After Phase 1 in November last year and Phase 2 in December last year, Microsoft announced that during the Patch Tuesday event on April 11, this update will also release Phase 3 to fix the vulnerability. Patches make computers more secure.
Kerberos authentication is a computer network security protocol used to authenticate the service of two or more trusted hosts on an untrusted network such as the Internet ask.
The Kerberos authentication problem encountered by Win10 and Win11 devices this time occurred after installing the cumulative update released on the Patch Tuesday event day in November this year, resulting in domain user login failure and domain user remote desktop connection failure. And printing may require domain user authentication.
The translated official description is as follows:
During the Patch Tuesday event day on April 11, 2023, we will release the third phase patch for Kerberos to fix CVEs in IT environments -2022-37967 Issues caused by the vulnerability.
Each stage will increase the default minimum value of CVE-2022-37967 security hardening changes, and continuously increase it to reduce the impact of this vulnerability on the environment.
After the release of the April 11 update, the previous method of setting the KrbtgtFullPacSignature subkey to 0 to disable adding PAC signatures no longer works. The new update mandates that the KrbtgtFullPacSignature subkey be set to a value of 1.
The above is the detailed content of Microsoft is about to release the third phase of fix patches to solve the Kerberos vulnerability issue in Win10/Win11!. For more information, please follow other related articles on the PHP Chinese website!