KB5016627 Cumulative Update for Windows Server 2022

KB5016627 is the cumulative update for Windows Server 2022. It was released as part of the ‘Patch Tuesday’ project of Microsoft on 9th August 2022. Since this is a cumulative update, it contains all the changes that were part of the previous update. We look at the key aspects of KB5016627 for Windows Server 2022 below.

KB5017316 is the latest cumulative update for Windows Server 2022 and Windows Server 2022 Server Core Installation. You can read more about KB5017316 on this page.

Salient points about KB5016627 for Windows Server 2022

  • KB5016627 is a cumulative update. It supersedes previous month’s cumulative update KB5015827. You can read more about KB5015827 on this page.
  • KB5016627 works for Windows Server 2022 and Windows Server 2022 Server Core Installation.
  • KB5016627 also contains all the changes that were part of the preview update KB5015879. KB5015879 was released on 19th July 2022. If you did not install the preview update yet, you can skip it and install KB5016627 directly on Windows Server 2022.
  • KB5016627 will upgrade the build of Windows Server 2022 to 20348.887. If you had installed KB5015827 on Windows Server 2022 in July, you would have been running the build 20348.825.
  • Servicing Stack updates for Windows Server 2022 are now combined with the cumulative update. So, SSU for Windows Server 2022 need not be applied separately. SSU build for Windows Server 2022 that is part of KB5016627 is 20348.850. SSU contains 157 files that have changed.
  • The size of the MSU update file for manual application is 256.3 MB only. The update contains over 8900 files as part of the software update.
  • CVE-2022-34713 is a zero-day vulnerability that affects Windows Server 2022. This threat is resolved in KB5016627 for Windows Server 2022 and Windows Server 2022 Server Core Installation.

Prerequisites for installing KB5016627 for Windows Server 2022

  • KB5016627 is a cumulative update that includes the changes that are part of the preview update KB5015879 as well. If you did not install KB5015879 on Windows Server 2022, you can skip it and instead install KB5016627 on Windows Server 2022.
  • Servicing Stack Update build 20348.850 is part of the KB5016627 cumulative update for Windows Server 2022. It is offered to you automatically as part of the update process of KB5016627 on Windows Server 2022.

There are no specific prerequisites for deploying KB5016627 on Windows Server 2022.

Vulnerabilities resolved in KB5016627 for Windows Server 2022

CVE-2022-34713 – Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability – This vulnerability has a CVSS score of 7.8. It is actually a zero-day threat. It is being already exploited and is publicly disclosed. It is fixed in KB5016627 for Windows Server 2022 and Windows Server 2022 Server Core installation.

CVE-2022-35793 – Windows Print Spooler Elevation of Privilege Vulnerability – This has a CVSS rating of 7.3. An attacker could gain SYSTEM privileges through the print spooler service. It is suggested that the print spooler service may be disabled to prevent this threat from being exploited by an attacker.

CVE-2022-35756 – Windows Kerberos Elevation of Privilege Vulnerability – The vulnerability has a CVSS rating of 7.8 and can lead to an attacker assuming domain administrator rights.

CVE-2022-35751 – Windows Hyper-V Elevation of Privilege Vulnerability – This vulnerability has a CVSS score of 7.8. An attacker could use Hyper V Guest to target Hyper V host and gain SYSTEM privileges.

CVE-2022-35750 – Win32k Elevation of Privilege Vulnerability – This is a CVSS 7.8 rated vulnerability that can be used by an attacker to gain SYSTEM privileges. It affects Windows Server 2022 and Windows Server 2022 Server Core Installation.

How can I deploy KB5016627 on Windows Server 2022?

KB5016627 can be deployed through all the regular update channels offered by Microsoft. We look at the following methods that can be used to install KB5016627 on Windows Server 2022.

  • KB5016627 can be deployed on Windows Server 2022 through Windows Update.
  • KB5016627 can also be deployed through Microsoft Update for Business.
  • WSUS or Windows Server Update Service can be used to install KB5016627 on Windows Server 2022. For WSUS, you will need to select the product category as ‘Microsoft Server operating system-21H2’.
  • You can install KB5016627 on Windows Server 2022 manually. To do this, you can download the MSU update file from the Microsoft Update Catalog page for KB5016627. The update contains over 8900 files. The size of the update file is 256.3 MB.

Known issues and improvements in KB5016627 for Windows Server 2022

  • KB5016627 resolves the LSASS issue that affected Windows Server 2022 post deployment of June cumulative update. The issue caused LSASS to leak tokens.
  • After installing the KB5016627 cumulative update, IE mode tabs in Microsoft Edge might stop responding when a site displays a modal dialog box. A modal dialog box is a form or dialog box that requires the user to respond before continuing or interacting with other portions of the webpage or app. This issue remains unresolved as of now.

Summary

KB5016627 cumulative update for Windows Server 2022 contains preview update KB5015879. SSU build 20348.850 is part of the KB5016627 cumulative update. This update resolved zero-day threat CVE-2022-34713. It also resolved the LSASS issue on the server.

Other ‘Patch Tuesday’ cumulative updates for the month of August 2022: