KB5010419 Monthly Rollup update for Windows Server 2012 R2 – February Update

KB5010419 monthly rollup update has been released on 8th February for Windows Server 2012 R2. It is a cumulative update that follows up on the January updates for the Windows Server 2012 R2 – KB5009624. We look at the details of the monthly rollup update KB5010419 and how it improves and fixes issues.

Salient points about the KB5010419 monthly rollup update for KB5010419:

  • KB5010419 is a cumulative update.
  • It will supersede January’s monthly rollup KB5009624.
  • This update is different than the security only update KB5010395 for Windows Server 2012 R2.
  • The update file is 547 MB in size; please allow some time for the update to patch successfully.
  • KB5010419 can be deployed through all the regular ways of patching Windows Servers.
  • Zero-day vulnerability on DNS Server and critical vulnerability on HTTP Protocol Stack do not affect Windows Server 2012 R2.

Can I install KB5010419 without installing January update KB5009624?

KB5010419 is a monthly rollup update. It is a cumulative update. Therefore, it supersedes or replaces the January monthly rollup update KB5009624 for Windows Server 2012 R2. Implementing KB5009624 caused multiple issues on the Windows Server 2012 R2 that include:

  • Boot loops on the domain controllers.
  • Failed LDAP bindings on the server.
  • Failure of Hyper V based virtual machines to work properly after the updates.
  • ReFS volume drives become RAW.

Uninstalling the monthly rollup update KB5009624 resolved the issues. However, Microsoft released an emergency out of band security update on 17th January to fix these issues. This update KB5010794 had to be installed on top of the KB5009624 to resolve the issues on the Windows Server 2012 R2.

If you did not install KB5009624 and KB5010794 on the Windows Server 2012 R2, you can still skip them and install the February month’s monthly rollup update KB5010419. If you have already patched Windows Server 2012 R2 with KB5009624 and KB5010794, only the incremental changes will be downloaded on the Windows Server 2012 R2 as part of the KB5010419 monthly rollup update.

How can I install KB5010419 on Windows Server 2012 R2?

KB5010419 is available through all the regular channels of updates for Windows Server 2012 R2. So, you could use one of the following methods to patch KB5010419 on the Windows Server 2012 R2. Before patching Windows Server 2012 R2, you will need to deploy the KB5001403 Servicing Stack Update. You can download the KB5001403 from the catalog page here. This update is 10.4 MB in size.

  • KB5010419 can be downloaded using the Microsoft Updates.
  • KB5010419 can be applied automatically using Windows Updates.
  • KB5010419 can also be applied using the WSUS or Windows Server Update Service. You will need to configure WSUS to pull in updates for Windows Server 2012 R2.
  • You can also download KB5010419 manually. The update file has a size of 547 MB. You can download KB5010419 from the following page on the Microsoft catalog.

Early adopters of the monthly rollup update KB5010419 have indicated that there are no post-deployment issues on the Windows Server 2012 R2.

Issues resolved in KB5010419 for Windows Server 2012 R2

The following issues have been resolved on the Windows Server 2012 R2 as part of the monthly rollup update KB5010419:

  • Boot loops on the Windows Server 2012 R2.
  • Failed LDAP bindings on the server.
  • Failed Hyper V based virtual machines.
  • Windows stop error with IRQL_NOT_LESS_OR_EQUAL error.
  • Adds an audit event on Active Directory domain controllers that identifies clients that are not RFC-4456 compliant.
  • Jordan’s Daylight Savings Time begins from February 2022 instead of March 2022.

Aside from these issues, there are a couple of other issues that have been patched through incremental updates or through workarounds shared by Microsoft.

  • File and folder operations may fail on a clustered shared volume. To workaround this issue, you may need to perform the file operations using an account with administrative privileges. Or, you could use an account that does not have the clustered node ownership.
  • .NET framework bug may lead to inconsistent behaviour of the Active Directory Trust information setup. You will need to update the .NET framework on the Windows Server 2012 R2 to browbeat this issue as per the instructions below:
  1. .NET framework 4.5.2 to be patched with .NET update under KB5011260. You can download the file manually and apply it on the Windows Server 2012 R2 from this catalog page. The size of the update file is 54.3 MB.
  2. .NET framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 to be patched with KB5011262. The update file can be downloaded from Microsoft catalog page here. The size of the update is 375 KB only.
  3. .NET framework 4.8 to be patched with KB5011265. This .NET update can be downloaded manually from the Microsoft Catalog page for Windows Server 2012 R2. The update file is 362 KB in size.

Vulnerabilities in Windows Server 2012 R2 for February

For the month of February, the main focus on vulnerabilities has been on the two vulnerabilities mentioned below.

  • CVE-2022-21984 is a CVSS 8.8 vulnerability that is of the nature of a zero-day vulnerability. This vulnerability exists on Microsoft DNS Server and could lead to remote code execution attacks on the server. However, this vulnerability does not affect the Windows Server 2012 R2.
  • CVE-2022-21907 is a vulnerability that exists on the HTTP Protocol Stack (http.sys). It is a CVSS 9.8 vulnerability that can lead to remote code execution attacks on the target. Immediate patching of this vulnerability has been suggested as part of the security bulletin. However, the CVE-2022-21907 vulnerability does not affect the Windows Server 2012 R2.

Both these vulnerabilities do not have any impact on the Windows Server 2012 R2.

Summary

KB5010419 is a useful monthly rollup update. It is of a cumulative nature and replaces January updates on the Windows Server 2012 R2. However, there are no incremental issues that have been reported after deploying the KB5010419 on Windows Server 2012 R2.

You may like to read more content relevant to Windows Updates in the following pages: