MC319237 – Protections included in the January 11, 2022 Windows update might block NTLM authentication

SharePoint Logo

check before: 2022-02-12

Product:

SharePoint, Windows

Platform:

World tenant, Windows Desktop

Status:

Change type:

Admin impact

Links:

Details:

CVE-2022-21920, involving a Windows Kerberos elevation of privilege vulnerability, is addressed in the January 11, 2022 Windows updates and later Windows updates. Note that installing this update and later Windows updates might cause authentication to fail for 3-part SPNs where Kerberos authentication is not successful. In environments where this is the case, Microsoft recommends that admins triage to determine why Kerberos authentication for the 3-part SPN failed.


When will this happen:
The January 11, 2022 Windows updates is an important monthly security update and has already been released. It is available for broad deployment to all supported Windows versions.

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:

Created:
2022-02-11

updated:
2022-08-27

the free basic plan is required to see all details. Sign up here


A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.


changes*

DatePropertyoldnew
2022-09-15MC prepareIn environments where Kerberos authentication for 3-part SPNs stops working following the installation of the January 11, 2022 updates, Microsoft recommends that admins triage to determine why Kerberos authentication for the 3-part SPN failed. For guidance, including common reasons for 3-part SPN Kerberos authentication failure, refer to the links and documentation in the Additional information section, below.


Additional information:
KB5011233: Protections in CVE-2022-21920 may block NTLM authentication if Kerberos authentication is not successful
CVE-2022-21920: Windows Kerberos Elevation of Privilege Vulnerability
ps://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-219
ps://support.microsoft.com/help/5011233
In environments where Kerberos authentication for 3-part SPNs stops working following the installation of the January 11, 2022 updates, Microsoft recommends that admins triage to determine why Kerberos authentication for the 3-part SPN failed. For guidance, including common reasons for 3-part SPN Kerberos authentication failure, refer to the links and documentation in the Additional information section, below.


Additional information:
KB5011233: Protections in CVE-2022-21920 may block NTLM authentication if Kerberos authentication is not successful
CVE-2022-21920: Windows Kerberos Elevation of Privilege Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21920
https://support.microsoft.com/help/5011233
2022-08-27MC prepareIn environments where Kerberos authentication for 3-part SPNs stops working following the installation of the January 11, 2022 updates, Microsoft recommends that admins triage to determine why Kerberos authentication for the 3-part SPN failed. For guidance, including common reasons for 3-part SPN Kerberos authentication failure, refer to the links and documentation in the Additional information section, below.


Additional information:
KB5011233: Protections in CVE-2022-21920 may block NTLM authentication if Kerberos authentication is not successful
CVE-2022-21920: Windows Kerberos Elevation of Privilege Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21920
https://support.microsoft.com/help/5011233
In environments where Kerberos authentication for 3-part SPNs stops working following the installation of the January 11, 2022 updates, Microsoft recommends that admins triage to determine why Kerberos authentication for the 3-part SPN failed. For guidance, including common reasons for 3-part SPN Kerberos authentication failure, refer to the links and documentation in the Additional information section, below.


Additional information:
KB5011233: Protections in CVE-2022-21920 may block NTLM authentication if Kerberos authentication is not successful
CVE-2022-21920: Windows Kerberos Elevation of Privilege Vulnerability
ps://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-219
ps://support.microsoft.com/help/5011233

*starting April 2022

Last updated 4 months ago

Share to MS Teams

Login to your account

Welcome Back, We Missed You!