CISA Warns Windows Admins Against Applying May Patch Tuesday Updates on Domain Controllers
The US Cybersecurity and Infrastructure Security Agency (CISA) has temporarily removed the security flaw CVE-2022-26925 from its Known Exploited Vulnerability Catalog. It has warned that IT admins should not install the May 2021 Patch Tuesday updates on Windows Servers used as domain controllers due to the risk of authentication failures.
The security advisory comes amid recent reports of several policies and services failing after installing this month’s security updates on Windows domain controllers. Last week, Microsoft confirmed that these issues are caused by the security patches released to address two “high severity” privilege escalation vulnerabilities (CVE-2022-26931 and CVE-2022-26923) in Windows Kerberos and Active Directory Domain Services.
“After installing May 10, 2022 rollup update on domain controllers, organizations might experience authentication failures on the server or client for services, such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP),” CISA explained.
Microsoft has reported the authentication problems to CISA, which involve how the domain controller handles the mapping of certificates to computer accounts. The company noted that the update only triggers issues on Windows servers acting as a domain controller. However, Microsoft advises IT admins to install the May 2020 updates on non-domain controller Windows Servers and client Windows devices.
Microsoft suggests a workaround to fix Azure AD authentication bug on domain controllers
Microsoft is actively investigating the Azure AD authentication issues, and a permanent fix should be available soon. In its advisory, the firm recommends the Domain administrators to manually map the certificates to a machine account in Active Directory.
However, if the workaround doesn’t work, Microsoft suggests IT admins to check out this support document for alternate mitigation strategies to resolve the issues. Let us know in the comments down below if the workarounds helped you to resolve the Windows AD authentication errors in your organization.
More in Windows Server
Microsoft Releases Fix for Hyper-V VM Issues in Windows Server
Dec 21, 2022 | Rabia Noureen
Microsoft to Fix New Bug Breaking Hyper-V VMs in Windows Server
Dec 16, 2022 | Rabia Noureen
Microsoft Rolls Out Fix for LSASS Memory Leak Bug Affecting Windows Server
Dec 14, 2022 | Rabia Noureen
Action1 Review – Free Cloud-Native Patch Management for Windows
Dec 5, 2022 | Michael Reinders
Latest Patch Tuesday Updates Cause Freezes, Reboots on Domain Controllers
Nov 25, 2022 | Rabia Noureen
Microsoft Releases Fix for Kerberos Authentication Issues on Domain Controllers
Nov 18, 2022 | Rabia Noureen
Most popular on petri