KB5035849 is a cumulative update for Windows Server 2019 and Windows Server 2019 Server Core installation. The update was released on 12 March 2024 as part of the ‘Patch Tuesday’ project of Microsoft.
Salient points
- KB5035849 is a cumulative update that supersedes the KB5034768 cumulative update.
- KB5034768 was released on 13 February 2024. You can read more about it on the KB5034768 page.
- KB5034768 corresponds to server build OS Build 17763.5576
- KB5034768 corresponds to build 17763.5458. If you had installed KB5034768, you would be transitioning from build 5458 to server build 5576.
- KB5005112 is the Servicing Stack Update that needs to be installed before installing KB5035849. KB5005112 was released in August 2021. There is a high likelihood of the SSU being already installed on the server. If KB5005112 is already installed, you can skip to direct installation of KB5035849.
- 33 security vulnerabilities have been reported for Windows Server 2019 in the March 2024 security bulletin released by Microsoft.
- Two of these security vulnerabilities have a CRITICAL severity level. These vulnerabilities are listed below.
Download KB5035849
KB5035849 can be applied automatically using one of the following methods:
- Windows Update
- Windows Update for Business
- WSUS or Windows Server Update Services
WSUS remains the most preferred method to deploy security and cumulative updates automatically.
For manual deployment of KB5035849, you will need to follow a 2-step process.
- Ensure Servicing Stack Update KB5005112 is already installed. If not, download and install KB5005112.
- Download and install KB5035849 cumulative update.
The download for the Servicing Stack Update and the cumulative update can be completed from the Microsoft Update Catalog site. The installer is available as offline installer file in the .MSU format.
Download KB5005112
The size of the Servicing Stack Update file is 13.8 MB. The server will not restart after installing the SSU.
Download KB5035849
KB5035849 for Windows Server 2019 can be downloaded from the Microsoft Update Catalog site. Or, you could use the direct download link below.
- Download KB5035849 from the Microsoft Update Catalog site
- Direct download link for KB5035849 for x64 systems
The size of the cumulative update KB5035849 is 645.1 MB. KB5035849 will cause a server reboot. Please plan for implementation as part of an organized change management process.
If you have already installed KB5034768, only incremental changes of KB5035849 will be downloaded and installed on the server. This will be a quick process.
Vulnerabilities
33 security vulnerabilities affect Windows Server 2019 as part of the March 2024 security reports. Two of these vulnerabilities have a CRITICAL severity vulnerability.
We have listed the CRITICAL vulnerabilities for Windows Server 2019 below.
CRITICAL vulnerabilities
Windows Server 2019 is impacted by two CRITICAL vulnerabilities. The CRITICAL security vulnerabilities on Windows Server 2019 are listed below.
| CVE details | CVSS | Impact | Description |
|---|---|---|---|
| CVE-2024-21407 | 8.1 | Remote Code Execution | The threat affects Windows Hyper-V. This vulnerability would require an authenticated attacker on a guest VM to send specially crafted file operation requests on the VM to hardware resources on the VM which could result in remote code execution on the host server. Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment. |
| CVE-2024-21408 | 5.5 | Denial of Service | This Denial of service threat affects Windows Hyper-V. |
KB5035849 Changelog
The following changes or improvements are part of the KB5035849 cumulative update for Windows Server 2019:
- This update addresses security issues for your Windows operating system.
- This update addresses an issue that affects the touch keyboard. Sometimes it does not open.
- The update affects Active Directory domains that host mobile device management (MDM) providers. They can transition from “Compatibility mode” to the strong certificate mapping “Enforcement mode.” To do this, they can allow an Active Directory Key Distribution Center (KDC) to read user security identifiers (SID) from the Subject Alternative Name (SAN). Then, the providers can populate those values. To learn more, see:
- KB5014754: Certificate-based authentication changes on Windows domain controllers
- Preview of SAN URI for Certificate Strong Mapping for KB5014754
- CVE-2022-34691, CVE-2022-26931, and CVE-2022-26923
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.