KB5010354 – Windows Server 2022 – February Cumulative Update

Cumulative update KB5010354 for Windows Server 2022 for the month of February has been released on 8th February 2022. The update seeks to fix bugs and bring out performance improvements on Windows Server 2022. We look at the various vulnerabilities that have been patched as part of this month’s cumulative updates. We also look at the different ways in which you can install this update on Windows Server 2022.

Salient points about KB5010354 for Windows Server 2022:

  • KB5010354 weighs 215.8 MB in size.
  • This update is cumulative in nature.
  • KB5010354 supersedes KB5009608 patch released in January 2022.
  • You need to be aware of the two vulnerabilities for Windows Server 2022. One is a critical vulnerability on the HTTP Protocol Stack (http.sys) and another is a zero-day exploit on the Microsoft DNS server. Details of both vulnerabilities are shared below.
  • KB5010354 will push the stable build on your server to OS Build 20348.524.

What vulnerabilities are resolved under KB5010354?

For Windows Server 2022, you need to be aware of a critical vulnerability and a zero-day high severity vulnerability. Both these vulnerabilities have been resolved under KB5010354. You may not want to delay patching the Windows Server 2022 with the February cumulative update because of the nature of both vulnerabilities.

  • CVE-2022-20917 – This is a CVSS 9.8 vulnerability that affects Windows Server 2022. This vulnerability has a critical impact for your IT infrastructure. This vulnerability allows a remote attacker to send malicious packet and utilize the vulnerability in the HTTP protocol stack (http.sys) to launch the malicious code. This vulnerability has yet to be exploited, and its details have not been shared publicly. However, the vulnerability is wormable and Microsoft suggests that the system administrators must patch the servers and workstations on priority.
  • CVE-2022-21984 – This vulnerability is a CVSS 8.8 vulnerability that has been marked as a zero-day vulnerability. The vulnerability targets DNS services running on the system. Servers running the Microsoft DNS Server are prone to Remode Code Execution attacks. To be vulnerable, a DNS server would need to have dynamic updates enabled. It would make a lot of sense to patch the affected Windows Server 2022 installations.

Can I install KB5010354 on Windows Server 2022 without installing the January Updates?

KB5010354 is a cumulative update and supersedes KB5009608 and KB5010197 updates for the month of January 2022. So, you can install the cumulative update KB5010354 and it would take care of the changes brought out as part of the January cumulative updates. This update will push the build on your Windows Server 2022 to OS Build 20348.524.

How can I install KB5010354 on Windows Server 2022?

KB5010354 is available as part of the regular Windows update channels. This means that you can patch the Windows Server 2022 in any of the following ways:

  • Windows Update – the patch can be automatically downloaded and deployed using the Windows Update program on your server.
  • Windows Update for Business – the patch will be automatically downloaded and applied.
  • Windows Server Update Service (WSUS) – the WSUS can be used to import the patch for Windows Server 2022. Set the WSUS to import security update for the Windows Server 21H2 version.
  • Microsoft Update Catalog – KB5010354 can be downloaded manually from the Microsoft Update catalog page for Windows Server 2022 or Windows Server 21H2 version. The update weighs 215.8 MB.

If you run into any issues while installing the KB5010354 patch or post-installation of the KB5010354 patch, you can uninstall the patch from the Windows Update program.

What are the known issues in KB5010354 update for Windows Server 2022?

The latest known issue on the Windows Server 2022 is the issue with .NET framework version 4.8. After installing the cumulative updates in January, it is possible that the .NET framework may not work properly in acquiring or setting the Active Directory Forest Trust Information. The remedy lies in updating the .NET framework with the out of band update KB5011258.

Aside from the .NET framework issue, we have another issue wherein the Remote Desktop connections may fail. You may get an error – “Your credentials did not work. The credentials that were used to connect to [device name] did not work. Please enter new credentials.” and “The login attempt failed” in red. You could resolve this issue by applying the KIR or Known-issue Rollback to the affected Windows Server 2022. This may take up to 24 hours for the situation to resolve on its own. Alternatively, you may restart the server to resolve the issue. The server reboot solution may not be a practical solution. Therefore, at this point, we may be more focused on using the KIR resolution.

Summary

KB5010354 cumulative update for Windows Server 2022 resolves critical and high impact vulnerabilities. No known issues of any update related incidents are known. Early adopters of the KB5010354 cumulative update have given clear feedback about this month’s updates. We do suggest patching the Windows Server 2022 on priority because of the nature of critical and high severity vulnerabilities that have been found on the servers.

You may also like to read more about content related to the Windows updates: