KB5023706 cumulative update for Windows 11 22H2

KB5023706 is the cumulative update for Windows 11 version 22H2 for the month of March 2023. It was released on 14th March as part of the ‘Patch Tuesday’ project.

Key points about KB5023706 update for Windows 11 22H2

– KB5023706 is a cumulative update for Windows 11 22H2 for the month of March 2023. It replaces or supersedes KB5022845 and KB5022913.

– KB5022845 is February month’s cumulative update. KB5022913 is the preview update for Windows 11 22H2 released on 28th February 2023.

– All changes that are part of the preview update KB5022913 are also part of the KB5023706 cumulative update. If you did not deploy the KB5022913 update yet, you can skip it and go straight to KB5023706.

– KB5023706 cumulative update corresponds to Windows 11 22H2 build 22621.1413. This build will replace the February build 22621.1265 and the preview update build 22621.1344.

– The Servicing Stack Update for March 2023 for Windows 11 version 22H2 is part of the cumulative update. No separate installation of the SSU is needed for Windows 11 22H2. The SSU that corresponds to KB5023706 is version 22621.1344.

– The domain join issue in the Active Directory has been resolved in KB5023706 for Windows 11 22H2. The issue happened for the first time after the installation of the October 2022 cumulative updates. Microsoft had released an interim fix and covered it under the KB5020276 update.

– There are 54 vulnerabilities for Windows 11 version 22H2. All these vulnerabilities have been covered in March month’s security bulletin released by Microsoft. 8 of these vulnerabilities are ‘CRITICAL’ severity threats. We have covered these in the vulnerability section below.

Windows 11 cumulative update KB5023706

Download KB5023706 for Windows 11 22H2

The cumulative update KB5023706 for Windows 11 22H2 can be deployed automatically or manually.

For manual deployments, you will need to download the offline installer file. The installer files are available for Windows 11 22H2 x64 editions and Windows 11 22H2 ARM64 editions.

The direct download links for the offline installer files for KB5023706 for Windows 11 22H2 are shared below:

Both these updates already contain the Servicing Stack Update or SSU for Windows 11 22H2.

Automated installation of Windows 11 22H2 cumulative update KB5023706 can be completed using any one of the following:

  • Windows Update
  • Windows Update for Business
  • WSUS or Windows Server Update Service.

Vulnerabilities on Windows 11 covered under KB5023706

There are a total of 54 vulnerabilities on Windows 11 22H2 x64 edition, and 52 vulnerabilities on Windows 11 22H2 ARM64 edition. Out of 54 vulnerabilities on x64 Windows 11 22H2, 8 are of CRITICAL severity levels. On the ARM64 edition of Windows 11 22H2, there are 6 CRITICAL vulnerabilities.

We list the 8 vulnerabilities that affect Windows 11 22H2 x64 editions and 6 vulnerabilities that affect the ARM64 edition of Windows 11 22H2.

VulnerabilityCVSSSeverityDescription
CVE-2023-217089.8Remote Code ExecutionTo exploit this vulnerability, an unauthenticated attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service.
CVE-2023-233929.8Remote Code ExecutionAn unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets.
CVE-2023-234159.8Remote Code ExecutionAn attacker could send a low-level protocol error containing a fragmented IP packet inside another ICMP packet in its header to the target machine. 
CVE-2023-10178.8Elevation of PrivilegesBy leveraging malicious TPM commands from a guest VM to a target running Hyper-V, an attacker can cause an out of bounds write in the root partition.
CVE-2023-10188.8Elevation of PrivilegesThis threat affects the TPM 2.0 library and can lead to an Elevation of Privilege vulnerability.
CVE-2023-234168.4Remote Code ExecutionFor successful exploitation, a malicious certificate needs to be imported on an affected system. An attacker could upload a certificate to a service that processes or imports certificates, or an attacker could convince an authenticated user to import a certificate on their system. The vulnerability affects Windows Cryptographic services.
CVE-2023-234048.1Remote Code ExecutionThis is an RCE on the Windows Point-to-Point Tunneling Protocol.
CVE-2023-234116.5Denial of ServiceSuccessful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host.

The ARM64 edition of Windows 11 22H2 is affected by all the above-stated vulnerabilities except for CVE-2023-1017 and CVE-2023-1018.

KB5023706 for Windows 11 22H2 – Changelog

The following improvements or bug fixes have been reported for the KB5023706 cumulative update for Windows 11 22H2:

  • This update implements phase three of Distributed Component Object Model (DCOM) hardening. See KB5004442. After you install this update, you cannot turn off the changes using the registry key.
  • This update addresses an issue that affects a computer account and Active Directory. When you reuse an existing computer account to join an Active Directory domain, joining fails. This occurs on devices that have installed Windows updates dated October 11, 2022 or later. The error message is, “Error 0xaac (2732): NERR_AccountReuseBlockedByPolicy: ‘An account with the same name exists in Active Directory. Re-using the account was blocked by security policy.’” For more information, see KB5020276.

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.