Forum Discussion
KB5094128 ntoskrnl.exe version wrong?
For update KB5094128 The list of updated files contains an ntoskrnl.exe with file version 10.0.20348.5257 which in my opinion should be 10.0.20348.5256.
https://go.microsoft.com/fwlink/?LinkId=2368532
We use scanning tools which rely on this list of updated files. But the installed file version is different and therefore our scanning tools report these installations as "vulnerable"
After applying patch KB5094128 the version of \windows\system32\ntoskrnl.exe is 10.0.20348.5256
Does anybody know if the information in this .csv is wrong?
4 Replies
I concur
I am in the same boat. Opened a ticket with Tenable, and they are pointing to Microsoft to fix the typo. The "June 9, 2026—KB5094128 (OS Build 20348.5256)" Announcement - has 20348-5256 as the OS version on top of the web page, but the info in the cvs file "https://go.microsoft.com/fwlink/?LinkId=2368532" reflects it as "ntoskrnl.exe - 10.0.20348.5257 as of 7-Jun-26 - 22:21".
If the KB was released on 09Jun2026, but the cvs notation for "ntoskrnl.exe" is dated 07Jun2026 22:21hrs (10:21pm). And I did look at previous cumulative update KBs, the cvs notation matches the web page version/build number. I would lean towards the cvs notation for ntoskrnl.exe since the version number assignment is dated earlier that the KB announcement date. Just my opinion.
Microsoft what is the correct OS version after the KB5094128 is successfully applied to the Server, (10.0.20348.5256 or 10.0.20348.5257)?
Microsoft just confirmed 5256 is correct, the CVE is wrong, they are working on a update on that.
We raised a ticket, Microsoft confirmed that the right version is 5256 and that the CVE with version numbers is wrong, we have requested them to update it.
