Microsoft’s September 2017 Patch Tuesday is a real humdinger, even exceeding August’s Patch Tuesday; encompassing 259 security patches covering 82 vulnerabilities.
- Windows 7: 22 vulnerabilities of which three are rated critical, 19 important
- Windows 8.1: 26 vulnerabilities of which four are rated critical, 22 important
- Windows 10 version 1703: 25 vulnerabilities of which two are rated critical, 23 important
This is in addition to patches for all versions of Windows Server (2008R2 and later), Internet Explorer, Edge, Skype, Hyper-V, Sharepoint, Remote Desktop, Windows Graphic Device Interface (GDI), Exchange Server and the .NET Framework. There are also 45 security patches and 30 non-security patches for Office 2003 and later. There are also new versions of Office 2010 and Office 2013 CTR (Click-To-Run).
The .NET framework patches are especially important, correcting espionage/surveillance exploits such as Finspy, Wingbird and FinFisher. These exploits are in-the-wild. There right here, right now. Make sure you get these updates (especially .NET) installed ASAP.
After installing these updates, make sure that .NET applications are tested thoroughly. Users with HP workstations are likely to have 5-minute, black-screen, startup delays due to changes in the registry affecting display parameters. Microsoft has a separate patch (“Hotfix” mode) to address that. Users may also experience display rendering and startup problems with Internet Explorer and the Edge browsers. There are fixes available for that as well.
On one of my installations, Windows 10 did not restart automatically. I had to do a power-off/on sequence. It took about 35 minutes to complete.