Microsoft’s newest cumulative updates that had been launched earlier this week for Home windows 11 broke a significant enterprise safety function. The repair has not but been revealed, however Microsoft expects to have one prepared within the coming weeks.
As reported by BleepingComputer (opens in new tab), the Redmond software program large just lately acknowledged sure points with the Kerberos authentication protocol after November’s Patch Tuesday.
“After putting in updates launched on November 8, 2022, or in a while Home windows Servers with the Area Controller function, you might need points with Kerberos authentication,” Microsoft mentioned.
Failing to check in
“When this subject is encountered you would possibly obtain a Microsoft-Home windows-Kerberos-Key-Distribution-Heart Occasion ID 14 error occasion within the System part of Occasion Log in your Area Controller with the beneath textual content,” the corporate defined.
BleepingComputer readers reported that the replace breaks Kerberos, the default authentication protocol for domain-connected Home windows endpoints, days beforehand.
One defined that the protocol breaks “in conditions the place you’ve gotten set the ‘This account helps Kerberos AES 256 bit encryption’, or ‘This account helps Kerberos AES 128 encryption’ Account Choices set (i.e., msDS-SupportedEncryptionTypes attribute) on person accounts in AD.”
Based on the report, a number of the Kerberos authentication situations embody area person sign-in failing and affecting Lively Listing Federation Providers authentication within the course of, Distant Desktop connections utilizing area customers failing to attach, and several other others.
The affected platforms embody most Home windows variations since Home windows 7 (Home windows 7 SP1, Home windows 8.1, Home windows 10 Enterprise LTSC 2019, Home windows 10 Enterprise LTSC 2016, Home windows 10 Enterprise 2015 LTSB, Home windows 10 20H2, Home windows 11 21H2), and a few Server model (Home windows Server 2008 SP2, Home windows Server 2022)-.
House prospects and customers not enrolled in an on-premises area will not be affected by this bug, it was added. Moreover, the flaw doesn’t affect non-hybrid Azure Lively Listing environments, in addition to these with out an on-prem Lively Listing server.