Windows 7/Server 2008R2; Windows 8.1/Server 2012R2: Updates (April 12, 2022)

Posted on 2022-04-13 by guenni

Windows[German]Microsoft has also released security updates for Windows 7 and 8.1 as well as for the Windows Server counterparts 2008 R2 and 2012/R2 as of April 12, 2022. Here is an overview of these updates for Windows 7/8.1 and the corresponding Windows Server versions 2008 R2 and 2012/R2.

Advertising

Updates for Windows 8.1 and Windows Server 2012 R2

A rollup and a security-only update have been released for Windows 8.1 and Windows Server 2012 R2. The update history for Windows 8.1 and Windows Server 2012 R2 can be found on this Microsoft page.

KB5012670 (Monthly Rollup) foür Windows 8.1/Server 2012 R2

Update KB5012670 (Monthly Rollup for Windows 8.1 and Windows Server 2012 R2) contains improvements and fixes, and addresses the following issues.

  • Addresses an issue in Windows Media Center where some users might have to reconfigure the application on each start.
  • Addresses a memory leak that was introduced by the PacRequestorEnforcement registry key in the November 2021 Cumulative Update that causes a decrease in performance on domain controllers.
  • Addresses an issue in which Event ID 37 might be logged during certain password change scenarios.
  • Addresses an issue in which Windows might go into BitLocker recovery after a servicing update.
  • Addresses an issue in which domain joins may fail in environments that use disjoint DNS hostnames.
  • Addresses an issue that causes a Denial of Service vulnerability on Cluster Shared Volumes (CSV). For more information, see CVE-2020-26784.
  • Addresses an issue that prevents you from changing a password that has expired when you sign in to a Windows device.

The password entry bug I mentioned in the blog post Windows Server: Open issues from March 2022 Updates (KB5011551, KB5011497) – but for Windows Server 2019 – has been fixed. This update is automatically downloaded and installed by Windows Update, but is also available from the Microsoft Update Catalog as well as via WSUS. If installing manually, the latest Servicing Stack Update (SSU KB5012672) must be installed beforehand – although this SSU cannot be uninstalled. Microsoft is aware of various problems in connection with the update (details can be found in the support article).

KB5012639 (Security-only update) for Windows 8.1/Server 2012 R2

Update KB5012639 (Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2) addresses the following issues (the password entry bug does not seem to have played a role).

  • Addresses an issue in Windows Media Center where some users might have to reconfigure the application on each start.
  • Addresses a memory leak that was introduced by the PacRequestorEnforcement registry key in the November 2021 Cumulative Update that causes a decrease in performance on domain controllers.
  • Addresses an issue in which Event ID 37 might be logged during certain password change scenarios.
  • Addresses an issue in which domain joins may fail in environments that use disjoint DNS hostnames.

The update is distributed via WSUS (but not via Windows Update) or is available from the Microsoft Update Catalog. In case of a manual installation, the latest Servicing Stack Update (SSU) KB5012672  must be installed beforehand. In addition, the Internet Explorer 11 security update KB5011486 from March 2022 (if not already available, I did not find an update for April 2022) should be installed.

Advertising

Updates for Windows Server 2012

A rollup and a security-only update have been released for Windows Server 2012 and Windows Embedded 8 Standard. The update history for Windows 8.1 and Windows Server 2012 R2 can be found on this Microsoft page.

KB5012650 (Monthly Rollup) für Windows Server 2012

Update KB5012650 (Monthly Rollup for Windows Server 2012, Windows Embedded 8 Standard) contains enhancements and fixes, and addresses the following issues.

  • Addresses an issue in Windows Media Center where some users might have to reconfigure the application on each start.
  • Addresses a memory leak that was introduced by the PacRequestorEnforcement registry key in the November 2021 Cumulative Update that causes a decrease in performance on domain controllers.
  • Addresses an issue in which Event ID 37 might be logged during certain password change scenarios.
  • Addresses an issue that occurs when you try to write a service principal name (SPN) alias (such as www/contoso) and HOST/NAME already exists on another object. If the user has the RIGHT_DS_WRITE_PROPERTY on the SPN attribute of the colliding object, you receive an "Access Denied" error.
  • Addresses an issue in which domain joins may fail in environments that use disjoint DNS hostnames.
  • Addresses an issue that prevents you from changing a password that has expired when you sign in to a Windows device.

This update is automatically downloaded and installed by Windows Update, but is also available from the Microsoft Update Catalog and via WSUS. In case of a manual installation, the latest Servicing Stack Update (SSU KB5011571) must be installed beforehand – whereby this SSU can no longer be uninstalled. This update is known to have the same issues as the updates listed above.

KB5012666 (Security-only update) for Windows Server 2012

Update KB5012666 (Monthly Rollup for Windows Server 2012, Windows Embedded 8 Standard) contains improvements and fixes, and addresses the issues listed below.

  • Addresses an issue in Windows Media Center where some users might have to reconfigure the application on each start.
  • Addresses a memory leak that was introduced by the PacRequestorEnforcement registry key in the November 2021 Cumulative Update that causes a decrease in performance on domain controllers.
  • Addresses an issue in which Event ID 37 might be logged during certain password change scenarios.
  • Addresses an issue that occurs when you try to write a service principal name (SPN) alias (such as www/contoso) and HOST/NAME already exists on another object. If the user has the RIGHT_DS_WRITE_PROPERTY on the SPN attribute of the colliding object, you receive an "Access Denied" error.
  • Addresses an issue in which domain joins may fail in environments that use disjoint DNS hostnames.

This update is automatically downloaded and installed by Windows Update, but is also available from the Microsoft Update Catalog sowie and via WSUS. In case of a manual installation, the latest Servicing Stack Update (SSU KB5011571) must be installed beforehand – whereby this SSU can no longer be uninstalled. This update is known to have the same issues as the updates listed above. In addition, the Internet Explorer 11 security update KB5011486 (if not already available) from March 2022 should be installed.

Updates for Windows 7/Windows Server 2008 R2

A rollup and a security-only update have been released for Windows 7 SP1 and Windows Server 2008 R2 SP1. However, these updates are now only available for systems with an ESU license (1st, 2nd and 3rd year activated). The update history for Windows 7 can be found on this Microsoft page.

The update installation requires either a valid ESU license for 2021, or ESU Bypass v11 (see). This is the last version for the ESU license for the 2nd year.

KB5012626 (Monthly Rollup) for Windows 7/Windows Server 2008 R2

Update KB5012626 (Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1) contains (besides the security fixes from the previous month) improvements and bug fixes and addresses the following:

  • Addresses an issue in Windows Media Center where some users might have to reconfigure the application on each start.
  • Addresses a memory leak that was introduced by the PacRequestorEnforcement registry key in the November 2021 Cumulative Update that causes a decrease in performance on domain controllers.
  • Addresses an issue in which Event ID 37 might be logged during certain password change scenarios.
  • Addresses an issue that occurs when you try to write a service principal name (SPN) alias (such as www/contoso) and HOST/NAME already exists on another object. If the user has the RIGHT_DS_WRITE_PROPERTY on the SPN attribute of the colliding object, you receive an "Access Denied" error.
  • Addresses an issue in which domain joins may fail in environments that use disjoint DNS hostnames.
  • Addresses an issue that prevents you from changing a password that has expired when you sign in to a Windows device.

Again, the password entry bug I mentioned in the blog post Windows Server: Open issues from March 2022 Updates (KB5011551, KB5011497) – but for Windows Server 2019 – has been fixed. This update is automatically downloaded and installed via Windows Update. However, the package is also available viaMicrosoft Update Catalog and is distributed via WSUS. Details about the requirements and known issues can be found in the KB article.

KB5012649 (Security Only) for Windows 7/Windows Server 2008 R2

Update KB5012649 (Security-only update) is available for Windows 7 SP1 and Windows Server 2008 R2 SP1 with ESU license. The update addresses the following issues.

  • Addresses an issue in Windows Media Center where some users might have to reconfigure the application on each start.
  • Addresses a memory leak that was introduced by the PacRequestorEnforcement registry key in the November 2021 Cumulative Update that causes a decrease in performance on domain controllers.
  • Addresses an issue in which Event ID 37 might be logged during certain password change scenarios.
  • Addresses an issue that occurs when you try to write a service principal name (SPN) alias (such as www/contoso) and HOST/NAME already exists on another object. If the user has the RIGHT_DS_WRITE_PROPERTY on the SPN attribute of the colliding object, you receive an "Access Denied" error.
  • Addresses an issue in which domain joins may fail in environments that use disjoint DNS hostnames.

The update is available via WSUS or in the Microsoft Update Catalog. To install the update, the prerequisites listed in the KB article and above in the rollup update must be met. The update has the known bugs described in the KB article and causes, among other things, error messages when printing. In addition, the Internet Explorer 11 security update KB5011486  (if not already available) from March 2022 should be installed. Be sure to install the latest Servicing Stack Update beforehand.

Similar articles:
Microsoft Office Updates (April 5, 2022)
Microsoft Security Update Summary (April 12, 2022)
Patchday: Windows 10 Updates (April 12, 2022)
Patchday: Windows 11/Server 2022 Updates (April 12, 2022)
Windows 7/Server 2008R2; Windows 8.1/Server 2012R2: Updates (April 12, 2022)
Patchday: Microsoft Office Updates (April 12, 2022)

Cookies helps to fund this blog: Cookie settings
Advertising

This entry was posted in Security, Update, Windows and tagged , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *