KB5014741 Security Update for Windows Server 2012

KB5014741 is the security-only update for Windows Server 2012. It was released on 14th June as part of the ‘Patch Tuesday’ project of Windows updates. We look at some of the key points of the KB5014741 security update for Windows Server 2012.

  1. KB5014741 – Salient points about KB5014741 for Windows Server 2012
  2. KB5014741 – Zero-day vulnerability on Windows Server 2012
  3. KB5014741 – Other vulnerabilities on Windows Server 2012
  4. KB5014741 – Prerequisites for installing on Windows Server 2012
  5. How can I deploy KB5014741 on Windows Server 2012?
  6. Summary

If you are here for July updates, you can find more information about KB5015875 for Windows Server 2012 on this page. KB5015875 is the security only update for Windows Server 2012 released on 12th July 2022. It includes all the security fixes for vulnerabilities reported during the past month on Windows Server 2012.

KB5014741 – Salient points about KB5014741 for Windows Server 2012

  • KB5014741 is a security-only update. You can install it only if you have installed all the previous security-only updates on Windows Server 2012.
  • The last security-only update for Windows Server 2012 was KB5014018 for the month of May.
  • You will also need to make sure that the KB5011486 cumulative update for Internet Explorer is already deployed on Windows Server 2012.
  • KB5014741 also contains a fix for the CVE-2022-30154 vulnerability that affects the Microsoft File Server Shadow Copy Agent Service.
  • SSU KB5014027 needs to be deployed on Windows Server 2012 prior to installing the KB5014741 security update.
  • Post-deployment of KB5014741, Wi-Fi hotspot functionality may break. You can disable the Wi-Fi hotspot function to get around this issue. A fix is expected soon.
  • Zero-day vulnerability CVE-2022-30190 affects Windows Server 2012 and is mitigated in the KB5014741 security update.
  • You need to also be aware of two critical vulnerabilities CVE-2022-30163 and CVE-2022-30136 that affect Windows Server 2012.

You can read more about the KB5014018 security-only update for Windows Server 2012 on this page. KB5014018 was released in May 2022.

KB5014741 – Zero-day vulnerability on Windows Server 2012

CVE-2022-30190 is a zero-day vulnerability that could lead to remote code execution attacks on the target server. The threat exists in Microsoft Windows Diagnostic Tool (MSDT). This vulnerability is publicly disclosed and is being exploited. The CVSS rating of CVE-2022-30190 is 7.8.

It is strongly recommended that the security update must be deployed to resolve the CVE-2022-30190 vulnerability. Apart from this, you could disable the MSDT URL protocol through the registry. The instructions for implementing the workaround are listed on the Microsoft blog.

KB5014741 – Other vulnerabilities on Windows Server 2012

There are a couple of other vulnerabilities that pose a critical impact on the infrastructure comprising Windows Server 2012.

CVE-2022-30136 – Remote Code Execution

This is a CVSS 9.8 vulnerability on the Network File System version 4.1. NFS version 2 and NFS version 3 are unaffected by this vulnerability. The flaw in the Network File System can lead to a Remote Code Execution attack.

You can deploy KB5014741 to resolve this vulnerability. Alternatively, you can disable NFS version 4.1 to mitigate the risk.

CVE-2022-30163 – Windows Hyper V – Remote Code Execution

This is a remote code execution that allows an attacker to access the system and cause arbitrary code execution on the Hyper V operating system. The attacker could get low-level access to the server running the Hyper V operating system. The impact of this vulnerability and attack could lead to a change of scope on the server.

CVE-2022-30163 has a CVSS rating of 8.5. The threat is resolved in the KB5014741 security-only update.

KB5014741 – Prerequisites for installing on Windows Server 2012

There are a few prerequisites for installing KB5014741 on Windows Server 2012:

  • Cumulative update KB5011486 for Internet Explorer needs to be on Windows Server 2012 before deploying this update. You can download KB5011486 from the Microsoft Update Catalog page for KB5011486. The size of the update file is 46 MB.
  • SSU KB5014027 also needs to be deployed on Windows Server 2012 before deploying KB5014741. You can download KB5014027 from the Microsoft Update Catalog page for KB5014027. The size of the update file is 9.7 MB.
  • There could be certificate authentication issues on the application servers after deploying the June updates. To prevent this issue, it is recommended to install KB5014741 on the application and other intermediate servers that handle certificate authentication requests. Once these intermediary servers are patched, you can deploy KB5014741 on the domain controllers.
  • An alternative approach to preventing certificate authentication issues is to use the registry editor and set the CertificateMappingMethods to 0x1F entry. At this point, you can deploy KB5014741. Once the security update is deployed successfully, you can remove the CertificateMappingMethods entry. You can read more about this on the KB5014754 page.

How can I deploy KB5014741 on Windows Server 2012?

Windows Server 2012 is in extended support mode. You need to buy extended support to access security updates. Due to the nature of extended support plans, the security updates are unavailable through the Windows Update process or the Microsoft Update for Business.

You can still download the patch through WSUS once you have validated the Extended Support subscription.

You can also download the KB5014741 manually through the Microsoft Update Catalog page for KB5014741. The size of the update file is 34.1 MB.

Summary

KB5014741 is a security-only update that resolves critical security vulnerabilities. It also brings in quality improvements for printing to NUL port from low-level applications. There are several dependencies for installing KB5014741. The update is available for manual patching as Windows Server 2012 is under extended support plans.

You may like to read more content related to June updates from Microsoft in the below mentioned pages: