IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Microsoft issues emergency fixes for wide-reaching Kerberos issues

The tech giant released updates for domain controllers after swathes of IT teams reported authentication issues within their organisations

Microsoft has released emergency out-of-band (OOB) updates to fix Kerberos authentication issues that were affecting a large proportion of enterprise users.

The tech giant released the updates on 17 and 18 November for all domain controllers (DCs) in affected environments. Microsoft aimed to fix an issue which could cause sign-in failures in Kerberos, Microsoft's longstanding default authentication protocol.

System administrators' complaints began last week when many reported various processes breaking within their organisation. Faults in Kerberos can lead to issues relating to user sign-ins, Internet Information Services (IIS Web Server), remote desktop connections, and accessing shared folders, among others.

“You do not need to install any update or make any changes to other servers or client devices in your environment to resolve this issue,” said Microsoft. “If you used any workaround or mitigations for this issue, they are no longer needed, and we recommend you remove them.”

Users can access the updates by searching for the Microsoft knowledge base (KB) number in the Microsoft Update Catalog. Alternatively, the updates can be imported manually into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager for those organisations that use the tools to manage their IT estate.

There are cumulative updates available:

  • Windows Server 2022: KB5021656
  • Windows Server 2019: KB5021655
  • Windows Server 2016: KB5021654

Users don’t need to apply any previous updates before installing these ones. Microsoft said that users don’t have to uninstall the affected updates before installing any later updates either.

There are also standalone updates available:

  • Windows Server 2012 R2: KB5021653
  • Windows Server 2012: KB5021652
  • Windows Server 2008 R2 SP1: KB5021651 (released November 18, 2022)
  • Windows Server 2008 SP2: KB5021657

Users that are deploying security-only updates for these Windows Server versions only have to install the standalone updates for November 2022. They will also need to install previous security updates to be fully up-to-date since these aren’t cumulative. 

What were the issues affecting Kerberos?

Microsoft was forced to introduce an emergency update to fix a number of updates it implemented on 8 November.

The tech giant said that users could encounter a number of issues with Kerberos authentication. This could affect domain user sign-in, group managed service accounts (gMSA), and remote desktop connections.

Related Resource

How organisations drive employee empowerment and business results with leading digital technology

What you can achieve with a leading approach to digital work

Whitepaper cover with black header banner and turquoise shaded graphicFree Download

Additionally, users might have been unable to access shared folders on workstations and file shares on servers, as well as printing that needed domain user authentication.

When encountering the issue, Microsoft said that admins might receive a Microsoft-Windows-Kerberos-Key-Distribution-Center Event ID 14 error event in the event log system section on a DC, displaying the text: 'While processing an AS request for target service {service}, the account {account name} did not have a suitable key for generating a Kerberos ticket (the missing key has an ID of 1). The requested etypes : 18 3. The accounts available etypes : 23 18 17. Changing or resetting the password of {account name} will generate a proper key'.

The tech giant said that the issue isn’t part of a security hardening for Netlogon and Kerberos which began with the November security update. Devices used at home by consumers, or those that aren’t linked to an on-premise domain, won’t be affected by the problem.

Featured Resources

Accelerating healthcare transformation through patient-centred medtech solutions

Seize the digital transformation opportunities to streamline patient care and optimise patient outcomes

Free Download

Big payoffs from big bets in AI-powered automation

Automation disruptors realise 1.5 x higher revenue growth

Free Download

Hyperscaler cloud service providers top ten

Why it's important for companies to consider hyperscaler cloud service providers, and why they matter

Free Download

Strategic app modernisation drives digital transformation

Address business needs both now and in the future

Free Download

Recommended

Google unearths Internet Explorer zero day exploited by North Korean hackers
zero-day exploit

Google unearths Internet Explorer zero day exploited by North Korean hackers

8 Dec 2022
Unpatched Exchange servers could be behind Rackspace's ransomware attack
zero-day exploit

Unpatched Exchange servers could be behind Rackspace's ransomware attack

7 Dec 2022
Windows users now able to run Linux apps and distros natively
Microsoft Windows

Windows users now able to run Linux apps and distros natively

24 Nov 2022
Microsoft targets optimised supply chain investments with new platform launch
Business operations

Microsoft targets optimised supply chain investments with new platform launch

16 Nov 2022

Most Popular

Empowering employees to truly work anywhere
Sponsored

Empowering employees to truly work anywhere

22 Nov 2022
Defra's legacy software problem 'threatens' UK gov cyber security until 2030
Business strategy

Defra's legacy software problem 'threatens' UK gov cyber security until 2030

6 Dec 2022
US seizes millions in stolen COVID relief funds by China-backed hackers
Policy & legislation

US seizes millions in stolen COVID relief funds by China-backed hackers

6 Dec 2022