KB5034121 is the cumulative update for Windows 11 version 21H2. It was released under the ‘Patch Tuesday’ project of Microsoft on 9 January 2024.
KB5034121 has now been superseded by KB5034766 cumulative update. You can read more about the KB5034766 on this page.
Salient points
- KB5034131 is a cumulative update. The update supersedes the KB5033369 cumulative update released in December 2023.
- KB5033369 corresponds to Windows 11 21H2 build 22000.2652.
- KB5034121 corresponds to Windows 11 21H2 build 22000.2713.
- You will transition from build 2652 to 2713 when you upgrade from KB503369 to KB5034121 on Windows 11 21H2.
- 34 security vulnerabilities affect Windows 11 21H2 editions for x64 platforms.
- 33 security vulnerabilities affect Windows 11 21H2 editions for ARM64 platforms.
- 2 of these security vulnerabilities carry a ‘CRITICAL’ severity for Windows 11 21H2 x64 and ARM64 deployments.
- Servicing Stack Update 22000.2713 corresponds to KB5034121. It is a part of the cumulative update.
- Separate installation of the Servicing Stack Update is not needed for KB5034121.
We look at the download links for KB5034121 and the different vulnerabilities below. KB5034121 installer files are available for x64 and ARM64 systems.
It may be pertinent to add that Windows 11 version 21H2 for Home, Pro, Pro Education, and Pro for Workstation have reached the end of service on October 10, 2023. The monthly security and quality updates will not be available for these Windows 11 21H2 versions.
Download KB5034121
KB5034121 can be applied automatically using the following methods:
- Windows Update
- Windows Update for Business
- WSUS or Windows Server Update Services
WSUS remains the best method or preferred approach to rolling out updates to Windows 11 endpoints.
You can also deploy KB5034121 manually. For manual deployments, you need an offline installer file for KB5034121. The offline installer file is available in the MSU file extension separately for x64 and ARM64 systems.
You can download the offline installer file for x64 or ARM64 platforms. The offline installer file can be downloaded from the Microsoft Update Catalog site. Or, you could also download the offline installer file from the direct download links shared below.
- Download KB5034121 from the Microsoft Update Catalog site
- Direct download KB5034121 for Windows 11 21H2 for x64 edition – the size of the installer file is 356.5 MB
- Direct download KB5034121 for Windows 11 21H2 for ARM64 edition – the size of the installer file is 484.1 MB
Your Windows 11 21H2 system will reboot after KB5034121 is deployed.
If you have already deployed KB5033369, only the incremental changes of KB5034121 will be installed on the Windows 11 21H2 system. This process of incremental updates is generally very fast and swift.
Vulnerabilities
Windows 11 21H2 x64 edition is affected by 34 security vulnerabilities and ARM64 edition is affected by 33 security vulnerabilities. We discuss the two CRITICAL threats that impact Windows 11 21H2 for x64 and ARM64 systems.
CRITICAL vulnerabilities
The 2 CRITICAL vulnerabilities affecting Windows 11 21H2 are shared below. These vulnerabilities could lead to ‘Remote Code Execution’ attacks or ‘Security Feature Bypass’ attacks.
CVE details | CVSS | Severity | Impact | Description |
---|---|---|---|---|
CVE-2024-20674 | 9.0 | CRITICAL | Security Feature Bypass | The authentication feature could be bypassed as this vulnerability allows impersonation. An authenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle (MITM) attack or other local network spoofing technique, then sending a malicious Kerberos message to the client victim machine to spoof itself as the Kerberos authentication server. |
CVE-2024-20700 | 7.5 | CRITICAL | Remote Code Execution | This vulnerability is in the Windows Hyper V system. It could cause a ‘Remote Code Execution’ attack. Successful exploitation of this vulnerability requires that an attacker will need to first gain access to the restricted network before running an attack. |
KB5034121 – Changelog
The following changes are part of the KB5034121 cumulative update for Windows 11 21H2 editions:
- This update addresses an issue that affects the ActiveX scroll bar. It does not work in IE mode.
- This update addresses an issue that causes your device to shut down after 60 seconds. This occurs when you use a smart card to authenticate on a remote system.
- This update includes quarterly changes to the Windows Kernel Vulnerable Driver Blocklist file, DriverSiPolicy.p7b. It adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
- This update addresses an issue that affects the display of a smart card icon. The icon does not appear when you sign in. This occurs when there are multiple certificates on the smart card.
- This update addresses a known issue that affects BitLocker data-only encryption. A mobile device management (MDM) service, such as Microsoft Intune, might not get the right data.
- This update addresses security issues for your Windows operating system.
December 2023 Cumulative or Security Updates
- KB5033371 for Windows 10 version 1809
- KB5033373 for Windows 10 version 1607
- KB5033379 for Windows 10
- KB5033372 for Windows 10 21H2 and 22H2
- KB5033375 Cumulative Update for Windows 11 22H2 and 23H2
- KB5033369 Cumulative Update for Windows 11 21H2
- KB5033420 Monthly Rollup Update for Windows Server 2012 R2
- KB5033429 Monthly Rollup Update for Windows Server 2012
- KB5033383 Cumulative Update for Windows Server 2022
- KB5033118 Cumulative Update for Windows Server 2022
- KB5033371 Cumulative Update for Windows Server 2019
- KB5033373 Cumulative Update for Windows Server 2016
- Microsoft Edge upgrades to version 120.0.2210.61
November 2023 Cumulative or Security Updates
- KB5032196 Cumulative Update for Windows Server 2019
- KB5032197 Cumulative Update for Windows Server 2016
- KB5032198 Cumulative Update for Windows Server 2022
- KB5032247 Monthly Rollup Update for Windows Server 2012
- KB5032249 Monthly Rollup for Windows Server 2012 R2
- KB5032190 Windows 11 22H2 and 23H2 Editions
- KB5032192 for Windows 11 21H2 edition
Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.