KB5022291 Cumulative Update for Windows Server 2022

KB5022291 is the cumulative update for Windows Server 2022 and Windows Server 2022 Server Core installation. It was released on 10th January under the ‘Patch Tuesday’ project of Microsoft.

Salient points about KB5022291for Windows Server 2022

  • KB5022291 is a cumulative update that supersedes KB5021249. KB5021249 was released on 13th December 2022.
  • KB5022291 also contains all the changes that are part of the out-of-band update (OOB) KB5022553. KB5022553 was released on 20th December 2022.
  • If you have not yet deployed KB5022553, you can skip it and install KB5022291 straightaway.
  • Servicing Stack Update (SSU) 20348.1300 corresponds to the cumulative update KB5022291. SSU is part of the cumulative update and separate installation of the SSU is not needed for Windows Server 2022.
  • KB5022291 corresponds to server build 20348.1487. You will be moving from server build 20348.1366 (KB5021249) to 20348.1487 when upgrading from December cumulative update KB5021249.
  • Windows Server 2022 and Windows Server 2022 are affected by 61 vulnerabilities. Out of these 61 threats, 10 vulnerabilities have ‘CRITICAL’ severity levels and the remaining have an ‘IMPORTANT’ severity level.
  • The direct download links for KB5022291 are shared below.
  • Issues in connecting to the database using Microsoft’s ODBC driver have been patched in KB5022291. The database connectivity issue was caused post-deployment of KB5021249 in December 2022.

Download KB5022291 for Windows Server 2022 and Windows Server 2022 Server Core installation

KB5022291 can be deployed automatically using one of the following methods:

  • Windows Update
  • Windows Update for Business
  • WSUS or Windows Server Update Service

For manual installation of KB5022291 on Windows Server 2022, you can download the MSU installer file from the Microsoft Catalog page for KB5022291.

The MSU installer files are available for Windows Server versions 21H2 and 22H2. You need to pick the installer file corresponding to the version of Windows Server 2022 software within your infrastructure.

Windows Server 2022 versionDownload updateSize of the update
Windows Server 2022 version 21H2Download KB5022291316.9 MB
Windows Server 2022 version 22H2Download KB5022291316.9 MB

We would like to reiterate that the Servicing Stack update for KB5022291 is included within the cumulative update. So, separate SSU installation is not needed for Windows Server 2022.

Vulnerabilities on Windows Server 2022 under KB5022291

A total of 61 vulnerabilities impact Windows Server 2022 as per the security bulletin released by Microsoft in January 2023.

Zero-day threats CVE-2022-21549 and CVE-2022-21674 affect Windows Server 2022 and Windows Server 2022 Server core installation. A brief listing of the zero-day threats and ‘CRITICAL’ threats that affect Windows Server 2022 and Windows Server 2022 Server Core installation is shared below for ready reference.

CVE NumberImpactSeverityCVSS ScoreComments
CVE-2023-21549Elevation of PrivilegeCRITICAL8.8Windows SMB Witness Service
CVE-2023-21674Elevation of PrivilegeCRITICAL8.8Windows Advanced Local Procedure Call (ALPC)
CVE-2023-21535Remote Code ExecutionCRITICAL8.1Windows Secure Socket Tunneling Protocol (SSTP)
CVE-2023-21543Remote Code ExecutionCRITICAL8.1Windows Layer 2 Tunneling Protocol (L2TP)
CVE-2023-21546Remote Code ExecutionCRITICAL8.1Windows Layer 2 Tunneling Protocol (L2TP)
CVE-2023-21548Remote Code ExecutionCRITICAL8.1Windows Secure Socket Tunneling Protocol (SSTP)
CVE-2023-21551Elevation of PrivilegeCRITICAL7.8Microsoft Cryptographic Services
CVE-2023-21555Remote Code ExecutionCRITICAL8.1Windows Layer 2 Tunneling Protocol (L2TP)
CVE-2023-21556Remote Code ExecutionCRITICAL8.1Windows Layer 2 Tunneling Protocol (L2TP)
CVE-2023-21561Elevation of PrivilegeCRITICAL8.8Microsoft Cryptographic Services
CVE-2023-21679Remote Code ExecutionCRITICAL8.1Windows Layer 2 Tunneling Protocol (L2TP)
CVE-2023-21730Elevation of PrivilegeCRITICAL7.8Microsoft Cryptographic Services

Changelog – KB5022291 for Windows Server 2022

The following bug fixes, issue fixes, and improvements have been reported for Windows Server 2022:

This update addresses a race condition that occurs during startup. This issue might lead to a 0x7e error code.

This update addresses an issue that might affect authentication. It might fail after you set the higher 16-bits of the msds-SupportedEncryptionTypes attribute. This issue might occur if you do not set the encryption types or you disable the RC4 encryption type on the domain.

This update addresses an issue that causes the get-winevent command to fail. The error code is InvalidOperationException.
This update addresses an issue that affects certain systems that have firmware Trusted Platform Modules. (TPM). This issue stops you from using AutoPilot to set up those systems.

This update addresses issues that affect the Local Session Manager (LSM). These issues might allow users who do not have admin rights to perform actions that only an admin can.

This update addresses a known issue that affects apps that use Microsoft Open Database Connectivity (ODBC) SQL Server Driver (
sqlsrv32.dll) to connect to databases. The connection might fail. You might also receive an error in the app, or you might receive an error from the SQL Server.

You can check Microsoft’s release notes for KB5022291 for Windows Server 2022 on this page to get more details of the issues that have been fixed.

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.