Windows 10 (KB5053606 / KB5053596 / KB5053594 / KB5053618) March 2025 Patch Tuesday out

Windows 10 (KB5053606 / KB5053596 / KB5053594 / KB5053618) March 2025 Patch Tuesday out

Home » News » Windows 10 (KB5053606 / KB5053596 / KB5053594 / KB5053618) March 2025 Patch Tuesday out
Table of Contents

It is the second Tuesday of the month, which implies it is Patch Tuesday time once more. As such, at present, Microsoft is rolling out the month-to-month safety replace (additionally referred to as “B launch”) for February 2025 on Home windows Server 20H2 and Home windows 10 for the newest supported variations, 20H2, 21H2, and 22H2.

The brand new updates are being distributed underneath KB5053606, bumping up the builds to 19044.5608 and 19045.5608. You will discover standalone hyperlinks to obtain the brand new replace on the Microsoft Replace Catalog at this hyperlink.

The most important spotlight of the discharge is safety patches.

Highlights

  • This replace addresses safety points in your Home windows working system.

This launch has the next identified points:

Recognized points on this replace

Symptom

Workaround

Following the set up of the October 2024 safety replace, some prospects report that the OpenSSH (Open Safe Shell) service fails to start out, stopping SSH connections. The service fails with no detailed logging, and guide intervention is required to run the sshd.exe course of.

This subject is affecting each enterprise, IOT, and schooling prospects, with a restricted variety of units impacted. Microsoft is investigating whether or not client prospects utilizing Residence or Professional editions of Home windows are affected.

Prospects can briefly resolve the problem by updating permissions (ACLs) on the affected directories. Comply with these steps:

  1. Open PowerShell as an Administrator.

  2. Replace the permissions for C:ProgramDatassh and C:ProgramDatasshlogs to permit full management for SYSTEM and the Directors group, whereas permitting learn entry for Authenticated Customers. You may prohibit learn entry to particular customers or teams by modifying the permissions string if wanted.

    Use the next instructions to replace the permissions:

    $directoryPath = “C:ProgramDatassh” $acl = Get-Acl -Path $directoryPath $sddlString = “O:BAD:PAI(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)(A;OICI;0x1200a9;;;AU)” $securityDescriptor = New-Object System.Safety.AccessControl.RawSecurityDescriptor $sddlString $acl.SetSecurityDescriptorSddlForm($securityDescriptor.GetSddlForm(“All”)) Set-Acl -Path $directoryPath -AclObject $acl

  3. Repeat the above steps for C:ProgramDatasshlogs.

Microsoft is actively investigating the problem and can present a decision in an upcoming Home windows replace. Additional communications will likely be supplied when a decision or extra workarounds can be found.

Gadgets which have sure Citrix elements put in could be unable to finish set up of the January 2025 Home windows safety replace. This subject was noticed on units with Citrix Session Recording Agent (SRA) model 2411. The 2411 model of this utility was launched in December 2024.

Affected units would possibly initially obtain and apply the January 2025 Home windows safety replace appropriately, resembling through the Home windows Replace web page in Settings. Nonetheless, when restarting the gadget to finish the replace set up, an error message with textual content much like “One thing didn’t go as deliberate. No want to fret – undoing modifications” seems. The gadget will then revert to the Home windows updates beforehand current on the gadget.

This subject doubtless impacts a restricted variety of organizations as model 2411 of the SRA utility is a brand new model. Residence customers usually are not anticipated to be affected by this subject.

Citrix has documented this subject, together with a workaround, which will be carried out previous to putting in the January 2025 Home windows safety replace. For particulars, see Citrix’s documentation.

Microsoft is working with Citrix to deal with this subject and can replace this documentation as soon as a decision is on the market.

The Home windows Occasion Viewer would possibly show an error associated to SgrmBroker.exe, on units which have put in Home windows updates launched January 14, 2025 or later. This error will be discovered underneath Home windows Logs > System as Occasion 7023, with textual content much like ‘The System Guard Runtime Monitor Dealer service terminated with the next error: %%3489660935’.

This error is just observable if the Home windows Occasion Viewer is monitored carefully. It’s in any other case silent and doesn’t seem as a dialog field or notification.

SgrmBroker.exe refers back to the System Guard Runtime Monitor Dealer Service. This service was initially created for Microsoft Defender, nevertheless it has not been part of its operation for a really very long time. Though Home windows updates launched January 14, 2025 battle with the initialization of this service, no influence to efficiency or performance needs to be noticed. There is no such thing as a change to the safety degree of a tool ensuing from this subject. This service has already been disabled in different supported variations of Home windows, and SgrmBroker.exe presently serves no goal.

Notice: There is no such thing as a have to manually begin this service or configure it in any manner (doing so would possibly set off errors unnecessarily). Future Home windows updates will regulate the elements utilized by this service and SgrmBroker.exe. For that reason, please don’t try to manually uninstall or take away this service or its elements.

No particular motion is required, nevertheless, the service will be safely disabled to be able to forestall the error from showing in Occasion Viewer. To take action, you’ll be able to observe these steps:

  1. Open a Command Immediate window. This may be achieved by opening the Begin menu and typing ‘cmd’. The outcomes will embody “Command Immediate” as a System utility. Choose the arrow to the appropriate of “Command Immediate” and choose “Run as administrator”.
  2. As soon as the window is open, fastidiously enter the next textual content: sc.exe config sgrmagent begin=disabled
  3. A message could seem afterwards. Subsequent, enter the next textual content: reg add HKLMSystemCurrentControlSetServicesSgrmBroker /v Begin /d 4 /t REG_DWORD
  4. Shut the Command Immediate window.

This can forestall the associated error from showing within the Occasion Viewer on subsequent gadget begin up. Notice that a few of these steps could be restricted by group coverage set by your group.

We’re engaged on a decision and can present an replace in an upcoming launch.

A number of the older Home windows 10 variations have additionally acquired updates at present, which have been listed under with their respective launch notes (KB) linked in addition to hyperlinks to obtain them at Microsoft’s Replace Catalog:

Model KB Construct Obtain Help
1809

KB5053596

17763.7009

Replace Catalog Lengthy-Time period Servicing Channel (LTSC)
1607

KB5053594

14393.7876

Replace Catalog
1507

KB5053618

10240.20947

Replace Catalog

It’s noteworthy that Home windows 10 20H2 and Home windows 10 1909 reached the top of servicing. Non-LTSC editions of 21H2 have additionally reached the top of servicing.

author avatar
roosho Senior Engineer (Technical Services)
I am Rakib Raihan RooSho, Jack of all IT Trades. You got it right. Good for nothing. I try a lot of things and fail more than that. That's how I learn. Whenever I succeed, I note that in my cookbook. Eventually, that became my blog. 
share this article.

Enjoying my articles?

Sign up to get new content delivered straight to your inbox.

Please enable JavaScript in your browser to complete this form.
Name