KB5082127 is the ESU Monthly Rollup Update for Windows Server 2012. It was released on 14 April 2026 under the ‘Patch Tuesday’ program.
Salient points
- KB5082127 supersedes KB5078775 released in March 2026.
- KB5082127 requires the KB5079234 Servicing Stack Update to be installed prior to installing the main monthly rollup update.
- Without the installation of KB5079234, the ESU KB5082127 cannot be installed. For WSUS administrators, KB5079234 needs to be approved before KB5082127 will be fetched and deployed automatically.
- If you install language pack after installing KB5082127, you would need to reinstall the security update. All language pack installations must be completed before installing the monthly rollup update on Windows Server 2012.
- KB5082127 is an Extended Security Update. A valid subscription key to the ESU program is required before installing the monthly rollup update.
- Windows Server 2012 is impacted by 56 security vulnerabilities reported in April 2026 security bulletin.
- No zero-day vulnerabilities have been disclosed for Windows Server 2012 and Windows Server 2012 Server Core installation in April security bulletin.
- Windows Server 2012 is also impacted by two CRITICAL security vulnerabilities.
- The latest cumulative update for Internet Explorer 11 on Windows Server 2012 continues to be KB5066840 released in October 2025. So, new update for Internet Explorer is not needed in April 2026.
Servicing Stack Update KB5079234
The Servicing Stack Update for Windows Server 2012 for April 2026 is KB5079234. It corresponds to KB5078775 ESU and KB5082127.
For automated deployments of KB5082127 through the Windows Update program, the Servicing Stack Update KB5079234 is offered for installation as part of the installation process of the monthly rollup update KB5082127.
If you installed KB5078775 last month, then the SSU would have already been deployed during the installation.
The Servicing Stack Update file is a small file around 10 MB size Upon installation, it would not cause server reboot.
Once the SSU is installed, you can proceed with the installation of the main monthly rollup update KB5082127.
Download KB5082127
You can download the monthly rollup update KB5082127 for Windows Server 2012 from the Windows Update Catalog page shared below:
We would reiterate that you need a valid ESU program subscription before you could install the ESU KB5082127 on Windows Server 2012.
Zero-day Vulnerabilities
No new zero-day security vulnerability has been reported for Windows Server 2012 and Windows Server 2012 Server Core installation in April month’s security bulletin released by Microsoft on 14 April 2026.
Critical Vulnerabilities
Windows Server 2012 is impacted by two CRITICAL security vulnerabilities.
| Vulnerability | CVSS | Impact | Comments |
|---|---|---|---|
| CVE-2026-33827 | 8.1 | Remote Code Execution | Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows TCP/IP allows an unauthorized attacker to execute code over a network. |
| CVE-2026-32157 | 8.8 | Remote Code Execution | Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
Internet Explorer Cumulative Update – KB5066840
To secure the Windows Server 2012, you also need to patch Internet Explorer 11 with the latest cumulative update. KB5066840 is the cumulative update for Internet Explorer released on 14 October 2025. No new security update for Internet Explorer 11 was released in November 2025.
You can download the IE Cumulative Update for Windows Server 2012 from the link shared below:
Download Cumulative Update for Internet Explorer – KB5066840 (54.9 MB)
KB5082127 – Changelog
Since this is an ESU, the focus remains on securing the Windows Server 2012 deployments. The following changes have been reported for KB5082127:
- [Internal Windows OS] Miscellaneous security improvements were made to internal Windows OS functionality.
- [Remote Desktop] Improved: This update improves protection against phishing attacks that use Remote Desktop (.rdp) files. When you open an .rdp file, Remote Desktop shows all requested connection settings before it connects, with each setting turned off by default. A one-time security warning also appears the first time you open an .rdp file on a device. For more information, see Understanding security warnings when opening Remote Desktop (RDP) files.
Simplifying technology, one step at a time.