KB5034129 Cumulative Update for Windows Server 2022

KB5034129 is the latest cumulative update for Windows Server 2022 21H2 and 22H2 editions. It was released on January 9, 2024 under the ‘Patch Tuesday’ project of Microsoft.

KB5034129 has now been superseded by KB5034770. You can read more about it on the KB5034770 page.

  • KB5034129 is a cumulative update that supersedes the KB5033118 update.
  • KB5033118 is the cumulative update for Windows Server 2022 21H2 and 22H2 editions. You can read details of the KB5033118 cumulative update on the KB5033118 page.
  • KB5034129 corresponds to the server build 20348.2227.
  • KB5033383 corresponds to the server build 20348.2159.
  • Upgrading from KB5033383 to KB5034129 implies you are upgrading from build 2159 to 2227.
  • Servicing Stack Update 20348.2200 corresponds to KB5034129. This Servicing Stack Update was released in January 2024. This is a new SSU and will be offered as part of the installation of KB5034129
  • The Servicing Stack Update for Windows Server 2022 21H2 and 22H2 editions is part of the cumulative update. Separate installation of the SSU is not needed on Windows Server 2022 21H2 and 22H2 editions.
  • Windows Server 2022 21H2 and 22H2 editions are affected by 36 security vulnerabilities.
  • Two CRITICAL security vulnerabilities impact Windows Server 2022 21H2 and 22H2 editions. One of these threats is a ‘Security Feature Bypass’ and the other one is a ‘Remote Code Execution’ threat.

KB5034129 can be applied automatically using one of the following methods:

  • Windows Update
  • Windows Update for Business
  • WSUS or Windows Server Update Services

WSUS remains the most preferred method to automatically deploy security and cumulative updates.

For automated deployments, the Servicing Stack Update 20348.2200 will be automatically installed as part of the installation of the KB5034129 cumulative update on Windows Server 2022 21H2 and 22H2 editions.

For manual deployment of KB5034129, you will need to follow a 1-step process.

  • Download and install KB5034129 cumulative update.

The download of the cumulative update can be completed from the Microsoft Update Catalog site. The installer is available as an offline installer file in the .MSU format for Windows Server 2022 version 21H2 and 22H2.

KB5034129 for Windows Server 2022 version 21H2 and 22H2 can be downloaded from the Microsoft Update Catalog site. Or, you could use the direct download links shared below.

  • The size of the cumulative update KB5034129 file for the 21H2 version of Windows Server 2022 is 369.9 MB.
  • The size of the cumulative update KB5034129 file for the 22H2 version of Windows Server 2022 is 369.9 MB
  • KB5034129 will cause a server reboot. Please plan for implementation as part of an organized change management process.

If you have already deployed KB5033118 on the Windows Server 2022 21H2 and 22H2 editions, only the incremental changes of KB5034129 will be downloaded and installed as part of the update process. This process will be swift and short.

36 security vulnerabilities affect the Windows Server 2022 21H2 and 22H2 editions. This is based on the January 2024 security reports. 2 of these vulnerabilities are CRITICAL severity vulnerabilities.

The remaining 34 security vulnerabilities have IMPORTANT severity levels.

We have listed the CRITICAL vulnerabilities and the zero-day threat for Windows Server 2022 21H2 and 22H2 editions below.

The two CRITICAL security vulnerabilities on Windows Server 2022 21H2 and 22H2 editions are listed below.

CVE detailsCVSSSeverityImpact Description
CVE-2024-206749.0CRITICALSecurity Feature BypassThe authentication feature could be bypassed as this vulnerability allows impersonation.

An authenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle (MITM) attack or other local network spoofing technique, then sending a malicious Kerberos message to the client victim machine to spoof itself as the Kerberos authentication server.
CVE-2024-207007.5CRITICALRemote Code ExecutionThis vulnerability is in the Windows Hyper V system. It could cause a ‘Remote Code Execution’ attack.
Successful exploitation of this vulnerability requires that an attacker will need to first gain access to the restricted network before running an attack.

The following changes or improvements are part of the KB5034129 cumulative update for Windows Server 2022 21H2 and 22H2 editions

  • This update addresses an issue that affects Microsoft Intune. One of its new features does not work properly.
  • This update addresses an issue that affects account lockout event 4625. The format of the event is wrong in the ForwardedEvents log. This occurs when an account name is in the user principal name (UPN) format.
  • This update addresses an issue that affects hybrid joined devices. You cannot sign in to them if they are not connected to the internet. This occurs when you use a Windows Hello for Business PIN or biometric credentials. This issue applies to a cloud trust deployment.
  • This update addresses an issue that affects the Trusted Sites Zone logon policy. You cannot manage it using mobile device management (MDM).
  • This update addresses an issue that affects Microsoft Excel. It stops responding when you try to share a file as a PDF in Outlook.
  • This update addresses an issue that affects the Server Manager pop-up text. It removes the words “Azure Automanage.”
  • This update addresses an issue that affects XPath queries on FileHash and other binary fields. It stops them from matching values in event records.
  • This update addresses an issue that affects certain network functions on VMs. Deployment of them fails.
  • This update addresses an issue that affects the Network Controller. The issue makes you create more rules for outbound traffic so that return traffic is not blocked.
  • This update addresses an issue that affects a WS_EX_LAYERED window. The window might render with the wrong dimensions or at the wrong position. This occurs when you scale the display screen.
  • This update addresses an issue that affects printing to PDF metadata. It extracts the username that you sign in with and puts it into the author name metadata box. Instead, print to PDF should place your display name in that box.
  • This update addresses an issue that affects disk partitions. Your system might stop responding. This occurs if you add space from a deleted partition to an existing BitLocker partition.
  • This update addresses an issue that affects Windows Defender Application Control (WDAC). AppID Tagging policies might greatly increase how long it takes your device to start up.
  • This update addresses an issue that causes your device to shut down after 60 seconds. This occurs when you use a smart card to authenticate on a remote system.
  • This update addresses an issue that affects the display of a smart card icon. The icon does not appear when you sign in. This occurs when there are multiple certificates on the smart card.
  • This update addresses an issue that affects Active Directory domain controllers. They report DS_BUSY errors when you create new users. This only occurs on primary domain controller emulators (PDCe).
  • This update addresses an issue that affects the Windows Local Administrator Password Solution (Windows LAPS). The LAPS account does not work. This occurs if the password is older than the age that the maximum age device policy allows.
  • This update addresses an issue that affects the Kerberos Key Distribution Center (KDC). It returns a KDC_ERR_S_PRINCIPAL_UNKNOWN error during trust referrals, which is wrong.
  • This update addresses an issue that affects the msDS-KeyCredentialLink attribute. In some cases, it is updated when it should not be.
  • This update addresses an issue that causes lsass.exe to stop responding. Because of this, a restart loop occurs.
  • This update addresses an issue that affects the Key Distribution Service (KDS). It does not start in the time required if LDAP referrals are needed.

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.