KB5025285 Monthly rollup update for Windows Server 2012 R2 – April 2023

KB5025285 is the cumulative update for Windows Server 2012 R2. It is also called the monthly rollup update. The update was released on 11th April 2023, under the ‘Patch Tuesday’ initiative.

KB5025285 has now been replaced by KB5026415. You can read more about KB5026415 on this page.

Key points about KB5025285

  • KB5025285 is a cumulative update for Windows Server 2012 R2 and supersedes the KB5023765 update. KB5023765 was released in March 2023 and you can read more about it on this page for KB5023765.
  • The cumulative nature of KB5025285 means that all changes that are part of KB5023765 are included in the KB5025285 monthly rollup update.
  • KB5025285 is more exhaustive than the security-only update KB5025288 for Windows Server 2012 R2. It includes all changes that are part of KB5025288. Additionally, the monthly rollup update includes product improvements. We strongly suggest choosing KB5025285 over KB5025288 for Windows Server 2012 R2.
  • Servicing Stack update KB5023790 corresponds to KB5025285. KB5023790 was released in February 2023. If you have not patched KB5023790 on Windows Server 2012 R2, please deploy it prior to deployment of the KB5025285 on the server.
  • Separate installation of the cumulative update for Internet Explorer is not needed if you plan to install KB5025285. IE cumulative update is required if you were to install KB5025288 instead of the KB5025285 monthly rollup update.
  • 62 security vulnerabilities impact Windows Server 2012 R2. Six of these carry ‘CRITICAL’ severity levels. These threats have been shared below in the vulnerability section.
  • Two zero-day threats also affect the Windows Server 2012 R2. These have been listed in the vulnerabilities section.
  • KB5025285 has compatibility issues with language packs. So, if you install a language pack after installing KB5025285, you will need to redeploy the KB5025285 update on the Windows Server 2012 R2.

So, the successful installation of KB5025285 requires two steps:

  1. Install SSU KB5023790
  2. Install cumulative update KB5025285

Download KB5025285

KB5025285 can be deployed automatically using:

  • Windows Update
  • Microsoft Update
  • WSUS or Windows Server Update Service

Manual deployment of KB5025285 can be attempted using the offline installer file. The offline installer file is available as an MSU file. You could directly download these files from the Microsoft site using the direct download links shared below. Alternatively, you can use the direct Microsoft Update Catalog pages to download the offline installer files.

Cumulative updateDownload linkSize of the update
KB5023790Download KB502379010.7 MB
KB5025285Download KB5025285570.7 MB

If you prefer downloading the MSU files from the Microsoft Update Catalog website, please do visit the catalog pages shared below:

We recommend installing KB5023790 prior to the deployment of KB5025285. SSU KB5023790 will not cause the server to reboot.

Security vulnerabilities on Windows Server 2012 R2

There are 62 vulnerabilities that affect Windows Server 2012 R2 as per the latest security bulletin of Microsoft. We look at the 6 CRITICAL vulnerabilities on Windows Server 2012 R2.

Additionally, we also share details of two zero-day threats on the Windows Server 2012 R2.

Zero-day vulnerabilities on Windows Server 2012 R2

The following zero-day threats affect Windows Server 2012 R2:

CVECVSS ScoreCVE TitleImpact
CVE-2013-39007.4WinVerifyTrust Signature Validation VulnerabilityRemote Code Execution
CVE-2023-282527.8Windows Common Log File System DriverElevation of Privilege Vulnerability

CRITICAL vulnerabilities on Windows Server 2012 R2

Out of the six CRITICAL vulnerabilities, two carry a CVSS score of 9.8. All these vulnerabilities are of the type of ‘Remote Code Execution’ threats.

VulnerabilityCVE TitleCVSS ScoreVulnerability scope
CVE-2023-21554Microsoft Message Queuing9.8Remote Code Execution
CVE-2023-28250Windows Pragmatic General Multicast (PGM)9.8Remote Code Execution
CVE-2023-28231DHCP Server Service8.8Remote Code Execution
CVE-2023-28219Layer 2 Tunneling Protocol8.1Remote Code Execution
CVE-2023-28220Layer 2 Tunneling Protocol8.1Remote Code Execution
CVE-2023-28232Windows Point-to-Point Tunneling Protocol7.5Remote Code Execution

KB5025285 – Changelog

The following changes are included in the KB5025285 monthly rollup update:

  • By the March 1, 2023, order of the Arab Republic of Egypt, daylight savings time (DST) will resume on April 28, 2023, and end on October 27, 2023. This update applies to Egypt Standard Time – (UTC+02:00) Cairo.
  • Known compatibility issues exist with certain printer models which feature GDI printer drivers that do not completely adhere to GDI specifications.

You may like to read more content about the latest cumulative updates below:

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.