Windows Update breaks authentication for some server administrators • Registry

Microsoft warns that the security update may cause authentication to fail for Windows domain controllers.

After you install the May 10, 2022 updates on your domain controllers, you may see server or client authentication failures for services such as Network Policy Server (NPS), Routing and Remote Access Service (RRAS), Radius, and Extensible Authentication Protocol ( EAP), and Protected Extensible Authentication Protocol (PEAP),” Goliath IT said at Advisor Posted Wednesday.

The consultant indicates Windows Update KB5013943 (Released Tuesday, May 10, 2022), which followed KB5012643 (Released April 25, 2022) Addresses why the screen flickers when starting in safe mode.

The KB5012643 April update was withdrawn from circulation on Wednesday, May 11, without explanation.

The latest update for Windows, KB5013943, leaves unresolved issues plaguing some .NET Framework 3.5 applications fail to open And some applications using Direct3D 9 with some GPUs crashing (Solutions are suggested for both cases.)

According to Microsoft, authentication difficulties should not affect client machines running Windows or servers that are not controlled by a domain.

Internet users post in /r/sysadmin on reddit pointed Authentication failures occur after applying two fixes from Microsoft. Identified by the vulnerability identifier CVE-2022-26931 And CVE-2022-26923The patch was intended to resolve two of the “high risk” privilege escalation vulnerabilities described in KB5014754.

Variety of bandages / patches

Administrators reported Hyper-V and Domain Controller issues after the first Tuesday of the 2022 patch

DEJA VU

“The long and short is that attackers in certain privileged locations can issue certificates that impersonate the so-called core principles,” explained Steve Seifohs, chief software engineer in the Cryptography, Identity and Authentication team at Microsoft. Share on Twitter Tuesday. “It’s not an intermittent situation because most environments already have mitigations that make this type of attack difficult.”

See also  Garmin launches a smartwatch for women

Syfuhs later acknowledged that Microsoft is investigating reports of authentication problems.

“FYI we are aware of the NPS case,” he said She said Wednesday. “It’s not about NPS specifically but rather how to distinguish between the different types of names in testimonials. Only a subset of people are affected by this.”

In its advisory, Microsoft provided the following workaround: “The preferred mitigation for this problem is Manually set certificates to a machine account in Active Directory. “

If the preferred mitigation does not work, the IT giant suggests consulting KB5014754 for alternative strategies. At least one person posts in /r/sysadmin Reports Solve authentication problems by setting a file CertificateMappingMethods value of the channel registry key on the domain controller to the previous default setting, 0x1F. But others who claim to have tried say their problems persist.

Microsoft’s guidance says, “We are currently investigating and will provide an update in an upcoming release.” ®

By Elvira Soto

"Hardcore troublemaker. Internet advocate. Creator. Subtly charming entrepreneur. Alcohol fanatic."

Leave a Reply

Your email address will not be published.