KB5046697 for Windows Server 2012

KB5046697 is the ESU Monthly Rollup Update for Windows Server 2012. It was released on 12 November 2024 under the ‘Patch Tuesday’ program.

Salient points

  • KB5046697 supersedes KB5044342 released in October 2024.
  • KB5046697 requires a new Servicing Stack Update to be installed prior to installing the main monthly rollup update. KB5044413 is the SSU corresponding to KB5046697.
  • If you install language pack after installing KB5046697, you would need to reinstall the security update. All language pack installations must be completed before installing the monthly rollup update on Windows Server 2012.
  • KB5046697 is an Extended Security Update. A valid subscription key to the ESU program is required before installing the monthly rollup update.
  • Windows Server 2012 is impacted by 21 security vulnerabilities reported in November 2024 security bulletin. One of these vulnerabilities is a CRITICAL Remote Code Execution vulnerability.
  • CVE-2024-43639 is a CVSS 9.8 Remote Code Execution vulnerability. It impacts the Windows Server 2012.
  • Windows Server 2012 is also affected by a zero-day vulnerability under active exploitation.
  • CVE-2024-43451 (CVSS 6.5 out of 10) is a zero-day NTLM Hash Disclosure Spoofing Vulnerability. It’s patched in KB5046697.

Servicing Stack Update KB5044413

The Servicing Stack Update for Windows Server 2012 for November 2024 is KB5044413. It corresponds to KB5046697.

For automated deployments of KB5046697 through the Windows Update program, the Servicing Stack Update KB5044413 is offered for installation as part of the installation process of the monthly rollup update KB5046697. No further action is needed to install KB5044413 for automated installations of KB5046697.

If you choose to deploy KB5046697 manually, you need to download and install KB5044413 on the Windows Server 2012.

The Servicing Stack Update file is a small file of 10 MB. Upon installation, it would not cause server reboot.

Once the SSU is installed, you can proceed with the installation of the main monthly rollup update KB5046697.

Download KB5046697

You can download the monthly rollup update KB5046697 for Windows Server 2012 from the Windows Update Catalog page shared below:

We would reiterate that you need a valid ESU program subscription before you could install the ESU KB5046697 on Windows Server 2012.

KB5046697 – Changelog

Since this is an ESU, the focus remains on securing the Windows Server 2012 deployments. The following changes have been reported for KB5046697:

  • [Virtual Machine] Fixed: A virtual switch might trigger consistent crashes and you receive a stop error on a blue screen. This issue might occur when load balancing and failover (LBFO) teaming with two virtual switches in a virtual machine (VM) are used. In this case, one virtual switch contains a single root I/O virtualization (SR-IOV) interface.
Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.