Please visit MSRC page to check whether fixes are available. You can check with either full/partial name of vulnerability or the CVE number emitted by checker. The link I provided goes to the third one.
Btw, the easiest way is to enable Windows Update and let them install patches for you. If you have concern on whether the update may crash your server, you should install it on staging server (the server that you do testing of new deployments, ought to be the same spec. as the production server) first to see if it works. You can control the rollout of specific patches to servers with WSUS.