KB5023752 security update for Windows Server 2012

KB5023752 is the security-only update for Windows Server 2012. It was released on 14th March 2023 under Microsoft’s ‘Patch Tuesday’ program. We cover the details of KB5023752 below.

Key points about KB5023752 for Windows Server 2012

– KB5023752 is a standalone security update for Windows Server 2012. It provides fixes and protection against the security vulnerabilities that have been disclosed between the date of the last security update and the current security update.

– For full security, you will need to deploy all the previous security updates for Windows Server 2012. The preceding security update for Windows Server 2012 was released in February 2023. You can read more about the KB5022895 security update for February 2023 on this page.

– We strongly suggest that you must prefer the monthly rollup update KB5023756 for Windows Server 2012 instead of deploying the security update KB5023752. The monthly rollup updates are cumulative in nature while the security updates are standalone updates that have no connection with the previous security updates.

– Servicing Stack Update KB5023791 needs to be deployed on Windows Server 2012 before deploying KB5023752 security update. KB5023791 is the latest Servicing Stack Update released in March 2023.

– Cumulative update for Internet Explorer KB5022835 needs to be installed on Windows Server 2012 prior to installing KB5023752 security update.

– If you install a language pack on Windows Server 2012 after installing of KB5023752 security update, you will need to re-deploy the security update. The language packs render the security update infructuous and thus we need a re-deployment.

– The domain join issue on Active Directory for Windows Server 2012 remains unresolved as we write this. This issue was first reported after the deployment of the October 2022 cumulative and security updates on the server. Microsoft has released an interim fix under the KB5020276 update.

– Windows Server 2012 and Windows Server 2012 Server core installation are affected by 44 security vulnerabilities. Out of these 44 security vulnerabilities, 4 vulnerabilities have a CRITICAL severity rating. The details of 4 CRITICAL security vulnerabilities are shared in the vulnerability section below.

KB5023752 security update for Windows Server 2012 for March 2023.
KB5023752 security update for Windows Server 2012

Download KB5023752 for Windows Server 2012

You can install KB5023752 on Windows Server 2012 through WSUS or through an offline installer file.

For manual installations, we suggest downloading the offline installer files from the Microsoft Update Catalog.

The deployment process for KB5023752 includes three-step deployments that would include:

  • Downloading and installing KB5023791 Servicing Stack Update
  • Downloading and installing KB5022835 cumulative update for Internet explorer
  • Downloading and installing KB5023752 security update for Windows Server 2012

We share the download links for each update through the Microsoft Update Catalog. We have also given the direct download links for downloading the offline installer files.

The Microsoft Update Catalog pages for the update cycle for Windows Server 2012 for March 2023 are shared herein:

The direct download links for this month’s security update for Windows Server 2012 are shared hereunder:

Security vulnerabilities on Windows Server 2012 under KB5023752

As mentioned above, there are 44 security vulnerabilities on Windows Server 2012. These threats have been disclosed by Microsoft as part of the ‘Patch Tuesday’ project. We discuss the 4 CRITICAL vulnerabilities on Windows Server 2012 below.

VulnerabilityCVSSImpactBrief description
CVE-2023-234159.8Remote Code ExecutionAn attacker could send a low-level protocol error containing a fragmented IP packet inside another ICMP packet in its header to the target machine. To trigger the vulnerable code path, an application on the target must be bound to a raw socket.
CVE-2023-217089.8Remote Code ExecutionTo exploit this vulnerability, an unauthenticated attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service.
CVE-2023-234168.4Remote Code ExecutionFor successful exploitation, a malicious certificate needs to be imported on an affected system. An attacker could upload a certificate to a service that processes or imports certificates, or an attacker could convince an authenticated user to import a certificate on their system. The vulnerability affects Windows Cryptographic services.
CVE-2023-234048.1Remote Code ExecutionThis is an RCE on the Windows Point-to-Point Tunneling Protocol.

KB5023752 for Windows Server 2012 – Changelog

The following issue fixes or improvements have been reported by Microsoft under the KB5023752 security update for Windows Server 2012:

  • After applying a Windows update released on or after July 12, 2022, hyperlinks embedded in an Excel workbook that use the search-ms protocol might stop working.
  • The Local Security Authority Subsystem Service (Lsass.exe) might stop responding after System Preparation (sysprep) is run on a domain-joined device.
  • After applying a Windows update released on or after November 8, 2022 on a server running Windows Server 2012, audio loss might occur.
  • By order of the Mexican government in October 2022, the United Mexican States will not observe daylight saving time (DST) in 2023. Key changes in the order include the following:
    • Updated DST rules for Mountain Standard Time (Mexico) and Central Standard Time (Mexico) to no daylight saving time starting in 2023.
    • Changed Chihuahua time zone from (UTC -7:00) Mountain Standard Time (Mexico) to (UTC -6:00) Central Standard Time (Mexico).
    • Changed Ojinaga time zone from (UTC -7:00) Mountain Standard Time (Mexico) to (UTC -6:00) Central Standard Time (Mexico)
    • Created a new time zone America/Ciudad_Juarez and mapped it to Mountain Standard Time (Mexico).
  • This update implements the final phase of DCOM hardening as described in KB5004442. This phase removes the ability to disable changes through the registry.
Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.