KB5014678 Cumulative Update for Windows Server 2022

by

KB5014678 is the cumulative update for the Windows Server 2022 month of June 2022. It supersedes May’s cumulative update KB5013944. We look at the key points of the KB5014678 security update for Window Server 2022.

  1. KB5014678 – Salient points about KB5014678 for Windows Server 2022
  2. KB5014678 – Zero-day vulnerability on Windows Server 2022
  3. KB5014678 – Other vulnerabilities on Windows Server 2022
  4. Prerequisites for installing KB5014678 on Windows Server 2022
  5. How can I deploy KB5014678 on Windows Server 2022?
  6. Summary

You can read more about the cumulative update KB5015827 for the month of July 2022 for Windows Server 2022 on this page for KB5015827 cumulative update.

KB5014678 – Salient points about KB5014678 for Windows Server 2022

  • KB5014678 is a cumulative update for Windows Server 2022.
  • It supersedes May month’s cumulative update KB5013944 for Windows Server 2022.
  • KB5014678 also supersedes the OOB or out-of-band update KB5015013 for Windows Server 2022. KB5015013 was released on May 19 to resolve authentication issues post-deployment of KB5013944.
  • If you have not installed KB5015013 on Windows Server 2022, you can skip it. KB5014678 contains all the changes that are part of the KB5015013 update for Windows Server 2022.
  • The size of the update file for KB5014678 is 244.1 MB.
  • Before deploying KB5014678, you need to install the cumulative update (August 2021) KB5005039 on Windows Server 2022.
  • Zero-day vulnerability CVE-2022-30190 affects Windows Server 2022. It is patched in KB5014678.
  • Two vulnerabilities with critical impact on Windows Server 2022 need to be attended to. These are CVE-2022-30139 and CVE-2022-30163.

You can read more about the May months’ update on the following page:

KB5013944 Cumulative Update for Windows Server 2022 – May 10, 2022

KB5014678 – Zero-day vulnerability on Windows Server 2022

Windows Server 2022 is affected by the CVE-2022-30190 zero-day vulnerability. We discuss this vulnerability in brief:

  • CVE-2022-30190 is a publicly disclosed vulnerability that is already being exploited.
  • The CVSS score for CVE-2022-30190 is 7.8 and it can lead to Remote Code Execution threats through Microsoft Windows Support Diagnostic Tool (MSDT).
  • The attack vector for CVE-2022-30190 is local. The attacker needs local access to the target machine. Once the attacker gets local access to the target computer through social engineering or malicious code, he can execute arbitrary code on the servers. Eventually, the server will be under the full control of the attacker.
  • You can disable the MSDT URL protocol to mitigate the risk. Detailed instructions are available on Microsoft’s blog.
  • Immediate patching of KB5014678 on Windows Server 2022 is recommended.

KB5014678 – Other vulnerabilities on Windows Server 2022

There have been 60 vulnerability disclosures by Microsoft as part of the June updates. These vulnerabilities have been detected across all the versions of server and desktop operating systems. Out of these 60 vulnerabilities, we are concerned about 2 vulnerabilities that can cause risks on the Windows Server 2022. We lay out these two vulnerabilities in brief below:

CVE-2022-30163 – Windows Hyper V

  • CVE-2022-30163 resides in Windows Hyper V and can lead to Remote Code Execution attacks.
  • The CVSS rating for CVE-2022-30163 is 8.5 with a critical impact on the infrastructure.
  • The attack complexity for the vulnerability is AC: H or complex.
  • The attacker can cause remote code to execute on the Hyper V operating system.
  • This threat is patched in KB5014678. There is less chance for this vulnerability to be exploited on Windows Server 2022. However, if an attacker is able to target the server, it could lead to code execution on the Hyper V host.

CVE-2022-30139 – Windows Lightweight Directory Access Protocol (LDAP)

  • CVE-2022-30139 is a critical vulnerability that has a CVSS score of 7.5. It could lead to remote code execution attacks through LDAP.
  • This vulnerability is only exploitable if the MaxReceiveBuffer LDAP policy is set to a value higher than the default value. Systems with the default value of this policy would not be vulnerable.
  • The attack complexity for CVE-2022-30139 is complex or AC: H.
  • The threat is mitigated in KB5014678 for Windows Server 2022.

Prerequisites for installing KB5014678 on Windows Server 2022

There are a couple of prerequisites for installing KB5014678 on Windows Server 2022.

  1. Install KB5005039 on Windows Server 2022

KB5014678 can be deployed on Windows Server 2022 if you have already deployed the KB5005039 Cumulative Update on the server. KB5015039 was released in August 2021. If you have been patching the server regularly, there are high chances that the KB5005039 is already deployed on the Windows Server 2022.

You can deploy KB5005039 manually. For this, download the update file from the Microsoft Update Catalog page for KB5005039. The size of the update file is a little over 148 MB.

2. Certificate Mapping registry entry

There is a chance that installing June 2022 updates on Windows Server 2022 may cause certificate authentication issues on application servers. Therefore, Microsoft has suggested a couple of alternative approaches for preventing the issue.

  • Use the registry editor to set CertificateMappingMethods to 0x1F. Install the June updates on Windows Server 2022 i.e. KB5014678 cumulative update. Now, remove the CertificateMappingMethods entry that we had set to 0x1F.
  • Alternatively, deploy the June updates on intermediate or application servers before installing them on the domain controllers.

You can read more about the certification authentication notes on the releases notes for KB5014678 for Windows Server 2022.

How can I deploy KB5014678 on Windows Server 2022?

KB5014678 for Windows Server 2022 is available through all the regular means and channels of Windows Update. This means that KB5014678 can be deployed in any of the following ways:

  • KB5014678 can be deployed through Windows Update automatically.
  • KB5014678 can be deployed automatically through the Microsoft Update for Business.
  • WSUS or the Windows Server Update Service can be used to deploy KB501467 on Windows Server 2022.
  • You can deploy KB5014678 manually through the Microsoft Update Catalog. KB5014678 can be downloaded manually from the Microsoft Update Catalog page for KB5014678. The size of the update file is 244.1 MB.

Summary

KB5014678 for Windows Server 2022 covers all changes that were implemented in the OOB update KB5015013. It also protects you against CVE-2022-30139, CVE-2022-30163, and CVE-2022-30190. There have been no adverse reports post-deployment of KB5014678 on Windows Server 2022.

You may also like to read more about June security updates for Microsoft in the content shared below:

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.