KB5022346 is the security-only update for Windows Server 2012 R2. The update was released under the ‘Patch Tuesday’ project on 10th January 2023.
KB5022346 has now been succeeded by the February month’s security update KB5022894 for Windows Server 2012 R2. You can read more about KB5022894 here.
Salient points about KB5022346 for Windows Server 2012 R2
- KB5022346 is a standalone security update that addresses vulnerabilities and security threats reported in January 2023 security bulletin released by Microsoft.
- For full security, you must deploy all the previous security updates released for Windows Server 2012 R2.
- KB5022346 succeeds the previous month’s security-only update KB5021296 for Windows Server 2012 R2.
- All changes that are part of KB5022346 are also part of the monthly rollup update KB5022352 for Windows Server 2012 R2. Given a choice, we would suggest patching Windows Server 2012 R2 and Windows Server 2012 R2 Server core installation with the monthly rollup update KB5022352. This is because of the fact that KB5022352 is more exhaustive than KB5022346.
- Servicing Stack Update KB5018922 also needs to be deployed prior to installing KB5022346 security update on Windows Server 2012 R2.
- Apart from KB5018922, you will also need to install the latest cumulative update for Internet Explorer KB5019958 on Windows Server 2012 R2 and Windows Server 2012 R2 Server Core installation.
- It may be pertinent to mention that the zero-day threats CVE-2023-21549 and CVE-2023-21674 do affect Windows Server 2012 R2 and Windows Server 2012 R2 Server Core installation.
Download KB5022346 for Windows Server 2012 R2
KB5022346 cannot be patched using Windows Update or Windows Update for Business.
You can install it manually through Windows Server Update Service (WSUS). For this, you will need to import the security update for Windows Server 2012 R2 manually into the WSUS.
You can deploy KB5022346 manually through offline installer files. The offline installer files can be downloaded from the Microsoft Update Catalog page for KB5022346.
To patch KB5022346 on Windows Server 2012 R2, you must consider following the below-mentioned approach:
- Install KB5018922 Servicing Stack Update
- Install cumulative update KB5019958 for Internet Explorer
- Install KB5022346 using the offline installer file
The direct download links for all these three updates are shared below for your ready reference.
| Security Update/SSU or Cumulative Update | Download link for the update | Size of update |
|---|---|---|
| KB5018922 Servicing Stack Update | Download KB5018922 | 10.5 MB |
| KB5019958 Cumulative Update for Internet Explorer | Download KB5019958 | 55 MB |
| KB5022346 security update for Windows Server 2012 R2 | Download KB5022346 | 48.9 MB |
Out of these three updates, the Servicing Stack Update does not cause the server to reboot. The cumulative update for Internet Explorer and the security update may cause the server to reboot.
KB5022346 – Changelog for Windows Server 2012 R2
We know that the database connectivity issues that happened after the deployment of December month’s security update have been resolved in KB5022346. The changelog for KB5022346 lists the following issue fixes and improvements:
Microsoft release notes
- Authentication might fail after you set the higher 16-bits of the msds-SupportedEncryptionTypes attribute. This issue might occur if encryption types are not set or if RC4 Encryption type is disabled on the domain.
- Starting in this release, we are displaying a modal dialog box to remind users about the End of Support for Windows 8.1 in January 2023. This reminder does not appear on managed devices that run Windows 8.1 Pro or Windows 8.1 Enterprise.
- Resolves a known issue that affects apps that use Microsoft Open Database Connectivity (ODBC) SQL Server Driver (sqlsrv32.dll) to connect to databases. The connection might fail. You might also receive an error in the app, or you might receive an error from the SQL Server.
Security vulnerabilities reported resolved in KB5022346 for Windows Server 2012 R2
There have been 48 vulnerabilities disclosed in January’s security bulletin for Windows Server 2012 R2. The nine ‘CRITICAL’ vulnerabilities and the two zero-day threats are shared below in a brief list:
| CVE Number | Impact | Severity | CVSS Score | Comments |
|---|---|---|---|---|
| CVE-2023-21549 | Elevation of Privilege | CRITICAL | 8.8 | Windows SMB Witness Service |
| CVE-2023-21674 | Elevation of Privilege | CRITICAL | 8.8 | Windows Advanced Local Procedure Call (ALPC) |
| CVE-2023-21535 | Remote Code Execution | CRITICAL | 8.1 | Windows Secure Socket Tunneling Protocol (SSTP) |
| CVE-2023-21543 | Remote Code Execution | CRITICAL | 8.1 | Windows Layer 2 Tunneling Protocol (L2TP) |
| CVE-2023-21546 | Remote Code Execution | CRITICAL | 8.1 | Windows Layer 2 Tunneling Protocol (L2TP) |
| CVE-2023-21548 | Remote Code Execution | CRITICAL | 8.1 | Windows Secure Socket Tunneling Protocol (SSTP) |
| CVE-2023-21555 | Remote Code Execution | CRITICAL | 8.1 | Windows Layer 2 Tunneling Protocol (L2TP) |
| CVE-2023-21556 | Remote Code Execution | CRITICAL | 8.1 | Windows Layer 2 Tunneling Protocol (L2TP) |
| CVE-2023-21561 | Elevation of Privilege | CRITICAL | 8.8 | Microsoft Cryptographic Services |
| CVE-2023-21679 | Remote Code Execution | CRITICAL | 8.1 | Windows Layer 2 Tunneling Protocol (L2TP) |
| CVE-2023-21730 | Elevation of Privilege | CRITICAL | 7.8 | Microsoft Cryptographic Services |
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.