KB5028233 Security Update for Windows Server 2012

KB5028233 is the security-only update for Windows Server 2012. It was released as part of the July month’s ‘Patch Tuesday’ update cycle on 11 July 2023.

Salient points

  • KB5028233 is a standalone security update for Windows Server 2012. For full security coverage on the server, you will need to ensure that all the previous security updates for Windows Server 2012 are already deployed.
  • KB5028233 succeeds KB5027281 security update released in June 2023.
  • KB5028233 is included in the monthly rollup update KB5028232. We strongly recommend installing monthly rollup update KB5028232 as it is cumulative in nature. There are lesser hassles in installing the cumulative update or monthly rollup updates on Windows Server 2012.
  • Servicing Stack Update KB5027575 needs to be installed before installing the security update KB5028233.
  • Internet Explorer Cumulative Update KB5028167 needs to be installed on Windows Server 2012 as part of the security update process.
  • 71 security vulnerabilities affect Windows Server 2012. Out of these 71 threats, there are 6 CRITICAL threats and 4 zero-day threats. The CRITICAL and zero-day vulnerabilities have been mentioned in the vulnerability section below.

Download KB5028233

KB5028233 is a standalone security update that can be deployed manually. The manual deployment process for KB5028233 is recommended to include the following three steps of update management and deployments:

  1. Download and install Servicing Stack Update KB5027575
  2. Download and install Internet Explorer Cumulative Update KB5028167
  3. Download and install KB5028233 security update

These updates can be downloaded from the Microsoft Update Catalog page. Alternatively, you can use the direct download links shared below to download the patch file.

The patch files are available in MSU file extensions.

It may be worth reiterating the following facts about these updates:

  • KB5027575 is a simple Servicing Stack Update. The update file has a size of 10.1 MB and it does cause the server to reboot.
  • KB5028167 Internet Explorer Cumulative Update file has a size of 46.3 MB. IE Cumulative Updates complete after server reboots.
  • KB5028233 security update has a size of 79.9 MB. It will lead to a server reboot. Therefore, we recommend setting aside a change management schedule to install the security update on Windows Server 2012.
  • If you run into issues with any of these updates, you can easily uninstall the update from the server using the Windows Update program.


As mentioned above, there are 71 security vulnerabilities on Windows Server 2012. We share the 6 CRITICAL and 4 Zero-day threats below.

CRITICAL vulnerabilities on Windows Server 2012

CVE DetailsImpactCVSS ScoreSeverityComments
CVE-2023-35367Remote Code Execution9.8CRITICALWindows Routing and Remote Access Service (RRAS) are affected
CVE-2023-35365Remote Code Execution9.8CRITICALWindows Routing and Remote Access Service (RRAS) are affected
CVE-2023-35366Remote Code Execution9.8CRITICALWindows Routing and Remote Access Service (RRAS) are affected
CVE-2023-32057Remote Code Execution9.8CRITICALMicrosoft Message Queuing is affected
CVE-2023-35352Security Feature Bypass7.5CRITICALWindows Remote Desktop is affected
CVE-2023-35297Remote Code Execution7.5CRITICALWindows Pragmatic General Multicast (PGM) is affected

Zero-day threats on Windows Server 2012

CVE DetailsImpactCVSSSeverityComments
CVE-2023-32046Elevation of Privilege Vulnerability7.8ImportantWindows MSHTML Platform is affected
CVE-2023-36874Service Elevation of Privilege Vulnerability7.8ImportantWindows Error Reporting is affected
CVE-2023-36884Remote Code Execution Vulnerability8.3ImportantOffice and Windows HTML are affected
CVE-2023-24932Secure Boot Security Feature Bypass Vulnerability6.7ImportantAn attacker with physical access or Administrative rights to a target device could install an affected boot policy.

KB5028233 Changelog

KB5028233 brings in a new log entry about the impending end of support status of Windows Server 2012 on 10th October 2023.

  • Starting with this release, we will log event logs beginning July 11, 2023, and ending on October 10, 2023, to notify customers of the end of support (EOS) for Windows Server 2012 on October 10, 2023.

Microsoft July 2023 Security Updates

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.