KB5037781 for Windows Server 2022 23H2 – May 2024

KB5037781 is the latest cumulative update for Windows Server 2022 23H2 edition. It was released on May 14 2024. It was released under the ‘Patch Tuesday’ project of Microsoft.

  • KB5037781 is a cumulative update that supersedes the KB5036910 update.
  • KB5036910 corresponds to the server build 25398.830. KB5037781 corresponds to the server build 25398.887.
  • Upgrading from KB5036910 to KB5037781 implies you are upgrading from build 830 to build 887.
  • Servicing Stack Update 25398.880 corresponds to KB5037781. This Servicing Stack Update was released in May 2024.
  • The Servicing Stack Update for Windows Server 2022 23H2 edition is part of the cumulative update. Separate installation of the SSU is not needed on Windows Server 2022 23H2 edition.
  • Windows Server 2022 23H2 edition is affected by 37 security vulnerabilities.
  • No CRITICAL security vulnerabilities impact Windows Server 2022 23H2 edition under the May 2024 security bulletin.
  • There are 43 security threats reported for Windows Server 2022 23H2 edition. 22 of these threats could cause ‘Remote Code Execution’ attacks.

KB5037781 can be applied automatically using one of the following methods:

  • Windows Update
  • Windows Update for Business
  • WSUS or Windows Server Update Services

WSUS remains the most preferred method to automatically deploy security and cumulative updates.

For automated deployments, the Servicing Stack Update 25398.760 will be automatically installed as part of the installation of the KB5037781 cumulative update on Windows Server 2022 23H2 edition.

For manual deployment of KB5037781, you will need to follow a 1-step process.

  • Download and install KB5037781 cumulative update.

The download of the cumulative update can be completed from the Microsoft Update Catalog site. The installer is available as an offline installer file in the .MSU format for Windows Server 2022 version 23H2.

KB5037781 for Windows Server 2022 version 23H2 can be downloaded from the Microsoft Update Catalog site. Or, you could use the direct download link below.

The size of the cumulative update KB5037781 file for the 23H2 version of Windows Server 2022 is 155.9 MB. KB5037781 will cause a server reboot. Please plan for implementation as part of an organized change management process.

If you have already deployed KB5036910 on the Windows Server 2022 23H2 edition, only the incremental changes of KB5037781 will be downloaded and installed as part of the update process. This process will be swift and short.

43 security vulnerabilities affect the Windows Server 2022 23H2 edition. None of these vulnerabilities are CRITICAL severity vulnerabilities. The different types of vulnerabilities affecting Windows Server 2022 23H2 edition are:

  • Remote Code Execution – 22 vulnerabilities
  • Denial of Service – 2 vulnerabilities
  • Elevation of Privileges – 13 vulnerabilities
  • Information disclosure – 4 vulnerabilities
  • Security Feature Bypass – 2 vulnerabilities

The following changes or improvements are part of the KB5037781 cumulative update for Windows Server 2022 23H2 edition:

  • This update addresses an issue that affects IE mode. A webpage stops working as expected when there is an open modal dialog.
  • This update addresses an issue in that affects IE mode. It stops responding. This occurs if you press the left arrow key when an empty text box has focus and caret browsing is on.
  • This update addresses an issue that affects Wi-Fi Protected Access 3 (WPA3) in the Group Policy editor. HTML preview rendering fails.
  • This update addresses an issue that affects Packet Monitor (pktmon). It is less reliable.
  • This update addresses an issue that affects a server after you remove it from a domain. The Get-LocalGroupMember cmdlet returns an exception. This occurs if the local groups contain domain members.
  • This update affects next secure record 3 (NSEC3) validation in a recursive resolver. Its limit is now 1,000 computations. One computation is equal to the validation of one label with one iteration. DNS Server Administrators can change the default number of computations. To do this, use the registry setting below.
    • Name: \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters\MaxComputationForNsec3Validation
    • Type: DWORD
    • Default: 1000
    • Max: 9600
    • Min: 1
  • This update addresses an issue that might affect the cursor when you type in Japanese. The cursor might move to an unexpected place.
  • This update addresses an issue that affects the cursor. Its movement lags in some screen capture scenarios. This is especially true when you are using the remote desktop protocol (RDP).
  • This update includes quarterly changes to the Windows Kernel Vulnerable Driver Blocklist file, DriverSiPolicy.p7b. It adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
  • This update addresses an issue that affects Trusted Platform Modules (TPM). On certain devices, they did not initialize correctly. Because of this, TPM-based scenarios stopped working.
  • This update addresses an issue that affects Active Directory. Bind requests to IPv6 addresses fail. This occurs when the requestor is not joined to a domain.
  • This update addresses an issue that might affect Virtual Secure Mode (VSM) scenarios. They might fail. These scenarios include VPN, Windows Hello, Credential Guard, and Key Guard.
  • This update addresses an issue that might affect domain controllers (DC). NTLM authentication traffic might increase.
  • This update addresses a known issue that might cause your VPN connection to fail. This occurs after you install the update dated April 9, 2024, or later.
Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.