KB5063871 is the cumulative update for Windows Server 2016 and Windows Server 2016 Server Core installation. It was released on 12 August, 2025 under the ‘Patch Tuesday’ release cycle.
Salient points
- KB5063871 supersedes July 2025 cumulative update KB5062560.
- KB5063871 corresponds to build 14393.8330.
- No zero-day vulnerabilities have been reported for Windows Server 2016 in August 2025 security bulletin.
- 51 security vulnerabilities have been reported for Windows Server 2016 in August 2025.
- 4 of these vulnerabilities have CRITICAL severity. The information about CRITICAL vulnerabilities is mentioned in the vulnerabilities section.
- The Servicing Stack Update corresponding to KB5063871 is KB5062799. This SSU was released in July 2025. For automated deployments (Windows Update and Windows Update for Business), the installation is included in the main cumulative update installation process. For manual patching, you will need to download and install the SSU KB5062799 before installing KB5062560.
- Support for cumulative updates for Windows Server 2016 will end on 12 January 2027.
- Secure booth certificates for Windows Server 2016 will expire in June 2026, Both UEFI Secure Boot DB and KEK need to be updated with the corresponding new 2023 certificate versions.
Servicing Stack Update KB5062799
KB5062799 is the Servicing Stack Update (SSU) for Windows Server 2016. For automated deployments of KB5063871, KB5062799 is automatically offered for installation as part of the installation of the main cumulative update.
For manual installations of KB5062560, you would need to download and install KB5062799 before installing KB5062560.
You can download the SSU KB5062799 from the Microsoft Update Catalog page:
Installing the Servicing Stack Update would not cause the server to reboot or restart. So, you could directly proceed with the installation of the main cumulative update for Windows Server 2016.
Download KB5063871
You may download the offline installer file for KB5063871 from the catalog site link shared below:
Upon installation of KB5063871, the server would restart.
Zero-day Vulnerabilities
No security vulnerabilities with zero-day threat levels affect Windows Server 2016 and Windows Server 2016 Server Core installation.
Critical vulnerabilities
There are 51 reported security vulnerabilities in Windows Server 2016 for August 2025. The 4 CRITICAL vulnerabilities affecting Windows Server 2016 are shared below.
| Vulnerability | CVSS | Impact | Description |
|---|---|---|---|
| CVE-2025-53766 | 9.8 | Remote Code Execution | Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. |
| CVE-2025-53778 | 8.8 | Elevation of Privilege | Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network. |
| CVE-2025-50177 | 8.1 | Remote Code Execution | Use after free in Windows Message Queuing allows an unauthorized attacker to execute code over a network. |
| CVE-2025-48807 | 7.5 | Remote Code Execution | Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally. |
Changelog – KB5063871
The following changes or improvements are part of KB5063871 for Windows Server 2016:
- [Input and Composition] Fixed: A known issue with the Microsoft Changjie Input Method. Users were unable to select words after a recent update.
- The update addresses security vulnerabilities in Windows Server 2016.
Simplifying technology, one step at a time.