KB5022899 monthly rollup update for Windows Server 2012 R2

This content has been archived. But, the content is true and relevant to the underlying technology products or infrastructure services.

KB5022899 is February 2023 monthly rollup update for Windows Server 2012 R2. The update was released on 14th February under the ‘Patch Tuesday’ project.

KB5022899 has now been replaced or superseded by KB5023765 monthly rollup update for Windows Server 2012 R2. You can read more about KB5023765 here.

Key points about KB5022899 for Windows Server 2012 R2

  • KB5022899 is a cumulative update that supersedes or replaces the KB5022352 update released in January 2023.
  • KB5022899 also contains all changes that are part of KB5022894 security-only update for Windows Server 2012 R2.
  • Servicing Stack update KB5018922 corresponds to KB5022899. Therefore, KB5018922 must be deployed before installing KB5022899 on Windows Server 2012 R2.
  • Windows Server 2012 R2 and Windows Server 2012 R2 Server core installation are impacted by 32 security vulnerabilities.
  • Windows Server 2012 R2 and Windows Server 2012 R2 Server core installation are affected by 3 CRITICAL security vulnerabilities. These vulnerabilities are shared below for ready reference.
VulnerabilityCVSSImpact
CVE-2023-216899.8Remote Code Execution in Microsoft Protected Extensible Authentication Protocol (PEAP) 
CVE-2023-216909.8Remote Code Execution in Microsoft Protected Extensible Authentication Protocol (PEAP) 
CVE-2023-216929.8Remote Code Execution in Microsoft Protected Extensible Authentication Protocol (PEAP) 
Windows Server 2012 R2 KB5022899

Download KB5022899 for Windows Server 2012 R2

Since KB5022899 is a cumulative update, you can install it manually or automatically. For manual deployments, you will also need to download the Servicing Stack Update KB5018922.

You can download the SSU and monthly rollup update from the Microsoft Update catalog page for the corresponding patches. Alternatively, you can use the direct download links shared below for either of these updates.

  • Download KB5018922 Servicing Stack update from the Microsoft Update catalog page. The size of this update file is 10.5 MB. Upon SSU installation, a server restart is not needed.
  • You can download KB5018922 directly and install the MSU update file on the Windows Server 2012 R2.
  • Download KB5022899 for Windows Server 2012 R2 from the Microsoft catalog. The size of this update file is 568.9 MB and the server will restart post-deployment.
  • You can also download KB5022899 directly as an MSU update file.

You can also deploy KB5022899 automatically using one of the following:

  • Windows Update
  • WSUS or Windows Server Update Service

In both cases, the corresponding Servicing Stack Update KB5018922 will be automatically deployed prior to installing KB5022899. No separate action is required for the SSU installation.

Issues after installing KB5022899 on Windows Server 2012 R2

Microsoft has stated that you may experience domain join issues on the server.

After this update or a later Windows update is installed, domain join operations might be unsuccessful and error “0xaac (2732): NERR_AccountReuseBlockedByPolicy” occurs. Additionally, text stating “An account with the same name exists in Active Directory. Re-using the account was blocked by security policy” might be displayed.

For a resolution of this issue, Microsoft has published an article under the security article KB5020276.

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.

Leave a Comment