KB5055523 is the cumulative update for Windows Server 2025 version 24H2. It was released on 8 April 2025 under the ‘Patch Tuesday’ program.
Salient points
- KB5055523 supersedes March 2025 cumulative update KB5053598. It also includes all changes that are part of the preview update KB5053656 released on 27 March 2025.
- KB5055523 corresponds to build 26100.3775. KB5053598 is build 26100.3476.
- 82 security vulnerabilities have been reported in April 2025 security bulletin for Windows Server 2025.
- 6 of these 82 vulnerabilities have CRITICAL severity level. Information about CRITICAL vulnerabilities is in the vulnerabities section below.
- There is a zero-day vulnerability in the Windows Common Log file that affects Windows Server 2025. CVE-2025-29824 is the Windows Common Log File System Driver Elevation of Privilege Vulnerability.
- The Servicing Stack Update corresponding to KB5055523 is KB5058538 (26100.3764). It is in-built in the main cumulative update. Separate installation of the SSU or Servicing Stack is not needed.
Zero-day vulnerability
There is a single zero-day vulnerability affecting Windows Server 2025 24H2 edition. The zero-day vulnerabilities are either publicly disclosed or have proven instances of exploitation.
| CVE | Title | Severity | CVSS | Type |
| CVE-2025-29824 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important | 7.8 | EoP |
The vulnerability has been fixed in KB5055523.
Critical vulnerabilities
The 6 CRITICAL vulnerabilities affecting Windows Server 2025 are shared below. These vulnerabilities could lead to Remote Code Execution on unpatched servers.
| CVE | Title | CVSS | Type |
| CVE-2025-27491 | Windows Hyper-V | 7.1 | RCE |
| CVE-2025-27482 | Windows Remote Desktop Services | 8.1 | RCE |
| CVE-2025-27480 | Windows Remote Desktop Services | 8.1 | RCE |
| CVE-2025-26670 | Lightweight Directory Access Protocol (LDAP) Client | 8.1 | RCE |
| CVE-2025-26686 | Windows TCP/IP | 7.5 | RCE |
| CVE-2025-26663 | Windows Lightweight Directory Access Protocol (LDAP) | 8.1 | RCE |
(RCE is Remote Code Execution)
Download KB5055523
You may download the offline installer file for KB5055523 from the catalog site link shared below:
The update file is available for x64 and ARM64 deployments. Upon installation of KB5055523, the server would restart. So, do plan as a structured change.
Changelog – KB5055523
The following changes or improvements are part of KB5055523 for Windows Server 2025:
- This update makes miscellaneous security improvements to internal OS functionality. No additional issues were documented for this release.
- This update addresses security issues for your Windows operating system.
- [Authentication] This update addresses an issue affecting machine password rotation in the Identity Update Manager certificate/Public Key Cryptography for Initial Authentication (PKNIT) path.
- [Daylight Saving Time (DST)] Update for the Aysen region in Chile to support the government DST change order in 2025. For more info about DST changes, see the Daylight Saving Time & Time Zone Blog.
- [PcaUiArm] This update addresses an issue affecting the PcaUiArmUpdate feature, which results in unexpected behavior in specific scenarios.
Known issues
The following issues have been confirmed by Microsoft for February 2025 for Windows Server 2025. These issues remain unresolved as of April 2025.
- Devices that have certain Citrix components installed might be unable to complete installation of the February 2025 Windows security update. For workarounds shared by Citrix, see Citrix’s documentation.
- Players on Arm devices are unable to download and play Roblox from the Microsoft Store on Windows. A workaround has been suggested. Players on Arm devices can play Roblox by downloading the title directly from www.Roblox.com.
A new issue impacting Windows Hello has been disclosed in April 2025 security update notes for Windows Server 2025 in the KB5055523 document.
- Windows Hello – We’re aware of an edge case of Windows Hello issue affecting devices with specific security features enabled. After installing this update and performing a Push button reset or Reset this PC from Settings > System > Recovery and selecting Keep my Files and Local install. The workaround instructions are on this page.
Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.