KB5022838 is the latest cumulative update for Windows Server 2016. It was released on 14th February 2023 under the Microsoft Patch Tuesday project. Let us look at the essential details and conditions for installing KB5022838.
KB5022838 has now been replaced by KB5023697 cumulative update for March 2023. You can read more about KB5023697 on this page.
Key points about KB5022838 for Windows Server 2016
- KB5022838 supersedes KB5022289. KB5022289 was released in January 2023. During the intervening period, no additional updates were released for Windows Server 2016 and Windows Server 2016 Server core installation.
- KB5022838 corresponds to server build 14393.5717 and replaces server build 14393.5648 which corresponds to KB5022289.
- Servicing Stack Update KB5017396 needs to be deployed prior to deploying KB50228938.
- 33 security vulnerabilities affect Windows Server 2016. Out of this, three vulnerabilities have a ‘CRITICAL’ severity level.
- Similar to Windows Server 2016, the Windows Server 2016 Server Core installation is impacted by 33 vulnerabilities. 3 of these are CRITICAL and the remaining have IMPORTANT severity levels.
- Windows Server 2016 and Windows Server 2016 Server core installation are affected by CVE-2023-21823 zero-day vulnerability. This is a Remote Code Execution vulnerability in Windows Graphics Component. It has a CVSS rating of 7.8. The vulnerability has already been exploited.
- Windows Server 2016 and Windows Server 2016 Server core installation are also affected by CVE-2023-23376. This vulnerability is an ‘Elevation of Privilege’ threat in the Windows Common Log File System Driver. The vulnerability has a CVSS score of 7.8 and has been exploited already.
The three ‘CRITICAL’ vulnerabilities on Windows Server 2016 and Windows Server 2016 Server core installation have a CVSS score of 9.8. The brief details of these vulnerabilities are shared below:
| Vulnerability | CVSS | Impact |
|---|---|---|
| CVE-2023-21689 | 9.8 | Remote Code Execution in Microsoft Protected Extensible Authentication Protocol (PEAP) |
| CVE-2023-21690 | 9.8 | Remote Code Execution in Microsoft Protected Extensible Authentication Protocol (PEAP) |
| CVE-2023-21692 | 9.8 | Remote Code Execution in Microsoft Protected Extensible Authentication Protocol (PEAP) |
Download KB5022838 for Windows Server 2016
The direct download links for KB5022838 for Windows Server 2016 and Windows Server 2016 Server Core installation are given below:
- Download KB5022838 for x64 Windows Server 2016 – the size of this MSU update file is 1552.6 MB
- Download KB5017396 for x64 Windows Server 2016 – the size of the servicing stack update is 11.6 MB. Upon installation of a Servicing Stack Update, the server does not need to restart.
- You can choose to install the offline installer file for KB5022838 from the Microsoft catalog page as well.
- SSU KB5017396 can be downloaded from the Microsoft Update catalog page for KB5017396.
Apart from the manual deployment of KB5022838 through the MSU file, you could use one of the following automated methods:
- Windows Update
- Windows Update for Business
- Windows Server Update Service or WSUS
If you choose to use an automated method for patching KB5022838, the Servicing Stack Update KB5017396 is offered automatically prior to the deployment of KB5022838 on Windows Server 2016.
Changelog for KB5022838 for Windows Server 2016
The following improvements or issues have been fixed in KB5022838 for Windows Server 2016:
- This update addresses an issue that puts domain controllers (DC) in a restart loop. This occurs because the Local Security Authority Subsystem Service (LSASS) stops responding. The error is 0xc0000374. LSASS stops responding if you populate KrbTGT with the AltsecID on accounts that read-write and read-only DCs use.
- This update affects HTML dialogs in Microsoft Edge IE mode. Administrators can now reset the zoom for HTML dialogs to the default.
- This update addresses an issue that affects AppV. It stops file names from having the correct letter case (uppercase or lowercase).
- This update addresses an issue that affects certain Internet of Things (IoT) devices. They lose audio.
- This update addresses an issue that affects searchindexer.exe. It randomly stops you from signing in or signing out.
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.