KB5050048 is the ESU Monthly Rollup Update for Windows Server 2012 R2. It was released on 14 January 2025 under the ‘Patch Tuesday’ program.
Salient points
- KB5050048 supersedes KB5048735 released in December 2024.
- KB5050048 requires a Servicing Stack Update to be installed prior to installing the main monthly rollup update. KB5050115 is the SSU corresponding to KB5050048.
- If you install language pack after installing KB5050048, you would need to reinstall the security update once again. All language pack installations must be completed before installing the monthly rollup update on Windows Server 2012 R2.
- KB5050048 is an Extended Security Update. A valid subscription key to the ESU program is required before installing the monthly rollup update.
- Windows Server 2012 R2 is impacted by 95 security vulnerabilities reported in January 2025 security bulletin. Seven of these vulnerabilities have a CRITICAL severity.
Servicing Stack Update KB5050115
The Servicing Stack Update for Windows Server 2012 R2 for January 2025 is KB5050115. It corresponds to KB5050048.
For automated deployments of KB5050048 through the Windows Update program, the Servicing Stack Update KB5050115 is offered for installation as part of the installation process of the monthly rollup update KB5050048. No further action is needed to install KB5050115 for automated installations of KB5050048.
If you choose to deploy KB5050048 manually, you need to download and install KB5050115 on the Windows Server 2012 R2.
The Servicing Stack Update file is a small file of 10.6 MB. Upon installation, it would not cause server reboot. Once the SSU is installed, you can proceed with the installation of the main monthly rollup update KB5050048.
Download KB5050048
You can download the monthly rollup update KB5050048 for Windows Server 2012 R2 from the Windows Update Catalog page shared below:
We would reiterate that you need a valid ESU program subscription before you could install the ESU KB5050048 on Windows Server 2012 R2.
KB5050048 – Changelog
Since this is an ESU, the focus remains on securing the Windows Server 2012 R2 deployments. The following changes have been reported for KB5050048:
- [Windows Kernel Vulnerable Driver Blocklist file (DriverSiPolicy.p7b)] Fixed: This update adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks
ESU for Internet Explorer – KB5049994
In addition to the KB5050048 monthly rollup ESU, you need to install the ESU for Internet Explorer KB5049994.
KB5049994 is a January 2025 cumulative ESU for IE. You need valid ESU subscription key to download or install the ESU on Windows Server 2012 for Internet Explorer.
KB5049994 addresses 7 security vulnerabilities in Internet Explorer.
You can download the KB5049994 for Internet Explorer from the Microsoft Catalog site.
Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.