KB5051987 for Windows Server 2025 – Feb 2025

KB5051987 is the cumulative update for Windows Server 2025 version 24H2. It was released on 11 February 2025 under the ‘Patch Tuesday’ program.

Salient points

• KB5051987 supersedes January 2025 cumulative update KB5050009. It also includes all changes that are part of the preview update KB5050094 released on 28 January 2025.
• KB5051987 corresponds to build 26100.3194. KB5050009 corresponds to server build 26100.2894. You will upgrade from 26100.2894 to 26100.3194.
• Windows Server 2025 is impacted by a zero-day vulnerability CVE-2024-49132.
• 37 security vulnerabilities have been reported in February 2025 security bulletin for Windows Server 2025.
• 2 of these 37 vulnerabilities have CRITICAL severity level. CVE-2025-21376 (CVSS 8.1) and CVE-2025-21379 (CVSS 7.1) are the two Remote Code Execution vulnerabilities with CRITICAL severity.
• Three zero-day vulnerabilities affect Windows Server 2025.
• CVE-2025-21391 (zero-day) is an Elevation of Privilege Vulnerability affecting Windows Storage. It has a CVSS score of 7.1.
• CVE-2025-21377 (zero-day) is an NTLM Hash Disclosure Spoofing with CVSS score of 6.5.
• CVE-2025-21418 (zero-day) is an Elevation of Privilege Vulnerability affecting Windows Ancillary Function Driver for WinSock. It has a CVSS score of 7.8.
• The Servicing Stack Update corresponding to KB5051987 is KB5052085 (26100.3189). It is in-built in the main cumulative update. Separate installation of the SSU or Servicing Stack is not needed.

Download KB5051987

You may download the offline installer file for KB5051987 from the catalog site link shared below:

• Download KB5051987 from the Microsoft Update Catalog (1128.6 MB)

Upon installation of KB5051987, the server would restart. So, do plan as a structured change.

Changelog – KB5051987

The following changes or improvements are part of KB5051987 for Windows Server 2025:

• This update makes miscellaneous security improvements to internal OS functionality. No additional issues were documented for this release.
• This update addresses security issues for your Windows operating system. 

Known issues

The following issues have been confirmed by Microsoft for February 2025 for Windows Server 2025:

• Devices that have certain Citrix components installed might be unable to complete installation of the February 2025 Windows security update. For workarounds shared by Citrix, see Citrix’s documentation.

• A second known issue affects OpenSSH. Following the installation of the October 2024 security update, some customers report that the OpenSSH (Open Secure Shell) service fails to start, preventing SSH connections. For workaround instructions, please check the documentation or release notes for KB5051987.

• Players on Arm devices are unable to download and play Roblox from the Microsoft Store on Windows. A workaround has been suggested. Players on Arm devices can play Roblox by downloading the title directly from www.Roblox.com.