On-premises Identity-related updates and fixes for December 2021

Reading Time: 2 minutes

Windows Server

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates.

For December 2021, Microsoft announced that the preview updates would be skipped, because of minimal operations during the holidays and the upcoming Western new year. These is the short list of Identity-related updates and fixes we saw for December 2021:

Windows Server 2016

We observed the following update for Windows Server 2016:

KB5008207 December 14, 2021

The December 14, 2021 update for Windows Server 2016 (KB5008207), updating the OS build number to 14393.4825 is a monthly cumulative update.

Windows Server 2019

We observed the following updates for Windows Server 2019:

KB5008218 December 14, 2021

The December 14, 2021 update for Windows Server 2019 (KB5008218), updating the OS build number to 17763.2366 is a monthly cumulative update.

This security update addresses four Active Directory Elevation of Privilege vulnerabilities and includes the following Identity-related quality improvements:

It includes the following Identity-related quality improvements:

    1. It enables credentials for Azure Active Directory (Azure AD) users that use Active Directory Federation Services (AD FS) as their authentication method in Quick Assist.
    2. It addresses an issue that prevents the applications that you use often from appearing on the Start menu and prevents you from configuring them to appear on the Start menu using a Group Policy.

Windows Server 2022

We observed the following updates for Windows Server 2022:

KB5008223 December 14, 2021

The December 14, 2021 update for Windows Server 2022 (KB5008223), updating the OS build number to 20348.405 is a monthly cumulative update.

It includes one Identity-related quality improvement: It addresses an issue that fails to apply machine Group Policy objects automatically at startup or in the background to devices on a domain that have certain processors.

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.