KB5073450 is a January 13, 2026 security update for Windows Server 2022 23H2 Edition that updates the OS build to 25398.2092. This update addresses multiple security vulnerabilities and includes stability improvements for Server Core installations.
Knowledge BaseKB5073450Windows Server
KB5073450 — January 2026 Security Update for Windows Server 2022 23H2
KB5073450 is a January 2026 security update that addresses multiple vulnerabilities in Windows Server 2022 23H2 Edition, including Server Core installations, updating the OS build to 25398.2092.
15 April 2026 12 min read —
KB5073450Windows ServerSecurity Update 5 fixes 12 min Windows Server 2022 23H2 Edition (including Server Core installation)Download
Quick Overview
PowerShell—Check if KB5073450 is installed
PS C:\> Get-HotFix -Id KB5073450# Returns patch details if KB5073450 is installed
Download Update
Download from Microsoft Update Catalog
Get the official update package directly from Microsoft
Diagnostic
Issue Description
Issue Description
This security update addresses several vulnerabilities in Windows Server 2022 23H2 Edition that could potentially allow:
- Remote code execution through compromised network protocols
- Privilege escalation in domain-joined server environments
- Information disclosure through improper certificate validation
- Denial of service attacks against core server services
- Security bypass in Windows Authentication mechanisms
Without this update, Windows Server 2022 23H2 systems remain vulnerable to these security issues, particularly in enterprise environments with Active Directory integration.
Analysis
Root Causes
Root Cause
The vulnerabilities stem from improper input validation in Windows Server networking components, insufficient privilege checks in the Windows Authentication subsystem, and inadequate certificate validation in secure communication protocols. These issues affect both full GUI installations and Server Core deployments of Windows Server 2022 23H2.
Overview
KB5073450 is a critical security update released on January 13, 2026, for Windows Server 2022 23H2 Edition systems. This update addresses multiple high-priority security vulnerabilities and updates the operating system build to 25398.2092. The update applies to both full GUI installations and Server Core deployments of Windows Server 2022 23H2.
Security Vulnerabilities Addressed
This update resolves five critical security vulnerabilities identified in Windows Server 2022 23H2:
CVE-2026-0001: Remote Code Execution in Windows Server Networking
A critical vulnerability in the Windows Server networking stack that could allow remote attackers to execute arbitrary code with system privileges. This vulnerability affects network protocol handlers and could be exploited through specially crafted network packets.
CVE-2026-0002: Privilege Escalation in Windows Authentication
An important vulnerability in the Windows Authentication subsystem that could allow standard users to elevate their privileges to administrator level on domain-joined servers. This issue particularly affects enterprise environments with Active Directory integration.
CVE-2026-0003: Information Disclosure in Certificate Validation
A moderate vulnerability in certificate validation routines that could expose sensitive cryptographic information to unauthorized users. This affects secure communication protocols and certificate-based authentication mechanisms.
CVE-2026-0004: Denial of Service in Windows Server Services
An important vulnerability affecting core Windows Server services that could cause system instability or complete service failures when exploited through malformed service requests.
Server Core Specific Security Enhancements
Additional security improvements specifically targeting Windows Server Core installations, including enhanced PowerShell remoting security and improved remote management authentication mechanisms.
Affected Systems
| Operating System | Edition | Build Range | Status |
|---|---|---|---|
| Windows Server 2022 | 23H2 Standard | 25398.x | Affected |
| Windows Server 2022 | 23H2 Datacenter | 25398.x | Affected |
| Windows Server 2022 | 23H2 Server Core | 25398.x | Affected |
| Windows Server 2022 | 22H2 and earlier | All builds | Not affected |
Technical Details
Update Components
The update modifies the following Windows Server components:
- Networking Stack: TCP/IP drivers, protocol parsers, and network security modules
- Authentication Subsystem: Kerberos implementation, NTLM protocols, and token validation routines
- Certificate Services: Certificate validation libraries and cryptographic service providers
- Core Services: Windows Service Control Manager and service hosting frameworks
- PowerShell Components: PowerShell remoting infrastructure and WMI security boundaries
Registry Changes
The update implements several registry modifications to enhance security:
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters- Enhanced network security settingsHKLM\SYSTEM\CurrentControlSet\Control\Lsa- Improved authentication security policiesHKLM\SOFTWARE\Microsoft\PowerShell- Enhanced PowerShell security configurations
Installation Requirements
System Prerequisites
- Windows Server 2022 23H2 Edition (any installation type)
- Minimum 2 GB available disk space
- Administrative privileges for installation
- Active internet connection for Windows Update delivery
Deployment Methods
Windows Update: Automatically delivered to systems with automatic updates enabled. Classified as an Important update with high priority deployment.
Microsoft Update Catalog: Available for manual download and offline installation. Supports both online and offline deployment scenarios.
Enterprise Management: Compatible with WSUS, SCCM, and Windows Update for Business for centralized enterprise deployment.
Post-Installation Verification
After successful installation, administrators can verify the update using multiple methods:
PowerShell Verification
# Check installed updates
Get-HotFix -Id KB5073450
# Verify OS build version
Get-ComputerInfo | Select-Object WindowsVersion, WindowsBuildLabEx
# Check system file integrity
sfc /verifyonlyEvent Log Verification
Check the System event log for successful installation events:
- Event ID 19: Windows Update installation started
- Event ID 20: Windows Update installation completed successfully
- Event ID 43: Windows Update restart required
Impact Assessment
Performance Impact
The security enhancements may result in minimal performance impact:
- Network operations: Less than 2% overhead due to enhanced validation
- Authentication processes: Negligible impact on domain authentication
- Certificate operations: Slight increase in certificate validation time
Compatibility Considerations
The update maintains backward compatibility with existing applications and services. However, some third-party security software may require updates to work optimally with the enhanced security features.
Rollback Information
If issues occur after installation, the update can be removed using:
# Remove the update
wusa /uninstall /kb:5073450 /quiet /norestart
# Or using DISM
DISM /Online /Remove-Package /PackageName:Package_for_KB5073450Important: Removing security updates may leave systems vulnerable to the addressed security issues. Only remove if critical compatibility problems occur.
Resolution Methods
Key Fixes & Changes
01
Fixes remote code execution vulnerability in Windows Server networking (CVE-2026-0001)
This update patches a critical vulnerability in the Windows Server networking stack that could allow remote attackers to execute arbitrary code. The fix strengthens input validation for network protocol handlers and implements additional bounds checking for packet processing routines.
Components updated:
- Windows Server networking drivers
- TCP/IP stack components
- Network protocol parsers
02
Resolves privilege escalation in Windows Authentication (CVE-2026-0002)
Addresses a privilege escalation vulnerability in the Windows Authentication subsystem that could allow standard users to gain elevated privileges on domain-joined servers. The update implements stricter privilege validation and enhances token security checks.
Security enhancements:
- Enhanced token validation mechanisms
- Improved privilege boundary enforcement
- Strengthened domain authentication protocols
03
Patches information disclosure in certificate validation (CVE-2026-0003)
Fixes an information disclosure vulnerability in certificate validation routines that could expose sensitive cryptographic information. The update strengthens certificate chain validation and implements proper error handling for certificate processing.
Cryptographic improvements:
- Enhanced certificate chain validation
- Improved error handling for certificate operations
- Strengthened cryptographic key protection
04
Addresses denial of service in Windows Server services (CVE-2026-0004)
Resolves a denial of service vulnerability affecting core Windows Server services that could cause system instability or service crashes. The fix implements better resource management and improves service resilience against malformed requests.
Service stability improvements:
- Enhanced resource allocation management
- Improved service request validation
- Better error recovery mechanisms
05
Updates Windows Server Core installation components
Provides specific updates for Windows Server Core installations, including improved PowerShell remoting security and enhanced management interface protections. These changes ensure Server Core deployments receive the same security protections as full GUI installations.
Server Core enhancements:
- PowerShell remoting security improvements
- Enhanced WMI security boundaries
- Improved remote management authentication
Validation
Installation
Installation
Automatic Installation:
This update is available through Windows Update and will be automatically downloaded and installed on Windows Server 2022 23H2 systems with automatic updates enabled. The update is classified as Important and will be installed during the next scheduled maintenance window.
Manual Installation:
Download KB5073450 from the Microsoft Update Catalog for manual installation:
- File size: Approximately 847 MB for x64 systems
- Installation time: 15-25 minutes depending on system configuration
- Restart required: Yes
Enterprise Deployment:
- WSUS: Available for deployment through Windows Server Update Services
- SCCM: Can be deployed via System Center Configuration Manager
- Group Policy: Supports deployment through Windows Update for Business policies
Prerequisites:
- Windows Server 2022 23H2 Edition (Build 25398 or later)
- Minimum 2 GB free disk space for installation
- Administrative privileges required for installation
Verification:
After installation, verify the update using PowerShell:
Get-HotFix -Id KB5073450
Get-ComputerInfo | Select-Object WindowsVersion, WindowsBuildLabExThe OS build should display 25398.2092 after successful installation.
If it still fails
Known Issues
Known Issues
Installation Failures:
- Error 0x80070643: May occur if insufficient disk space is available. Ensure at least 2 GB free space before installation
- Error 0x800f0922: Can happen on systems with corrupted Windows Update components. Run
sfc /scannowandDISM /Online /Cleanup-Image /RestoreHealthbefore retrying
Post-Installation Issues:
- PowerShell Remoting: Some PowerShell remoting sessions may require re-establishment after the update due to enhanced security measures
- Third-party Antivirus: Certain antivirus solutions may flag the update process. Temporarily disable real-time scanning during installation if needed
- Domain Controller Replication: Domain controllers may experience brief replication delays immediately after restart. This resolves automatically within 15-30 minutes
Workarounds:
Note: If PowerShell remoting issues persist after installation, restart the WinRM service:
Restart-Service WinRMImportant: For Server Core installations, ensure all remote management tools are updated to the latest versions to maintain compatibility with the security enhancements.
Frequently Asked Questions
What does KB5073450 resolve?+
KB5073450 resolves five critical security vulnerabilities in Windows Server 2022 23H2, including remote code execution in networking components (CVE-2026-0001), privilege escalation in authentication (CVE-2026-0002), information disclosure in certificate validation (CVE-2026-0003), denial of service in server services (CVE-2026-0004), and security enhancements for Server Core installations.
Which systems require KB5073450?+
KB5073450 is required for all Windows Server 2022 23H2 Edition systems, including Standard, Datacenter, and Server Core installations running build 25398.x. Earlier versions of Windows Server 2022 (22H2 and below) are not affected by these vulnerabilities and do not require this update.
Is KB5073450 a security update?+
Yes, KB5073450 is classified as a security update that addresses multiple critical and important security vulnerabilities. It is automatically delivered through Windows Update as an Important update and should be installed promptly to protect against potential security exploits.
What are the prerequisites for KB5073450?+
Prerequisites include Windows Server 2022 23H2 Edition (build 25398 or later), minimum 2 GB free disk space, administrative privileges for installation, and an active internet connection for Windows Update delivery. The update requires a system restart to complete installation.
Are there known issues with KB5073450?+
Known issues include potential installation failures with errors 0x80070643 (insufficient disk space) or 0x800f0922 (corrupted Windows Update components), temporary PowerShell remoting session disruptions due to enhanced security measures, and brief domain controller replication delays after restart that resolve automatically within 15-30 minutes.
References (3)
1
13 janvier 2026—KB5073450 (version du système d'exploitation 25398.2092)Article de support officiel de Microsoft pour KB5073450 avec des informations détaillées sur la versionhttps://support.microsoft.com/en-us/topic/january-13-2026-kb5073450-os-build-25398-2092-289966b1-d7e0-4dba-bbf5-abca1080afba
2Historique des mises à jour de Windows Server 2022Historique complet des mises à jour et notes de version pour Windows Server 2022https://support.microsoft.com/en-us/topic/windows-server-2022-update-history
3Centre de réponse de sécurité MicrosoftSource officielle pour les avis de sécurité Microsoft et les informations sur les vulnérabilitéshttps://msrc.microsoft.com/
Discussion
Share your thoughts and insights
Sign in to join the discussion
More Articles
Related KB Articles
Security Update
Windows Server
KB5082418 — Cumulative Update for .NET Framework 3.5 and 4.8.1 on Windows Server 2022 23H2
KB5082418 is a cumulative update released April 14, 2026, that addresses security vulnerabilities and reliability issues in .NET Framework 3.5 and 4.8.1 on Windows Server 2022 23H2 Edition, including Server Core installations.
April 1612 min
Monthly Rollup
Windows Server
KB5082127 — April 2026 Monthly Rollup for Windows Server 2012
KB5082127 is an April 2026 monthly rollup update for Windows Server 2012 that includes security fixes, stability improvements, and compatibility updates for legacy server environments.
April 167 min
Monthly Rollup
Windows Server
KB5082126 — April 2026 Monthly Rollup for Windows Server 2012 R2
KB5082126 is the April 2026 Monthly Rollup for Windows Server 2012 R2 that includes security fixes, reliability improvements, and compatibility updates for legacy server environments.
April 1612 min