Microsoft released huge Service Pack like update for Windows 8.1 (KB3000850)

Microsoft Patch Tuesday for Windows

Microsoft silently releases a new Service Pack like update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2. The update is huge as a Service Pack, it weighs 723.9MB and Microsoft describes it as KB3000850 and on my count it fixes 60 different problems in the latest version of Windows.

This update roll out happened on November 18, which interestingly enough, it’s not a Patch Tuesday, and it’s being categorized as an optional update.

Here is what’s included in update KB3000850: The November rollout is an update that packs all the previous updates since the last Windows 8 major update back in April 2014. So, technically it’s a Service Pack, however unlike the April update, the November rollout is not require to continue to receive Windows updates. The update not only brings all client and servers up to the latest version of the operating system, but also installs new features and improvements since April. Unlike a service pack, Microsoft points out that this new update doesn’t change the version number of the operating system and doesn’t deprecate or change any APIs.

It’s worth to point out that this update is for Windows 8.1-based systems, you’ll still need to update your Windows 8.0 to 8.1 to install this new rollout. (For a complete list of changes follow this Microsoft link.)

Also Microsoft released two additional out-of-band updates: the MS14-068/KB3011780 and the MS14-066/KB3018238. The update described as KB3011780 fixes a problem with Kerberos, which could allow attackers to elevate unprivileged domain user account to a domain administrator account. The update fixes the problem for all version of Windows from XP all the way up to Windows 7, Windows 8.1, and even Windows Technical Preview.

The update described as KB3018238 is another patch that Microsoft skipped from its Patch Tuesday, it’s a revised version of the KB2992611 and it removes four cipher suites from Windows Server 2008 R2 and Windows Server 2013 to patch vulnerability in SChannel could allow remote code execution. If you download and installed the previous KB2992611, you’re recommended to install the new update.