KB5058411 is the cumulative update for Windows Server 2025 version 24H2. It was released on 13 May 2025 under the ‘Patch Tuesday’ program.
Salient points
- KB5058411 supersedes April 2025 cumulative update KB5055523. It also includes all changes that are part of the preview update KB5055627 released on 25 April 2025.
- KB5058411 corresponds to build 26100.4061.
- 38 security vulnerabilities have been reported in May 2025 security bulletin for Windows Server 2025.
- 3 of these 38 vulnerabilities have CRITICAL severity level. Information about CRITICAL vulnerabilities is in the vulnerabities section below.
- There are 5 zero-day vulnerabilities that affect Windows Server 2025.Details of the zero-day vulnerabilities are shared below.
- KB5058411 also updates AI components, namely Image Search, Content Extraction and Semantic analysis.
- The Servicing Stack Update corresponding to KB5058411 is KB5058523 (26100.4060). It is in-built in the main cumulative update. Separate installation of the SSU or Servicing Stack is not needed.
Zero-day vulnerability
There are five zero-day vulnerabilities affecting Windows Server 2025 24H2 edition. The zero-day vulnerabilities are either publicly disclosed or have proven instances of exploitation.
| CVE | Title | Severity | CVSS | Type |
| CVE-2025-32701 | Windows Common Log File System Driver | Important | 7.8 | EoP |
| CVE-2025-32706 | Windows Common Log File System | Important | 7.8 | EoP |
| CVE-2025-32709 | Windows Ancillary Function Driver for WinSock | Important | 7.8 | EoP |
| CVE-2025-30397 | Scripting Engine | Important | 7.5 | Memory corruption |
| CVE-2025-30400 | Microsoft DWM Core Library | Important | 7.8 | EoP |
Critical vulnerabilities
The 3 CRITICAL vulnerabilities affecting Windows Server 2025 are shared below.
These vulnerabilities could lead to Remote Code Execution on unpatched servers.
| CVE | Title | CVSS | Type |
| CVE-2025-29833 | Microsoft Virtual Machine Bus (VMBus) | 7.1 | RCE |
| CVE-2025-29966 | Remote Desktop Client | 8.8 | RCE |
| CVE-2025-29967 | Remote Desktop Client | 8.8 | RCE |
(RCE is Remote Code Execution)
AI Components
The following AI components for Windows Server 2025 have been updated to the latest version 1.7.824.0:
- Image Search
- Content Extraction
- Semantic Analysis
Download KB5058411
You may download the offline installer file for KB5058411 from the catalog site link shared below:
The update file is available for x64 and ARM64 deployments. Upon installation of KB5058411, the server would restart. So, do plan as a structured change.
Changelog – KB5058411
The following changes or improvements are part of KB5058411 for Windows Server 2025:
- This update makes miscellaneous security improvements to internal OS functionality. No additional issues were documented for this release.
- This update addresses security issues for your Windows operating system.
- [Audio] Fixed: This update addresses an issue where the audio from your microphone might mute unexpectedly.
- [Eye controller] Fixed: The eye controller app doesn’t launch.
Simplifying technology, one step at a time.