Patchday: Windows Server-Updates (January 14, 2025)

Posted on 2025-01-15 by guenni

Windows[German]On January 14, 2025 (second Tuesday of the month, Patchday at Microsoft), various cumulative updates were released for the supported versions of Windows Server. Below I have extracted the provided updates including some details for these Windows Server versions (from Windows Server 2012 to 2025).

Advertising

Updates for Windows Server 2025

A list of updates for Windows Server 2025 can be found on this Microsoft website. The cumulative update KB5050009 has been released for Windows Server 2025, which raises the OS build to 20348.2894.

The update contains security patches and updates the Windows Kernel Vulnerable Driver Blocklist file (DriverSiPolicy.p7b). This update expands the list of drivers that are vulnerable to BYOVD (Bring Your Own Vulnerable Driver) attacks.

This update is automatically downloaded and installed by Windows Update, but is also available in the Microsoft Update Catalog and via WSUS and WUfB. The patch includes the latest Windows Servicing Stack Update. Any problems caused by the update and installation requirements are listed in the support article.

Updates for Windows Server 2022/23H2

The following updates are available for Windows Server 2022 and Windows Server 23H2.

Update KB5049984 for Windows Server 23H2

A list of updates for Windows Server 23H2 can be found on this Microsoft website. The cumulative update KB5049984 has been released for Windows Server 23H2, which raises the OS build to 25398.1369.

Advertising

The update contains security patches and also updates the Windows Kernel Vulnerable Driver Blocklist file (DriverSiPolicy.p7b). The list of drivers that are vulnerable to BYOVD (Bring Your Own Vulnerable Driver) attacks is extended.

It also fixes an issue with VMs that prevents a Windows guest system from starting as a virtual machine. This occurs when you enable nested virtualization on a host that supports AVX10.

This update is automatically downloaded and installed by Windows Update, but is also available in the Microsoft Update Catalog and via WSUS and WUfB. The latest Windows Servicing Stack Update is integrated in the patch. Any problems caused by the update and installation requirements are listed in the support article.

Update KB5049983 for Windows Server 2022

A list of updates for Windows Server 2022 can be found on this Microsoft website. The cumulative update KB5049983 has been released for Windows Server 2022, which raises the OS build to 20348.3091.

The update contains security patches and also updates the Windows Kernel Vulnerable Driver Blocklist file (DriverSiPolicy.p7b). The list of drivers that are vulnerable to BYOVD (Bring Your Own Vulnerable Driver) attacks is extended accordingly.

This update is automatically downloaded and installed by Windows Update, but is also available in the Microsoft Update Catalog and via WSUS and WUfB. The current Windows Servicing Stack Update is integrated in the patch. Any problems caused by the update and installation requirements are listed in the support article.

Updates for Windows Server 2016/2019

A list of updates for Windows Server 2016 and 2019 can be found on this Microsoft website. I have extracted the relevant update information below.

Update KB5050008 for Windows Server 2019

Cumulative Update KB5050008 is not only available for Windows 10 2019 Enterprise LTSC etc., but also for Windows Server 2019. The update includes quality improvements and updates the Windows Kernel Vulnerable Driver Blocklist file (DriverSiPolicy.p7b).

The update is automatically downloaded and installed by Windows Update, but is also available in the Microsoft Update Catalog, via WSUS and WUfB. Microsoft has also updated the Service Stack Update (SSU). Please note the installation sequence described in the support article and, if applicable, the notes on further requirements and any existing problems.

Update KB5049993 for Windows Server 1607

Cumulative Update KB5049993 is not only available for Windows 10 2016 Enterprise LTSC, but also for Windows Server 2016. The update includes quality improvements and updates the Windows Kernel Vulnerable Driver Blocklist file (DriverSiPolicy.p7b).

The update is automatically downloaded and installed by Windows Update, but is also available in the Microsoft Update Catalog, via WSUS and WUfB. Microsoft has also updated the Service Stack Update (SSU). Please note the installation sequence described in the support article and, if applicable, the notes on further requirements and any existing problems.

Updates for Windows Server 2012 / R2

Windows Server 2012/R2dropped out of support in October 2023 and will only receive updates with an ESU license. Please note the information on the installation sequence for Windows Server that Microsoft provides in the KB articles.

Update KB5050048 for Windows Server 2012 R2

The update history for Windows Server 2012 R2 can be found on this Microsoft page. For Windows Server 2012 R2, update KB5050048 (Monthly Rollup for Windows Server 2012 R2) has been released for systems with an ESU license. The update fixes various vulnerabilities and updates the Windows Kernel Vulnerable Driver Blocklist file (DriverSiPolicy.p7b).

This update is automatically downloaded and installed by Windows Update in Windows Server 2012 R2, but is also available in the Microsoft Update Catalog and via WSUS. Details on fixes and any known problems in connection with the update are listed in the support article.

There is no security-only update for Windows Server 2012 R2.

Update KB5050004 for Windows Server 2012

The update history for Windows Server 2012 can be found on this Microsoft page. Update KB5050004 (Monthly Rollup for Windows Server 2012) has been released for Windows Server 2012 with ESU license. It contains unspecified security patches and updates the Windows Kernel Vulnerable Driver Blocklist file (DriverSiPolicy.p7b).

This update is available in the im Microsoft Update Catalog and via WSUS. In the case of a manual installation, the latest Servicing Stack Update (SSU) must be installed beforehand – although this SSU can no longer be uninstalled. Problems in connection with the update are listed in the KB article.

There is no security-only update for Windows Server 2012.

If in doubt, details on the above updates can be found in the respective Microsoft KB articles.

Similar articles
Microsoft Security Update Summary (January 14, 2025)
Patchday: Windows 10/11 Updates (January 14, 2025)
Patchday: Windows Server Updates (January 14, 2025)
Patchday: Microsoft Office Updates (January 14, 2025)

Advertising
This entry was posted in Security, Update, Windows and tagged , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).