KB5033372 is the cumulative update for Windows 10 version 21H2 and version 22H2. The update was released on 12 December 2023 under the ‘Patch Tuesday’ program.
Salient points
- KB5033372 has been superseded by KB5034122 in January 2024.
- KB5033372 is a cumulative update. It supersedes the KB5032189 released in November 2023.
- KB5033372 also includes all changes that are part of the preview update KB5032278. The preview update was released on 30 November 2023.
- KB5033372 corresponds to build 19044.3803 for Windows 10 version 21H2.
- KB5033372 corresponds to build 19045.3803 for Windows 10 version 22H2.
- 15 security vulnerabilities affect the x64, x86, and ARM64 versions of Windows 10 version 21H2 and 22H2. 3 of these vulnerabilities have a ‘CRITICAL’ severity level.
- Zero-day threat CVE-2023-20588 affects all platforms of Windows 10 version 21H2 and version 22H2. The vulnerability resides in systems using AMD processors. Brief details of the vulnerability are in the vulnerabilities section.
- Servicing Stack Update 19044.3745 corresponds to Windows 10 version 21H2. Separate installation of the SSU is not needed as it is included in the main security or cumulative update.
- Servicing Stack Update 19045.3745 corresponds to Windows 10 version 22H2. Separate installation of the SSU is not needed as it is included in the main security or cumulative update.
- Bitlocker device encryption reporting issue continues to affect Windows 10 versions 21H2 and 22H2. The issue was caused after the installation of the KB5031356 security update.
KB5033372 Prerequisites for installation
For offline OS image servicing:
You need KB5011543 or later cumulative update on the system. KB5011543 was released in March 2022. If this is not possible, please install the May 2022 Servicing Stack Update KB5014032.
For WSUS or Microsoft Catalog packages:
You need KB5003173 cumulative update from May 2021 or later. If this is not possible, please install the August 2021 Servicing Stack Update KB5005260.
Download KB5033372
KB5033372 can be applied automatically using one of the following methods:
- Windows Update
- Windows Update for Business
- WSUS or Windows Server Update Services
WSUS remains the most preferred way to patch Windows 10 workstations. You will need to pull security updates for Windows 10 version 1903 and later.
For manual deployments, you need to download the offline installer file from the Microsoft Update Catalog site. The offline installer needs to be downloaded for the specific Windows 10 version on your computers. Or, you could use the direct download links shared below for the offline installer files for Windows 10 version 21H2 and version 22H2.
Download KB5033372 for Windows 10 version 21H2 and version 22H2
You will need to ensure that the offline installer file corresponding to the platform architecture is used. So, please pick the file relevant for x64, x86 or ARM64 platforms.
KB5033372 – 65000 Error in the “Require Device Encryption
Another reporting issue affects Bitlocker. Actual device encryption is not impacted.
Using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment.
Affected environments are those with the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies set to enabled and selecting either “full encryption” or “used space only”. Microsoft Intune is affected by this issue but third-party MDMs might also be affected.
To mitigate this issue in Microsoft Intune, you can set the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies to not configured.
Issue with Desktop icons
Windows devices using more than one (1) monitor might experience issues with desktop icons moving unexpectedly between monitors or other icon alignment issues when attempting to use Copilot in Windows (in preview).
Microsoft is working on a resolution for this issue.
Copilot in Windows
Copilot in Windows (in preview) is not currently supported when your taskbar is located vertically on the right or left of your screen. To access Copilot in Windows, make sure your taskbar is positioned horizontally on the top or bottom of your screen.
Microsoft is working on a resolution for the issue.
Vulnerabilities
Windows 10 21H2 and x64 editions are affected by 15 security vulnerabilities. The ARM64 and x86 editions are also affected by 15 security vulnerabilities. We discuss the zero-day threat and two CRITICAL threats that impact Windows 10 21H2 for x86, x64 and ARM64 systems.
Zero-day vulnerabilities
The following zero-day threat was first reported in August 2023. It has been mitigated in the current Windows Update cycle. Therefore, we suggest immediate deployment of the cumulative update KB5033372 for Windows Server 10 version 21H2 and 22H2 for the x86, x64, and ARM64 versions.
CVE details | CVSS | Severity | Impact | Description |
---|---|---|---|---|
CVE-2023-20588 | 5.5 | IMPORTANT | Information Disclosure | A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. |
CRITICAL vulnerabilities
The 3 CRITICAL vulnerabilities affecting Windows 10 21H2 and 22H2 are shared below. These vulnerabilities could lead to ‘Remote Code Execution’ attacks on the target workstations.
CVE details | CVSS | Severity | Impact | Description |
---|---|---|---|---|
CVE-2023-35630 | 8.8 | CRITICAL | Remote Code Execution | This threat impacts the Internet Connection Sharing (ICS). Successful exploitation of this vulnerability requires the attacker to modify an option->length field in a DHCPv6 DHCPV6_MESSAGE_INFORMATION_REQUEST input message. This attack is limited to systems connected to the same network segment as the attacker. |
CVE-2023-35628 | 8.1 | CRITICAL | Remote Code Execution | This vulnerability arises on account of Windows MSHTML Platform. The attacker could exploit this vulnerability by sending a specially crafted email which triggers automatically when it is retrieved and processed by the Outlook client. This could lead to exploitation BEFORE the email is viewed in the Preview Pane. This could result in the attacker executing remote code on the victim’s machine. |
CVE-2023-35641 | 8.8 | CRITICAL | Remote Code Execution | This threat affects the Internet Connection Sharing (ICS). To exploit this vulnerability, an attacker would need to send a maliciously crafted DHCP message to a server that runs the Internet Connection Sharing service. This attack is limited to systems connected to the same network segment as the attacker |
December 2023 Cumulative or Security Updates
- KB5033371 for Windows 10 version 1809
- KB5033373 for Windows 10 version 1607
- KB5033379 for Windows 10
- KB5033372 for Windows 10 21H2 and 22H2
- KB5033375 Cumulative Update for Windows 11 22H2 and 23H2
- KB5033369 Cumulative Update for Windows 11 21H2
- KB5033420 Monthly Rollup Update for Windows Server 2012 R2
- KB5033429 Monthly Rollup Update for Windows Server 2012
- KB5033383 Cumulative Update for Windows Server 2022
- KB5033118 Cumulative Update for Windows Server 2022
- KB5033371 Cumulative Update for Windows Server 2019
- KB5033373 Cumulative Update for Windows Server 2016
- Microsoft Edge upgrades to version 120.0.2210.61
November 2023 Cumulative or Security Updates
- KB5032196 Cumulative Update for Windows Server 2019
- KB5032197 Cumulative Update for Windows Server 2016
- KB5032198 Cumulative Update for Windows Server 2022
- KB5032247 Monthly Rollup Update for Windows Server 2012
- KB5032249 Monthly Rollup for Windows Server 2012 R2
- KB5032190 Windows 11 22H2 and 23H2 Editions
- KB5032192 for Windows 11 21H2 edition
- KB5032189 for Windows 10 21H2 and 22H2 versions
Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.