Microsoft Security Updates June 2017 release

0
283

Microsoft released updates, security and non-security, on June 13, 2017 for all supported versions of Microsoft Windows, and other products.The number of supported operating system versions shrank by one as Vista support ended back in April 2017. The same is true for the Windows 10 RTM version which is also no longer supported.

The following guide provides you with extensive information on the June 2017 Patch Day. It features information about how operating systems and other Microsoft products are affected by vulnerabilities, and lists all updates that Microsoft released since the May 2017 Patch Day.

It furthermore offers information on security advisories, provides download instructions and direct downloads for cumulative updates, and links to useful resources.

Microsoft Security Updates June 2017

The following Excel spreadsheet lists all security updates that Microsoft released on the June 2017 Patch Day. You can download it from our server with a click on the following link: Security Update List June 2017

Executive Summary

  • Microsoft released security updates for all client and server versions of Windows.
  • All Windows products are affected by critical vulnerabilities.
  • Other Microsoft products that have received updates are Internet Explorer, Microsoft Edge, and Microsoft Office.

Operating System Distribution

  • Windows 7:  48 vulnerabilities of which 6 are rated critical, and 42 important
  • Windows 8.1: 52 vulnerabilities of which 8 are rated critical, and the remaining 44 important
  • Windows RT 8.1: 48 vulnerabilities of which 8 are rated critical, and 40 important
  • Windows 10 version 1703: 45 vulnerabilities of which 7 are rated critical, and 38 important.

Windows Server products:

  • Windows Server 2008:  45 vulnerabilities, of which 6 are rated critical, and 39 important
  • Windows Server 2008 R2: 49 vulnerabilities, of which 6 are rated critical, and 43 important
  • Windows Server 2012 and 2012 R2: 52 vulnerabilities, of which 8 are rated critical and 44 important
  • Windows Server 2016: 57 vulnerabilities of which 7 are rated critical, and 50 important

Other Microsoft Products

  • Internet Explorer 11: 6 vulnerabilities, 3 critical, 3 important
  • Microsoft Edge: 17 vulnerabilities, 11 critical,  5 important, 1 moderate, 1 low
  • Microsoft Office 2010 Service Pack 2: 18 vulnerabilities, 3 critical, 15 important
  • Microsoft Office 2013 Service Pack 1: 5 vulnerabilities, 5 important
  • Microsoft Office 2016: 4 vulnerabilities, 4 important

Security Updates

KB4022725 — June 13, 2017 Windows 10 version 1703 cumulative update (OS Build 15063.413 and 15063.414)

  • Security updates to Windows kernel, Microsoft Windows PDF, Windows kernel-mode drivers, Microsoft Uniscribe, Device Guard, Internet Explorer, Windows Shell, and Microsoft Edge.
  • Issues described in KB4020102 (below)

KB4022726 — June 13, 2017 Windows 8.1 and Windows Server 2012 R2 Monthly Rollup

  • Addressed issue where, after installing KB3170455 (MS16-087), users have difficulty importing printer drivers and get errors with error code 0x80070bcb.
  • Addressed a rare issue where mouse input can cease to function. The mouse pointer may continue to move, but movements and clicks produce no response other than a beeping noise.
    Addressed issue where printing a document using a 32-bit application can crash a Print Server in a call to nt!MiGetVadWakeList.
  • Addressed issue where an unsupported hardware notification is shown and Windows Updates not scanning, for systems using the AMD Carrizo DDR4 processor or Windows Server 2012 R2 systems using Xeon E3V6 processor. For the affected system, follow the steps in the Additional Information section below to install this update.
  • Security updates to Microsoft Windows PDF, Windows shell, Windows Kernel, Microsoft Graphics Component, Microsoft Uniscribe, Microsoft Scripting Engine, Internet Explorer, Windows COM, and Windows Kernel-Mode Drivers.

KB4022717 — June 13, 2017 Windows 8.1 and Windows Server 2012 R2 Security-only update

  • Security updates to Microsoft Windows PDF, Windows shell, Windows Kernel, Microsoft Graphics Component, Microsoft Uniscribe, Microsoft Scripting Engine, Windows COM, and Windows Kernel-Mode Driver
  • lists same non-security fixes as KB4022726. (What is up with that?)

KB4022719 — June 13, 2017 Windows 7 and Windows Server 2008 R2 Monthly Rollup

  • Addressed issue where, after installing KB3164035, users cannot print enhanced metafiles (EMF) or documents containing bitmaps rendered out of bounds using the BitMapSection(DIBSection) function.
  • Addressed issue where updates were not correctly installing all components and would prevent them from booting.
  • Addressed issue where an unsupported hardware notification is shown and Windows Updates not scanning, for systems using the AMD Carrizo DDR4 processor. For the affected systems, follow the steps in the Additional Information section to install this update.
  • Security updates to Windows kernel, Microsoft Graphics Component, Microsoft Uniscribe, Windows kernel-mode drivers, the Windows OS, Windows COM, Internet Explorer and Windows Shell.

KB4022722 — June 13, 2017 Windows 7 and Windows Server 2008 R2 Security-only update

  • Security updates to Windows kernel, Microsoft Graphics Component, Microsoft Uniscribe, Windows kernel-mode drivers, the Windows OS, Windows COM and Windows shell
  • lists same non-security fixes as KB4022719.

Known Issues

If an iSCSI target becomes unavailable, attempts to reconnect will cause a leak. Initiating a new connection to an available target will work as expected.

Security advisories and updates

Non-security related updates

KB4020102 — Windows 10 Version 1703 Cumulative Update

  • Addressed issue where NTLM fails to generate a challenge response when CredGuard is enabled, NTLMv2 is used, and no target information is provided by the server.
    Addressed issue where Internet Explorer does not respect the “Send all sites not included in the Enterprise Mode Site List to Microsoft Edge” policy when opening favorites.
  • Addressed issue in Internet Explorer 11 where a non-administrator user is not able to install an ActiveX control.
  • Addressed issue where, after starting Split View, some apps (Microsoft Edge, Hub, Cortana, etc.) no longer receive input when multiple displays are in use.
  • Addressed issue with an unnecessary scrollbar in the logon credential provider dialog, which may block use of other fields when the dialog has multiple fields.
  • Addressed issue where, during a VM reset, the VM goes into Second Level Paging (SLP) even if there is enough balancer available memory on the host.
  • Addressed issue where some non-Unicode fonts (Courier, MS Sans Serif, etc.) do not render characters correctly on non-Latin, single-byte system locales (Greek, Hebrew, Arabic, etc.). Black bars or other artifacts appear instead.
  • Addressed issue with an SMS/messaging app that stops working when attempting to delete messages.
  • Addressed issue where, after installing the Creators Update, audio output through external decoders no longer works.
  • Addressed issue where the IoT shell fails to keep monitored background applications running.
  • Addressed issue with high latency when using the Universal Windows Platform (UWP) MIDI API.
  • Addressed issue where PrintBRM fails to restore the Print Queue Configurations when printer names are identical and a port is set to FILE:.
  • Addressed issue with per user proxy settings not migrating to machine proxy settings.
  • Addressed issue where non-English characters showed incorrectly in apps that attempt to wrap/replace the in-box console.
  • Addressed issue when trying to set a default lockscreen using the following Group Policy, you do not see the defined image on the lockscreen but you do see the defined image in Settings under lockscreen settings.
  • Computer ConfigurationAdministrative TemplatesControl PanelPersonalization”Force a specific default lock screen image”

KB4022868 — Update for Windows 10 and Windows 10 Version 1511 — Update to Windows 10 Version 1507 and Version 1511 for update reliability: May 30, 2017

KB4023136 — 2017 – Morocco Ramadan DST changes

KB890830 — Windows Malicious Software Removal Tool – May 2017

KB4023136 — Update for Windows Server 2012, Windows 7, Windows Server 2008 R2, and Windows XP Embedded — 2017 – Morocco Ramadan DST changes

KB4021701 — Update for Windows 10 — Updates to Windows 10, Version 1507 update components: May 16, 2017

KB4021702 — Update for Windows 10 Version 1511 — Updates to Windows 10, Version 1511 update components: May 16, 2017

KB4019217 — 2017-05 Preview of Monthly Quality Rollup for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4019218 — 2017-05 Preview of Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4019265 — 2017-05 Preview of Monthly Quality Rollup for Windows 7 and Windows Server 2008 R2

KB4019288 — May, 2017 Preview of Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4019289 — May, 2017 Preview of Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1 on Windows Embedded 8 Standard and Windows Server 2012

KB4019290 — May, 2017 Preview of Quality Rollup for .NET Framework 4.5.2, 4.6, 4.6.1, 4.6.2 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4019291 — May, 2017 Preview of Quality Rollup for .NET Framework 2.0 on Windows Server 2008

KB4019990 —  Update for Windows Embedded 8 Standard, Windows Server 2012, Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

How to download and install the June 2017 security updates

microsoft june 2017 patch day

Most home users run systems with automatic updates enabled. This means that updates are downloaded and installed automatically some time after they are made available through Windows Update.

Users can run a manual check for updates to speed up that process. To do so, tap on the Windows-key, type Windows Update, and hit the Enter-key.

The interface that loads runs the update check automatically, or you have to click on the check for updates button to start it. Depending on your configuration, updates that are found are either downloaded and installed directly, or on user request.

Direct update downloads

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4022719: June 13, 2017 Monthly Rollup
  • KB4022722: June 13, 2017 Security-only update

Windows 8.1 and Windows Server 2012 R2

  • KB4022726: June 13, 2017 Monthly Rollup
  • KB4022717: June 13, 2017 Security-only update

Windows 10 and Windows Server 2016 (version 1703)

  • KB4022725 —  Cumulative Update for Windows 10 Version 1703

Additional resources

  • June 2017 Security Updates release notes
  • List of software updates for Microsoft products
  • List of security advisories
  • Security Updates Guide
  • Microsoft Update Catalog site
  • Our in-depth Windows update guide
  • Windows 10 Update History
  • Windows 8.1 Update History
  • Windows 7 Update History