Monthly Rollup Security Update KB5008277 for Windows Server 2012

by

The December month’s monthly rollup security update for Windows Server 2012 has been released by Microsoft on 14th December 2021. The monthly rollup update is in addition to the security only update for the Windows Server 2012. The security only update for Windows Server 2012 was released under the security update KB5008255. You can read more about the security update KB5008255 for Windows Server 2012 on this page. Below, we discuss the monthly rollup update for Windows Server 2012 that is managed as part of the security update KB5008277.

Monthly Rollup vs Security Update for Windows Server 2012

Before moving ahead with the deployment of the monthly rollup update, you need to make sure that you are aware of the difference between a security only update and a monthly rollup update. A security only update will contain only the security updates for Windows Server 2012 for a particular period of time. A monthly rollup update is more comprehensive. It will contain all the Windows Server 2012 security updates as well as non-security updates for the product and quality improvements. So, if you can deploy a monthly rollup update, you should be fine.

  • Security only update for Windows Server 2012 weighs 37.2 MB for 64 bit processors.
  • Monthly rollup update for Windows Server 2012 weighs 395.7 MB for 64 bit processors.

Deploying the monthly security update KB5008277 would automatically take care of the security update KB5008255 for Windows Server 2012.

How can I get the monthly rollup update KB5008277 for Windows Server 2012?

Microsoft offers monthly rollup updates through three different methods. You may prefer any of these alternate approaches to patch KB5008277 on your Windows Server 2012.

  • You can use the Microsoft Update Catalog to download the KB5008277 monthly rollup update for Windows Server 2012. The update weighs 695.7 MB and will bring Windows Server 2012 to the updated state as of December 2021. The catalog link for KB5008277 for Windows Server 2012 is https://www.catalog.update.microsoft.com/Search.aspx?q=KB5008277.
  • You can download the monthly rollup KB5008277 for Windows Server 2012 for 64 bit processors from the page at – https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=ff623b06-5607-4d66-8df5-aec417825298.
  • Monthly rollup update KB5008277 for Windows Server 2012 can also be downloaded automatically through the Windows Update.
  • Windows Server Update Service (WSUS) can be configured to use Windows Server 2012 product to automatically synchronize with the latest monthly rollup update. This will push your Windows 2012 deployment to KB5008277 and bring it to the latest updated status as of December 2021.

I, generally, prefer a manual approach to updating monthly rollup software on Windows Server 2012. It keeps things under check.

Quality improvements and bug fixes in KB5008277 for Windows Server 2012

The quality improvements on the Windows Server 2012 as part of KB5008277 look similar to the quality improvements on the security update KB5008255 for Windows Server 2012. The following quality improvements have been implemented as part of the security update KB5008277 for Windows Server 2012:

  • Update to support the cancellation of daylight savings time (DST) for 2021 for the Republic of Fiji.
  • Addresses a known issue that causes error codes 0x000006e4, 0x0000007c, or 0x00000709 when connecting to a remote printer that is shared on a Windows print server.
  • Addresses a known issue that might prevent apps, such as Kaspersky apps, from opening after you attempt to repair or update the apps using the Microsoft Installer (MSI).

Aside from the quality improvements, the KB5008277 monthly rollup update fixes 21 vulnerabilities. 3 of these are critical vulnerabilities. The remaining 18 vulnerabilities are of important severity for Windows Server 2012. We look at the various vulnerabilities that have been patched in KB5008277 for Windows Server 2012.

Critical vulnerabilities resolved in KB5008277 monthly rollup update for Windows Server 2012

There are 3 critical vulnerabilities that have been resolved as part of the update KB5008277 for Windows Server 2012. All these 3 critical vulnerabilities are of the type of remote code execution. Remote code execution vulnerabilities post a significant risk to the infrastructure. An attacker could deploy and execute malicious code on the target server or computer. The 3 critical vulnerabilities resolved in KB5008277 are mentioned herein:

  • CVE-2021-43215 – this is a remote code execution vulnerability with a CVSS score of 9.8. It requires immediate patching. An attacker could send a specially crafted request to the Internet Storage Name Service (iSNS) server, which could result in remote code execution.
  • CVE-2021-43217 – this is a remote code execution vulnerability with a CVSS score of 8.1. It requires immediate patching. An attacker could cause a buffer overflow write leading to unauthenticated non-sandboxed code execution. This vulnerability affects the Windows Encrypting File System (EFS).
  • CVE-2021-43233 – this is a remote code execution vulnerability that has a CVSS score of 7.5. It affects the Remote Desktop Client software. The vulnerability requires immediate patching.

These vulnerabilities, especially, the CVE-2021-43215 need to be taken care of on an immediate basis. KB5008277 Monthly rollup for Windows Server 2012 needs to be deployed as part of a maintenance window. The server may require a reboot after deploying the KB5008277 monthly rollup update.

Important Remote Code Execution vulnerabilities resolved in KB5008277 for Windows Server 2012

Over and above the 3 critical vulnerabilities that have been resolved as part of the KB508277 update, we have a couple of remote code execution vulnerabilities with CVSS scores of 7.8. Both carry important severity and have a significant impact on the infrastructure. The 2 remote code execution vulnerabilities that are resolved in the KB5008277 monthly rollup update for Windows Server 2012 are:

  • CVE-2021-43232 – carries a CVSS score of 7.8 and affects the Windows Event Tracing Service.
  • CVE-2021-43234 – carries a CVSS score of 7.8 and affects Windows Fax Service.

Elevation of Privileges vulnerability resolved in KB5008277 for Windows Server 2012

There are 12 vulnerabilities that post elevation of privileges risks to the Windows Server 2012 infrastructure. All these 12 vulnerabilities are of the ‘important’ severity and pose significant challenges for the system administrators. Elevation of Privileges could allow an attacker to elevate the login credentials and assume administrative or high-level rights on the Windows Server 2012. With elevated authentication, an attacker could easily deploy malicious code or plan shells on the Windows Server 2012.

The 12 Elevation of Privileges vulnerabilities that have been patched in KB5008277 for Windows Server 2012 are mentioned herein.

  • CVE-2021-43893 – CVSS score of 7.5 and affects Windows Encrypting File System (EFS)
  • CVE-2021-43883 – CVSS score of 7.8 and affects Windows Installer
  • CVE-2021-43248 – CVSS score of 7.8 and affects Windows Digital Media Receiver
  • CVE-2021-43245 – CVSS score of 7.8 and affects Windows Digital TV Tuner.
  • CVE-2021-43238 – CVSS score of 7.8 and affects Windows Remote Access.
  • CVE-2021-43230 – CVSS score of 7.8 and affects Windows NTFS.
  • CVE-2021-43229 – CVSS score of 7.8 and affects Windows NTFS.
  • CVE-2021-43226 – CVSS score of 7.8 and affects Windows Common Log File System Driver.
  • CVE-2021-43223 – CVSS score of 7.8 and affects Windows Remote Access Connection Manager.
  • CVE-2021-41333 – CVSS score of 7.8 and affects Windows Print Spooler.
  • CVE-2021-40441 – CVSS score of 7.8 and affects Windows Media Center.
  • CVE-2021-43207 – CVSS score of 7.8 and affects Windows Common Log File System Driver.

Almost all the EoP or Elevation of Privileges vulnerabilities carry a CVSS score of 7.8 and would require your attention to deploy the patch.

Information Disclosure vulnerabilities patched in KB5008277 for Windows Server 2012

Information disclosure vulnerabilities lead to loss of personal and business data from compromised servers. There are 4 information disclosure vulnerabilities on the Windows Server 2012 that have been patched as part of the monthly rollup update KB5008277. These four vulnerabilities and their CVSS data are given here.

  • CVE-2021-43236 – CVSS score of 7.5 and affects Microsoft Messaging Queue
  • CVE-2021-43224 – CVSS score of 5.5 and affects the Windows Common Log File System Driver.
  • CVE-2021-43222 – CVSS score of 7.5 and affects Microsoft Messaging Queue.
  • CVE-2021-43216 – CVE-2021-43216 – CVSS score of 6.5 and affects Microsoft Local Security Authority Server (lsasrv).

KB5008277 monthly rollup update for Windows Server 2012 is a full update that is designed to patch security and bring in non-security updates on the server. In all 21 security vulnerabilities find a resolution through the KB5008277 monthly rollup update for Windows Server 2012.

You may also like to read the following content related to Windows Updates:

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.