KB5016629 Cumulative Update for Windows 11

Microsoft has released new security update for windows 11. KB5016629 is the security update that was released on 9th August 2022 as part of the ‘Patch Tuesday’ project of Microsoft.  We give you the key aspects of the latest security update for Windows 11. We also look at the vulnerabilities that affect Windows 11 workstations. These vulnerabilities have been disclosed as part of the August month security Bulletin released by Microsoft. 

Salient points about KB5016629 for Windows 11 

  • KB5016629 is a cumulative update for the month of August 22 release for windows 11. It will upgrade the build version of Windows 11 to 22000.856.
  • KB5016629 cumulative update supersedes KB5015814 cumulative update. KB5015814 was released in the month of July 2022 
  • KB5016629 also contains the servicing stack update for Windows 11. The SSU for windows 11 will push the build to 22200.826.
  • KB5016629 resolves the start menu issue on Windows 11. More details are shared in the ‘issues resolved’ section below.
  • KB5016629 also contains all the changes that are part of the preview update KB5015882. The preview updates was released on July 21st 2022. KB5016629, therefore, supersedes KB5015882 preview update as well.
  • If you did not install the KB5015882 preview update on Windows 11, you can skip it. You can install KB5016629 directly to cover all changes that are part of KB5015882.

Prerequisites for installing KB5016629 on Windows 11

There are no specific prerequisites for installing KB5016629 on Windows 11 computer. If you have not installed the previous preview update KB5015882, you can skip it and instead deploy the KB5016629 updated directly on Windows 11.

For Windows 11, the Servicing Stack Updates are a part of the latest cumulative updates. So, the changes in SSUs are built into the cumulative update. When you deploy KB5016629 on Windows 11, SSU will be automatically deployed. The changes in the SSU will push the SSU build to 22000.826.

Security Vulnerabilities resolved in KB5016629 for Windows 11

Microsoft released information for over 120 security vulnerabilities as part of the August security bulletin. We list some important and critical vulnerabilities that affect Windows 11.

CVE-2022-34713 – Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability – It is a zero-day vulnerability that affects Windows 11 operating system. It has a CVSS rating of 7.8 and has been already exploited. The threat is resolved in KB5016629. A remote attacker could trick the user to click on a malicious link and deploy malicious code on the target Windows 11 computer.

CVE-2022-35820 – Windows Bluetooth Driver Elevation of Privilege Vulnerability – This is a CVSS 7.8 vulnerability on the Bluetooth Driver. It is resolved in KB5016629 for Windows 11. The attacker could access the rights to registry key creation and deletion in the bthport.sys driver. A workaround has been published by Microsoft for people unable to patch immediately on this page.

CVE-2022-35804 – SMB Client and Server Remote Code Execution Vulnerability – This is a CVSS 8.8 Critical vulnerability that affects AMR64 and x64 versions of Windows 11. The threat affects SMB traffic. It is more likely to be exploited and is patched in KB5016629. Alternatively, you can implement a workaround suggested on this page by Microsoft.

CVE-2022-35795 – Windows Error Reporting Service Elevation of Privilege Vulnerability – This is a CVSS 7.8 vulnerability that allows a remote attacker to gain SYSTEM privileges. It is resolved in KB5016629.

CVE-2022-35794 – Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability – This is a CVSS 8.1 vulnerability that could allow the attacker to exploit the RAS server for deploying malicious code that can be remotely executed. It is patched in KB5016629.

CVE-2022-35793 – Windows Print Spooler Elevation of Privilege Vulnerability – An attacker could trick the user to click on a malicious link. He could then use the security vulnerability in Print Spooler service to gain SYSTEM privileges. This vulnerability has a CVSS score of 7.3 and is resolved in KB5016629.

CVE-2022-35761 – Windows Kernel Elevation of Privilege Vulnerability – This threat has a CVSS score of 8.4 and is more likely to be exploited. An attacker could gain SYSTEM privileges. It is patched in KB5016629.

CVE-2022-35756 – Windows Kerberos Elevation of Privilege Vulnerability – The vulnerability has a CVSS score of 7.8. An attacker could use a malicious payload to gain domain administrator rights. It is patched in KB5016629.

CVE-2022-35755 – Windows Print Spooler Elevation of Privilege Vulnerability – It has a CVSS 7.3 rating and can be used to gain SYSTEM privileges through the Windows Print Spooler Service. The attacker could send a malicious payload to gain elevated rights. It is resolved in KB5016629 for Windows 11.

CVE-2022-35751 – Windows Hyper-V Elevation of Privilege Vulnerability – This is a CVSS 7.8 vulnerability that affects Windows 11 x64 version. An attacker could gain SYSTEM privileges through the Hyper V host. The threat is resolved in KB5016629.

CVE-2022-35750 – Windows Hyper-V Elevation of Privilege Vulnerability – This is a CVSS 7.8 rated vulnerability that is more likely to be exploited. The attacker could gain SYSTEM privileges. It is patched in KB5016629.

How can I deploy  KB5016629 on Windows 11?

KB5016629 can be updated through all the regular Windows update channels.

  • KB5016629 can be deployed automatically through the Windows Update program on your computer. The update process will also install the latest servicing stack update (SSU).
  •  KB5016629 can be deployed automatically through the Windows update for business.
  • You can use WSUS or Windows Server Update Service to download the latest cumulative update for Windows 11. To do so,  you will need to import the security updates for product category of ‘Windows 11’.
  • KB5016629 can be installed manually on Windows 11 through the Microsoft Update Catalog. The MSU update file for ARM64 systems has a size of 405.2 MB. The MSU update file for x64 systems has a size 288.8 MB. You can download these update files from the KB5016629 page on the Microsoft Update Catalog.

Issues resolved in KB5016629 for Windows 11

KB5016629 resolves the ‘Start menu’ issue on Windows 11 systems.

  • Addresses a known issue that might prevent some of you from opening the Start menu. On the affected devices, clicking or tapping the Start button or using the Windows keyboard shortcut might have no effect.

Summary

KB5016629 for Windows 11 becomes special as it contains all the changes that are part of the preview update KB5015882. It also resolves the zero-day vulnerability CVE-2022-34713 that affects Windows 11 x64 and ARM64 versions. Besides, the intermittent issue with Start menu is also resolved in KB5016629.

You may also like to read about other cumulative updates for the month of August 2022: