The Windows Security Updates of August 2024 are now available - BitLocker Recovery issue fixed

Microsoft has released security updates for all supported client and server versions of Windows. Other company products, including Microsoft Office, have received security updates as well.

Our monthly overview is designed to be the starting point for system administrators and home users alike. Learn about the released updates and potential issues that may come along with them before you install the updates.

Included is an Excel spreadsheet with released security updates, link to support pages and direct downloads, and much more.

Tip: you can check out the July 2024 overview here.

Microsoft Windows Security Updates: August 2024

You may download the following Excel spreadsheet to get a list of released updates. Click on the following link to download the archive to the local device: Windows Security Updates August 2024 Excel spreadsheet

Executive Summary

Microsoft released a total of 90 security updates for various Microsoft products and 12 security updates from non-Microsoft issues (e.g. Chromium).
Windows clients with issues are: Windows 10 version 1607, 1809, 21H2, and 22H2, Windows 11 version 21H2, Windows 11 version 24H2.
Windows Server clients with issues: Windows Server 2008, Windows Server 2012, Windows Server 2019, and Windows Server 2022

Product overview

Each supported version of Windows and their critical vulnerabilities are listed below.

Windows 10 version 22H2: 54 vulnerabilities, 4 critical, 49 important, and 1 moderate
- Redhat: CVE-2022-3775 grub2 - Heap based out-of-bounds write when rendering certain Unicode sequences -- CVE-2022-3775
- Redhat: CVE-2023-40547 Shim - RCE in HTTP boot support may lead to secure boot bypass -- CVE-2023-40547
- Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability -- CVE-2024-38140
- Windows TCP/IP Remote Code Execution Vulnerability -- CVE-2024-38063
Windows 11 version 22H2: 55 vulnerabilities, 4 critical, 50 important, and 1 moderate
- same as Windows 10 version 22H2
Windows 11 version 23H2: 55 vulnerabilities, 4 critical, 50 important, and 1 moderate
- same as Windows 10 version 22H2
Windows 11 version 24H2: 47 vulnerabilities, 4 critical, 43 important
- same as Windows 10 version 22H2

Windows Server products

Windows Server 2008 R2 (extended support only): 30 vulnerabilities: 2 critical, 28 important
- Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability -- CVE-2024-38140
- Windows TCP/IP Remote Code Execution Vulnerability -- CVE-2024-38063
Windows Server 2012 R2 (extended support only): vulnerabilities: critical and important
- unknown
Windows Server 2016: 54 vulnerabilities: 4 critical, 49 important, and 1 moderate
- Redhat: CVE-2022-3775 grub2 - Heap based out-of-bounds write when rendering certain Unicode sequences -- CVE-2022-3775
- Redhat: CVE-2023-40547 Shim - RCE in HTTP boot support may lead to secure boot bypass -- CVE-2023-40547
- Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability -- CVE-2024-38140
- Windows TCP/IP Remote Code Execution Vulnerability -- CVE-2024-38063
Windows Server 2019: 56 vulnerabilities: 4 critical, 51 important, and 1 moderate
- same as Windows Server 2016
Windows Server 2022: 60 vulnerabilities: 4 critical, 55 important, and 1 moderate
- same as Windows Server 2016

Windows Security Updates

Windows 10 version 22H2

Support Page: KB5041580

Updates and improvements:

Fixed the BitLocker recovery screen issue.
"Use my windows user account" is not available on the lock screen to connect to Wi-Fi.
NetJoinLegacyAccountReuse Registry key removed. See this support page.
This update applies SBAT to systems that run Windows. This stops vulnerable Linux EFI (Shim bootloaders) from running. Is not installed on systems that dual boot Windows and Linux. Older Linux versions may not boot after the update is installed.

Windows 11 version 22H2 and 23H2

Support Page: KB5041585

Updates and improvements:

Fixed the BitLocker recovery screen issue.
Drag pinned apps from the Start menu to the taskbar.
Press Windows-T while the taskbar is selected and then a letter to jump straight to the first matching app on the taskbar.
End Task no longer shows a responding dialog. Needs to be enabled under Settings > System > For Developers.
Right-clicking a tab displays an option to duplicate it in File Explorer.
"Use my windows user account" is not available on the lock screen to connect to Wi-Fi.
NetJoinLegacyAccountReuse Registry key removed. See this support page.
This update applies SBAT to systems that run Windows. This stops vulnerable Linux EFI (Shim bootloaders) from running. Is not installed on systems that dual boot Windows and Linux. Older Linux versions may not boot after the update is installed.

Windows 11 version 24H2

Support page: KB5041571

Updates and improvements:

Fixed the BitLocker recovery screen issue.
"Use my windows user account" is not available on the lock screen to connect to Wi-Fi.
NetJoinLegacyAccountReuse Registry key removed. See this support page.
This update applies SBAT to systems that run Windows. This stops vulnerable Linux EFI (Shim bootloaders) from running. Is not installed on systems that dual boot Windows and Linux. Older Linux versions may not boot after the update is installed.

Windows Security updates

Delayed. Will post once published by Microsoft.

Non-Security updates

Known Issues

Windows 10 version 22H2

(OLD) Description: After installation of the update, users may be unable to change their account profile picture.
- Workaround: none available at the time.
(FIXED) Description: Devices that use Microsoft Connected Cache (MCC) may download updates or apps from the public Internet instead, if they use DHCP Option 235 and have a recent update installed.
- Workaround: Configure Microsoft Connected Cache endpoint in DOCacheHost policy as indicated in Cache hostname. Additionally, DOCacheHostSourcehas to be set to 1or removed as indicated in Cache hostname source. By default, the DOCacheHost and DOCacheHostSource policies have no value.

Windows 11 version 22H2 and 23H2

(OLD) Description: Enterprise customers may face issues when upgrading from a Windows Pro license to a valid Windows Enterprise subscription.
- Workaround: none, Microsoft is investigating.

Windows 11 version 24H2

(NEW) Players on ARM devices may not be able to play Roblox via the Microsoft STore.
- Workaround: download and play the title directly from the developer website.

Security advisories and updates

ADV 990001 -- Latest Servicing Stack Updates

Microsoft Office Updates

You find Office update information here.

How to download and install the August 2024 security updates

Security updates are installed automatically on most home Windows devices. This does not happen immediately though. Administrators may force updates right after they are released. This is done in the following way:

Select Start, type Windows Update and load the Windows Update item that is displayed.
Select check for updates to run a manual check for updates.

Windows Update should display the security update and start to download it.

Note: we recommend that you create a full system backup before installing any Windows update. This gives you another restoration option should things go wrong. The free Paragon Backup is a good choice, but there are others.