On-premises Microsoft Identity-related updates and fixes for August 2019

Windows Server

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for August 2019:

                    

Windows Server 2016

We observed the following updates for Windows Server 2016:

KB4512495 August 17, 2019

The August 17, 2019 update for Windows Server 2016 (KB4512495) updating the OS Build number to 14393.3181 includes the following Identity-related fixes:

  • It addresses an issue that prevents some users from receiving a TTL value when they are added as members of Shadow Principals. This occurs for users who have distinguished names (DN) that contain an escape character. The TTL value is now added as expected.
  • It addresses an issue that may break the domain trust when the Recycle Bin is configured on the domain that carries the trust.

KB4512517 August 13, 2019

The August 13, 2019 update for Windows Server 2016 (KB4512517) updating the OS Build number to 14393.3144 plugs RDP vulnerabilities that are rated ‘Critical’. It includes the following Identity-related fixes:

  • It addresses an issue that may prevent devices from starting up or cause them to continue restarting if they are connected to a domain that is configured to use MIT Kerberos realms. Domain controllers and domain members are both affected.

This is the issue that was introduced with KB4507459, dated July 16, 2019.

               

Windows Server 2019

We observed the following updates for Windows Server 2019:

KB4512534 August 17, 2019

The August 17, 2019 non-security update for Windows Server 2019 (KB4512534) updating the OS Build number to 17763.720 includes the following Identity-related fixes:

  • It addresses an issue that causes a workstation to stop working when you sign in using an updated user principal name (UPN) (for example, changing UserN@contoso.com to User.Name@contoso.com).
  • It addresses an issue that prevents some users from receiving a TTL value when they are added as members of Shadow Principals. This occurs for users who have distinguished names (DN) that contain an escape character. The TTL value is now added as expected.
  • It addresses an issue that may break the domain trust when the Recycle Bin is configured on the domain that carries the trust.

KB4511553 August 13, 2019

The August 13, 2019 update for Windows Server 2019 (KB4511553) updating the OS Build number to 17763.638

plugs RDP vulnerabilities that are rated ‘Critical’. It includes the following Identity-related fixes:

  • It addresses an issue that may prevent devices from starting up or cause them to continue restarting if they are connected to a domain that is configured to use MIT Kerberos realms. Domain controllers and domain members are both affected.

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.