KB5022348 is the latest cumulative monthly rollup update for Windows Server 2012. It was released on 10th January 2023 under Microsoft’s ‘Patch Tuesday’ initiative.
Salient points about KB5022348 for Windows Server 2012
- KB5022348 has now been replaced by KB5022903. KB5022903 is February 2023 cumulative update released on 14th February.
- KB5022348 also contains all changes that are part of the security-only update KB5022343. KB5022343 has been released alongside the monthly rollup update KB5022348. We recommend installing KB5022348 as it more exhaustive than the security-only update KB5022343.
- Servicing Stack Update KB5016263 needs to be deployed prior to installing KB5022348. If you are installing KB5022348 through an automated process, the Servicing Stack Update will be deployed automatically as part of the update process. For manual installations, SSU or Servicing Stack Update will need to be manually deployed prior to installing the rollup update.
- The issue with database connectivity through the Microsoft SQL driver has been resolved in KB5022348. The issue was caused by the last monthly rollup update KB5021285.
- For Windows Server 2012, there has been a disclosure of 46 security vulnerabilities in Microsoft’s security bulletin. 9 of these vulnerabilities have ‘CRITICAL’ severity and the remaining carry ‘IMPORTANT’ severity levels.
- Windows Server 2012 Server Core installation is also affected by these 46 vulnerabilities.
- Zero-day threat CVE-2023-21549 affects Windows Server 2012 and Windows Server 2012 Server Core installation. The threat has been mitigated in KB5022348.
Download KB5022348 for Windows Server 2012
KB5022348 can be deployed automatically through one of the following methods:
- Windows Update
- WSUS or Windows Server Update Service
If you wish to apply KB5022348 manually, you can do so by downloading the offline installer file from the Microsoft Update catalog page for Windows Server 2012. Remember, you will also need to install KB5016263 Servicing Stack Update for Windows Server 2012 prior to installing KB5022348.
The direct download links for the Servicing Stack Update and Monthly rollup update for Windows Server 2012 are shared below:
| Cumulative Update/SSU Update | Download Update | Size of the update |
|---|---|---|
| KB5016263 | Download KB5016263 | 9.8 MB |
| KB5022348 | Download KB5022348 | 414.4 MB |
With respect to the Servicing Stack Update KB5016263, you may want to know the following important points:
- KB5016263 was released in July 2022
- KB5016263 will not cause the server to reboot
Once SSU KB5016263 has been deployed, you can install KB5022348 on Windows Server 2012.
Vulnerabilities covered under KB5022348 for Windows Server 2012
A total of 46 vulnerabilities have been disclosed as part of January’s security bulletin for Windows Server 2012. Out of this, we will discuss 9 vulnerabilities that have ‘CRITICAL’ severity. We will also list the zero-day threat on Windows Server 2012.
The details of these vulnerabilities and the services are listed below for your study.
| CVE Number | Impact | Severity | CVSS Score | Comments |
|---|---|---|---|---|
| CVE-2023-21549 | Elevation of Privilege | CRITICAL | 8.8 | Windows SMB Witness Service |
| CVE-2023-21535 | Remote Code Execution | CRITICAL | 8.1 | Windows Secure Socket Tunneling Protocol (SSTP) |
| CVE-2023-21543 | Remote Code Execution | CRITICAL | 8.1 | Windows Layer 2 Tunneling Protocol (L2TP) |
| CVE-2023-21546 | Remote Code Execution | CRITICAL | 8.1 | Windows Layer 2 Tunneling Protocol (L2TP) |
| CVE-2023-21548 | Remote Code Execution | CRITICAL | 8.1 | Windows Secure Socket Tunneling Protocol (SSTP) |
| CVE-2023-21555 | Remote Code Execution | CRITICAL | 8.1 | Windows Layer 2 Tunneling Protocol (L2TP) |
| CVE-2023-21556 | Remote Code Execution | CRITICAL | 8.1 | Windows Layer 2 Tunneling Protocol (L2TP) |
| CVE-2023-21561 | Elevation of Privilege | CRITICAL | 8.8 | Microsoft Cryptographic Services |
| CVE-2023-21679 | Remote Code Execution | CRITICAL | 8.1 | Windows Layer 2 Tunneling Protocol (L2TP) |
| CVE-2023-21730 | Elevation of Privilege | CRITICAL | 7.8 | Microsoft Cryptographic Services |
Changelog – KB5022348 for Windows Server 2012
The following issues have been resolved in KB5022348 for Windows Server 2012 and Windows Server 2012 Server Core installation:
- Authentication might fail after you set the higher 16-bits of the msds-SupportedEncryptionTypes attribute. This issue might occur if encryption types are not set or if RC4 Encryption type is disabled on the domain.
- Resolves a known issue that affects apps that use Microsoft Open Database Connectivity (ODBC) SQL Server Driver (sqlsrv32.dll) to connect to databases. The connection might fail. You might also receive an error in the app, or you might receive an error from the SQL Server.
Apart from this, the domain join issue continues to affect Windows Server 2012. The issue description for the domain join issue has been released by Microsoft as under:
After this update or a later Windows update is installed, domain join operations might be unsuccessful and error “0xaac (2732): NERR_AccountReuseBlockedByPolicy” occurs. Additionally, text stating “An account with the same name exists in Active Directory. Re-using the account was blocked by security policy” might be displayed.
Affected scenarios include some domain join or re-imaging operations where a computer account was created or pre-staged by a different identity than the identity used to join or re-join the computer to the domain.
Microsoft did publish details and a workaround for the domain join issue under KB5020276.
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.