Patchday: Windows 10/Server Updates (September 10, 2024)

Posted on 2024-09-11 by guenni

Windows[German]On September 10, 2024 (second Tuesday of the month, patch day at Microsoft), various cumulative updates were released for the supported Windows 10 builds (from the RTM version to the current version) as well as for the Windows Server counterparts. Here are some details on the respective security updates for Windows 10 and the server counterparts.

A list of the updates can be found on this Microsoft website. I have extracted the details below. Since March 2021, Microsoft has been integrating the Servicing Stack Updates (SSUs) for newer Windows 10 builds into the cumulative update.

Updates for Windows 10 Version 21H1-22H2

For the above mentioned Windows 10 versions Windows 10 Enterprise LTSC 2021, Windows 10 IoT Enterprise LTSC 2021 and Windows 10 version 22H2, Microsoft only provides one update package, which is named below.

Update KB5043064 for Windows 10 Version 21H1 – 22H2

Cumulative Update KB5043064 raises the OS build for all Windows 10 variants to 1904x.4894. The update only contains security fixes, but no new operating system functions. The cumulative update fixes the vulnerability in the Windows Installer in Windows 10 21H2 Enterprise LTSC and IOT:

[Windows Installer] When it repairs an application, the User Account Control (UAC) does not prompt for your credentials. After you install this update, the UAC will prompt for them. Because of this, you must update your automation scripts. Application owners must add the Shield icon. It indicates that the process requires full administrator access. To turn off the UAC prompt, set the HKEY_LOCAL_MACHINE\SOFTWARE\Policies\
Microsoft\Windows\Installer\DisableLUAInRepair registry value to 1. The changes in this update might affect automatic Windows Installer repairs; see Application Resiliency: Unlock the Hidden Features of Windows Installer.

Microsoft also points out that this update makes quality improvements to the Servicing Stack (responsible for Microsoft updates). This update is automatically downloaded and installed by Windows Update, but is also available in the Microsoft Update Catalog and via WSUS and WUfB. Please note the information on installation and known problems described in the support article.

Updates for Windows 10/Server 2019

The following updates are available for Windows 10 Enterprise 2019 LTSC and Windows Server 2019.

Update KB5043050 for Windows 10 Enterprise 2019 LTSC /Windows Server 2019

Cumulative Update KB5043050 (is sorted under Windows 10 v1809, but refers to the 2019 versions and) and includes quality improvements but no new operating system features. This update is only available for Windows 10 2019 Enterprise LTSC and IoT Enterprise LTSC (the remaining versions will no longer receive security updates on May 11, 2021) and Windows Server 2019. Microsoft lists a number of fixes.

  • [AppContainer] Printers do not work as you expect when you use them in a restricted setting, like AppContainer.
  • [BitLocker] You might not be able to decrypt a BitLocker data drive. This occurs when you move that drive from a newer version of Windows to an older version.
  • [Remote Desktop (known issue)] Windows Servers might disrupt Remote Desktop connections across your company. This issue might occur if you use a legacy protocol in the Remote Desktop Gateway. An example protocol is Remote Procedure Call over HTTP. If the issue occurs, it is sporadic, like every 30 minutes. At that point, you lose sessions that you are signed in to. Then you must reconnect to the server. IT admins can track this as an end to the TSGateway service. It stops responding, with the exception code 0xc0000005.
  • [Windows Installer] When it repairs an application, the User Account Control (UAC) does not prompt for your credentials. After you install this update, the UAC will prompt for them. Because of this, you must update your automation scripts. Application owners must add the Shield icon. It indicates that the process requires full administrator access. To turn off the UAC prompt, set the HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\
    Windows\Installer\DisableLUAInRepair     registry value to 1. The changes in this update might affect automatic Windows Installer repairs; see Application Resiliency: Unlock the Hidden Features of Windows Installer.​​​​​​​​​​​​​​
  • [Windows Server 2019 (known issue)] Some devices slow down, stop responding, and have high CPU usage. This is most likely to occur with Cryptographic Services. A few companies report that the issue occurs when antivirus software scans the %systemroot%\system32\catroot2 folder for Windows updates.

The update is automatically downloaded and installed by Windows Update, but is also available in the Microsoft Update Catalog, via WSUS and WUfB. Microsoft has also updated the Service Stack Update (SSU). Please note the installation sequence described in the support article and, if applicable, the notes on further requirements and any existing problems.

The performance problems (see Windows Server 2019/Windows 10 Enterprise 2019 LTSC: Performance Issues with Update KB5041578)) may have been fixed.

Updates for Windows 10 Version 1507 till 1607

Updates for the Enterprise LTSC versions are available for Windows 10 RTM up to version 1607. These updates are automatically downloaded and installed by Windows Update, but are available for download in the Microsoft Update Catalog (search for the KB number). The latest Servicing Stack Update (SSU) must be installed before manual installation. Details can be found in the respective KB article.

  • Windows 10 Version 1607: Update KB5043051 is only available for Enterprise LTSC and Windows Server 2016. The update addresses security issues.
  • Windows 10 Version 1507: Update KB504308 is available for the RTM version (LTSC). The update fixes vulnerabilities and any bugs.

There was no update for the remaining Windows 10 versions, as these versions have fallen out of support. If in doubt, details on the above updates can be found in the respective Microsoft KB articles.

Similar articles:
Office updates from September 3, 2024
Microsoft Security Update Summary (September 10, 2024)
Patchday: Windows 10/Server Updates (September 10, 2024)
Patchday: Windows 11/Server 2022-Updates (September 10, 2024)
Windows Server 2012 / R2 and Windows 7 (September 10, 2024)
Microsoft Office Updates (September 10, 2024)

This entry was posted in Security, Update, Windows and tagged , , , , . Bookmark the permalink.

One Response to Patchday: Windows 10/Server Updates (September 10, 2024)

  1. EP says:
    2024-09-11 at 18:32

    recently from BleepingComputer – Microsoft fixes Windows Server performance issues from August updates:
    Microsoft fixes Windows Server performance issues from August updates

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *