Microsoft has rolled out its first Patch Tuesday updates for 2025, delivering cumulative updates KB5050009 and KB5050021 for Windows 11 versions 24H2, 23H2, and 22H2. These updates address critical security vulnerabilities, include improvements from previous updates, and bring specific feature enhancements to improve user experience. Below, we detail the improvements, changes, known issues, and steps to install these updates.
Summary of Updates
Cumulative Updates and Builds
- KB5050009 (Windows 11, version 24H2): After installation, your system build will be updated to 26100.2894.
- KB5050021 (Windows 11, versions 23H2 and 22H2): Post-installation builds will be updated to 22631.4751 and 22621.4751, respectively.
These updates address critical security issues and enhance the Windows update servicing stack to ensure smooth and robust installations.
Improvements and Changes
1. Enhanced Security
The January updates prioritize security by:
- Expanding the Windows Kernel Vulnerable Driver Blocklist (DriverSiPolicy.p7b). This blocklist includes additional vulnerable drivers to counteract BYOVD (Bring Your Own Vulnerable Driver) attacks.
- Incorporating security improvements from the December 2024 updates (KB5048667 and KB5048685).
2. Servicing Stack Update
The updates improve the reliability of the Windows servicing stack (KB5050387), ensuring a more robust system for applying updates. For more details, refer to Microsoft’s Security Update Guide.
Known Issues and Workarounds
1. Roblox Compatibility Issue (Windows 11, version 24H2)
- Symptom: On ARM devices, players are unable to download or play Roblox via the Microsoft Store.
- Workaround: Download Roblox directly from the official website at www.roblox.com.
2. OpenSSH Service Fails to Start
- Symptom: After installing the October 2024 update, some users report issues starting the OpenSSH (Open Secure Shell) service, preventing SSH connections.
- Workaround:
- Open PowerShell as Administrator.
- Update permissions for affected directories:
$directoryPath = "C:\ProgramData\ssh" $acl = Get-Acl -Path $directoryPath $sddlString = "O:BAD:PAI(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)(A;OICI;0x1200a9;;;AU)" $securityDescriptor = New-Object System.Security.AccessControl.RawSecurityDescriptor $sddlString $acl.SetSecurityDescriptorSddlForm($securityDescriptor.GetSddlForm("All")) Set-Acl -Path $directoryPath -AclObject $acl
- Repeat the steps for
C:\ProgramData\ssh\logs
.
Microsoft is actively investigating this issue and will release a fix in a future update.
3. Citrix Session Recording Agent Issue
- Symptom: Devices with the Citrix Session Recording Agent (SRA) version 2411 may fail to complete the installation of the January 2025 updates.
- Workaround: Follow the guidance provided by Citrix in their official documentation to address this issue. Microsoft is collaborating with Citrix to develop a permanent fix.
How to Install the Updates
You can install the January 2025 updates using one of the following methods:
1. Windows Update
- Open Settings.
- Navigate to Windows Update.
- Click Check for updates. The cumulative updates will automatically download and install.
2. Microsoft Update Catalog
- Download the updates manually from the links below:
Conclusion
The January 2025 Patch Tuesday updates underline Microsoft’s commitment to addressing critical vulnerabilities while ensuring system reliability. While the updates bring essential improvements, they also introduce a few known issues that Microsoft is actively working to resolve. Ensure your system remains secure by installing these updates promptly, and stay tuned for further announcements regarding bug fixes and additional improvements.
Founder of ToolsLib, Designer, Web and Cybersecurity Expert.
Passionate about software development and crafting elegant, user-friendly designs.
Stay Updated with ToolsLib!
Join our community to receive the latest cybersecurity tips, software updates, and exclusive insights straight to your inbox!