Security News > 2024 > May > Microsoft: April Windows Server updates cause NTLM auth failures

Microsoft: April Windows Server updates cause NTLM auth failures
2024-05-01 15:17

Microsoft has confirmed customer reports of NTLM authentication failures and high load after installing last month's Windows Server security updates.

According to a new entry added to the Windows health dashboard on Tuesday, this known issue will only affect Windows domain controllers in organizations with a lot of NTLM traffic and few primary DCs. The list of impacted Windows versions and buggy security updates includes Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, and Windows Server 2008.

While a workaround is unavailable until Microsoft provides a fix, Windows administrators can uninstall the security updates to address the NTLM authentication issues temporarily.

Two months ago, Microsoft released emergency out-of-band updates to fix an issue causing Windows domain controller crashes due to memory leaks caused by the March 2024 Windows Server security updates.

Redmond resolved more Windows Server crash issues in December 2022 after the November 2022 security updates introduced another leak and in March 2022 when Windows admins reported widespread domain controller reboots.

On Tuesday, Microsoft also revealed that the April 2024 Windows security updates are breaking VPN connections on Windows 11, Windows 10, and Windows Server systems.

News URL