KB5023706 is the cumulative update for Windows 11 version 22H2 for the month of March 2023. It was released on 14th March as part of the ‘Patch Tuesday’ project.
Key points about KB5023706 update for Windows 11 22H2
– KB5022845 is February month’s cumulative update. KB5022913 is the preview update for Windows 11 22H2 released on 28th February 2023.
– All changes that are part of the preview update KB5022913 are also part of the KB5023706 cumulative update. If you did not deploy the KB5022913 update yet, you can skip it and go straight to KB5023706.
– KB5023706 cumulative update corresponds to Windows 11 22H2 build 22621.1413. This build will replace the February build 22621.1265 and the preview update build 22621.1344.
– The Servicing Stack Update for March 2023 for Windows 11 version 22H2 is part of the cumulative update. No separate installation of the SSU is needed for Windows 11 22H2. The SSU that corresponds to KB5023706 is version 22621.1344.
– The domain join issue in the Active Directory has been resolved in KB5023706 for Windows 11 22H2. The issue happened for the first time after the installation of the October 2022 cumulative updates. Microsoft had released an interim fix and covered it under the KB5020276 update.
– There are 54 vulnerabilities for Windows 11 version 22H2. All these vulnerabilities have been covered in March month’s security bulletin released by Microsoft. 8 of these vulnerabilities are ‘CRITICAL’ severity threats. We have covered these in the vulnerability section below.
Download KB5023706 for Windows 11 22H2
The cumulative update KB5023706 for Windows 11 22H2 can be deployed automatically or manually.
For manual deployments, you will need to download the offline installer file. The installer files are available for Windows 11 22H2 x64 editions and Windows 11 22H2 ARM64 editions.
- Download KB5023706 for x64 Windows 11 22H2 from the Microsoft update catalog page.
- Download KB5023706 for ARM64 Windows 11 22H2 from the Microsoft update catalog page.
The direct download links for the offline installer files for KB5023706 for Windows 11 22H2 are shared below:
- Direct download link for x64 Windows 11 22H2 – the size of the update file is 284 MB
- Direct download link for ARM64 Windows 11 22H2 – the size of the update file is 388 MB
Both these updates already contain the Servicing Stack Update or SSU for Windows 11 22H2.
Automated installation of Windows 11 22H2 cumulative update KB5023706 can be completed using any one of the following:
- Windows Update
- Windows Update for Business
- WSUS or Windows Server Update Service.
Vulnerabilities on Windows 11 covered under KB5023706
There are a total of 54 vulnerabilities on Windows 11 22H2 x64 edition, and 52 vulnerabilities on Windows 11 22H2 ARM64 edition. Out of 54 vulnerabilities on x64 Windows 11 22H2, 8 are of CRITICAL severity levels. On the ARM64 edition of Windows 11 22H2, there are 6 CRITICAL vulnerabilities.
We list the 8 vulnerabilities that affect Windows 11 22H2 x64 editions and 6 vulnerabilities that affect the ARM64 edition of Windows 11 22H2.
|CVE-2023-21708||9.8||Remote Code Execution||To exploit this vulnerability, an unauthenticated attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service.|
|CVE-2023-23392||9.8||Remote Code Execution||An unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets.|
|CVE-2023-23415||9.8||Remote Code Execution||An attacker could send a low-level protocol error containing a fragmented IP packet inside another ICMP packet in its header to the target machine.|
|CVE-2023-1017||8.8||Elevation of Privileges||By leveraging malicious TPM commands from a guest VM to a target running Hyper-V, an attacker can cause an out of bounds write in the root partition.|
|CVE-2023-1018||8.8||Elevation of Privileges||This threat affects the TPM 2.0 library and can lead to an Elevation of Privilege vulnerability.|
|CVE-2023-23416||8.4||Remote Code Execution||For successful exploitation, a malicious certificate needs to be imported on an affected system. An attacker could upload a certificate to a service that processes or imports certificates, or an attacker could convince an authenticated user to import a certificate on their system. The vulnerability affects Windows Cryptographic services.|
|CVE-2023-23404||8.1||Remote Code Execution||This is an RCE on the Windows Point-to-Point Tunneling Protocol.|
|CVE-2023-23411||6.5||Denial of Service||Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host.|
The ARM64 edition of Windows 11 22H2 is affected by all the above-stated vulnerabilities except for CVE-2023-1017 and CVE-2023-1018.
KB5023706 for Windows 11 22H2 – Changelog
The following improvements or bug fixes have been reported for the KB5023706 cumulative update for Windows 11 22H2:
- This update implements phase three of Distributed Component Object Model (DCOM) hardening. See KB5004442. After you install this update, you cannot turn off the changes using the registry key.
- This update addresses an issue that affects a computer account and Active Directory. When you reuse an existing computer account to join an Active Directory domain, joining fails. This occurs on devices that have installed Windows updates dated October 11, 2022 or later. The error message is, “Error 0xaac (2732): NERR_AccountReuseBlockedByPolicy: ‘An account with the same name exists in Active Directory. Re-using the account was blocked by security policy.’” For more information, see KB5020276.
We are sorry that this post was not useful for you!
Let us improve this post!
Tell us how we can improve this post?
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.