Security News > 2022 > November > Microsoft's attempts to harden Kerberos authentication broke it on Windows Servers
Microsoft is rolling out fixes for problems with the Kerberos network authentication protocol on Windows Server after it was broken by November Patch Tuesday updates.
As we reported last week, updates released November 8 or later that were installed on Windows Server with the Domain Controller duties of managing network and identity security requests disrupted Kerberos authentication capabilities, ranging from failures in domain user sign-ins and Group Managed Service Accounts authentication to remote desktop connections not connecting.
The vendor on November 8 issued two updates for hardening the security of Kerberos - as well as Netlogon, another authentication tool - in the wake of two vulnerabilities tracked as CVE-2022-37967 and CVE-2022-37966.
Those updates led to the authentication issues that were addressed by the latest fixes.
For the standalone package of the OOB updates, users can search for the KB number in the Microsoft Update Catalog and manually import the fixes into Windows Server Update Services and Endpoint Configuration Manager.
Microsoft has released cumulative updates to be installed on Domain Controllers: Windows Server 2022, Windows Server 2019, and Windows Server 2016.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/11/21/microsoft_kerberos_fix_windows/
Related news
- Microsoft fixes Remote Desktop issues caused by Windows Server update (source)
- Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server (source)
- Microsoft confirms Windows Server 2025 blue screen, install issues (source)
- Microsoft blames Windows Server 2025 automatic upgrades on 3rd-party tools (source)
- Microsoft fixes bugs causing Windows Server 2025 blue screens, install issues (source)
- Microsoft: Windows Recall now can be removed, is more secure (source)
- Recall the Recall recall? Microsoft thinks it can make that Windows feature palatable (source)
- Week in review: Windows Server 2025 gets hotpatching option, PoC for SolarWinds WHD flaw released (source)
- Microsoft fixes Windows KB5043145 reboot loops, USB and Bluetooth issues (source)
- What Is Inside Microsoft’s Major Windows 11 Update? (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-09 | CVE-2022-37967 | Windows Kerberos Elevation of Privilege Vulnerability | 7.2 |
| 2022-11-09 | CVE-2022-37966 | Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability | 8.1 |