Skip to main content

After month-long delay, Microsoft releases Patch Tuesday update with security fixes

microsoft releases march 2017 patch tuesday security update windows10
Image used with permission by copyright holder
Microsoft’s March 2017 Patch Tuesday release was notable primarily because it covers two full months of security updates. A show-stopper bug derailed the February release, and so the company was forced to take the unusual step of delaying it for a full month.

Now that the update has been released, we can see that there was plenty to be patched. There were a number of security bugs to be fixed up, as TrendMicro’s Security Intelligence Blog reports, and also at least one small change that portends the impending release of Windows 10 Creators Update.

Recommended Videos

The update’s changelog is extensive, listing out a slew of updates to fix a number of security holes. The zero-day bug causing issues with the Server Message Block (SMB) network protocol was fixed, and that’s particularly important because it’s actually not a zero-day vulnerability at this point — everyone knew about it over a month ago and it was one of the reasons why delaying Patch Tuesday was so problematic.

Please enable Javascript to view this content

Other fixes were noted as well. Another SMB bug involving the SMBv1 server was fixed, along with a Windows Graphic Device Interface (GDI) issue that Google’s Project Zero disclosed, that could allow remote hackers to grab information from a system’s heap memory. In addition to those critical, well-known bugs, a number of other security issues were resolved, including a number of Internet Explorer bugs and a full 32 bugs in Microsoft’s newer Edge browser.

If you’re not a Windows Insider, then you may not be keeping up with the progress towards a public release of the upcoming Creators Update. Microsoft wants to make sure you know it’s coming soon, and so it added a brief notice in the Update Status section of the Settings app letting you know it’s on its way.

Mark Coppock/Digital Trends
Mark Coppock/Digital Trends

Note that If you click on that “Yes, show me how” link, then you’ll be directed to a page indicating that you’ll be “one of the first to experience the Windows 10 Creators Update.” If you don’t want to be one of the first, then presumably you don’t want to click on this link. If you really want to get the Creators Update early, then of course you can join the Windows Insider program on the Fast Ring and the latest Windows 10 preview build is probably pretty close to what’s going to be publicly released.

Mark Coppock/Digital Trends
Mark Coppock/Digital Trends

You can check out the complete list of fixes in the March 2017 Patch Tuesday release at Microsoft’s Technet site. You can also download the update from Microsoft’s Update Catalog, and if you do then you’ll notice that the download utilizes the new “delta update” method that helps to keep updates smaller and more palatable for IT departments with thousands of machines to update.

It’s always a good idea to let Windows install its Patch Tuesday updates on time. This month, it’s even more important, because you’re getting sixty days of updates including some vulnerabilities that are known and in the wild.

Mark Coppock
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
The latest Windows update is causing major printer problems
A Dell laptop with Windows 10 sitting on a desk.

Microsoft is now offering Windows 10 users a workaround for an issue that has come along with a mid-July update.

The KB5015807 update, which rolled out on July 12 and includes OS Builds 19042.1826, 19043.1826, and 19044.1826 all have a glitch that affects printers connected to computers running Windows 10. After the update is installed, you might see multiple printer listings available when you only have one product.

Read more
Update Windows now to patch this critical Microsoft Word exploit
Person sitting and using an HP computer with Windows 11.

Microsoft has rolled out security updates as part of its June 2022 Windows updates to address a serious security bug that has targeted programs including Microsoft Word.

The Windows zero-day vulnerability is known as Follina (CVE-2022-30190) by security researchers and is "actively exploited in ongoing attacks," according to Bleeping Computer.

Read more
Apple’s iOS 15.3 update fixes critical Safari security bug
iPhone showing Home Screen with widgets resting on soft white cloth background.

Apple has just released iOS 15.3, and while this latest update doesn’t add any significant new features, it addresses at least one critical security flaw. Earlier this month, software engineer Martin Bajanik of FingerprintJS found a serious vulnerability in Safari 15, the browser included in iOS 15 and iPadOS 15, that could leak browsing history information and even credentials from online services that a person is using, such as Google, YouTube, Amazon, and sites using WordPress.

As Bajanik explains, many websites use an API called IndexedDB to request that browsers like Safari and Chrome store information in a local database on a person’s device. Under normal circumstances, a given website should only be able to request information about the databases that it created — any others should be invisible to it.

Read more