KB5034767 for Windows 10 version 1607

KB5034767 is the monthly cumulative update for Windows 10 version 1607. This update was released on 13 February 2024 under the ‘Patch Tuesday’ project.

KB5034767 has also been released for Windows Server 2016 and Windows Server 2016 Server Core installation. You can find more information about the KB5034767 for Windows Server 2016 on the relevant page.

Salient points

  • KB5034767 is for Windows 10 version 1607 for February 2024. The update is available for x86 and x64 platforms. This update supersedes KB5034119.
  • KB5034119 corresponds to Windows 10 build 14393.6614.
  • KB5034767 corresponds to Windows 10 build 14393.6709.
  • KB5034862 is the Servicing Stack Update corresponding to KB5034767 for Windows 10 version 1607. The SSU is available separately for x86 and x64 platforms.
  • KB5034862 was released in February 2024.
  • 33 security vulnerabilities affect Windows 10 version 1607 for x64 and x86 architectures.
  • One security vulnerability has a ‘CRITICAL’ severity level. It could lead to ‘Remote Code Execution’ attacks.

Download KB5034767 for Windows 10 version 1607

KB5034767 for Windows 10 version 1607 can be deployed through one of the following automated processes:

  • Windows Update
  • Windows Update for Business
  • WSUS or Windows Server Update Services

WSUS is the most preferred method to patch Windows 10 workstations with the latest cumulative updates.

For automated deployments, the Servicing Stack Update is installed automatically prior to the installation of the KB5034767 cumulative update. There is no system reboot after deploying the Servicing Stack Update.

KB5034767 can be applied on Windows 10 version 1607 in a manual approach. For this, you will need to follow a two-step process.

  1. Download and install the Servicing Stack Update KB5034862 on Windows 10 version 1607.
  2. Download and install KB5034767 cumulative update for Windows 10 version 1607.

We have shared both steps below.

You could download the offline installer files for the Servicing Stack Update and the cumulative update from the Microsoft Update Catalog site. Or, you could use the download links shared below to download the .MSU file directly.

Once you have installed the Servicing Stack Update, you can proceed with the installation of KB5034767 on Windows 10 version 1607. The download links for KB5034767 are specified below.

When you deploy KB5034767 on Windows 10 version 1607, your system will reboot or restart.

All changes of KB5034119 are included in KB5034767. If you did not install KB5034119, you can skip and install KB5034767. The SSU KB5034862 will be automatically installed as part of the KB5034767 cumulative update.

Vulnerabilities

Windows 10 version 1607 for x64 and x86 systems are affected by 33 security vulnerabilities. One of these vulnerabilities is a ‘CRITICAL’ vulnerability with the potential of the ‘Remote Code Execution’ attacks.

The vulnerability is shared below.

CRITICAL Vulnerability

There is a single CRITICAL security vulnerability affecting Windows Server 2016 and Windows Server 2016 Server Core installation. The CRITICAL vulnerability could lead to a ‘Security Feature Bypass’ impact on the server.

The single CRITICAL security vulnerability on Windows 10 version 1607 is listed below.

CVE details CVSS Severity Impact Description
CVE-2024-21357 7.5 CRITICAL Remote Code Execution This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.

Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.

Zero-day Vulnerability

The following zero-day vulnerability affects Windows 10 version 1607:

CVE details CVSS Severity Impact Description
CVE-2024-21351 7.6 IMPORTANT Security Feature Bypass When you download a file from the internet, Windows adds the zone identifier or Mark of the Web as an NTFS stream to the file. So, when you run the file, Windows SmartScreen checks if there is a zone identifier Alternate Data Stream (ADS) attached to the file. If the ADS indicates ZoneId=3 which means that the file was downloaded from the internet, the SmartScreen does a reputation check. 

An attacker who successfully exploited this vulnerability could bypass the SmartScreen user experience.

KB5034767 for Windows 10 version 1607 – Changelog

The following changes are part of the KB5034767 cumulative update for Windows 10 version 1607:

  • This update affects Unified Extensible Firmware Interface (UEFI) Secure Boot systems. It adds a renewed signing certificate to the Secure Boot DB variable. You can now opt for this change. For more details, see KB5036210.

  • This update addresses an issue that affects the download of device metadata. Downloads from the Windows Metadata and Internet Services (WMIS) over HTTPS are now more secure.

  • This update addresses security issues for your Windows operating system. 

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.