KB5031377 is the cumulative update for Windows 10 x86 and x64 editions. It can also be called the cumulative update for Windows 10 version 1507. The update was released as part of the ‘Patch Tuesday’ project of Microsoft on 10 October 2023.
Salient points
- KB5031377 has now been superseded by KB5032199. You can read more about it on this page.
- KB5031377 is a cumulative update that supersedes KB5030220. KB5030220 was released in September 2023.
- KB5031377 corresponds to Windows 10 build 10240.20232.
- KB5030220 corresponds to Windows 10 build 10240.20162.
- KB5031466 is the latest Servicing Stack Update that corresponds to KB5031377. KB5031466 was released on 10 October 2023.
- 60 security vulnerabilities affect Windows 10 32-bit systems. 11 of these threats are ‘CRITICAL’ severity vulnerabilities.
- 62 security vulnerabilities affect Windows 10 x64 or 64-bit systems. 12 of these threats are ‘CRITICAL’ severity vulnerabilities.
- Two zero-day threats affecting Windows 10 x86 and x64 systems are mentioned in the vulnerability section.
Download KB5031377
KB5031377 can be applied automatically using one of the following methods:
- Windows Update
- Windows Update for Business
- WSUS or Windows Server Update Services
WSUS remains the most preferred method of rollout updates on Windows servers and workstations.
As part of the automated deployment, the latest Servicing Stack Update KB5031466 will be installed automatically as part of the Windows Update process.
You can also apply KB5031377 manually. For manual application, you need to follow a two-step process.
- Download and install Servicing Stack Update KB5031466
- Download and install KB5031377 cumulative update
The Servicing Stack Update and Cumulative Updates are available as offline installer files. You can download these offline installer files using the Microsoft Update Catalog site. Or, alternatively, you could use the direct download links shared below to download the offline installer files.
Download Servicing Stack Update KB5031466
- Download KB5031466 from the Microsoft Update Catalog site.
- Direct download link for KB5031466 for x86 or 32-bit systems – the file size is 5.3 MB only.
- Direct download link for KB5031466 for x64 or 64-bit systems – the file size is 11.7 MB only.
Upon installation, the Servicing Stack Updates do not cause the system to reboot.
Download cumulative update KB5031377
- Download KB5031377 from the Microsoft Update Catalog site
- Direct download link for KB5031377 for x86 editions – the file size is 726.7 MB.
- Direct download link for KB5031377 for x64 systems – the file size is 1239.6 MB.
The cumulative update will cause the system to reboot. So, it is also suggested, that the change is implemented as part of an organized change process.
Vulnerabilities
Windows 10 x86 edition is affected by 60 security vulnerabilities. 11 of these are CRITICAL vulnerabilities.
Windows 10 x64 edition is affected by 62 security vulnerabilities. 12 of these are CRITICAL vulnerabilities.
We have also discussed the two zero-day threats that affect Windows 10 x86 and x64 systems.
Zero-day vulnerabilities
The two zero-day threats affecting Windows 10 x86 and x64 systems are mentioned below:
| CVE Vulnerability | Severity | CVSS Score | Impact | Comments |
|---|---|---|---|---|
| CVE-2023-36563 | IMPORTANT | 6.5 | Information Disclosure | Exploiting this vulnerability could allow the disclosure of NTLM hashes. |
| CVE-2023-44487 | IMPORTANT | 6.5 | Denial of Service | HTTP/2 Rapid Reset Attack |
For CVE-2023-44487, you could also limit the number of HTTP/2 connections using the new registry entry. This registry entry gets added after installing KB5031377.
| Registry key | Default value | Valid value range | Registry key function |
| Http2MaxClientResetsPerMinute | 500 | 0–65535 | Sets the allowed number of resets (RST_STREAMS) per minute for a connection. When you reach this limit, the connection ends. |
CRITICAL vulnerabilities
There are 12 security vulnerabilities with CRITICAL severity levels for Windows 10 x64 systems. All these threats are of ‘Remote Code Execution’ impact. These vulnerabilities are shared below.
| CVE Details | CVSS Score | Comments |
|---|---|---|
| CVE-2023-35349 | 9.8 | This vulnerability affects the Microsoft Message Queuing. Successful exploitation of this vulnerability could allow an unauthenticated attacker to remotely execute code on the target server. |
| CVE-2023-36697 | 6.8 | This vulnerability affects the Microsoft Message Queuing. Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server |
| CVE-2023-36718 | 7.8 | This vulnerability could lead to a contained execution environment escape on the Microsoft Virtual Trusted Platform Module. |
| CVE-2023-41774 | 8.1 | This vulnerability affects the Layer 2 Tunneling protocol. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
| CVE-2023-41773 | 8.1 | This vulnerability affects the Layer 2 Tunneling protocol. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
| CVE-2023-41771 | 8.1 | This vulnerability affects the Layer 2 Tunneling protocol. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
| CVE-2023-41770 | 8.1 | This vulnerability affects the Layer 2 Tunneling protocol. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
| CVE-2023-41769 | 8.1 | This vulnerability affects the Layer 2 Tunneling protocol. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
| CVE-2023-41768 | 8.1 | This vulnerability affects the Layer 2 Tunneling protocol. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
| CVE-2023-41767 | 8.1 | This vulnerability affects the Layer 2 Tunneling protocol. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
| CVE-2023-41765 | 8.1 | This vulnerability affects the Layer 2 Tunneling protocol. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
| CVE-2023-38166 | 8.1 | This vulnerability affects the Layer 2 Tunneling protocol. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
IIS Vulnerability
There is a CVSS 9.8 vulnerability on the IIS Server running on Windows 10 or Windows 10 version 1507. This vulnerability has an IMPORTANT severity level. The details of the vulnerability are shared below:
| CVE Vulnerability | Severity | CVSS Score | Impact | Comments |
|---|---|---|---|---|
| CVE-2023-36434 | IMPORTANT | 9.8 | Elevation of Privileges | In a network-based attack, an attacker could brute force user account passwords to log in as that user. Microsoft suggests using complex or strong passwords to protect against this vulnerability. |
KB5031377 – Changelog
The following changes or improvements are part of the KB5031377 cumulative update for Windows 10:
- This update changes the spelling of Ukraine’s capital from Kiev to Kyiv.
- This update addresses an issue that affects external binding. It fails. This occurs after you install Windows updates dated May 2023 or later. Because of this, there are issues that affect LDAP queries and authentication.
- This update supports daylight saving time (DST) changes in Greenland.
- This update addresses security issues for your Windows operating system
October 2023 Security Updates
You may be interested in reading more about other October 2023 security or cumulative updates shared below:
- Windows 10 – KB5031377 Cumulative Update
- Windows 10 version 1809 – KB5031361
- Windows 10 version 1607 – KB5031362
- KB5031358 Cumulative Update for Windows 11 version 21H2
- KB5029377 Security Update for SQL Server 2019 GDR
- KB5031354 Cumulative Update for Windows 11 version 22H2
- KB5031356 for Windows 10
- KB5031901 Update for .NET 7.0
- KB5031407 Security Update for Windows Server 2012 R2
- KB5031427 Security Update for Windows Server 2012
- KB5031419 Monthly Rollup for Windows Server 2012 R2
- KB5031442 Monthly Rollup Update for Windows Server 2012
- KB5031364 Cumulative Update for Windows Server 2022
- KB5031362 Cumulative Update for Windows Server 2016
- KB5031361 Cumulative Update for Windows Server 2019
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.