Security News > 2021 > November > New Microsoft emergency updates fix Windows Server auth issues

Microsoft has released out-of-band updates to address authentication failures related to Kerberos delegation scenarios impacting Domain Controllers running supported versions of Windows Server.
These issues affect systems running Windows Server 2019 and lower versions, including Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2. The emergency updates address "a known issue that might cause authentication failures related to Kerberos tickets you acquired from Service for User to Self," a Microsoft announcement explained on Sunday.
"This issue occurs after you install the November 9, 2021 security updates on domain controllers that are running Windows Server."
You will not be able to install these emergency updates through Windows Update, and they will also not install automatically on affected DCs. To download the standalone update package, you will have to search for them in the Microsoft Update Catalog.
You can import this update into Windows Server Update Services manually using the instructions available in the Microsoft Update Catalog.
Event Viewer might show Microsoft-Windows-Kerberos-Key-Distribution-Center event 18 logged in the System event log.
News URL
Related news
- Microsoft fixes auth issues on Windows Server, Windows 11 24H2 (source)
- Microsoft: Windows Server 2025 restarts break connectivity on some DCs (source)
- Microsoft fixes Windows Server 2025 blue screen, install issues (source)
- Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025 (source)
- Microsoft: Windows Server hotpatching to require subscription (source)
- Microsoft: April updates cause Windows Server auth issues (source)
- Windows 11 Forces Microsoft Account Sign In & Removes Bypass Trick Option (source)
- Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)