KB5034127 for Windows 10 version 1809

KB50334127 is the cumulative update for Windows 10 version 1809. The update was released on 9 January 2024 as part of Microsoft’s ‘Patch Day’ initiative.

The KB5034127 cumulative update for Windows Server 2019 can be found on this page.

Salient points

  • KB5034127 for Windows 10 version 1809 is a cumulative update that supersedes the KB5033371 update released in December 2023.
  • KB5034127 corresponds to Windows 10 build 17763.5329.
  • KB5033371 corresponds to Windows 10 build 17763.5206.
  • The upgrade from KB5033371 to KB5034127 implies a transition from build 5206 to 5329.
  • KB5034127 installer files are available for x86, x64, and ARM64 system architecture.
  • Servicing Stack Update 17763.5084 corresponds to KB5032196, KB5033371, and KB5034127 for Windows 10 version 1809. It is already built in the cumulative update. Separate installation of the latest Servicing Stack Update is not needed.
  • There has been no Service Stack release for January 2024 for Windows 10 version 1809.
  • 30 security vulnerabilities affect Windows 10 version 1809 for x86 and ARM64 systems. One of these vulnerabilities (CVE-2024-20674) has a ‘CRITICAL’ severity level.
  • 32 security vulnerabilities affect Windows 10 version 1809 for the x64 systems. Two of these vulnerabilities (CVE-2024-20674 and CVE-2024-20700)) have a ‘CRITICAL’ severity level.

Download KB5034127 for Windows 10 version 1809

We discuss the ways to install KB5034127 on Windows 10 version 1809 deployments.

You could use one of the following automated deployment processes for KB5034127 on Windows 10 version 1809:

  • Windows Update
  • Windows Update for Business
  • WSUS or Windows Server Update Services

WSUS remains the most preferred method to roll out Windows cumulative updates.

You can also install KB5034127 on Windows 10 version 1809 in a manual approach. For this, you will need to follow a two-step process.

  1. Check if you have KB5005112 Servicing Stack Update installed. If not, download the installer file for KB5005112.
  2. Download and install KB5034127 for Windows 10 version 1809 for x86, x64, or ARM64 editions. The SSU for Windows 10 is already built into the KB5034127 cumulative update.

We cover the download links for KB5005112 for Windows 10 version 1809 below.

KB5005112 was released in August 2021. So, we expect that this Servicing Stack Update will already be on your system. You could check the Windows Update History on the Windows 10 system to confirm the same.

Once the Servicing Stack Update has been installed, you can proceed with the installation of the main cumulative update KB5034127 on the Windows 10 version 1809 system.

KB5034127 will cause the Windows 10 version 1809 system to reboot. So, please plan the change as an organized change process.

Vulnerabilities

There are multiple security vulnerabilities affecting Windows 10 x86, x64, and ARM64 platforms. Windows 10 version 1809 for x86 and ARM64 systems are affected by a single CRITICAL vulnerability (CVE-2024-20674).

Windows 10 version 1809 for the x64 system is affected by two CRITICAL vulnerabilities (CVE-2024-20674 and CVE-2024-20700). The brief details of both vulnerabilities are shared below.

CVE detailsCVSSSeverityImpact Description
CVE-2024-206749.0CRITICALSecurity Feature BypassThe authentication feature could be bypassed as this vulnerability allows impersonation.

An authenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle (MITM) attack or other local network spoofing technique, then sending a malicious Kerberos message to the client victim machine to spoof itself as the Kerberos authentication server.
CVE-2024-207007.5CRITICALRemote Code ExecutionThis vulnerability is in the Windows Hyper V system. It could cause a ‘Remote Code Execution’ attack.
Successful exploitation of this vulnerability requires that an attacker will need to first gain access to the restricted network before running an attack.

Windows 10 version 1809 – KB5034127 Changelog

The following changes are part of the KB5034127 cumulative update for Windows 10 version 1809:

  • This update addresses an issue that causes IE mode to stop responding. This occurs if you press the left arrow key when an empty text box has the focus and caret (cursor) browsing is on. 
  • This update addresses an issue that affects touchscreens. They do not work properly when you use more than one monitor. 
  • This update addresses security issues for your Windows operating system. 
  • This update addresses an issue that affects the ActiveX scroll bar. It does not work in IE mode.
  • This update addresses an issue that affects disk partitions. Your system might stop responding. This occurs if you add space from a deleted partition to an existing BitLocker partition.
  • This update addresses an issue that causes your device to shut down after 60 seconds. This occurs when you use a smart card to authenticate on a remote system.
  • This update addresses an issue that affects the Windows Local Administrator Password Solution (Windows LAPS). The LAPS account does not work. This occurs if the password is older than the age that the maximum age device policy allows.
  • This update addresses an issue that affects the Kerberos Key Distribution Center (KDC). It returns a KDC_ERR_S_PRINCIPAL_UNKNOWN error during trust referrals, which is wrong.
  • This update addresses an issue that causes lsass.exe to stop responding. Because of this, a restart loop occurs.
  • This update addresses an issue that affects the Key Distribution Service (KDS). It does not start in the time required if LDAP referrals are needed.
  • This update addresses an issue that affects the Server Manager pop-up text. It removes the words “Azure Automanage.”
  • This update addresses an issue that affects Group Policy Folder Redirection in a multi-forest deployment. The issue stops you from choosing a group account from the target domain. Because of this, you cannot apply advanced folder redirection settings to that domain. This issue occurs when the target domain has a one-way trust with the domain of the admin user. This issue affects all Enhanced Security Admin Environment (ESAE), Hardened Forests (HF) or Privileged Access Management (PAM) deployments.
  • This update addresses a known issue that affects BitLocker data-only encryption. A mobile device management (MDM) service, such as Microsoft Intune, might not get the right data.

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.