KB5027271 is the monthly rollup update for the month of June 2023 for Windows Server 2012 R2. It was released on 13th June 2023 under the ‘Patch Tuesday’ initiative of Microsoft.
KB5027271 has been superseded by KB5028228. You can read more about the latest cumulative update KB5028228 on this page.
Let us review the main points and download instructions for KB5027271.
Salient points for KB5027271
- KB5027271 is a cumulative update for Windows Server 2012 R2. It supersedes KB5026415.
- KB5026415 was released on 9th May 2023. You can read in detail about KB5026415.
- KB5027271 also contains all changes that are part of the June 2023 month’s security update KB5027282.
- Between KB5027282 and KB5027271 for Windows Server 2012 R2, we strongly advocate using the cumulative update KB5027271. It simplifies a system administrator’s life to a great extent.
- KB5027574 is the Servicing Stack Update for Windows Server 2012 R2. It needs to be deployed prior to installing KB5027271.
- The language pack issue continues to affect Windows Server 2012 R2. If you install a language pack after installing KB5027271, you will need to redeploy the cumulative update.
- 23 security vulnerabilities affect Windows Server 2012 R2. Out of these, 3 are CRITICAL vulnerabilities with CVSS scores of 9.8.
- Two zero-day vulnerabilities affect Windows Server 2012 R2. These are shared in the vulnerability section below.
Download KB5027271
KB5027271 is a cumulative update that can be applied automatically or manually.
For automated installations, you can use any of the following methods:
- Windows Update
- WSUS or Windows Server Update Service
WSUS remains our preferred method for implementing server updates on Windows Servers.
For manual deployments, the process will involve two steps:
- Download and install KB5027574 Servicing Stack Update for Windows Server 2012 R2.
- Download and install KB5027271 monthly rollup update for Windows Server 2012 R2.
KB5027574 is the latest Servicing Stack update for Windows Server 2012 R2. It has been released on 13th June 2023. You will need to install KB5027574 prior to installing KB5027271 on the server.
- Download KB5027574 from the Microsoft Update Catalog page.
- Direct download KB5027574 offline installer file.
The size of the Servicing Stack Update file is 10.7 MB. Upon installation of Servicing Stack Update, the server will not reboot.
Once the SSU has been installed, you can proceed with the installation of the KB5027271 update. The cumulative update is made available as an offline installer in the MSU extension.
The size of the monthly rollup update file is 572 MB.
The cumulative update will cause a server reboot. So, please do plan for a ‘planned change management’ activity for implementing KB5027271.
Vulnerabilities
There are 23 security vulnerabilities that have been shared as part of Microsoft’s security bulleting for June 2023.
We have listed the two zero-day threats and three CRITICAL security threats that affect Windows Server 2012 R2.
| Vulnerability | CVSS Score | Severity | Type | Description |
|---|---|---|---|---|
| CVE-2023-24880 (Zero-day) | 4.4 | Moderate | Security Feature Bypass | An attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging. |
| CVE-2021-34527 (Zero-day) | 8.8 | Critical | Remote Code Execution | A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
| CVE-2023-29363 | 9.8 | Critical | Remote Code Execution | When Windows message queuing service is running in a Windows Pragmatic General Multicast (PGM Server) environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code. |
| CVE-2023-32014 | 9.8 | Critical | Remote Code Execution | When Windows message queuing service is running in a Windows Pragmatic General Multicast (PGM Server) environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code. |
| CVE-2023-32015 | 9.8 | Critical | Remote Code Execution | When Windows message queuing service is running in a Windows Pragmatic General Multicast (PGM Server) environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code. |
About zero-day threats
The Zero-day threats are those security vulnerabilities that are being exploited. Or, these security threats have been publicly disclosed.
Due to the nature of these threats, there is a need for immediate patching of the security updates on the server.
KB5027271 Changelog
No specific changes or improvements have been documented for KB5027271.
The monthly rollup update caters to resolving security threats reported in the monthly security bulletin. These vulnerabilities include the 23 security vulnerabilities reported as part of June month’s security bulletin.
There are no known issues that have arisen after the deployment or patching of KB5027271 on Windows Server 2012 R2.
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.