KB5035849 Cumulative Update for Windows Server 2019

KB5035849 is a cumulative update for Windows Server 2019 and Windows Server 2019 Server Core installation. The update was released on 12 March 2024 as part of the ‘Patch Tuesday’ project of Microsoft.

  • KB5035849 is a cumulative update that supersedes the KB5034768 cumulative update.
  • KB5034768 was released on 13 February 2024. You can read more about it on the KB5034768 page.
  • KB5034768 corresponds to server build OS Build 17763.5576
  • KB5034768 corresponds to build 17763.5458. If you had installed KB5034768, you would be transitioning from build 5458 to server build 5576.
  • KB5005112 is the Servicing Stack Update that needs to be installed before installing KB5035849. KB5005112 was released in August 2021. There is a high likelihood of the SSU being already installed on the server. If KB5005112 is already installed, you can skip to direct installation of KB5035849.
  • 33 security vulnerabilities have been reported for Windows Server 2019 in the March 2024 security bulletin released by Microsoft.
  • Two of these security vulnerabilities have a CRITICAL severity level. These vulnerabilities are listed below.

KB5035849 can be applied automatically using one of the following methods:

  • Windows Update
  • Windows Update for Business
  • WSUS or Windows Server Update Services

WSUS remains the most preferred method to deploy security and cumulative updates automatically.

For manual deployment of KB5035849, you will need to follow a 2-step process.

  • Ensure Servicing Stack Update KB5005112 is already installed. If not, download and install KB5005112.
  • Download and install KB5035849 cumulative update.

The download for the Servicing Stack Update and the cumulative update can be completed from the Microsoft Update Catalog site. The installer is available as offline installer file in the .MSU format.

The size of the Servicing Stack Update file is 13.8 MB. The server will not restart after installing the SSU.

KB5035849 for Windows Server 2019 can be downloaded from the Microsoft Update Catalog site. Or, you could use the direct download link below.

The size of the cumulative update KB5035849 is 645.1 MB. KB5035849 will cause a server reboot. Please plan for implementation as part of an organized change management process.

If you have already installed KB5034768, only incremental changes of KB5035849 will be downloaded and installed on the server. This will be a quick process.

33 security vulnerabilities affect Windows Server 2019 as part of the March 2024 security reports. Two of these vulnerabilities have a CRITICAL severity vulnerability.

We have listed the CRITICAL vulnerabilities for Windows Server 2019 below.

Windows Server 2019 is impacted by two CRITICAL vulnerabilities. The CRITICAL security vulnerabilities on Windows Server 2019 are listed below.

CVE detailsCVSSImpact Description
CVE-2024-214078.1Remote Code ExecutionThe threat affects Windows Hyper-V.

This vulnerability would require an authenticated attacker on a guest VM to send specially crafted file operation requests on the VM to hardware resources on the VM which could result in remote code execution on the host server.

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.
CVE-2024-214085.5Denial of ServiceThis Denial of service threat affects Windows Hyper-V.

The following changes or improvements are part of the KB5035849 cumulative update for Windows Server 2019:

  • This update addresses security issues for your Windows operating system. 
  • This update addresses an issue that affects the touch keyboard. Sometimes it does not open.
  • The update affects Active Directory domains that host mobile device management (MDM) providers. They can transition from “Compatibility mode” to the strong certificate mapping “Enforcement mode.” To do this, they can allow an Active Directory Key Distribution Center (KDC) to read user security identifiers (SID) from the Subject Alternative Name (SAN). Then, the providers can populate those values. To learn more, see:
Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.