KB5048699 for Windows Server 2012 – December 2024

KB5048699 is the ESU Monthly Rollup Update for Windows Server 2012. It was released on 10 December 2024 under the ‘Patch Tuesday’ program.

Salient points

  • KB5048699 supersedes KB5046697 released in November 2024.
  • KB5048699 requires a new Servicing Stack Update to be installed prior to installing the main monthly rollup update. KB5044413 is the SSU corresponding to KB5048699.
  • If you install language pack after installing KB5048699, you would need to reinstall the security update. All language pack installations must be completed before installing the monthly rollup update on Windows Server 2012.
  • KB5048699 is an Extended Security Update. A valid subscription key to the ESU program is required before installing the monthly rollup update.
  • Windows Server 2012 is impacted by 27 security vulnerabilities reported in December 2024 security bulletin.
  • Nine of these vulnerabilities have CRITICAL severity
  • There is a CRITICAL vulnerability with CVSS score of 9.8. CVE-2024-49112 impacts Windows Lightweight Directory Access Protocol (LDAP) and could lead to Remote Code Execution attacks.
  • Windows Server 2025 is impacted by a zero-day vulnerability CVE-2024-49132. This is a ‘Remote Code Execution’ vulnerability impacting the Remote Desktop Services..

Servicing Stack Update KB5044413

The Servicing Stack Update for Windows Server 2012 for December 2024 is KB5044413. It corresponds to KB5046697 and KB5048699. There is no new releases of the SSU for Windows Server 2012 in December 2024.

For automated deployments of KB5048699 through the Windows Update program, the Servicing Stack Update KB5044413 is offered for installation as part of the installation process of the monthly rollup update KB5048699. No further action is needed to install KB5044413 for automated installations of KB5048699.

If you installed KB5046697 last month, you need not install the SSU KB5044413 again. If you choose to deploy KB5048699 manually, you need to download and install KB5044413 on the Windows Server 2012 (if you did not install KB5046697).

The Servicing Stack Update file is a small file of 10 MB. Upon installation, it would not cause server reboot.

Once the SSU is installed, you can proceed with the installation of the main monthly rollup update KB5048699.

Download KB5048699

You can download the monthly rollup update KB5048699 for Windows Server 2012 from the Windows Update Catalog page shared below:

We would reiterate that you need a valid ESU program subscription before you could install the ESU KB5048699 on Windows Server 2012.

KB5048699 – Changelog

Since this is an ESU, the focus remains on securing the Windows Server 2012 deployments. The following changes have been reported for KB5048699:

  • [Internal Windows OS] Miscellaneous security improvements were made to internal Windows OS functionality. No additional issues are documented for this release.
Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.