Microsoft: April updates cause Windows Server auth issues

Microsoft: April updates cause Windows Server auth issues

Microsoft has identified that the April 2025 security updates cause authentication problems on certain Windows Server 2025 domain controllers, affecting protocols like Kerberos and certificate-based logons. These issues primarily impact enterprise environments, with home users unlikely to be affected. (Affected: Windows Server 2025 domain controllers and related enterprise systems)

Keypoints :

  • April 2025 security updates (KB5055523) may cause authentication failures on Windows Server 2016, 2019, 2022, and 2025 domain controllers.
  • The issues involve problems processing Kerberos logons and delegation using certificate-based credentials in Active Directory.
  • Impacts include Windows Hello for Business Key Trust environments and Device Public Key Authentication—affecting various authentication-dependent applications.
  • The problems are linked to CVE-2025-26647, a high-severity vulnerability that allows privilege escalation via Kerberos exploitation.
  • Microsoft recommends a registry workaround by setting AllowNtAuthPolicyBypass from “2” to “1” to mitigate the issue.
  • Previously, Microsoft released out-of-band updates in November 2022 to fix Kerberos-related authentication failures on domain controllers.
  • The company advises enterprise administrators to monitor for updates and apply workarounds to maintain authentication security and stability.

Read More: https://www.bleepingcomputer.com/news/microsoft/microsoft-april-updates-cause-windows-server-auth-issues/