Security News > 2022 > May > Microsoft’s May Patch Tuesday Updates Cause Windows AD Authentication Errors

Microsoft is alerting customers that its May Patch Tuesday update is causing authentications errors and failures tied to Windows Active Directory Domain Services.

"After installing updates released May 10, 2022 on your domain controllers, you might see authentication failures on the server or client for services such as Network Policy Server, Routing and Remote access Service, Radius, Extensible Authentication Protocol, and Protected Extensible Authentication Protocol," Microsoft reported.

Microsoft added a note that the update will not affect the client's Windows devices and non-domain controller windows servers, and will only cause issues for the server acting as a domain controller.

"Installation of updates released May 10, 2022, on client Windows devices and non-domain controller Windows Servers will not cause this issue. This issue only affects installation of May 10, 2022, updates installed on servers used as domain controllers." Microsoft explains.

Microsoft releases another document, explaining further details related to the authentication problem caused by the security update addressing the privilege escalation vulnerabilities in Windows Kerbose and its Active Directory Domain Service.

According to Microsoft, the May 2022 update is allowing all authentication attempts unless the certificate is older than the user, this is because the updates automatically set the StrongCertificateBindingEnforcement registry key, "Which changes the enforcement mode of the KDC to Disabled Mode, Compatibility Mode, or Full Enforcement Mode" Microsoft explains.

News URL

https://threatpost.com/microsofts-may-patch-tuesday-updates-cause-windows-ad-authentication-errors/179631/