KB5028223 Security Update for Windows Server 2012 R2

This content has been archived. But, the content is true and relevant to the underlying technology products or infrastructure services.

KB5028223 is the security-only update for Windows Server 2012 R2. It was released as part of the ‘Patch Tuesday’ initiative on 11th July 2023.

Salient points

  • KB5028223 is a standalone security update. For full security coverage on Windows Server 2012 R2, you will need to deploy all the previous standalone security updates.
  • The previous security-only update KB5027282 for Windows Server 2012 R2 was released in June 2023.
  • To patch Windows Server 2012 R2 as part of the July update cycle, you have two options. Either you can install the monthly rollup update KB5028232 or you could deploy the security-only update KB5028223. Since the monthly rollup update is cumulative in nature, we strongly recommend preferring the monthly rollup update over the security-only update.
  • Servicing Stack Update KB5027574 needs to be deployed prior to installing the security-only update KB5028223 for Windows Server 2012 R2
  • Internet Explorer Cumulative Update KB5028167 also needs to be deployed on Windows Server 2012 R2 as part of the security patch update.
  • There are 71 security vulnerabilities that have been disclosed for Windows Server 2012 R2 as part of the July month’s security bulletin. Out of these, there are 6 CRITICAL and 4 zero-day threats. The CRITICAL and Zero-day threats have been shared in the vulnerability section below.

Download KB5028223

You can deploy KB5028223 manually. You can use an offline installer file to install KB5028223.

The security update process for Windows Server 2012 R2 is essentially a three-step process.

  1. Download and install Servicing Stack Update KB5027574
  2. Download and install Internet Explorer Cumulative Update KB5028167
  3. Download and install KB5028223 security-only update

The offline installer files for each of these updates may be downloaded from the Microsoft Update Catalog pages. Or, you can use the direct download links for the patches shared below.

It may be pertinent to mention a few important points about the SSU, IE Cumulative Update, and Security-only update below:

  • KB5027574 Servicing Stack Update has a size of 10.7 MB only. Post-deployment of the SSU, the server will not reboot.
  • KB5028167 IE cumulative update has a size of 54.9 MB only. IE cumulative updates get applied fully after a server reboot.
  • KB5028223 update has a size of 77.1 MB. You can expect the server to reboot after installing the security update.

Vulnerabilities

Out of the 71 security vulnerabilities on Windows Server 2012 R2, we share the 6 CRITICAL and 4 zero-day threats below.

CRITICAL vulnerabilities on Windows Server 2012 R2

CVE DetailsImpactCVSS ScoreSeverityComments
CVE-2023-35367Remote Code Execution9.8CRITICALWindows Routing and Remote Access Service (RRAS) are affected
CVE-2023-35365Remote Code Execution9.8CRITICALWindows Routing and Remote Access Service (RRAS) are affected
CVE-2023-35366Remote Code Execution9.8CRITICALWindows Routing and Remote Access Service (RRAS) are affected
CVE-2023-32057Remote Code Execution9.8CRITICALMicrosoft Message Queuing is affected
CVE-2023-35352Security Feature Bypass7.5CRITICALWindows Remote Desktop is affected
CVE-2023-35297Remote Code Execution7.5CRITICALWindows Pragmatic General Multicast (PGM) is affected

Zero-day vulnerabilities on Windows Server 2012 R2

CVE DetailsImpactCVSSSeverityComments
CVE-2023-32046Elevation of Privilege Vulnerability7.8ImportantWindows MSHTML Platform is affected
CVE-2023-36874Service Elevation of Privilege Vulnerability7.8ImportantWindows Error Reporting is affected
CVE-2023-36884Remote Code Execution Vulnerability8.3ImportantOffice and Windows HTML are affected
CVE-2023-24932Secure Boot Security Feature Bypass Vulnerability6.7ImportantAn attacker with physical access or Administrative rights to a target device could install an affected boot policy.

KB5028223 Changelog

Besides security updates for the various risks and vulnerabilities, KB5028223 has added new event logs about the impending end of support for Windows Server 2012 R2 on 10th October 2023.

  • Starting with this release, we will log event logs beginning July 11, 2023, and ending on October 10, 2023, to notify customers of the end of support (EOS) for Windows Server 2012 R2 on October 10, 2023.

Microsoft July 2023 Security Updates

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.