When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Windows 10 (KB5049981 / KB5050008 / KB5049993 / KB5050013) January 2025 Patch Tuesday out

Windows 10 Patch Tuesday

It's the second Tuesday of the month, which means it's Patch Tuesday time again. As such, today, Microsoft is rolling out the monthly security update (also called "B release") for January 2025 on Windows Server 20H2 and Windows 10 for the latest supported versions, 20H2, 21H2, and 22H2.

The new updates are being distributed under KB5049981, bumping up the builds to 19044.5371 and 19045.5371. You can find standalone links to download the new update on the Microsoft Update Catalog at this link.

The major highlight of the release is security patches.

Highlights

  • This update addresses security issues for your Windows operating system.

This release has the following known issues:

Known issues in this update

Symptom

Workaround

Following the installation of the October 2024 security update, some customers report that the OpenSSH (Open Secure Shell) service fails to start, preventing SSH connections. The service fails with no detailed logging, and manual intervention is required to run the sshd.exe process.

This issue is affecting both enterprise, IOT, and education customers, with a limited number of devices impacted. Microsoft is investigating whether consumer customers using Home or Pro editions of Windows are affected.

Customers can temporarily resolve the issue by updating permissions (ACLs) on the affected directories. Follow these steps:

  1. Open PowerShell as an Administrator.

  2. Update the permissions for C:\ProgramData\ssh and C:\ProgramData\ssh\logs to allow full control for SYSTEM and the Administrators group, while allowing read access for Authenticated Users. You can restrict read access to specific users or groups by modifying the permissions string if needed.

    Use the following commands to update the permissions:

    $directoryPath = "C:\ProgramData\ssh" $acl = Get-Acl -Path $directoryPath $sddlString = "O:BAD:PAI(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)(A;OICI;0x1200a9;;;AU)" $securityDescriptor = New-Object System.Security.AccessControl.RawSecurityDescriptor $sddlString $acl.SetSecurityDescriptorSddlForm($securityDescriptor.GetSddlForm("All")) Set-Acl -Path $directoryPath -AclObject $acl

  3. Repeat the above steps for C:\ProgramData\ssh\logs.

Microsoft is actively investigating the issue and will provide a resolution in an upcoming Windows update. Further communications will be provided when a resolution or additional workarounds are available.

Devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update. This issue was observed on devices with Citrix Session Recording Agent (SRA) version 2411. The 2411 version of this application was released in December 2024.

Affected devices might initially download and apply the January 2025 Windows security update correctly, such as via the Windows Update page in Settings. However, when restarting the device to complete the update installation, an error message with text similar to “Something didn’t go as planned. No need to worry – undoing changes” appears. The device will then revert to the Windows updates previously present on the device.

This issue likely affects a limited number of organizations as version 2411 of the SRA application is a new version. Home users are not expected to be affected by this issue.

Citrix has documented this issue, including a workaround, which can be performed prior to installing the January 2025 Windows security update. For details, see Citrix’s documentation.

Microsoft is working with Citrix to address this issue and will update this documentation once a resolution is available.

Some of the older Windows 10 versions have also received updates today, which have been listed below with their respective release notes (KB) linked as well as links to download them at Microsoft's Update Catalog:

Version KB Build Download Support
1809

KB5050008

17763.6775

Update Catalog Long-Term Servicing Channel (LTSC)
1607

KB5049993

14393.7699

Update Catalog
1507

KB5050013

10240.20890

Update Catalog

It is noteworthy that Windows 10 20H2 and Windows 10 1909 reached the end of servicing. Non-LTSC editions of 21H2 have also reached the end of servicing.

Report a problem with article
Patch Tuesday
Next Article

Windows 11 (KB5050009, KB5050021) January 2025 Patch Tuesday out

iScanner app
Previous Article

Save 79% on a lifetime subscription to iScanner app

Join the conversation!

Login or Sign Up to read and post a comment.

3 Comments - Add comment