April 2017 Patch Tuesday’s 644 patches are crawling in bugs — but there are some solutions Post coming in InfoWorld.
[See the full post at: A panoply of problems with this week’s 210 critical Windows and Office patches]
![]() |
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
SIGN IN | Not a member? | REGISTER | PLUS MEMBERSHIP |
-
A panoply of problems with this week’s 210 critical Windows and Office patches
Home » Forums » Newsletter and Homepage topics » A panoply of problems with this week’s 210 critical Windows and Office patches
- This topic has 33 replies, 12 voices, and was last updated 6 years, 5 months ago.
Tags: April 2017 Black Tuesday
AuthorTopicViewing 12 reply threadsAuthorReplies-
anonymous
GuestI maintain a client-server database app written in VB6 that uses ADO and COM+/DCOM. After installing the “April, 2017 Security Monthly Quality Rollup,” the VB6 app crashes in msado15.dll and ntdll.dll when trying to write to to the database. Uninstalling the update restores full write functionality. This is verified on Windows 7 x86 and Windows 8.1 x64. The issue is also present in Windows 10 x64 but I’m not testing that further. Details:
http://www.mcbsys.com/blog/2017/04/april-2017-monthly-rollup-breaks-vb6-app/
1 user thanked author for this post.
-
TheSuffering
AskWoody Lounger -
woody
Manager -
TheSuffering
AskWoody Lounger
-
-
The Surfing Pensioner
AskWoody PlusHi, I am Running Windows 7 Home Premium with Microsoft Office 2010 installed. As I am in Group B, I have avoided installing any updates so far this month. But I understand from Woody’s article that it would be prudent for me to instal KB3141538 and so I have downloaded this update. Can someone please give me reassurance that it is safe for me to instal without unwanted consequences? With many thanks.
-
Bill C.
AskWoody PlusI installed the MS Word patch KB3141538 from Windows Update. I installed ONLY THAT PATCH. I have WU set to never check so it is a manual check. I am Group B.
So far on my Windows 7-64 Pro SP1 machine there have been no adverse effects. However, as always and depending on your system configuration your mileage may vary (YMMV).
It is also unfortunate that my Malwarebytes v.2 is approaching EOL. The newer version 3 is still problematic from the many posts on the Malwarebytes forum.
-
The Surfing Pensioner
AskWoody Plus -
woody
Manager -
anonymous
GuestI thought I had read somewhere in the A.W.-forums that you had to install both the Office-patch and a Windows-patch. Someone had looked into it and found that for Vista and one of the server-versiosn, that do not get roll-ups, indeed there was a seperate Windows-update as well, from which he concluded that …. let me look it up. I’m confusing myself. https://www.askwoody.com/forums/topic/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/#post-107678, that is the one.
Annemarie
-
MrBrian
AskWoody_MVP
-
-
TheSuffering
AskWoody Loungeranonymous
GuestJust to add to the information: Office 2010 installed on remote terminal server. I applied Office patches and Office broke. Uninstalled 3118388 (because I thought Outlook patch was the problem) and 3141538 to get it running again. Full disclosure the terminal server is 2003 and it’s replacement is being prepared for deployment.
MrBrian
AskWoody_MVPThere is a very important detail about the vulnerability CVE-2017-0199 | Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API that I missed at first, but later noticed:
“The update addresses the vulnerability by correcting the way that Microsoft Office and WordPad parses specially crafted files, and by enabling API functionality in Windows that Microsoft Office and WordPad will leverage to resolve the identified issue.”
It seems that both the Windows and Office update are needed to make Office invulnerable to this vulnerability. If you install just the Office update, you apparently are still vulnerable!
4 users thanked author for this post.
-
lizzytish
AskWoody LoungerYes…….. as everyone is saying…….. WHAT A MESS – ye-gads!! I have the mentioned security fix for Office 2007 sitting in my Important updates (Win7 Pro 64bit – Group B)……….. was reading Woody’s article on InfoWorld and was about to install the patch for the ZeroDay effecting Office, but now I see that possibly it’s only half a fix. Also mentioned that there were another 2 bugs relating to ZeroDay….. would those be the ones relevant to the Win Security Patch………. or would it just be the Office one, that you are referring to Mr. Brian ? Guess the Game Plan would be to NOT open any Office/word files in an email until all this is sorted. I’m trying to sit tight and think of pleasant things!!!! LT
“To waste one second of one’s life is a betrayal of one’s self! I wonder what’s on television?”
Tony Hancock -
MrBrian
AskWoody_MVP
-
MrBrian
AskWoody_MVPI have confirmed by testing on Windows 7 that with just the relevant Office 2007 update installed, Office 2007 remains vulnerable. With both the relevant Office 2007 update and the April 2017 Windows update installed, Office 2007 is not vulnerable. I would expect the same is true for other Office versions and other Windows operating systems.
-
MrBrian
AskWoody_MVPWhat I tested was, for a Word 2007 document, whether double-clicking an embedded object linking to a “.hta” file hosted online causes the code in the “.hta” file to run (in process mshta.exe) or not.
There are additional steps to get the “.hta” code to run automatically when opening an Office document, but I could not get those additional steps to work, so I did not test that aspect.
There’s a webpage that shows how to do these things, but I probably shouldn’t give the link because it could be used for evil.
Technical reference: Vulnerability Note VU#921560 – Microsoft OLE URL Moniker improperly handles remotely-linked HTA data.
1 user thanked author for this post.
Noel Carboni
AskWoody_MVPNot to make light of the many reported problems, but I just finished updating another Windows 8.1 x64 test system, this one with Office 2010 on it. I started the Windows Update service and did a full “Group A” update on it (with the exception of the optional telemetry update which I hid – again), and I’m not able to find problem number one so far with the updated system. I even did performance benchmarking and found the speed of every major subsystem about the same as before.
Of course the number of tests I’ve subjected it to over the past couple of hours is necessarily limited, but it seems like there’s hope that the patches aren’t all bad!
I’m typing this on a tweaked and fully up-to-date Win 10 version 1703 build 15063.138 Creator’s test system, and it’s been running pretty well too, other than failures I saw yesterday with Adobe’s Creative Cloud.
-Noel
anonymous
GuestSo far installed the IE and .NET (the full one, via Windows Update) patches, things seem fine. Waiting on the April security-only bundle, but getting awfully anxious about it. Bar that tiny January update that I didn’t see as exactly relevant to my computer and therefore waited (and installed it only alongside the March bundle), it’s definitely the only time in the past several years when I waited over 48 hours to install security updates, and may well be the only time in 15 years.
Scared of either possibility now, both installing that and waiting longer. Gah.-
anonymous
GuestReporting in, DEFCON 1 is right. Double reboot, but that seemed all right, what definitely is not all right after applying the April security-only patch (4015546) is that once again fan speeds no longer change according to temperature. Win 7 32-bit, AsRock Fatal1ty B85 Killer as motherboard.
Happened once before, after installing the September patches, and uninstalling didn’t fix it, and was noticing other issues too then, so ended up taking computer to the shop I got it from, thinking some hardware issue that may have just coincidentally triggered then. They said they fixed it by updating BIOS. But now there’s no newer update available.Wonder what’s common between April and September to mess with BIOS…
_Reassigned Account
AskWoody LoungerI’ve resorted to running Office online only until this is fixed. Cautioned everyone to be careful what you open. Just the shear amount of patches themselves is scary. As with any thing the focus on the weakest link is always the target. Office to me is a mess, and has been for some time. Its the Windows 95, 98 of Office document creation.
arfurdent
AskWoody Plus-
The Surfing Pensioner
AskWoody Plus -
anonymous
GuestThat’s because kb3141538 is for Office 2010. I believe you need kb3178710.
Having said that, I am today feeling slightly uneasy. I’ve had no problems since installing kb3141538 yesterday, but have just checked and it is nowhere listed in my update history or indeed as an installed update – so I could not uninstal it if I wanted to. But I note that the installation date of ALL my historical Office patches has changed to 13/4/17 – which is more than slightly weird, given that kb3141538 was the only patch I installed yesterday and moreover installed manually. Has anyone got an explanation for all this?
b
ManagerThere’s one exception, though. The Word zero-day vulnerability that I talked about over the weekend is being actively used to infect machines. Lots and lots of machines, according to Dan Goodin at Ars Technica. If you’re concerned about that zero-day — and you should be, if you open documents attached to email messages — you should apply one or all of these patches, depending on which version of Office you use:
How do you reconcile that with MS-DEFCON 1: Don’t apply ANY Windows or Office patches posted within a couple of hours?
Which should be believed, MS-DEFCON 1 or InfoWorld?
Windows 11 Pro version 22H2 build 22621.2361 + Microsoft 365 + Edge
1 user thanked author for this post.
-
woody
ManagerAs stated, if you’re concerned about opening Word documents attached to email messages, it would be wise (but possibly not sufficient) to install the listed Word Security updates.
Worthwhile alternatives here: https://www.howtogeek.com/302740/how-to-open-office-files-without-being-hacked/
anonymous
GuestI discovered yesterday that Active Directory Replication is failing since 4/16/17 (when I installed the latest round of updates). What turned me on to it is I am getting an “access denied” error when trying to open Group Policy from another subnet to my primary domain controller. Using my laptop, if I am on the same subnet it opens just fine, however when I move my laptop to a different subnet, that is when it fails.
-
PKCano
Manager -
anonymous
GuestI am narrowing it down to my main site I believe. When I run “repadmin /replsum” on one of my remote sites domain controllers, it shows that all of the remote sites replicate fine, with the exception of the “main site”. My laptop is Win 10, but that doesn’t seem to matter.
The main site has 2 – 2012 DC’s and 1 2008r2 DC. The remote sites are a mix of the two, and like I said seem to be replicating fine. So, I am narrowing it down to either a DNS issue (everything looks fine here) and potentially a site trust problem.
-
anonymous
Guest
-
MrBrian
AskWoody_MVPA known issue was recently added to April 11, 2017—KB4015547 (Security-only update) (for Windows 8.1 and Windows Server 2012 R2):
“[Symptom] After installing this update on Windows Server 2012 R2 DC, you may notice Kerberos Key Distribution Center (KDC) service fails to start and error events are logged in the System Event log with Event ID: 7023 – The parameter is incorrect.
[Workaround / Resolution] Install the April 2017 Monthly Rollup Update KB4015550 or Install the March 2017 Security-only update KB4012213.”
1 user thanked author for this post.
Viewing 12 reply threads -

Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 11, Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.
Search Newsletters
Search Forums
View the Forum
Search for Topics
Recent Topics
-
How to unbloc W10pro from moving to W11
by
hession
3 hours, 2 minutes ago -
Windows 11, Surface, and Windows Copilot
by
Will Fastie
1 hour, 4 minutes ago -
Why File Explorer keeps me on Windows
by
Josh Hendrickson
1 hour, 3 minutes ago -
Uninstalr — “World’s best cup of coffee”
by
Deanna McElveen
25 minutes ago -
Locked out of your refurbished computer?
by
Susan Bradley
1 hour, 29 minutes ago -
Thunderbird 115: Changing font size in the Message Panel
by
WCHS
1 hour, 42 minutes ago -
Lenovo ThinkPad not updating to Windows 11 22H2
by
Gordski
11 hours, 52 minutes ago -
Android Security
by
Magic66
3 hours, 47 minutes ago -
What happened to the manual?
by
Susan Bradley
23 minutes ago -
OK to Restore Files From a Possibly Hacked Computer?
by
kc27
17 hours, 21 minutes ago -
Startup loop after adding new user and installing File Explore Patch
by
PFC
1 day, 18 hours ago -
RoboCops comes to NYPD. You have the right to remain cyborg
by
Alex5723
2 days ago -
iOS 17 : New Safari Privat Search Engines
by
Alex5723
2 days, 1 hour ago -
Photos App running in background
by
Tom
21 hours, 32 minutes ago -
IPV6 Issue Win10 22H2 August Update
by
Win7and10
1 day, 23 hours ago -
Windows 11 Insider Preview build 23550 released to DEV
by
joep517
2 days, 23 hours ago -
Windows 11 Build 22621.2361 (22H2) released to Release Preview
by
joep517
2 days, 23 hours ago -
Lately I’ve been getting qr code spam attacks
by
Susan Bradley
3 days, 3 hours ago -
ghacks Wants Edge – FF Browser Update to View – hack/redirect
by
CraigS26
2 days ago -
iOS 17 : If your new iPhone gets stuck on the Apple logo when you transfer…
by
Alex5723
3 days, 10 hours ago -
Apple zero days out – September 2023
by
Susan Bradley
3 days, 5 hours ago -
No shortcuts to files on Taskbar in Win11
by
KingGeorgeN
3 days, 2 hours ago -
“New” Google Sites vs Network Solutions: domain resolution
by
Towson_Steve
2 days, 13 hours ago -
Topic: Privacy Report on Modern Cars
by
oldfry
3 days, 15 hours ago -
Microsoft’s massive Windows 11 update, featuring Copilot AI, begins rolling out
by
Alex5723
3 days, 12 hours ago -
MailStore Home updates
by
Alex5723
4 days, 12 hours ago -
T-Mobile users say they see other people’s account information
by
Alex5723
5 days ago -
Retirement of Exchange Web Services in Exchange Online
by
Alex5723
5 days, 12 hours ago -
What Remote Desktop credentials do I use to access a MS Account computer
by
JP
4 days, 1 hour ago -
Office 2003 Compatibility with One Drive in Windows 11
by
langsjw
5 days, 23 hours ago
Recent blog posts
Key Links
Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.
Mastodon profile for DefConPatch
Mastodon profile for AskWoody
Home • About • FAQ • Posts & Privacy • Forums • My Account
Register • Free Newsletter • Plus Membership • Gift Certificates • MS-DEFCON Alerts
Copyright ©2004-2023 by AskWoody Tech LLC. All Rights Reserved.