KB5049993 for Windows Server 2016 – January 2025

KB5049993 is the cumulative update for Windows Server 2016 and Windows Server 2016 Server Core installation. It was released on 14 January, 2024 under the ‘Patch Tuesday’ release cycle.

Salient points

  • KB5049993 supersedes December 2024 cumulative update KB5048671.
  • KB5049993 corresponds to server build 14393.7699.
  • Windows Server 2016 is impacted by a zero-day vulnerability CVE-2024-49132 (detailed shared in brief below)
  • 110 security vulnerabilities have been reported for Windows Server 2016 in January 2025.
  • 7 of these vulnerabilities have CRITICAL severity.
  • There is a CRITICAL vulnerability with CVSS score of 9.8. CVE-2025-21307 impacts Windows Reliable Multicast Transport Driver (RMCAST) and could lead to Remote Code Execution attacks.
  • A zero-day vulnerability CVE-2025-21308 also affects Windows Server 2016. It is a Windows Theme Spoofing vulnerability with CVSS score of 6.5.
  • The Servicing Stack Update corresponding to KB5049993 is KB5050109. This SSU was released in January 2025. For automated deployments, it is included in the main cumulative update. For manual patching, you will need to download and install the SSU KB5050109 before installing KB5049993.
  • To install any LCU dated January 14, 2025 and later, you must first install the SSU KB5050109. If your device or offline image does not have this SSU, you cannot install LCUs dated January 14, 2025 and later. If you are a WSUS admin, you must approve KB5050109 and KB5049993​​​​​​​.

Servicing Stack Update KB5050109

KB5050109 is the Servicing Stack Update (SSU) for Windows Server 2016. For automated deployments of KB5049993, KB5050109 is automatically offered for installation as part of the installation of the main cumulative update.

For manual installations of KB5049993, you would need to download and install KB5050109 before installing KB5049993.

You can download the SSU KB5040109 from the Microsoft Update Catalog page:

Installing the Servicing Stack Update would not cause the server to reboot or restart. So, you could directly proceed with the installation of the main cumulative update for Windows Server 2016.

Download KB5059993

You may download the offline installer file for KB5059993 from the catalog site link shared below:

Upon installation of KB5049993, the server would restart.

Changelog – KB5049993

The following changes or improvements are part of KB5049993 for Windows Server 2016:

  • [Windows Kernel Vulnerable Driver Blocklist file (DriverSiPolicy.p7b)] This update adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
  • This update makes miscellaneous security improvements to internal OS functionality. No additional issues were documented for this release.
Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.