KB5015877 Security Update for Windows Server 2012 R2 for July 2022

KB5015877 is the security only update for Windows Server 2012 R2. It was released on 12th July as part of the ‘Patch Tuesday’ efforts of Microsoft. We look at the key aspects of KB5015877 security update for Windows Server 2012 R2 and share all the important details about security risks and deployments below.

Salient Points – KB5015877 for Windows Server 2012 R2

  • KB5015877 is the security-only update for Windows Server 2012 R2. Before you can install it on the server, all the previous security updates should have already been deployed on the server.
  • The last deployed security update on Windows Server 2012 R2 should be the KB5014746. It was released on 14th June 2022.
  • The Wi-Fi Hotspot issues that occurred after deployment of June security updates have been resolved in KB5015877.
  • The RRAS Internet issues have also been resolved in KB5015877.
  • Servicing Stack Update KB5016264 also needs to be installed before installing the KB5015877 security-only update on Windows Server 2012 R2.
  • Zero-day vulnerability, CVE-2022-22047, affects Windows Server 2012 R2. This has been patched as part of the KB5015877 security update.
  • Windows Server 2012 R2 is also affected by the ‘Active Directory Federation Services’ vulnerability. This has been resolved as part of the KB5015877 security update.
  • The size of the MSU update file for KB5015877 is 46.9 MB only.

You can read more about KB5014746 for Windows Server 2012 R2 on this page.

Prerequisites – KB5015877 for Windows Server 2012 R2

There are 3 prerequisites for installing KB5015877 on Windows Server 2012 R2.

  1. All previous security updates.
  2. KB5016264 Servicing Stack Update for Windows Server 2012 R2.
  3. KB5015805 latest cumulative update for Internet Explorer for Windows Server 2012 R2.

We look at these dependencies below.

Since KB5015877 is a security-only update, we are looking at the only requirement that all previous security updates for Windows Server 2012 R2 ought to be already deployed on the server. This means that the last security update deployed on Windows Server 2012 R2 should be the KB5014746 security update.

Apart from that, you also need to ensure that the latest Servicing Stack Update KB5016264 must be already deployed on the server before we install KB5015877.

  • KB5016264 is the SSU for July 2022 for Windows Server 2012 R2.
  • It can be downloaded from the Microsoft Update Catalog page for KB5016264.
  • The size of the update file for SSU is 10.8 MB.
  • The server will not restart after installation of the SSU KB5016264.

After installing the KB5016264 SSU, you should also install the latest cumulative update for Internet Explorer KB5015805.

  • KB5015805 is the latest cumulative update for Windows Server 2012 R2.
  • The size of the update file for KB5015805 is 55 MB.
  • You can download the KB5015805 file from the Microsoft Update Catalog page here.

Once you have deployed the KB5016264 SSU and KB5015805 Internet Explorer Cumulative Update, we can go ahead and install KB5015877 on Windows Server 2012 R2.

Vulnerabilities – KB5015877 for Windows Server 2012 R2

Microsoft has announced vulnerability disclosures as part of the ‘Patch Tuesday’ efforts for the month of July. We look at some key vulnerabilities that affect Windows Server 2012 R2. These vulnerabilities carry enhanced risks for the infrastructure and Windows Server 2012 R2.

CVE-2022-22047 – Windows CSRSS Elevation of Privilege Vulnerability

  • This is a zero-day vulnerability that affects Windows Server 2012 R2 and has a CVSS rating of 7.8.
  • The vulnerability could lead to an Elevation of Privileges for the attacker and the attacker could gain SYSTEM privileges.

CVE-2022-30220 – Windows Common Log File System Driver Elevation of Privilege Vulnerability

  • This vulnerability has a CVSS score of 7.8 that could cause Elevation of Privilege.
  • It is more likely to be exploited and the attacker could gain SYSTEM privileges by exploiting this vulnerability.

CVE-2022-30215 – Active Directory Federation Services Elevation of Privilege Vulnerability

  • This vulnerability has a CVSS score of 7.5 with attack complexity being complex.
  • But, the impact of this vulnerability is that the attacker could assume domain administrator privileges. The vulnerability is an Elevation of Privilege vulnerability.

CVE-2022-30202 – Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability

  • This vulnerability has a CVSS score of 7.
  • It is more likely to be exploited and can lead to Elevation of Privilege risk. The attacker could gain SYSTEM privileges. The attack complexity for this vulnerability is complex.

CVE-2022-22034 – Windows Graphics Component Elevation of Privilege Vulnerability

  • This vulnerability has a CVSS score of 7.8.
  • The vulnerability requires local access to the box or SSH access to the box.
  • The risk could cause an attacker to assume SYSTEM privileges.
  • The attack complexity is low because once the attacker has local access, he could exploit the Windows Graphic Component to gain enhanced privileges.

How to deploy KB5015877 on Windows Server 2012 R2?

KB5015877 is unavailable for automated deployment through Windows Update. You could use WSUS to import KB5015877 manually and deploy it on the Windows Server 2012 R2.

Or, you could use the Microsoft Update Catalog to download the update file for manual patching. You can download KB5015877 and install on Windows Server 2012 R2 through the Microsoft Update Catalog page here. The size of the update file is 44.9 MB only.

Issues resolved in KB5015877 for Windows Server 2012 R2

KB5015877 resolves two significant issues.

  • Wi-Fi Hotspot issue on Windows Server 2012 R2 has been resolved in KB5015877. The issue arose after deployment of KB5014746 on the Windows Server 2012 R2 as part of the June updates.
  • The issue with Windows Servers making use of the Routing and Remote Access Service to direct Internet traffic has also been resolved in KB5015877. The servers were unable to use RRAS to properly direct the Internet traffic.

Summary for KB5015877

KB5015877 for Windows Server 2012 R2 is a security only update that can be applied through WSUS or Microsoft Update Catalog. You will require to install previous security updates, a Servicing Stack Update and the latest Internet Explorer Cumulative update before patching the server with KB5015877.

You may also like to read additional content related to Windows Server updates below: