Domain Controllers Windows (server 2012 R2) update to address Netlogon Elevation of Privilege Vulnerability

Ali Mujahid 21 Reputation points
2020-11-03T22:09:57.547+00:00

Hi,

We are planning to update Domain Controllers runing Windows server 2012 R2 to address Netlogon Elevation of Privilege Vulnerability.

For this we are installing following updates:

  1. KB4566425 (pre-requisite)
  2. KB4571723 (Security update only)

With reference to roll back these updates what are our options?, if someone can please suggest exact steps for roll back or uninstalling the updates.

Also, if anyone can please share their past experiences on installing these updates on Domain Controllers (preparations, issues, back-ups etc.)

Best Regards,

Ali

Windows Server 2012
Windows Server 2012
A Microsoft server operating system that supports enterprise-level management, data storage, applications, and communications.
1,579 questions
0 comments No comments
{count} votes

Accepted answer
  1. Anonymous
    2020-11-03T22:42:27.33+00:00

    SSUs (KB4566425) cannot be uninstalled. The security update KB4571723 can be uninstalled. Regardless should not be any issues. You can use
    Test-ComputerSecureChannel
    to test suspect clients.
    https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.management/test-computersecurechannel?view=powershell-5.1

    --please don't forget to Accept as answer if the reply is helpful--

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.