KB5015863 Monthly Rollup Update for Windows Server 2012

KB5015863 is the monthly rollup update for Windows Server 2012. This is a cumulative update that has been released after the June cumulative update KB5014747 for Windows Server 2012. The update was released on 12th July 2022 as part of the ‘Patch Tuesday’ project. For resolving security vulnerabilities on Windows Server 2012, you have two options. One is to deploy the security only update for Windows Server 2012. For the month of July 2022, the security only update for Windows Server 2012 is KB5015875. You can read more about KB5015875 on this page. Or, the monthly rollup update contains all the changes that are required to resolve the vulnerabilities. We look at the key aspects of KB5015863 below.

Salient points about KB5015863 monthly rollup update for Windows Server 2012

  • KB5015863 is a cumulative update. It supersedes KB5014747 for Windows Server 2012.
  • KB5015863 resolves the zero-day vulnerability CVE-2022-22047 that affects Windows Server 2012.
  • The Wi-Fi Hotspot issue that affects Internet on Windows Server 2012 is also resolved in KB5015863.
  • KB5015863 also resolves Internet issues on Windows Servers that are making use of RRAS or Routing and Remote Access Service.
  • The size of the MSU update file for KB5015863 is 410.2 MB.
  • The security monthly rollup update KB5015863 can be deployed through WSUS, Windows Update and Microsoft Update Catalog.
  • You will need to deploy Servicing Stack Update KB5016263 before installing KB5015863 security monthly rollup update.

KB5014747 monthly rollup cumulative update for Windows Server 2012

Prerequisites for installing KB5015863 on Windows Server 2012

KB5015863 can be installed through all the regular Windows Update channels. Before installing KB5015863 on the Windows Server 2012, you will need KB5016263 Servicing Stack Update on the server.

If you are installing KB5015863 through Windows Update or WSUS automatically, KB5016263 will be offered automatically as part of the update process.

If you intend to install KB5015863 manually through the Windows Update Catalog, you can download the MSU update file for KB5016263 SSU from this page on the catalog website. The size of the update file is 9.8 MB only. There is no need of a server restart after deployment of KB5015863 on Windows Server 2012.

Vulnerabilities resolved in KB5015863 for Windows Server 2012

There is a single zero-day vulnerability that has been disclosed by Microsoft in the July security bulletin. Apart from the zero-day threat, there are other vulnerabilities that pose an enhanced risk of being exploited. We share these security threats or vulnerabilities for your ready reference below.

CVE-2022-22047 – Windows CSRSS Elevation of Privilege Vulnerability

  • This is a zero-day vulnerability that affects Windows Server 2012.
  • This vulnerability has a CVSS rating of 7.8.
  • The vulnerability could lead to an Elevation of Privileges for the attacker.
  • It is already being exploited and could lead to the attacker gaining SYSTEM privileges.

CVE-2022-30220 – Windows Common Log File System Driver Elevation of Privilege Vulnerability

  • This vulnerability has a CVSS score of 7.8 that could cause Elevation of Privilege.
  • It is more likely to be exploited.
  • The attacker could gain SYSTEM privileges by exploiting this vulnerability.

CVE-2022-30215 – Active Directory Federation Services Elevation of Privilege Vulnerability

  • This vulnerability has a CVSS score of 7.5.
  • But, the impact of this vulnerability is that the attacker could assume domain administrator privileges. The vulnerability is an Elevation of Privilege vulnerability.
  • The attack complexity of the vulnerability is complex.

CVE-2022-30202 – Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability

  • This vulnerability has a CVSS score of 7.
  • It is more likely to be exploited and can lead to Elevation of Privilege risk. The attacker could gain SYSTEM privileges.
  • The attack complexity is complex for the vulnerability to be exploited on Windows Server 2012.

CVE-2022-22034 – Windows Graphics Component Elevation of Privilege Vulnerability

  • This vulnerability has a CVSS score of 7.8.
  • The vulnerability requires local access to the box or SSH access to the box.
  • The risk could cause an attacker to assume SYSTEM privileges.
  • The attack complexity is low because once the attacker has local access, he could exploit the Windows Graphic Component to gain enhanced privileges.

How can I deploy KB5015863 on Windows Server 2012?

Monthly rollup updates are slightly easier to deploy on Windows Server 2012. Security-only updates require all the previous security updates to be installed on Windows Server 2012. Given the fact that monthly rollup updates are cumulative in nature, all the previous cumulative updates are part of the latest cumulative monthly rollup update.

So, you can deploy KB5015863 on Windows Server 2012 through one of the following methods:

  • Windows Update can be used to automatically deploy KB5015863 on Windows Server 2012. SSU will be offered automatically as part of update process of KB5015863.
  • WSUS or Windows Server Update Service can be used to automatically import and deploy KB5015863 on Windows Server 2012.
  • You can also download the MSU update file for KB5015863 from the Microsoft Update Catalog page for KB5015863. The update file has a size of 410.2 MB. Remember to patch KB5016263 on the server before installing KB5015863.

Other issues resolved in KB5015863

We mention the other issues that have been fixed in KB5015863 for Windows Server 2012.

  • Wi-Fi Hotspot issue on Windows Server 2012 was caused after installation of June updates. The Wi-Fi Hotspot issue is fixed in KB5015863 for Windows Server 2012.
  • Internet issues on Windows Server through RRAS are resolved in KB5015863.
  • NTLM authentication issues through domain controller are resolved in KB5015863.
  • The update also resolves issues in accessing EFS over WebDAV protocol connection.

More details about the monthly rollup update can be checked on the Microsoft page for KB5015863.

Summary

KB5015863 is a cumulative monthly rollup update for Windows Server 2012. It should be the preferred update for Windows Server 2012 over the security only update KB5015875. The update would require extended support availability for your Windows Server 2012. There have been no adverse reports after deployment of KB5015863 on Windows Server 2012.

You may also like to read more content related to Windows Server Updates below: