KB5027283 is the cumulative update for June 2023 for Windows Server 2012. The monthly rollup update was released on 13th June 2023 as part of the ‘Patch Tuesday’ initiative.
KB5027283 has now been superseded by KB5028232 monthly rollup update for July 2023. You can read about KB5028232 on this page.
Let us review KB5027283 in more detail below.
Salient points
- KB5027283 supersedes KB5026419.
- KB5026419 is the monthly rollup update for Windows Server 2012 for the month of May 2023. You can read more about KB5026419.
- KB5027283 also contains all changes that are part of the security-only update KB5027281.
- Between KB5027281 security update and KB5027283 monthly rollup updates for Windows Server 2012, we strongly suggest using the monthly rollup update KB5027283 on Windows Server 2012. This is because KB5027283 is more exhaustive and has lesser hassle for the system administrators on account of the cumulative nature of the update.
- KB5027575 is the latest Servicing Stack Update for Windows Server 2012. It was released on 13th June 2023. Before deploying KB5027283, you will need to install the Servicing Stack Update KB5027575. Details of the SSU are shared in the downloads section below.
- The issue with language packs continues to affect Windows Server 2012. If you install a language pack after installing KB5027283, you will need to re-install the KB5027283 monthly rollup update.
- Windows Server 2012 is affected by 20 security vulnerabilities. 3 of these security vulnerabilities have a ‘CRITICAL’ severity. These CRITICAL vulnerabilities carry a CVSS score of 9.8.
- There are two zero-day threats that affect Windows Server 2012. The details of these zero-day threats are displayed in the vulnerability section.
Download KB5027283
KB5027283 is a monthly update. So, it can be deployed automatically or through a manual application process.
For automated installations, you could use one of the following methods:
- Windows Update
- WSUS or Windows Server Update Service
As part of the automatic update process, the Servicing Stack Update KB5027575 will be automatically offered to you prior to the deployment of KB5027283. The installation of KB5027575 will precede the installation of KB5027283.
WSUS continues to remain the favorite method for installing monthly rollup updates on Windows Server 2012 automatically.
You can also deploy KB5027283 manually. For the manual deployment process, we will follow a two-step process.
- Download and install KB5027575 Servicing Stack Update on Windows Server 2012.
- Download and install KB5027283 Monthly Rollup Update on Windows Server 2012.
You can download the Servicing Stack Update and monthly rollup update from the Microsoft Update Catalog site. We have also published the direct download links for the offline installer files for the SSU and the monthly rollup update.
The offline installer file is in MSU format.
KB5027575 Servicing Stack Update
The size of the offline installer file for the SSU KB5027575 is 10.1 MB. The SSU does not result in a server reboot. Once you have installed the Servicing Stack Update, you can proceed with the installation of the monthly rollup update KB5027283.
KB5027283 Monthly Rollup Update
Similar to the Servicing Stack Update, you can download the monthly rollup update from the Microsoft Update Catalog website. Alternatively, we have published the direct download links for the KB5027283 monthly rollup update below.
The size of the KB5027283 monthly rollup update is 416.3 MB. Upon successful deployment on the server, KB5027283 will result in a server reboot. So, please plan for implementation in a phased manner and under a ‘Change Management schedule’.
Vulnerabilities
In all, 20 security vulnerabilities affect Windows Server 2012. Out of these, we cover the three CRITICAL security vulnerabilities. We also list the two zero-day threats that affect Windows Server 2012 below.
| Vulnerability | CVSS Score | Severity | Type | Description |
|---|---|---|---|---|
| CVE-2023-24880 (Zero-day) | 4.4 | Moderate | Security Feature Bypass | An attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging. |
| CVE-2021-34527 (Zero-day) | 8.8 | Critical | Remote Code Execution | A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
| CVE-2023-29363 | 9.8 | Critical | Remote Code Execution | When Windows message queuing service is running in a Windows Pragmatic General Multicast (PGM Server) environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code. |
| CVE-2023-32014 | 9.8 | Critical | Remote Code Execution | When Windows message queuing service is running in a Windows Pragmatic General Multicast (PGM Server) environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code. |
| CVE-2023-32015 | 9.8 | Critical | Remote Code Execution | When Windows message queuing service is running in a Windows Pragmatic General Multicast (PGM Server) environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code. |
KB5027283 Changelog
There are no changes that have been separately documented by Microsoft for the monthly rollup update KB5027283. The update, therefore, seeks to resolve the security threats that have been disclosed as part of June month’s security bulletin.
About Zero-day threats
Zero-day threats are security vulnerabilities that are publicly disclosed or are being exploited actively. These zero-day threats require immediate patching for resolving the threats.
There have been no new zero-day threats that have been reported in June 2023. However, two old vulnerabilities are being actively exploited. This is the reason that CVE-2021-34527 and CVE-2023-24880 are mentioned in our vulnerability report.
CVE-2021-34527 was first discussed in July 2021. CVE-2023-24880 was first disclosed in March 2023. These security threats assumed a zero-day status in June 2023 on account of public disclosure of active exploitation attempts being made by various threat actors.
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.