[German]Microsoft has also released security updates for Windows 7 and 8.1 as well as for the Windows Server counterparts 2008 R2 and 2012/R2 on February 8, 2022. Among other things, fixes are being made to the Lightweight Directory Access Protocol (LDAP). Here is an overview of these special updates for Windows 7/8.1 and the corresponding Windows Server versions 2008 R2 and 2012/R2.
Advertising
Updates for Windows 8.1/Server 2012 R2
A rollup and a security-only update have been released for Windows 8.1 and Windows Server 2012 R2. The update history for Windows 8.1 and Windows Server 2012 R2 can be found on this Microsoft page.
KB5010419 (Monthly Rollup) for Windows 8.1/Server 2012 R2
Update KB5010419 (Monthly Rollup for Windows 8.1 and Windows Server 2012 R2) contains improvements and fixes, and addresses the following issues.
- Updates daylight savings time to start in February 2022 instead of March 2022 in Jordan.
- Addresses an issue in which virtual machines (VMs) on a Windows server that has Unified Extensible Firmware Interface (UEFI) enabled fail to start after installing the January 11, 2022 Windows update.
- Addresses an issue in which Windows stops running with an IRQL_NOT_LESS_OR_EQUAL error.
- Addresses an issue in which a Lightweight Directory Access Protocol (LDAP) modify operation that contains the SamAccountName together with the UserAccountControl attributes fails with "Error: 0x20EF The directory service encountered an unknown failure."
- Adds an audit event on Active Directory domain controllers that identifies clients that are not RFC-4456 compliant. For more information, see KB5005408—Smart card authentication might cause print and scan failures.
This update is automatically downloaded and installed by Windows Update, but is also available from the Microsoft Update Catalog and via WSUS. If installing manually, the latest Servicing Stack Update (SSU KB5001403) must be installed beforehand – although this SSU cannot be uninstalled.
Microsoft is aware of the following issue related to the update: Certain operations, such as renaming, that you perform for files or folders on a Cluster Shared Volume (CSV) may fail with the error "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)". This occurs when you perform the operation on a CSV owner node from a process that does not have administrator privileges. The KB article suggests a workaround to fix this. In addition, there are issues with .NET applications accessing Active Directory forest trust information. Details can be found in the KB article.
KB5010395 (Security-only update) f0r Windows 8.1/Server 2012 R2
Update KB5010395 (Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2) addresses the same fixes as update KB5010419. The update is distributed via WSUS (but not via Windows Update) or is available from the Microsoft Update Catalog. If installing manually, install the latest Servicing Stack Update (SSU) KB5001403 beforehand. In addition, the Internet Explorer 11 security update (SSU) KB5006671 from Oct. 2021 (if not already available) should be installed.
Advertising
Updates for Windows Server 2012
A rollup and a security-only update have been released for Windows Server 2012 and Windows Embedded 8 Standard. The update history for Windows 8.1 and Windows Server 2012 R2 can be found on this Microsoft page.
KB5010392 (Monthly Rollup) for Windows Server 2012
Update KB5010392 (Monthly Rollup for Windows Server 2012, Windows Embedded 8 Standard) contains improvements and fixes, and addresses the same issues as update KB5010419. This update is automatically downloaded and installed by Windows Update, but is also available from the Microsoft Update Catalog and via WSUS. In case of a manual installation, the latest Servicing Stack Update (SSU KB5001401) has to be installed before – whereas this SSU cannot be uninstalled. This update is known to have the same problems as the updates listed above.
KB5010412 (Security-only update) for Windows Server 2012
Update KB5010412 (Security Only Quality Update for Windows Server 2012, Windows Embedded 8 Standard) addresses the same issues as update KB5007260. The update is distributed via WSUS (but not via Windows Update) or is available in the Microsoft Update Catalog. In case of a manual installation, the latest Servicing Stack Update (SSU) KB5001401 must be installed first. In addition, if not already available, the Internet Explorer 11 security update KB5006671 from Oct. 2021 should be installed.
Updates for Windows 7/Windows Server 2008 R2
A rollup and a security-only update have been released for Windows 7 SP1 and Windows Server 2008 R2 SP1. However, these updates are only available for systems with ESU license (2nd year). The update history for Windows 7 can be found on this Microsoft page.
The update installation requires either a valid ESU license for 2021, or ESU Bypass v11 (see). This is the last update for the ESU license for the 2nd year. (siehe). Dies ist das letzte Update für die ESU-Lizenz für das 2. Jahr.
KB5010404 (Monthly Rollup) for Windows 7/Windows Server 2008 R2
Update KB5010404 (Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1) contains (besides the security fixes from the previous month) improvements and bug fixes and addresses the following:
- Updates daylight savings time to start in February 2022 instead of March 2022 in Jordan.
- Addresses SHA1 deprecation by removing specific SHA1-signed security and non-security fixes and resigned those fixes with SHA2 in this release.
- Addresses an issue in which a Lightweight Directory Access Protocol (LDAP) modify operation that contains the SamAccountName together with the UserAccountControl attributes fails with "Error: 0x20EF The directory service encountered an unknown failure."
- Addresses an issue in which Windows Server 2008 R2 domain controllers (DCs) fail to process NTLM pass-through authentication.
- Adds an audit event on Active Directory domain controllers that identifies clients that are not RFC-4456 compliant. For more information, see KB5005408—Smart card authentication might cause print and scan failures.
This update is automatically downloaded and installed via Windows Update. However, the package is also available via Microsoft Update Catalog and is distributed via WSUS. Details about the requirements and known issues can be found in the KB article.
They released als a Servicing Stack Update (SSU KB5010451).
KB5010422 (Security Only) for Windows 7/Windows Server 2008 R2
Update KB5010422 (Security-only update) is available for Windows 7 SP1 and Windows Server 2008 R2 SP1 with ESU license. The update addresses the following issues.
- Updates daylight savings time to start in February 2022 instead of March 2022 in Jordan.
- Addresses SHA1 deprecation by removing specific SHA1-signed security and non-security fixes and resigned those fixes with SHA2 in this release.
- Addresses an issue in which Windows Server 2008 R2 domain controllers (DCs) fail to process NTLM pass-through authentication.
- Addresses an issue in which a Lightweight Directory Access Protocol (LDAP) modify operation that contains the SamAccountName together with the UserAccountControl attributes fails with "Error: 0x20EF The directory service encountered an unknown failure."
The update is available via WSUS or in the Microsoft Update Catalog. To install the update, the prerequisites listed in the KB article and above in the rollup update must be met. The update has the known bugs described in the KB article and causes, among other things, error messages when printing. In addition, the Internet Explorer 11 security update KB5006671 (if not already available) from Oct. 2021 should be installed. Make sure to install the latest Servicing Stack Update beforehand.
Similar articles:
Microsoft Office Updates (February 1, 2022) fixes Access issues
Microsoft Security Update Summary (February 8, 2022)
Patchday: Windows 10 Updates (February 8, 2022)
Patchday: Windows 11/Server 2022 Updates (February 8, 2022)
Windows 7/Server 2008R2; Windows 8.1/Server 2012R2: Updates (February 8, 2022)
