KB5022840 is the cumulative update for Windows Server 2019. It was released on 14th February 2023 under the ‘Patch Tuesday’ program of Microsoft.
KB5022840 has been superseded by KB5023702 which was released in March 2023. You can read more about KB5023702 on this page.
Key points about KB5022840 for Windows Server 2019
- KB5022840 is a cumulative update that supersedes the KB5022286 update. KB5022286 is a cumulative update released in January 2023.
- KB5022840 corresponds to build 17763.4010 and KB5022286 corresponds to server build 17763.3887. There were no releases between KB5022286 and KB5022840.
- Servicing Stack Update KB5005112 needs to be installed prior to installing KB5022840. KB5005112 was released in August 2021.
- Windows Server 2019 and Windows Server 2019 Server core installation are affected by 34 vulnerabilities. 3 of these vulnerabilities have a ‘CRITICAL’ severity and the remaining have an ‘IMPORTANT’ severity level.
- Windows Server 2019 and Windows Server 2019 Server core installation are impacted by CVE-2023-21823 zero-day vulnerability. This is a Remote Code Execution vulnerability in Windows Graphics Component. It has a CVSS rating of 7.8. The vulnerability has already been exploited.
- Windows Server 2019 and Windows Server 2019 Server core installation are also impacted by CVE-2023-23376. This vulnerability is an ‘Elevation of Privilege’ threat in the Windows Common Log File System Driver. The vulnerability has a CVSS score of 7.8 and has been exploited already.
The three ‘CRITICAL’ vulnerabilities on Windows Server 2019 and Windows Server 2019 Server core installation are shared below:
| Vulnerability | CVSS | Impact |
|---|---|---|
| CVE-2023-21689 | 9.8 | Remote Code Execution in Microsoft Protected Extensible Authentication Protocol (PEAP) |
| CVE-2023-21690 | 9.8 | Remote Code Execution in Microsoft Protected Extensible Authentication Protocol (PEAP) |
| CVE-2023-21692 | 9.8 | Remote Code Execution in Microsoft Protected Extensible Authentication Protocol (PEAP) |
Download KB5022840 for Windows Server 2019
You can download KB5022840 as an offline installer file. The direct download links are shared below:
- Download KB5022840 for x64 Windows Server 2019. The size of the MSU update file is 596.2 MB in size.
- Download KB5005112 Servicing Stack Update for Windows Server 2019. The SSU has a size of 13.8 MB. When you install Servicing Stack update, the server does not need to restart.
- You can also download KB5022840 from the Microsoft update catalog page for KB5022840.
- Servicing Stack update KB5005112 can also be downloaded from the Microsoft update catalog page for KB5022840.
If you choose to install the KB5022840 automatically, the Servicing Stack Update KB5005112 will be installed automatically prior to installing KB5022840.
Changelog for KB5022840
The following improvements are part of the KB5022840 cumulative update for Windows Server 2019:
- It updates the text and web link for Windows Admin Center (WAC) notifications. These appear after you sign in to the desktop unless you have turned them off. The WAC notifications highlight the available Windows Server management options.
- This update addresses an issue that affects searchindexer.exe. It randomly stops you from signing in or signing out.
- This update affects HTML dialogs in Microsoft Edge IE mode. Administrators can now reset the zoom for HTML dialogs to the default.
- This update addresses an issue that affects dialogs in IE Mode.
- This update addresses an issue that affects Microsoft Edge when it is in IE Mode. The titles of pop-up windows and tabs are wrong.
- This update addresses an issue that affects certain Internet of Things (IoT) devices. They lose audio.
- This update addresses an issue that affects local Kerberos authentication. It fails if the local Key Distribution Center (KDC) service is not active.
- This update addresses an issue that affects Windows Server 2022. Phone activation of a Key Management Services (KMS) key does not work.
- This update affects Active Directory (AD). It improves the replication performance of AD in large environments.
- This update addresses an issue that affects the Resilient File System (ReFS) MSba tag. The issue causes a nonpaged pool leak.
- This update addresses an issue that affects the Resilient File System (ReFS). The issue causes high nonpaged pool usage, which depletes system memory.
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.