KB5058383 is the cumulative update for Windows Server 2016 and Windows Server 2016 Server Core installation. It was released on 13 May, 2025 under the ‘Patch Tuesday’ release cycle.
Salient points
- KB5058383 supersedes April 2025 cumulative update KB5055521.
- KB5058383 corresponds to build 14393.8066.
- Windows Server 2016 is impacted by a four zero-day vulnerabilities.
- 35 security vulnerabilities have been reported for Windows Server 2016 in May 2025.
- 3 of these vulnerabilities have CRITICAL severity. The information about CRITICAL vulnerabilities is mentioned in the vulnerabilities section.
- The Servicing Stack Update corresponding to KB5058383 is KB5058524. This SSU was released in May 2025. For automated deployments (Windows Update and Windows Update for Business), the installation is included in the main cumulative update installation process. For manual patching, you will need to download and install the SSU KB5058524 before installing KB5058383.
Servicing Stack Update KB5058524
KB5058524 is the Servicing Stack Update (SSU) for Windows Server 2016. For automated deployments of KB5058383, KB5058524 is automatically offered for installation as part of the installation of the main cumulative update.
For manual installations of KB5058383, you would need to download and install KB5058524 before installing KB5058383.
You can download the SSU KB5058524 from the Microsoft Update Catalog page:
Installing the Servicing Stack Update would not cause the server to reboot or restart. So, you could directly proceed with the installation of the main cumulative update for Windows Server 2016.
Download KB5058383
You may download the offline installer file for KB5058383 from the catalog site link shared below:
Upon installation of KB5058383, the server would restart.
Zero-day Vulnerabilities
Four security vulnerabilities with zero-day threat levels affect Windows Server 2016 and Windows Server 2016 Server Core installation.
| CVE | Title | Severity | CVSS | Type |
| CVE-2025-32701 | Windows Common Log File System Driver | Important | 7.8 | EoP |
| CVE-2025-32706 | Windows Common Log File System | Important | 7.8 | EoP |
| CVE-2025-32709 | Windows Ancillary Function Driver for WinSock | Important | 7.8 | EoP |
| CVE-2025-30397 | Scripting Engine | Important | 7.5 | Memory corruption |
Critical vulnerabilities
There are 35 reported security vulnerabilities in Windows Server 2016 for May 2025. The 3 CRITICAL vulnerabilities affecting Windows Server 2016 are shared below. These vulnerabilities could lead to Remote Code Execution on unpatched servers.
| CVE | Title | CVSS | Type |
| CVE-2025-29833 | Microsoft Virtual Machine Bus (VMBus) | 7.1 | RCE |
| CVE-2025-29966 | Remote Desktop Client | 8.8 | RCE |
| CVE-2025-29967 | Remote Desktop Client | 8.8 | RCE |
Changelog – KB5058383
The following changes or improvements are part of KB5058383 for Windows Server 2016:
- [Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI)] This update applies improvements to SBAT for the detection of Linux systems.
- The security update addresses security improvements in Windows Server 2016.
Simplifying technology, one step at a time.