Security
Headlines
HeadlinesLatestCVEs

Headline

Microsoft Rushes a Fix After May Patch Tuesday Breaks Authentication

Two of Microsoft’s Patch Tuesday updates need a do-over after causing certificate-based authentication errors.

DARKReading
#vulnerability#microsoft#auth

If you updated servers running Active Directory Certificate Services and Window domain controllers responsible for certificate-based authentication with Microsoft’s May 10 Patch Tuesday update, you may need a re-do.

The company said the original patch for CVE-2022-26931 and CVE-2022-26923 was intended to stop certificate spoofing via privilege escalation, but an unintended consequence of the fix was a rash of authentication errors. So, it rushed a new patch, available as of Thursday.

After installing the original Patch Tuesday updates, several Reddit users complained of certificate-authentication errors in r/sysadmin subreddit Patch Tuesday Megathread for May 10.

“My [Network Policy Server] NPS policies (with certificate auth) have been failing to work since the update, stating 'Authentication failed due to a user credentials mismatch,’” Reddit user RiceeeChrispies wrote. "Either the user name provided does not map to an existing account, or the password was incorrect.”

Microsoft added that once the update is installed, it won’t be necessary to renew client-authentication certificates.

“Renewal is not required,” Microsoft said in its statement acknowledging the authentication errors. “The CA will ship in Compatibility Mode. If you want a strong mapping using the ObjectSID extension, you will need a new certificate.”

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Related news

CVE-2022-36957: Published | Zero Day Initiative

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.

CVE-2022-38108: Published | Zero Day Initiative

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.

CISA wants you to patch these actively exploited vulnerabilities before September 8

Categories: Exploits and vulnerabilities Categories: News CISA updated its catalog of actively exploited vulnerabilities. Make sure you update your software before the due date! (Read more...) The post CISA wants you to patch these actively exploited vulnerabilities before September 8 appeared first on Malwarebytes Labs.

CISA Adds 7 New Actively Exploited Vulnerabilities to Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday moved to add a critical SAP security flaw to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. The issue in question is CVE-2022-22536, which has received the highest possible risk score of 10.0 on the CVSS vulnerability scoring system and was addressed by SAP as part of its Patch

Microsoft Patch Tuesday May 2022: Edge RCE, PetitPotam LSA Spoofing, bad patches

Hello everyone! This episode will be about Microsoft Patch Tuesday for May 2022. Sorry for the delay, this month has been quite intense. As usual, I’m using my Vulristics project and going through not only the vulnerabilities that were presented on May 10th, but all the MS vulnerabilities presented by Microsoft since the previous Patch […]

Microsoft Patch Tuesday: Fixes for 0-Day and 74 Other Flaws Released

By Waqas The latest edition of Patch Tuesday offers fixes for 7 critical flaws, including 5 RCE (remote code execution)… This is a post from HackRead.com Read the original post: Microsoft Patch Tuesday: Fixes for 0-Day and 74 Other Flaws Released

What to Patch Now: Actively Exploited Windows Zero-Day Threatens Domain Controllers

Microsoft's May 2022 Patch Tuesday contains several bugs in ubiquitous software that could affect millions of machines, researchers warn.

CVE-2022-26931

Windows Kerberos Elevation of Privilege Vulnerability.

CVE-2022-26923

Active Directory Domain Services Elevation of Privilege Vulnerability.

Microsoft Patch Tuesday for May 2022 — Snort rules and prominent vulnerabilities

By Jon Munshaw, with contributions from Jaeson Schultz.  Microsoft returned to its normal monthly patching volume in May, disclosing and fixing 74 vulnerabilities as part of the company’s latest security update. This month’s Patch Tuesday includes seven critical vulnerabilities after Microsoft... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Microsoft Patch Tuesday for May 2022 — Snort rules and prominent vulnerabilities

By Jon Munshaw, with contributions from Jaeson Schultz.  Microsoft returned to its normal monthly patching volume in May, disclosing and fixing 74 vulnerabilities as part of the company’s latest security update. This month’s Patch Tuesday includes seven critical vulnerabilities after Microsoft... [[ This is only the beginning! Please visit the blog for the complete entry ]]

DARKReading: Latest News

US Ban on TP-Link Routers More About Politics Than Exploitation Risk