• October 1, 2022

Warn Aging Parents About Post-Disaster Scammers

Devastating hurricanes, tornadoes, flooding, and fires, across many parts of the U.S. leave people vulnerable. Aging parents, often far away from family, are especially at risk. When disaster strikes, scammers see …

Tax Planning For Hurricane Victims

139 TAX PLANNING OPPORTUNITIES FOR EMPLOYERS Tax advisors are already working hard to determine how the IRS disaster relief announcements and Internal Revenue Code will impact disaster victims, and those who …

First Appearance By Bureau Of Prisons Director Falls Shorts On Facts

Every morning, Todd Ficeto calls his wife to ask one question, “Has it posted yet?” Ficeto is a federal prisoner at the satellite camp FCI Edgefield (South Carolina). His current release …

Microsoft has finally, a whole week after I predicted that an emergency out-of-band Windows update would be with us before the month was out, pulled the fix trigger. The target being to correct the somewhat disastrous Patch Tuesday security updates that caused multiple authentication failures for many Windows business users. Anyone who this issue has impacted must apply the update as soon as possible: but there’s a catch, which I’ll get to in a moment.

May 2022 Patch Tuesday authentication failures

Those authentication failures were caused by installing the May 2022 Patch Tuesday updates on domain controllers. These included authentication failures on the server or client for services such as Network Policy Server and Extensible Authentication Protocol, to name but two. The issue, according to Microsoft, relates to “how the mapping of certificates to machine accounts is being handled by the domain controller.”


So, what’s the catch?

The out-of-band emergency updates are available for impacted users of Windows 10, Windows 11, and Windows Server 2008, 2012, 2016, 2019, and 2022. Microsoft has published details for all platforms.

So, what’s the catch, then? The updates are not available from Windows Update, so they will not install automatically. Instead, you will need to download manually from Microsoft’s update catalog. You’ll also need to search for the relevant knowledge base (KB) number to find them. Those numbers, and next step instructions, are referenced here.

If you paid attention to the Straight Talking Cyber team video at the top of this and the Patch Tuesday articles, you’ll appreciate why we said that consumers should always patch immediately, but for businesses, the order of the updates day has to come by way of risk profiling. The domain controller authentication failures being a perfect example.


Leave a Reply

Your email address will not be published.