It is publicly disclosed and it is being exploited as well.CVE-2022-30190 is a zero-day vulnerability that could lead to ‘Remote Code Execution’ attacks on the server.We primarily discuss 3 vulnerabilities that are of significance for Windows Server 2012 R2. KB5014738 – Vulnerabilities on Windows Server 2012 R2
ALTERNATE SERVER 2012 R2 DOWNLOAD UPDATE
You can read more about May monthly rollup update for Windows Server 2012 R2 on the page for KB5014011 Monthly Rollup Update for Windows Server 2012 R2 – May 10, 2022. You will need to disable the Wi-Fi hotspot feature and use an alternative Internet source. At this point, there is no workaround for the impaired functionality. KB5014738 can break the Wi-Fi hotspot function on Windows devices.The size of the MSU update file for KB5014738 is 562.4 MB.
Details of both alternatives are given in the prerequisites section below. To prevent the issue, Microsoft has suggested two approaches for installing KB5014738. There could be machine certificate authentication issues in the June updates.SSU KB5014025 needs to be deployed on Windows Server 2012 R2 before deploying the KB5014738 monthly rollup update.Details of each of these vulnerabilities are given in the vulnerability section below. You can read more about KB5015227 which explains the issue on this page. KB5014738 contains a fix for CVE-2022-30154 for the Microsoft File Server Shadow Copy Agent Service.If you did not deploy KB5014986 yet, you can skip it and instead deploy KB5014738 monthly rollup update for Windows Server 2012 R2.The issue was caused after the deployment of the KB5014011 monthly rollup update for Windows Server 2012 R2. KB5014986 was released on the 19th of May to resolve authentication issues on domain controllers. It also covers all the changes that were part of the out-of-band update KB5014986.KB5014738 supersedes KB5014011 cumulative monthly rollup update for Windows Server 2012 R2.Salient points about KB5014738 for Windows Server 2012 R2