Microsoft has released an out-of-band patch to fix authentication failures on Windows after installing the May 10, 2022 security update on Windows Server domain controllers.
The new update should fix authentication failures that affected services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP).
“An issue has been found related to how the mapping of certificates to machine accounts is being handled by the domain controller,” Microsoft explained.
The US Cybersecurity and Infrastructure Security Agency (CISA) this week pulled Microsoft’s fix for the bug CVE-2022-26925 from its list of known exploited vulnerabilities that federal agencies must patch within a given timeframe.
The bug was a Local Security Authority (LSA) spoofing vulnerability. Details of the bug have been publicly disclosed and exploits exist for it.
An unauthenticated attacker could “call a method on the LSARPC interface and coerce the domain controller to authenticate to the attacker using NTLM. This security update detects anonymous connection attempts in LSARPC and disallows it,” Microsoft said.
The bug would have a