KB5039211 for Windows 10

KB5039211 is the cumulative update for Windows 10 released on 11 June 2024. This is a cumulative update for the 21H2 and 22H2 versions of Windows 10.

KB5039211 is available for the following Windows 10 versions:

  • Windows 10 Enterprise and Education, version 21H2 
  • Windows 10 IoT Enterprise, version 21H2 
  • Windows 10 Enterprise Multi-Session, version 21H2 
  • Windows 10, version 22H2, all editions 
  • Windows 10 Enterprise LTSC 2021 
  • Windows 10 IoT Enterprise LTSC 2021
  • KB5039211 is a cumulative update and it supersedes KB5037768 released in May 2024.
  • KB5039211 also contains all changes part of the preview update KB5037849.
  • If you have already installed KB5037768 and KB5037849, only the incremental changes of KB5039211 will be applied to Windows 10 workstations.
  • KB5039211 corresponds to OS Builds 19044.4529 and 19045.4529 for Windows 10 21H2 and 22H2 versions respectively.
  • KB5037995 is the Servicing Stack Update that corresponds to KB5039211. It contains SSU files versions 19044.4467 and 19045.4467 for Windows 10 21H2 and 22H2 versions respectively.
  • 27 security vulnerabilities affect x64 deployments of Windows 10 versions 21H2 and 22H2.
  • 26 security vulnerabilities affect x86 and ARM64 deployments of Windows 10 versions 21H2 and 22H2.
  • CVE-2024-30080 is a CVSS 9.8 CRITICAL Remote Code Execution vulnerability affecting all deployments of Windows 10 21H2 and 22H2.

You could install KB5039211 automatically using one of the following methods:

  • Windows Update
  • Windows Update for Business
  • WSUS or Windows Server Update Services

For manual deployments, you would need to follow a single-step process:

    You will need to download the offline installer file based on the following criteria:

    1. x64, x86 or ARM64 deployments
    2. Windows 10 versions 21H2 or 22H2

    The Servicing Stack Update KB5037995 is included in the main cumulative update. Separate installation of KB5037995 is not required. Once you have installed KB5039211, your Windows 10 workstation will reboot.

    The x64 deployments of Windows 10 21H2 and 22H2 are affected by 27 security vulnerabilities.

    The x86 and ARM64 deployments of Windows 10 21H2 and 22H2 are affected by 26 security vulnerabilities.

    Our focus is on the CRITICAL vulnerability CVE-2024-30080.

    CVE-2024-30080 is a CRITICAL ‘Remote Code Execution’ vulnerability.

    The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel. To determine if your system is susceptible, check to see if the MSMQ HTTP-Support feature is enabled and if there is a service running named Message Queuing on the machine.

    To exploit this vulnerability, an attacker would need to send a series of specially crafted MSMQ packets in a rapid sequence over HTTP to a MSMQ server. This could result in remote code execution on the server side.

    The following changes are part of the KB5039211 cumulative update:

    • This update resolves security issues in Windows 10 21H2 and 22H2 versions.
    • This update addresses an issue that affects lsass.exe. It stops responding. This occurs after you install the April 2024 security updates on Windows servers.
    • This update addresses an issue that affects lsass.exe. It leaks memory. This occurs during a Local Security Authority (Domain Policy) Remote Protocol (LSARPC) call.
    Rajesh Dhawan

    Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.