KB5058385 is the cumulative update for Windows Server 2022 and Windows Server 2022 Server Core installation. It was released on 13 May, 2025 under the ‘Patch Tuesday’ release cycle.
KB5058385 is for Windows Server 2022 21H2 and 22H2 editions. For Windows Server 2022 23H2 edition, the applicable cumulative update is KB5058384.
Salient points
- KB5058385 supersedes April 2025 cumulative update KB5055526.
- KB5058385 corresponds to server build 20348.3692.
- Five Zero-day vulnerabilities affect Windows Server 2022 and Windows Server 2022 Server Core installation. Details are shared in the zero-day vulnerabilities section below.
- 38 security vulnerabilities have been reported in the May security bulletin for Windows Server 2022.
- The Servicing Stack Update corresponding to KB5058385 is KB5058531 with build number corresponding to 20348.3691. Separate installation of the SSU or Servicing Stack is not needed.
Zero-day vulnerability
There are five zero-day vulnerabilities affecting Windows Server 2022. The zero-day vulnerabilities are either publicly disclosed or have proven instances of exploitation.
| CVE | Title | Severity | CVSS | Type |
| CVE-2025-32701 | Windows Common Log File System Driver | Important | 7.8 | EoP |
| CVE-2025-32706 | Windows Common Log File System | Important | 7.8 | EoP |
| CVE-2025-32709 | Windows Ancillary Function Driver for WinSock | Important | 7.8 | EoP |
| CVE-2025-30397 | Scripting Engine | Important | 7.5 | Memory corruption |
| CVE-2025-30400 | Microsoft DWM Core Library | Important | 7.8 | EoP |
Critical vulnerabilities
The May security bulletin for Windows Server 2022 reports 38 security vulnerabilities. The 3 CRITICAL vulnerabilities affecting Windows Server 2022 are shared below. These vulnerabilities could lead to Remote Code Execution on unpatched servers.
| CVE | Title | CVSS | Type |
| CVE-2025-29833 | Microsoft Virtual Machine Bus (VMBus) | 7.1 | RCE |
| CVE-2025-29966 | Remote Desktop Client | 8.8 | RCE |
| CVE-2025-29967 | Remote Desktop Client | 8.8 | RCE |
Download KB5058385
You may download the offline installer file for KB5058385 from the catalog site link shared below:
The cumulative update is available for x64 deployments for Windows Server 2022 versions 21H2 and 22H2.Upon installation of KB5058385, the server would restart.
Changelog – KB5058385
The following changes or improvements are part of KB5058385 for Windows Server 2022 21H2 and 22H2 editions:
- [Desktop Windows Manager (DVM)] Fixed: This update addresses an issue that affects the DWM, where it stops responding due to an access error in dwmredir.dll during remote session while connection or disconnection, resulting in a black or grey screen.
- [Graphics kernel] Fixed: This update addresses an issue that occurs when starting a new console session after closing the previous one, and the new session doesn’t start successfully.
- [Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI)] This update applies improvements to SBAT for the detection of Linux systems
- [Windows Kernel Vulnerable Driver Blocklist file (DriverSiPolicy.p7b)] This update adds to the list of drivers that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.
Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.