Published: Jul 25, 2022
Last year, Microsoft released security updates to address Windows Server printing issues in some business printers and scanners that use a smart card for authentication purposes. Now, the company has rolled out new optional updates to disable the temporary fix on Windows Server 2019 machines.
In an updated support document, Microsoft warned that installation of these updates on Active Directory domain controllers (DCs) could potentially cause printing and scanning failures in enterprise environments. The problem specifically affects printers, scanners, and multifunctional devices (MFDs) that are not compliant with the authentication specification RFC 4556.
“There will be no further fallback option in later updates. All non-compliant devices must be identified using the audit events starting January 2022 and updated or replaced by the mitigation removal starting in late July 2022. After July 2022, devices which are not compliant with the RFC 4456 specification and CVE-2021-33764 will not be usable with an updated Windows device,” the company explained.
Additionally, Microsoft plans to remove these temporary mitigations on all supported versions of Windows Server with next month’s Patch Tuesday updates. These updates will be rolled out to Windows Server 2019, Windows Server 2016, Windows Server 2012, as well as Windows Server 2008.
The software giant is also reminding customers that Windows Server 20H2 and the Semi-Annual Channel (SAC) for the server product will reach end of support on August 9. This means that Windows Server 20H2 devices will no longer receive monthly security and quality updates.
Microsoft has advised IT admins to switch to the Long-Term Servicing Channel (LTSC) or Azure Stack HCI. Unlike the Semi-Annual Channel, LTSC gets new feature updates every two to three years and offers five years of extended support. It should be a better option for organizations that want to keep their Windows Server devices stable.