KB5040442: Windows Server 2019 / 2022 Cumulative Update (July 2024)
The July 2024 Patch Tuesday cumulative update for Windows Server 2019 and 2022 addresses 142 CVEs. Includes the fix for CVE-2024-38080, a Windows Hyper-V elevation of privilege zero-day that was being actively exploited at time of release.
CVE-2024-38080 allows a local attacker running code inside a Hyper-V guest virtual machine to escape the VM boundary and execute code on the host with SYSTEM privileges. This is a particularly severe vulnerability for multi-tenant environments or environments where guest VMs run workloads from different trust boundaries.
KB5040442 (Windows Server 2022) and KB5040430 (Windows Server 2019) address 142 CVEs in the July 2024 cycle. CVE-2024-38080, a Hyper-V elevation of privilege zero-day, was actively exploited at time of release. An attacker with guest VM access can exploit this to escape the VM and gain SYSTEM privileges on the Hyper-V host.
Probably yes if any of these apply:
Affected OS versions
A cloud service provider running Windows Server 2022 as their Hyper-V hypervisor platform is exposed to CVE-2024-38080. An attacker who compromises a guest VM — whether through a web application vulnerability or other means — can use this zero-day to break out of the VM and gain full control of the hypervisor host, accessing all other VMs on the same host.
Manual download
For air-gapped servers or out-of-band deployment. Microsoft Update Catalog returns every OS-version variant of this update.
↗ Microsoft Update CatalogKB5040442Manual remediation steps
⏱ 30–60 minutes including rebootCheck Patch Status
# Windows Server 2022
Get-HotFix -Id KB5040442
# Windows Server 2019
Get-HotFix -Id KB5040430
Check Hyper-V Role
Get-WindowsFeature -Name Hyper-V | Select-Object Name, InstallState
# If Hyper-V is installed, this patch is critical priority
Apply
Verify
Get-HotFix -Id KB5040442 # or KB5040430
No tested PowerShell script for this entry yet. We’re prioritising automation based on user demand.
References