KB5039214 for Windows 10 version 1607

KB5039214 is the cumulative update for Windows 10 version 1607. It was released on 11 June 2024 under the ‘Patch Tuesday’ project.

KB5039214 for Windows 10 is available for the following versions:

  • Windows 10 version 1607 for 32 bit systems
  • Windows 10 version 1607 for x64 systems
  • KB5039214 is a cumulative update that supersedes KB5037763 released on 14 May 2024.
  • KB5039214 corresponds to Windows 10 build 10.0.14393.7070 for version 1607.
  • KB5039334 is the Servicing Stack Update that corresponds to KB5039214. It is available for x86 and x64 deployments.
  • 22 security vulnerabilities affect Windows 10 version 1607 for x86 deployments.
  • 23 security vulnerabilities affect Windows 10 version 1607 for x64 deployments.
  • CVE-2024-30080 is the CRITICAL vulnerability that could cause ‘Remote Code Execution’ attacks. This is a CVSS 9.8 vulnerability affecting MSMQ or Microsoft Message Queuing. This vulnerability affects Windows 10 version 1607 x86 and x64 deployments.

KB5039214 can be installed automatically or manually. For automatic installations, you can install KB5039214 using one of the following methods:

  • Windows Update
  • Windows Update for Business
  • WSUS or Windows Server Update Services

For manual installations, you need to follow a two-step process:

  • Install KB5039334 on Windows 10 version 1607
  • Install KB5039214 on Windows 10 version 1607

The Servicing Stack will not cause a reboot.

Once the SSU has been installed, you can install the main cumulative update.

The main cumulative update will cause the Windows 10 workstation to reboot for applying the changes.

Windows 10 version 1607 x86 deployments are affected by 22 security vulnerabilities. Windows 10 version 1607 x64 deployments are affected by 23 security vulnerabilities. One of these vulnerabilities is a CRITICAL Remote Code Execution threat.

CVE-2024-30080 is a CRITICAL ‘Remote Code Execution’ vulnerability. It affects Windows 10 version 1607 for x86 and x64 deployments.

The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel. To determine if your system is susceptible, check to see if the MSMQ HTTP-Support feature is enabled and if there is a service running named Message Queuing on the machine.

To exploit this vulnerability, an attacker would need to send a series of specially crafted MSMQ packets in a rapid sequence over HTTP to a MSMQ server. This could result in remote code execution on the server side.

The following changes are part of the KB5039214 cumulative update:

  • This update addresses security issues for your Windows operating system. 
  • This update addresses an issue that affects lsass.exe. It stops responding. This occurs after you install the April 2024 security updates on Windows servers.
  • This update addresses an issue that affects lsass.exe. It leaks memory. This occurs during a Local Security Authority (Domain Policy) Remote Protocol (LSARPC) call.
Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.