KB5018411 latest cumulative update for Windows Server 2016

KB5018411 is the latest cumulative update for Windows Server 2016 and Windows Server 2016 Server Core installation. We review this month’s ‘Patch Tuesday’ update for Windows Server 2016.

Salient points about KB5018411 for Windows Server 2016

  • KB5018411 is a cumulative update that supersedes September’s cumulative update KB5017305.
  • We are upgrading from server build 14393.5356 from September 2022 to server build 14393.5427.
  • Servicing Stack Update (SSU) KB5017396 must be deployed prior to installing KB65018411 on Windows Server 2016 and Windows Server 2016 Server Core installation. This SSU is offered automatically as part of the Windows Update. For manual upgrades, you will need to apply them separately.
  • The size of the MSU update file for KB5018411 is 1553.3 MB.
  • Zero-day threat CVE-2022-41033 affects Windows Server 2016 and is resolved in KB5018411. Details of the vulnerability are shared below.
  • In all, 54 vulnerabilities affect Windows Server 2016. Nine of these vulnerabilities have a ‘CRITICAL’ impact on the server.
  • KB5019964 is the latest cumulative update that supersedes KB5018411 for Windows Server 2016. You can read more about KB5019964 on this page.

Prerequisites for installing KB5018411 on Windows Server 2016

The only dependency cited in the Microsoft release notes for KB5018411 suggests that the Servicing Stack Update (SSU) KB5017396 must be deployed prior to installing KB5018411.

If you are applying the patch automatically, Servicing Stack Update (SSU) is patched automatically as part of the process.

However, if you intend to deploy KB5018411 manually through the MSU update file, you will need to apply the KB5017396 Servicing Stack Update.

Vulnerabilities resolved in KB5018411 for Windows Server 2016

There are 54 vulnerabilities on Windows Server 2016 as per the October security bulletin. For the sake of simplicity, we are limiting this discussion to the zero-day threat and the 9 CRITICAL vulnerabilities.

CVE-2022-41033 – Windows COM+ Event System Service Elevation of Privilege Vulnerability

This is a zero-day threat that impacts Windows Server 2016 and Windows Server 2016 Server Core installation. This is a CVSS 7.8 vulnerability with an ‘IMPORTANT’ severity rating.

This is an ‘Elevation of Privileges’ vulnerability and an attacker could assume system privileges upon a successful attack. CVE-2022-41033 is being already exploited and is considered a zero-day threat.

The table below lists all the 9 CRITICAL vulnerabilities that affect Windows Server 2016. As a system administrator, it makes sense to have a fair idea about each of these and the impact on your infrastructure comprising of Windows Server 2016 and Windows Server 2016 Server Core installation.

Out of these 9 vulnerabilities, there are:

  • 6 Remote Code Execution threats
  • 2 Elevation of Privileges
  • 1 Spoofing threat

VulnerabilityCVSS RatingComments
CVE-2022-220358.1Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-346897.5Windows CryptoAPI Spoofing Vulnerability
CVE-2022-379767.8Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2022-336348.1Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-245048.1Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-379797.8Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2022-410818.1Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-380008.1Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-380478.1Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
Security Vulnerabilities on Windows Server 2016

How to deploy KB5018411 on Windows Server 2016?

KB5018411 can be deployed automatically through Windows Update, Windows Update for Business, and Windows Server Update Service (WSUS).

For manual application, you can download the KB5018411 MSU update file from the Microsoft Update Catalog page. The file has a size of 1553.3 MB. KB5018411 can be downloaded from this page.

To reiterate, KB5017396 will also need to be deployed prior to installing MSU update file for KB5018411.

You may like to read more about Windows Updates below: