MC465515 – May 2023 enforcement coming for servers running Active Directory Certificate Services and Windows domain controllers

Admin impact, Prevent Or Fix Issue, Windows

check before: 2023-05-09

Product:

Office 365 general

Platform:

Web, World tenant

Status:

Change type:

Admin impact

Links:

Details:

Starting in May 10, 2022, Windows security updates have addressed CVE-2022-34691, CVE-2022-26931, and CVE-2022-26923 following a timeline that includes a Compatibility mode, Full Enforcement mode and a Disable mode. By May 9, 2023, all servers that run Active Directory Certificate Services and Windows domain controllers will be updated to Full Enforcement mode. These CVEs address an elevation of privilege vulnerability that can occur when the Kerberos Distribution Center (KDC) is servicing a certificate-based authentication request.

Before the May 10, 2022, security update, certificate-based authentication would not account for a dollar sign ($) at the end of a machine name. This allowed related certificates to be emulated (spoofed) in various ways. See KB5014754 for detailed information.

When will this happen:
We will update all devices to Full Enforcement mode by May 9, 2023.

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:

Created:
2022-11-10

updated:
2022-11-10

the free basic plan is required to see all details. Sign up here

A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.

Get a Plan

Last updated 1 month ago

MC559749 - The May 2023 Windows non-security preview update… 24. May 2023 Administration check before: 2023-06-06 Product: Windows Platform: Windows Desktop, World tenant Status: Change type: Admin impact Links: Details: The May 2023 non-security preview update is now available. These optional non-security previews are released for Windows 10,…
MC560589 - The May 2023 Windows non-security preview update… 25. May 2023 Administration check before: 2023-06-07 Product: OneDrive, Windows Platform: Windows Desktop, World tenant Status: Change type: Admin impact Links: Details: The May 2023 non-security preview update is now available for Windows 11, version 22H2. Information about the…
MC539788 - Reminder: Windows 10, version 20H2 (Editions:… 11. April 2023 Administration check before: 2023-04-25 Product: Windows Platform: Education, Windows Desktop, World tenant Status: Change type: Admin impact Links: Details: On May 9, 2023, Enterprise, Education, and IoT Enterprise editions of Windows 10, version 20H2 will reach…
MC552654 - Windows 10, version 20H2 has reached end of… 10. May 2023 Administration check before: 2023-05-23 Product: Windows Platform: Education, Windows Desktop, World tenant Status: Change type: Admin impact Links: Details: Starting today, May 9, 2023, all editions of Windows 10, version 20H2 have reached end of servicing.…
MC553217 - Notice: The Scan Cab for the May 2023 Windows… 11. May 2023 Administration check before: 2023-05-24 Product: Windows Platform: World tenant, Online, Windows Desktop Status: Change type: Admin impact Links: Details: NOTE: This notice only affects environments where Scan Cab is used to check for update compliance. The…
MC556568 - Join Windows office hours on May 18, 2023, at… 18. May 2023 Administration check before: 2023-05-18 Product: FastTrack, Intune, Windows 365 Platform: Windows Desktop, World tenant Status: Change type: Admin impact Links: Details: If you are an IT admin with questions about managing and updating Windows, we want…