KB5034768 for Windows 10 version 1809

KB5034768 is the cumulative update for Windows 10 version 1809. The update was released on 13 February 2024 as part of Microsoft’s ‘Patch Day’ initiative.

The KB5034768 cumulative update for Windows Server 2019 can be found on this page.

Salient points

  • KB5034768 for Windows 10 version 1809 is a cumulative update that supersedes the KB5034127 update released in January 2024.
  • KB5034127 corresponds to Windows 10 build 17763.5329.
  • KB5034768 corresponds to Windows 10 build 17763.5458.
  • The upgrade from KB5034127 to KB5034768 implies a transition from build 5329 to 5458.
  • KB5034768 installer files are available for x86, x64, and ARM64 system architecture.
  • Servicing Stack Update 17763.5441 corresponds to KB5034768 for Windows 10 version 1809. It is already built in the cumulative update. Separate installation of the latest Servicing Stack Update is not needed.
  • 38 security vulnerabilities affect Windows 10 version 1809 for x86, x64, and ARM64 systems. One of these vulnerabilities (CVE-2024-21357) has a ‘CRITICAL’ severity level.

Download KB5034768 for Windows 10 version 1809

We discuss the ways to install KB5034768 on Windows 10 version 1809 deployments.

You could use one of the following automated deployment processes for KB5034768 on Windows 10 version 1809:

  • Windows Update
  • Windows Update for Business
  • WSUS or Windows Server Update Services

WSUS remains the most preferred method to roll out Windows cumulative updates.

You can also install KB5034768 on Windows 10 version 1809 in a manual approach. For this, you will need to follow a two-step process.

  1. Check if you have KB5005112 Servicing Stack Update installed. If not, download the installer file for KB5005112.
  2. Download and install KB5034768 for Windows 10 version 1809 for x86, x64, or ARM64 editions. The SSU for Windows 10 is already built into the KB5034768 cumulative update.

We cover the download links for KB5005112 for Windows 10 version 1809 below.

KB5005112 was released in August 2021. So, we expect that this Servicing Stack Update will already be on your system. You could check the Windows Update History on the Windows 10 system to confirm the same.

Once the Servicing Stack Update has been installed, you can proceed with the installation of the main cumulative update KB5034768 on the Windows 10 version 1809 system.

KB5034768 will cause the Windows 10 version 1809 system to reboot. So, please plan the change as an organized change process.

Vulnerabilities

There are multiple security vulnerabilities affecting Windows 10 x86, x64, and ARM64 platforms. Windows 10 version 1809 for x86 and ARM64 systems are affected by a single CRITICAL vulnerability (CVE-2024-21357).

A brief description of the vulnerability is given below.

The single CRITICAL security vulnerability on Windows 10 version 1607 is listed below.

CVE detailsCVSSSeverityImpactDescription
CVE-2024-213577.5CRITICALRemote Code ExecutionThis attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.

Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.

A zero-day vulnerability also affects Windows 10 version 1809. The zero-day threat is given below.

CVE detailsCVSSSeverityImpactDescription
CVE-2024-213517.6IMPORTANTSecurity Feature BypassWhen you download a file from the internet, Windows adds the zone identifier or Mark of the Web as an NTFS stream to the file. So, when you run the file, Windows SmartScreen checks if there is a zone identifier Alternate Data Stream (ADS) attached to the file. If the ADS indicates ZoneId=3 which means that the file was downloaded from the internet, the SmartScreen does a reputation check. 

An attacker who successfully exploited this vulnerability could bypass the SmartScreen user experience.

Windows 10 version 1809 – KB5034768 Changelog

The following changes are part of the KB5034768 cumulative update for Windows 10 version 1809:

  • This update addresses an issue that affects the download of device metadata. Downloads from the Windows Metadata and Internet Services (WMIS) over HTTPS are now more secure.
  • This update addresses an issue that affects a local account. You cannot sign in to an account that Windows LAPS manages. This occurs if you set the “Require Smart Card for Interactive Logon” policy.
  • This update addresses an issue that affects Windows Management Instrumentation (WMI). A caching issue occurs. The issue causes CurrentTimeZone to change to the wrong value.
  • This update addresses an issue that affects the Windows nesting limit. You can now set it to a low of 35 instead of 50. This is the registry value in HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\USERNestedWindowLimit. To learn more, see What is the window nesting limit?. Do not change this limit unless a kernel stack overflow and a recursion in DestroyWindow() cause stop errors.
  • This update affects Unified Extensible Firmware Interface (UEFI) Secure Boot systems. It adds a renewed signing certificate to the Secure Boot DB variable. You can now opt for this change. For more details, see KB5036210.
  • This update includes quarterly changes to the Windows Kernel Vulnerable Driver Blocklist file, DriverSiPolicy.p7b. It adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
  • This update changes a setting in Active Directory Users & Computers. By default, the snap-in now uses a strong certificate mapping of X509IssuerSerialNumber. It does not use the weak mapping of x509IssuerSubject.
  • This update addresses an issue that affects the Local Security Authority Subsystem Service (LSASS). It might stop working. This occurs when you access the Active Directory database.

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.