The Redmond giant continues to work for our safety. Now they have released Updates for versions of Windows 10 that are out of support. The goal of solving a security vulnerability in authentication Kerberos. This could allow a hacker to bypass authentication.
Microsoft had released the fix for Windows 10 1809 a few days ago, and today’s update releases the same fix for Windows 10 20H2, 2004, 1909, 1903 y 1607.
A patch fixes Kerberos security problems
This update fixes authentication issues Kerberos. Related to registry subkey value PerformTicketSignature in CVE-2020-17049. This was part of the Windows 10 November 2020 Update. The following issues may occur in read / write drivers (DCs):
- Kerberos service tickets and tickets (TGTs) might not be renewed for Kerberos non-Windows clients. When PerformTicketSignature is set to 1 (default).
- Service-to-User (S4U) scenarios such as scheduled tasks, clustering, and services for line-of-business applications. These can fail for all clients when PerformTicketSignature is set to 0.
- S4UProxy fails during ticket referral. In cross-domain scenarios if domain controllers in intermediate domains are updated inconsistently and PerformTicketSignature is set to 1.
Currently, the fix is only available in the update catalog, with the following links:
We are happy to see how Microsoft cares about offering good support. Security updates are key regardless of the version of the operating system.