KB5034121 Cumulative Update for Windows 11 21H2

KB5034121 is the cumulative update for Windows 11 version 21H2. It was released under the ‘Patch Tuesday’ project of Microsoft on 9 January 2024.

KB5034121 has now been superseded by KB5034766 cumulative update. You can read more about the KB5034766 on this page.

Salient points

  • KB5034131 is a cumulative update. The update supersedes the KB5033369 cumulative update released in December 2023.
  • KB5033369 corresponds to Windows 11 21H2 build 22000.2652.
  • KB5034121 corresponds to Windows 11 21H2 build 22000.2713.
  • You will transition from build 2652 to 2713 when you upgrade from KB503369 to KB5034121 on Windows 11 21H2.
  • 34 security vulnerabilities affect Windows 11 21H2 editions for x64 platforms.
  • 33 security vulnerabilities affect Windows 11 21H2 editions for ARM64 platforms.
  • 2 of these security vulnerabilities carry a ‘CRITICAL’ severity for Windows 11 21H2 x64 and ARM64 deployments.
  • Servicing Stack Update 22000.2713 corresponds to KB5034121. It is a part of the cumulative update.
  • Separate installation of the Servicing Stack Update is not needed for KB5034121.

We look at the download links for KB5034121 and the different vulnerabilities below. KB5034121 installer files are available for x64 and ARM64 systems.

It may be pertinent to add that Windows 11 version 21H2 for Home, Pro, Pro Education, and Pro for Workstation have reached the end of service on October 10, 2023.  The monthly security and quality updates will not be available for these Windows 11 21H2 versions.

Download KB5034121

KB5034121 can be applied automatically using the following methods:

  • Windows Update
  • Windows Update for Business
  • WSUS or Windows Server Update Services

WSUS remains the best method or preferred approach to rolling out updates to Windows 11 endpoints.

You can also deploy KB5034121 manually. For manual deployments, you need an offline installer file for KB5034121. The offline installer file is available in the MSU file extension separately for x64 and ARM64 systems.

You can download the offline installer file for x64 or ARM64 platforms. The offline installer file can be downloaded from the Microsoft Update Catalog site. Or, you could also download the offline installer file from the direct download links shared below.

Your Windows 11 21H2 system will reboot after KB5034121 is deployed.

If you have already deployed KB5033369, only the incremental changes of KB5034121 will be installed on the Windows 11 21H2 system. This process of incremental updates is generally very fast and swift.


Windows 11 21H2 x64 edition is affected by 34 security vulnerabilities and ARM64 edition is affected by 33 security vulnerabilities. We discuss the two CRITICAL threats that impact Windows 11 21H2 for x64 and ARM64 systems.

CRITICAL vulnerabilities

The 2 CRITICAL vulnerabilities affecting Windows 11 21H2 are shared below. These vulnerabilities could lead to ‘Remote Code Execution’ attacks or ‘Security Feature Bypass’ attacks.

CVE detailsCVSSSeverityImpact Description
CVE-2024-206749.0CRITICALSecurity Feature BypassThe authentication feature could be bypassed as this vulnerability allows impersonation.

An authenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle (MITM) attack or other local network spoofing technique, then sending a malicious Kerberos message to the client victim machine to spoof itself as the Kerberos authentication server.
CVE-2024-207007.5CRITICALRemote Code ExecutionThis vulnerability is in the Windows Hyper V system. It could cause a ‘Remote Code Execution’ attack.
Successful exploitation of this vulnerability requires that an attacker will need to first gain access to the restricted network before running an attack.

The following changes are part of the KB5034121 cumulative update for Windows 11 21H2 editions:

  • This update addresses an issue that affects the ActiveX scroll bar. It does not work in IE mode.
  • This update addresses an issue that causes your device to shut down after 60 seconds. This occurs when you use a smart card to authenticate on a remote system.
  • This update includes quarterly changes to the Windows Kernel Vulnerable Driver Blocklist file, DriverSiPolicy.p7b. It adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
  • This update addresses an issue that affects the display of a smart card icon. The icon does not appear when you sign in. This occurs when there are multiple certificates on the smart card.
  • This update addresses a known issue that affects BitLocker data-only encryption. A mobile device management (MDM) service, such as Microsoft Intune, might not get the right data.
  • This update addresses security issues for your Windows operating system.     
Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.