Microsoft Patch Tuesday for October 2016

The second Tuesday of every month, Microsoft releases security updates for its various products. This month was a particularly heavy month. Let’s review the details and how you can get your system updated.

Microsoft released quite a few updates for the month of October. Several are affecting a wide range of software and components including Windows, Internet Explorer, Microsoft Edge, Microsoft .NET Framework, Office, Skype for Business, Lync, Office Web Apps and Adobe Flash Player.

Patch Tuesday Updates for October 2016

Web browser updates for Internet Explorer and Microsoft Edge resolve severe vulnerabilities and exploits, which include remote code execution from a specially crafted page, designed to gain user access. Microsoft video and graphics components both receive patches for vulnerabilities found that could allow an attacker to exploit and run arbitrary code.

Microsoft Office, the company’s productivity suite, which includes, Word, Excel and PowerPoint gets an update, which resolves an Office RTF remote code execution vulnerability; when the Office software fails to properly handle RTF files.

Several updates affect components in Windows at the kernel level, which is the heart of Windows, each of which grants elevation of user privileges. Other areas include the Windows Registry and Diagnostics hub. The Microsoft Internet Messaging API utilized by applications such as Lync and Skype gets an update for a vulnerability found in how objects in memory are handled.

If you still use Flash, there is also an update for that too. Since Windows 8, Microsoft started bundling the fading web technology. A security update is available that resolves vulnerabilities found. Affected platforms include Windows 8/8.1/RT, Server 2012/R2 and Windows 10.

Today’s Patch Tuesday, sees the first introduction of a new rollup methodology for patching Microsoft operating systems and products going forward. The new servicing model applies to Windows 7 Service Pack 1 and later versions, which primarily affects how IT admins responsible for deploying updates to a fleet of PCs in an organization.


Although some may say — “Wow Microsoft, that’s a lot of security issues. What’s wrong with your software!”, I have a different perspective. All software has bugs including security exploits. No exception. I personally appreciate both the transparency and investment Microsoft has put into its robust security research, update, communication and of course updates. It really does make the world a better place when you consider the billions of users who are running Microsoft products.

So, for these latest updates, the best way to get them if you’re reading this from a business machine is to remind your local IT admins to please approve all these updates on their patching system (AKA WSUS, SCCM or GFI etc…). If you’re a home user, good news is Windows Updates has probably already downloaded the patches and applied them. If you want to check, feel free to update manually by Clicking Start Menu > Settings > Update and Security. If updates are available, you will be prompted to install them.

Finally, if you are still experiencing issues upgrading to Windows 10 or the Anniversary Update; Microsoft released a comprehensive and handy piece of documentation with details for troubleshooting upgrade errors.



  1. Dino Londis

    October 12, 2016 at 10:25 am

    The problem is that the enterprise needs vet the patches in a granular way so nothing breaks. There should be an enterprise solution.

    • Steve Krause

      October 13, 2016 at 10:09 am

      Good point Dino. Although all the patches are highly vetted prior to Microsoft publishing them to the planet, companies should have some sort of “Validation” group which they deploy to prior to releasing them to all systems globally.

      For example, try to have a Validation group in WSUS or SCCM which makes up 10-15% of your global environment. It’s best if this is a cross between all types of users and systems so you can sniff out any issues with the updates and your environment prior to mass deploy.

      This is what we do (at my day job) and it’s been very successful.

  2. dan

    October 13, 2016 at 6:36 am

    Do you publish ‘MS Patch Tuesdays’ for every month? I could only find the October 2016 when I did a search at your site.

    • Steve Krause

      October 13, 2016 at 10:11 am

      Actually no…. It’s a new monthly series we will be covering here on gP. Granted, we talk about Security all the time (see but not specifically to the MS Super Tuesday.

      So, stay tuned!


  3. Fenoy W Butler

    October 13, 2016 at 7:08 am

    “I personally appreciate both the transparency and investment Microsoft has put into its robust security research, update, communication and of course updates. It really does make the world a better place when you consider the billions of users who are running Microsoft products.” – could not agree more! Well stated.

  4. Jesus

    October 13, 2016 at 12:10 pm

    Are the updates, already, a consideration of all Microsoft programs?

    A conscious decision, in which, all programs are documented, prior to the upate’s release.

    Does Microsoft use a program, programmed, to register the model, and any versions, of all, and every, possible conflict of code, that could be fixed?

    Thus, could this program translate codes, from one model, or version, to another, to reflect the update(s)?

    Would an adaptive program, solve issues prior to, post of, and after an update?

  5. bromberg

    October 13, 2016 at 8:18 pm

    I’ll be checking in every now and then – thanks for your reply and your articles!

  6. Michelle Fox

    October 14, 2016 at 5:44 pm

    C:\Windows\System32\atiumdag.dll is either not designed to run on Windows or it contains an error. Try installing the program again using the original installation media or contact your system admin or the software vendor for support Error status 0xc0000006. I had this issue a couple of weekends ago when Microsoft pushed the update. Displays error, reboots, displays error, reboots. Finally, last week my pc is back to normal except it is extremely slow now. Tonight, I login to order pizza, and here we go again. Same message, same error, same reboot, error, reboot, error. I’ve had enough! Short of having to get a new desktop, any ideas? I can’t get to my personal email account so I will have to use my work email.

  7. bromberg

    October 14, 2016 at 8:23 pm

    Is there a way to search and download MS’s update database for a particular MS product to verify I have all the updates for that product on my PC?

    • Steve Krause

      October 15, 2016 at 12:18 am

      Running Windows Update will do that for you. You can also look at the Microsoft Download Center – and search for updates by name and date.

      I personally built a small site to track all updates from Microsoft –

      Might search there also.


      • bromberg

        October 15, 2016 at 3:43 pm

        Thanks, Steve. I was hoping there was a way, for example, to find all the MS OFFICE 2010 fixes that have ever been published. Then I could compare them to what is actually on my PC, but surprisingly there doesn’t seem to be a way.

  8. RachaRamesh

    October 15, 2016 at 10:04 am

    I am a system manager installing *.msi I.e windows installers. Auto installing is not possible due to generic values applicable to our organisation are not in built in *.msi given by the service provider. How to insert my organization values into msi thru which auto installation can take place.

  9. Ziggy

    October 16, 2016 at 12:50 am

    @bromberg : You may also find this link of some interest

    • dan

      October 17, 2016 at 9:31 pm

      Thanks, Ziggy.
      Do you have a similar link for Office 201x updates?

  10. Ziggy

    October 18, 2016 at 7:08 pm

    @Dan: No, I can’t help you on that one. But I did find a link from Boston University that has a listing of kb patches for different versions of Office. It names the kb patches so you could google these to see if Microsoft still have them archived or not.

    • dan

      October 18, 2016 at 7:32 pm

      Hey Ziggy,
      Actually, much to my surprise I just discovered that by clicking in OFFICE on FILE|ACCOUNT that OFFICE itself provides a mean to request updates.
      But thanks for you suggestion and followup!

      • Ziggy

        October 18, 2016 at 7:52 pm

        @Dan. Wasn’t aware of that nifty feature. I’ll make note of it and keep it for future reference. Thanks…

Leave a Reply

Your email address will not be published. Required fields are marked *


To Top