KB5033375 Cumulative Update for Windows 11 22H2 and 23H2

KB5033375 is the cumulative update for Windows 11 released on 12 December 2023. It was released under the ‘Patch Tuesday’ project of Microsoft. This update caters to Windows 11 22H2 and 23H2 editions.

Salient points

  • KB5033375 has been superseded by the KB5034123 cumulative update for Windows 11 22H2 and 23H2 editions. Ypu cam read more about it on the KB5034123 page.
  • KB5033375 is a cumulative update that supersedes KB5032190. It corresponds to Windows 11 build 22621.2861 and 22631.2861.
  • KB5033375 also includes all changes that are part of the preview update KB5022288. KB5022288 was released on 4 December 2023 and corresponds to Windows 11 builds 22621.2792 and 22631.2792. If you did not deploy the KB5032288 update, you can skip it to install KB5033375 directly.
  • KB5032190 was released on 14 November 2023 as part of November month’s Patch Tuesday efforts.
  • KB5033375 for Windows 11 22H2 edition corresponds to build 22621.2861.
  • KB5033375 for Windows 11 23H2 edition corresponds to build 22631.2861.
  • For Windows 11 22H2, Servicing Stack Update 22621.2567 corresponds to KB5032190 and KB5033375.
  • For Windows 11 23H2, Servicing Stack Update 22631.2567 corresponds to KB5032190 and KB5033375.
  • The Servicing Stack Updates for KB5033375 are included in the main cumulative update. Separate installation of Windows 11 Servicing Stack Update is not needed.
  • There has been no new Servicing Stack Update release or Windows 11 22H2 and 23H2 editions in the month of December 2023.
  • Separate installation files for KB5033375 are available for x64 and ARM64 systems.
  • 17 security vulnerabilities affect Windows 11 versions of 22H2 x64 and ARM64 systems.
  • 18 security vulnerabilities affect Windows 11 versions of 23H2 x64 and ARM64 platforms.
  • 3 security vulnerabilities have ‘CRITICAL’ severity for Windows 11 versions 22H2 and 23H2. All these vulnerabilities could lead to ‘Remote Code Execution’ attacks.
  • A single zero-day vulnerability affects Windows 11 22H2 and 23H2 editions. CVE-2023-20588 is the zero-day threat impacting AMD processors and could cause an ‘information disclosure’ vulnerability or threat.

Download KB5033375

You can install KB5033375 automatically using one of the following processes:

  • Windows Update
  • Windows Update for Business
  • WSUS or Windows Server Update Service

For manual installation, you can download an offline installer file from the Microsoft Update Catalog site. We have shared the catalog link and the direct download links for the offline installer files.

The installer files for the update are available for x64 and ARM64 systems.

Your system will reboot after applying the KB5033375 security update.

It may be important to know that the Servicing Stack Updates 22621.2567 and 22631.2567 are built-in to the KB5032190 and KB5033375 cumulative updates. Separate installation of the Servicing Stack Update is not needed for Windows 11 22H2 and 23H2 editions.

It is also pertinent to know that all changes of KB5032190 and KB5032288 are included in KB5033375. If you missed installing either of these, installing KB5033375 will give you full security coverage on Windows 11 22H2 and 23H2 editions.

Vulnerabilities

Windows 11 version 22H2 for x64 and ARM64 are affected by 17 security vulnerabilities. 3 of these vulnerabilities are ‘CRITICAL’ severity vulnerabilities.

Windows 11 versions 23H2 for x64 and ARM64 are affected by 17 security vulnerabilities. 3 of these vulnerabilities are ‘CRITICAL’ severity vulnerabilities.

A single zero-day threat also affects Windows 11 versions 22H2 and 23H2.

Zero-day vulnerabilities on Windows 11 22H2 and 23H2

The following zero-day threat was first reported in August 2023. It has been mitigated in the current Windows Update cycle. Therefore, we suggest immediate deployment of the cumulative update KB5033375 for Windows Server 11 22H2 and 23H2 editions.

CVE detailsCVSSSeverityImpact Description
CVE-2023-205885.5IMPORTANTInformation DisclosureA division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.

CRITICAL vulnerabilities on Windows 11 version 22H2 and 23H2 for x64 and ARM64 deployments

The following are the 3 security vulnerabilities that affect Windows 11 versions 22H2 and 23H2 for x64 and ARM64 systems.

CVE detailsCVSSSeverityImpact Description
CVE-2023-356308.8CRITICALRemote Code ExecutionThis threat impacts the Internet Connection Sharing (ICS).

Successful exploitation of this vulnerability requires the attacker to modify an option->length field in a DHCPv6 DHCPV6_MESSAGE_INFORMATION_REQUEST input message.
This attack is limited to systems connected to the same network segment as the attacker. 
CVE-2023-356288.1CRITICALRemote Code ExecutionThis vulnerability arises on account of Windows MSHTML Platform.

The attacker could exploit this vulnerability by sending a specially crafted email which triggers automatically when it is retrieved and processed by the Outlook client. This could lead to exploitation BEFORE the email is viewed in the Preview Pane.

This could result in the attacker executing remote code on the victim’s machine.
CVE-2023-356418.8CRITICALRemote Code ExecutionThis threat affects the Internet Connection Sharing (ICS).

To exploit this vulnerability, an attacker would need to send a maliciously crafted DHCP message to a server that runs the Internet Connection Sharing service.

This attack is limited to systems connected to the same network segment as the attacker

Post-deployment issues – KB5033375

There are multiple polt-deployment issues that have been reported by Microsoft for KB5033375 security update.

After installing KB5032190 or KB5033375, you may experience a reporting issue in the Bitlocker configuration service provider.

Using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment. Affected environments are those with the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies set to enabled and selecting either “full encryption” or “used space only”. Microsoft Intune is affected by this issue but third-party MDMs might also pe affected.

To mitigate this issue in Microsoft Intune, you can set the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies to not configured.

Windows devices using more than one (1) monitor might experience issues with desktop icons moving unexpectedly between monitors or other icon alignment issues when attempting to use Copilot in Windows (in preview).

This issue awaits a resolution from Microsoft’s side.

The color font format for COLRv1 does not render properly. This format enables Windows to display emoji with a 3D-like appearance.

This issue is awaiting a resolution from Microsoft’s side.

After installing KB5033375 on Windows 11 23H2 editions, you may experience issues with the Narrator service.

When using physical media or disc images (ISO) to install Windows 11, version 23H2 (also referred to as the Windows 11 2023 Update) on a device, Microsoft Narrator might not start. This issue only occurs when physical media or ISOs are used for this installation and the Microsoft Narrator service is only affected while the installation process is taking place. It should continue to work as expected once the installation is completed.

This issue does not occur when Windows 11, version 23H2 is installed using Windows Update on a device that is already running Windows 10 or Windows 11. 

The issue is pending resolution from the Microsoft side.

KB5033375 for Windows 11 22H2 and 23H2 include the following changes or improvements:

  • KB5033375 resolves security issues on Windows 11 22H2 and 23H2 editions
  • This build includes all the improvements in Windows 11, version 22H2.

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.