Security Update KB5008212 for Windows Server 2004 Version

The December security update for the Windows Server 2004 version (Server Core installation) has been released by Microsoft. It resolves 30 vulnerabilities with a significant impact on your infrastructure comprising of Windows Server version 2004. This security update covers 3 critical vulnerabilities and 27 important severity vulnerabilities. The nature and severity of these vulnerabilities imply that system administrators should look into deploying the cumulative update KB5008212 on a priority basis. This security update follows the last security update KB5006670 for Windows Server version 2004. Post updating the server with KB5008212, the Windows Server 2004 version should run the stable build 10.0.19041.1415.

KB5008212 security update resolves 30 vulnerabilities on the Windows Server 2004 version, with 3 of these being critical vulnerabilities. The remaining 27 vulnerabilities are of important severity levels.

How can I get the security update KB5008212 for Windows Server 2004 version?

The Windows Server 2004 security update for December can be available through one of the following alternate methods:

a) You can download the KB5008212 security update manually from the Microsoft update catalog. The KB5008212 update is available through the following URL: https://www.catalog.update.microsoft.com/Search.aspx?q=KB5008212.

The KB5008212 update is applicable to a lot of operating systems including the Windows 10 version 2004. Please do make sure that you are downloading the correct security update for the Windows Server version 2004. The Windows Server 2004 version update weighs 678.9 MB.

b) KB5008212 update is also made available through the Windows Update program. This is especially true for Windows 10 installations of version 2004.

c) KB5008212 can be automatically downloaded using the Windows Update for Business. Windows Update for Business is available on the Pro editions of Windows.

d) You can use the Windows Server Update Service or WSUS to sync with the corresponding KB5008212 security update for your operating system. It could be Windows 10 or Windows Server version 2004.

Installing the KB5008212 patch will need a server reboot. You will need to plan for a maintenance window to patch the Windows Server version 2004 in your infrastructure.

Critical vulnerabilities resolved on KB5008212 for Windows Server 2004 version

There are 3 critical vulnerabilities that are resolved on the Windows Server version 2004. All these vulnerabilities are of the nature of remote code execution. A remote attacker could deploy and execute malicious code on the vulnerable servers. The details of these critical vulnerabilities that affect the Windows Server 2004 version are:

  • CVE-2021-43215 – this is a remote code execution vulnerability with a CVSS score of 9.8. It requires immediate patching. An attacker could send a specially crafted request to the Internet Storage Name Service (iSNS) server, which could result in remote code execution.
  • CVE-2021-43217 – this is a remote code execution vulnerability with a CVSS score of 8.1. It requires immediate patching. An attacker could cause a buffer overflow write leading to unauthenticated non-sandboxed code execution. This vulnerability affects the Windows Encrypting File System (EFS).
  • CVE-2021-43233 – this is a remote code execution vulnerability that has a CVSS score of 7.5. It affects the Remote Desktop Client software. The vulnerability requires immediate patching.

The affected services or components on the Windows Server version 2004 are the iSNS server, Windows Encrypting File System, and the Remote Desktop Client software. The CVSS 9.8 vulnerability on the iSNS servers is a serious impact for the server. Otherwise, all these vulnerabilities carry a significant challenge for the infrastructure comprising of Windows Server 2004 version. Patching with the KB5008212 should take care of these vulnerabilities at the earliest.

Remote Code execution resolved under KB5008212 for Windows Server version 2004.

There are a couple of remote code execution vulnerabilities with important severity for the Windows Server version 2004. Both vulnerabilities are mentioned below for ready reference:

  • CVE-2021-43232 – carries a CVSS score of 7.8 and affects the Windows Event Tracing Service.
  • CVE-2021-43234 – carries a CVSS score of 7.8 and affects Windows Fax Service.

Since both vulnearbilities carry a CVSS of 7.8, patching with KB5008212 is important on the Windows Server version 2004.

Elevation of Privileges vulnerability resolved in KB5008212 for Windows server version 2004

There are 15 vulnerabilities that could lead to elevation of privileges on the Windows Server version 2004. An elevation of privilege could allow an attacker to elevate credentials to administrative privileges.

  • CVE-2021-43893 – CVSS score of 7.5 and affects the Windows Encrypting File System (EFS) .
  • CVE-2021-43883 – CVSS score of 7.8 and affects Windows Installer.
  • CVE-2021-43248 – CVSS score of 7.8 and affects Windows Digital Media Receiver.
  • CVE-2021-43247 – CVSS score of 7.8 and affects Windows TCP/IP Driver.
  • CVE-2021-43240 – CVSS score of 7.8 and affects NTFS Set Short Name.
  • CVE-2021-43239 – CVSS score of 7.1 and affects Windows Recovery Environment Agent.
  • CVE-2021-43238 – CVSS score of 7.8 and affects Windows Remote Access.
  • CVE-2021-43237 – CVSS score of 7.8 and affects Windows Setup.
  • CVE-2021-43231 – CVSS score of 7.8 and affects Windows NTFS.
  • CVE-2021-43230 – CVSS score of 7.8 and affects Windows NTFS.
  • CVE-2021-43229 – CVSS score of 7.8 and affects Windows NTFS.
  • CVE-2021-43226 – CVSS score of 7.8 and affects Windows Common Log File System Driver.
  • CVE-2021-43223 – CVSS score of 7.8 and affects Windows Remote Access Connection Manager.
  • CVE-2021-41333 – CVSS score of 7.8 and affects Windows Print Spooler.
  • CVE-2021-43207 – CVSS score of 7.8 and affects Windows Common Log File System Driver.

Most elevation of privilege vulnerabilities on the Windows Server version 2004 have a high CVSS number. KB5008212 will fix all these vulnerabilities on the Windows Server version 2004.

Denial of Service vulnerabilities resolved in KB5008212 for Windows Server version 2004

There are 3 denial of service vulnerabilities on the Windows Server verions 2004. These get resolved as part of the KB5008212 security update. The 3 denial of service vulnerabilities are mentioned below:

  • CVE-2021-43246 – carries a CVSS score of 5.6 and affects Windows Hyper V service.
  • CVE-2021-43228 – carries a CVSS score of 7.5 and affects SymCrypt.
  • CVE-2021-43219 – carries a CVSS score of 7.4 and affects DirectX Graphics Kernel File.

Information Disclosure vulnerabilities resolved under KB5008212 on Windows Server version 2004

Information disclousure vulnerabilities can cause data theft. It could be business or personal data. There are 7 information disclosure vulnerabilities on the Windows Server version 2004. All these are resolved under the KB5008212 security update for Windows Server version 2004.

All these 7 security vulnerabilities on the Windows Server version 2004 are mentioned below:

  • CVE-2021-43244 – CVSS score of 6.5 and affects Windows Kernel.
  • CVE-2021-43236 – CVSS score of 7.5 and affects Microsoft Messaging Queue.
  • CVE-2021-43235 – CVSS score of 5.5 and affects the ‘Storage Spaces Controller’.
  • CVE-2021-43227 – CVSS score of 5.5 and affects the ‘Storage Spaces Controller’.
  • CVE-2021-43224 – CVSS score of 5.5 and affects the Windows Common Log File System Driver.
  • CVE-2021-43222 – CVSS score of 7.5 and affects Microsoft Messaging Queue.
  • CVE-2021-43216 – CVSS score of 6.5 and affects Microsoft Local Security Authority Server (lsasrv).

Summary

The KB5008212 security update for Windows Server 2004 version patches 30 vulnerabilities:

  • 5 Remote code execution vulnerabilities.
  • 7 Information disclosure vulnerabilities.
  • 15 Elevation of privileges vulnerabilities.
  • 3 Denial of Service vulnerabilities.

The update weighs 678.9 MB in size. The server will require a reboot as part of the patching of KB5008212. So, please do make sure that you have planned the maintenance to tide over the security gaps.

You may also like to read the following content related to Windows Update: