Geeks for your information
Windows Server out-of-band update addressing authentication issues released - Printable Version

+- Geeks for your information (https://www.geeks.fyi)
+-- Forum: News (https://www.geeks.fyi/forumdisplay.php?fid=105)
+--- Forum: Microsoft Windows News (https://www.geeks.fyi/forumdisplay.php?fid=32)
+--- Thread: Windows Server out-of-band update addressing authentication issues released (/showthread.php?tid=17334)



Windows Server out-of-band update addressing authentication issues released - harlan4096 - 20 May 22

Quote:Microsoft released updates for various Windows Server versions that address issues that were experienced after installation of the May 2022 security updates.

[Image: windows-server-authentication-fix-update.png]

The updates address the authentication issues and the Microsoft Store app installation issues. The released updates are not distributed via Windows Update, but only available as manual downloads from the Microsoft Update Catalog website.

Authentication issues

The first issue was experienced after installing the May 2022 updates on domain controllers. Some administrators noted a rise in authentication failures on the server or client for services, including Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP).

Microsoft discovered that the issue affected how domain controllers handled the mapping of certificates to machine accounts. The company published a workaround for the issue shortly after confirming it on its Docs website. Administrators should map certificates manually to machine accounts in Active Directory to resolve the issue. While other mitigations were published, all "might lower or disable security hardening" and were therefore not recommended.

Microsoft Store apps installation failures

On some devices, installation of Microsoft Store applications might fail with the error code 0xC002001B after installation of the May 2022 updates. Some installed applications might fail to open as well.

The issue happened on devices with Control-flow Enforcement Technology processors according to Microsoft.
Additional details are available on Microsoft's Docs website.

Out-of-band-updates are available

Microsoft has released out-of-band updates for affected Windows Server versions. Cumulative updates are available for the Windows Server versions 2016, 2019, 2022 and 20H2: These can be installed directly as they are cumulative in nature and include previous updates that may not have been released yet.

The Windows Server versions 2008 R2 SP1, 2008 SP2, 2012 and 2012 R2 may be updated using standalone updates instead: Microsoft notes that installation of the standalone updates differs depending on whether monthly-rollup updates or security-only updates are installed on machines.

On machines with security-only updates, the standalone updates can be installed directly. On monthly-rollup updates, it is required to install the standalone update and the monthly-rollup update released on May 10, 2022.

A restart may be required to complete the update installation.

Now You: did you install the May 2022 updates already?
...
Continue Reading