Copilot is your AI companion
Always by your side, ready to support you whenever and wherever you need it.
A security issue has been identified in a Microsoft software product that could affect your system.
Important! Selecting a language below will dynamically change the complete page content to that language.
-
File Name:
Windows8.1-KB2992611-x64.msu
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article. After you install this update, you may have to restart your system.
-
Supported Operating Systems
Windows Server 2012 R2
-
- To start the download, click the Download button and then do one of the following, or select another language from Change Language and then click Change.
- Click Run to start the installation immediately.
- Click Save to copy the download to your computer for installation at a later time.
-
Other critical security updates are available: To find the latest security updates for you, visit Windows Update and click Express Install. To have the latest security updates delivered directly to your computer, visit the Security At Home web site and follow the steps to ensure you’re protected.
Windows Server 2012 R2 — надежная серверная операционная система, которая продолжает использоваться в корпоративных средах благодаря своей стабильности и поддержке ключевых серверных ролей. На этой странице представлены последние обновления для Windows Server 2012 R2, которые улучшают безопасность, производительность и совместимость. Вы можете скачать их через официальный сайт Microsoft или напрямую с нашего сервера. Каждое обновление подробно описано с указанием его функций и назначения.
Приобрести лицензионные ключи активации для Windows Server 2012 R2 вы можете в нашем каталоге с моментальной доставкой на вашу электронную почту в автоматическом режиме. Заказы обрабатываются 24/7.
Также вы можете скачать официальные дистрибутивы Windows Server 2012 R2 из нашего каталога по прямым ссылкам. Подробности на следующей странице.
Список обновлений
— Скачать KB5052108
— Скачать KB5046260
— Скачать KB5039340
— Скачать KB5037923
— Скачать KB5031003
— Скачать KB5029368
— Скачать KB5028872
— Скачать KB5018519
— Скачать KB5017398
— Скачать KB5014025
Обновления для Windows Server 2012 R2
Скачать KB5052108
Обновление KB5052108, выпущенное в марте 2025 года, представляет собой накопительное обновление для Windows Server 2012 R2. Оно поднимает сборку до версии 6.3.9600.XXXX (точный номер сборки будет уточнен после релиза). Это обновление включает последние исправления безопасности и улучшения производительности для серверов в рамках программы Extended Security Updates (ESU).
Основные функции и изменения:
1. Устранение уязвимостей безопасности, выявленных в начале 2025 года.
2. Повышение стабильности сетевых компонентов.
3. Оптимизация работы служб Active Directory и Hyper-V.
4. Улучшение совместимости с современными приложениями.
KB5052108 необходимо для серверов, участвующих в программе ESU, чтобы обеспечить их защиту после окончания основной поддержки в октябре 2023 года.
— Скачать с сайта Microsoft
— Скачать с нашего сервера
Скачать KB5046260
Обновление KB5046260, выпущенное в ноябре 2024 года, представляет собой накопительное обновление для .NET Framework 4.8 на Windows Server 2012 R2. Оно устраняет уязвимости и повышает стабильность приложений, использующих .NET.
Основные функции и изменения:
1. Устранение уязвимостей в .NET Framework (CVE-2024-XXXX, уточняется после релиза).
2. Исправление ошибок в обработке запросов IIS.
3. Улучшение производительности веб-приложений.
4. Повышение совместимости с новыми библиотеками .NET.
KB5046260 важно для серверов, на которых работают приложения, зависящие от .NET Framework 4.8.
— Скачать с сайта Microsoft
— Скачать с нашего сервера
Скачать KB5039340
Обновление KB5039340, выпущенное в июне 2024 года, является Servicing Stack Update (SSU) для Windows Server 2012 R2. Оно улучшает компоненты системы обновлений.
Основные функции и изменения:
1. Обновление стека обслуживания для надежной установки последующих патчей.
2. Исправление ошибок в работе Windows Update.
3. Повышение совместимости с накопительными обновлениями 2024 года.
4. Подготовка системы к будущим ESU-обновлениям.
KB5039340 требуется установить перед другими обновлениями 2024 года для минимизации сбоев.
— Скачать с сайта Microsoft
— Скачать с нашего сервера
Скачать KB5037923
Обновление KB5037923, выпущенное в мае 2024 года, — это накопительное обновление для .NET Framework 4.8 на Windows Server 2012 R2.
Основные функции и изменения:
1. Устранение уязвимостей в .NET Framework (CVE-2024-XXXX).
2. Исправление сбоев в серверных приложениях на .NET 4.8.
3. Улучшение производительности обработки данных в IIS.
4. Обновление безопасности для веб-приложений.
KB5037923 критично для серверов с активными .NET-приложениями.
— Скачать с сайта Microsoft
— Скачать с нашего сервера
Скачать KB5031003
Обновление KB5031003, выпущенное в октябре 2023 года, — это обновление для .NET Framework 4.8 на Windows Server 2012 R2.
Основные функции и изменения:
1. Устранение уязвимостей в .NET Framework (CVE-2023-XXXX).
2. Исправление ошибок в работе веб-приложений.
3. Улучшение совместимости с обновлениями Windows Server.
4. Повышение стабильности приложений на .NET.
KB5031003 рекомендуется для серверов с .NET-приложениями перед переходом на ESU.
— Скачать с сайта Microsoft
— Скачать с нашего сервера
Скачать KB5029368
Обновление KB5029368, выпущенное в августе 2023 года, — это Servicing Stack Update (SSU) для Windows Server 2012 R2.
Основные функции и изменения:
1. Обновление компонентов установки обновлений.
2. Исправление ошибок в работе Windows Update.
3. Повышение надежности процесса обновления системы.
4. Подготовка к установке накопительных обновлений 2023 года.
KB5029368 необходимо для корректной работы последующих патчей.
— Скачать с сайта Microsoft
— Скачать с нашего сервера
Скачать KB5028872
Обновление KB5028872, выпущенное в июле 2023 года, представляет собой накопительное обновление безопасности для Windows Server 2012 R2.
Основные функции и изменения:
1. Устранение уязвимостей в ядре и сетевых компонентах.
2. Повышение стабильности Hyper-V.
3. Исправление ошибок в работе Active Directory.
4. Улучшение безопасности файловых служб.
KB5028872 важно для поддержания безопасности перед окончанием основной поддержки.
— Скачать с сайта Microsoft
— Скачать с нашего сервера
Скачать KB5018519
Обновление KB5018519, выпущенное в октябре 2022 года, — это обновление для .NET Framework 4.8 на Windows Server 2012 R2.
Основные функции и изменения:
1. Устранение уязвимостей в .NET Framework (CVE-2022-XXXX).
2. Исправление ошибок в работе приложений на .NET.
3. Улучшение производительности IIS.
4. Повышение безопасности серверных приложений.
KB5018519 рекомендуется для серверов с .NET-приложениями.
— Скачать с сайта Microsoft
— Скачать с нашего сервера
Скачать KB5017398
Обновление KB5017398, выпущенное в сентябре 2022 года, — это Servicing Stack Update (SSU) для Windows Server 2012 R2.
Основные функции и изменения:
1. Обновление стека обслуживания для установки патчей.
2. Исправление ошибок в Windows Update.
3. Повышение стабильности процесса обновления.
4. Подготовка к накопительным обновлениям 2022 года.
KB5017398 требуется перед установкой последующих обновлений.
— Скачать с сайта Microsoft
— Скачать с нашего сервера
Скачать KB5014025
Обновление KB5014025, выпущенное в мае 2022 года, — это Servicing Stack Update (SSU) для Windows Server 2012 R2.
Основные функции и изменения:
1. Улучшение компонентов системы обновлений.
2. Исправление сбоев при установке патчей.
3. Повышение надежности Windows Update.
4. Подготовка к накопительным обновлениям 2022 года.
KB5014025 важно для стабильной работы системы обновлений.
— Скачать с сайта Microsoft
— Скачать с нашего сервера
KB5035885 is the cumulative monthly rollup update for Windows Server 2012 R2. It was released on 12 March 2024 under the ‘Patch Tuesday’ program of Microsoft.
Windows Server 2012 R2 reached ‘End of Support’ on 10 October 2023. Going forward, ESU or Extended Security Updates will be available for Windows Server 2012 R2.
ESU or Extended Security Updates are cumulative. You can buy ESU for Windows Server 2012 R2 on an annual renewal basis until October 2026.
Salient points
- KB5035885 is the monthly rollup update (ESU or Extended Security Update) for Windows Server 2012 R2 and supersedes the KB5034819 update.
- KB5034819 was released on 13 February 2024. You can read more about it on the KB5034819 page.
- KB5035968 is the Servicing Stack Update that corresponds to KB5035885. The SSU was released on 12 March 2024. You would need to deploy KB5035968 before installing the KB5035885 monthly rollup update.
- 28 security vulnerabilities affect Windows Server 2012 R2 as part of the February 2024 security report.
- One CRITICAL security vulnerability affects Windows Server 2012 R2. You can read more about this vulnerability in the vulnerabilities section.
- The issue with language packs continues to affect Windows Server 2012 R2. If you install a language pack after installing KB5035885, you will need to re-install the KB5035885 update. This is because installing a language pack renders the monthly rollup update infructitious.
To install KB5035885, you will need a valid key for the Extended Security Updates because the Windows Server 2012 R2 attained End of Support status on 10 October 2023.
Download KB5035885
KB5035885 is a cumulative monthly rollup update of the type of an Extended Security Update. It can be installed automatically or through a manual approach.
For automatic patching of the monthly rollup update, you could use one of the following methods:
- Windows Update
- WSUS or Windows Server Update Service
WSUS remains the best method to automatically import and deploy security updates or cumulative updates on Windows Servers. We strongly suggest using WSUS as the preferred method for rolling out updates.
However, you will still need a valid key to apply the Extended Security Updates on Windows Server 2012 R2.
For manual installation, you can download the offline installer files from the Microsoft Update Catalog site. Alternatively, you can use the direct download links for KB5034819 shared below.
The manual installation of KB5035885 involves the following 2 steps:
- Download and install KB5035968 Servicing Stack Update
- Download and install the KB5035885 Cumulative Update (Extended Security Update)
For each of these updates, we have shared the download links below.
Download KB5035968
- Download KB5035968 from the Microsoft Update Catalog site
- Direct download link for KB5035968
The Servicing Stack Update file for KB5034866 has a size of 10.5 MB. Servicing Stack Updates, upon installation, do not cause the server to reboot. This Servicing Stack Update was released in March 2024.
Download KB5035885
The download links for KB5035885 are shared hereunder.
- Download KB5035885 from the Microsoft Update Catalog site
- Direct download link for cumulative update KB5035885
The size of the offline installer file for KB5035885 is 587 MB.
The server will reboot post-installation of the monthly rollup update. So, we do suggest installing the cumulative update as part of an organized change process within the IT infrastructure.
If you have already installed KB5034819, only the incremental changes of KB5035885 will be downloaded and installed on the Windows Server 2012 R2.
Vulnerabilities
There are 28 security vulnerabilities that have been disclosed for Windows Server 2012 R2 as part of the March 2024 security bulletin released by Microsoft.
We have listed the single CRITICAL threat that affects Windows Server 2012 R2 below.
CRITICAL vulnerabilities
One CRITICAL security vulnerability affects Windows Server 2012 R2. This is a ‘Remote Code Execution’ vulnerability.
| CVE details | CVSS | Impact | Description |
|---|---|---|---|
| CVE-2024-21407 | 8.1 | Remote Code Execution | The threat affects Windows Hyper-V.
This vulnerability would require an authenticated attacker on a guest VM to send specially crafted file operation requests on the VM to hardware resources on the VM which could result in remote code execution on the host server. Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment. |
KB5035885 – Changelog
The following changes are part of the KB5035885 monthly rollup update (Extended Security Updates) for Windows Server 2012 R2.
- This update contains miscellaneous security improvements to internal Windows OS functionality.
- This update brings in security changes for Windows Server 2012 R2.
- The Local Security Authority (LSA) might fail while interfacing with third-party software.
Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.
Security Update for Windows Server 2012 R2 (KB3172729) |
A security issue has been identified in a Microsoft software product that could affect your system.
- A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article. After you install this update, you may have to restart your system.
| Knowledge Base Articles: |
|
|---|---|
| Security Bulletins: |
|
Files
Status: LiveThis download is still available on microsoft.com. Since you’re using a legacy operating system, the downloads below are archives provided by the Internet Archive Wayback Machine from the Microsoft Download Center prior to August 2020. |
| File | Size |
|---|---|
| Windows8.1-KB3172729-x64.msu
SHA1: |
259 KB |
System Requirements
Operating Systems: Windows Server 2012 R2
Installation Instructions
-
- To start the download, click the Download button and then do one of the following, or select another language from Change Language and then click Change.
- Click Run to start the installation immediately.
- Click Save to copy the download to your computer for installation at a later time.
Related Resources
- Microsoft Security Bulletin
This post has been republished via RSS; it originally appeared at: Microsoft Tech Community — Latest Blogs — .
You can now get three additional years of Extended Security Updates (ESUs) if you need more time to upgrade and modernize your Windows Server 2012, Windows Server R2, or Windows Embedded Server 2012 R2 on Azure. This also applies to Azure Stack HCI, Azure Stack Hub, and other Azure products.
Note: Windows Server 2012, Windows Server 2012 R2, and Windows Embedded Server 2012 R2 reached end of support on October 10th, 2023, per our 10-year lifecycle policy. After this date, no more security patches will be released for these versions of Windows Server. For ease of reference, we’ll sometimes refer to these versions as Windows Server 2012/R2 version family.
If you’ve already moved to Azure to protect your Windows Server 2012 and R2 workloads, you might be enjoying free Extended Security Updates. If your organization is unable to migrate, you can purchase and seamlessly deploy Windows Server 2012 Extended Security Updates enabled by Azure Arc on premises and in hosted environments without keys, directly from the Azure portal. As an alternative to Azure Arc, let’s look at the steps to purchase and deploy ESUs—on premises and in hosted environments—using multiple activation keys (MAK). It takes four easy steps:
- Purchase and download the ESU key.
- Prepare to install the ESU key.
- Install the ESU key.
- Activate the ESU key.
Purchase and download the ESU key
Extended Security Updates (ESUs) are available through specific Microsoft Volume Licensing programs. Beginning October 10, 2023, you can purchase ESUs for up to three consecutive 12-month increments. This means you can be covered beginning on November 14, 2023 and through October 13, 2026. Note: You cannot buy partial periods (e.g., 6 months of updates).
Note: People tend to refer to ESU keys interchangeably as multiple activation keys (MAK), ESU product keys, or ESU license keys.
Download the ESU keys on the Microsoft admin center by doing the following.
- Go to Microsoft admin center.
- In the Your products section, select View contracts.
Screenshot of the Your products page in Microsoft admin center.
- Select the three dots to the right of each license ID for more actions and select View Product Keys. All the product keys for the agreement will be available there.
Screenshot of a close-up view of Contracts highlighting the menu option to View product keys.
Prepare to install the ESU key
Let’s ensure you’re ready for continued security updates after October 10, 2023. Prerequisites vary depending on the scenario, but double-check that your devices are up to date, you have appropriate licensing preparation package and keys, as well as firewall readiness.
Update your devices with the latest Servicing Stack Updates
Check that you have the following updates installed for all Windows Server 2012 and Windows Server 2012 R2 scenarios, including for embedded systems. For more information about the latest SSU updates, see ADV990001 | Latest Servicing Stack Updates.
- For Windows Server 2012 R2 or Windows Embedded Server 2012 R2, install the servicing stack update (SSU) (KB5029368) that is dated August 8, 2023 or a later SSU.
- For Windows Server 2012, install the servicing stack update (SSU) (KB5029369) that is dated August 8, 2023 or a later SSU.
Note: If you use Windows Update, these updates will be offered automatically as needed. You must restart your device after you install the required updates.
Download required licensing packages and keys
- Download and install the Extended Security Updates (ESU) Licensing Preparation Package.
- For Windows Server 2012 R2 or Windows Server 2012 R2 Embedded, see the Extended Security Updates (ESU) Licensing Preparation Package that is dated August 10, 2022 (KB5017220).
- For Windows Server 2012, see the Extended Security Updates (ESU) Licensing Preparation Package that is dated August 10, 2022 (KB5017221).
- Download the ESU multiple activation keys (MAK) add-on key from the VLSC portal.
- For Windows Server 2012 and Windows Server 2012 R2 virtual machines on Azure or Azure Stack HCI, ESU updates are automatically unlocked. That means that you don’t need to deploy the ESU keys, nor do you need the licensing preparation package. For Windows Servers that run on premises with Azure Arc, follow instructions in Deliver Extended Security Updates for Windows Server 2012 — Azure Arc.
Configure firewall allow lists for activation
If you’re using a proxy firewall, you may need to allow-list the activation endpoints for ESU key activation to succeed.
For online activation (i.e., local key deployment), allow-list all the following URLs:
- http://go.microsoft.com/fwlink/?linkid=88338
- https://activation.sls.microsoft.com/slspc/SLActivate.asmx
- http://go.microsoft.com/fwlink/?linkid=88339
- https://activation.sls.microsoft.com/slrac/SLCertify.asmx
- http://go.microsoft.com/fwlink/?linkid=88340
- https://activation.sls.microsoft.com/slpkc/SLCertifyProduct.asmx
- http://go.microsoft.com/fwlink/?linkid=88341
- https://activation.sls.microsoft.com/sllicensing/SLLicense.asmx
For proxy activation using the Volume Activation Management Tool (VAMT), allow-list the following URLs:
- https://activation.sls.microsoft.com/BatchActivation/BatchActivation.asmx
- http://go.microsoft.com/fwlink/?LinkId=82160 (This FWLink redirects to the above URL.)
Note: If you directly click or tap on these links, you’ll receive a privacy error message. This is the expected behavior.
Here are the requirements for applying ESUs to your scenarios:
|
Scenario |
SSU update required? |
Licensing Preparation Package required? |
|
VMs running on Azure/Azure Stack HCI |
Yes |
No |
|
Azure-Arc enabled physical/virtual machines (VMs) |
Yes |
No |
|
Azure VMWare/Nutanix Solutions |
Yes |
Yes |
|
On premises devices fully or partially connected (physical or virtual) |
Yes |
Yes |
Install the ESU key
Once you have met the prerequisites listed above, you’re ready to install and activate the ESU key.
Note: Installing the ESU product key will not replace the existing Windows OS product key on the device. Do not use the /upk command to uninstall the Windows OS key.
First, install the ESU key using the Windows Software Licensing Management (Slmgr.vbs) tool. Let’s see how you’d then activate it.
- Open an elevated command prompt.
- Type cscript.exe %windir%\system32\slmgr.vbs /ipk <ESU key> and select Enter.
- If the product key is installed successfully, you’ll see a message like the following:
A command prompt popup message confirms successful installation of the ESU product key.
Note: If you see the Error:0xC004F050 while trying to install the ESU product key, your device may require an additional reboot.
Next, find the ESU Activation ID in the Get your ESU Activation ID table below:
- In the elevated command prompt, type cscript.exe %windir%\system32\slmgr.vbs /dlv and select Enter.
- Note the Activation ID as you will need it in the next step.
A Windows Script Host dialog box shows the Activation ID number along with other details.
The following table outlines possible values for ESU Activation ID. The activation IDs are the same across all eligible Windows ESU editions and all devices enrolled for that program.
|
ESU Program |
ESU SKU (or Activation) ID |
|
Server – 2012/R2 Year 1 |
c0a2ea62-12ad-435b-ab4f-c9bfab48dbc4 |
|
Server – 2012/R2 Year 2 |
e3e2690b-931c-4c80-b1ff-dffba8a81988 |
|
Server – 2012/R2 Year 3 |
55b1dd2d-2209-4ea0-a805-06298bad25b3 |
|
Embedded Server – 2012/R2 Year 1 |
5f7d1147-3adc-4b28-8e57-4713ab7623cd |
|
Embedded Server – 2012/R2 Year 2 |
050b873b-763b-437b-b7c5-9efbeb96ae32 |
|
Embedded Server – 2012/R2 Year 3 |
d44f8a8e-5129-4999-9fe0-5025c2341033 |
Activate the ESU key
Once you have completed your allow lists, you’re ready to activate the ESU product key. To deploy and activate the ESU MAK add-on key, you’ll need Slmgr.vbs or Volume Activation Management Tool (VAMT).
- Open an elevated command prompt.
- Type cscript.exe %windir%\system32\slmgr.vbs /ato <ESU Activation Id> and select Enter.
You should now see a message stating that you have activated the key successfully:
A Windows Script Host dialog box confirms that the product was activated successfully.
Important: Activation via Control Panel > System and Security > System > Activate Windows activates the Windows operating system only. You cannot use it to activate ESU keys.
Once you have activated the ESU product key, verify the status at any time by doing the following:
- Open an elevated command prompt.
- Type slmgr /dlv and select Enter.
The License Status will show as «Licensed» for the corresponding ESU program, as shown below:
The Windows Script Host dialog box shows the name and the license status for the year 1 ESU add-on, along with other details.
Note: We recommend using a management tool, such as System Center Configuration Manager (also known as Configuration Manager or SCCM), to send the Slmgr.vbs scripts to your enterprise devices.
Once the ESU key is activated, continue to use your current update and servicing strategy to deploy ESUs through Windows Update, WSUS, the Microsoft Update Catalog, or whichever patch management solution you prefer. Extended Security Updates will have the security-only update classification.
A special case of Azure virtual machines
The good news is that you don’t need to deploy an additional ESU key for Azure virtual machines (VMs), Azure Stack HCI, version 21H2 and later. Like on-premises devices, you’ll need to install the appropriate SSUs as outlined in the «Prepare to install the ESU key» section above. With those SSUs, VMs will be enabled to download the ESU updates.
Would you ever need to deploy the ESU key for Azure products? Yes. You’ll do this for Azure VMWare, Azure Nutanix solution, Azure Stack (Hub, Edge), or for bring-your-own images on Azure for Windows Server 2012 and Windows Server 2012 R2. Just follow the steps to install, activate, and deploy ESUs described above in the «Activate the ESU product key» section.
A pre-patched Windows Server 2012 R2 image is available from the Azure Marketplace. For answers to commonly asked questions about ESU for Windows Server 2012/R2 version family, see Extended Security Updates frequently asked questions.
Our recommendation for the highest compliance and security of your Windows Server estate is Azure. And while you’re planning to migrate, you can purchase and seamlessly deploy Windows Server 2012 Extended Security Updates enabled by Azure Arc on premises and in hosted environments without keys, directly from the Azure portal.
Resources
Take a look at additional resources to find out more about Extended Security Updates for Windows Server 2012, Windows Server 2012 R2, and Windows Embedded Server 2012 R2.
- Windows Server 2012 Extended Security Updates enabled by Azure Arc
- KB5031043: Procedure to continue receiving security updates after extended support has ended on October 10, 2023
- Secure Windows Server 2012/R2 workloads with options from Azure
- Pricing — Extended Security Updates enabled by Azure Arc
- So You’re Still Running Windows/SQL 2012. Now What?
- Extended Security Updates for SQL Server and Windows Server
Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X/Twitter. Looking for support? Visit Windows on Microsoft Q&A.