KB5035855 is a cumulative update for Windows Server 2016 and Windows Server 2016 Server Core installation. The update was released on 12 March 2024 as part of Microsoft’s ‘Patch Tuesday’ project.
Salient points
- KB5035855 is a cumulative update that supersedes the KB5034767 cumulative update.
- KB5034767 was released on 13 February 2024 and you can read more about it on this KB5034767 page.
- KB5034767 corresponds to server build 14393.6709.
- KB5035855 corresponds to server build 14393.6796. If you had installed KB5034767, you would be transitioning from build 6709 to 6796 when installing KB5035855.
- KB5035962 is the Servicing Stack Update that needs to be installed before installing KB5035855. KB5035962 is the latest Servicing Stack update for Windows Server 2016 released on 12 March 2024.
- 31 security vulnerabilities have been reported for Windows Server 2016 in the March 2024 security bulletin released by Microsoft.
- Two of these security vulnerabilities have a CRITICAL severity level for Windows Server 2016.
Download KB5035855
KB5035855 can be applied automatically using one of the following methods:
- Windows Update
- Windows Update for Business
- WSUS or Windows Server Update Services
WSUS remains the most preferred method to automatically deploy security and cumulative updates.
For automated deployments, the Servicing Stack Update KB5035962 will be automatically installed before KB5035855 is installed on Windows Server 2016.
For manual deployment of KB5035855, you will need to follow a 2-step process.
- Download and install KB5035962 Servicing Stack Update. This is the latest Servicing Stack Update for Windows Server 2016 released in March 2024.
- Download and install the KB5035855 cumulative update.
The download for the Servicing Stack Update and the cumulative update can be completed from the Microsoft Update Catalog site. The installer is available as an offline installer file in the .MSU format.
Download KB5035962
The size of the Servicing Stack Update file is 11.7 MB. The server will not restart after installing the SSU.
Download KB5035855
KB5035855 for Windows Server 2016 can be downloaded from the Microsoft Update Catalog site. Or, you could use the direct download link below.
The size of the cumulative update KB5035855 is 1627.4 MB. KB5035855 will cause a server reboot. Please plan for implementation as part of an organized change management process.
Vulnerabilities
31 security vulnerabilities affect Windows Server 2016 as part of the March 2024 security reports. Two of these vulnerabilities have a CRITICAL severity vulnerability.
We have listed the CRITICAL vulnerabilities for Windows Server 2016 below.
CRITICAL Vulnerability
There are two CRITICAL security vulnerabilities affecting Windows Server 2016 and Windows Server 2016 Server Core installation. The CRITICAL vulnerabilities could lead to a ‘Remote Code Execution’ and ‘Denial of Service’ impact on the server.
The two CRITICAL security vulnerabilities on Windows Server 2016 are listed below.
| CVE details | CVSS | Impact | Description |
|---|---|---|---|
| CVE-2024-21407 | 8.1 | Remote Code Execution | The threat affects Windows Hyper-V. This vulnerability would require an authenticated attacker on a guest VM to send specially crafted file operation requests on the VM to hardware resources on the VM which could result in remote code execution on the host server. Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment. |
| CVE-2024-21408 | 5.5 | Denial of Service | This Denial of service threat affects Windows Hyper-V. |
KB5035855 Changelog
The following changes or improvements are part of the KB5035855 cumulative update for Windows Server 2016:
- This update addresses security issues for your Windows operating system.
- This update makes miscellaneous security improvements to internal OS functionality. No additional issues were documented for this release.
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.