Microsoft Releases Emergency Updates to Patch Kerberos Authentication Issues
Microsoft has released emergency out-of-band updates to address a recently discovered flaw that led to Kerberos authentication issues. The fault triggered authentication problems on enterprise domain controllers after installing November’s Patch Tuesday cumulative updates.
"After installing updates released on November 8, 2022 or later on Windows Servers with the Domain Controller role, you might have issues with Kerberos authentication," reads Microsoft’s security update.
The company said the issue could affect any Kerberos authentication in users’ environments and released a list of possible scenarios, including:
- Connection failures for Remote Desktop connections using domain users
- Failing to carry out printing jobs that require domain user authentication
- Inability to access file shares on servers and shared folders on workstations
- Domain user authentication failures, which could also affect Active Directory Federation Services (AD FS)
- Failure to authenticate Group Managed Service Accounts (gMSA) used for services such as Internet Information Services (IIS Web Server)
Microsoft released out-of-band emergency updates yesterday to fix the authentication issues, mentioning that the patches must be installed on all Domain Controllers in affected environments. The updates included cumulative and standalone updates:
While Windows Server 2008 R2 SP1 didn’t receive an update, a patch is expected to arrive in the coming week.
“You do not need to install any update or make any changes to other servers or client devices in your environment to resolve this issue,” the company explains. “If you used any workaround or mitigations for this issue, they are no longer needed, and we recommend you remove them.”
Microsoft’s latest monthly security update addressed 68 vulnerabilities, including 11 critical severity issues, 55 important ones, and six actively exploited zero-day issues. It also marked the beginning of Microsoft enforcing security hardening for Netlogon and Kerberos.
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns
January 19, 2023
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps
November 29, 2022
How to monitor your online privacy during your Thanksgiving trip
November 22, 2022
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info
November 16, 2022
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be
November 14, 2022