Microsoft has released emergency out-of-band (OOB) updates to address Active Directory (AD) authentication issues after installing Windows updates released during the May 2022 Patch Tuesday on domain controllers.
The company has been working on a fix for this known issue since May 12 that causes authentication errors for some Windows services.
“After installing updates released on May 10, 2022 on your domain controllers, you may see server or client authentication errors for services such as Network Policy Server (NPS), Routing and Remote Access Service (RRAS), Radius, Extensible Authentication Protocol (EAP) and Protected Extensible Authentication Protocol (PEAP),” explains Microsoft.
“An issue has been found in the way that the assignment of certificates to computer accounts is handled by the domain controller.”
The OOB Windows updates released today are only available through the Microsoft Update Catalog and are not offered through Windows Update.
The company has released the following cumulative updates for installation on domain controllers (no action required on the client side):
Microsoft has also released standalone updates:
These updates can be manually imported into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager.
You can find WSUS instructions on the WSUS and the instructions for the Catalog Site and Configuration Manager on the Import Updates of the Microsoft Update Catalog page.
“If you only use security updates for these versions of Windows Server, you only need to install these updates for the month of May,” added Microsoft.
“If you are using Monthly Rollups, you must install both the Standalone Update listed above and the Monthly Rollups that were released on May 10, 2022.”
Since this known issue was discovered, Cybersecurity and Infrastructure Security Agency (CISA) had to remove a Windows security flaw from its catalog of known exploited bugs (an actively exploited Windows LSA spoofing zero-day tracked as CVE-2022-26925) due to the auth issues caused by May 2022 updates when deployed to domain controllers.
In November 2021, Microsoft released another round of out-of-band updates to fix an issue that caused Windows Server authentication errors with Kerberos delegation scenarios affecting domain controllers.
#Microsoft #Emergency #Updates #Fix #Windows #Authentication #Issues
Comments
Post a Comment