KB5039225 for Windows 10 version 1507

KB5039225 is the cumulative update for Windows 10 x86 and x64 systems. The update is meant for the original release version (Windows 10 version 1507) of Windows 10. It was released on 11 June 2024 under the ‘Patch Tuesday’ project.

KB5039225 for Windows 10 is available for the following versions:

  • Windows 10 for 32 bit systems
  • Windows 10 for x64 systems
  • KB5039225 is a cumulative update that supersedes KB5037788 released on 14 May 2024.
  • KB5039225 corresponds to Windows 10 build 10.0.10240.20680 for version 1507.
  • KB5039337 is the Servicing Stack Update that corresponds to KB5039225. It is available for x86 and x64 deployments.
  • 22 security vulnerabilities affect Windows 10 x86 and x64 editions.
  • CVE-2024-30080 is the CRITICAL vulnerability that could cause ‘Remote Code Execution’ attacks. This is a CVSS 9.8 vulnerability affecting MSMQ or Microsoft Message Queuing.

KB5039225 can be installed automatically or manually. For automatic installations, you can install KB5039225 using one of the following methods:

  • Windows Update
  • Windows Update for Business
  • WSUS or Windows Server Update Services

For manual installations, you need to follow a two-step process:

  • Install KB5039337 on Windows 10
  • Install KB5039225 on Windows 10

The Servicing Stack will not cause a reboot.

Once the SSU has been installed, you can install the main cumulative update.

The main cumulative update will cause the Windows 10 workstation to reboot for applying the changes.

Windows 10 x86 and x64 deployments are affected by 22 security vulnerabilities. One of these vulnerabilities is a CRITICAL Remote Code Execution threat.

CVE-2024-30080 is a CRITICAL ‘Remote Code Execution’ vulnerability.

The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel. To determine if your system is susceptible, check to see if the MSMQ HTTP-Support feature is enabled and if there is a service running named Message Queuing on the machine.

To exploit this vulnerability, an attacker would need to send a series of specially crafted MSMQ packets in a rapid sequence over HTTP to a MSMQ server. This could result in remote code execution on the server side.

The following changes are part of the KB5039225 cumulative update:

  • This update addresses security issues for your Windows operating system. 
  • This update addresses an issue that affects lsass.exe. It stops responding. This occurs after you install the April 2024 security updates on Windows servers.
  • This update addresses an issue that affects lsass.exe. It leaks memory. This occurs during a Local Security Authority (Domain Policy) Remote Protocol (LSARPC) call.
Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.