Microsoft Security Updates January 2018 release - gHacks Tech News

Microsoft Security Updates January 2018 release

Welcome to the first Microsoft Patch Day review of the year 2018. Microsoft released security updates for all supported versions of Windows and other company products on January 9, 2018.

This overview offers information on the release. It covers all security updates and non-security updates that Microsoft released since the last Patch Day in December.

It begins with an executive summary that lists the highlights of this month's Patch Day. The operating system distribution, and the actual patches that Microsoft released follow afterward. If Microsoft published Security Advisories and if there are Known Issues, those are covered as well.

The last part guides you through the downloading and installing of the updates on Windows PCs. You find direct downloads for all cumulative updates and a resource section there.

Check out the December 2017 Patch Day for information on last month’s patches.

Microsoft Security Updates January 2018

The following Excel spreadsheet lists all security updates for all Microsoft products that the company released in January 2018. Download it with a click on the following link: Microsoft-windows-updates-january-2018.zip

Microsoft released an out-of-band update for Windows 10 and other supported versions of Windows on January 4, 2018. Microsoft expects users who use systems with 2015 or older CPUs to see a decrease in performance after installing the patches.

Executive Summary

  • Microsoft released security patches for all supported client and server versions of the Windows operating system.
  • Security updates are also released for Microsoft Edge, Internet Explorer, Microsoft Office, SQL Server, .NET Framework, .NET Core, ASP.NET Core and Adobe Flash
  • No critical updates for any supported version of Windows.
  • Cumulative updates are only distributed to systems who did not install them earlier (released as out-of-bound patches on January 4).

Operating System Distribution

  • Windows 7: 7 vulnerabilities of which 7 are rated important
  • Windows 8.1: 10 vulnerabilities of which 10 are rated important
  • Windows 10 version 1607: 11 vulnerabilities of which 11 are rated important
  • Windows 10 version 1703: 11 vulnerabilities of which 11 are rated important
  • Windows 10 version 1709: 11 vulnerabilities of which 11 are rated important

Windows Server products

  • Windows Server 2008: 7 vulnerabilities of which 7 are rated important
  • Windows Server 2008 R2: 7 vulnerabilities of which 7 are rated important
  • Windows Server 2012 and 2012 R2: 10 vulnerabilities of which 10 are rated important
  • Windows Server 2016: 9 vulnerabilities of which 9 are rated important

Other Microsoft Products

  • Internet Explorer 11: 2 vulnerabilities,  2 critical
  • Microsoft Edge: 17 vulnerabilities, 14 critical, 3 important

Security Updates

KB4054173 -- Security Only Update for .NET Framework 4 on WES09 and POSReady 2009

KB4054178 -- Security Only Update for .NET Framework 2.0 on WES09 and POSReady 2009

KB4055229 -- Security Only Update for .NET Framework 3.0 on WES09 and POSReady 2009

KB4055265 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows Embedded 8 Standard and Windows Server 2012

KB4055266 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4055267 -- Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4055269 -- Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4055270 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows Embedded 8 Standard and Windows Server 2012

KB4055271 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 8.1 and Windows Server 2012 R2

KB4055272 -- Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4055532 -- Security and Quality Rollup for .NET Framework 3.5.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4056888 -- Windows 10 version 1511 cumulative update

  • Security updates to Microsoft Edge, Internet Explorer, Microsoft Scripting Engine, Windows Graphics, Windows Kernel, Windows Datacenter Networking, Windows Virtualization and Kernel, and the Windows SMB Server.

KB4056899 -- Security only Quality Update for Windows Server 2012 and Windows Embedded 8 Standard

KB4056890 -- Windows 10 version 1607 cumulative update

  • Security updates to Microsoft Edge, Internet Explorer, Windows Graphics, Windows Kernel, Windows Datacenter Networking, and Windows SMB Server.

KB4056891 -- Windows 10 version 1703 cumulative update

  • Security updates to Internet Explorer, Microsoft Scripting Engine, Microsoft Edge, Windows Graphics, Windows Kernel, Windows Subsystem for Linux, and the Windows SMB Server.

KB4056892 -- Windows 10 version 1709 cumulative update

  • Addresses issue where event logs stop receiving events when a maximum file size policy is applied to the channel.
  • Addresses issue where printing an Office Online document in Microsoft Edge fails.
  • Addresses issue where the touch keyboard doesn’t support the standard layout for 109 keyboards.
  • Addresses video playback issues in applications such as Microsoft Edge that affect some devices when playing back video on a monitor and a secondary, duplicated display.
  • Addresses issue where Microsoft Edge stops responding for up to 3 seconds while displaying content from a software rendering path.
  • Addresses issue where only 4 TB of memory is shown as available in Task Manager in Windows Server version 1709 when more memory is actually installed, configured, and available.
  • Addresses issue where update installation may stop at 99% and may show elevated CPU or disk utilization. This occurs if a device was reset using the Reset this PC functionality after installing KB4054022.
  • Security updates to Windows SMB Server, the Windows Subsystem for Linux, Windows Kernel, Windows Datacenter Networking, Windows Graphics, Microsoft Edge, Internet Explorer, and the Microsoft Scripting Engine.

KB4056893 -- Windows 10 RTM cumulative update

  • Fixes an excessive memory usage issue with smart cards on a Windows Termina system.
  • Security updates to Windows SMB Server, Windows Kernel, Microsoft Graphics Component, Internet Explorer, and Windows Graphics.

KB4056894 -- Windows 7 SP1 and Windows Server 2008 R2 SP1 Monthly Rollup

  • Security updates to Windows SMB Server, Windows Kernel, Microsoft Graphics Component, Internet Explorer, and Windows Graphics.

KB4056895 -- Windows 8.1 and Windows Server 2012 R2 cumulative update

KB4056568 -- Cumulative security update for Internet Explorer: January 3, 2018

KB4056887 -- Security Update for Adobe Flash Player for Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows Embedded 8 Standard, and Windows Server 2012

Known Issues

  • Incompatibility with some antivirus programs. Workaround is to set a key in the Registry.
    • Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat"Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc"Type="REG_DWORD”Data="0x00000000”
  • Unbootable State issues for some AMD devices. Windows OS updating halted until issue is resolved.

Security advisories and updates

ADV180001 | January 2018 Adobe Flash Security Update

ADV180002 -- Guidance to mitigate speculative execution side-channel vulnerabilities

ADV180003 -- Microsoft Office Defense in Depth Update

Non-security related updates

KB4056868 -- Compatibility update for upgrading to Windows 10 1703

KB4057760 --

KB890830 -- Windows Malicious Software Removal Tool - January 2018

KB4057903 -- Update for Windows Server 2012 R2 for x64-based Systems  -- Hyper-V integration components update for Windows virtual machines

KB4033339 -- Microsoft .NET Framework 4.7.1 Language Packs

KB4033342 -- Microsoft .NET Framework 4.7.1 for Windows 7 and Windows Server 2008 R2

KB4033343 -- Microsoft .NET Framework 4.7.1 Language Packs for Windows Embedded 8 Standard and Windows Server 2012

KB4033345 -- Microsoft .NET Framework 4.7.1 for Windows Embedded 8 Standard and Windows Server 2012

KB4033369 -- Microsoft .NET Framework 4.7.1 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4033393 -- Microsoft .NET Framework 4.7.1 for Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

KB4033417 -- Microsoft .NET Framework 4.7.1 Language Packs for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4033418 -- Microsoft .NET Framework 4.7.1 Language Packs for Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, and Windows 10

Microsoft Office Updates

Microsoft released non-security patches for Office on January 3, 2018.

Office 2016

KB4011627 -- This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.  Fixes a (non-security) crash issue in Excel during background error checking when copying sheets between workbooks.

KB4011574 -- Security update for Microsoft Office 2016 fixes eight Common Vulnerabilities and Exposures.

KB4011632 -- This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. Fixes non-security issues.

  • Attachment menus are disabled when you view Information Rights management e-mails.
  • PowerPoint 2016: Missing option to insert online pictures from OneDrive.
  • PowerPoint 2016: When using Insert Online Pictures or Insert Online Video, content is loaded in browser windows.
  • Improves Chinese Simplified and Chinese Traditional translations.

KB4011626 -- This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. Fixes non-security issues in Outlook 2016.

  • Fixes an issue where cancelling one attachment would cancel them all.
  • Some attachments are not removed when forwarding emails that contain inline messages and the "read all mails as plain text" check box is checked.

KB4011643 -- Fixes several vulnerabilities in Microsoft Word 2016.

KB4011622 -- This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.. This update adds a registry key that enables authentication to be proceeded even if the Online Content is disabled.

Office 2013

KB4011639 -- Excel 2013 --  This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

KB4011580 -- Office 2013 -- Same description as KB4011639

KB4011636 -- Office 2013 -- Same description as KB4011639. Fixes the following non-security issues:

  • PowerPoint 2013 -- Same issues as described in KB4011632
  • This update adds support for Office add-ins that are signed by using catalog signatures in Office 2013.
  • Improves Chinese Simplified and Chinese Traditional translation.

KB4011637 -- Outlook 2013 -- Same security description as KB4011626. Fixes the following non-security issues:

  • Third-party MAPI providers may be blocked despite being in the Outlook profile.
  • When you send an email message from Outlook.com to a recipient outside of Office 365, the recipient always gets a winmail.dat attachment in the message.

KB4011651 -- Word 2013 -- Same as KB4011643

Office 2010

KB4011660 -- Excel 2010 -- Same description as KB4011639.

KB4011658 -- Office 2010 -- Resolves vulnerabilities on Office 2010.

KB4011610 -- Office 2010 -- Resolves even more vulnerabilities in Office 2010.

KB4011611 -- Office 2010 -- Same security description as KB4011639.

KB4011273 -- Outlook 2010 -- Same security description as KB4011639. Fixes a non-security issue with third-party MAPI providers.

KB4011659 -- Word 2010 -- Same as KB4011643

Office 2007

KB4011602 -- Excel 2007 -- Same description as KB4011639.

KB4011606 -- Excel Viewer 2007 -- Same description as KB4011639.

KB4011607 -- Microsoft Office Compatibility Pack SP3 -- Fixes several vulnerabilities.

KB4011605 -- Microsoft Office Compatibility Pack SP3 -- Same description as KB4011639.

KB4011201 -- Microsoft Office Suite 2007 -- Same description as KB4011639.

KB4011656 -- Microsoft Office Suite 2007 -- Fixes several vulnerabilities.

KB4011213 -- Outlook 2007 -- Same description as KB4011639.

KB4011657 -- Word 2007 -- Same as KB4011643

KB4011641 -- Word Viewer 2007 -- Same description as KB4011639.

Also, updates for SharePoint Server 2016, 2013, 2010, Project Server 2013 and 2010, and SharePoint Foundation 2013 and 2010.

How to download and install the January 2018 security updates

microsoft windows updates january 2018

We recommend that you back up the system partition before you install any Windows update. This gives you an option to restore the old state of the system if updates cause issues on the system.

Windows users may use Windows Update to download and install the patches, the Microsoft Update Catalog, or third-party programs. Windows Update does not check for updates in real-time. You can run an update check at any time in the following way:

  1. Tap on the Windows-key to bring up the Start menu.
  2. Type Windows Update, and select the result to load the interface.
  3. Windows may run a check for updates automatically, or with a click on the "check for updates" option on the page.
  4. Updates may be downloaded automatically then, or on user request.

Direct update downloads

The following links point to the Microsoft Update Catalog website. You can follow the links to download the updates to the local system.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4056894 — 2018-01 Security Monthly Quality Rollup for Windows 7 for x86-based Systems
  • KB4056897 — 2018-01 Security Only Quality Update for Windows Embedded Standard 7 for x64-based Systems

Windows 8.1 and Windows Server 2012 R2

  • KB4056895 — 2018-01 Security Monthly Quality Rollup for Windows 8.1 for x86-based Systems

  • KB4056898 — 2018-01 Security Only Quality Update for Windows 8.1 for x86-based Systems

Windows 10  (version 1507)

  • KB4056893 — Cumulative update for Windows 10 Version 1511

Windows 10 and Windows Server 2016 (version 1607)

  • KB4056890 — 2018-01 Cumulative Update for Windows 10 Version 1607 and Windows Server 2016

Windows 10 (version 1703)

  • KB4056891 — 2018-01 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  • KB4056892 — 2018-01 Cumulative Update for Windows 10 Version 1709

Additional resources

Now You: How was your updating experience this month?

Summary
Microsoft Security Updates January 2018 release
Article Name
Microsoft Security Updates January 2018 release
Description
Welcome to the first Microsoft Patch Day review of the year 2018. Microsoft released security updates for all supported versions of Windows and other company products on January 9, 2018.
Author
Publisher
Ghacks Technology News
Logo

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

  1. Scott said on January 9, 2018 at 8:19 pm
    Reply

    Microsoft released an out-of-band update for Windows 10 and other supported versions of Windows on February 4, 2017.

    Should this not have read – Jan 4th 2018 ?

    1. Martin Brinkmann said on January 9, 2018 at 8:27 pm
      Reply

      Yes, sorry for that. My head is spinning reading all those release pages (if they are up).

      1. Scott said on January 9, 2018 at 8:29 pm
        Reply

        Hey, no apologies necessary, you do an amazing job and thank you for it.

  2. Paul(us) said on January 9, 2018 at 8:31 pm
    Reply

    The update for all 10 ver. 1709 components incl office 2010 were going quite smooth (Without hick up’s) this month and also quit fast also.

    Thanks again Martin for your ferry handy link to the update excel spreadsheet and the smooth readable publication because all the individual subjects are easy to approach because of the orderly overview.

  3. Sophie said on January 9, 2018 at 9:15 pm
    Reply

    Martin ! The work you put into these articles…..I truly thank you.

    1. Anonymous said on January 10, 2018 at 4:41 am
      Reply

      I wake up today, start my PC and it crashes. Repair not posible in any of the options given (i wont test the option which wipes the data). Unfortunately, I don’t know if it updated automatically. I wanted to install Linux since more than two years, but never had the time. I think that day is today.

      1. leanon said on January 10, 2018 at 8:50 am
        Reply

        I know there is a joke here somewhere when I say Dual Boot but just cant see it yet. /:

      2. Cigologic said on January 10, 2018 at 10:59 pm
        Reply

        Anonymous: “I wake up today, start my PC and it crashes. Repair not posible in any of the options given”

        If the bootup crash is due to BSOD/ stop error, & your Windows Update setting is automatic, your PC might have downloaded & installed 09 Jan 2018 Patch Tuesday’s updates after the previous system shutdown trigger.

        What is your CPU model (exact) ? The Meldtown KB patch is known to cause BSOD on bootup for older AMD CPUs & older Intel CPUs, with & without the presence of the required compliant registry key.

        This month’s MS .Net Framework security update may have the same effect for certain PCs.

  4. insanelyapple said on January 10, 2018 at 5:51 am
    Reply

    Can someone verify presence of drivers updates thru WU policy in Group Policy Editor after installing these updates?

    Also, new site looks cool Martin

  5. ilev said on January 10, 2018 at 8:38 am
    Reply
    1. kanade said on January 10, 2018 at 10:44 am
      Reply

      Oh God, I was planning to upgrade my current 4770K and Windows 7 at around 2020 but this is messed up…

      It’s either deal with the slower speed for the next two years or upgrade now/this year to avoid slower speed.

      1. Martin Brinkmann said on January 10, 2018 at 10:53 am
        Reply

        I’d wait and see if you notice performance issues before you make any decision.

      2. ilev said on January 10, 2018 at 4:52 pm
        Reply

        Epic Games has posted that they were hit by 20% lower performance.

        https://www.epicgames.com/fortnite/forums/news/announcements/132642-epic-services-stability-update

  6. dante said on January 10, 2018 at 3:45 pm
    Reply

    Warning: this breaks Alcohol 120%>

  7. someone said on January 10, 2018 at 4:45 pm
    Reply

    I am not getting any Security Updates for .NET Framework, any ideas?
    I have enabled give me updates for other Microsoft products, and I can see a security update for visual c++ Redistributable Package was installed but nothing for dot Net.

    1. Cigologic said on January 10, 2018 at 10:22 pm
      Reply

      @ someone: “I am not getting any Security Updates for .NET Framework, any ideas?”

      Microsoft specified that Jan 2018’s security updates for MS .Net Framework require the presence of a compliant registry key as follows. If absent, the update will not be offered via the Windows Update channel.

      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat
      >>> cadca5fe-87d3-4b96-b7fb-a231484277cc = 0x00000000 [REG_DWORD]

      This key is either set by a compliant antivirus, or manually (if user has no antivirus installed on the system).

      Ref: https://support.microsoft.com/en-us/help/4055269/security-only-update-for-net-framework-3-5-1-4-5-2-4-6-4-6-1-4-6-2-4-7

      The implication of requiring that compliant registry key make it seem that the latest MS .Net Framework security update (like the Meltdown security update) would drive up CPU usage & slow down the PC by up to 30%, especially in Win 7 & older CPUs (released before 2015).

      Worse, MS .NET Framework itself is known to hog CPU when it periodically performs runtime optimization (cue: irony).

      I wonder if the performance hit is compounded when the affected patched programs are run simultaneously — ie. Application A slows PC by X %, Application B slows PC by Y%, … & so on.

  8. Franck said on January 10, 2018 at 6:45 pm
    Reply

    Great summary, thank you !

  9. Koss said on January 10, 2018 at 10:09 pm
    Reply

    I ran the update check on two Windows 7 PCs and I’m not getting any Windows security updates. Both have Intel CPUs. Was the patch pulled?

  10. Nick said on January 10, 2018 at 10:17 pm
    Reply

    KB4011273 kills Outlook 2010 on W2K3 server (yes I know its not supported!)…uninstall and all is well again.

  11. James said on January 11, 2018 at 12:11 am
    Reply

    Just curious — I thought all Microsoft support (including new security patches) for Office 2007 ended last year. ??

    https://support.microsoft.com/en-us/help/3198497/office-2007-approaching-end-of-extended-support

  12. Anonymous said on January 11, 2018 at 5:43 am
    Reply

    It looks like the .NET 4.7.1 patch for Windows 7 that was first pushed out was KB4055002 but that was broken in it’s font handling. Windows Update is now offering KB4055532 but both patches are available. I’ve not found any official explanation for what happened with it.

  13. Barbara Starr said on January 18, 2018 at 3:34 am
    Reply

    After the update, I have an AMD, Microsoft office wouldn’t open. Got that resoved. Then Brother Printer wouldn’t work.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.