Microsoft Releases Out-Of-Band Patches to Fix Windows AD Authentication Issues
Microsoft released new out-of-band (OOB) updates yesterday to address Active Directory (AD) authentication problems caused by the May 2022 Patch Tuesday updates. These emergency patches also include a fix for the bug that previously prevented the installation of apps from the Microsoft Store.
The May 2022 security updates that shipped earlier this month included fixes for privilege escalation flaws in Windows Kerbose and the Active Directory Domain Service. At the same time, this release also caused AD authentication failures on Windows devices used as domain controllers.
Microsoft confirmed last week that the Windows AD authentication issue was caused by a certificate mapping bug and provided a workaround to fix it. CISA has recently warned IT Admins against installing this month’s Patch Tuesday updates on domain controllers.
The latest round of Patch Tuesday updates also introduced a bug that prevents users from installing or opening Microsoft Store apps on some Windows PCs. Microsoft noted that this problem only impacts devices with Control-flow Enforcement Technology (CET) processors, including select AMD CPUs and Intel Core processors or later.
Download out-of-band-updates to fix Patch Tuesday Windows AD Authentication errors
Microsoft noted that these out-of-band updates are available to download on Microsoft’s update catalog. Moreover, these patches can also be manually loaded into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager.
| OS | Article | Microsoft Update Catalog |
| Windows Server 2022 | KB5015013 | Download |
| Windows Server 20H2 | KB5015020 | Download |
| Windows Server 2019 | KB5015018 | Download |
| Windows Server 2016 | KB5015019 | Download |
| OS | Article | Microsoft Update Catalog |
| Windows Server 2012 R2 | KB5014986 | Download |
| Windows Server 2012 | KB5014991 | Download |
| Windows Server 2008 R2 SP1 | KB5014987 | Download |
| Windows Server 2008 SP2 | KB5014990 | Download |
“If you are using security only updates for these versions of Windows Server, you only need to install these updates for the month of May,” Microsoft said yesterday. “If you are using Monthly Rollup updates, you will need to install both the standalone update listed above, and the Monthly rollups released May 10, 2022.”
Have you encountered any problems with Windows AD authentication lately? Sound off in the comments section below if you managed to resolve the issue after installing the latest updates.
Rabia has a master's degree in Software Engineering and she has years of experience writing professionally about Microsoft products and other technologies. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on t...
