KB5025285 is the cumulative update for Windows Server 2012 R2. It is also called the monthly rollup update. The update was released on 11th April 2023, under the ‘Patch Tuesday’ initiative.
KB5025285 has now been replaced by KB5026415. You can read more about KB5026415 on this page.
Key points about KB5025285
- KB5025285 is a cumulative update for Windows Server 2012 R2 and supersedes the KB5023765 update. KB5023765 was released in March 2023 and you can read more about it on this page for KB5023765.
- The cumulative nature of KB5025285 means that all changes that are part of KB5023765 are included in the KB5025285 monthly rollup update.
- KB5025285 is more exhaustive than the security-only update KB5025288 for Windows Server 2012 R2. It includes all changes that are part of KB5025288. Additionally, the monthly rollup update includes product improvements. We strongly suggest choosing KB5025285 over KB5025288 for Windows Server 2012 R2.
- Servicing Stack update KB5023790 corresponds to KB5025285. KB5023790 was released in February 2023. If you have not patched KB5023790 on Windows Server 2012 R2, please deploy it prior to deployment of the KB5025285 on the server.
- Separate installation of the cumulative update for Internet Explorer is not needed if you plan to install KB5025285. IE cumulative update is required if you were to install KB5025288 instead of the KB5025285 monthly rollup update.
- 62 security vulnerabilities impact Windows Server 2012 R2. Six of these carry ‘CRITICAL’ severity levels. These threats have been shared below in the vulnerability section.
- Two zero-day threats also affect the Windows Server 2012 R2. These have been listed in the vulnerabilities section.
- KB5025285 has compatibility issues with language packs. So, if you install a language pack after installing KB5025285, you will need to redeploy the KB5025285 update on the Windows Server 2012 R2.
So, the successful installation of KB5025285 requires two steps:
- Install SSU KB5023790
- Install cumulative update KB5025285
Download KB5025285
KB5025285 can be deployed automatically using:
- Windows Update
- Microsoft Update
- WSUS or Windows Server Update Service
Manual deployment of KB5025285 can be attempted using the offline installer file. The offline installer file is available as an MSU file. You could directly download these files from the Microsoft site using the direct download links shared below. Alternatively, you can use the direct Microsoft Update Catalog pages to download the offline installer files.
| Cumulative update | Download link | Size of the update |
|---|---|---|
| KB5023790 | Download KB5023790 | 10.7 MB |
| KB5025285 | Download KB5025285 | 570.7 MB |
If you prefer downloading the MSU files from the Microsoft Update Catalog website, please do visit the catalog pages shared below:
We recommend installing KB5023790 prior to the deployment of KB5025285. SSU KB5023790 will not cause the server to reboot.
Security vulnerabilities on Windows Server 2012 R2
There are 62 vulnerabilities that affect Windows Server 2012 R2 as per the latest security bulletin of Microsoft. We look at the 6 CRITICAL vulnerabilities on Windows Server 2012 R2.
Additionally, we also share details of two zero-day threats on the Windows Server 2012 R2.
Zero-day vulnerabilities on Windows Server 2012 R2
The following zero-day threats affect Windows Server 2012 R2:
| CVE | CVSS Score | CVE Title | Impact |
|---|---|---|---|
| CVE-2013-3900 | 7.4 | WinVerifyTrust Signature Validation Vulnerability | Remote Code Execution |
| CVE-2023-28252 | 7.8 | Windows Common Log File System Driver | Elevation of Privilege Vulnerability |
CRITICAL vulnerabilities on Windows Server 2012 R2
Out of the six CRITICAL vulnerabilities, two carry a CVSS score of 9.8. All these vulnerabilities are of the type of ‘Remote Code Execution’ threats.
| Vulnerability | CVE Title | CVSS Score | Vulnerability scope |
|---|---|---|---|
| CVE-2023-21554 | Microsoft Message Queuing | 9.8 | Remote Code Execution |
| CVE-2023-28250 | Windows Pragmatic General Multicast (PGM) | 9.8 | Remote Code Execution |
| CVE-2023-28231 | DHCP Server Service | 8.8 | Remote Code Execution |
| CVE-2023-28219 | Layer 2 Tunneling Protocol | 8.1 | Remote Code Execution |
| CVE-2023-28220 | Layer 2 Tunneling Protocol | 8.1 | Remote Code Execution |
| CVE-2023-28232 | Windows Point-to-Point Tunneling Protocol | 7.5 | Remote Code Execution |
KB5025285 – Changelog
The following changes are included in the KB5025285 monthly rollup update:
- By the March 1, 2023, order of the Arab Republic of Egypt, daylight savings time (DST) will resume on April 28, 2023, and end on October 27, 2023. This update applies to Egypt Standard Time – (UTC+02:00) Cairo.
- Known compatibility issues exist with certain printer models which feature GDI printer drivers that do not completely adhere to GDI specifications.
You may like to read more content about the latest cumulative updates below:
- KB5026370 cumulative update for Windows Server 2022
- KB5026362 cumulative update for Windows Server 2019
- KB5026363 May 2023 cumulative update for Windows Server 2016
- KB5026415 Monthly rollup update for Windows Server 2012 R2
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.