Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates.
These are the Identity-related updates and fixes we saw for December 2020:
Windows Server 2016
We observed the following update for Windows Server 2016:
KB4593226 December 8, 2020
The December 8 update for Windows Server 2016 (KB4593226), updating the OS build number to 14393.4104 is a security update that includes quality improvements.
KB4593226 addresses an important Kerberos Security Feature Bypass Vulnerability, known as CVE-2020-16996, rated with CVSSv3 scores of 6.5 and 5.7. If you use Protected Users and Resource-Based Constrained Delegation (RBCD), you may experience this security vulnerability.
Windows Server 2019
We observed the following update for Windows Server 2019:
KB4592440 December 8, 2020
The December 8 update for Windows Server 2019 (KB4592440), updating the OS build number to 17763.1637 is a security update that includes quality improvements.
KB4592440 addresses an important Kerberos Security Feature Bypass Vulnerability, known as CVE-2020-16996, rated with CVSSv3 scores of 6.5 and 5.7. If you use Protected Users and Resource-Based Constrained Delegation (RBCD), you may experience this security vulnerability.
Login