KB5034767 is the monthly cumulative update for Windows 10 version 1607. This update was released on 13 February 2024 under the ‘Patch Tuesday’ project.
KB5034767 has also been released for Windows Server 2016 and Windows Server 2016 Server Core installation. You can find more information about the KB5034767 for Windows Server 2016 on the relevant page.
Salient points
- KB5034767 is for Windows 10 version 1607 for February 2024. The update is available for x86 and x64 platforms. This update supersedes KB5034119.
- KB5034119 corresponds to Windows 10 build 14393.6614.
- KB5034767 corresponds to Windows 10 build 14393.6709.
- KB5034862 is the Servicing Stack Update corresponding to KB5034767 for Windows 10 version 1607. The SSU is available separately for x86 and x64 platforms.
- KB5034862 was released in February 2024.
- 33 security vulnerabilities affect Windows 10 version 1607 for x64 and x86 architectures.
- One security vulnerability has a ‘CRITICAL’ severity level. It could lead to ‘Remote Code Execution’ attacks.
Download KB5034767 for Windows 10 version 1607
KB5034767 for Windows 10 version 1607 can be deployed through one of the following automated processes:
- Windows Update
- Windows Update for Business
- WSUS or Windows Server Update Services
WSUS is the most preferred method to patch Windows 10 workstations with the latest cumulative updates.
For automated deployments, the Servicing Stack Update is installed automatically prior to the installation of the KB5034767 cumulative update. There is no system reboot after deploying the Servicing Stack Update.
KB5034767 can be applied on Windows 10 version 1607 in a manual approach. For this, you will need to follow a two-step process.
- Download and install the Servicing Stack Update KB5034862 on Windows 10 version 1607.
- Download and install KB5034767 cumulative update for Windows 10 version 1607.
We have shared both steps below.
You could download the offline installer files for the Servicing Stack Update and the cumulative update from the Microsoft Update Catalog site. Or, you could use the download links shared below to download the .MSU file directly.
- Download KB5034862 Servicing Stack Update for Windows 10 version 1607
- Download KB5034862 for Windows 10 version 1607 for x86 edition – the size of this update is 5.4 MB.
- Download KB5034862 for Windows 10 version 1607 for x64 edition – the size of this update is 11.7 MB.
Once you have installed the Servicing Stack Update, you can proceed with the installation of KB5034767 on Windows 10 version 1607. The download links for KB5034767 are specified below.
- Download KB5034767 for Windows 10 version 1607 from Microsoft Update Catalog
- Direct Download KB5034767 for Windows 10 version 1607 x86 edition – the size of the update file is 909 MB.
- Direct Download KB5034767 for Windows 10 version 1607 x64 edition – the size of the update file is 1627.1 MB.
When you deploy KB5034767 on Windows 10 version 1607, your system will reboot or restart.
All changes of KB5034119 are included in KB5034767. If you did not install KB5034119, you can skip and install KB5034767. The SSU KB5034862 will be automatically installed as part of the KB5034767 cumulative update.
Vulnerabilities
Windows 10 version 1607 for x64 and x86 systems are affected by 33 security vulnerabilities. One of these vulnerabilities is a ‘CRITICAL’ vulnerability with the potential of the ‘Remote Code Execution’ attacks.
The vulnerability is shared below.
CRITICAL Vulnerability
There is a single CRITICAL security vulnerability affecting Windows Server 2016 and Windows Server 2016 Server Core installation. The CRITICAL vulnerability could lead to a ‘Security Feature Bypass’ impact on the server.
The single CRITICAL security vulnerability on Windows 10 version 1607 is listed below.
CVE details | CVSS | Severity | Impact | Description |
---|---|---|---|---|
CVE-2024-21357 | 7.5 | CRITICAL | Remote Code Execution | This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. |
Zero-day Vulnerability
The following zero-day vulnerability affects Windows 10 version 1607:
CVE details | CVSS | Severity | Impact | Description |
---|---|---|---|---|
CVE-2024-21351 | 7.6 | IMPORTANT | Security Feature Bypass | When you download a file from the internet, Windows adds the zone identifier or Mark of the Web as an NTFS stream to the file. So, when you run the file, Windows SmartScreen checks if there is a zone identifier Alternate Data Stream (ADS) attached to the file. If the ADS indicates ZoneId=3 which means that the file was downloaded from the internet, the SmartScreen does a reputation check. An attacker who successfully exploited this vulnerability could bypass the SmartScreen user experience. |
KB5034767 for Windows 10 version 1607 – Changelog
The following changes are part of the KB5034767 cumulative update for Windows 10 version 1607:
-
This update affects Unified Extensible Firmware Interface (UEFI) Secure Boot systems. It adds a renewed signing certificate to the Secure Boot DB variable. You can now opt for this change. For more details, see KB5036210.
-
This update addresses an issue that affects the download of device metadata. Downloads from the Windows Metadata and Internet Services (WMIS) over HTTPS are now more secure.
- This update addresses security issues for your Windows operating system.
January 2024 Cumulative or Security Updates
- KB5034119 Cumulative Update for Windows Server 2016
- KB5034127 Cumulative Update for Windows Server 2019
- KB5034129 Cumulative Update for Windows Server 2022
- KB5034130 for Windows Server 2022 23H2 edition
- KB5034171 Monthly Rollup (ESU) for Windows Server 2012 R2
- KB5034184 Monthly Rollup Update (ESU) for Windows Server 2012
- KB5034121 Cumulative Update for Windows 11 21H2
- KB5034123 for Windows 11 22H2 and 23H2
- KB5034134 for Windows 10 – Jan 2024
December 2023 Cumulative or Security Updates
- KB5033371 for Windows 10 version 1809
- KB5033373 for Windows 10 version 1607
- KB5033379 for Windows 10
- KB5033372 for Windows 10 21H2 and 22H2
- KB5033375 Cumulative Update for Windows 11 22H2 and 23H2
- KB5033369 Cumulative Update for Windows 11 21H2
- KB5033420 Monthly Rollup Update for Windows Server 2012 R2
- KB5033429 Monthly Rollup Update for Windows Server 2012
- KB5033383 Cumulative Update for Windows Server 2022
- KB5033118 Cumulative Update for Windows Server 2022
- KB5033371 Cumulative Update for Windows Server 2019
- KB5033373 Cumulative Update for Windows Server 2016
- Microsoft Edge upgrades to version 120.0.2210.61
Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.