Security News > 2022 > May > Microsoft patches the patch that broke Windows authentication
Microsoft has released an out-of-band patch to deal with an authentication issue that was introduced in the May 10 Windows update.
Multiple administrators complained last week that after installing the May 10 patch, they experienced authentication failures across several systems.
An entry then turned up in the lengthy list of known issues for the patch in which Microsoft warned that, after installing the May 10 patch on domain controllers, there might be issues with some services.
As with many updates, the May 10 patch was an important one, and included fixes for "High severity" elevation-of-privilege vulnerabilities that could occur when the Kerberos Distribution Center serviced a certificate-based authentication request.
Backing out of the update apparently resolved the problems but, as one user observed, "This is quite a critical patch but seems to break quite a key role!".
Administrators would be forgiven for feeling that patches to fix patches seem to be becoming a little too common over the years.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/05/20/microsoft_authentication_fix/
Related news
- Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955) (source)
- Microsoft fixes Windows Sysprep issue behind 0x80073cf2 errors (source)
- Recent Windows updates break Microsoft Connected Cache delivery (source)
- April 2024 Patch Tuesday forecast: New and old from Microsoft (source)
- Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Microsoft Fixes 149 Flaws in Huge April Patch Release, Zero-Days Included (source)
- Microsoft now testing app ads in Windows 11's Start menu (source)
- Microsoft lifts Windows 11 block on some Intel systems after 2 years (source)
- Microsoft: Copilot ‘app’ on Windows Server mistakenly added by Edge (source)