Register now for better personalized quote!

Microsoft's out-of-band patch fixes Windows AD authentication failures

May, 20, 2022 Hi-network.com

Microsoft has released an out-of-band patch to fix authentication failures on Windows after installing the May 10, 2022 security update on Windows Server domain controllers. 

The new update should fix authentication failures that affected services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). 

More Microsoft

  • Is Windows 10 too popular for its own good?
  • The best Windows laptop models: Comparing Dell, Samsung, Lenovo, and more
  • Here's why Windows PCs are only going to get more annoying
  • How to downgrade from Windows 11 to Windows 10 (there's a catch)

"An issue has been found related to how the mapping of certificates to machine accounts is being handled by the domain controller," Microsoft explained. 

SEE:Microsoft warns: This botnet has new tricks to target Linux and Windows systems

The US Cybersecurity and Infrastructure Security Agency (CISA) this week pulled Microsoft's fix for the bug CVE-2022-26925 from its list of known exploited vulnerabilities that federal agencies must patch within a given timeframe.  

The bug was a Local Security Authority (LSA) spoofing vulnerability. Details of the bug have been publicly disclosed and exploits exist for it. 

An unauthenticated attacker could "call a method on the LSARPC interface and coerce the domain controller to authenticate to the attacker using NTLM. This security update detects anonymous connection attempts in LSARPC and disallows it," Microsoft said. 

The bug would have a severity score of 9.8 when it is chained with NTLM Relay Attacks on Active Directory Certificate Services (AD CS), Microsoft added.  

The authentication issue was only caused after installing the May 10 update on Windows Server domain controllers. 

Any previously applied workarounds are no longer needed, according to Microsoft.  

Microsoft's out-of-band patch also fixes a separate issue caused by the April KB5011831 or later updates that stopped some Microsoft Store apps from opening. 

The cumulative updates with the out-of-band fix are available for Windows Server 2022 (KB5015013), Windows Server, version 20H2 (KB5015020), Windows Server 2019 (KB5015018), and Windows Server 2016 (KB5015019). 

Microsoft has also released standalone updates for Windows Server 2012 R2 (KB5014986), Windows Server 2012 (KB5014991), Windows Server 2008 R2 SP1 (KB5014987), Windows Server 2008 SP2 (KB5014990). 

Admins can manually import the updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. 

Security

8 habits of highly secure remote workersHow to find and remove spyware from your phoneThe best VPN services: How do the top 5 compare?How to find out if you are involved in a data breach -- and what to do next
  • 8 habits of highly secure remote workers
  • How to find and remove spyware from your phone
  • The best VPN services: How do the top 5 compare?
  • How to find out if you are involved in a data breach -- and what to do next

tag-icon Hot Tags : Tech Security

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.