KB5073457 is the cumulative update for Windows Server 2022 and Windows Server 2022 Server Core installation. It was released on 13 January 2026 under the ‘Patch Tuesday’ release cycle.
KB5073457 is for Windows Server 2022 21H2 and 22H2 editions. For Windows Server 2022 23H2 edition, the applicable cumulative update is KB5073450.
Salient points
- KB5073457 supersedes December 2025 cumulative update KB5071547.
- KB5073457 corresponds to server build 20348.4648.
- 75 security vulnerabilities have been disclosed by Microsoft in January 2026 for Windows Server 2022.
- Three Zero-day vulnerabilities affect Windows Server 2022 and Windows Server 2022 Server Core installation. Details of the zero-day are shared in the vulnerabilities section.
- One Critical security vulnerability impact Windows Server 2022. Details are shared below.
- The Servicing Stack Update corresponding to KB5073457 is KB5074428 with build number corresponding to 20348.4640. Separate installation of the SSU or Servicing Stack is not needed.
Zero-day vulnerability
Three zero-day vulnerability affect Windows Server 2022. The zero-day vulnerabilities are either publicly disclosed or have proven instances of exploitation.
| CVE Details | CVSS Score | Comments |
|---|---|---|
| CVE-2023-31096 | 7.8 | Elevation of Privilege Vulnerability in Windows Agere Soft Modem Driver |
| CVE-2026-21265 | 6.4 | Secure Boot Certificate Expiration Security Feature Bypass Vulnerability |
| CVE-2026-20805 | 5.5 | Desktop Window Manager Information Disclosure Vulnerability |
Critical vulnerabilities
One CRITICAL vulnerability affects Windows Server 2022.
| CVE Details | CVSS Score | Comments |
|---|---|---|
| CVE-2026-20822 | 7.8 | Windows Graphics Component Elevation of Privilege Vulnerability |
Servicing Stack Update KB5074428
The Serving Stack Update for KB5073457 is KB5074428. The SSU file is included in the main cumulative update. Therefore, separate installation is not needed.
Download KB5073457
You may download the offline installer file for KB5073457 from the catalog site link shared below:
The cumulative update is available for x64 deployments for Windows Server 2022 versions 21H2 and 22H2. Upon installation of KB5073457, the server would restart.
Changelog – KB5073457
The following changes or improvements are part of KB5073457 for Windows Server 2022 21H2 and 22H2 editions:
- This security update addresses security vulnerabilties on Windows Server 2022.
- [Compatibility] This update removes the following modem drivers: agrsm64.sys (x64), agrsm.sys (x86), smserl64.sys (x64) and smserial.sys (x86). Modem hardware dependent on these specific drivers will no longer work in Windows.
- [Remote Desktop] Fixed: This update addresses an issue that causes SearchIndexer (the Windows service that indexes files for search) to stop responding on Citrix hosts, which might prevent users from starting remote sessions.
- [Windows Deployment Services (WDS] This update introduces a change in behavior in which WDS will stop supporting hands-free deployment functionality by default. Detailed guidance for IT administrators is available in Windows Deployment Services (WDS) Hands‑Free Deployment Hardening Guidance.
- [WinSqlite3.dll] Fixed: The Windows core component, WinSqlite3.dll, has been updated. Previously, some security software might have detected this component as vulnerable.
Important Reminder – Secure Boot Services
It is important to note that the Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Secure Boot is a security feature in Unified Extensible Firmware Interface (UEFI) based firmware that helps ensure that only trusted software runs during a device’s boot (start) sequence.
Since Windows introduced Secure Boot support, all Windows-based devices have carried the same set of Microsoft certificates in the KEK and DB. These original certificates are nearing their expiration date, and your device is affected if it has any of the listed certificate versions. To continue running Windows and receiving regular updates for your Secure Boot configuration, you will need to update these certificates.
Simplifying technology, one step at a time.