KB5015827 Cumulative Security Update for Windows Server 2022

KB5015827 is the cumulative security update for Windows Server 2022. It was released on 12th July 2022 and replaces KB5014678 security update. We look at some key aspects of the KB5015827 cumulative update for Windows Server 2022 below:

KB5015827 for Windows Server 2022 – Salient Points

  • KB5015827 replaces June month’s cumulative update KB5014678. It upgrades the build of Windows Server 2022 to OS Build 20348.825.
  • KB5015827 also contains all the changes that are part of the optional update KB5014665. The Out-of-band update KB5014665 was released on 23rd June 2022 to resolve issues that were caused by patching of June security updates. If you did not install KB5014665 on Windows Server 2022, you can skip it and install KB5015827 directly.
  • Before deploying KB5015827, you will also need to ensure that the cumulative update KB5005039 from August 2021 is already deployed on the server.
  • KB5015827 contains a fix for the zero-day vulnerability CVE-2022-22047 on Windows Server 2022.
  • KB5015827 also resolves the vulnerability that affects the Active Directory Federation Services.
  • The size of the MSU update file for KB5015827 is 247.5 MB. Server restart may be needed to complete the deployment.

Read more about June month’s cumulative update for Windows Server 2022 on the KB5014678 security update page.

KB5015827 for Windows Server 2022 – Prerequisites

There are no specific prerequisites for installing KB5015827 on Windows Server 2022. You can install it directly through Windows Update or manually. However, it is recommended that you must have already deployed the August 2021 security update KB5005039 on the server.

  • KB5005039 is a cumulative update for Windows Server 2022 that was released on 10th August 2021.
  • The size of the MSU update file for KB5005039 is 148.5 MB.
  • You can download it manually from the Microsoft Update Catalog page for KB5005039.

If you have been following the scheduled security updates released by Microsoft, there are chances that you would have already deployed the August 2021 security update and the later releases of cumulative security updates for Windows Server 2022.

KB5015827 for Windows Server 2022 – Vulnerabilities

Windows Server 2022 is affected by a zero-day vulnerability and quite a few vulnerabilities that carry enhanced risks of exploitation. We list these vulnerabilities in brief. All these security threats have been resolved or fixed in KB5015827 for Windows Server 2022.

CVE-2022-22047 – Windows CSRSS Elevation of Privilege Vulnerability

  • This is a zero-day vulnerability that affects Windows Server 2022 with CVSS rating of 7.8.
  • The vulnerability could lead to an Elevation of Privileges for the attacker and could lead to the attacker gaining SYSTEM privileges.

CVE-2022-30220 – Windows Common Log File System Driver Elevation of Privilege Vulnerability

  • This vulnerability has a CVSS score of 7.8 that could cause Elevation of Privilege.
  • It is more likely to be exploited and the attacker could gain SYSTEM privileges by exploiting this vulnerability.

CVE-2022-30215 – Active Directory Federation Services Elevation of Privilege Vulnerability

  • This vulnerability has a CVSS score of 7.5.
  • But, the impact of this vulnerability is that the attacker could assume domain administrator privileges. The vulnerability is an Elevation of Privilege vulnerability.
  • The attack complexity of the vulnerability is complex.

CVE-2022-30202 – Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability

  • This vulnerability has a CVSS score of 7.
  • It is more likely to be exploited and can lead to Elevation of Privilege risk. The attacker could gain SYSTEM privileges.
  • The attack complexity is complex for the vulnerability to be exploited.

CVE-2022-22034 – Windows Graphics Component Elevation of Privilege Vulnerability

  • This vulnerability has a CVSS score of 7.8.
  • The vulnerability requires local access to the box or SSH access to the box.
  • The risk could cause an attacker to assume SYSTEM privileges.
  • The attack complexity is low because once the attacker has local access, he could exploit the Windows Graphic Component to gain enhanced privileges.

CVE-2022-30216- Service Tampering Vulnerability

  • It is a CVSS 8.8 vulnerability.
  • For successful exploitation, a malicious certificate needs to be imported on an affected system. An authenticated attacker could remotely upload a certificate to the Server service.
  • The vulnerability affects Windows Server 2022 and is fixed in KB5015827.

KB5015827 for Windows Server 2022 – Deployment

KB5015827 is available for patching through all regular means of Windows Updates.

  • KB5015827 can be deployed automatically through the Windows Update program.
  • Microsoft Update for Business can be used to deploy KB5015827.
  • WSUS or Windows Server Update Service can be used to import and deploy KB5015827 on the Windows Server 2022.
  • You can also deploy KB5015827 manually. For this, you can download the KB5015827 security update from the Microsoft Update Catalog page. You can download KB5015827 here. The size of the MSU update file for KB5015827 is 247.5 MB only.

KB5015827 for Windows Server 2022 – Summary

KB5015827 for Windows Server contains all the changes that were introduced as part of the latest OOB update KB5014665. It also replaces KB5014678 security update that was released in June 2022. The implementation is straight forward and there are no reports of any adverse reports post-deployment of the KB5015827 cumulative update on Windows Server 2022.

You may also like to read more content related to updates for Windows Servers from Microsoft: