IT Reference & Documentation

Windows Event ID 7034 – Service Control Manager: Service Crashed Unexpectedly

Event ID 7034 indicates a Windows service terminated unexpectedly without a clean shutdown. This critical error requires immediate investigation to identify the failing service and root cause.

Windows Event ID 1002 – Application Error: Application Hang Detection

Event ID 1002 indicates an application has stopped responding and Windows has detected a hang condition. This critical event helps identify problematic applications affecting system performance.

Windows Event ID 6008 – EventLog: Unexpected System Shutdown Detection

Event ID 6008 indicates Windows detected an unexpected system shutdown. The system was not properly shut down before the previous boot, suggesting power loss, hardware failure, or forced restart.

Windows Event ID 4608 – Security: Windows System Startup Initialization

Event ID 4608 logs when Windows starts up and the Local Security Authority Subsystem Service (LSASS.EXE) initializes the auditing subsystem during system boot.

Windows Event ID 4723 – Microsoft-Windows-Security-Auditing: User Account Password Change Attempt

Event ID 4723 logs when a user attempts to change another user's password. This security audit event tracks administrative password reset operations and helps monitor unauthorized password modifications across Windows domains.

Windows Event ID 4625 – Microsoft-Windows-Security-Auditing: An Account Failed to Log On

Event ID 4625 records failed logon attempts in Windows Security logs. Critical for detecting brute force attacks, credential issues, and unauthorized access attempts across domain and local accounts.

Windows Event ID 4624 – Microsoft-Windows-Security-Auditing: An Account Was Successfully Logged On

Event ID 4624 records successful user authentication attempts in Windows. This security audit event fires whenever a user, service, or computer account successfully logs on to the system, providing detailed logon session information.

Windows Event ID 10010 – DistributedCOM: DCOM Server Process Launcher Access Denied

Event ID 10010 indicates DCOM server process launcher encountered access denied errors when attempting to start COM+ applications or services, typically due to permission issues or corrupted DCOM configurations.

Windows Event ID 10016 – Microsoft-Windows-DistributedCOM: DCOM Permission Denied Error

Event ID 10016 indicates DCOM permission issues when applications attempt to access COM components without proper authorization. This warning-level event is often benign but can indicate security configuration problems.

Windows Event ID 41 – Kernel-General: System Rebooted Without Clean Shutdown

Event ID 41 indicates Windows rebooted unexpectedly without proper shutdown. Caused by power failures, hardware issues, or critical system errors requiring immediate investigation.

KB5079473 — March 2026 Cumulative Update for Windows 10 and Windows 11

KB5079473 is a March 2026 cumulative update that addresses multiple security vulnerabilities, improves Windows Search performance, and resolves compatibility issues with modern hardware on Windows 10 and Windows 11 systems.

KB5084597 — March 2026 Out-of-Band Hotpatch Security Update

KB5084597 is an out-of-band hotpatch security update released March 13, 2026, addressing critical vulnerabilities in Windows 11 Version 24H2 and 25H2 systems for both x64 and ARM64 architectures.

KB5074994 — Security Update for Microsoft Exchange Server 2019 CU14

KB5074994 is a February 2026 security update that addresses multiple vulnerabilities in Microsoft Exchange Server 2019 Cumulative Update 14, including remote code execution and elevation of privilege flaws.

KB5078752 — March 2026 Security Update for Windows 10 Version 1809 and Windows Server 2019

KB5078752 is a March 2026 security update that addresses multiple vulnerabilities in Windows 10 Version 1809 and Windows Server 2019, including fixes for Windows Kernel, Remote Desktop Services, and Windows Graphics components.

KB5078766 — March 2026 Security Update for Windows Server 2022

KB5078766 is a March 2026 security update that addresses multiple vulnerabilities in Windows Server 2022, including critical remote code execution flaws and privilege escalation issues affecting server infrastructure.

KB5078737 — March 2026 Security Hotpatch for Windows Server 2022

KB5078737 is a March 2026 security hotpatch update for Windows Server 2022 that addresses multiple security vulnerabilities without requiring a system restart, updating the OS build to 20348.4830.

KB5078734 — March 2026 Security Update for Windows Server 2022 23H2

KB5078734 is a March 2026 security update that addresses multiple vulnerabilities in Windows Server 2022 23H2, including critical remote code execution flaws and privilege escalation issues affecting Server Core installations.

KB5079420 — March 2026 Hotpatch Security Update for Windows 11

KB5079420 is a March 2026 hotpatch security update that addresses critical vulnerabilities in Windows 11 Version 24H2 and 25H2 systems, delivering security fixes without requiring a system restart.

KB5079466 — March 2026 Cumulative Update for Windows 11 Version 26H1

KB5079466 is a March 2026 cumulative update that addresses security vulnerabilities and system stability issues in Windows 11 Version 26H1, updating systems to OS Build 28000.1719.

KB5078736 — March 2026 Security Hotpatch for Windows Server 2025

KB5078736 is a March 2026 security hotpatch update for Windows Server 2025 that addresses critical vulnerabilities without requiring a system restart, updating the OS build to 26100.32463.