KB5020805: How to manage Kerberos protocol changes related to CVE-2022-37967
Hi, There is an enforcement due on the 11th July from Microsoft due to a security vulnerability, Please see under article:
https://support.microsoft.com/en-gb/topic/kb5020805-how-to-manage-kerberos-protocol-changes-related-to-cve-2022-37967-997e9acc-67c5-48e1-8d0d-190269bf4efb
The November 8, 2022 Windows updates address security bypass and elevation of privilege vulnerabilities with Privilege Attribute Certificate (PAC) signatures. This security update addresses Kerberos vulnerabilities where an attacker could digitally alter PAC signatures, raising their privileges.
To help secure your environment, install this Windows update to all devices, including Windows domain controllers. All domain controllers in your domain must be updated first before switching the update to Enforced mode.
To learn more about this vulnerabilities, see CVE-2022-37967.
Just a quick question, does it mean that any servers running 2003OS or 2008OS in an esatate would no longer work?
The article doesnt appear to have been updated for a while.
Thanks