1 min read

Microsoft Releases Emergency Updates to Patch Kerberos Authentication Issues

Vlad CONSTANTINESCU

November 18, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Microsoft Releases Emergency Updates to Patch Kerberos Authentication Issues

Microsoft has released emergency out-of-band updates to address a recently discovered flaw that led to Kerberos authentication issues. The fault triggered authentication problems on enterprise domain controllers after installing November’s Patch Tuesday cumulative updates.

"After installing updates released on November 8, 2022 or later on Windows Servers with the Domain Controller role, you might have issues with Kerberos authentication," reads Microsoft’s security update.

The company said the issue could affect any Kerberos authentication in users’ environments and released a list of possible scenarios, including:

  • Connection failures for Remote Desktop connections using domain users
  • Failing to carry out printing jobs that require domain user authentication
  • Inability to access file shares on servers and shared folders on workstations
  • Domain user authentication failures, which could also affect Active Directory Federation Services (AD FS)
  • Failure to authenticate Group Managed Service Accounts (gMSA) used for services such as Internet Information Services (IIS Web Server)

Microsoft released out-of-band emergency updates yesterday to fix the authentication issues, mentioning that the patches must be installed on all Domain Controllers in affected environments. The updates included cumulative and standalone updates:

Cumulative updates:

Standalone updates:

While Windows Server 2008 R2 SP1 didn’t receive an update, a patch is expected to arrive in the coming week.

“You do not need to install any update or make any changes to other servers or client devices in your environment to resolve this issue,” the company explains. “If you used any workaround or mitigations for this issue, they are no longer needed, and we recommend you remove them.”

Microsoft’s latest monthly security update addressed 68 vulnerabilities, including 11 critical severity issues, 55 important ones, and six actively exploited zero-day issues. It also marked the beginning of Microsoft enforcing security hardening for Netlogon and Kerberos.

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

BBB Warns Social Security Beneficiaries of Cost of Living Adjustment Scams BBB Warns Social Security Beneficiaries of Cost of Living Adjustment Scams
Alina BÎZGĂ

February 01, 2023

2 min read
Planet Ice hacked! 240,000 skating fans' details stolen Planet Ice hacked! 240,000 skating fans' details stolen
Graham CLULEY

January 31, 2023

2 min read
QNAP Rolls Out Urgent Patch to Fix SQL Injection Flaw in NAS Devices QNAP Rolls Out Urgent Patch to Fix SQL Injection Flaw in NAS Devices
Filip TRUȚĂ

January 31, 2023

1 min read