Microsoft has been alerting customers about the May 2022 patch update that is causing authentication errors and failures. The patch update has been linked to Windows Active Directory Domain Services, and Microsoft released an update advising that it was investigating the issue. The authentication problems are seen with Windows devices that are used as domain controllers, who also received Microsoft’s May 10-released updates.
Microsoft stated that it wanted the affected organizations to “Manually map certificates to a machine account in Active Directory”, according to the instructions posted by Microsoft in a certificate mapping document. The issue is affecting all supporting windows server products, including Windows Server 2008. The error displays as “Authentication failed due to a user credentials mismatch. Either the username provided does not map to an existing account or the password was incorrect.”. Uninstalling KB5014001 and KB5014011 resolves this, but most businesses obviously would rather get them patched.
Authentication Failure Caused By Security Update
Microsoft explained the details related to the authentication problem were caused by the security update addressing the privilege escalation vulnerabilities in Windows Kerbose and its Active Directory Domain Service. The vulnerabilities are tracked as CVE-2022-26931 in Windows Kerberos with a high severity CVSS rating of 7.5 and CVE-2022-26923. The authentication difficulties should not affect client Windows devices or non-domain controller servers, according to Microsoft. An attacker can exploit the vulnerability if left unpatched, and escalate the privilege to that of the domain admin.
Contact us if you require assistance with Microsoft patch updates.
Author: Mahdi Kobeissi, Cyber Security Consultant