KB5026368 is May month’s cumulative update for Windows 11 version 21H2. This update addresses security vulnerabilities on Windows 11. It also contains product improvements.
KB5026368 was released on 9th May 2023.
Salient points
- KB5026368 is a cumulative update that supersedes KB5025298 and KB5025224. KB5025224 was released under April’s ‘Patch Tuesday program. KB5025298 is a preview update that was released on 25th April 2023.
- If you have not deployed KB5025298 yet, you can skip it and install KB5026368 directly. This is because KB5026368 contains all the changes that are part of the KB5025298 preview update.
- Servicing Stack Update for Windows 11 is part of the cumulative update KB5026368. Separate installation of SSU is not needed for Windows 11 version 21H2.
- Windows 11 21H2 for x64 systems are impacted by 20 security vulnerabilities. Four of these 20 vulnerabilities are of a ‘CRITICAL’ nature.
- Windows 11 21H2 for ARM64 systems are impacted by 20 security vulnerabilities. Four of these vulnerabilities are of a ‘CRITICAL’ severity level.
- You can download the KB5026368 for Windows 11 21H2 editions that correspond to x64 or ARM64 architecture.
Build information
- Windows 11 21H2 build that corresponds to KB5026368 cumulative update for May 2023 is 22000.1936.
- Windows 11 21H2 build that corresponds to KB5025298 preview update is 22000.1880.
- Windows 11 21H2 build that corresponds to KB5025224 cumulative update for April 2023 is 22000.1817.
So, if you have patched Windows 11 21H2 with April month’s update, you will be migrating from build 1817 to 1936. If you already deployed the preview update KB5025298, then you will be migrating from build 1880 to 1936.
Servicing Stack Update
The Servicing Stack Update that maps to KB5026368 is 22000.1879. It is part of the cumulative update. Separate installation and download are not needed to patch the SSU on Windows 11 version 21H2.
The Servicing Stack Update for May 2023 contains 304 files in the complete changeset. You can download the CSV file containing all the files that comprise Servicing Stack Update 22000.1879 from this link.
Download KB5026368
Windows 11 21H2 cumulative update KB5026368 can be easily deployed through one of the following automated methods:
- Windows Update
- Windows Update for Business
- WSUS or Windows Server Update Service
The installation of cumulative updates is straightforward. The Servicing Stack Update is part of the cumulative update. It will be offered automatically as part of the complete update process.
If you were to patch KB5026368 manually, you can download the offline installer file for Windows 11 21H2 from the Microsoft Update Catalog page.
The offline installer files are available for x64 and ARM64 system architecture.
Below, we share the direct download link and the Microsoft Update Catalog page link for Windows 11 21H2 KB5026368.
- Download KB5026368 for x64 and ARM64 from the Microsoft Update Catalog page.
- Direct Download KB5026368 for x64 systems – the size of the update file is 336.5 MB only.
- Direct Download KB5026368 for ARM64 systems – the size of the update file is 457.3 MB only.
Windows 11 computer will restart after deployment of KB5026368. So, please plan the change accordingly.
Vulnerabilities
Out of 20 security vulnerabilities that affect Windows 11 21H2, there are 4 CRITICAL security vulnerabilities. We share a brief listing of these security vulnerabilities below.
| Vulnerability | CVSS rating | Impact | Comments/affected module |
|---|---|---|---|
| CVE-2023-24943 | 9.8 | Remote Code Execution Vulnerability | Windows Pragmatic General Multicast (PGM) |
| CVE-2023-29325 | 8.1 | Remote Code Execution Vulnerability | Windows OLE |
| CVE-2023-28283 | 8.1 | Remote Code Execution Vulnerability | Windows Lightweight Directory Access Protocol (LDAP) |
| CVE-2023-24903 | 8.1 | Remote Code Execution Vulnerability | Windows Secure Socket Tunneling Protocol (SSTP) |
You can read more about these security vulnerabilities by clicking on the CVE number for each vulnerability. This should take you to the Microsoft site and the page that contains details of the corresponding vulnerability.
Changelog KB5026368
KB5026368 encompasses KB5025298 preview update.
Additionally, the following improvement is part of the KB5026368 cumulative update for Windows 11 21H2:
- This update addresses a race condition in Windows Local Administrator Password Solution (LAPS). The Local Security Authority Subsystem Service (LSASS) might stop responding. This occurs when the system processes multiple local account operations at the same time. The access violation error code is 0xc0000005.
Post-deployment issues KB5026368
There are compatibility issues between KB5026368 and third-party apps that interfere with the working of explorer.exe.
After installing KB5026368, your Windows 11 computer may not restart if you have any of the following apps on the system:
- ExplorerPatcher
- StartAllBack
Microsoft suggests removing third-party apps from your Windows 11 computer for the seamless working of the computer.
Important links
For reference, you may consider reading the release notes of KB5026368. Here are some important links that may be of significance to your study:
- Release notes for KB5026368
- Microsoft Update Catalog page for KB5026368
- File information for KB5026368 in CSV format
- File information for Servicing Stack Update 22000.1879 in CSV format
You may also like to read May month’s cumulative updates for the following systems:
- KB5026372 cumulative update for Windows 11 22H2
- KB5026409 Security Update for Windows Server 2012 R2
- KB5026411 security update for Windows Server 2012
- KB5026419 cumulative update for Windows Server 2012
- KB5026415 Monthly rollup update for Windows Server 2012 R2
- KB5026370 cumulative update for Windows Server 2022
- KB5026362 cumulative update for Windows Server 2019
- KB5026363 May 2023 cumulative update for Windows Server 2016
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.