[ad_1]
The Redmond giant continues to work for our safety. Now they have released Updates for Windows 10 versions out of support. The goal is to address a security vulnerability in authentication Kerberos. This could allow a hacker to bypass authentication.
Microsoft had released the fix for Windows 10 1809 a few days ago and today’s update releases the same solution for Windows 10 20H2, 2004, 1909, 1903 and 1607.
A patch fixes Kerberos security issues
This update resolves authentication issues Kerberos. Related to the registry subkey value PerformTicketSignature in CVE-2020-17049. This was part of the Windows 10 November 2020 Update. The following issues may occur in the Read / Write (DC) drivers:
- Kerberos service tickets and tickets (TGTs) may not be renewed for non-Windows Kerberos clients. When PerformTicketSignature is set to 1 (default).
- Service user scenarios (S4U) such as scheduled tasks, clustering, and services for line of business applications These can fail for all clients when PerformTicketSignature is set to 0.
- S4UProxy fails during ticket referral. In cross-domain scenarios if domain controllers in intermediate domains update inconsistently and PerformTicketSignature is set to 1.
Currently, the fix is only available in the update catalog, with the following links:
We are happy to see how Microsoft cares about offering good support. Security updates are critical regardless of the version of the operating system.
Source link
