KB5019959 is November month’s cumulative update for Windows 10 versions 20H2, 21H1, 21H2, and 22H2. The update was released on 8th November. We look at some important aspects of KB5019959 for Windows 10 below.
Salient points about KB5019959 for Windows 10
- KB5019959 is a cumulative update for Windows 10 versions 20H2, 21H1, 21H2, and 22H2.
- For Windows 10 versions 20H2, 21H1 and 21H2, KB5019959 replaces or supersedes KB5018410. KB5018410 is October month’s cumulative update for Windows 10. You can read more about KB5018410 on this page.
- KB5019959 also contains all changes that are part of the KB5020435, KB5018482, and KB5020953. KB5020435 and KB5020953 are out of band (OOB) updates. KB5018482 is a preview update.
- KB5019959 also resolved security vulnerabilities on Windows 10 systems. There are four zero-day vulnerabilities on Windows 10 versions 20H2, 21H1, 21H2, and 22H2. These vulnerabilities are CVE-2022-41091, CVE-2022-41073, CVE-2022-41118 and CVE-2022-41128.
- Windows 10 build 2251 corresponds to KB5019959. Depending on your Windows 10 version, the finalized builds on Windows 10 would be OS Builds 19042.2251, 19043.2251, 19044.2251, and 19045.2251.
Installing KB5019959 on Windows 10
The best method to patch Windows 10 systems is through an automated patch deployment. You can use one of the following automated deployment processes for Windows 10:
- Windows Update
- Windows Update for Business
- WSUS or Windows Server Update Service
If you intend to make use of WSUS for deploying KB5019959, you can configure the product classification as under:
- Product: Windows 10, version 1903 and later
- Classification: Security Updates
This should enable WSUS to pull security updates for Windows 10 versions 20H2, 21H1, 21H2, and 22H2.
KB5019959 can be deployed manually through an offline installer file. For this, you can check the Microsoft Catalog page for KB5019959. For ready reference, the download links for Windows 10 security update KB5019959 are shared below.
Download KB5019959 for Windows 10 versions 20H2, 21H1, 21H2 and 22H2
You can download the MSU update files for Windows 10 versions 20H2, 21H1, 21H2, and 22H2 from the direct download links shared below.
Download KB5019959 for Windows 10 20H2 version
| Windows 10 version | Download link | Update size |
|---|---|---|
| Windows 10 20H2 x86 | Download KB5019959 | 356.9 MB |
| Windows 10 20H2 ARM64 | Download KB5019959 | 707.4 MB |
| Windows 10 20H2 x64 | Download KB5019959 | 687 MB |
Download KB5019959 for Windows 10 version 21H1
| Windows 10 version | Download update | Update size |
|---|---|---|
| Windows 10 version 21H1 x86 | Download KB5019959 | 356.9 MB |
| Windows 10 version 21H1 ARM64 | Download KB5019959 | 707.4 MB |
| Windows 10 version 21H1 x64 | Download KB5019959 | 687 MB |
Download KB5019959 for Windows 10 version 21H2
| Windows 10 version | Download update | Update size |
|---|---|---|
| Windows 10 version 21H2 x86 | Download KB5019959 | 356.9 MB |
| Windows 10 version 21H2 ARM64 | Download KB5019959 | 707.4 MB |
| Windows 10 version 21H2 x64 | Download KB5019959 | 687 MB |
Download KB5019959 for Windows 10 version 22H2
| Windows 10 version | Download update | Update size |
|---|---|---|
| Windows 10 version 22H2 x86 | Download KB5019959 | 356.9 MB |
| Windows 10 version 22H2 ARM64 | Download KB5019959 | 707.4 MB |
| Windows 10 version 22H2 x64 | Download KB5019959 | 687 MB |
Upon installing these security updates, the Windows 10 computer may restart for the update to take effect. So, please plan for any change management sequence accordingly.
Prerequisites before installing KB5019959 on Windows 10
There are specific requirements for the cumulative updates or Servicing Stack Updates before installing KB5019959 on Windows versions 20H2, 21H1, 21H2 or 22H2.
- For WSUS deployments, your systems should have had May 2021 cumulative update KB5003173 or any later cumulative update on the system. If your Windows 10 systems do not have May 2021 cumulative update or any later cumulative update, please install the Servicing Stack Update KB5005260 to comply. The size of the Servicing Stack Update file is under 15 MB and it can be installed without causing system reboot.
- For patch deployment through offline image or offline installers, you need to be on March 2022 cumulative update KB5011543 or any later cumulative update. If your systems do not have KB5011543 or a newer cumulative update, please install the Servicing Stack Update KB5014032 before deploying KB5019959.
Zero-day vulnerabilities on Windows 10 under KB5019959
The following zero-day threats affect Windows 10 versions 20H2, 21H1, 21H2 and 22H2. These threats are patched in KB5019959 for Windows 10.
| Vulnerability | Impact | Severity |
|---|---|---|
| CVE-2022-41091 | Windows Mark of the Web Security Feature Bypass Vulnerability | 5.4 |
| CVE-2022-41125 | Elevation of Privileges on Windows CNG Key Isolation Service. | 7.8 |
| CVE-2022-41128 | Remote Code Execution on Windows Scripting Languages (only affects Windows Server 2019, does not affect Windows Server 2019 Server Core installation). | 8.8 |
| CVE-2022-41073 | Elevation of Privileges on Windows Print Spooler. | 7.8 |
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.