KB5032196 for Windows 10 version 1809

This content has been archived. But, the content is true and relevant to the underlying technology products or infrastructure services.

KB5032196 is the cumulative update for Windows 10 version 1809. The update was released on 14 November 2023 as part of the ‘November 2023 Patch Day’ initiative of Microsoft.

Salient points

  • KB5032196 for Windows 10 version 1809 is a cumulative update that supersedes the KB5031361 update released in October 2023.
  • KB5032196 corresponds to Windows 10 build 17763.5122.
  • KB5031361 corresponds to Windows 10 build 17763.4974.
  • The upgrade from KB5031361 to KB5032196 implies a transition from build 4974 to 5122.
  • KB5032196 installer files are available for x86, x64, and ARM64 system architecture.
  • KB5005112 is the Servicing Stack Update released in August 2021. It must be already deployed on Windows 10 version 1809 systems prior to installing KB5032196.
  • Servicing Stack Update 17763.5084 corresponds to KB5032196 for Windows 10 version 1809. It is already built-in the cumulative update. Separate installation of the latest Servicing Stack Update is not needed.
  • 23 security vulnerabilities affect Windows 10 version 1809 for 32-bit systems and ARM64 systems. 2 of these vulnerabilities have a ‘CRITICAL’ severity level.
  • 25 security vulnerabilities affect Windows 10 version 1809 for x64 systems. 2 of these vulnerabilities have a ‘CRITICAL’ severity level.

Download KB5032196 for Windows 10 version 1809

KB5032196 is also available for Windows Server 2019. You can read more about KB5031361 for Windows Server 2019 deployments on this page.

Over here, we discuss the ways to install KB5032196 on Windows 10 version 1809 deployments.

You could use one of the following automated deployment processes for KB5032196 on Windows 10 version 1809:

  • Windows Update
  • Windows Update for Business
  • WSUS or Windows Server Update Services

WSUS remains the most preferred method to roll out Windows cumulative updates.

You can also install KB5032196 on Windows 10 version 1809 in a manual approach. For this, you will need to follow a two-step process.

  1. Check if you have KB5005112 Servicing Stack Update installed. If not, download the installer file for KB5005112.
  2. Download and install KB5032196 for Windows 10 version 1809 for x86, x64, or ARM64 editions.

We cover the download links for KB5032196 for Windows 10 version 1809 below.

KB5005112 was released in August 2021. So, we expect that this Servicing Stack Update will already be on your system. You could check the Windows Update History on the Windows 10 system to confirm the same.

Once the Servicing Stack Update has been installed, you can proceed with the installation of the main cumulative update KB5032196 on the Windows 10 version 1809 system.

KB5032196 will cause the Windows 10 version 1809 system to reboot. So, please plan the change as an organized change process.

Vulnerabilities

There are multiple security vulnerabilities affecting Windows 10 x86, x64, and ARM64 platforms. We look at the zero-day threat and the CRITICAL severity threats that affect Windows 10 version 1809 below.

Zero-day vulnerabilities

There is a single zero-day threat that affects Windows 10 version 1809 x86, x64, and ARM64 editions.

Zero-day threats are publicly disclosed threats. Or, these have already been exploited by various threat actors. Therefore, zero-day threats need to be patched immediately.

The following is the zero-day threat that affects Windows 10 under the November 2023 ‘Patch Tuesday’ program:

CVE detailsCVSSSeverityImpactDescription
CVE-2023-360337.8IMPORTANTElevation of PrivilegeAn attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CRITICAL vulnerabilities

There are 2 CRITICAL vulnerabilities affecting Windows 10 version 1809 x64, x86, and ARM64 system architecture. One of these is a ‘Remote Code Execution’ while the other one is an ‘Elevation of Privilege’ threat. These vulnerabilities are shared below for your ready reference.

CVE detailsCVSSSeverityImpactDescription
CVE-2023-363979.8CRITICALRemote Code ExecutionThis threat impacts the Windows Pragmatic General Multicast (PGM).

When Windows message queuing service is running in a PGM Server environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code.
CVE-2023-364008.8CRITICALElevation of PrivilegeThis vulnerability arises on account of Windows HMAC Key Derivation.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

KB5032196 reports the Bitlocker Device Encryption reporting issue. The issue was first reported after the deployment of the October 2023 cumulative update KB5031361. It is essential to note that the issue is a reporting issue only and actual device encryption is not impacted.

Using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment. Affected environments are those with the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies set to enabled and selecting either “full encryption” or “used space only”. Microsoft Intune is affected by this issue but third-party MDMs might also be affected.

To mitigate this issue in Microsoft Intune, you can set the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies to not configured.

Windows 10 version 1809 – KB5032196 Changelog

The following changes are part of the KB5032196 cumulative update for Windows 10 version 1809:

  • This update addresses security issues for your Windows operating system. 
  • This update supports the currency change in Croatia from the Kuna to the Euro.
  • This update supports daylight saving time (DST) changes in Syria.
  • This update affects user mode printer drivers. They unload unexpectedly. This occurs when you print from multiple print queues to the same printer driver.
  • This update addresses an issue that affects Xenon or Argon containers. They do not start.
  • This update addresses an issue that affects NCryptGetProperty(). Calling it with NCRYPT_KEY_TYPE_PROPERTY returns 0x1 instead of 0x20. This occurs when the key is a machine key.
  • This update includes quarterly changes to the Windows Kernel Vulnerable Driver Blocklist file, DriverSiPolicy.p7b. It adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
  • This update addresses an issue that affects Windows LAPS. Its PasswordExpirationProtectionEnabled policy fails to turn on the setting.
  • This update addresses an issue that affects an Application Virtualization (App-V) environment. Copy operations within it stop working. This occurs after you install the April 2023 update.
  • This update addresses an issue that might affect a large reparse point. You might get a stop error when you use NTFS to access it. This issue occurs after a canceled FSCTL Set operation changes the reparse tag.

October 2023 Security Updates

You may be interested in reading more about other October 2023 security or cumulative updates shared below:

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.