ADVERTISEMENT

Microsoft Windows Security Updates October 2021 overview

Microsoft released security patches for all supported versions of its Windows operating system today on the October 2021 Patch Tuesday. The company released the first patch for Windows 11, the new version of Windows, which it releases last week, as well as for other client and server versions of the operating system.

Microsoft released updates for other company products as well, including .NET Core and Visual Studio, Active Directory Federation Services, and Microsoft Office.

Our overview of the October 2021 Patch Day provides you with essential information. It lists all released security updates and non-security updates, lists downloads and links to support patches, all known issues as reported by Microsoft, and other information that is relevant to making fast educated decisions when it comes to patching.

Click here to open the September 2021 Windows Patch Day overview here.

ADVERTISEMENT

The Microsoft Windows Security Updates: September 2021

Click here to download an Excel spreadsheet that lists all released security updates: microsoft-windows-security-updates-october-2021

Executive Summary

  • All Windows 10 and 11 systems have patches for critical vulnerabilities.
  • Windows 11 has received its first update, KB5006674. It resolves a known issue with Intel networking software and the operating system.
  • Windows versions with known issues: Windows 7, Windows 8.1, Windows 10 version 1809, Windows 10 version 20H2, Windows Server 2019, Windows Server 2008 R2, Windows Server 2012

Operating System Distribution

  • Windows 7 (extended support only): 19 vulnerabilities: 0 critical and 19 important
  • Windows 8.1: 27 vulnerabilities: 0 critical and 27 important
  • Windows 10 version 1909: 37 vulnerabilities: 1 critical and 36 important
    • Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2021-40461
  • Windows 10 version 2004, 20H2 and 21H1 : 39 vulnerabilities, 1 critical and 38 important
    • Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2021-40461
  • Windows 11 39 vulnerabilities, 2 critical and 38 important
    • Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2021-40461
    • Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2021-38672

Windows Server products

  • Windows Server 2008 R2 (extended support only): 20 vulnerabilities: 0 critical and 20 important
  • Windows Server 2012 R2: 28 vulnerabilities: 0 critical and 28 important
  • Windows Server 2016: 33 vulnerabilities: 0 critical and 33 important
  • Windows Server 2019: 40 vulnerabilities: 1 critical and 39 important
    • Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2021-40461
  • Windows Server 2022:  43 vulnerabilities: 2 critical and 41 important
    • Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2021-40461
    • Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2021-38672

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

Updates and improvements:

  • Addresses an issue in which an Internet print server cannot package the driver to send to the client.
  • Addresses an issue in which Security Account Manager (SAM) events are not displayed properly in the Event Viewer.
  • Adds a new Policy setting to ensure that only admins can install printer drivers on a print server. More information is available on this support page.
    • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint
    • RestrictDriverInstallationToAdministrators
    • Value: 1
  • Adds the ability to configure period or dot (.) delimited IP addresses interchangeably with fully qualified host names in the following Group Policy settings:
    • Package Point and Print - Approved Servers
    • Point and Print Restrictions

It is unclear which of these are also included in the Security-Only update. Microsoft simply states:

  • This update contains miscellaneous security improvements to internal OS functionality. No additional issues were documented for this release.

Windows 8.1 and Windows Server 2012 R2

Updates and improvements:

  • Addresses an issue in which a user does not have a way to track DCOM activation failures on a server that is running Windows Server 2012 R2.
  • Addresses an issue in which an Internet print server cannot package the driver to send to the client.
  • Addresses an issue in which Security Account Manager (SAM) events are not displayed properly in the Event Viewer.
  • In Internet Explorer 11 for Windows 8.1 and Windows Server 2012 R2, certain circumstances might cause Enterprise Mode Site List redirection from Internet Explorer 11 to Microsoft Edge to open the site in multiple tabs in Microsoft Edge.
  • Adds a new Policy setting to ensure that only admins can install printer drivers on a print server. More information is available on this support page.
    • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint
    • RestrictDriverInstallationToAdministrators
    • Value: 1
  • Adds the ability to configure period or dot (.) delimited IP addresses interchangeably with fully qualified host names in the following Group Policy settings:
    • Package Point and Print - Approved Servers
    • Point and Print Restrictions

It is unclear which of these are also included in the Security-Only update. Microsoft simply states:

  • This update contains miscellaneous security improvements to internal OS functionality. No additional issues were documented for this release.

Windows 10 version 1909

Updates and improvements:

  • Addresses an issue that prevents some applications, such as Microsoft Office and Adobe Reader, from opening or causes them to stop responding. This occurs on devices that are subject to Microsoft Exploit Protection for Export Address Filtering (EAF).

Windows 10 version 2004, 20H2 and 21H1

Updates and improvements:

  • Addresses an issue that prevents some applications, such as Microsoft Office and Adobe Reader, from opening or causes them to stop responding. This occurs on devices that are subject to Microsoft Exploit Protectionfor Export Address Filtering (EAF).

Windows 11

Updates and improvements:

  • Addresses known compatibility issues between some Intel “Killer” and “SmartByte” networking software and Windows 11 (original release). Devices with the affected software might drop User Datagram Protocol (UDP) packets under certain conditions. This creates performance and other issues for protocols based on UDP. For example, some websites might load slower than others on the affected devices, which might cause videos to stream slower in certain resolutions. VPN solutions based on UDP might also be slower.

Other security updates

2021-10 Cumulative Update for Windows 10 Version 1607 (KB5006669)

2021-10 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5006699)

2021-10 Cumulative Security Update for Internet Explorer (KB5006671)

2021-10 Security Only Quality Update for Windows Server 2008 (KB5006715)

2021-10 Security Monthly Quality Rollup for Windows Server 2008 (KB5006736)

2021-10 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB5006732)

2021-10 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB5006739)

Servicing Stack Updates

2021-10 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5006749)

2021-10 Servicing Stack Update for Windows Server 2008 (KB5006750)

Known Issues

Windows 7 and Server 2008 R2

  • Updates may fail to install if the system is not an ESU system. Expected behavior.
  • Certain file operations may fail on cluster shared volumes.
    • Perform the operation from a process with elevated rights.
    • Perform the operation from a node that does not have CSV ownership.

Windows 8.1 and Server 2012 R2

  • Certain file operations may fail on cluster shared volumes.
    • Perform the operation from a process with elevated rights.
    • Perform the operation from a node that does not have CSV ownership.

Security advisories and updates

ADV 990001 -- Latest Servicing Stack Updates

Non-security updates

2021-10 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 (KB5006064)

2021-10 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5006066)

2021-10 Cumulative Update for .NET Framework 3.5 and 4.8 for (KB5005537)

2021-10 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5006761)

2021-10 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5006762)

2021-10 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5006763)

2021-10 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 and 4.6.2 for Windows Server 2008 (KB5006764)

2021-10 Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5006067)

2021-10 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5006060)

2021-10 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008 (KB5006061)

2021-10 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012 (KB5006063)

2021-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 for ARM64 (KB5005538)

2021-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 20H2, Windows 10 Version 20H2, Windows Server, version 2004, Windows 10 Version 2004, Windows 10 Version 1909, and Windows 10 Version 1903 (KB5005539)

2021-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5005540)

2021-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1909 (KB5005541)

2021-10 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809 (KB5005543)

2021-10 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607 (KB5006065)

2021-10 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809 (KB5006765)

Microsoft Office Updates

You find Office update information here.

How to download and install the October 2021 security updates

windows security updates october 2021

All released security updates for Windows are available via Windows Update, other update management systems, and as direct downloads. Windows 11 systems that don't meet the minimal system requirements may install the update via Windows Update as well.

To run a check for updates, do the following on Windows devices:

  1. Select Start, type Windows Update and load the Windows Update item that is displayed.
  2. Select check for updates to run a manual check for updates.

Direct update downloads

Below are resource pages with direct download links, if you prefer to download the updates to install them manually.

Windows 7 and Server 2008 R2

  • KB5006743 -- 2021-10 Security Monthly Quality Rollup for Windows 7
  • KB5006728 -- 2021-10 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB5006714 -- 2021-10 Security Monthly Quality Rollup for Windows 8.1
  • KB5006729 -- 2021-10 Security Only Quality Update for Windows 8.1

Windows 10 (version 1909)

  • KB5006667 -- 2021-10 Cumulative Update for Windows 10 Version 1909

Windows 10 (version 2004)

  • KB5006670 -- 2021-10 Cumulative Update for Windows 10 Version 2004

Windows 10 (version 20H2)

  • KB5006670 -- 2021-10 Cumulative Update for Windows 10 Version 20H2

Windows 10 (version 21H1)

  • KB5006670  -- 2021-10 Cumulative Update for Windows 10 Version 21H1

Windows 11

  • KB5006674 -- 2021-10 Cumulative Update for Windows 11

Additional resources

Summary
Microsoft Windows Security Updates October 2021 overview
Article Name
Microsoft Windows Security Updates October 2021 overview
Description
This is the overview of the Microsoft Windows Patch Tuesday of October 2021. Includes information about all released security updates and lots of resource links.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «

Comments

  1. ilev said on October 12, 2021 at 9:09 pm
    Reply

    Windows 11 on incompatible PCs get the updates too.

    1. Anonymous said on October 12, 2021 at 10:50 pm
      Reply

      For now, but there’s no guarantee it’ll stay that way. They obviously have some checks planned or already in place but not enabled with the whole “might not receive updates” threat. I really wouldn’t risk running Windows 11 on unsupported hardware and would likely just stick with 10.

      1. Anonymous said on October 13, 2021 at 8:40 pm
        Reply

        Good advice but what I think they’re doing is saying they don’t support certain devices (officially) but continue to support those devices anyway. The goal is to get everyone to upgrade their computers. Microsoft has worked with Dell for Xbox Series X and related partnerships, I’m sure this is how they’re trying to make this a win/win for both companies to get people to upgrade their computers.

  2. John G. said on October 12, 2021 at 10:46 pm
    Reply

    @Martin thanks for the effort, the Windows family is growing! :]

  3. John G. said on October 12, 2021 at 11:23 pm
    Reply

    By the way I have discovered that W11 has Powershell version 5.1 not 7.1.4 (latest).

  4. common sense computing said on October 13, 2021 at 2:38 pm
    Reply

    As usual, Windows 7-8 are more secure than 10-11. I can’t recall a single month going back to 2013 that Windows 10 didn’t have the same or more number of critical vulnerabilities as 7-8. Looks like Windows 11 is continuing that trend of being even less secure. Microsoft shills and fanboys in shambles.

  5. Paul(us) said on October 13, 2021 at 5:19 pm
    Reply

    Thanks for helping me update to Windows 10 pro. Version 21H1 (O.S. build 19043.1288).

    In the light that unsupported devices seem to have to possibility to update I am wondering about thoughts:
    1.) does the upgrade from the last Windows o.s. ever is realized because of a deal with the hardware suppliers?
    2.) Is Windows 11 one of those release from Microsoft where everything is wrong like Vista, etc.?

  6. Steven said on October 14, 2021 at 2:43 pm
    Reply

    Thank you for all your efforts wit this site – with that said, where are the OCT update reviews?

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.