Microsoft acknowledges Kerberos authentication issues caused by November updates
The torrent of problematic updates for Windows shows no signs of drying up. Since Patch Tuesday this month, Microsoft has already confirmed a Direct Access connectivity issue in various versions of Windows (which it sort of fixed by rolling back the update), now the company has issued a warning that this month's updates are also causing problems with Kerberos authentication.
Despite the fact the issue can lead to sign-in problems, failed Remote Desktop connections and printing not working, Microsoft is yet to offer either a fix or a workaround. Virtually every version of Windows is affected.
Microsoft warns that October 2022 security updates can cause problems joining domains in Windows 11 and older
Microsoft is warning users of every from Windows 11 down to Windows 7 that this month's security updates -- in particular the KB5018427 update -- could lead to issues joining a domain. The company says that those affected by the problem will see 0xaac (2732) errors.
Despite flagging the matter in the known issues section of Windows release health, Microsoft says that the behavior is intentional. There is, sadly, no proper fix right now, just some advice and workarounds -- but this should change soon.
Microsoft brings WSL 2 distro support to Windows Server 2022
In a move that will please -- and surprise -- many, Microsoft has added WSL 2 distro support to Windows Server.
The new Windows Subsystem for Linux functionality is not available by default, as it requires the installation of a special update. This will be officially released on Patch Tuesday, but it is also available as a preview right now for anyone who does not want to wait.
Microsoft warns that KB5013943 update is causing authentication failures in Windows 11, Windows Server and more
Following the release of this month's Patch Tuesday updates, Microsoft has issued a warning that installing the KB5013943 update can lead to authentication issues for various Windows services.
The update was released on May 10, and was meant to -- among other things -- fix an issue with screen flicker in Safe Mode. But in addition to causing error messages for some users, the KB5013943 update has also led to authentication failures Windows domain controllers.
Microsoft confirms recent Windows updates cause problems establishing Netlogon secure channel connections
Microsoft has issued a warning to users of various versions of Windows Server that a recent update is causing problems with Netlogon connections.
Affecting Windows Server 2022, 2019, 2012 R2, 2012, 2008 R2 SP1 and 2008 SP2, the problem means that some applications and appliances on domain controllers may be unable to establish a Netlogon secure channel. Microsoft is blaming not only the KB5009555 update, but "updates released January 11, 2022" for the problem.
Microsoft re-releases KB5009624, KB5009557 and KB5009555 updates
The first Patch Tuesday of 2022 ended up being rather more dramatic that many would have expected -- and not for the right reasons. The company released the KB5009566 update which, along with another update, was later found to cause problems with VPN connections. But it was issue with Window Server updates that concerns system administrators.
No fewer than three updates were found to be problematic for different versions of Windows Server, ultimately leading to Microsoft halting the rollout of KB5009624, KB5009557 and KB5009555. And while the Hyper-V issues introduced by the patches are still to be fixed, Microsoft has nonetheless recommenced the rollout of the update, saying that it is investigating the problems.
Microsoft urges Windows users to patch critical HTTP vulnerability
Microsoft has fixed a critical vulnerability which affects several versions of its operating system including Windows 11 and Windows Server 2022.
The security bug is an HTTP vulnerability which is tracked as CVE-2022-21907 and Microsoft warns it is wormable. The company has issued a fix for the flaw and says that users should prioritize installing it to secure their systems.
Microsoft releases emergency KB5010196 and KB5010215 updates to fix serious remote desktop problems in Windows Server
Microsoft has issued an out-of-band update for Windows Server to address a problem with Remote Desktop that can prevent connections to a server.
There are two different updates available at the moment -- KB5010196 for Windows Server 2019, and KB5010215 for Windows Server 2012 R2 -- and Microsoft says that updates will be released for other affected platforms "in the coming days". As these are emergency, out-of-band updates, they are not currently available from Windows Update, and must instead be installed manually.
KB5007205 update for Windows is breaking Microsoft Defender for Endpoint
Microsoft has revealed that a recent update for Windows has been causing problems that could have left systems unprotected and open to attack.
After installing the KB5007205 update, some system administrators have found that Microsoft Defender for Endpoint fails. This makes something of a change from the printer problems that so many updates for Windows have caused in recent times, but there is currently no fix available.
Microsoft releases out-of-band updates to fix Windows Server authentication problems
Microsoft has released a slew of emergency updates for various editions of Windows Server following the discovery of an authentication issue caused by this month's Patch Tuesday updates.
The updates (KB5008601, KB5008602, KB5008603, KB5008604, KB5008605 and KB5008606) are available for Windows Server 2008 SP2 up to Windows Server 2019. Although these are emergency, out-of-band updates, system administrators will still need to manually download and install them on affected domain controllers as Microsoft is not making them available via Windows Update.
Windows Defender bug creating thousands of files on Windows 10 systems
If you’ve found your system running unexpectedly short of storage space over the past couple of days, then Windows Defender could be to blame.
Some users report that the bug has led to hundreds of thousands and even millions of files being generated by the security software, taking up gigabytes of storage space.
Microsoft is now blocking some third-party drivers in Windows 8.1, 10 and Server
If you start to see the error message "Windows can't verify the publisher of this driver software" in Windows 10, it is because of a change Microsoft is making to driver validation.
The change has been introduced with the latest cumulative update for Windows 10 as Microsoft starts to block some third-party drivers from being installed. It also means that when you try to view driver signature properties you may see the error message "No signature was present in the subject".
Microsoft issues warning about actively exploited Zerologon vulnerability in Windows
It is just days since the CISA (Cybersecurity and Infrastructure Security Agency) issued an emergency warning about a critical Windows vulnerability. Now Microsoft has issued a warning that the vulnerability is being actively exploited and the company is "actively tracking threat actor activity".
The Netlogon EoP vulnerability (CVE-2020-1472) is concerning not just because of its severity, but because of the fact that it can be exploited in a matter of seconds. The security issue affects Windows Server 2008 and above, and enables an attacker to gain admin control of a domain.
CISA issues emergency warning over critical Windows vulnerability
Cybersecurity and Infrastructure Security Agency (CISA) has taken the extraordinary steps of issuing an emergency alert about a critical vulnerability in Windows.
CISA issued the warning to government departments, saying it "has determined that this vulnerability poses an unacceptable risk to the Federal Civilian Executive Branch and requires an immediate and emergency action". With Emergency Directive 20-04, the CISA requires agencies to install the August 2020 Security Update to mitigate against a vulnerability in Microsoft Windows Netlogon Remote Protocol.
SIGRed: Microsoft releases patch for critical, wormable vulnerability in Windows DNS Server
As part of this month's Patch Tuesday, Microsoft has issued a fix for a 17-year-old Windows DNS Server vulnerability. Known as SIGRed and tracked as CVE-2020-1350, the flaw is a serious one that has been assigned a CVSS base score of 10.0.
The vulnerability affects all version of Windows Server and is a wormable remote code execution flaw that requires no user interaction. In addition to issuing a critical patch, Microsoft has also provided details of a workaround for anyone who is unable to deploy the fix immediately
© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.