Quote:Microsoft has released out-of-band optional updates to fix a known issue that causes Kerberos authentication problems on enterprise domain controllers after installing security updates released earlier this month to address CVE-2020-17049.
CVE-2020-17049 is a remotely exploitable Kerberos Constrained Delegation (KCD) security feature bypass security bug that exists in the way KDC determines if service tickets can be used for delegation.
Kerberos replaced the NTLM protocol as the default authentication protocol for domain connected devices on all Windows versions above Windows 2000.
This OOB update comes after Microsoft started investigating the Kerberos authentication issue over the weekend, on November 14.
"As part of this issue, ticket renewal and other tasks, such as scheduled tasks and clustering, might fail," Microsoft says in a Windows Message Center update.
"This issue only affects Windows Servers, and Windows 10 devices and applications in enterprise environments."
Read more: https://www.bleepingcomputer.com/news/mi...ob-update/
![[-]](https://www.geeks.fyi/images/collapse.png)
