KB5031362 is the monthly cumulative update for Windows 10 version 1607. This update was released on 10 October 2023 under the ‘Patch Tuesday’ project.
Salient points
- KB5031362 is for Windows 10 version 1607. The update is available for x86 and x64 platforms. This update supersedes KB5030213.
- KB5031362 corresponds to Windows 10 build 14393.6351.
- KB5030213 for Windows 10 version 1607 corresponds to Windows 10 build 14393.6252.
- KB5030504 is the Servicing Stack Update corresponding to KB5031362 for Windows 10 version 1607. The SSU is available separately for x86 and x64 platforms.
- 66 security vulnerabilities affect Windows 10 version 1607.
- 12 security vulnerabilities have a ‘CRITICAL’ severity level.
- Two zero-day threats impact Windows 10 version 1607. All these vulnerabilities are discussed in the vulnerability section below.
Download KB5031362 for Windows 10 version 1607
KB5031362 for Windows 10 version 1607 can be deployed through one of the following automated processes:
- Windows Update
- Windows Update for Business
- WSUS or Windows Server Update Services
WSUS is the most preferred method to patch Windows 10 workstations with the latest cumulative updates.
For automated deployments, the Servicing Stack Update is installed automatically prior to the installation of the KB5031362 cumulative update. There is no system reboot after deploying the Servicing Stack Update.
KB5031362 can be applied on Windows 10 version 1607 in a manual approach. For this, you will need to follow a two-step process.
- Download and install the Servicing Stack Update KB5030504 on Windows 10 version 1607.
- Download and install KB5031362 cumulative update for Windows 10 version 1607.
We have shared both steps below.
You could download the offline installer files for the Servicing Stack Update and the cumulative update from the Microsoft Update Catalog site. Or, you could use the download links shared below to download the .MSU file directly.
- Download KB5030504 Servicing Stack Update for Windows 10 version 1607
- Download KB5030504 for Windows 10 version 1607 for x86 edition – the size of this update is 5.4 MB.
- Download KB5030504 for Windows 10 version 1607 for x64 edition – the size of this update is 11.7 MB.
Once you have installed the Servicing Stack Update, you can proceed with the installation of KB5031362 on Windows 10 version 1607. The download links for KB5031362 are specified below.
- Download KB5031362 for Windows 10 version 1607 from Microsoft Update Catalog
- Direct Download KB5031362 for Windows 10 version 1607 x86 edition – the size of the update file is 907.9 MB.
- Direct Download KB5031362 for Windows 10 version 1607 x64 edition – the size of the update file is 1626.8 MB.
When you deploy KB5031362 on Windows 10 version 1607, your system will reboot or restart.
Vulnerabilities
There are 66 security vulnerabilities that affect Windows 10 version 1607. We look at the 12 CRITICAL and 2 zero-day threats below.
Zero-day vulnerabilities
Zero-day threats are publicly disclosed threats. Or, these have already been exploited by various threat actors. Therefore, zero-day threats need to be patched immediately.
The following are the two zero-day threats that affect Windows 10 version 1607 under the October 2023 ‘Patch Tuesday’ program:
| CVE Vulnerability | Severity | CVSS Score | Impact | Comments |
|---|---|---|---|---|
| CVE-2023-36563 | IMPORTANT | 6.5 | Information Disclosure | Exploiting this vulnerability could allow the disclosure of NTLM hashes. |
| CVE-2023-44487 | IMPORTANT | 6.5 | Denial of Service | HTTP/2 Rapid Reset Attack |
CVE-2023-44487 can be resolved by installing KB5031362. Alternatively, Microsoft has published a mitigation plan to limit the HTTP 2 client connections. As part of the mitigation effort, you can also set the limit of the RST_STREAMS per minute using the new registry key in this update. This registry key will be available after you have successfully deployed the KB5031362 cumulative update.
| Registry key | Default value | Valid value range | Registry key function |
| Http2MaxClientResetsPerMinute | 500 | 0–65535 | Sets the allowed number of resets (RST_STREAMS) per minute for a connection. When you reach this limit, the connection ends. |
CRITICAL vulnerabilities
All 12 CRITICAL vulnerabilities affecting Windows 10 version 1607 are of the type of ‘Remote Code Execution’ threats. These vulnerabilities are shared below for your ready reference.
| CVE Details | CVSS Score | Comments |
|---|---|---|
| CVE-2023-35349 | 9.8 | This vulnerability affects the Microsoft Message Queuing. Successful exploitation of this vulnerability could allow an unauthenticated attacker to remotely execute code on the target server. |
| CVE-2023-36697 | 6.8 | This vulnerability affects the Microsoft Message Queuing. Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server |
| CVE-2023-36718 | 7.8 | This vulnerability could lead to a contained execution environment escape on the Microsoft Virtual Trusted Platform Module. |
| CVE-2023-41774 | 8.1 | This vulnerability affects the Layer 2 Tunneling protocol. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
| CVE-2023-41773 | 8.1 | This vulnerability affects the Layer 2 Tunneling protocol. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
| CVE-2023-41771 | 8.1 | This vulnerability affects the Layer 2 Tunneling protocol. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
| CVE-2023-41770 | 8.1 | This vulnerability affects the Layer 2 Tunneling protocol. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
| CVE-2023-41769 | 8.1 | This vulnerability affects the Layer 2 Tunneling protocol. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
| CVE-2023-41768 | 8.1 | This vulnerability affects the Layer 2 Tunneling protocol. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
| CVE-2023-41767 | 8.1 | This vulnerability affects the Layer 2 Tunneling protocol. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
| CVE-2023-41765 | 8.1 | This vulnerability affects the Layer 2 Tunneling protocol. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
| CVE-2023-38166 | 8.1 | This vulnerability affects the Layer 2 Tunneling protocol. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. |
IIS Vulnerability
There is a CVSS 9.8 vulnerability on the IIS Server running on Windows 10 version 1607. This vulnerability has an IMPORTANT severity level. The details of the vulnerability are shared below:
| CVE Vulnerability | Severity | CVSS Score | Impact | Comments |
|---|---|---|---|---|
| CVE-2023-36434 | IMPORTANT | 9.8 | Elevation of Privileges | In a network-based attack, an attacker could brute force user account passwords to log in as that user. Microsoft suggests using complex or strong passwords to protect against this vulnerability. |
KB5031362 for Windows 10 version 1607 – Changelog
The following changes are part of the KB5031362 cumulative update for Windows 10 version 1607:
- New! IE mode and Microsoft Edge can now share cookies. To learn more, see Cookie sharing between Microsoft Edge and Internet Explorer.
- This update changes the spelling of Ukraine’s capital from Kiev to Kyiv.
- This update addresses an issue that affects external binding. It fails. This occurs after you install Windows updates dated May 2023 or later. Because of this, there are issues that affect LDAP queries and authentication.
- New! This update completes the work to comply with the GB18030-2022 requirements. It removes and remaps characters for Microsoft Wubi input and Microsoft Pinyin U-mode input. You can no longer enter character codepoints that are not supported. All the required codepoints are up to date.
- This update supports daylight saving time (DST) changes in Greenland.
- This update addresses security issues for your Windows operating system.
October 2023 Security Updates
You may be interested in reading more about other October 2023 security or cumulative updates shared below:
- KB5031358 Cumulative Update for Windows 11 version 21H2
- KB5029377 Security Update for SQL Server 2019 GDR
- KB5031354 Cumulative Update for Windows 11 version 22H2
- KB5031356 for Windows 10
- KB5031901 Update for .NET 7.0
- KB5031407 Security Update for Windows Server 2012 R2
- KB5031427 Security Update for Windows Server 2012
- KB5031419 Monthly Rollup for Windows Server 2012 R2
- KB5031442 Monthly Rollup Update for Windows Server 2012
- KB5031364 Cumulative Update for Windows Server 2022
- KB5031362 Cumulative Update for Windows Server 2016
- KB5031361 Cumulative Update for Windows Server 2019
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.