KB5033379 is the cumulative update for Windows 10 x86 and x64 editions. It can also be called the cumulative update for Windows 10 version 1507. The update was released as part of the ‘Patch Tuesday’ project of Microsoft on 12 December 2023.
- KB5033379 is a cumulative update that supersedes KB5032199. KB5032199 was released in November 2023.
- KB5031377 corresponds to Windows 10 build 10240.20232.
- KB5033379 corresponds to Windows 10 build 10240.20345.
- KB5032390 is the latest Servicing Stack Update that corresponds to KB5032199 and KB5033379. KB5032390 was released on 14 November 2023.
- There is no additional or separate SSU release for Windows 10 in December 2023.
- 15 security vulnerabilities affect Windows 10 32-bit systems. 3 of these threats are ‘CRITICAL’ severity vulnerabilities.
- 15 security vulnerabilities affect Windows 10 x64 or 64-bit systems. 3 of these threats are ‘CRITICAL’ severity vulnerabilities.
- One zero-day threat affecting Windows 10 x86 and x64 systems is mentioned in the vulnerability section. CVE-2023-20588 is an AMD vulnerability that is being exploited by various threat actors.
KB5033379 can be applied automatically using one of the following methods:
- Windows Update
- Windows Update for Business
- WSUS or Windows Server Update Services
WSUS remains the most preferred method of rollout updates on Windows servers and workstations.
As part of the automated deployment, the latest Servicing Stack Update KB5032390 will be installed automatically as part of the Windows Update process.
You can also apply KB5033379 manually. For manual application, you need to follow a two-step process.
- Download and install Servicing Stack Update KB5032390
- Download and install KB5033379 cumulative update
The Servicing Stack Update and Cumulative Updates are available as offline installer files. You can download these offline installer files using the Microsoft Update Catalog site. Or, alternatively, you could use the direct download links shared below to download the offline installer files.
Download Servicing Stack Update KB5032390
- Download KB5032390 from the Microsoft Update Catalog site.
- Direct download link for KB5032390 for x86 or 32-bit systems – the file size is 5.3 MB only.
- Direct download link for KB5032390 for x64 or 64-bit systems – the file size is 11.7 MB only.
Upon installation, the Servicing Stack Updates do not cause the system to reboot.
Download cumulative update KB5033379
- Download KB5033379 from the Microsoft Update Catalog site
- Direct download link for KB5033379 for x86 editions – the file size is 736.3 MB.
- Direct download link for KB5033379 for x64 systems – the file size is 1236.4 MB.
The cumulative update will cause the system to reboot. So, it is also suggested, that the change is implemented as part of an organized change process.
Also, all changes of KB5032199 are included in KB5033379. If you skipped installing KB5032199, you can install KB5033379 directly. This will offer full security and protection on the Windows 10 endpoint systems.
Windows 10 x86 edition and x64 editions are affected by 15 security vulnerabilities. 3 of these are CRITICAL vulnerabilities. There is a single zero-day threat that affects Windows 10 x86 and x64 systems.
The following zero-day threat was first reported in August 2023. It has been mitigated in the current Windows Update cycle. Therefore, we suggest immediate deployment of the cumulative update KB5033379 for Windows Server 10 x86 and x64 versions.
|A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
There are 3 security vulnerabilities with CRITICAL severity levels for Windows 10 x64 and x86 systems. All these threats have the ‘Remote Code Execution’ impact. These vulnerabilities are shared below.
|Remote Code Execution
|This threat impacts the Internet Connection Sharing (ICS).
Successful exploitation of this vulnerability requires the attacker to modify an option->length field in a DHCPv6 DHCPV6_MESSAGE_INFORMATION_REQUEST input message.
This attack is limited to systems connected to the same network segment as the attacker.
|Remote Code Execution
|This vulnerability arises on account of Windows MSHTML Platform.
The attacker could exploit this vulnerability by sending a specially crafted email which triggers automatically when it is retrieved and processed by the Outlook client. This could lead to exploitation BEFORE the email is viewed in the Preview Pane.
This could result in the attacker executing remote code on the victim’s machine.
|Remote Code Execution
|This threat affects the Internet Connection Sharing (ICS).
To exploit this vulnerability, an attacker would need to send a maliciously crafted DHCP message to a server that runs the Internet Connection Sharing service.
This attack is limited to systems connected to the same network segment as the attacker
KB5033379 – Changelog
The following changes or improvements are part of the KB5033379 cumulative update for Windows 10:
- This update makes miscellaneous security improvements to internal OS functionality. No additional issues were documented for this release.
- This update addresses security issues for your Windows operating system
December 2023 Cumulative or Security Updates
- KB5033371 for Windows 10 version 1809
- KB5033373 for Windows 10 version 1607
- KB5033379 for Windows 10
- KB5033372 for Windows 10 21H2 and 22H2
- KB5033375 Cumulative Update for Windows 11 22H2 and 23H2
- KB5033369 Cumulative Update for Windows 11 21H2
- KB5033420 Monthly Rollup Update for Windows Server 2012 R2
- KB5033429 Monthly Rollup Update for Windows Server 2012
- KB5033383 Cumulative Update for Windows Server 2022
- KB5033118 Cumulative Update for Windows Server 2022
- KB5033371 Cumulative Update for Windows Server 2019
- KB5033373 Cumulative Update for Windows Server 2016
- Microsoft Edge upgrades to version 120.0.2210.61
We are sorry that this post was not useful for you!
Let us improve this post!
Tell us how we can improve this post?
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.