KB5034127 Cumulative Update for Windows Server 2019

KB5034127 is a cumulative update for Windows Server 2019 and Windows Server 2019 Server Core installation. The update was released on 9 January 2024 as part of the ‘Patch Tuesday’ project of Microsoft.

KB5034127 for Windows 10 version 1809 can be found on this page.

KB5034127 for Windows Server 2019 has been superseded by KB5034768. You can read more about KB5034768 on this page.

  • KB5034127 is a cumulative update that supersedes the KB5033371 cumulative update.
  • KB5033371 was released on 12 December 2023. You can read more about it on the KB5033371 page.
  • KB5034127 corresponds to build 17763.5329. KB5033371 corresponds to server build 17763.5206. If you had installed KB5033371, you would be transitioning from build 5206 to server build 5329.
  • KB5005112 is the Servicing Stack Update that needs to be installed before installing KB5034127. KB5005112 was released in August 2021. There is a high likelihood of the SSU being already installed on the server. If KB5005112 is already installed, you can skip to direct installation of KB5034127.
  • 33 security vulnerabilities have been reported for Windows Server 2019 in the January 2024 security bulletin released by Microsoft.
  • 2 of these security vulnerabilities have a CRITICAL severity level.
  • There are 3 security vulnerabilities that affect the .NET framework versions 3.5 and 4.7.2. All these 3 threats have ‘IMPORTANT’ severity levels. Windows Server 2019 running the corresponding .NET framework versions are impacted.

Details of security vulnerabilities on Windows Server 2019 are listed in the vulnerabilities section below.

KB5034127 can be applied automatically using one of the following methods:

  • Windows Update
  • Windows Update for Business
  • WSUS or Windows Server Update Services

WSUS remains the most preferred method to automatically deploy security and cumulative updates.

For manual deployment of KB5034127, you will need to follow a 2-step process.

  • Ensure Servicing Stack Update KB5005112 is already installed. If not, download and install KB5005112.
  • Download and install KB5034127 cumulative update.

The download for the Servicing Stack Update and the cumulative update can be completed from the Microsoft Update Catalog site. The installer is available as offline installer file in the .MSU format.

The size of the Servicing Stack Update file is 13.8 MB. The server will not restart after installing the SSU.

KB5034127 for Windows Server 2019 can be downloaded from the Microsoft Update Catalog site. Or, you could use the direct download link below.

The size of the cumulative update KB5034127 is 623.4 MB. KB5034127 will cause a server reboot. Please plan for implementation as part of an organized change management process.

If you have already installed KB5033371, only incremental changes of KB5034127 will be downloaded and installed on the server. This will be a quick process.

33 security vulnerabilities affect Windows Server 2019 as part of the January 2024 security reports. 2 of these vulnerabilities are CRITICAL severity vulnerabilities.

We have listed the CRITICAL vulnerabilities for Windows Server 2019 below.

Windows Server 2019 is impacted by 2 CRITICAL vulnerabilities. The two CRITICAL security vulnerabilities on Windows Server 2019 are listed below.

CVE detailsCVSSSeverityImpact Description
CVE-2024-206749.0CRITICALSecurity Feature BypassThe authentication feature could be bypassed as this vulnerability allows impersonation.

An authenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle (MITM) attack or other local network spoofing technique, then sending a malicious Kerberos message to the client victim machine to spoof itself as the Kerberos authentication server.
CVE-2024-207007.5CRITICALRemote Code ExecutionThis vulnerability is in the Windows Hyper V system. It could cause a ‘Remote Code Execution’ attack.
Successful exploitation of this vulnerability requires that an attacker will need to first gain access to the restricted network before running an attack.

The following changes or improvements are part of the KB5034127 cumulative update for Windows Server 2019:

  • This update addresses security issues for your Windows operating system. 
  • This update addresses an issue that causes IE mode to stop responding. This occurs if you press the left arrow key when an empty text box has the focus and caret (cursor) browsing is on. 
  • This update addresses an issue that affects touchscreens. They do not work properly when you use more than one monitor. 
  • This update addresses an issue that affects the ActiveX scroll bar. It does not work in IE mode.
  • This update addresses an issue that affects DNS servers. They receive Event 4016 for a timeout of the Lightweight Directory Access Protocol (LDAP). This occurs when they perform DNS registrations. Name registrations fail with Active Directory Domain Services (AD DS). The issue remains until you restart the DNS service.
  • This update addresses an issue that affects disk partitions. Your system might stop responding. This occurs if you add space from a deleted partition to an existing BitLocker partition.
  • This update addresses an issue that causes your device to shut down after 60 seconds. This occurs when you use a smart card to authenticate on a remote system.
  • This update addresses an issue that affects the Windows Local Administrator Password Solution (Windows LAPS). The LAPS account does not work. This occurs if the password is older than the age that the maximum age device policy allows.
  • This update addresses an issue that affects the Kerberos Key Distribution Center (KDC). It returns a KDC_ERR_S_PRINCIPAL_UNKNOWN error during trust referrals, which is wrong.
  • This update addresses an issue that causes lsass.exe to stop responding. Because of this, a restart loop occurs.
  • This update addresses an issue that affects the Key Distribution Service (KDS). It does not start in the time required if LDAP referrals are needed.
  • This update addresses an issue that affects the Server Manager pop-up text. It removes the words “Azure Automanage.”
  • This update addresses an issue that affects Group Policy Folder Redirection in a multi-forest deployment. The issue stops you from choosing a group account from the target domain. Because of this, you cannot apply advanced folder redirection settings to that domain. This issue occurs when the target domain has a one-way trust with the domain of the admin user. This issue affects all Enhanced Security Admin Environment (ESAE), Hardened Forests (HF) or Privileged Access Management (PAM) deployments.
  • This update addresses a known issue that affects BitLocker data-only encryption. A mobile device management (MDM) service, such as Microsoft Intune, might not get the right data.

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.