Microsoft is currently investigating a known issue that causes authentication failures for a number of Windows services following the deployment of its latest round of Patch Tuesday upgrades.
Some Windows updates may compromise your security
These administrators reported getting the following error notice after applying the updates: “Due to a discrepancy in user credentials, authentication failed. Either the provided user name does not correspond to an existing account or the password was entered incorrectly.”
Following concerns from Windows administrators that certain policies were failing after applying the company’s May 2022 Patch Tuesday upgrades, Microsoft began looking into the problem.
While this issue impacts client and server Windows platforms and systems including those running Windows 11 and Windows Server 2022, Microsoft says that it is only triggered after updates are installed on servers that are being used as domain controllers.
In a separate support document, Microsoft went into further detail regarding these service authentication problems by explaining that they are caused by security updates that address privilege escalation vulnerabilities in Windows Kerberos and its Active Directory Domain Services.
In a support document, the company explained that authentication failures may occur for a number of services including Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP).
The vulnerability in Microsoft’s Active Directory Domain Services (tracked as CVE-2022-26923) has a high severity CVSS score of 8.8 and if left unpatched, can be exploited by an attacker to elevate the privileges of an account to those of a domain admin. Meanwhile, the vulnerability in Windows Kerberos (tracked as CVE-2022-26931) also has a high severity CVSS score of 7.5.
Check the latest news about tech news section for best information.