• March 21, 2023

SVB Is A Story Of Digital Herds In Need Of A Shepherd

I never thought I would be a part of the fastest bank run in history. On a late Thursday evening earlier this month, I received a text message saying that Silicon …

Built Robotics Unveils Autonomous Pile Driving Robot, Expediting Solar Rollout

Built Robotics has introduced an autonomous pile driving robot that will help build utility-scale solar farms in a faster, safer, more cost-effective way, and make solar viable in even the most …

What Tools Can Help Your Finances In 2023

Digital financial tools have continued to grow in popularity, with users taking a particular interest in investing and financial planning. The greater proliferation of these services is allowing people more access …

Microsoft has finally, a whole week after I predicted that an emergency out-of-band Windows update would be with us before the month was out, pulled the fix trigger. The target being to correct the somewhat disastrous Patch Tuesday security updates that caused multiple authentication failures for many Windows business users. Anyone who this issue has impacted must apply the update as soon as possible: but there’s a catch, which I’ll get to in a moment.

May 2022 Patch Tuesday authentication failures

Those authentication failures were caused by installing the May 2022 Patch Tuesday updates on domain controllers. These included authentication failures on the server or client for services such as Network Policy Server and Extensible Authentication Protocol, to name but two. The issue, according to Microsoft, relates to “how the mapping of certificates to machine accounts is being handled by the domain controller.”


So, what’s the catch?

The out-of-band emergency updates are available for impacted users of Windows 10, Windows 11, and Windows Server 2008, 2012, 2016, 2019, and 2022. Microsoft has published details for all platforms.

So, what’s the catch, then? The updates are not available from Windows Update, so they will not install automatically. Instead, you will need to download manually from Microsoft’s update catalog. You’ll also need to search for the relevant knowledge base (KB) number to find them. Those numbers, and next step instructions, are referenced here.

If you paid attention to the Straight Talking Cyber team video at the top of this and the Patch Tuesday articles, you’ll appreciate why we said that consumers should always patch immediately, but for businesses, the order of the updates day has to come by way of risk profiling. The domain controller authentication failures being a perfect example.


Leave a Reply

Your email address will not be published.