1 min read

Microsoft May Patch Tuesday Causes AD Authentication Failures

Vlad CONSTANTINESCU
Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Microsoft May Patch Tuesday Causes AD Authentication Failures

Microsoft is investigating an issue causing authentication errors for certain Windows services following its rollout of updates in this month's Patch Tuesday.

After the latest updates, Windows system administrators reported various policy failures. Afflicted systems prompted sysadmins with the message: "Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing account, or the password was incorrect."

The situation affects both client and server Windows platforms, as well as systems running various versions of Windows, including Windows Server 2022 and Windows 11, the latest releases.

Microsoft says the issue only affects servers used as domain controllers that received the Patch Tuesday monthly updates. Installing the patches on client Windows devices and Windows servers not used as domain controllers shouldn't lead to authentication failures, it said.

"After installing updates released May 10, 2022 on your domain controllers, you might see authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP)," a status update document reads.

According to Microsoft, security updates addressing two elevations of privilege Windows Kerberos and Active Directory Domain Services vulnerabilities triggered the authentication failures.

The May updates change the Kerberos Distribution Center to Compatibility mode by automatically setting the StrongCertificateBindingEnforcement registry key. This, in turn, allows all authentication attempts if the certificate is not older than the user.

As BleepingComputer reported, Windows admins are already identifying workarounds, and the most popular one seems to be locating the StrongCertificateBindingEnforcement registry key and setting it to 0 (zero). Microsoft strongly recommends against this and suggests system administrators map certificates manually to a machine account in Active Directory until an official patch is available.

Microsoft's May Patch Tuesday fixes 74 security flaws, including a high-severity, actively exploited vulnerability that could "let unauthenticated attackers coerce the domain controller to authenticate to the attacker using NTLM."

tags


Author



Right now

Top posts

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read
Why and how to hide your IP address while traveling

Why and how to hide your IP address while traveling

April 13, 2022

2 min read
How Bitdefender Can Help Restore Your Privacy in the Digital Age

How Bitdefender Can Help Restore Your Privacy in the Digital Age

April 04, 2022

3 min read
How Strong is VPN Encryption?

How Strong is VPN Encryption?

February 28, 2022

3 min read
Top Three Ways Internet Users Unknowingly Help Cybercriminals

Top Three Ways Internet Users Unknowingly Help Cybercriminals

February 25, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Baby formula shortages in US fuel social media scams, BBB warns Baby formula shortages in US fuel social media scams, BBB warns
Alina BÎZGĂ

May 18, 2022

2 min read
Conti Ransomware Gang Threatens to Overthrow the New Government of Costa Rica Conti Ransomware Gang Threatens to Overthrow the New Government of Costa Rica
Vlad CONSTANTINESCU
1 min read
US Charges Venezuelan Cardiologist with Using, Selling Ransomware US Charges Venezuelan Cardiologist with Using, Selling Ransomware
Vlad CONSTANTINESCU
1 min read