KB5037781 for Windows Server 2022 version 23H2

KB5037781 for Windows Server 2022 version 23H2 was released on 14 May 2024. The update was released under the ‘Patch Tuesday’ program.

KB5039236 supersedes KB5037781. KB5039236 was released on 11 June 2024.

  • KB5037781 supersedes KB5036910 released on 9 April 2024.
  • KB5037781 corresponds to Windows Server 2022 23H2 build 25398.887. KB5036910 corresponds to build 25398.830.
  • The Servicing Stack Update 25398.880 corresponds to KB5037781. It is included in the cumulative update and separate installation of the SSU is not needed.
  • KB5037781 is available for x64 system deployments.
  • Windows Server 2022 version 23H2 x64 edition is affected by 40 security vulnerabilities.

You can install KB5037781 automatically using one of the following programs:

  • Windows Update
  • WSUS
  • Windows Update for Business

For manual deployments, you can download the offline installer file for KB5037781 from the Catalog site or the direct download links shared below.

You can download the KB5037781 from the following links:

KB5037781 for Windows Server 23H2 edition is affected by 40 security vulnerabilities. None of these vulnerabilities have ‘CRITICAL’ severity.

The following are the impacts of the KB5037781 security vulnerabilities for Windows Server 23 edition.

  • Remote Code Execution – 21 vulnerabilities
  • Information Disclosure – 4 vulnerabilities
  • Elevation of Privileges – 13 vulnerabilities
  • Security Feature Bypass – 2 vulnerabilities

The following changes are part of the KB5037781 for Windows Server version 23H2:

  • This update addresses an issue that affects IE mode. A webpage stops working as expected when there is an open modal dialog.
  • This update addresses an issue in that affects IE mode. It stops responding. This occurs if you press the left arrow key when an empty text box has focus and caret browsing is on.
  • This update addresses an issue that affects Wi-Fi Protected Access 3 (WPA3) in the Group Policy editor. HTML preview rendering fails.
  • This update addresses an issue that affects Packet Monitor (pktmon). It is less reliable.
  • This update addresses an issue that affects a server after you remove it from a domain. The Get-LocalGroupMember cmdlet returns an exception. This occurs if the local groups contain domain members.
  • This update affects next secure record 3 (NSEC3) validation in a recursive resolver. Its limit is now 1,000 computations. One computation is equal to the validation of one label with one iteration. DNS Server Administrators can change the default number of computations. To do this, use the registry setting below.
    • Name: \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters\MaxComputationForNsec3Validation
    • Type: DWORD
    • Default: 1000
    • Max: 9600
    • Min: 1
  • This update addresses an issue that might affect the cursor when you type in Japanese. The cursor might move to an unexpected place.
  • This update addresses an issue that affects the cursor. Its movement lags in some screen capture scenarios. This is especially true when you are using the remote desktop protocol (RDP).
  • This update includes quarterly changes to the Windows Kernel Vulnerable Driver Blocklist file, DriverSiPolicy.p7b. It adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
  • This update addresses an issue that affects Trusted Platform Modules (TPM). On certain devices, they did not initialize correctly. Because of this, TPM-based scenarios stopped working.
  • This update addresses an issue that affects Active Directory. Bind requests to IPv6 addresses fail. This occurs when the requestor is not joined to a domain.
  • This update addresses an issue that might affect Virtual Secure Mode (VSM) scenarios. They might fail. These scenarios include VPN, Windows Hello, Credential Guard, and Key Guard.
  • This update addresses an issue that might affect domain controllers (DC). NTLM authentication traffic might increase.
  • This update addresses a known issue that might cause your VPN connection to fail. This occurs after you install the update dated April 9, 2024, or later.
Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.