KB5023756 monthly rollup update for Windows Server 2012

KB5023756 is the latest monthly rollup update for Windows Server 2012. It was released on 14th March 2023 under the ‘Patch Tuesday’ program of Microsoft.

Key points about KB5023756 for Windows Server 2012

– KB5025287 supersedes the KB5023756 cumulative monthly rollup update for Windows Server 2012. KB5025287 has been released in April 2023 and you can read more about KB5025287 on this page.

– KB5023756 is a cumulative update that supersedes KB5022903. KB5022903 is the monthly rollup update for February 2023. You can read more about KB5022903 on this page.

– We do suggest patching Windows Server 2012 with KB5023756 monthly rollup update instead of the security-only update KB5023752. Installing the security-only update requires additional steps to achieve full security coverage on the server.

– KB5023791 is the latest Servicing Stack Update that has been released for Windows Server 2012 on March 14, 2023. This SSU is required to be deployed prior to deploying KB5023756 on the server.

– Windows Server 2012 and Windows Server 2012 Server Core installation are affected by 44 security vulnerabilities. Out of these 44 vulnerabilities, 4 vulnerabilities have a CRITICAL rating and 40 vulnerabilities carry the IMPORTANT rating. A brief description of the CRITICAL vulnerabilities is shared below in the vulnerability section.

– If you deploy a language pack after installing KB5023756 on Windows Server 2012, you will need to re-install the KB5023756 update. Basically, the monthly rollup update will need to sit over the language pack. Any fresh deployment of a language pack renders the KB5023756 update infructuous.

– The Active Directory domain issue continues to affect Windows Server 2012. It remains unresolved on Windows Server 2012 for now, though it has been fixed on the Windows Server 2012 R2. You will need to use the interim fix released under the KB5020276 update by Microsoft until a permanent fix is included in one of the future monthly rollup updates for Windows Server 2012.

Download KB5023756 for Windows Server 2012

Manual installation of KB5023756 on Windows Server 2012 is possible. For this, you will need to follow the recommended strategy or two-step process.

In the first step, you will need to deploy KB5023791 prior to installing KB5023756 on Windows Server 2012. Once the SSU has been deployed, we can proceed with installing KB5023756 on the server.

For manual deployments, you will need to patch the server with an offline installer file. The offline installer files are in MSU format. It can be downloaded from the Microsoft Update Catalog page for KB5023791. Alternatively, you can download the offline installer file from the direct download link shared below.

After KB5023791 has been installed, you can move to the next step of installing the KB5023756 monthly rollup update for Windows Server 2012.

KB5023756 can be downloaded as an MSU offline installer file from the Microsoft Update catalog. The download links for KB5023756 are shared below for your ready reference:

Since KB5023756 is a monthly rollup update, you can also install the monthly rollup update automatically. For this, you could use one of the following methods:

  • Windows Update
  • Microsoft Update
  • WSUS or Windows Server Update Service

Automated deployments also follow the two-step process.

  • KB5023791 Servicing Stack Update is offered for deployment prior to installing KB5023756. Once it is patched, the next step involves the deployment of KB5023756.
  • KB5023756 is patched after KB5023791 SSU is installed.

It may be pertinent to mention that the SSU or Servicing Stack Update does not result in a server reboot.

Security vulnerabilities on Windows Server 2012 covered in KB5023756

There are 44 security vulnerabilities that have been shared in the March 2023 security bulletin of Microsoft. Out of these 44 vulnerabilities, 4 are CRITICAL vulnerabilities and the remaining 40 are IMPORTANT vulnerabilities. The 4 CRITICAL vulnerabilities for Windows Server 2012 are shared below.

VulnerabilityCVSSImpactBrief description
CVE-2023-234159.8Remote Code ExecutionAn attacker could send a low-level protocol error containing a fragmented IP packet inside another ICMP packet in its header to the target machine. To trigger the vulnerable code path, an application on the target must be bound to a raw socket.
CVE-2023-217089.8Remote Code ExecutionTo exploit this vulnerability, an unauthenticated attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service.
CVE-2023-234168.4Remote Code ExecutionFor successful exploitation, a malicious certificate needs to be imported on an affected system. An attacker could upload a certificate to a service that processes or imports certificates, or an attacker could convince an authenticated user to import a certificate on their system. The vulnerability affects Windows Cryptographic services.
CVE-2023-234048.1Remote Code ExecutionThis is an RCE on the Windows Point-to-Point Tunneling Protocol.

KB5023756 for Windows Server 2012 – Changelog

The following issue fixes or improvements have been reported under KB5023756 for Windows Server 2012:

  • After applying a Windows update released on or after July 12, 2022, hyperlinks embedded in an Office document that use the search-ms protocol might stop working.
  • The Local Security Authority Subsystem Service (Lsass.exe) might stop responding after System Preparation (sysprep) is run on a domain-joined device.
  • After applying a Windows update released on or after November 8, 2022 on a server running Windows Server 2012, audio loss might occur.
  • By order of the Mexican government in October 2022, the United Mexican States will not observe daylight saving time (DST) in 2023. Key changes in the order include the following:
    • Updated DST rules for Mountain Standard Time (Mexico) and Central Standard Time (Mexico) to no daylight saving time starting in 2023.
    • Changed Chihuahua time zone from (UTC -7:00) Mountain Standard Time (Mexico) to (UTC -6:00) Central Standard Time (Mexico).
    • Changed Ojinaga time zone from (UTC -7:00) Mountain Standard Time (Mexico) to (UTC -6:00) Central Standard Time (Mexico)
    • Created a new time zone America/Ciudad_Juarez and mapped it to Mountain Standard Time (Mexico).
  • This update implements the final phase of DCOM hardening as described in KB5004442. This phase removes the ability to disable changes through the registry.

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.