{"id":37321,"date":"2025-03-12T10:31:57","date_gmt":"2025-03-12T09:31:57","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=37321"},"modified":"2025-03-13T06:36:12","modified_gmt":"2025-03-13T05:36:12","slug":"patchday-windows-server-updates-march-11-2025","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2025\/03\/12\/patchday-windows-server-updates-march-11-2025\/","title":{"rendered":"Patchday: Windows Server-Updates (March 11, 2025)"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" title=\"Windows\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2021\/04\/Windows-klein.jpg\" alt=\"Windows\" width=\"200\" align=\"left\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2025\/03\/12\/patchday-windows-server-updates-11-maerz-2025\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]On March 11, 2025 (second Tuesday of the month, Patchday at Microsoft) various cumulative updates were released for the supported versions of Windows Server. Below I have extracted the provided updates along with some details for these Windows Server versions (from Windows Server 2012 to 2025). The updates fix the vulnerabilities described in blog post <a href=\"https:\/\/borncity.com\/win\/2025\/03\/12\/microsoft-security-update-summary-march-11-2025\/\">Microsoft Security Update Summary (March 11, 2025)<\/a>, that are relevant for Windows Server.<\/p>\n<p><!--more--><\/p>\n<h2>Updates for Windows Server 2025<\/h2>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg02.met.vgwort.de\/na\/75bc7b470a0b4291b795b769a47dc6c2\" alt=\"\" width=\"1\" height=\"1\" \/>A list of updates for Windows Server 2025 can be found on <a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/windows-server-2025-update-history-10f58da7-e57b-4a9d-9c16-9f1dcd72d7d7\" target=\"_blank\" rel=\"noopener\">this Microsoft website<\/a>. The cumulative update <a href=\"https:\/\/support.microsoft.com\/help\/5053598\" target=\"_blank\" rel=\"noopener\">KB5053598<\/a> has been released for Windows Server 2025, which raises the OS build to 20348.3476. The update contains security patches and the following fixes:<\/p>\n<ul>\n<li><b class=\"ocpLegacyBold\">[Narrator]<\/b>\n<ul>\n<li><i class=\"ocpItalic\"><b class=\"ocpLegacyBold\">New!<\/b>\u00a0<\/i>\u00a0This update adds a new Narrator shortcut. To copy the last spoken content by Narrator to the clipboard, press\u00a0<b class=\"ocpLegacyBold\">Narrator key<\/b>\u00a0+<b class=\"ocpLegacyBold\">\u00a0Ctrl<\/b>\u00a0+\u00a0<b class=\"ocpLegacyBold\">X<\/b>. This shortcut is especially useful for quickly copying content such as codes or numbers.<\/li>\n<li><i class=\"ocpItalic\"><b class=\"ocpLegacyBold\">New!<\/b>\u00a0<\/i>\u00a0It will now auto\u00a0read the contents of an email message in the\u00a0<a class=\"ocpExternalLink\" href=\"https:\/\/nam06.safelinks.protection.outlook.com\/?url=https%3A%2F%2Fsupport.microsoft.com%2Foffice%2Fgetting-started-with-the-new-outlook-for-windows-656bb8d9-5a60-49b2-a98b-ba7822bc7627&amp;data=05%7C02%7Cv-elvelasco%40microsoft.com%7C7a4e5d8ef7b84a81fe3608dd5cda0805%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638768813740806185%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&amp;sdata=wVqRNRMlZ3zV4QjtgFDE0jllTUG4PsftZ8uDeHU8tCo%3D&amp;reserved=0\" target=\"_blank\" rel=\"noopener\" data-bi-type=\"anchor\">new Outlook,<\/a>\u00a0similar to how it works in classic Outlook.<\/li>\n<\/ul>\n<\/li>\n<li><b class=\"ocpLegacyBold\">[Scanning apps]<\/b>\u00a0Fixed: This update addresses the issue\u00a0where certain scanners were not being detected despite being connected.<\/li>\n<li><b class=\"ocpLegacyBold\">[Virtual hard\u00a0<\/b><b class=\"ocpLegacyBold\">disk (VHD\/VHDx)]<\/b>\u00a0<b class=\"ocpLegacyBold\"><i class=\"ocpItalic\">New!\u00a0<\/i><\/b>This update adds a detach virtual hard disk button to Settings. In the properties for your VHD or VHDx, go to\u00a0<b class=\"ocpLegacyBold\">Settings<\/b>\u00a0&gt;<b class=\"ocpLegacyBold\">\u00a0System<\/b>\u00a0&gt;<b class=\"ocpLegacyBold\">\u00a0Storage<\/b>\u00a0&gt;<b class=\"ocpLegacyBold\">\u00a0Disks &amp; Volumes<\/b>.<\/li>\n<li><b class=\"ocpLegacyBold\">[Networking]<\/b>\u00a0<b class=\"ocpLegacyBold\"><i class=\"ocpItalic\">New!<\/i>\u00a0<\/b>The\u00a0<b class=\"ocpLegacyBold\">netsh wlan show networks<\/b>\u00a0command can now read SSIDs that are encoded using UTF-8. This means that Wi-Fi SSIDs that have Unicode characters, such as\u00a0emoji,\u00a0display properly in\u00a0<b class=\"ocpLegacyBold\">netsh<\/b>\u00a0output.<\/li>\n<li>\u200b\u200b\u200b\u200b\u200b\u200b\u200b<b class=\"ocpLegacyBold\">[Live kernel debug files (dumps)]<\/b>\u00a0Fixed: The\u00a0<b class=\"ocpLegacyBold\">win32kbase.sys<\/b>\u00a0creates live kernel debug files when it should not.<\/li>\n<li><b class=\"ocpLegacyBold\">[Winlogon]<\/b>\u00a0Fixed: A stop error occurs during shutdown.<\/li>\n<li><b class=\"ocpLegacyBold\">[sfc \/scannow command]<\/b>\u00a0Fixed: You get errors every time you run the command.<\/li>\n<li><b class=\"ocpLegacyBold\">[Service for User to Self (S4U2self)]<\/b>\u00a0Fixed: Your device might have issues using S4U2self to authenticate. This occurs if Credential Guard is off, and the device joins an Active Directory domain that doesn't allow the RC4 cipher.<\/li>\n<li><b class=\"ocpLegacyBold\">[Windows Kernel Vulnerable Driver Blocklist file (DriverSiPolicy.p7b)]<\/b>\u00a0This update adds more\u00a0drivers to\u00a0the list\u00a0that are at risk for Bring Your Own Vulnerable Driver (BYOVD) attacks.<\/li>\n<\/ul>\n<p>This update is automatically downloaded and installed by Windows Update, but is also available in the <a href=\"https:\/\/www.catalog.update.microsoft.com\/home.aspx\" target=\"_blank\" rel=\"noopener\">Microsoft Update Catalog<\/a> and via WSUS and WUfB. The latest Windows Servicing Stack Update is integrated in the patch. Any problems caused by the update (Citrix) and installation requirements are listed in the support article.<\/p>\n<h2>Updates for Windows Server 2022\/23H2<\/h2>\n<p>The following updates are available for Windows Server 2022 and Windows Server 23H2.<\/p>\n<h3>Update KB5053599 for Windows Server 23H2<\/h3>\n<p>A list of updates for Windows Server 23H2 can be found on <a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/windows-server-version-23h2-update-history-68c851ff-825a-4dbc-857b-51c5aa0ab248\" target=\"_blank\" rel=\"noopener\">this Microsoft website<\/a>. The cumulative update <a href=\"https:\/\/support.microsoft.com\/help\/5053599\" target=\"_blank\" rel=\"noopener\">KB5053599<\/a> has been released for Windows Server 23H2, which raises the OS build to 25398.1486. The update contains security patches and the following fixes.<\/p>\n<ul>\n<li><b class=\"ocpLegacyBold\">[Daylight saving time (DST)]<\/b>\u00a0This update supports (DST) changes in Paraguay.<\/li>\n<li><b class=\"ocpLegacyBold\">[Open Secure Shell (OpenSSH) (known issue)]<\/b>\u00a0Fixed: The service fails to start, which stops SSH connections. There is no detailed logging, and you must run the\u00a0<b class=\"ocpLegacyBold\">sshd.exe<\/b>\u00a0process manually.<\/li>\n<li><b class=\"ocpLegacyBold\">[GB18030-2022]<\/b>\u00a0This update adds support for this amendment.<\/li>\n<li><b class=\"ocpLegacyBold\">[Azure Virtual Network]<\/b>\u00a0Fixed: You can turn off the VNET metering feature with\u00a0the following registry key.<br \/>\nRegistry key: HKLM\\CurrentControlSet\\Services\\NcHostAgent\\Parameters\\Plugins\\Vnet<br \/>\nRegistry value:MeteringDisabled (DWORD type)<br \/>\nData to be set: 1<\/li>\n<\/ul>\n<p>This update is automatically downloaded and installed by Windows Update, but is also available in the <a href=\"https:\/\/www.catalog.update.microsoft.com\/home.aspx\" target=\"_blank\" rel=\"noopener\">Microsoft Update Catalog<\/a> and via WSUS and WUfB. The latest Windows Servicing Stack Update is integrated in the patch. Any problems caused by the update (Citrix) and installation requirements are listed in the support article<\/p>\n<h3>Update KB5053603 for Windows Server 2022<\/h3>\n<p>A list of updates for Windows Server 2022 can be found on <a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/windows-server-2022-update-history-e1caa597-00c5-4ab9-9f3e-8212fe80b2ee\" target=\"_blank\" rel=\"noopener\">this Microsoft website<\/a>. The cumulative update <a href=\"https:\/\/support.microsoft.com\/help\/5053603\" target=\"_blank\" rel=\"noopener\">KB5053603<\/a> has been released for Windows Server 2022, which raises the OS build to 20348.3328. The update contains security patches and the following fixes:<\/p>\n<ul>\n<li><b class=\"ocpLegacyBold\">[Daylight saving time (DST)]<\/b>\u00a0This update supports (DST) changes in Paraguay.<\/li>\n<li><b class=\"ocpLegacyBold\">[Open Secure Shell (OpenSSH) (known issue)]<\/b>\u00a0Fixed: The service fails to start, which stops SSH connections. There is no detailed logging, and you must run the\u00a0<b class=\"ocpLegacyBold\">sshd.exe<\/b>\u00a0process manually.<\/li>\n<li><b class=\"ocpLegacyBold\">[GB18030-2022]<\/b>\u00a0This update adds support for this amendment.<\/li>\n<li><b class=\"ocpLegacyBold\">[Azure Virtual Network]<\/b>\u00a0Fixed: You can turn off the VNET metering feature with\u00a0the following registry key.<br \/>\nRegistry key: HKLM\\CurrentControlSet\\Services\\NcHostAgent\\Parameters\\Plugins\\Vnet<br \/>\nRegistry key: MeteringDisabled (DWORD type)<br \/>\nData to be set: 1<\/li>\n<\/ul>\n<p>This update is automatically downloaded and installed by Windows Update, but is also available in the <a href=\"https:\/\/www.catalog.update.microsoft.com\/home.aspx\" target=\"_blank\" rel=\"noopener\">Microsoft Update Catalog<\/a> and via WSUS and WUfB. The current Windows Servicing Stack Update is integrated in the patch. Any problems caused by the update and installation requirements are listed in the support article.<\/p>\n<h2>Updates for Windows Server 2016\/2019<\/h2>\n<p>A list of updates for Windows Server 2016 and 2019 can be found on <a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/windows-10-update-history-8127c2c6-6edf-4fdf-8b9f-0f7be1ef3562\" target=\"_blank\" rel=\"noopener\">this Microsoft website<\/a>. I have extracted the relevant update information below.<\/p>\n<h3>Update KB5053596 for Windows Server 2019<\/h3>\n<p>Cumulative Update <a href=\"https:\/\/support.microsoft.com\/help\/5053596\" target=\"_blank\" rel=\"noopener\">KB5053596<\/a> is not only available for Windows 10 2019 Enterprise LTSC etc., but also for Windows Server 2019. The update contains security fixes, no bug fixes are listed in the support article.<\/p>\n<p>The update is automatically downloaded and installed by Windows Update, but is also available in the <a href=\"http:\/\/www.catalog.update.microsoft.com\/home.aspx\" target=\"_blank\" rel=\"noopener\">Microsoft Update Catalog<\/a>, via WSUS and WUfB. Microsoft has also updated the Service Stack Update (SSU). Please note the installation sequence described in the support article and, if applicable, the notes on further requirements and any existing problems.<\/p>\n<h3>Update KB5053594 for Windows Server 1607<\/h3>\n<p>Cumulative Update <a href=\"https:\/\/support.microsoft.com\/help\/5053594\" target=\"_blank\" rel=\"noopener\">KB5053594<\/a> is not only available for Windows 10 2016 Enterprise LTSC, but also for Windows Server 2016. The update contains security fixes, no bug fixes are listed in the support article.<\/p>\n<p>The update is automatically downloaded and installed by Windows Update, but is also available in the <a href=\"http:\/\/www.catalog.update.microsoft.com\/home.aspx\" target=\"_blank\" rel=\"noopener\">Microsoft Update Catalog<\/a>, via WSUS and WUfB. Microsoft has also updated the Service Stack Update (SSU). Please note the installation requirements described in the support article and any information on existing problems.<\/p>\n<h2>Updates for Windows Server 2012 \/ R2<\/h2>\n<p>Windows Server 2012\/R2 will no longer be supported in October 2023 and will only receive updates with an ESU license. Please note the information on the installation sequence for Windows Server that Microsoft provides in the KB articles<\/p>\n<h3>Update KB5053887 for Windows Server 2012 R2<\/h3>\n<p>The update history for Windows Server 2012 R2 can be found on <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4009470\/windows-8-1-windows-server-2012-r2-update-history\" target=\"_blank\" rel=\"noopener\">this Microsoft page<\/a>. Update <a href=\"https:\/\/support.microsoft.com\/help\/5053887\" target=\"_blank\" rel=\"noopener\">KB5053887<\/a> (Monthly Rollup for Windows Server 2012 R2) has been released for Windows Server 2012 R2 for systems with an ESU license. The update eliminates various vulnerabilities and brings the following fixes.<\/p>\n<ul>\n<li><b class=\"ocpLegacyBold\">[Use-after-free (UAF) risk]<\/b>\u00a0Fixed: A race condition might lead to a UAF risk during process creation.<\/li>\n<li><b class=\"ocpLegacyBold\">[Daylight saving time (DST)]<\/b>\u00a0This update supports DST\u00a0changes in Paraguay. For more information, see the\u00a0<a class=\"ocpExternalLink\" href=\"https:\/\/techcommunity.microsoft.com\/t5\/daylight-saving-time-time-zone\/bg-p\/DSTBlog\" target=\"_blank\" rel=\"noopener\" data-bi-type=\"anchor\">Daylight Saving Time &amp; Time Zone Blog<\/a>.<\/li>\n<\/ul>\n<p>This update is automatically downloaded and installed by Windows Update in Windows Server 2012 R2, but is also available in the <a href=\"https:\/\/www.catalog.update.microsoft.com\/\" target=\"_blank\" rel=\"noopener\">Microsoft Update Catalog<\/a> and via WSUS. Details on fixes and any known problems in connection with the update are listed in the support article.<\/p>\n<blockquote><p>There is no security-only update for Windows Server 2012 R2.<\/p><\/blockquote>\n<h3>Update KB5052020 for Windows Server 2012<\/h3>\n<p>The update history for Windows Server 2012 can be found on <a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/windows-server-2012-update-history-abfb9afd-2ebf-1c19-4224-ad86f8741edd\" target=\"_blank\" rel=\"noopener\">this Microsoft page<\/a>. Update <a href=\"https:\/\/support.microsoft.com\/help\/5053886\" target=\"_blank\" rel=\"noopener\">KB5053886<\/a> (Monthly Rollup for Windows Server 2012) has been released for Windows Server 2012 with ESU license. It contains unspecified security patches and brings the following bug fixes.<\/p>\n<ul>\n<li><b class=\"ocpLegacyBold\">[Use-after-free (UAF) risk]<\/b>\u00a0Fixed: A race condition might lead to a UAF risk during process creation.<\/li>\n<li><b class=\"ocpLegacyBold\">[Daylight saving time (DST)]<\/b>\u00a0This update supports DST\u00a0changes in Paraguay. For more information, see the\u00a0<a class=\"ocpExternalLink\" href=\"https:\/\/techcommunity.microsoft.com\/t5\/daylight-saving-time-time-zone\/bg-p\/DSTBlog\" target=\"_blank\" rel=\"noopener\" data-bi-type=\"anchor\">Daylight Saving Time &amp; Time Zone Blog<\/a>.<\/li>\n<\/ul>\n<p>This update is available in the <a href=\"https:\/\/www.catalog.update.microsoft.com\/\" target=\"_blank\" rel=\"noopener\">Microsoft Update Catalog<\/a> and via WSUS. For a manual installation, the latest Servicing Stack Update (SSU) must be installed beforehand &#8211; although this SSU can no longer be uninstalled. Problems in connection with the update are listed in the KB article.<\/p>\n<blockquote><p>There is no security-only update for Windows Server 2012.<\/p><\/blockquote>\n<p>If in doubt, details on the above updates can be found in the respective Microsoft KB articles.<\/p>\n<p><strong>Similar articles:<br \/>\n<\/strong><a href=\"https:\/\/borncity.com\/win\/2025\/03\/12\/microsoft-security-update-summary-march-11-2025\/\">Microsoft Security Update Summary (March 11, 2025)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2025\/03\/12\/patchday-windows-10-11-updates-march-11-2025\/\">Patchday: Windows 10\/11 Updates (March 11, 2025)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2025\/03\/12\/patchday-windows-server-updates-march-11-2025\/\">Patchday: Windows Server-Updates (March 11, 2025)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2025\/03\/13\/patchday-microsoft-office-updates-march-11-2025\/\">Patchday: Microsoft Office Updates (March 11, 2025)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]On March 11, 2025 (second Tuesday of the month, Patchday at Microsoft) various cumulative updates were released for the supported versions of Windows Server. Below I have extracted the provided updates along with some details for these Windows Server versions &hellip; <a href=\"https:\/\/borncity.com\/win\/2025\/03\/12\/patchday-windows-server-updates-march-11-2025\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,22,2],"tags":[2899,69,195,159],"class_list":["post-37321","post","type-post","status-publish","format-standard","hentry","category-security","category-update","category-windows","tag-patchday-3-2025","tag-security","tag-update","tag-windows-server"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/37321","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=37321"}],"version-history":[{"count":4,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/37321\/revisions"}],"predecessor-version":[{"id":37336,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/37321\/revisions\/37336"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=37321"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=37321"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=37321"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}