Undetectable Humanizer: Lifetime Subscription
Transform AI-Generated Text into Human-Like, High-Ranking Content & Bypass Even the Most Sophisticated AI Detectors
Get 95% Deal

The first Windows security updates of 2024 are here

Martin Brinkmann
Jan 9, 2024
Updated • Jan 10, 2024
Windows Updates
|
29

Welcome to the Microsoft Windows January 2024 security updates overview. It is the first Patch Day of the year for Microsoft. The company has addressed a total of 48 unique vulnerabilities in Microsoft products and 5 unique vulnerabilities in non-Microsoft products.

Our overview provides system administrators and home users with actionable information about the released security updates. It includes an Excel spreadsheet with a list of updates, information about affected products, known issues, and lists of other security updates that Microsoft released for its products.

You also find resource links, including download links, and instructions to download and install the patches on Windows devices.

Check out the December 2023 Security update overview here.

Note: if you are getting error 0x80070643 when installing the update.

Microsoft Windows Security Updates: January 2024

Here is a link to an Excel spreadsheet that lists information about the released security updates on the January 2024 Microsoft Patch Day. Follow this link to download an archive file that contains the spreadsheet:  Windows security updates January 2024

Executive Summary

  • All Windows client and server versions are affected by at least 1 critical issue, most are affected by 2 critical issues.
  • Windows clients with issues are: Windows 10 version 1809, Windows 10 version 21H2 and 22H2, Windows 11 version 21H2, 22H2 and 23H2
  • Windows Server clients: Windows Server 2008 and 2008 R2, Windows Server 2019

Product overview

Each supported version of Windows and their critical vulnerabilities are listed below.

  • Windows 10 version 22H2: 34 vulnerabilities, 2 critical and 32 important.
    • Windows Kerberos Security Feature Bypass Vulnerability -- CVE-2024-20674
    • Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2024-20700
  • Windows 11 version 22H2:  35 vulnerabilities, 2 critical and 33 important
    • same as Windows 10 version 22H2
  • Windows 11 version 23H2:  35 vulnerabilities, 2 critical and 33 important
    • same as Windows 10 version 22H2

Windows Server products

  • Windows Server 2008 R2 (extended support only): 19 vulnerabilities: 1 critical and 18 important
    • Windows Kerberos Security Feature Bypass Vulnerability -- CVE-2024-20674
  • Windows Server 2012 R2 (extended support only):  vulnerabilities:  critical and  important
    • No information
  • Windows Server 2016: 26 vulnerabilities: 1 critical and 25 important
    • same as Windows Server 2008 R2
  • Windows Server 2019: 33 vulnerabilities: 2 critical and 31 important
    • same as Windows Server 2008 R2, plus
    • Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2024-20700
  •  Windows Server 2022: 36 vulnerabilities: 2 critical and 34 important.
    • same as Windows Server 2019

Windows Security Updates

Windows 10 version 22H2

Updates and improvements:

  • Fixes an issue that caused the device to shut down after 60 seconds after using a smart card to authenticate on a remote system.
  • The update addresses an issue that affects the display of a smart card icon. It does not appear when signing in.
  • Security updates.

Windows 11 version 22H2 and 23H2

Updates and improvements:

  • Fixes an issue that caused the device to shut down after 60 seconds after using a smart card to authenticate on a remote system.
  • The update addresses an issue that affects the display of a smart card icon. It does not appear when signing in.
  • The update addresses a Wi-Fi adapter issue that may cause them to not connect to some networks.

Security updates

2024-01 Security Update for Windows 11 (KB5034440)

2024-01 Security Update for Microsoft server operating system, version 22H2 for x64-based Systems (KB5034439)

2024-01 Security Update for Windows 10 Version 22H2 and Windows 10 Version 21H2 (KB5034441)

2024-01 Cumulative Security Update for Internet Explorer Windows Server 2012 R2, Windows Server 2012, Windows Embedded Standard 7, Windows Server 2008 R2, and Windows Server 2008 (KB5034120)

2024-01 Security Only Quality Update for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5034167)

2024-01 Security Monthly Quality Rollup for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5034169)

2024-01 Security Monthly Quality Rollup for Windows Server 2012 R2 (KB5034171)

2024-01 Security Monthly Quality Rollup for Windows Server 2008 (KB5034173)

2024-01 Security Only Quality Update for Windows Server 2008 (KB5034176)

2024-01 Security Monthly Quality Rollup for Windows Server 2012 (KB5034184)

2024-01 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5034119)

2024-01 Dynamic Cumulative Update for Windows 11 (KB5034121)

2024-01 Dynamic Cumulative Update for Windows 10 Version 22H2 and Windows 10 Version 21H2 (KB5034122)

2024-01 Cumulative Update for Windows 10 Version 1809 (KB5034127)

2024-01 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5034129)

2024-01 Cumulative Update for Windows 10 Version 1507 (KB5034134)

2024-01 Servicing Stack Update for Windows Server 2012 R2 for x64-based Systems (KB5034587)

2024-01 Servicing Stack Update for Windows Server 2012 for x64-based Systems (KB5034588)

Microsoft .NET

2024-01 Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012 for x64 (KB5033897)

2024-01 Security and Quality Rollup for .NET Framework 2.0, 3.0 for Windows Server 2008 (KB5033898)

2024-01 Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5033899)

2024-01 Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012 R2 for x64 (KB5033900)

2024-01 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 for x64 (KB5033905)

2024-01 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 R2 for x64 (KB5033906)

2024-01 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows Server 2008 R2, and Windows Server 2008 (KB5033907)

2024-01 Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012 for x64 (KB5033913)

2024-01 Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012 R2 for x64 (KB5033915)

2024-01 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5033916)

2024-01 Security Only Update for .NET Framework 2.0, 3.0 for Windows Server 2008 (KB5033945)

2024-01 Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5033946)

2024-01 Security Only Update for .NET Framework 4.6.2 for Windows Embedded Standard 7, Windows Server 2008 R2, and Windows Server 2008 (KB5033947)

2024-01 Security Only Update for .NET Framework 4.8 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5033948)

2024-01 Security Only Update for .NET Framework 3.5 SP1 for Windows Server 2008 (KB5033952)

2024-01 Security and Quality Rollup for .NET Framework 3.5 SP1 for Windows Server 2008 (KB5034008)

2024-01 Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5034269)

2024-01 Security Only Update for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 (KB5034270)

2024-01 Security and Quality Rollup for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5034277)

2024-01 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 for x64 (KB5034278)

2024-01 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 for x64 (KB5034279)

2024-01 Security and Quality Rollup for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 (KB5034280)

2024-01 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809 (KB5033904)

2024-01 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 22H2 and Windows 10 Version 21H2 (KB5033909)

2024-01 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607 (KB5033910)

2024-01 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5033911)

2024-01 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11 (KB5033912)

2024-01 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 for x64 (KB5033914)

2024-01 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 23H2 for x64 (KB5033917)

2024-01 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 10 Version 22H2 and Windows 10 Version 21H2 (KB5033918)

2024-01 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11 (KB5033919)

2024-01 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11 (KB5033920)

2024-01 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system version 21H2 for x64 (KB5033922)

2024-01 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Microsoft server operating system version 21H2 for x64 (KB5034272)

2024-01 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809 (KB5034273)

2024-01 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 (KB5034274)

2024-01 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 22H2 (KB5034275)

2024-01 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 11 (KB5034276)

Non-Security updates

2024-01 Dynamic Update for Windows 10 Version 1607 (KB5034230)

2024-01 Dynamic Update for Windows 10 Version 1809 (KB5034231)
2024-01 Dynamic Update for Windows 10 Version 21H2 (KB5034232)
2024-01 Dynamic Update for Windows 10 Version 1507 (KB5034233)
2024-01 Dynamic Update for Microsoft server operating system, version 22H2 for x64-based Systems (KB5034235)
2024-01 Dynamic Update for Windows 11 (KB5034236)

Known Issues

Windows 10 version 22H2

Description: Using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the "Require Device Encryption" setting for some devices in your environment.

Workaround: Set "Enforce drive encryption type on operating system drives" or "Enforce drive encryption on fixed drives" policies in Microsoft Intune.

(OLD) Description: Desktop icons may be moved around unexpectedly between monitors when using Copilot on more than one monitor. Users may also experience "other alignment issues" according to Microsoft.

Workaround: none. Microsoft may disable Copilot on multimonitor devices.

(OLD) Description: Copilot in Windows is not supported if the taskbar is located vertically on the right or left side of the screen.

Workaround: align the taskbar horizontally, either at the top or bottom of the screen.

(OLD) Description: Using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the "Require Device Encryption" setting for some devices in your environment.

Workaround: this is a reporting issue only according to Microsoft. Microsoft suggests to set the "Enforce drive encryption type on operating system drives" or the "Enforce drive encryption on fixed drives" policies to not configured as a workaround.

Windows 11 version 22H2 and 23H2

(OLD) Description: Users who use multiple monitors on their Windows devices may notice that desktop icons move around unexpectedly. They may, for instance, move between monitors.

Workaround: Microsoft "may" have disabled Windows Copilot on multi-monitor devices until a solution is found.

(OLD) Description: The color font format COLRv1 does not render properly. It is used to display emoji with a 3D-like appearance.

Workaround: none at the time. Microsoft is working on a solution.

(OLD) Description: Using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the "Require Device Encryption" setting for some devices in your environment.

Workaround: this is a reporting issue only according to Microsoft. Microsoft suggests to set the "Enforce drive encryption type on operating system drives" or the "Enforce drive encryption on fixed drives" policies to not configured as a workaround.

Security advisories and updates

Microsoft Office Updates

You find Office update information here.

How to download and install the January 2024 security updates

All security updates get downloaded and installed automatically on non-managed Windows systems by default. It may take some time before these are installed and you may speed up the process. This is recommended in some cases, including when security issues are exploited in the wild already or when non-security updates address major bugs.

Tipcreate a backup before you install updates

To update using Windows Update, use the following guide:

  1. Select Start, type Windows Update and load the Windows Update item that is displayed.
  2. Select check for updates to run a manual check for updates.

Direct update downloads

Below are resource pages with direct download links, if you prefer to download the updates to install them manually.

Windows 10 version 22H2

  • KB5034122 -- 2024-1 Cumulative Update for Windows 10 Version 21H2

Windows 11 version 22H2

  • KB5034123 -- 2024-1 Cumulative Update for Windows 11 version 22H2
Windows 11 version 23H2
  • KB5034123 -- 2024-1 Cumulative Update for Windows 11 version 23H2

Additional resources

Summary
Article Name
The first Windows security updates of 2024 are here
Description
Microsoft released the first security updates for Windows and other company products on the January 2024 Patch Day.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. TelV said on January 21, 2024 at 1:04 pm
    Reply

    Bit late in the day, but I just read the blurb for KB5034123 and note the come Feb 27 this year, 22H2 will, quote: “Only cumulative monthly security updates will continue for the supported editions of Windows 11, version 22H2”. Whoopeeee! No more bloatware crap coming my way!

  2. Smithy said on January 12, 2024 at 12:39 am
    Reply

    I have found the .Net KB5033920 crashes.. locks the update process (if any other updates- security or otherwise are also downloading/installing) on the 3 laptops that have tried it – with an error code of 0x800F0841. Fix?

    Power off .. and then restart and await an ‘ Ooops there was a problem message- uninstalling all updates’
    And
    then try again, all other updates (Security/Windows etc) will download/install properly … no problem

    1. Kevin Rahe said on January 15, 2024 at 11:30 pm
      Reply

      Sometime in the last 2 weeks something happened that now prevents me from using Windows’ OpenSSH to access a Subversion repository using SSH keys from either of my Windows 10 machines. I suspect the cause is these updates, but when I uninstall them the SSH problem remains, so I can’t be sure. A colleague who uses Ubuntu Linux to access the same repository hasn’t been affected.

  3. AustinEvans said on January 11, 2024 at 3:13 am
    Reply

    Microsoft is THE BEST, I don’t know what y’all complaining about! They have the best Western and Indian Engineers working on this AAAAA-class OS – you don’t know how privileged you folks are!

  4. Jeff said on January 10, 2024 at 8:50 pm
    Reply

    This newest update was forced on me while I was using my computer. This update has been stuck in “restarting” mode for 2 hours now. how long does this update take to complete?

  5. Anonymous said on January 10, 2024 at 8:49 pm
    Reply

    This newest update was forced on me while I was using my computer. This update has been stuck in “restarting” mode for 2 hours now. how long does this update take to complete?

  6. Kalmly said on January 10, 2024 at 5:38 pm
    Reply

    It seems to me that Windows’ updates are more often a problem than whatever it is they are supposedly trying too protect you from.

  7. John G. said on January 10, 2024 at 2:35 pm
    Reply

    This problem is not exclusive of W10, W11 has the same issue (0x80070643).

  8. NeonRobot said on January 10, 2024 at 9:35 am
    Reply

    Windows 7 updates reached 2024.
    It looks like OS will outlive win 10.

    1. Martin P. said on January 11, 2024 at 9:10 pm
      Reply

      Yep. Same here. Runs like a charm.

  9. Bullwinkle said on January 10, 2024 at 2:13 am
    Reply

    I copied and pasted KB5034441 and did a search and the solution is to
    manually resize the recovery partition
    https://support.microsoft.com/help/5028997

  10. Recently Bald said on January 10, 2024 at 1:34 am
    Reply

    2024-01 Security Update for Windows 10 Version 22H2 and Windows 10 Version 21H2 (KB5034441)

    I’ve tried every fix known for the last 6 hours. Nothing works! I would suggest waiting for MicroSuck to come out with a fix instead of pulling your hair out like me. Now I’m bald and don’t have a fix. Don’t be like me!

  11. Anonymous said on January 10, 2024 at 1:04 am
    Reply

    KB5034441: Windows Recovery Environment update for Windows 10, version 21H2 and 22H2: January 9, 2024:

    IMPORTANT

    Some computers might not have a recovery partition that is large enough to complete this update. Because of this, the update for WinRE might fail. In this case, you will receive the following error message:

    Windows Recovery Environment servicing failed.
    (CBS_E_INSUFFICIENT_DISK_SPACE)

    To help you recover from this failure, please follow Instructions to manually resize your partition to install the WinRE update.

    Known issue Because of an issue in the error code handling routine, you might receive the following error message instead of the expected error message when there is insufficient disk space:

    0x80070643 – ERROR_INSTALL_FAILURE

    https://support.microsoft.com/en-us/topic/kb5034441-windows-recovery-environment-update-for-windows-10-version-21h2-and-22h2-january-9-2024-62c04204-aaa5-4fee-a02a-2fdea17075a8

  12. John G. said on January 10, 2024 at 12:41 am
    Reply

    Same problem (0x80070643) here, what a complete W11 disaster! :[

  13. Jimmy said on January 9, 2024 at 11:45 pm
    Reply

    KB5034441 failure is caused by the recovery partition being too small. I bet this update will be pulled.

  14. ECJ said on January 9, 2024 at 11:30 pm
    Reply

    Installing “2024-01 Security Update for Windows 10 Version 22H2 for x64-based Systems (KB5034441)” throws an error.

    “Error Encountered There were some problems installing updates, but we’ll try again later. If you keep seeing this and want to search the web or contact support for information, this may help: (0x80070643)”

    According to a Microsoft document, users need to manually resize a partition to install the WinRE update.

    https://support.microsoft.com/en-gb/topic/kb5034441-windows-recovery-environment-update-for-windows-10-version-21h2-and-22h2-january-9-2024-62c04204-aaa5-4fee-a02a-2fdea17075a8

    Reading through the instructions they give to do this – are Microsoft taking the piss? I have no idea what planet they’re on if they’re expecting users to follow those instructions. I think perhaps wait a bit to see if Microsoft give a more realistic solution.

    1. BB said on January 10, 2024 at 11:46 am
      Reply

      I have 3 desktops and 2 laptops all throwing the same error. I read their solution and I think they are flming high as kites if they expect end users to do this!

  15. sam said on January 9, 2024 at 10:41 pm
    Reply

    2024-01 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5034129)

    Server 2022
    Causes Chrome to crash, v 120.0.6099.217

    1. Anonymous said on January 10, 2024 at 11:47 am
      Reply

      Same problem with KB5034129 for windows 2022.

  16. Evan Katz said on January 9, 2024 at 9:56 pm
    Reply

    Same exact problem and error message (Jan. 9, 2024) on multiple Windows 10 Pro machines. Even after reboots and Windows Update rescan. Same error every time. Presumably Microsoft will fix this sometime later today.

  17. Evan Katz said on January 9, 2024 at 9:56 pm
    Reply

    Same exact problem and error message (Jan. 9, 2024) on multiple Windows 10 Pro machines. Even after reboots and Windows Update rescan. Same error every time. Presumably Microsoft will fix this sometime later today.

    1. Anonymous said on January 21, 2024 at 3:05 pm
      Reply

      Microsoft has not fixed it. I am still getting the error message today, 1/21/24. However, subsequent updates seem to install OK.

  18. Peter W Caton said on January 9, 2024 at 9:45 pm
    Reply

    Same issue:

    2024-01 Security Update for Windows 10 Version 22H2 for x64-based Systems (KB5034441)

    There were some problems installing updates, but we’ll try again later. If you keep seeing this and want to search the web or contact support for information, this may help: (0x80070643)

    1. Tribune said on January 10, 2024 at 12:32 am
      Reply

      Two of my three systems got error 0x80070643 on “2024-01 Security Update for Windows 10 Version 22H2 for x64-based Systems KB5034441”

      Both systems are Windows 10 Pro machines which DON’T use Bitlocker encryption. (The system which updated correctly runs Windows 10 Home Edition).

      The problem seems consistent with the “Important” note at https://support.microsoft.com/en-us/topic/kb5034441-windows-recovery-environment-update-for-windows-10-version-21h2-and-22h2-january-9-2024-62c04204-aaa5-4fee-a02a-2fdea17075a8 but I’ll be damned if I resize partitions to accommodate an improperly tested patch.

      Instead, I ‘hid’ the offending update:

      (1) Download the executable file “wushowhide.diagcab” by clicking this link:
      http://download.microsoft.com/download/F/2/2/F22D5FDB-59CD-4275-8C95-1BE17BF70B21/wushowhide.diagcab

      (2) Execute the file (by doubleclicking from an Admin account) either to (a) hide an outstanding Microsoft update or (b) see if any updates are hidden (and optionally unhide them).

  19. Jan said on January 9, 2024 at 8:58 pm
    Reply

    Anyone else gets a problem downloading and installing KB5034439?

    1. Anonymous said on January 13, 2024 at 7:04 pm
      Reply

      Yes, it fails with the error Failed to install on 13/01/2024 (0x80070643)

    2. Mike Williams said on January 10, 2024 at 3:16 am
      Reply

      Yes. It fails because the WinRE partition is too small for the update to fit.

      Microsoft provided some instructions, but they involve modifying the partitions (shrink, delete, create, format).

  20. Paul(us) said on January 9, 2024 at 8:52 pm
    Reply

    Tuesday, 2024-01-08

    I did an update today with the 2024-01 security update for Windows 10 version 22H2 for x64-based systems (KB5034441).

    And after a few moments, I got the message:

    There were some problems installing updates, but we’ll try again later. If you keep seeing this and want to search the web or contact support for information, this may help: (0x80070643)

    I have tried to fix this with:

    By typing cmd and then pressing Ctrl + Shift + Enter in succession to open the command prompt as an administrator. Again, type sfc /scan now at the prompt and press Enter.

    This did not work.

    Suggest how to fix this?

  21. Katchey said on January 9, 2024 at 8:36 pm
    Reply

    2024-01 Security Update for Windows 10 Version 22H2 for x64-based Systems (KB5034441)

    There were some problems installing updates, but we’ll try again later. If you keep seeing this and want to search the web or contact support for information, this may help: (0x80070643)

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.