1709 cumulative update

  • Addresses issue where event logs stop receiving events when a maximum file size policy is applied to the channel.
  • Addresses issue where printing an Office Online document in Microsoft Edge fails.
  • Addresses issue where the touch keyboard doesn’t support the standard layout for 109 keyboards.
  • Addresses video playback issues in applications such as Microsoft Edge that affect some devices when playing back video on a monitor and a secondary, duplicated display.
  • Addresses issue where Microsoft Edge stops responding for up to 3 seconds while displaying content from a software rendering path.
  • Addresses issue where only 4 TB of memory is shown as available in Task Manager in Windows Server version 1709 when more memory is actually installed, configured, and available.
  • Addresses issue where update installation may stop at 99% and may show elevated CPU or disk utilization. This occurs if a device was reset using the Reset this PC functionality after installing KB4054022.
  • Security updates to Windows SMB Server, the Windows Subsystem for Linux, Windows Kernel, Windows Datacenter Networking, Windows Graphics, Microsoft Edge, Internet Explorer, and the Microsoft Scripting Engine.

KB4056893 -- Windows 10 RTM cumulative update

  • Fixes an excessive memory usage issue with smart cards on a Windows Termina system.
  • Security updates to Windows SMB Server, Windows Kernel, Microsoft Graphics Component, Internet Explorer, and Windows Graphics.

KB4056894 -- Windows 7 SP1 and Windows Server 2008 R2 SP1 Monthly Rollup

  • Security updates to Windows SMB Server, Windows Kernel, Microsoft Graphics Component, Internet Explorer, and Windows Graphics.

KB4056895 -- Windows 8.1 and Windows Server 2012 R2 cumulative update

KB4056568 -- Cumulative security update for Internet Explorer: January 3, 2018

KB4056887 -- Security Update for Adobe Flash Player for Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows Embedded 8 Standard, and Windows Server 2012

Known Issues

  • Incompatibility with some antivirus programs. Workaround is to set a key in the Registry.
    • Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat"Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc"Type="REG_DWORD”Data="0x00000000”
  • Unbootable State issues for some AMD devices. Windows OS updating halted until issue is resolved.

Security advisories and updates

ADV180001 | January 2018 Adobe Flash Security Update

ADV180002 -- Guidance to mitigate speculative execution side-channel vulnerabilities

ADV180003 -- Microsoft Office Defense in Depth Update

Non-security related updates

KB4056868 -- Compatibility update for upgrading to Windows 10 1703

KB4057760 --

KB890830 -- Windows Malicious Software Removal Tool - January 2018

KB4057903 -- Update for Windows Server 2012 R2 for x64-based Systems  -- Hyper-V integration components update for Windows virtual machines

KB4033339 -- Microsoft .NET Framework 4.7.1 Language Packs

KB4033342 -- Microsoft .NET Framework 4.7.1 for Windows 7 and Windows Server 2008 R2

KB4033343 -- Microsoft .NET Framework 4.7.1 Language Packs for Windows Embedded 8 Standard and Windows Server 2012

KB4033345 -- Microsoft .NET Framework 4.7.1 for Windows Embedded 8 Standard and Windows Server 2012

KB4033369 -- Microsoft .NET Framework 4.7.1 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4033393 -- Microsoft .NET Framework 4.7.1 for Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4033417 -- Microsoft .NET Framework 4.7.1 Language Packs for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4033418 -- Microsoft .NET Framework 4.7.1 Language Packs for Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

Microsoft Office Updates

Microsoft released non-security patches for Office on January 3, 2018.

Office 2016

KB4011627 -- This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.  Fixes a (non-security) crash issue in Excel during background error checking when copying sheets between workbooks.

KB4011574 -- Security update for Microsoft Office 2016 fixes eight Common Vulnerabilities and Exposures.

KB4011632 -- This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. Fixes non-security issues.

  • Attachment menus are disabled when you view Information Rights management e-mails.
  • PowerPoint 2016: Missing option to insert online pictures from OneDrive.
  • PowerPoint 2016: When using Insert Online Pictures or Insert Online Video, content is loaded in browser windows.
  • Improves Chinese Simplified and Chinese Traditional translations.

KB4011626 -- This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. Fixes non-security issues in Outlook 2016.

  • Fixes an issue where cancelling one attachment would cancel them all.
  • Some attachments are not removed when forwarding emails that contain inline messages and the "read all mails as plain text" check box is checked.

KB4011643 -- Fixes several vulnerabilities in Microsoft Word 2016.

KB4011622 -- This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.. This update adds a registry key that enables authentication to be proceeded even if the Online Content is disabled.

Office 2013

KB4011639 -- Excel 2013 --  This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

KB4011580 -- Office 2013 -- Same description as KB4011639

KB4011636 -- Office 2013 -- Same description as KB4011639. Fixes the following non-security issues:

  • PowerPoint 2013 -- Same issues as described in KB4011632
  • This update adds support for Office add-ins that are signed by using catalog signatures in Office 2013.
  • Improves Chinese Simplified and Chinese Traditional translation.

KB4011637 -- Outlook 2013 -- Same security description as KB4011626. Fixes the following non-security issues:

  • Third-party MAPI providers may be blocked despite being in the Outlook profile.
  • When you send an email message from Outlook.com to a recipient outside of Office 365, the recipient always gets a winmail.dat attachment in the message.

KB4011651 -- Word 2013 -- Same as KB4011643

Office 2010

KB4011660 -- Excel 2010 -- Same description as KB4011639.

KB4011658 -- Office 2010 -- Resolves vulnerabilities on Office 2010.

KB4011610 -- Office 2010 -- Resolves even more vulnerabilities in Office 2010.

KB4011611 -- Office 2010 -- Same security description as KB4011639.

KB4011273 -- Outlook 2010 -- Same security description as KB4011639. Fixes a non-security issue with third-party MAPI providers.

KB4011659 -- Word 2010 -- Same as KB4011643

Office 2007

KB4011602 -- Excel 2007 -- Same description as KB4011639.

KB4011606 -- Excel Viewer 2007 -- Same description as KB4011639.

KB4011607 -- Microsoft Office Compatibility Pack SP3 -- Fixes several vulnerabilities.

KB4011605 -- Microsoft Office Compatibility Pack SP3 -- Same description as KB4011639.

KB4011201 -- Microsoft Office Suite 2007 -- Same description as KB4011639.

KB4011656 -- Microsoft Office Suite 2007 -- Fixes several vulnerabilities.

KB4011213 -- Outlook 2007 -- Same description as KB4011639.

KB4011657 -- Word 2007 -- Same as KB4011643

KB4011641 -- Word Viewer 2007 -- Same description as KB4011639.

Also, updates for SharePoint Server 2016, 2013, 2010, Project Server 2013 and 2010, and SharePoint Foundation 2013 and 2010.

How to download and install the January 2018 security updates

microsoft windows updates january 2018

We recommend that you back up the system partition before you install any Windows update. This gives you an option to restore the old state of the system if updates cause issues on the system.

Windows users may use Windows Update to download and install the patches, the Microsoft Update Catalog, or third-party programs. Windows Update does not check for updates in real-time. You can run an update check at any time in the following way:

  1. Tap on the Windows-key to bring up the Start menu.
  2. Type Windows Update, and select the result to load the interface.
  3. Windows may run a check for updates automatically, or with a click on the "check for updates" option on the page.
  4. Updates may be downloaded automatically then, or on user request.

Direct update downloads

The following links point to the Microsoft Update Catalog website. You can follow the links to download the updates to the local system.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4056894 — 2018-01 Security Monthly Quality Rollup for Windows 7 for x86-based Systems
  • KB4056897 — 2018-01 Security Only Quality Update for Windows Embedded Standard 7 for x64-based Systems

Windows 8.1 and Windows Server 2012 R2

  • KB4056895 — 2018-01 Security Monthly Quality Rollup for Windows 8.1 for x86-based Systems

  • KB4056898 — 2018-01 Security Only Quality Update for Windows 8.1 for x86-based Systems

Windows 10  (version 1507)

  • KB4056893 — Cumulative update for Windows 10 Version 1511

Windows 10 and Windows Server 2016 (version 1607)

  • KB4056890 — 2018-01 Cumulative Update for Windows 10 Version 1607 and Windows Server 2016

Windows 10 (version 1703)

  • KB4056891 — 2018-01 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  • KB4056892 — 2018-01 Cumulative Update for Windows 10 Version 1709

Additional resources

Now You: How was your updating experience this month?

Summary
Microsoft Security Updates January 2018 release
Article Name
Microsoft Security Updates January 2018 release
Description
Welcome to the first Microsoft Patch Day review of the year 2018. Microsoft released security updates for all supported versions of Windows and other company products on January 9, 2018.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Some Dude said on March 19, 2023 at 11:42 am
    Reply

    Are these articles AI generated?

    Now the duplicates are more obvious.

    1. boris said on March 19, 2023 at 11:48 pm
      Reply

      This is below AI generated crap. It is copy of Microsoft Help website article without any relevant supporting text. Anyway you can find this information on many pages.

  2. Paul(us) said on March 20, 2023 at 1:32 am
    Reply

    Yes, but why post the exact same article under a different title twice on the same day (19 march 2023), by two different writers?
    1.) Excel Keyboard Shortcuts by Trevor Monteiro.
    2.) 70+ Excel Keyboard Shortcuts for Windows by Priyanka Monteiro

    Why oh why?

    1. Clairvaux said on September 6, 2023 at 11:30 am
      Reply

      Yeah. Tell me more about “Priyanka Monteiro”. I’m dying to know. Indian-Portuguese bot ?

  3. John G. said on August 18, 2023 at 4:36 pm
    Reply

    Probably they will announce that the taskbar will be placed at top, right or left, at your will.

    Special event by they is a special crap for us.

  4. yanta said on August 18, 2023 at 11:59 pm
    Reply

    If it’s Microsoft, don’t buy it.
    Better brands at better prices elsewhere.

  5. John G. said on August 20, 2023 at 4:22 am
    Reply

    All new articles have zero count comments. :S

  6. Anonymous said on September 5, 2023 at 7:48 am
    Reply

    WTF? So, If I add one photo to 5 albums, will it count 5x on my storage?
    It does not make any sense… on google photos, we can add photo to multiple albums, and it does not generate any additional space usage

    I have O365 until end of this year, mostly for onedrive and probably will jump into google one

  7. St Albans Digital Printing Inc said on September 5, 2023 at 11:53 am
    Reply

    Photo storage must be kept free because customers chose gadgets just for photos and photos only.

  8. Anonymous said on September 5, 2023 at 12:47 pm
    Reply

    What a nonsense. Does it mean that albums are de facto folders with copies of our pictures?

    1. GG said on September 6, 2023 at 8:24 am
      Reply

      Sounds exactly like the poor coding Microsoft is known for in non-critical areas i.e. non Windows Core/Office Core.

      I imagine a manager gave an employee the task to create the album feature with hardly any time so they just copied the folder feature with some cosmetic changes.

      And now that they discovered what poor management results in do they go back and do the album feature properly?

      Nope, just charge the customer twice.

      Sounds like a go-getter that needs to be promoted for increasing sales and managing underlings “efficiently”, said the next layer of middle management.

  9. d3x said on September 5, 2023 at 7:33 pm
    Reply

    When will those comments get fixed? Was every editor here replaced by AI and no one even works on this site?

  10. Scroogled said on September 5, 2023 at 10:47 pm
    Reply

    Instead of a software company, Microsoft is now a fraud company.

  11. ard said on September 7, 2023 at 4:59 pm
    Reply

    For me this is proof that Microsoft has a back-door option into all accounts in their cloud.
    quote “…… as the MSA key allowed the hacker group access to virtually any cloud account at Microsoft…..”
    unquote

    so this MSA key which is available to MS officers can give access to all accounts in MS cloud.This is the backdoor that MS has into the cloud accounts. Lucky I never got any relevant files of mine in their (MS) cloud.

  12. Andy Prough said on September 7, 2023 at 6:52 pm
    Reply

    >”Now You: what is your theory?”

    That someone handed an employee a briefcase full of cash and the employee allowed them access to all their accounts and systems.

    Anything that requires 5-10 different coincidences to happen is highly unlikely. Occam’s razor.

  13. TelV said on September 8, 2023 at 12:04 pm
    Reply

    Good reason to never login to your precious machine with a Microsoft a/c a.k.a. as the cloud.

  14. Anonymous said on September 18, 2023 at 1:23 pm
    Reply

    The GAFAM are always very careless about our software automatically sending to them telemetry and crash dumps in our backs. It’s a reminder not to send them anything when it’s possible to opt out, and not to opt in, considering what they may contain. And there is irony in this carelessness biting them back, even if in that case they show that they are much more cautious when it’s their own data that is at stake.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.