Security News > 2021 > November > New Microsoft emergency updates fix Windows Server auth issues
Microsoft has released out-of-band updates to address authentication failures related to Kerberos delegation scenarios impacting Domain Controllers running supported versions of Windows Server.
These issues affect systems running Windows Server 2019 and lower versions, including Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2. The emergency updates address "a known issue that might cause authentication failures related to Kerberos tickets you acquired from Service for User to Self," a Microsoft announcement explained on Sunday.
"This issue occurs after you install the November 9, 2021 security updates on domain controllers that are running Windows Server."
You will not be able to install these emergency updates through Windows Update, and they will also not install automatically on affected DCs. To download the standalone update package, you will have to search for them in the Microsoft Update Catalog.
You can import this update into Windows Server Update Services manually using the instructions available in the Microsoft Update Catalog.
Event Viewer might show Microsoft-Windows-Kerberos-Key-Distribution-Center event 18 logged in the System event log.
News URL
Related news
- Microsoft fixes auth issues on Windows Server, Windows 11 24H2 (source)
- Microsoft: Windows Server 2025 restarts break connectivity on some DCs (source)
- Microsoft fixes Windows Server 2025 blue screen, install issues (source)
- Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025 (source)
- Microsoft: Windows Server hotpatching to require subscription (source)
- Microsoft: April updates cause Windows Server auth issues (source)
- New Windows 11 trick lets you bypass Microsoft Account requirement (source)
- Microsoft adds hotpatching support to Windows 11 Enterprise (source)
- Microsoft starts testing Windows 11 taskbar icon scaling (source)
- Windows 11 Forces Microsoft Account Sign In & Removes Bypass Trick Option (source)