Emergency Windows 10 update plugs a serious security hole

By Joel Khalili
published

Windows 10 update closes off vulnerability that could allow hackers to bypass authentication

security
(Image credit: Shutterstock / binarydesign)

Microsoft has deployed an out-of-band Windows 10 update designed to remedy a security flaw affecting all supported versions of the operating system.

The update consists of a handful of different fixes, all of which are geared towards addressing issues with authentication protocol Kerberos that could allow an attacker to bypass security protections.

The fix was published for enterprise users running Windows 10 1809 earlier in the week, but has now arrived for versions 20H2, 2004, 1909, 1903 and 1607 as well.

Windows 10 update

According to a Microsoft support post, the Kerberos authentication issue was caused by a bug in a patch (for CVE-2020-17049) delivered this month as part of the company’s regular update schedule.

“After installing KB4586781 on domain controllers (DCs) and read-only domain controllers (RODCs) in your environment, you might encounter Kerberos authentication issues,” explained the firm.

“There are three registry setting values for PerformTicketSignature to control it, but in the current implementation you might encounter different issues with each setting.”

Setting the PerformTicketSignature value to 0 is said to cause authentication issues when using S4U scenarios (e.g. scheduled tasks/clustering), value 1 could bring about ticket renewal failures, while value 2 will cause problems in environments where not all DCs are updated.

Thankfully, these problems are exclusive to Windows Servers,  Windows 10 devices and applications running in enterprise environments, so everyday users need not worry in this instance.

Administrators, however, must install the latest out-of-band update (KB4594440) manually by searching for the package via the Microsoft Update Catalog; it is not available through the Windows Update service and will not be installed automatically.

Via MSPowerUser

Joel Khalili
Joel Khalili
News and Features Editor

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He's responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

See more Computing news