Windows 10 – KB5031377 Cumulative Update

This content has been archived. But, the content is true and relevant to the underlying technology products or infrastructure services.

KB5031377 is the cumulative update for Windows 10 x86 and x64 editions. It can also be called the cumulative update for Windows 10 version 1507. The update was released as part of the ‘Patch Tuesday’ project of Microsoft on 10 October 2023.

Salient points

  • KB5031377 has now been superseded by KB5032199. You can read more about it on this page.
  • KB5031377 is a cumulative update that supersedes KB5030220. KB5030220 was released in September 2023.
  • KB5031377 corresponds to Windows 10 build 10240.20232.
  • KB5030220 corresponds to Windows 10 build 10240.20162.
  • KB5031466 is the latest Servicing Stack Update that corresponds to KB5031377. KB5031466 was released on 10 October 2023.
  • 60 security vulnerabilities affect Windows 10 32-bit systems. 11 of these threats are ‘CRITICAL’ severity vulnerabilities.
  • 62 security vulnerabilities affect Windows 10 x64 or 64-bit systems. 12 of these threats are ‘CRITICAL’ severity vulnerabilities.
  • Two zero-day threats affecting Windows 10 x86 and x64 systems are mentioned in the vulnerability section.

Download KB5031377

KB5031377 can be applied automatically using one of the following methods:

  • Windows Update
  • Windows Update for Business
  • WSUS or Windows Server Update Services

WSUS remains the most preferred method of rollout updates on Windows servers and workstations.

As part of the automated deployment, the latest Servicing Stack Update KB5031466 will be installed automatically as part of the Windows Update process.

You can also apply KB5031377 manually. For manual application, you need to follow a two-step process.

  1. Download and install Servicing Stack Update KB5031466
  2. Download and install KB5031377 cumulative update

The Servicing Stack Update and Cumulative Updates are available as offline installer files. You can download these offline installer files using the Microsoft Update Catalog site. Or, alternatively, you could use the direct download links shared below to download the offline installer files.

Download Servicing Stack Update KB5031466

Upon installation, the Servicing Stack Updates do not cause the system to reboot.

Download cumulative update KB5031377

The cumulative update will cause the system to reboot. So, it is also suggested, that the change is implemented as part of an organized change process.

Vulnerabilities

Windows 10 x86 edition is affected by 60 security vulnerabilities. 11 of these are CRITICAL vulnerabilities.

Windows 10 x64 edition is affected by 62 security vulnerabilities. 12 of these are CRITICAL vulnerabilities.

We have also discussed the two zero-day threats that affect Windows 10 x86 and x64 systems.

Zero-day vulnerabilities

The two zero-day threats affecting Windows 10 x86 and x64 systems are mentioned below:

CVE VulnerabilitySeverityCVSS ScoreImpactComments
CVE-2023-36563IMPORTANT6.5Information DisclosureExploiting this vulnerability could allow the disclosure of NTLM hashes.
CVE-2023-44487IMPORTANT6.5Denial of ServiceHTTP/2 Rapid Reset Attack

For CVE-2023-44487, you could also limit the number of HTTP/2 connections using the new registry entry. This registry entry gets added after installing KB5031377.

Registry keyDefault valueValid value rangeRegistry key function
Http2MaxClientResetsPerMinute5000–65535Sets the allowed number of resets (RST_STREAMS) per minute for a connection. When you reach this limit, the connection ends.

CRITICAL vulnerabilities

There are 12 security vulnerabilities with CRITICAL severity levels for Windows 10 x64 systems. All these threats are of ‘Remote Code Execution’ impact. These vulnerabilities are shared below.

CVE DetailsCVSS ScoreComments
CVE-2023-353499.8This vulnerability affects the Microsoft Message Queuing.
Successful exploitation of this vulnerability could allow an unauthenticated attacker to remotely execute code on the target server.
CVE-2023-366976.8This vulnerability affects the Microsoft Message Queuing.
Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server
CVE-2023-367187.8This vulnerability could lead to a contained execution environment escape on the Microsoft Virtual Trusted Platform Module.
CVE-2023-417748.1This vulnerability affects the Layer 2 Tunneling protocol.
An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine.
CVE-2023-417738.1This vulnerability affects the Layer 2 Tunneling protocol.
An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine.
CVE-2023-417718.1This vulnerability affects the Layer 2 Tunneling protocol.
An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine.
CVE-2023-417708.1This vulnerability affects the Layer 2 Tunneling protocol.
An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine.
CVE-2023-417698.1This vulnerability affects the Layer 2 Tunneling protocol.
An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine.
CVE-2023-417688.1This vulnerability affects the Layer 2 Tunneling protocol.
An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine.
CVE-2023-417678.1This vulnerability affects the Layer 2 Tunneling protocol.
An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine.
CVE-2023-417658.1This vulnerability affects the Layer 2 Tunneling protocol.
An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine.
CVE-2023-381668.1This vulnerability affects the Layer 2 Tunneling protocol.
An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine.

IIS Vulnerability

There is a CVSS 9.8 vulnerability on the IIS Server running on Windows 10 or Windows 10 version 1507. This vulnerability has an IMPORTANT severity level. The details of the vulnerability are shared below:

CVE VulnerabilitySeverityCVSS ScoreImpactComments
CVE-2023-36434IMPORTANT9.8Elevation of PrivilegesIn a network-based attack, an attacker could brute force user account passwords to log in as that user. Microsoft suggests using complex or strong passwords to protect against this vulnerability.

KB5031377 – Changelog

The following changes or improvements are part of the KB5031377 cumulative update for Windows 10:

  • This update changes the spelling of Ukraine’s capital from Kiev to Kyiv.
  • This update addresses an issue that affects external binding. It fails. This occurs after you install Windows updates dated May 2023 or later. Because of this, there are issues that affect LDAP queries and authentication.
  • This update supports daylight saving time (DST) changes in Greenland. 
  • This update addresses security issues for your Windows operating system

October 2023 Security Updates

You may be interested in reading more about other October 2023 security or cumulative updates shared below:

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.