Microsoft’s latest updates breaking a vital business security tool

Scott Marlette

2 years ago

Microsoft’s latest cumulative updates that were released earlier this week for Windows 11 broke a vital business security feature. The fix has not yet been published, but Microsoft expects to have one ready in the coming weeks.

As reported by BleepingComputer (opens in new tab), the Redmond software giant recently acknowledged certain issues with the Kerberos authentication protocol after November’s Patch Tuesday.

“After installing updates released on November 8, 2022, or later on Windows Servers with the Domain Controller role, you might have issues with Kerberos authentication,” Microsoft said.

“When this issue is encountered you might receive a Microsoft-Windows-Kerberos-Key-Distribution-Center Event ID 14 error event in the System section of Event Log on your Domain Controller with the below text,” the company explained.

BleepingComputer readers reported that the update breaks Kerberos, the default authentication protocol for domain-connected Windows endpoints, days previously.

One explained that the protocol breaks “in situations where you have set the ‘This account supports Kerberos AES 256 bit encryption’, or ‘This account supports Kerberos AES 128 encryption’ Account Options set (i.e., msDS-SupportedEncryptionTypes attribute) on user accounts in AD.”

According to the report, some of the Kerberos authentication scenarios include domain user sign-in failing and affecting Active Directory Federation Services authentication in the process, Remote Desktop connections using domain users failing to connect, and several others.

The affected platforms include most Windows versions since Windows 7 (Windows 7 SP1, Windows 8.1, Windows 10 Enterprise LTSC 2019, Windows 10 Enterprise LTSC 2016, Windows 10 Enterprise 2015 LTSB, Windows 10 20H2, Windows 11 21H2), and some Server version (Windows Server 2008 SP2, Windows Server 2022)-.

Home customers and users not enrolled in an on-premises domain are not affected by this bug, it was added. Furthermore, the flaw doesn’t impact non-hybrid Azure Active Directory environments, as well as those without an on-prem Active Directory server.

For all the latest Technology News Click Here

For the latest news and updates, follow us on Google News.

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@technewsboy.com. The content will be deleted within 24 hours.

Failing to sign in