KB4022746, KB4022748, and KB4022914 updates released for Windows Server 2008 and Windows XP Embedded

Reading time icon 3 min. read


Readers help support Windows Report. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help Windows Report effortlessly and without spending any money. Read more

Microsoft rolled out improvements and fixes in security updates for the Windows Server 2008 and Windows XP.

KB4022746 – Security Update for Windows Server 2008 and Windows XP Embedded

This includes a security update for the Kerberos SNAME security feature bypass vulnerability in Windows Server 2008. You should know that there is a feature bypass vulnerability in Microsoft Windows when Kerberos fails to prevent tampering with the SNAME field running tickets exchange. A hacker who successfully exploited this vulnerability could use it to bypass Extended Protection for Authentication.

In you want to install a language pack after installing this update, you have to reinstall the update. It’s recommended to install any language packs that you need before installing this update.

You can get the update via Windows Update, or you can get the standalone package from the Microsoft Update Catalog.

KB4022748 – Security Update for Windows Server 2008

This includes the security update for the Windows kernel information disclosure vulnerability in Windows Server 2008.

There is an information vulnerability when the Windows kernel fails to initialize a memory address the proper way, and this can allow a hacker to retrieve data that could result in a Kernel Address Space Layout Randomization (KASKLR) bypass.

In you want to install a language pack after installing this update, you have to reinstall the update. It’s recommended to install any language packs that you need before installing this update.

You can get the update via Windows Update, or you can get the standalone package from the Microsoft Update Catalog.

KB4022914 – Security Update for Windows Server 2008

This includes a security update for the Windows kernel information disclosure vulnerability in Windows Server 2008.

There is an information disclosure vulnerability when the HTTP.sys server app component improperly handles objects in memory. A hacker who managed to exploit this vulnerability could use this flaw to obtain information that could compromise the HTTP.sys server app system.

In you want to install a language pack after installing this update, you have to reinstall the update. It’s recommended to install any language packs that you need before installing this update.

You can get the update via Windows Update, or you can get the standalone package from the Microsoft Update Catalog.

RELATED STORIES TO CHECK OUT:

More about the topics: microsoft