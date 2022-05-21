



Microsoft will issue an update to fix the authentication issue caused by the May patch

Microsoft announced on Thursday that the authentication issue associated with the May monthly renewal was resolved with the newly released update.

This concept is included in the May 19th public “Message Center” announcement update, as reflected in this May 20th Twitter post by Aria Carley, Senior Program Manager on the Windows Update Platform Team. The authentication issue affected a Windows Server instance that was used as a domain controller after applying Microsoft’s May patch immediately after the “Tuesday Update” release on May 10.

Fixing authentication issues is not automatic. Instead, Microsoft addressed this issue by publishing so-called “out-of-band” (unscheduled) updates that can be manually downloaded from the Microsoft Update Catalog.

According to the updated Message Center announcement, these fixes are “not available from Windows Update and will not be installed automatically”, so IT professionals will have to manually search the Microsoft Update Catalog to get these fixes. I have. IT professionals can import hotfixes from the catalog into tools such as Windows Server Update Services and Microsoft Endpoint Configuration Manager.

A list of Knowledge Base (KB) article numbers for each Windows Server product that may be affected is included in the updated Message Center announcement. IT professionals can use these KB numbers for manual out-of-band patch searches.

The authentication issue seems to have affected the organization where the initial patched Windows Server installation was used as the domain controller. Microsoft’s first MessageCenter announcement also listed the affected Windows client operating systems, but the concept was removed in Microsoft’s May 19th MessageCenter revision.

Microsoft’s statement to that effect is as follows:

This issue has been resolved with an out-of-band update released on May 19, 2022 for installation on your environment’s domain controller. No action needs to be taken on the client side to resolve this authentication issue. If you have used workarounds or mitigations for this issue, they are no longer needed and it is recommended that you remove them.

Microsoft initially advised affected organizations to apply workarounds. This included manually mapping the certificate to a machine account in Active Directory. Microsoft currently says no instructions are given, but these workarounds need to be removed.

About the author

Kurt Mackie is a Senior News Producer of the Converge360 Group at 1105 Media.

