KB5048671 for Windows Server 2016 – December 2024

KB5048671 is the cumulative update for Windows Server 2016 and Windows Server 2016 Server Core installation. It was released on 10 December, 2024 under the ‘Patch Tuesday’ release cycle.

Salient points

  • KB5048671 supersedes November 2024 cumulative update KB5046612.
  • KB5048671 corresponds to server build 14393.7606.
  • Windows Server 2016 is impacted by a zero-day vulnerability CVE-2024-49132 (detailed shared in brief below)
  • 34 security vulnerabilities have been reported for Windows Server 2016 in December 2024.
  • 16 of these vulnerabilities have CRITICAL severity.
  • There is a CRITICAL vulnerability with CVSS score of 9.8. CVE-2024-49112 impacts Windows Lightweight Directory Access Protocol (LDAP) and could lead to Remote Code Execution attacks.
  • Windows Server 2016 is impacted by a zero-day vulnerability CVE-2024-49132. This is a ‘Remote Code Execution’ vulnerability impacting the Remote Desktop Services.
  • The Servicing Stack Update corresponding to KB5048661 is KB5043124. This SSU was released in November 2024. No new SSU has been pushed out in December 2024. Read the SSU section for more details about installation.

Servicing Stack Update KB5043124

KB5043124 is the Servicing Stack Update (SSU) for Windows Server 2016. For automated deployments of KB5048671, KB5043124 is automatically offered for installation as part of the installation of the main cumulative update.

For manual installations of KB5048671, you would need to download and install KB5043124 before installing KB5048671.

You can download the SSU KB5043124 from the Microsoft Update Catalog page:

Installing the Servicing Stack Update would not cause the server to reboot or restart. So, you could directly proceed with the installation of the main cumulative update for Windows Server 2016.

Download KB5048671

You may download the offline installer file for KB5048671 from the catalog site link shared below:

Upon installation of KB5048671, the server would restart.

Changelog – KB5048671

The following changes or improvements are part of KB5048671 for Windows Server 2016:

  • This update makes miscellaneous security improvements to internal OS functionality. No additional issues were documented for this release.
Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.