Where we stand with this month’s Windows and Office security patches

September’s retinue of Microsoft patches includes one very important .NET fix that blocks a security hole brought to life when you open an RTF file in Word. It’s only been seen, so far, in a spear phishing Russian-language RTF document, apparently generated by NEODYMIUM, allegedly used by a nation-state to snoop on a Russian-speaking target.

If that describes your situation, you’re in a world of hurt, for many reasons beyond a humble booby-trapped RTF file.

• The Win10 Creators Update cumulative update, KB 4038788, brings Win10 1703 up to build 15063.608. It contains 25 security patches as well as dozens of plain old bug fixes. I’m seeing a number of complaints about Edge misbehaving after the update: behind-the-scenes crashes showing in Event Viewer and Reliability Monitor, and occasional stops with an application error event id of 1000. So far, there aren’t enough reports to confirm that there’s a bona fide problem with Edge, but it’s a concern.
• The bug in Word and Outlook that I described earlier this week, Buggy Word 2016 non-security patch KB 4011039 can’t handle merged cells, is still around. That’s the same bug I wrote about a couple of weeks ago in Word, Outlook merged-cell problem arises after install of patch KB 3213656. Microsoft has (finally!) confirmed both of the bugs. The only solution offered:
• You can uninstall both KBs and your tables will return to normal. We anticipate releasing the fix for this issue in the next monthly update, tentatively scheduled for October 3, 2017.
• Excel 2016’s security patch KB 4011050 can put spurious black borders around rows or cells. If you’re getting unexpected black borders, download and manually install KB 4011165. As best I can tell, that bug isn’t listed on the official Fixes or workarounds for recent issues in Excel for Windows site.
• Multiple language problems with the Outlook 2007 security patch KB 4011086. Reports of Hungarian switched to Swedish, Italian to Portuguese, Slovenian to Swedish, Italian to Spanish, Dutch to Swedish, and who-knows-what-else. The solution, offered by TechNet poster Sitz-AIR:
1) uninstall KB4011086. If you have two of them listed, uninstall both of them.

2) hide them

3) restart Windows

4) Outlook 2007 UI original correct language was restored.

A general reminder: If you have trouble installing Windows 10 updates, make sure you go through the list at Windows 10 install issues -- and what to do about them.

To read this article in full or to leave a comment, please click here