KB5010412 – Windows Server 2012 – February Update

KB5010412 is a security only update for Windows Server 2012. This update has been released on 8th February 2022. This update resolves bugs on the Windows Server 2012, and follows up on the last security only update for January – KB5009619. KB5009619 was worth 58.8 MB and the current month’s security update is of 19.1 MB size. We look at the ways you can install this update on Windows Server 2012, and discuss the applicability of critical vulnerabilities on the server.

Salient points about the KB5010412 security update for Windows Server 2012:

  • KB5010412 is a security update that is standalone.
  • You need to have KB5009619 or KB5010797 on the Windows Server 2012 before patching with KB5010412.
  • You will also need KB5006671 for Internet Explorer prior to installing the KB5010412 security update.
  • There are no critical vulnerabilities in February updates for Windows Server 2012.
  • Zero-day vulnerability, CVE-2022-21984, does not apply to the Windows Server 2012.
  • The update size of 19.1 MB for the 64 bit edition of Windows Server 2012.

Can I install KB5010412 without installing the January update KB5009619 or KB5010797?

No, you will need to install the KB5009619 or the KB5010797 security update before installing this month’s security only update KB5010412 on Windows Server 2012. If you had installed KB5009619, there is a high chance that you may have experienced multiple issues including the boot loop of the domain controllers. You should have followed-up KB5009619 with the installation of out of band update KB5010797 on Windows Server 2012. Once you have deployed KB5010797, you will need to install another security update for Internet Explorer – KB5006671. After installing KB5006671, you can patch the Windows Server 2012 with the latest security update KB5010412.

This fact is also borne out by the fact that January’s update was 58.8 MB in size and February month’s update is worth 19.1 MB in size.

Security only updates are not cumulative in nature. And, Windows Server 2012 has reached end of mainstream support.

So, we can summarize that before you install KB5011412 on Windows Server 2012:

  • install KB5009619 and follow it up with an out of band update KB5010797.
  • install KB5006671 update for Internet Explorer.
  • now, install KB5010412 on the Windows Server 2012.

What vulnerabilities are applicable for Windows Server 2012?

There has been a single critical vulnerability on the Windows Server 2012. This vulnerability affects the HTTP Protocol stack and carries a CVSS score of 9.8. However, this vulnerability is not applicable to Windows Server 2012.

On a similar basis, there is a zero-day vulnerability, CVE-2022-21984. This vulnerability affects the Microsoft DNS Server. However, the CVE-2022-21984 vulnerability does not affect the Windows Server 2012.

How can I get the KB5010412 update for Windows Server 2012?

Since Windows Server 2012 has reached end of mainstream support, the security update KB5010412 is not available through automatic download on Windows Update or Windows Update for Business. This leaves us with two options to get the KB5010412 security update for Windows Server 2012.

  • Windows Server Update Service (WSUS) can be used to import the KB5010412 security only update and patch on the Windows Server 2012.
  • You can download the KB5010412 update through the Microsoft Update catalog. The update is of 19.1 MB. You can download it from here.

Early adopters of the KB5010412 security update for Windows Server 2012 have indicated that there have no issues post deployment of the KB5010412 security update. In case you run into any issues, you can uninstall the KB5010412 security update from the Windows Server 2012.

What bugs have been resolved as part of KB5010412?

The following fixes have been implemented as part of the KB5010412 security update:

  • Failed LDAP bindings issue has been resolved.
  • Issue with virtual servers that failed after updating with January updates on Windows Server 2012 has been resolved as well. The virtualization layer broke after updating KB5009619 on Windows Server 2012.
  • Updates daylight savings time to start in February 2022 instead of March 2022 in Jordan.

There is also an issue with the .NET framework that fails to acquire or set Active Directory Forest Trust Information. This issue rose after the January updates. The .NET framework on the Windows Server 2012 should be updated with the updates that have been released for specific versions of the .NET framework on the Windows Server 2012.

  • .NET framework 4.5.2 to update with KB5011260. The update has a 54.3 MB size.
  • .NET frameworks 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 to update with KB5011263. This update weighs 376 KB.
  • .NET framework 4.8 to update with KB5011265. The update file is 362 KB.

So, most of the issues resolved in KB5010412 are the ones that have risen up after the servers were updated with the security updates in the month of January 2022.

Summary

Security update KB5010412 for Windows Server 2012 resolves the bugs that rose after January security updates were installed. There have been no critical vulnerabilities on the Windows Server 2012 for the February update cycle.

You may like to read more content related to Windows Updates: