Patch Tuesday for August 2017: 36 Patches, But Which Ones Matter?

Lisa Schmeiser

August 9, 2017

6 Min Read
Matrix with heart between fingers
Pixabay

We looked through all 36 entries posted in August's security updates and for each entry, asked three questions:

What is this patch named?
What does it fix?
Why would we install it?

Skipping the server-based stuff — that's more the purview of IT professionals — here are the remaining patches you'll probably be looking at if you don't just click buttons to A-OK the automatic updates. And while we're generally pro-update (it's how you skip glaring security holes and malware), it never hurts to see what these patches do. We were surprised this month not to see any updates aimed at any Office products -- perhaps those will be released later in August.

To the great surprise of nobody, there's an Adobe Flash Player security update.
What is this patch named? Security update for Adobe Flash Player: August 8, 2017
What does it fix? According to Adobe, " These updates address a critical type confusion vulnerability that could lead to code execution and an important security bypass vulnerability that could lead to information disclosure."
Why would we install it? So long as you're going to run Flash, you may as well keep plugging the holes that let all these code executions come through.

If you're a Microsoft Edge user, there are a lot of patches you're going to be interested in. Here they are, sorted by the Windows 10 versions they address.
What is this patch named? KB4022727 — Security Update for Microsoft Edge
What does it fix? Security issues in the web browser if you're running Windows 10 (initial version released July 2015)
Why would we install it? Don't you want to browse the Web without unwittingly exposing yourself to security issues?

What is this patch named? KB4034668 — Security Update for Microsoft Edge
What does it fix? Security issues in the web browser if you're running Windows 10 (initial version released July 2015) — yep, this is the second patch recommended for "security issues" if you're running the initial version of Windows 10.
Why would we install it? Don't you want to browse the Web without unwittingly exposing yourself to security issues?

What is this patch named? KB4022714 — Security Update for Microsoft Edge
What does it fix? Security issues in the web browser if you're running Windows 10 v 1511.
Why would we install it? Say you're running Windows 10 v 1511. Don't you want to browse the Web without unwittingly exposing yourself to security issues?

What is this patch named? KB 4034660 — Security Update for Microsoft Edge
What does it fix? Security issues in the web browser if you're running Windows 10 v 1511. Yep, this is the second patch recommended to fix "security issues" in Edge for Windows 10 v 1511 users. This one fixes kernel mode drivers, which help with power management and plug-and-play issues.
Why would we install it? Say you're running Windows 10 v 1511. We're all for improving the underlying kernel mode driver framework.

What is this patch named? KB4022715 — Security Update for Microsoft Edge
What does it fix? Security issues in the web browser if you're running Windows 10 v 1607 and/or Windows Server 2016.
Why would we install it? Say you're running Windows 10 v 1607. Don't you want to browse the Web without unwittingly exposing yourself to security issues?

What is this patch named? KB4022725 — Security Update for Microsoft Edge
What does it fix? Security issues in the web browser if you're running Windows 10 v 1703. It also fixes an Internet Explorer issue where Internet Explorer 11 may ignore the “Send all sites not included in the Enterprise Mode Site List to Microsoft Edge” policy when opening a Favorites link.
Why would we install it? Say you're running Windows 10 v 1703. Don't you want to browse the Web without unwittingly exposing yourself to security issues?

What is this patch named? KB4034674 — Security Update
What does it fix? Security issues in the web browser if you're running Windows 10 v 1703. Yes — this is the second patch recommended for people using Edge on Windows 10 v 1703.
Why would we install it? Don't you want to browse the Web without unwittingly exposing yourself to security issues? Note that Installing this KB (4034674) may change Czech and Arabic languages to English for Microsoft Edge and other applications.

If you're an Internet Explorer user, here are the patches to download. Again, sorted by operating system version.
What is this patch named? Monthly Rollup KB4034681 
What does it fix? This is for Windows 8.1 users and it adds a security update to Internet Explorer.
​Why would we install it? We might not — the security bulletin points out that if you installed KB 4023335 in mid-July, this update includes those security fixes too. Only install if you haven't already patched. Presumably, the update is installed automatically for you, unless you've set up your system to skip the update.

What is this patch named? Cumulative security update for Internet Explorer: August 8, 2017 
What does it fix? The usual "remote code execution if a user views a specially crafted webpage in Internet Explorer" threats. Going by the notes, this security update is part of both Windows 8.1 and Windows 10 update history.
Why would we install it? It's automatically installed, unless you've set up your system to not accept automatic updates. Note that the fixes included in this update are also included in the August 2017 Security Monthly Quality Rollup, so you could skip this one and install the August 2017 Security Monthly Quality Rollup if that's your jam.

What is this patch named? Security Update KB4034668
What does it fix? Security issues in the web browser if you're running Windows 10 (initial version released July 2015) — yep, this is the second patch recommended for "security issues" if you're running the initial version of Windows 10.
Why would we install it? Don't you want to browse the Web without unwittingly exposing yourself to security issues?

What is this patch named? Security Update KB4034660 
What does it fix? For users of Windows 10 v 1511, it updates the Windows kernel-mode drivers for Internet Explorer, particularly relevant because kernel mode drivers help with power management and plug-and-play issues. 
Why would we install it? We're big into plugging any possible security holes.

What is this patch named? Security Update KB4034658 
What does it fix? It updates the Windows kernel-mode drivers for Internet Explorer, particularly relevant because kernel mode drivers help with power management and plug-and-play issues. This patch is for users running Windows 10 v 1607. 
Why would we install it? More secure browsing and fewer kernel mode driver issues.

What is this patch named? Security Update KB4034674
What does it fix? It fixes an Internet Explorer issue where Internet Explorer 11 may ignore the “Send all sites not included in the Enterprise Mode Site List to Microsoft Edge” policy when opening a Favorites link.
Why would we install it? Say you're running Windows 10 v 1703. Don't you want to browse the Web without unwittingly exposing yourself to security issues?

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like