KB5018421 is the latest cumulative update for Windows Server 2022 and Windows Server 2022 Server Core installation. This update has been released under the ‘Patch Tuesday’ project for October 2022. We review the main aspects of KB5018421 below.
Salient points about KB5018421 for Windows Server 2022
- KB5018421 is now superseded by KB5019081 for Windows Server 2022 and Windows Server 2022 Server Core Installation. You can read more about KB5019081 on this page.
- KB5018421 is a cumulative update and supersedes or replaces KB5017316 cumulative update. KB5017316 was released on 13th September 2022. You can read more about KB5017316 on this page.
- KB5018421 also contains all the changes that are part of the optional update KB5017381. The optional update was released on 20th September 2022. If you have not deployed the optional patch yet, you can skip it and deploy KB5018421 instead.
- If you are upgrading from KB5017316 to KB5018421, you are progressing from server build 20348.1006 to 20348.1129.
- If you are upgrading from KB5017381 (optional update) to KB5018421, you are progressing from server build 20348.1070 to 20348.1129.
- Servicing Stack Update 20348.1066 is the SSU that corresponds to KB5018421. This SSU is part of the cumulative update file structure. No additional action is needed to install the SSU on Windows Server 2022 or Windows Server 2022 Server Core installation.
- Zero-day vulnerability CVE-2022-41033 affects Windows Server 2022 and Windows Server 2022 Server Core installation. It is resolved as part of the KB5018421 patch.
- In all, Windows Server 2022 is impacted by 66 security vulnerabilities. This is based on the latest October month’s security bulletin released by Microsoft.
- Out of the 66 vulnerabilities, 10 have been rated as ‘CRITICAL’ by Microsoft. Details of the ‘CRITICAL’ and ‘ZERO-DAY’ threats are shared below.
- The MSU update files are available for Windows Server 2022 21H2 edition and Windows Server 2022 22H2 edition. The size of the MSU update file for each of these editions is 309.6 MB.
Prerequisites for installing KB5018421 on Windows Server 2022
There are no prerequisites involved. You can deploy KB5018421 through automated Windows update channels or you could deploy it manually.
The Servicing Stack Update files are part of the cumulative update. No separate installation of SSU is needed for patching KB5018421.
Security vulnerabilities on Windows Server 2022
As part of the October month’s security bulletin, 66 security vulnerabilities have been shared by Microsoft. Out of these, we focus our attention on the zero-day threat and the 10 ‘CRITICAL’ impact vulnerabilities below.
CVE-2022-41033 – Windows COM+ Event System Service Elevation of Privilege Vulnerability
This is a CVSS 7.8 vulnerability with an ‘IMPORTANT’ severity rating. Windows Server 2022 and Windows Server 2022 Server Core installation are affected by this zero-day threat.
This is an ‘Elevation of Privileges’ vulnerability and an attacker could assume system privileges upon a successful attack. CVE-2022-41033 is already being exploited and is considered a zero-day threat.
Aside from the zero-day threat shared above, there are 10 ‘CRITICAL’ vulnerabilities on the Windows Server 2022 and Windows Server 2022 Server Core installation. Out of these 10 vulnerabilities:
- 7 vulnerabilities are of the type of ‘Remote Code Execution’
- 2 vulnerabilities are of the type of ‘Elevation of Privileges’
- 1 vulnerability is a spoofing vulnerability
Details of all these vulnerabilities are shared in a quick reference summary table below.
| Vulnerability | CVSS Rating | Comments |
|---|---|---|
| CVE-2022-22035 | 8.1 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
| CVE-2022-30198 | 8.1 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
| CVE-2022-34689 | 7.5 | Windows CryptoAPI Spoofing Vulnerability |
| CVE-2022-37976 | 7.8 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2022-33634 | 8.1 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
| CVE-2022-24504 | 8.1 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
| CVE-2022-37979 | 7.8 | Windows Hyper-V Elevation of Privilege Vulnerability |
| CVE-2022-41081 | 8.1 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
| CVE-2022-38000 | 8.1 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
| CVE-2022-38047 | 8.1 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
Given the nature of these vulnerabilities, it calls for immediate patching of KB5018421 on Windows Server 2022 and Windows Server 2022 Server Core installation.
How to deploy KB5018421 on Windows Server 2022?
KB5018421 can be deployed automatically or manually.
KB5018421 can be deployed automatically using one of the following methods:
- Windows Update
- Windows Update for Business
- WSUS or Windows Server Update Service
To install KB5018421 manually, you can download the MSU update file from the Microsoft Update Catalog page for KB5018421.
You will need to download the file that corresponds to the 21H2 or 22H2 versions of Windows Server 2022. The size of each MSU update file is 309.6 MB. Additionally, the cumulative update file contains SSU or Servicing Stack Update version 20348.1066.
You may like to read more content related to Windows Updates below:
- KB5017316 for Windows Server 2022 – released 13th September 2022
- KB5018411 latest cumulative update for Windows Server 2016
- KB5018419 latest cumulative update for Windows Server 2019
- 84 vulnerabilities in Microsoft October Patch Tuesday Security bulletin
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.