Neowin News Feed for: Kerberos

Windows Kerberos hardening may cause authentication issues for some PCs next month

Usama Jawad — Fri, 27 Mar 2026 22:24:01 +0000

Microsoft has warned about a Windows authentication change next month, and if admins don't act in time, logins in some environments could suddenly start failing. Read more...

Microsoft is making Windows more secure, here is how IT admins need to prepare

Usama Jawad — Fri, 30 Jan 2026 15:26:01 +0000

Microsoft is disabling a legacy component in Windows, calling it a "major evolution in Windows authentication", but IT admins need to make sure that it doesn't break their infrastructure. Read more...

Microsoft issues security advisory for IT admins managing Windows Domain Controllers

Usama Jawad — Mon, 19 Jan 2026 18:42:01 +0000

Microsoft is kicking off yet another hardening process for Domain Controllers (DCs) to patch a Kerberos vulnerability. Read more...

Microsoft quietly makes a requirement mandatory for Windows 11 25H2 24H2 installations

Sayan Sen — Sun, 02 Nov 2025 23:14:01 +0000

Microsoft released Windows 11 25H2 at the end of last month, and with the new feature update, the company has made a requirement mandatory for OS installations. Read more...

Microsoft is ending support for a registry key in Windows DCs next month

Usama Jawad — Fri, 29 Aug 2025 07:34:01 +0000

Microsoft is ending support for a registry key that served as a workaround for certificate-based authentication in Windows Domain Controllers. Read more...

Microsoft details how KB5055523/KB5055526 & KB5057784 break Kerberos Windows Hello DC logons

Sayan Sen — Wed, 07 May 2025 04:46:01 +0000

Microsoft has explained in detail what broke Windows Server Kerberos authentication issues following Patch Tuesday updates and how to work around the bug. Read more...

Microsoft: Windows 11 KB5055523 fixes Kerberos bug that won't let passwords change

Sayan Sen — Wed, 09 Apr 2025 06:24:02 +0000

Microsoft has fixed a Windows 11 24H2 and Server 2025 bug where passwords were failing to change, leading to authentication failures. Read more...

Microsoft wants you on AES as Windows 11 24H2, Server 2025 ditches ancient DES encryption

Sayan Sen — Sat, 01 Mar 2025 06:06:01 +0000

Microsoft is killing DES encryption on Windows 11 24H2 and Windows Server 2025 very soon and is recommending users to move to AES. Read more...

KB5036534: Microsoft shares latest Windows 10/11 DC hardening update for 2025

Sayan Sen — Sat, 18 Jan 2025 14:22:01 +0000

Microsoft has rolled out the latest security hardening phases for the year 2025 with new timeline updates. Read more...

Microsoft confirms NTLM is dead beyond Windows 11 24H2 and Server 2025

Sayan Sen — Tue, 04 Jun 2024 08:42:02 +0000

Microsoft said last year that it wants to improve authentication security by eventually killing off NTLM sometime in the future. Today, the company has announced the deprecation of the feature. Read more...

Microsoft fixed Windows CVE-2024-26248, CVE-2024-29056 Kerberos PAC validation flaw

Sayan Sen — Sun, 14 Apr 2024 14:36:02 +0000

Microsoft released patches for a couple of Kerberos authentication vulnerabilities tracked under CVE-2024-26248 and CVE-2024-29056. Details about its enforcement timeline have been shared. Read more...

Updated DC hardening timeline for Secure Boot, DCOM, Kerberos, Netlogon shared by Microsoft

Sayan Sen — Mon, 25 Mar 2024 08:18:01 +0000

Microsoft shared an updated DC hardening timeline where it has added new guidance and key dates about the deployment phase. This hardening meant to improve the security of the concerned servers. Read more...

Microsoft: KB5035857 woes causing Windows Server DC reboots due to LSASS memory leak

Sayan Sen — Thu, 21 Mar 2024 08:04:01 +0000

Microsoft has confirmed that a buggy Patch Tuesday implementation is causing an LSASS memory leak, leading to reboots of Windows Server DCs when trying to undergo Kerberos authentication. Read more...

Microsoft's "Windows 11 24H2" mention could throw a wrench at the 'Windows 12' rumor mill

Sayan Sen — Fri, 01 Dec 2023 16:38:01 +0000

Microsoft has mentioned Windows 11 "24H2" for the first time, which calls into question some of the leaks, rumors, and reports about 'Windows 12' and its possible 2024 launch date. Read more...

Microsoft wants to eventually disable NTLM authentication in Windows 11

John Callaham — Wed, 11 Oct 2023 20:38:04 +0000

Microsoft has announced it is taking steps to eventually disable NTLM (NT LAN Manager) for authentication features in Windows 11 and add new features to Kerberos to take its place. Read more...

Microsoft reminds about Windows DC Kerberos Netlogon full enforcement which is coming up

Sayan Sen — Tue, 12 Sep 2023 07:18:01 +0000

Microsoft has been enforcing hardening across Kerberos and Netlogon protocols, to protect against security vulnerabilities it discovered in 2021. Reminder for the upcoming Full Enforcement is out. Read more...

Microsoft rolls out third-phase DC hardening for Kerberos and Netlogon security flaw

Sayan Sen — Wed, 14 Jun 2023 07:40:02 +0000

Microsoft has been enforcing hardening across Kerberos and Netlogon protocols, to protect against security vulnerabilities it discovered in 2021. The third phase is being rolled out. Read more...

Microsoft shares DCOM, Kerberos, Netlogon, Azure hardening timeline till 2024

Sayan Sen — Sat, 29 Apr 2023 06:20:02 +0000

Microsoft is enforcing hardening across Kerberos and more protocols, to protect against security vulnerabilities it discovered in 2021. Today, it has shared a roadmap outlining the changes. Read more...

Microsoft Weekly: Windows bugs, GPT integrations, and taking screenshots

Usama Jawad — Sat, 15 Apr 2023 20:38:01 +0000

This week has been quite busy when it comes to Microsoft news. We have a lot to unpack including Windows bugs and their respective fixes, new GPT integrations, and upcoming Windows features. Read more...

Microsoft updates third-phase Windows DC hardening roadmap for Kerberos security flaw

Sayan Sen — Fri, 14 Apr 2023 05:00:02 +0000

Microsoft has issued an update today about the third phase security hardening changes deployment for Windows Server Kerberos protocol. These changes are meant to patch a major security flaw. Read more...

Microsoft Weekly: Windows 12 rumors, Windows 11 secrets, and Windows 7 support

Usama Jawad — Sat, 01 Apr 2023 16:20:01 +0000

The latest edition of Microsoft Weekly packs news items related to "Windows 12" leaks, some hidden capabilities in Windows 11, and a bunch of app updates, with a sprinkle of Windows 7 news. Read more...

Microsoft reminds of third-phase Windows DC hardening regarding Kerberos security flaw

Sayan Sen — Tue, 28 Mar 2023 07:30:02 +0000

Microsoft has issued a reminder today about the third phase security hardening changes deployment for Windows Server Kerberos protocol. These changes are meant to patch a major security flaw. Read more...

Microsoft Weekly: Windows bugs, Taskbar improvements, and games in Teams

Usama Jawad — Sat, 19 Nov 2022 19:08:01 +0000

In this edition of Microsoft Weekly we have a lot to unpack, including lots of Windows bugs and their associated fixes, changes to Windows 11 in the latest Dev Channel build, and games in Teams (!). Read more...

Microsoft releases OOB Windows update to fix Domain Controller Kerberos authentication issue

Usama Jawad — Fri, 18 Nov 2022 01:46:01 +0000

Microsoft has released out-of-band Windows updates in order to patch issues in Kerberos authentication on Domain Controllers. The updates need to be installed manually via Microsoft Update Catalog. Read more...

Microsoft is making significant improvements to SMB authentication in Windows 11

Usama Jawad — Thu, 22 Sep 2022 10:12:01 +0000

Microsoft has enabled a preview feature by default in the latest Windows 11 Dev Channel build 25206. It is related to improving the security of SMB NTLM authentication and reducing attack surfaces. Read more...

Microsoft downplays Azure AD design flaw enabling single-factor brute-force attacks [Update]

Usama Jawad — Thu, 30 Sep 2021 11:10:02 +0000

A security team has issued an advisory about an apparent design flaw which allows single-factor brute-force attack on Azure Active Directory. However, Microsoft says that this is by design. Read more...