On April 11, 2017 Microsoft fully implemented their new Security Update Guide. Like any new format it will take some time to understand but what is key that system administrators know how to search it. Because the old MS Bulletin format must be historically maintained first you reach the Guide by going a new place in MS Security Tech Center:
Second, for those not using an automated tool like WSUS or a Third party product to capture patches for your review, it is extremely important you use the searchable table listing all the updates broken down by KB number, CVE, affected product, or other criteria. Highlighted below is what seems most the useful pulldown search filters by a certain product category (such as “Browsers” or “Office”). Choosing this opens up the products under that category like IE or EDGE. Finally for “Severity” AgriLife Security always recommends you apply the “Critical” or “Important” patches.
For the April 11, 2017 there are critical patches for Office (an email was sent earlier to COALS about), IE, Edge, .NET, Windows Server 2008 and 2012, Windows VISTA through 10, Silverlight and of course components not always Office-bundled like Outlook. There are important updates on many of those same products as well as important ones on added products of OneNote and MonoFramework. Adobe will be discussed below.
Please note the following information regarding the Microsoft security updates:
- Microsoft is changed at end of 2016 the update servicing model for Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2. For more information, please see this Microsoft Technet article, Further simplifying servicing models forWindows 7 and Windows 8.1.
- Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.