KB5022903 is February 2023 monthly rollup update for Windows Server 2012. It was released on 14th February 2023 under the ‘Patch Tuesday’ project of Microsoft.
KB5022903 has now been replaced with KB5023756 monthly rollup update for Windows Server 2012. You can read more about KB5023756 on this page.
Key points about KB5022903
- KB5022903 is a cumulative update for Windows Server 2012. It supersedes KB5022348, the monthly rollup update for January 2023.
- Besides this, KB5022903 also contains all changes that are part of this month’s security-only update KB5022895. However, it is always recommended to prefer monthly rollup updates over security-only updates.
- KB5022923 is the Servicing Stack Update that needs to be deployed prior to installing KB5022903. This SSU is the latest SSU released for Windows Server 2012 on 14th February 2023.
- KB5022903 has compatibility issues with language packs. If you install a language pack after installing this monthly rollup update, you will need to redeploy the update. So, language packs must be deployed prior to deploying the monthly rollup update.
- As per Microsoft’s security bulletin for the month of February 2023, Windows Server 2012 is affected by 32 vulnerabilities.
- There are 3 CRITICAL vulnerabilities that have been reported for Windows Server 2012 and Windows Server 2012 Server core installation. All these CRITICAL vulnerabilities have a CVSS score of 9.8. Details of these three vulnerabilities can be found below.
| Vulnerability | CVSS | Impact |
|---|---|---|
| CVE-2023-21689 | 9.8 | Remote Code Execution in Microsoft Protected Extensible Authentication Protocol (PEAP) |
| CVE-2023-21690 | 9.8 | Remote Code Execution in Microsoft Protected Extensible Authentication Protocol (PEAP) |
| CVE-2023-21692 | 9.8 | Remote Code Execution in Microsoft Protected Extensible Authentication Protocol (PEAP) |
Download KB5022903 for Windows Server 2012
The manual deployment of KB5022903 can be completed using an offline installer file. The update file is in MSU format. You can download the monthly rollup update for KB5022903 from the Microsoft update catalog page for KB5022903.
Prior to installing KB5022903, you must also download KB5022923 Servicing Stack Update. You can download KB5022923 from the Microsoft Update catalog.
- Download the KB5022903 update file for Windows Server 2012 – the size of this MSU update file is 414.1 MB.
- Download the KB5022923 Servicing Stack Update for Windows Server 2012 – the size of this MSU update file is 9.8 MB.
KB5022923 Servicing Stack Update does not cause the server to restart.
Besides manual deployment, you can deploy KB5022903 on Windows Server 2012 using Windows Update and Windows Server Update Service (WSUS) automatically. As part of the automated process, Servicing Stack Update will be automatically installer prior to installation of KB5022903 monthly rollup update.
You need to be aware of a potential issue that may happen post-deployment of KB5022903. The issue involves domain join operations. You may get an error error “0xaac (2732): NERR_AccountReuseBlockedByPolicy” occurs. Additionally, text stating “An account with the same name exists in Active Directory. Re-using the account was blocked by security policy” might be displayed.
The workaround has been published in KB5020276.
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.