March 12, 2024—KB5035849 (OS Build 17763.5576) - EXPIRED
Applies To
Release Date:
12/03/2024
Version:
OS Build 17763.5576
EXPIRATION NOTICE
IMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows.
NEW 3/25/24 IMPORTANT If you plan to install this update on a domain controller (DC), we highly recommend that you install KB5037425 instead (March 25, 2024). This out-of-band update addresses a known issue that affects the Local Security Authority Subsystem Service (LSASS). It might leak memory on DCs.
11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 1809, see its update history page.
Highlights
-
This update addresses an issue that affects the touch keyboard. Sometimes it does not open.
Improvements
This security update includes improvements. When you install this KB:
-
The update affects Active Directory domains that host mobile device management (MDM) providers. They can transition from “Compatibility mode” to the strong certificate mapping “Enforcement mode.” To do this, they can allow an Active Directory Key Distribution Center (KDC) to read user security identifiers (SID) from the Subject Alternative Name (SAN). Then, the providers can populate those values. To learn more, see:
-
KB5014754: Certificate-based authentication changes on Windows domain controllers
-
Preview of SAN URI for Certificate Strong Mapping for KB5014754
-
If you installed earlier updates, only the new updates contained in this package will be downloaded and installed on your device.
For more information about security vulnerabilities, please refer to the new Security Update Guide website and the March 2024 Security Updates.
Windows 10 servicing stack update - 17763.5568
This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates.
Known issues in this update
|
Symptom |
Workaround |
|---|---|
|
Following installation of this update, Local Security Authority Subsystem Service (LSASS) may experience a memory leak on domain controllers (DCs). This is observed when on-premises and cloud-based Active Directory Domain Controllers service Kerberos authentication requests. Extreme memory leaks may cause LSASS to crash, which triggers an unscheduled reboot of underlying domain controllers (DCs). |
This issue is addressed in KB5037425. |
How to get this update
EXPIRATION NOTICE
IMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows.
Need more help?
Want more options?
Explore subscription benefits, browse training courses, learn how to secure your device, and more.
Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.
