Hi, @halosec
Thank you for posting in Microsoft Q&A forum.
If the cumulative update has been installed but the machine has not been rebooted, the machine may still be susceptible to the monthly vulnerability. A reboot is necessary for some updates to take effect, and until the update is completely installed and active, it may not offer full protection against vulnerabilities.
Whether or not a machine is susceptible to a specific vulnerability can depend on factors such as the nature of the vulnerability and the specific configuration of the machine. In the specific case of the CVE-2023-29324 vulnerability, the KB article states that the vulnerability can be addressed by installing the 2023-05 Cumulative Update for Windows Server 2019 for x64-based Systems (KB5026362). However, there is no information provided on whether a reboot is necessary for the update to take effect.
It is always recommended to follow best practices when it comes to patching and updating systems, which often includes rebooting the system after installing updates to ensure the updates are fully implemented and effective in addressing any vulnerabilities.
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Add comment".