KB5023764 is a security-only update for Windows Server 2012 R2. It was released under the ‘Patch Tuesday’ initiative of Microsoft on 14th March 2023.
Key points about KB5023764 for Windows Server 2012 R2
– KB5023764 has been succeeded by KB5025288 for Windows Server 2012 R2 in April 2023. You can read more about KB5025288 on this page.
– KB5023764 is a standalone security update. It addresses security vulnerabilities that have been reported over the past four weeks for Windows Server 2012 R2. For full security coverage on Windows Server 2012 R2, you will need to make sure that all the previous security updates for the server have been deployed. Effectively, before you plan to install the KB5023764 security update, you will need to validate that the last security update on Windows Server 2012 R2 is KB5022894. KB5022894 is the security update for February 2023. You can read more about KB5022894 on this page.
– If possible, always consider installing a monthly rollup update instead of the security-only update on Windows Server 2012 R2. In case of March 2023 updates, we suggest installing KB5023765 instead of KB5023764. You will save a few steps during the deployment process by installing the cumulative update or monthly rollup update on Windows Server 2012 R2.
– Prior to installing KB5023764 on Windows Server 2012 R2, you will need to install the latest Servicing Stack Update KB5023790 on the server. This Servicing Stack Update has been released on 14th March 2023. Details of the Servicing Stack update download link are shared below.
– Apart from installing the SSU, you will also need to install the cumulative update for Internet Explorer for patching the IE against security vulnerabilities. In this case, you will need to patch KB5022835 cumulative update for Internet Explorer.
– So, if you intend to patch KB5023764 on Windows Server 2012 R2, you will need to install the SSU and cumulative update for Internet Explorer before you begin the process of installing KB5023764.
Essentially, you will have to install three patches on Windows Server 2012 R2:
- KB5023790 Servicing Stack Update released in March 2023.
- KB5022835 cumulative update for Internet Explorer released in February 2023
- KB5023764 security update for Windows Server 2012 R2
The download links for each of these updates are shared below for ready reference.
– The Active Directory join issue on Windows Server 2012 R2 has been resolved in KB5023764. The issue occurred for the first time after the deployment of cumulative updates on the server in October 2022. Microsoft has released a temporary fix or solution under the KB5020276 guide.
– The issue with language packs still continues to affect the Windows Server 2012 R2 and KB5023705. If you deploy a language pack after the installation of the KB5023705 security update, the security update will need to be deployed again. The security update becomes infructuous after a language pack is deployed on top of it.
– 45 security vulnerabilities have been shared by Microsoft for Windows Server 2012 R2. 4 of these vulnerabilities have a CRITICAL severity rating. We have shared these 4 vulnerabilities in the vulnerability section below.
Download KB5023764 on Windows Server 2012 R2
KB5023764 is a standalone update and can be deployed manually. The manual deployment process involves installing the offline installer file on the server.
The installation process is a three-step process.
- In the first step, you will download and install Servicing Stack Update KB5023790.
- Once the SSU or Servicing Stack Update has been installed, you will need to download and deploy the KB5022835 update for the Internet Explorer browser.
- Finally, you will install the security-only update KB5023705 on the server.
You can download KB5023705 from the Microsoft Catalog page for KB5023705. Or, you could download the MSU update file from the direct download links shared below.
- Download KB5023790 Servicing Stack Update from Microsoft Update Catalog – the update file has a size of 10.7 MB.
- Download KB5022835 Cumulative update for Internet Explorer 11 from Microsoft Update Catalog – the update file has a size of 55 MB.
- Download KB5023764 security update for Windows Server 2012 R2 – the size of the update file is 43.1 MB.
You can download the offline installer files for the SSU, Internet Explorer, and security update from the direct download links shared below.
- Direct download link for KB5023790 Servicing Stack Update for Windows Server 2012 R2
- Direct download link for KB5022835 for the cumulative update for Internet Explorer
- Direct download link for security-only update KB5023764 for Windows Server 2012 R2
Besides the manual installation, you can deploy KB5023764 automatically through WSUS or Windows Server Update service.
Security vulnerabilities on Windows Server 2012 R2 under KB5023764
There are 45 reported security threats on Windows Server 2012 R2 in the security bulletin released by Microsoft. Of these, 4 vulnerabilities are of a CRITICAL nature. We have shared a brief listing of the 4 CRITICAL security vulnerabilities below for your ready reference.
| Vulnerability | CVSS | Impact | Brief description |
|---|---|---|---|
| CVE-2023-23415 | 9.8 | Remote Code Execution | An attacker could send a low-level protocol error containing a fragmented IP packet inside another ICMP packet in its header to the target machine. To trigger the vulnerable code path, an application on the target must be bound to a raw socket. |
| CVE-2023-21708 | 9.8 | Remote Code Execution | To exploit this vulnerability, an unauthenticated attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service. |
| CVE-2023-23416 | 8.4 | Remote Code Execution | For successful exploitation, a malicious certificate needs to be imported on an affected system. An attacker could upload a certificate to a service that processes or imports certificates, or an attacker could convince an authenticated user to import a certificate on their system. The vulnerability affects Windows Cryptographic services. |
| CVE-2023-23404 | 8.1 | Remote Code Execution | This is an RCE on the Windows Point-to-Point Tunneling Protocol. |
KB5023764 security update for Windows Server 2012 R2 – Changelog
KB5023764 provides issue fixes and improvements for the following:
- After applying a Windows update released on or after July 12, 2022, hyperlinks embedded in an Office document that use the search-ms protocol might stop working.
- The Local Security Authority Subsystem Service (Lsass.exe) might stop responding after System Preparation (sysprep) is run on a domain-joined device.
- By order of the Mexican government in October 2022, the United Mexican States will not observe daylight saving time (DST) in 2023. Key changes in the order include the following:
- Updated DST rules for Mountain Standard Time (Mexico) and Central Standard Time (Mexico) to no daylight saving time starting in 2023.
- Changed Chihuahua time zone from (UTC -7:00) Mountain Standard Time (Mexico) to (UTC -6:00) Central Standard Time (Mexico).
- Changed Ojinaga time zone from (UTC -7:00) Mountain Standard Time (Mexico) to (UTC -6:00) Central Standard Time (Mexico)
- Created a new time zone America/Ciudad_Juarez and mapped it to Mountain Standard Time (Mexico).
- This update implements the final phase of DCOM hardening as described in KB5004442. This phase removes the ability to disable changes through the registry.
- Known issue resolved: When an existing computer account is reused to join a computer to an Active Directory domain, the join is unsuccessful. For more information about this new behavior, see KB5020276—Netjoin: Domain join hardening changes.
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.