Buzz
Earlier this week, Microsoft released a cumulative update for Windows 10 1809 with a security patch. Now, the company has just rolled out similar updates for other supported versions of the operating system, including 20H2, 2004, 1909, 1903, and 1607. All of them address the same Kerberos issue.
The latest Windows 10 update addresses the following issue:
* Resolves an issue with the Kerberos authentication protocol related to the registry subkey value PerformTicketSignature in CVE-2020-17049, part of the Windows 10 November 2020 update. The following issues may occur on Read-Only Domain Controllers (RODCs):
- Kerberos Service tickets and Ticket Granting Server (TGT) tickets may not renew for non-Windows Kerberos clients when the PerformTicketSignature value is set to 1 (default).
- Service for User (S4U) scenarios such as scheduled tasks, clustering, and services for line-of-business applications may fail for all clients when the PerformTicketSignature value is set to 0.
- S4UProxy delegation fails when ticket referrals across domains in cross-domain scenarios if inconsistent updates to intermediate domain controllers and the PerformTicketSignature value is set to 1.
None of these updates are available through Windows Update in any way. That means if you want to download them, you'll need to get the updates from the Update Catalog HERE and install them manually.
You can find more information on how to update to the latest Windows 10 here to ensure you have the latest version.
- Learn more: How to update Windows 10
All updates address at least one known issue, so be sure to review specific Kerberos issue articles before installing them. If you don't install the updates, you'll have to wait for next month's Patch Tuesday update to address the issue.
In addition, Apple has also released iOS 14.2.1 to fix bugs for iPhone 12 mini. Check out the article here to learn more.
