January Security Update KB5009619 for Windows Server 2012

This content has been archived. But, the content is true and relevant to the underlying technology products or infrastructure services.

The January security update for Windows Server 2012 has been released. The security update KB5009619 seeks to resolve bugs, bring in product improvements and resolve security vulnerabilities. The security only update will need to be installed after the last security update and the security update KB5006671 for Internet Explorer. Below, we discuss how you can download the KB5009619 security update for Windows Server 2012 (Windows Embedded 8) operating system.

KB5010797 – Emergency out of band update for Windows Server 2012

Given the issues reported by system administrators after patching Windows Server 2012 with the January security update KB5009619, Microsoft has released an emergency security update that is of an out of band nature. This emergency update focuses on resolving the following 3 issues that were caused by the KB5009619 security update for Windows Server 2012:

  • KB5010797 resolves the issue of boot loops on the domain controllers that have been patched with KB5009619.
  • KB5010797 helps to resolve issues with the Hyper VM and failed virualization layer on the Windows Server 2012 that have been patched with KB5009619.
  • KB5010797 resolves the issue of failed LDAP bindings on the Active Directory servers after patching with KB5009619.

You can download the KB5010797 out of band emergency security update for Windows Server 2012 from the Microsoft Update catalog page. For your benefit, the download link is published below:

This update weighs 58.1 MB. It is a security only update and seeks to address the issues in the security update KB5009619.

If you prefer to use the Windows Server Update Service (WSUS) to patch your server, you will need to manually import the KB5010797 emergency update for Windows Server 2012.

How can I download the KB5009619 for Windows Server 2012?

KB5009619 can be downloaded from the Microsoft Update catalog. The update for Windows Server weighs 58.8 MB. KB5009619 has also been released for the 32 bit processors for Windows Embedded 8 operating system. A 64 bit release for the Windows Embedded 8 system has been released alongside these 2 updates.

Below, you can find the download links for the KB5009619 for 64-bit processors and 32-bit processors:

  • KB5009619 for AMD x64 processors can be downloaded here (you may get a certificate error, either skip the warning or download it from the main catalog page). This update file is 58.8 MB in size. You can read more about this update on the Microsoft site.
  • KB5009619 for 32 bit x86 processors can be downloaded here. This update file is 35.5 MB in size. This download is applicable for Windows Embedded 8 operating system.
  • KB5009619 for 64 bit Windows Embedded 8 system can be downloaded here. This update file is 58.8 MB in size.

For our discussion, the Windows Server 2012 update KB5009619 may require a server reboot. So, you may need to plan for a maintenance window to implement the quality security update.

Issues with January Security Updates

January security updates have caused a few reported issues for Windows Server products. Some of these are mentioned below for ready reference.

  • Bootloop on the server after implementing the security updates. If your servers end up in a bootloop, your issue has been cuased by the recently deployed security update. Please take the server off the network and boot into the safe mode. Uninstall the update and re-connect to the network. This is happening on multiple server platforms, including the Windows Server 2012 Server Core and Windows Server 2012.
  • You may lose ReFS volumes after installing the security updates on the servers. The external USB drives may turn up as RAW after installing the security update. Or, the internal ReFS volumes may turn RAW after installing the security updates. You will need to uninstall the security update to get the ReFs volumes back up and running fine.
  • Hyper VM V may not work post-installation of the security update on Windows Server. Virtualization may show as disabled. Removing the installed security update resortores the Hyper VM functionality on the Windows servers. Virtual machines will boot up fine after uninstalling the security updates on the Windows Servers.

These issues may or may not affect your Windows Servers. It may be wise to plan for the maintenance time to get over all these issues if they strike one of your Windows Servers. Domain controllers ought to be updated after updating the non-domain controllers.

How can I update Windows Server 2012 with KB5009619 automatically?

The Windows Server 2012 security update KB5009619 can be automatically patched using the Windows Server Update Service (WSUS). WSUS will automatically sync with the KB5009619 when you have configured the WSUS with:

  • Product:  Windows Server 2012, Windows Embedded 8 Standard
  • Classification: Security Update

KB5009619 is unavailable for automatic download through the Windows Update program.

What bugs have been fixed in KB5009619 for Windows Server 2012?

The security update KB5009619 resolves issues with the Active Directory as per the details shared below:

  • Addresses a Windows Server issue in which Active Directory attributes are not written correctly during a Lightweight Directory Access Protocol (LDAP) modify operation with multiple specific attribute changes.

Known issues or problems in KB5009619 for Windows Server 2012

KB5009619 security update for Windows Server 2012 has a known issue. File and folder operations on the clustered shared volume may fail with STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5). This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.

As a workaround, Microsoft has suggested that you could either perform the operation through an account with administrative privileges. Alternatively, you may perform the file and folder operations from a node that does not have CSV ownership.

Aside from the known issue, some system administrators have reported reboot loops after the installation of the KB5009619 security update. Post-installation of KB5009619, the Windows Server 2012 may keep on rebooting. To get around this, you may need to take the server or domain controller off the network. Boot into the safe mode. And, remove or uninstall the KB5009619 security update from the Windows Server 2012. It would not be a bad idea to wait for an update from Microsoft that resolves this issue.

To rule out issues on your network, you may plan to deploy the KB5009619 security-only update on a Windows Server 2012 that may not be critical for your infrastructure. Or, deploy it on a Windows Server 2012 that has lesser significance than other servers. Let the update run for a day before you deploy it on other servers on the network. It is a good idea to plan for a maintenance schedule to get the KB5009619 on the servers.

To uninstall the KB5009619 from Windows Server 2012, you may get into the Control panel and check or view the installed updates. Uninstall the update from the Program and features.


  • KB5009619 for Windows Server 2012 is the security only update that has been offered as part of the Tuesday release.
  • You can download the security update through the catalog site or patch automatically using the WSUS.
  • Some system administrators are experiencing issues with server reboot loops. Uninstalling the KB5009619 resolves the server reboot loop issue.

Other January security updates from Microsoft:

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.