KB5021285 is the latest monthly rollup update for Windows Server 2012. This update contains security advancements and other issue fixes for Windows Server 2012. We look at the main features of KB5011285 below.
Salient points about KB5021285 for Windows Server 2012
- KB5021285 has now been superseded by the KB5022348 monthly rollup update released in January 2023.
- KB5021285 is a cumulative update. It supersedes the KB5020009 rollup update for November 2022. You can read more about KB5020009 on this page.
- KB5021285 also contains the changes that are part of the out-of-band (OOB) update KB5021652. KB5021652 was released on 17th November 2022 to fix the issues with KB5020009.
- KB5021285 also contains all the changes that are part of this month’s security-only update for Windows Server 2012. KB5021303 is December month’s security-only update for Windows Server 2012.
- We recommend deploying the monthly rollup update instead of the security-only update for Windows Server 2012.
- Post-deployment of KB5021285, you may run into a couple of issues. You may have problems in domain join operations. You may also have application issues when trying to connect through the Microsoft ODBC SQL Server driver. More details are shared below.
- Servicing Stack Update KB5016263 is to be installed before deploying KB5021285 on Windows Server 2012.
- Windows Server 2012 is affected by 20 security vulnerabilities as per the latest security bulletin of Microsoft. Three of these vulnerabilities have a ‘CRITICAL’ severity.
Download KB5021285 for Windows Server 2012
You can download the KB5021285 monthly rollup update from the Microsoft Catalog site. The SSU KB5016263 can also be downloaded from the catalog site. Prior to deploying KB5021285, Microsoft recommends installing the Servicing Stack Update. SSU updates are smaller-sized update files. Installing an SSU on the server does not cause a server reboot.
We share the download pages for KB5021285 and KB5016263 below.
| Security Update/SSU Update | Download links | Size of update |
|---|---|---|
| KB5016263 | Download KB5016263 | 9.8 MB |
| KB5021285 | Download KB5021285 | 413.2 MB |
These direct download links will download the offline installer for security and SSU updates. The files are in MSU format.
You can read more about the security update contents through the Microsoft Update Catalog pages for the corresponding updates:
Installing KB5021285 on Windows Server 2012
Apart from installing the monthly rollup update through the manual deployment process, you can also use the automated methods stated below:
- Windows Update
- Windows Server Update Service (WSUS)
- Microsoft Update
Post-deployment issues after installing KB5021285 on Windows Server 2012
Microsoft has confirmed two post-deployment issues that may affect the Windows Server 2012 after installing KB5021285. These issues are listed below for your ready reference:
After this update or a later Windows update is installed, domain join operations might be unsuccessful and error “0xaac (2732): NERR_AccountReuseBlockedByPolicy” occurs. Additionally, text stating “An account with the same name exists in Active Directory. Re-using the account was blocked by security policy” might be displayed.
This domain join issue is a well-known issue. A permanent fix for the issue has not been shared by Microsoft.
After installing this update, apps which use ODBC connections through Microsoft ODBC SQL Server Driver (sqlsrv32.dll) to access databases might not connect. Additionally, you might receive an error in the app, or you might receive an error from the SQL Server. Errors you might receive include the following messages:
- The EMS System encountered a problem.
Message: [Microsoft][ODBC SQL Server Driver] Protocol error in TDS Stream. - The EMS System encountered a problem.
Message: [Microsoft][ODBC SQL Server Driver] Unknown token received from SQL Server.
The fix for the database connectivity issue is in the works and we may get an out-of-band update with a potential fix for the database issues.
Vulnerabilities on Windows Server 2012 as per KB5021285
KB5021285 documents 19 security vulnerabilities on Windows Server 2012. There are 3 CRITICAL vulnerabilities, for which we have shared brief details below.
The 19 vulnerabilities have the following impact for the Windows Server 2012:
- 6 vulnerabilities can lead to Remote Code Execution attacks. Three of these are CRITICAL and the remaining three are of IMPORTANT severity.
- 8 vulnerabilities could lead to ‘Elevation of Privileges’
- 3 vulnerabilities could lead to ‘Denial of Service’
- 2 vulnerabilities could cause ‘Information disclosure’ threats
The three critical vulnerabilities on Windows Server 2012 are shared below.
| Vulnerability | CVSS Score | Severity | Description | Impact |
|---|---|---|---|---|
| CVE-2022-41076 | 8.5 | CRITICAL | Powershell RCE vulnerability | Remote Code Execution |
| CVE-2022-44676 | 8.1 | CRITICAL | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2022-44670 | 8.1 | CRITICAL | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | Remote Code Execution |
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.