KB5053598 is the cumulative update for Windows Server 2025 version 24H2. It was released on 11 March 2025 under the ‘Patch Tuesday’ program.
For Windows Server 2025 23H2 edition, the corresponding security update is KB5053599.
Salient points
- KB5053598 supersedes March 2025 cumulative update KB5051987. It also includes all changes that are part of the preview update KB5052093 released on 25 February 2025.
- KB5053598 corresponds to build 26100.3476. You will upgrade from 26100.3194 to 26100.3476.
- Windows Server 2025 is impacted by 5 zero-day vulnerabilities. Information about these 5 vulnerabilities is shared below.
- 35 security vulnerabilities have been reported in March 2025 security bulletin for Windows Server 2025.
- 5 of these 35 vulnerabilities have CRITICAL severity level.
- CVE-2025-26645, CVE-2025-24084, CVE-2025-24064, CVE-2025-24045, and CVE-2025-24035 are the 5 CRITICAL vulnerabilities.. All these affect Window Server 2025 and the Windows Server 2022 Server Core installation.
- Five zero-day vulnerabilities affect Windows Server 2025.
- The Servicing Stack Update corresponding to KB5053598 is KB5052915 (26100.3321). It is in-built in the main cumulative update. Separate installation of the SSU or Servicing Stack is not needed.
Zero-day vulnerabilities
There are 5 zero-day vulnerabilities affecting Windows Server 2025 24H2 edition. These zero-day vulnerabilities are either publicly disclosed or have proven instances of exploitation.
| CVE | Title | Severity | CVSS | Type |
| CVE-2025-26633 | Microsoft Management Console Security Feature Bypass Vulnerability | Important | 7 | SFB |
| CVE-2025-24985 | Windows Fast FAT File System Driver Remote Code Execution Vulnerability | Important | 7.8 | RCE |
| CVE-2025-24984 | Windows NTFS Information Disclosure Vulnerability | Important | 4.6 | Info |
| CVE-2025-24991 | Windows NTFS Information Disclosure Vulnerability | Important | 5.5 | Info |
| CVE-2025-24993 | Windows NTFS Remote Code Execution Vulnerability | Important | 7.8 | RCE |
These vulnerabilities have been fixed in KB5053598.
Download KB5053598
You may download the offline installer file for KB5053598 from the catalog site link shared below:
Upon installation of KB5053598, the server would restart. So, do plan as a structured change.
Changelog – KB5053598
The following changes or improvements are part of KB5053598 for Windows Server 2025:
- This update makes miscellaneous security improvements to internal OS functionality. No additional issues were documented for this release.
- This update addresses security issues for your Windows operating system.
Known issues
The following issues have been confirmed by Microsoft for February 2025 for Windows Server 2025. These issues remain unresolved as of March 2025.
- Devices that have certain Citrix components installed might be unable to complete installation of the February 2025 Windows security update. For workarounds shared by Citrix, see Citrix’s documentation.
- A second known issue affects OpenSSH. Following the installation of the October 2024 security update, some customers report that the OpenSSH (Open Secure Shell) service fails to start, preventing SSH connections. For workaround instructions, please check the documentation or release notes for KB5051987.
- Players on Arm devices are unable to download and play Roblox from the Microsoft Store on Windows. A workaround has been suggested. Players on Arm devices can play Roblox by downloading the title directly from www.Roblox.com.
Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.