Articles about Kerberos

Several months after announcing its intention to do so, Microsoft has official deprecated the NTLM (NT LAN Manager) authentication protocol in Windows and Windows Server.

NTLM is now a very old protocol which has been superseded by the more secure and feature-rich Kerberos. It will still be possible to use NTLM until the next release of Windows and Windows Server, but Microsoft is keen for users to take action now.

Continue reading →

Not for the first time, Microsoft has released a patch-for-a-patch after a recent update was found to cause memory leaks in Windows Server.

The problems stemmed from the KB5035857 update -- the March 2024 security update -- for Windows Server, which Microsoft acknowledged as having known issues. Now the company has released the out-of-band KB5037422 update which affected users will have to manually seek out and install.

Continue reading →

Following complaints from large numbers of system administrators, Microsoft has finally acknowledged that there are problems with the recently released KB5035857 update for Windows Server.

The March 2024 security update was released 10 days ago, and it did not take long for users to start experiencing problems. Now Microsoft has confirmed that it is aware of an issue with Kerberos requests on domain controllers which may cause LSASS memory leaks. [UPDATE: there is now a fix available]

Continue reading →

The torrent of problematic updates for Windows shows no signs of drying up. Since Patch Tuesday this month, Microsoft has already confirmed a Direct Access connectivity issue in various versions of Windows (which it sort of fixed by rolling back the update), now the company has issued a warning that this month's updates are also causing problems with Kerberos authentication.

Despite the fact the issue can lead to sign-in problems, failed Remote Desktop connections and printing not working, Microsoft is yet to offer either a fix or a workaround. Virtually every version of Windows is affected.

Continue reading →