Windows Server domain controllers will receive security updates on November 8, 2022 and later. Administrators should observe changes coming into effect on June 13, 2023, including Netlogon and Kerberos protocol changes. All domain-joined, machine accounts are affected.
Windows Server Domain Controller Security Updates
Microsoft is rolling out security updates to address vulnerabilities affecting Windows Server domain controllers (DCs). As of June 13, 2023, administrators should observe the following changes:
Netlogon Protocol Changes
The Netlogon protocol is a secure remote procedure call (RPC) protocol used to authenticate users and services in a Windows domain. Microsoft is rolling out changes to the protocol to address security vulnerabilities.
Kerberos Protocol Changes
The Kerberos protocol is a secure authentication protocol used to verify the identity of a user or host. Microsoft is rolling out changes to the protocol to address security vulnerabilities.
Domain-Joined Machine Accounts
All domain-joined, machine accounts are affected by these vulnerabilities. Administrators should review the Microsoft KB entries to understand the options available for configuring these changing security requirements in their environment, as well as monitor for warnings and issues.
“Microsoft is rolling out security updates to address vulnerabilities affecting Windows Server domain controllers (DCs). As of June 13, 2023, administrators should observe the following changes.”
Conclusion
Microsoft is taking steps to ensure the security of Windows Server domain controllers. Administrators should review the Microsoft KB entries to understand the options available for configuring these changing security requirements in their environment, as well as monitor for warnings and issues.
Key points from the article:
From the Microsoft Windows Message Center
