KB5018411 cumulative update for Windows 10 version 1607

KB5018411 is the latest cumulative update for Windows 10 version 1607. It has been released on 11th October as part of the ‘Patch Tuesday’ project of Microsoft. We discuss the significant points about KB5018411 and how you could deploy it on Windows 10 systems.

This update is valid for Windows 10 version 1607 for 32-bit systems and x64 systems.

Salient points about KB5018411 for Windows 10 version 1607

  • KB5018411 is a cumulative update that replaces or supersedes KB5017305. KB5017305 was released on 13th September 2022.
  • KB5018411 corresponds to the build number 14393.5427. The upgrade takes from the build number 14393.5356.
  • All Windows 10 versions are impacted by zero-day threat CVE-2022-41033. Aside from the zero-day threat, Windows 10 is impacted by 53 security vulnerabilities of various severity and impacts.
  • Servicing Stack Update KB5017396 needs to be deployed prior to installing KB5018411 on Windows 10 version 1607.
  • The MSU update file for KB5018411 for x64 systems is 1553.3 MB in size and the MSU update file for 32-bit systems is 836.2 MB.

Prerequisites for installing KB5018411 on Windows 10 version 1607

KB5018411 works with the Servicing Stack Update KB5017396. If you are using an automatic update process, the latest SSU is offered automatically as part of the KB5018411 deployment process.

For offline installers and manual patching, you will need to download the installer file for the Servicing Stack Update from the Microsoft Update Catalog page for KB5017396. KB5017396 was released on 13th September 2022.

These Servicing Stack Update files do not require a system reboot upon application.

Once the SSU has been deployed, you can proceed with installing KB5018411 on Windows 10 version 1607.

There are no additional prerequisites for installing KB5018411.

How to deploy KB5018411 on Windows 10 version 1607?

KB5018411 can be deployed automatically or through offline installer update files.

The following methods and programs support automated patching of Windows 10 version 1607 systems:

  • Windows Update
  • Microsoft Update for Business
  • WSUS or Windows Server Update Service – you will need to set up the product as ‘Windows 10’

If you prefer to patch Windows 10 systems through an offline installer or update file, you can download the MSU update file for KB5018411 from the Microsoft Update Catalog page for KB5018411.

Before deploying KB5018411 on Windows 10, please ensure that you have already deployed KB5017396 SSU for Windows 10.

Issues resolved in KB5018411 for Windows 10 version 1607

The following issues and improvements are part of the KB5018411 update for Windows 10 version 1607:

We update the start date for daylight saving time in Chile. It will start on September 11, 2022 instead of on September 4, 2022.

We address an issue that affects some virtual machines. They drop User Datagram Protocol (UDP) packets.

We introduce a Group Policy that enables and disables Microsoft HTML Application (MSHTA) files.

We address an issue that affects a primary Active Directory Federation Services (AD FS) node. It might fail to register or update its heartbeat. Because of this, the node is removed from the farm.

We address an issue that affects robocopy. This issue occurs when you use the backup option (/B) to migrate or synchronize data to Azure Files.

We address an issue that affects robocopy. This issue occurs when you use the backup option (/B) to address data loss and the source location contains tiered files with Azure File Sync or tiered files with Cloud Files.

We address an issue that affects a Server Message Block (SMB) multichannel connection. This issue might lead to stop error 13A or C2.

We address a known issue that might affect file copies that use Group Policy Preferences. They might fail or might create empty shortcuts or files that have 0 (zero) bytes.

Source Microsoft KB5018411

Vulnerabilities resolved for Windows 10 version 1607 in KB5018411

Windows 10 version 1607 is affected by 49 vulnerabilities. Out of these 49 vulnerabilities, one is a zero-day threat CVE-2022-41033. There are nine vulnerabilities that have severity levels of ‘CRITICAL’ rating.

We discuss the zero-day threat and the ‘CRITICAL’ vulnerabilities below.

CVE-2022-41033 – Windows COM+ Event System Service Elevation of Privilege Vulnerability

This is a CVSS 7.8 vulnerability with an ‘IMPORTANT’ severity rating that affects Windows 10 computers.

This is an ‘Elevation of Privileges’ vulnerability and an attacker could assume system privileges upon a successful attack. CVE-2022-41033 is already being exploited and is considered a zero-day threat.

Aside from the zero-day threat shared above, there are 9 ‘CRITICAL’ vulnerabilities on Windows 10 computers. Out of these 8 vulnerabilities:

  • 7 Remote Code Execution threats
  • 1 Elevation of Privileges threat
  • 1 Spoofing threat

The details of 9 vulnerabilities with a ‘CRITICAL’ impact on Windows 10 are shared in the quick reference summary table.

VulnerabilityCVSS RatingComments
CVE-2022-220358.1Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-301988.1Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-346897.5Windows CryptoAPI Spoofing Vulnerability
CVE-2022-379767.8Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2022-336348.1Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-245048.1Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-410818.1Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-380008.1Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-380478.1Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability