About

Microsoft Windows Server 2012 – KB5008255 – Security Update

Microsoft’s monthly security update for the Windows Server 2012 has been released last night. The security update has been allocated the update number KB5008255. We share details about the vulnerabilities, the security patch and other details pertaining to this security update. The update discussed below is a security update only. For a monthly rollup update for the Windows Server 2012, you will need a different patch.

Windows Server 2012 – Security Update December 2021 – KB5008255

The security update for the Windows Server 2012 for December 2021 is tracked under the security article KB5008255. The security update for Windows Server 2012 covers 21 vulnerabilities. 3 of these have a critical impact on your infrastructure. Another 18 have important impact on your infrastructure. Given this background, it makes imperative that the security update is installed on the Windows Server 2012.

3 critical vulnerabilities have been addressed and resolved in the KB5008255 security update for Windows Server 2012. All these critical vulnerabilities can cause remote code execution. The critical vulnerabilities that have been resolved as part of the security updates are mentioned below:

  • CVE-2021-43215 – this is a remote code execution vulnerability with a CVSS score of 9.8. It requires immediate patching. An attacker could send a specially crafted request to the Internet Storage Name Service (iSNS) server, which could result in remote code execution.
  • CVE-2021-43217 – this is a remote code execution vulnerability with a CVSS score of 8.1. It requires immediate patching. An attacker could cause a buffer overflow write leading to unauthenticated non-sandboxed code execution. This vulnerability affects the Windows Encrypting File System (EFS).
  • CVE-2021-43233 – this is a remote code execution vulnerability that has a CVSS score of 7.5. It affects the Remote Desktop Client software. The vulnerability requires immediate patching.

Apart from these critical vulnerabilities, there are 18 additional security vulnerabilities that have been addressed as part of the security update. All these 18 vulnerabilities have ‘important’ severity and are listed below for a ready reference:

Elevation of Privileges vulnerabilities on Windows Server 2012:

The following vulnerabilities with important severity are resolved as part of the KB5008255 security update for the Windows Server 2012:

  • CVE-2021-43893 – CVSS score of 7.5 and affects Windows Encrypting File System (EFS)
  • CVE-2021-43883 – CVSS score of 7.8 and affects Windows Installer
  • CVE-2021-43248 – CVSS score of 7.8 and affects Windows Digital Media Receiver
  • CVE-2021-43245 – CVSS score of 7.8 and affects Windows Digital TV Tuner
  • CVE-2021-43238 – CVSS score of 7.8 and affects Windows Remote Access.
  • CVE-2021-43230 – CVSS score of 7.8 and affects Windows NTFS.
  • CVE-2021-43229 – CVSS score of 7.8 and affects Windows NTFS.
  • CVE-2021-43226 – CVSS score of 7.8 and affects Windows Common Log File System Driver.
  • CVE-2021-43223 – CVSS score of 7.8 and affects Windows Remote Access Connection Manager.
  • CVE-2021-41333 – CVSS score of 7.8 and affects Windows Print Spooler.
  • CVE-2021-40441 – CVSS score of 7.8 and affects Windows Media Center.
  • CVE-2021-43207 – CVSS score of 7.8 and affects Windows Common Log File System Driver.

All these EoP or elevation of privileges vulnerabilities carry high CVSS scores. These ought to be patched to keep the Windows Server 2012 free of data theft issues.

Remote Code Execution vulnerability resolution on KB5008255

The following important severity vulnerabilities for the Windows Server 2012 have been resolved as part of the security update KB5008255 in December 2021. These are in addition to the 3 critical vulnerabilities that have been patched with impacts of remote code execution.

  • CVE-2021-43232 – carries a CVSS score of 7.8 and affects the Windows Event Tracing Service.
  • CVE-2021-43234 – carries a CVSS score of 7.8 and affects Windows Fax Service.

Information Disclosure vulnerabilities resolved under KB5008255

Four security vulnerabilities are resolved under KB5008255 with an information disclosure scope. These are mentioned below for your ready reference:

  • CVE-2021-43236 – CVSS score of 7.5 and affects Microsoft Messaging Queue
  • CVE-2021-43224 – CVSS score of 5.5 and affects the Windows Common Log File System Driver.
  • CVE-2021-43222 – CVSS score of 7.5 and affects Microsoft Messaging Queue.
  • CVE-2021-43216 – CVE-2021-43216 – CVSS score of 6.5 and affects Microsoft Local Security Authority Server (lsasrv).

How can I apply the security update KB5008255 on Windows Server 2012?

The security update for Windows Server 2012 can be applied after you have applied all the preceding security updates for the Windows Server 2012 and the Internet Explorer’s cumulative update KB5006671.

You can download the KB5008255 security update for Windows Server 2012 from the Windows Update catalog on the following URL: https://www.catalog.update.microsoft.com/Search.aspx?q=KB5008255. The update file is less than 50 MB in size. This update will also require you to reboot the server. So, you may have to plan a downtime window or a change ticket to make the update complete successfully.

You can also use the Windows Server Update Service (WSUS) to download the update on the server.

Quality improvements in KB5008255 for Windows Server 2012

The following quality improvements have been stated for the KB5008255 security update for the Windows Server 2012:

  • Update to support the cancellation of daylight savings time (DST) for 2021 for the Republic of Fiji.
  • Addresses a known issue that causes error codes 0x000006e4, 0x0000007c, or 0x00000709 when connecting to a remote printer that is shared on a Windows print server.
  • Addresses a known issue that might prevent apps, such as Kaspersky apps, from opening after you attempt to repair or update the apps using the Microsoft Installer (MSI).

You may also like to read the following content related to Windows Updates: