Microsoft has rolled out its January 2025 Patch Tuesday updates, targeting Windows 11 versions 24H2, 23H2, and 22H2. These updates, delivered under KB5050009 for 24H2 and KB5050021 for 23H2 and 22H2, bring the latest builds up to 26100.2894, 22631.4751, and 22621.4751 respectively. The updates primarily address security vulnerabilities and include various bug fixes and quality improvements. However, as is typical with updates of this nature, there are also a few known issues users should be aware of.
If the world of servicing stack updates, kernel vulnerabilities, and OpenSSH quirks sounds like digital gibberish to you, don't worry—we’ve got you covered with plain-English explanations and actionable steps where applicable.
The KB5050009 update doesn’t exactly reinvent the Windows wheel, but it has some crucial under-the-hood fixes and enhanced protections that are well worth your attention.
If the term "Servicing Stack Update" sounds technical, that's because it is. SSUs are critical components of Windows Update that make sure your operating system receives and installs updates seamlessly.
Without them, updates could:
Cybersecurity professionals have sleepless nights over BYOVD (Bring Your Own Vulnerable Driver)—a sneaky attack tactic that weaponizes known driver vulnerabilities to bypass modern security measures like kernel-mode code signing. By extending the vulnerable kernel driver blocklist with this update, Microsoft stays ahead of asymmetrical cyber threats.
But Microsoft’s kernel blocklist has been criticized before for being somewhat reactive rather than proactive. Questions linger: How are these lists updated, and does Microsoft rely too heavily on third-party reports?
If the January 2025 Patch Tuesday update has you in troubleshooting mode, here’s a checklist to help you out:
However, keep an eye on the known issues, especially if you’re an enterprise user. As for gamers on ARM devices, you’ll have to temporarily sidestep the Microsoft Store for Roblox and download it directly from Roblox’s official site.
So, have you updated yet? Found any quirks or cool fixes Microsoft didn’t mention? Let’s discuss on the forum!
Source: Neowin Windows 11 (KB5050009, KB5050021) January 2025 Patch Tuesday out
If the world of servicing stack updates, kernel vulnerabilities, and OpenSSH quirks sounds like digital gibberish to you, don't worry—we’ve got you covered with plain-English explanations and actionable steps where applicable.
The KB5050009 update doesn’t exactly reinvent the Windows wheel, but it has some crucial under-the-hood fixes and enhanced protections that are well worth your attention.1. Enhanced Kernel Vulnerable Driver Blocklist
The update expands the Driver Blocklist file, specifically targeting vulnerabilities from Bring Your Own Vulnerable Driver (BYOVD) attacks. Now, if BYOVD sounds like something out of a spy thriller, here's what it means in simple terms: malicious actors exploit legitimate (but vulnerable) drivers to bypass Windows security systems. By blocking such drivers proactively, Microsoft significantly reduces the risk of ransomware and other cyberattacks.- DriverSiPolicy.p7b: This file within Windows acts as the "list of shame," cataloging drivers Microsoft deems risky. Installing this update simply adds more names to that list.
2. Servicing Stack Update (KB5050387)
If updates had their own mechanics, the Servicing Stack Update (SSU) would be the grease in the gears. KB5050387 ensures smoother, more reliable delivery of future updates. Think of it as reinforcing the delivery pipeline so you don’t run into pesky “Update failed” errors in future rollouts.🛠 Fixes, Changes, and Issues in KB5050021 (Windows 11 22H2 and 23H2)
Although KB5050021 focuses on versions 22H2 and 23H2, there are some overlapping improvements with the 24H2 update. So if you’re still rocking these earlier versions, fret not—you’re in safe hands.Improvements
- Just like its 24H2 cousin, KB5050021 extends protection against BYOVD attacks by updating the same vulnerable driver blocklist.
- Bug fixes also include stability improvements introduced in the December update, KB5048685.
Known Issues
With great updates often come small gremlins in the system. Microsoft has acknowledged two significant issues:- OpenSSH Fails to Start
- Post-update, some users reportedly struggle with OpenSSH (Open Secure Shell) services failing to start. If you’re a network admin or IoT tinkerer and suddenly find yourself locked out, here’s the deal:
- Why it happens: Permissions within directories like
C:\ProgramData\sshhave gone haywire. - Temporary Fix: To regain functionality, update ACLs (Access Control Lists) using the provided PowerShell commands. Just make sure to run them as an admin (your regular user account won’t cut it).
- Why it happens: Permissions within directories like
- Pro tip: Bookmark this issue for future reference in case Microsoft tackles it with February's update.
- Post-update, some users reportedly struggle with OpenSSH (Open Secure Shell) services failing to start. If you’re a network admin or IoT tinkerer and suddenly find yourself locked out, here’s the deal:
- Citrix Session Recording Agent Issue
- For our enterprise friends, the January update may fail to install correctly if Citrix's Session Recording Agent (SRA) Version 2411 is in your setup. Microsoft and Citrix are collaborating on a permanent fix, but for now, you’ll need to refer to Citrix’s workarounds to proceed.
If the term "Servicing Stack Update" sounds technical, that's because it is. SSUs are critical components of Windows Update that make sure your operating system receives and installs updates seamlessly.Without them, updates could:
- Fail to install entirely.
- Leave your system vulnerable to unresolved security risks.
- Damage update configurations, requiring lengthy troubleshooting.
Cybersecurity professionals have sleepless nights over BYOVD (Bring Your Own Vulnerable Driver)—a sneaky attack tactic that weaponizes known driver vulnerabilities to bypass modern security measures like kernel-mode code signing. By extending the vulnerable kernel driver blocklist with this update, Microsoft stays ahead of asymmetrical cyber threats.But Microsoft’s kernel blocklist has been criticized before for being somewhat reactive rather than proactive. Questions linger: How are these lists updated, and does Microsoft rely too heavily on third-party reports?
If the January 2025 Patch Tuesday update has you in troubleshooting mode, here’s a checklist to help you out:- Restart Stuck Updates
- Navigate to
Settings > Update & Security > Troubleshoot. - Run the Windows Update Troubleshooter before trying again.
- Navigate to
- OpenSSH Not Starting?
- Run the provided PowerShell commands to reset permissions for
C:\ProgramData\sshand its logs. - Ensure SYSTEM and Administrator groups have full control privileges.
- Run the provided PowerShell commands to reset permissions for
- Citrix SRA Problem?
- Use Citrix’s documented workaround before retrying the update.
- Offline Installation
- Download patches directly from Microsoft’s Update Catalog for manual installation.
Wrapping Up: Why You Should Update Now
Microsoft’s January 2025 Patch Tuesday isn’t about dazzling new features or big interface changes—it’s all about the essentials: security, reliability, and bug fixes. With growing threats such as ransomware and BYOVD, the updates (KB5050009, KB5050021) are must-installs for anyone serious about keeping their system secure.However, keep an eye on the known issues, especially if you’re an enterprise user. As for gamers on ARM devices, you’ll have to temporarily sidestep the Microsoft Store for Roblox and download it directly from Roblox’s official site.
So, have you updated yet? Found any quirks or cool fixes Microsoft didn’t mention? Let’s discuss on the forum!
Source: Neowin Windows 11 (KB5050009, KB5050021) January 2025 Patch Tuesday out