KB5033383 Cumulative Update for Windows Server 2022

KB5033383 is the latest cumulative update for Windows Server 2022 23H2 edition was released on December 12, 2023. It was released under the ‘Patch Tuesday’ project of Microsoft.

  • KB5033383 is a cumulative update that supersedes the KB5032202 update.
  • KB5032202 is the first cumulative update for Windows Server 2022 23H2 edition. You can read details of the KB5032202 cumulative update on the KB5032202 page.
  • KB5033383 corresponds to the server build 25398.584.
  • KB5032202 corresponds to the server build 25398.531.
  • Upgrading from KB5032202 to KB5033383 implies you are upgrading from build 531 to 584.
  • Servicing Stack Update 25398.521 corresponds to KB5032202 and KB5033383. This Servicing Stack Update was released in November 2023. So, if you have already installed KB5032202 then the SSU is already installed on the server.
  • The Servicing Stack Update for Windows Server 2022 23H2 edition is part of the cumulative update. Separate installation of the SSU is not needed on Windows Server 2022 23H2 edition.
  • Windows Server 2022 23H2 edition is affected by 19 security vulnerabilities.
  • Three CRITICAL security vulnerabilities impact Windows Server 2022 23H2 edition. All these are ‘Remote Code Execution’ threats.
  • The CVE-2023-20588 zero-day threat affects Windows Server 2022 23H2 edition. The same has been discussed below in the vulnerability section.

KB5033383 can be applied automatically using one of the following methods:

  • Windows Update
  • Windows Update for Business
  • WSUS or Windows Server Update Services

WSUS remains the most preferred method to automatically deploy security and cumulative updates.

For automated deployments, the Servicing Stack Update 25398.521 will be automatically installed as part of the installation of the KB5032202 or KB5033383 cumulative update on Windows Server 2022 23H2 edition.

For manual deployment of KB5033383, you will need to follow a 1-step process.

  • Download and install KB5033383 cumulative update.

The download of the cumulative update can be completed from the Microsoft Update Catalog site. The installer is available as an offline installer file in the .MSU format for Windows Server 2022 version 23H2.

KB5033383 for Windows Server 2022 version 23H2 can be downloaded from the Microsoft Update Catalog site. Or, you could use the direct download link below.

The size of the cumulative update KB5033383 file for the 23H2 version of Windows Server 2022 is 88.7 MB. KB5033383 will cause a server reboot. Please plan for implementation as part of an organized change management process.

If you have already deployed KB5032202 on the Windows Server 2022 23H2 edition, only the incremental changes of KB5033383 will be downloaded and installed as part of the update process. This process will be swift and short.

19 security vulnerabilities affect the Windows Server 2022 23H2 edition. This is based on the December 2023 security reports. 3 of these vulnerabilities are CRITICAL severity vulnerabilities. There is a single zero-day threat that affects Windows Server 2022 version 23H2.

The remaining 16 security vulnerabilities have IMPORTANT severity levels.

We have listed the CRITICAL vulnerabilities and the zero-day threat for Windows Server 2022 23H2 edition below.

The zero-day vulnerabilities are publicly known and exploited vulnerabilities. Therefore, immediate patching needs to be carried out to mitigate the risk arising out of zero-day vulnerabilities within the IT infrastructure.

The following zero-day threat was first reported in August 2023. It has been mitigated in the current Windows Update cycle. Therefore, we suggest immediate deployment of the cumulative update KB5033383.

CVE detailsCVSSSeverityImpact Description
CVE-2023-205885.5IMPORTANTInformation DisclosureA division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.

The three CRITICAL security vulnerabilities on Windows Server 2022 23H2 edition are listed below. All these vulnerabilities could result in ‘Remote Code Execution’ attacks.

CVE detailsCVSSSeverityImpact Description
CVE-2023-356308.8CRITICALRemote Code ExecutionThis threat impacts the Internet Connection Sharing (ICS).

Successful exploitation of this vulnerability requires the attacker to modify an option->length field in a DHCPv6 DHCPV6_MESSAGE_INFORMATION_REQUEST input message.
This attack is limited to systems connected to the same network segment as the attacker. 
CVE-2023-356288.1CRITICALRemote Code ExecutionThis vulnerability arises on account of Windows MSHTML Platform.

The attacker could exploit this vulnerability by sending a specially crafted email which triggers automatically when it is retrieved and processed by the Outlook client. This could lead to exploitation BEFORE the email is viewed in the Preview Pane.

This could result in the attacker executing remote code on the victim’s machine.
CVE-2023-356418.8CRITICALRemote Code ExecutionThis threat affects the Internet Connection Sharing (ICS).

To exploit this vulnerability, an attacker would need to send a maliciously crafted DHCP message to a server that runs the Internet Connection Sharing service.

This attack is limited to systems connected to the same network segment as the attacker

The following changes or improvements are part of the KB5033383 cumulative update for Windows Server 2022 23H2 edition

  • This update changes the English name of the former Republic of Turkey. The new, official name is the Republic of Türkiye.
  • This update supports the currency change in Croatia from the Kuna to the Euro.
  • This update affects the Netherlands time zone. It adds the recent man-made landmass outside of Rotterdam to the shape files.

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.