KB5050009 is the cumulative update for Windows Server 2025 version 24H2. It was released on 14 January 2025 under the ‘Patch Tuesday’ program.
Salient points
- KB5050009 supersedes December 2024 cumulative update KB5048667.
- KB5050009 corresponds to server build 26100.2894. You will upgrade from 26100.2605 build released in December 2024.
- Windows Server 2025 is impacted by a zero-day vulnerability CVE-2024-49132.
- 125 security vulnerabilities have been reported in January 2025 security bulletin for Windows Server 2025. The number is high. But, it is inline with the numbers expected in January, after holidays.
- 8 of these 125 vulnerabilities have CRITICAL severity level.
- There is a CRITICAL vulnerability with CVSS score of 9.8. CVE-2025-21307 impacts Windows Reliable Multicast Transport Driver (RMCAST) and could lead to Remote Code Execution attacks.
- Another CRITICAL vulnerability with CVSS score of 9.8, CVE-2025-21311 impacts Windows NTLM V1 and could lead to Elevation of Privileges.
- Two zero-day vulnerabilities affect Windows Server 2025.
- Windows Themes Spoofing Vulnerability CVE-2025-21308 is a CVSS 6.5 vulnerability with a zero-day status. It impacts Windows Server 2025.
- CVE-2025-21275 is a CVSS 7.8 zero-day vulnerability affecting Windows App Package Installer and may result in Elevation of Privilege Vulnerability. It impacts Windows Server 2025.
- The Servicing Stack Update corresponding to KB5050009 is KB5050387 (26100.2890). It is in-built in the main cumulative update. Separate installation of the SSU or Servicing Stack is not needed.
Download KB5050009
You may download the offline installer file for KB5050009 from the catalog site link shared below:
- Download KB5050009 from the Microsoft Update Catalog (1016.6 MB)
Upon installation of KB5050009, the server would restart. So, do plan as a structured change.
Changelog – KB5050009
The following changes or improvements are part of KB5050009 for Windows Server 2025:
- This update makes miscellaneous security improvements to internal OS functionality. No additional issues were documented for this release.
- This update addresses security issues for your Windows operating system.
- [Windows Kernel Vulnerable Driver Blocklist file (DriverSiPolicy.p7b)] This update adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
Known issues
Microsoft has acknowledged and issue affecting January 2025 security update installation on Citrix environments.
- Devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update. For workarounds shared by Citrix, see Citrix’s documentation.
- A second known issue affects OpenSSH. Following the installation of the October 2024 security update, some customers report that the OpenSSH (Open Secure Shell) service fails to start, preventing SSH connections. For workaround instructions, please check the documentation or release notes for KB5050009.
Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.