Microsoft has released out-of-band Windows updates in order to patch issues in Kerberos authentication on Domain Controllers. The updates need to be installed manually via Microsoft Update Catalog.
Domain controller RSS
Microsoft has released multiple OOB updates which fix an issue that was introduced with the latest May Patch Tuesday. The bug was leading to auth failures on domain controlled servers and clients.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is no longer recommending the installation of May Patch Tuesday updates on Domain Controllers because of authentication issues.
Microsoft has updated its guidance for securing Domain Controllers (DCs). Previously, the company told customers not to allow internet access on DCs in any scenario. This is not the case anymore.
Out-of-band updates for several Windows versions including Windows 11, have been released which are meant to fix problems related to VPN connections, Domain Controllers, Hyper-V, and more.
Although software updates are supposed to fix problems, it appears that the latest Patch Tuesday release is causing major headaches for Windows Server admins due to DC boot loops and Hyper-V issues.
Microsoft has issued an advisory about an Active Directory privilege escalation attack. The vulnerabilities have already been patched but unpatched domain controllers are more at risk now than ever.
Microsoft has confirmed that its recent July security update has broken printing and scanning on systems when using smart card authentication. The problem is related to certain changes it made.