Microsoft Windows Security Updates December 2022 overview

Martin Brinkmann
Dec 13, 2022
Updated • Dec 14, 2022
Windows Updates
|
11

Microsoft released security and non-security updates for all client and server versions and editions of its Windows operating system on the December 2022 Patch Tuesday. The company released security updates for other Microsoft products as well today.

microsoft windows security updates december 2022

The security updates are already available via Windows Updates, update management systems such as WSUS, and as direct downloads from the Microsoft Update Catalog.

Our overview of the December 2022 Microsoft Patch Day includes information about the released cumulative updates, download links, information about known issues, support links and much more.

ADVERTISEMENT

Tip: check out the November 2022 Patch Day overview here.

Microsoft Windows Security Updates: December 2022

Here is a an Excel spreadsheet that lists the security updates that Microsoft released in December. Just click on the link to download it, as an archive, to your device: microsoft-windows-security-updates-december-2022

Executive Summary

  • Windows 10 version 21H1 reached end of support today. There will be no future updates for the operating system.
  • There will be only one more Patch Day for Windows 7 and 8/8.1 after the December 2022 Patch Tuesday.
  • Microsoft designated Windows 10 version 22H2 for broad deployment.
  • Microsoft released security advisory ADV220005 on Microsoft Signed Drivers Being Used Maliciously.
  • The following client versions of Windows have known issues: Windows 7, Windows 8.1, Windows 10 version 20H2, 21H1, 21H2 and 22H2, Windows 11 version 21H2 and 22H2
    The following server versions of Windows have known issues: Windows Server 2008, 2008 R2, 2012, 2012 R2, Windows Server 2016, 2019 and 2022

Operating System Distribution

  • Windows 7 (extended support only): 15 vulnerabilities: 3 critical and 11 important, 1 moderate
    • PowerShell Remote Code Execution Vulnerability -- CVE-2022-41076
    • Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability -- CVE-2022-44676
    • Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability -- CVE-2022-44670
  • Windows 8.1: 20 vulnerabilities: 3 critical and 16 important, 1 moderate
    • same as Windows 7
  • Windows 10 version 21H1, 21H2 and 22H2: 26 vulnerabilities, 3 critical and 22 important, 1 moderate
    • same as Windows 7
  • Windows 11 and Windows 11 version 22H2:  25 vulnerabilities, 3 critical and 21 important, 1 moderate
    • same as Windows 7

Windows Server products

  • Windows Server 2008 R2 (extended support only): 15 vulnerabilities: 3 critical and 11 important, 1 moderate
    • PowerShell Remote Code Execution Vulnerability -- CVE-2022-41076
    • Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability -- CVE-2022-44676
    • Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability -- CVE-2022-44670
  • Windows Server 2012 R2: 20 vulnerabilities: 3 critical and 16 important, 1 moderate
    • same as Windows Server 2008 R2.
  • Windows Server 2016: 20 vulnerabilities: 3 critical and 15 important, 2 moderate
    • same as Windows Server 2008 R2.
  • Windows Server 2019: 25 vulnerabilities: 3 critical and 21 important, 2 moderate
    • same as Windows Server 2008 R2.
  • Windows Server 2022:  25 vulnerabilities: 3 critical and 21 important, 2 moderate
    • same as Windows Server 2008 R2.

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

Updates and improvements:

  • Fixed a memory leak in LSASS.exe (Local Security Authority Subsystem Service) on Windows domain controllers.
  • Fiji won't observe daylight saving time in 2022.

Windows 8.1 and Windows Server 2012 R2

Updates and improvements:

  • Fixed a memory leak in LSASS.exe (Local Security Authority Subsystem Service) on Windows domain controllers.
  • Fiji won't observe daylight saving time in 2022.

Windows 10 version 21H1m 21H2 and 22H2

Updates and improvements:

Windows 11 Release version 

Updates and improvements:

  • Security updates.
  • This update addresses an issue that might affect Data Protection Application Programming Interface (DPAPI) decryption.
  • All updates of the November 2022 preview updates.

Windows 11 version 22H2  

Updates and improvements:

  • Security updates.
  • Fixed a Task Manager display issue.
  • This update addresses an issue that might affect Data Protection Application Programming Interface (DPAPI) decryption.
  • All updates of the November 2022 preview updates.

Other security updates

2022-12 Cumulative Update for Windows 10, version 1507 (KB5021243)

.NET Framework

2022-12 Security and Quality Rollup for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012 (KB5020859)

2022-12 Security and Quality Rollup for .NET Framework 2.0, 3.0 for Windows Server 2008 (KB5020860)

2022-12 Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5020861)

2022-12 Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2 (KB5020862)

2022-12 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012 (KB5020867)

2022-12 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2 (KB5020868)

2022-12 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008 (KB5020869)

2022-12 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5020876)

2022-12 Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5020878)

2022-12 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5020879)

2022-12 Security Only Update for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012 (KB5020894)

2022-12 Security Only Update for .NET Framework 2.0, 3.0 for Windows Server 2008 (KB5020895)

2022-12 Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5020896)

2022-12 Security Only Update for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2 (KB5020897)

2022-12 Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012 (KB5020898)

2022-12 Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2 (KB5020899)

2022-12 Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008 (KB5020900)

2022-12 Security Only Update for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5020901)

2022-12 Security Only Update for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5020902)

2022-12 Security Only Update for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5020903)

2022-12 Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5021079)

2022-12 Security Only Update for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5021080)

2022-12 Security Only Update for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5021081)

2022-12 Security Only Update for .NET Framework 2.0, 3.0, 4.6.2 for Windows Server 2008 (KB5021082)

2022-12 Security and Quality Rollup for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5021091)

2022-12 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5021092)

2022-12 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.6.2 for Windows Server 2008 (KB5021094)

2022-12 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10, version 1809 (KB5020866)

2022-12 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10, version 1607 (KB5020873)

2022-12 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 2019 and Windows 10, version 1809 (KB5020874)

2022-12 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11 (KB5020875)

2022-12 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 21H2 for x64 (KB5020877)

2022-12 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11 (KB5020880)

2022-12 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 10, version 21H1 and Windows 10, version 20H2 (KB5020881)

2022-12 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11 (KB5020882)

2022-12 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows Server, version 21H2 for x64 (KB5020883)

2022-12 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows Server version 21H1 and Windows 10, version 21H1 (KB5020905)

2022-12 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 22H2 for x64 (KB5021084)

2022-12 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows Server 2019 and Windows 10, version 1809 (KB5021085)

2022-12 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10, version 20H2 (KB5021086)

2022-12 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10, version 21H1 (KB5021087)

2022-12 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10, version 21H1 and Windows 10, version 20H2 (KB5021088)

2022-12 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10, version 22H2 (KB5021089)

2022-12 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 11 (KB5021090)

2022-12 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 21H1 and Windows 10, version 20H2 (KB5020872)

2022-12 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows Server version 21H2 for x64 (KB5021095)

2022-12 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5021093)

Server updates

2022-12 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB5021285)

2022-12 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2 (KB5021296)

2022-12 Security Monthly Quality Rollup for Windows Server 2008 (KB5021289)

2022-12 Security Only Quality Update for Windows Server 2008 (KB5021293)

2022-12 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB5021303)

2022-12 Cumulative Update for Windows Server 2016 and Windows 10, version 1607 (KB5021235)

2022-12 Cumulative Update for Windows Server 2019 and Windows 10, version 1809 (KB5021237)

2022-12 Cumulative Update for Windows Server version 21H2 for x64-based Systems (KB5021249)

Known Issues

Windows 7 SP1 and Windows Server 2008 R2

  • (New) Apps which use ODBC connections through sqlsrv32.dll to access databases may not be able to connect.  Check out Microsoft confirms Windows database connection issues for additional information.
  • (Old) After this update or a later Windows update is installed, domain join operations might be unsuccessful and error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" occurs.
    • Microsoft released guidance on the issue here.
  • (Old) Updates may show as failed and may be uninstalled because the machine is not on ESU.
    • Expected behaviour.

Windows 8.1 and Windows Server 2012 R2

  • (New) Apps which use ODBC connections through sqlsrv32.dll to access databases may not be able to connect.  Check out Microsoft confirms Windows database connection issues for additional information.
  • (Old) After this update or a later Windows update is installed, domain join operations might be unsuccessful and error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" occurs.
    • Microsoft released guidance on the issue here.

Windows 10 versions 21H1, 21H2 and 22H2

  • (New) Apps which use ODBC connections through sqlsrv32.dll to access databases may not be able to connect.  Check out Microsoft confirms Windows database connection issues for additional information.
  • (Old) Custom installations may not receive the new Microsoft Edge web browser, while the old version may be removed.

Windows 11 and Windows 11 version 22H2

  • (New) Apps which use ODBC connections through sqlsrv32.dll to access databases may not be able to connect.  Check out Microsoft confirms Windows database connection issues for additional information.
  • (New) After you install this or later updates, you might be unable to reconnect to Direct Access after temporarily losing network connectivity or transitioning between Wi-Fi networks or access points.
  • (Old) Provisioning packages may not work as expected. Windows may only be configured partially and the " Out Of Box Experience might not finish or might restart unexpectedly".
    • Provisioning the Windows device before upgrading to Windows 11 version 22H2 fixes the issue.
  • (Old) Copying large files (multiple gigabytes) may take longer than expected.
    • Use the commands robocopy \\someserver\someshare c:\somefolder somefile.img /J or xcopy \\someserver\someshare c:\somefolder /J until fixed.

Security advisories and updates

  • ADV 990001 -- Latest Servicing Stack Updates
  • ADV220005 -- Guidance on Microsoft Signed Drivers Being Used Maliciously

Non-security updates

Microsoft Office Updates

You find Office update information here.

How to download and install the December 2022 security updates

The security updates that Microsoft released on December 13, 2022 are already available. Home users may download them via Windows Update or directly from the Microsoft Update Catalog website.

Do the following to run a manual check for updates:

  1. Select Start, type Windows Update and load the Windows Update item that is displayed.
  2. Select check for updates to run a manual check for updates.

Direct update downloads

Below are resource pages with direct download links, if you prefer to download the updates to install them manually.

Windows 7 and Server 2008 R2

  • KB5021291  -- 2022-12 Security Monthly Quality Rollup for Windows 7
  • KB5021288-- 2022-12 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB5021294 -- 2022-12 Security Monthly Quality Rollup for Windows 8.1
  • KB5021296 -- 2022-12 Security Only Quality Update for Windows 8.1

Windows 10 version 21H1

Windows 10 Version 21H2

  • KB5021233 -- 2022-12 Cumulative Update for Windows 10 Version 21H2

Windows 10 version 22H2

  • KB5021233 -- 2022-12 Cumulative Update for Windows 10 Version 21H2

Windows 11 Release version

  • KB5021255 -- 2022-12 Cumulative Update for Windows 11
Windows 11 version 22H2
  • KB5021255 -- 2022-12 Cumulative Update for Windows 11 version 22H2

Additional resources

Summary
Article Name
Microsoft Windows Security Updates December 2022 overview
Description
Microsoft released security and non-security updates for all client and server versions and editions of its Windows operating system on the December 2022 Patch Tuesday.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. NeonRobot said on December 13, 2022 at 8:38 pm
    Reply

    Windoze 7 updatezzz, sweeet!

  2. Paul(us) said on December 13, 2022 at 11:33 pm
    Reply

    I just updated to Windows 10 version 22H2 O.S. Build 19045.2364.

    I had for the first time with Windows 10 problems with correct and complete updating.
    More specifically with the new modules KB 5021089 and also with KB 5021233.
    The second time I tried to update the two the first time not updating they also updated.
    Soo all’s well that ends well!

  3. No more mRNA for me said on December 14, 2022 at 4:00 am
    Reply

    My and my wife PC’s I updated to windows 11 Pro N.
    Now for them that don’t know nor understand what the N is for. Google it. :P
    So now, I have windows 11 Pro N, installed, and with no BloadWare.
    Thank GOD!

    1. madozukai said on December 14, 2022 at 9:59 am
      Reply

      …and how do you want us to respond?
      OK, I”ll try… Wow, you’re Legend, Man!

      We apologize for wasting time and space for our useless posts.

    2. Debloatarsky said on December 14, 2022 at 12:18 pm
      Reply

      That’s hysterical. I have removed Windows Mediaplayer and Windows Hello from my Windows 11 Home, plus a million other things. I am bloat-free, YOU most certainly are not. But at least you’re very happy, but dumb.

  4. Anonymous said on December 14, 2022 at 7:23 am
    Reply

    More, “Remote Code Execution Vulnerability” listings.

    Gotta patch all of those backdoors when the hackers discover them, eh M$?

    1. Anonymous said on December 14, 2022 at 3:37 pm
      Reply

      The same post every month.
      Rent free.

  5. bloat my wares said on December 14, 2022 at 7:25 am
    Reply

    > So now, I have windows 11 Pro N, installed, and with no BloadWare.

    Impossible, Wintendo IS bloatware! I bet you never tried straight OpenBox on Linux. You’d be very very humbled and surprised.

    Or maybe you’re just picking up a M$ check, who knows.

  6. bismilla said on December 15, 2022 at 10:29 am
    Reply

    KB5021233 fails to install on my 21H2. Never had trouble with montly updates before.
    Anyone else facing the same problem?

    1. dc said on December 15, 2022 at 10:46 pm
      Reply

      KB5021233 didn’t fail to install but took forever to initialise and start installing.

  7. Mothy said on December 16, 2022 at 9:36 pm
    Reply

    No issues to report on two Windows 8.1 Pro systems.

    After taking a Macrium image of the system, installed the Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB5021294) and Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 for x64 (KB5021093).

    The End of Support (EOS) notification tasks (Microsoft implemented in the July updates) continue to remain disabled.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.