Microsoft Patch Updates Might Spur Authentication Problems

  • By Patrick Ryan
  • May 17, 2022

If your computer is experiencing authentication errors or problems with its Windows operating system, there is a chance it is the result of a Microsoft patch. The company’s weekly Tuesday patch has the potential to cause AD authentication issues in Windows computers. The software giant is notifying customers that the May patch update also leads to failures with the domain services in the Windows Active Directory. 

What is Microsoft’s Response to the Patch Problem?

Microsoft provided an update on the matter this past Friday. The tech company indicated it was investigating the issue yet refused to provide additional details. The company’s notification comes on the heels of reports that some of its services were not working as they should after installing the latest security update. Some Microsoft Windows computer users are complaining about authentication failure notices resulting from user credentials not properly matching. The username fails to map to a current account, or the user is provided with a notification that their password is not correct.  

The company’s statement notes that the installation of the updates on domain controllers can cause authentication failures for a wide array of services and on the server. Everything from Protected Extensible Authentication Protocol to Radius, Routing, and Remote Access Service and the Network Policy Server are affected.

When Did the Patch Update Issue Begin?

Microsoft’s May patch update was released on May 10. We are one week into the patch update problem.  

What is Causing the Problem?

Microsoft’s response to the issue highlights a flaw with certificate mapping to machine accounts. In particular, how the mapping certificates are handled through the domain controller is the issue. Domain controllers are used as servers that communicate responses to authentication requests. The active directory is a space for storing information about network objects. Microsoft also noted that only servers that serve the function of domain controllers are affected by the flawed patch update issued earlier this month.

What is the Authentication Failure Caused By?

Microsoft has admitted its security update is the cause of the authentication failure. The company admitted such in a separate document released last week. The security update pertaining to privilege escalation vulnerabilities triggered authentication issues. Those vulnerabilities are within the Active Directory Domain Service of the Kerbose component of Windows.  

One of the vulnerabilities labeled CVE-2022-26931 has a 7.5 CVSS rating. The second vulnerability, CVE-2022-26923, has an 8.8 CVSS rating, which is considered a high threat level.  

What are Domain Administrators to Do?

Microsoft has advised Domain administrators to perform the manual mapping of certificates to users in the Active Directory until the company provides official updates. The altSecurityIdentities attribute of the user object can be used for the manual mapping of certificates to users within the Active Directory. If it turns out that there are complaints of preferred mitigation not working in the environment, certificate-based changes in terms of authentication for the domain controllers will prove helpful in pinpointing issues with the registry key for the SChannel.  

The software giant’s spring update permits all attempts for authentication unless the user is as old as the certificate, thanks to automatic updates in another registry key. This update alters KDC enforcement to three specific modes: Full Enforcement, Compatibility, and Disabled.  

It is worth noting some of those who have established a successful user login after installing the patch disabled a specialized key labeled as StrongCertificateBindingEnforcement by putting its value to zero. Aside from this unique approach and ongoing guidance from Microsoft, it will also help to add digital security protections to your computers.

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “Alien ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Clients’ Bank Data Exposed in Blackbaud Ransomware Attack

Blackbaud software was victim to a ransomware attack last May, and new information suggests that c ... Read More

Latest Articles

Flagstar Bank Breach Impacts More Than a Million Customers

Flagstar Bank Breach Impacts More Than a Million Customers

Flagstar Bank is in the news for the wrong reason. The bank recently publicized the fact that it discovered a digital breach.

Weekly Recap June 24 2022

Weekly Recap June 24 2022

We are nearly halfway through 2022. News stories detailing hacks and other digital breaches continue to roll in on a daily basis.

Cybercrime Related to Travel Soars at the Year’s Halfway Point

Cybercrime Related to Travel Soars at the Year’s Halfway Point

There has been a significant spike in tourism following the gradual decline of the coronavirus pandemic.  The increase in travel has caught the attention of digital miscreants looking to scam tourists as well as travel services providers.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.