Photo by regularguy.eth / Unsplash

Out of the band updates for November 2022 updates

Nov 18, 2022

Microsoft has released optional out-of-band (OOB) updates to fix known issues with Kerberos sign-in failures and other authentication problems on domain controllers. These problem arise after installing November 2022 Cumulative Updates.

To the remind, the November updates (KB5021131) were here to fix CVE-2022-37966. With them, a lot of companies were impacted with Kerberos issues.

The (non exhaustive) impacted Kerberos authentication scenarios are:

In addition, you may get event ID 14 in System logs (Microsoft-Windows-Kerberos-Key-Distribution-Center).

The Out of bands updates are release the 18th November 2022 and are available only on the Microsoft Update Catalog. As these updates only fix the problem with November updates, they won’t be available via Windows Update.

These updates are only for domain controllers, nothing to do on workstations/servers domain members.

Microsoft also released standalone updates which can be imported into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager:

Tags

Bastien Perez

Freelance Microsoft 365 - Active Directory - Modern Workplace