Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates.
For December 2021, Microsoft announced that the preview updates would be skipped, because of minimal operations during the holidays and the upcoming Western new year. These is the short list of Identity-related updates and fixes we saw for January 2022:
Windows Server 2016
We observed the following update for Windows Server 2016:
KB5010195 January 5, 2022 Out Of Band
The January 5, 2022 update for Windows Server 2016 (KB5010195), updating the OS build number to 14393.4827 is an out-of-band update.
It addresses an issue that might prevent you from using Remote Desktop to reach the server. In some circumstances, the server might stop responding. The screen might also appear black, and general performance and signing in might be slow.
KB5009546 January 11, 2022
The January 11, 2022 update for Windows Server 2016 (KB5009546), updating the OS build number to 14393.4886 is a monthly cumulative update.
It addresses three Active Directory Domain Services vulnerabilities and a wormable Critical HTTP Protocol Stack Remote Code Execution Vulnerability that affects AD FS servers.
KB5010790 January 17, 2022 Out Of Band
The January 17, 2022 update for Windows Server 2016 (KB5010790), updating the OS build number to 14393.4889 is an out-of-band update.
It addresses an issue issue that might cause Windows Servers to restart unexpectedly after installing the January 11, 2022 update on domain controllers.
It also addresses an issue that prevents Active Directory attributes from being written properly during a Lightweight Directory Access Protocol (LDAP) modify operation when you make multiple attribute changes.
Windows Server 2019
We observed the following update for Windows Server 2019:
KB5010196 January 4, 2022 Out Of Band
The January 4, 2022 update for Windows Server 2019 (KB5010196), updating the OS build number to 17763.2369 is an out-of-band update.
It addresses an issue that might prevent you from using Remote Desktop to reach the server. In some circumstances, the server might stop responding. The screen might also appear black, and general performance and signing in might be slow.
KB5009557 January 11, 2022
The January 11, 20222 update for Windows Server 2019 (KB5009557), updating the OS build number to 17763.2452 is a monthly cumulative update.
It addresses three Active Directory Domain Services vulnerabilities and a wormable Critical HTTP Protocol Stack Remote Code Execution Vulnerability that affects AD FS servers.
KB5010791 January 18, 2022 Out Of Band
The January 18, 2022 update for Windows Server 2019 (KB5010791), updating the OS build number to 17763.2458 is an out-of-band update.
It addresses an issue issue that might cause Windows Servers to restart unexpectedly after installing the January 11, 2022 update on domain controllers.
It also addresses an issue that prevents Active Directory attributes from being written properly during a Lightweight Directory Access Protocol (LDAP) modify operation when you make multiple attribute changes.
KB5009616 January 25, 2022 Preview
The January 25, 2022 update for Windows Server 2019 (KB5009616), updating the OS build number to 17763.2510 is a preview update that includes the following Identity-related improvements:
- It addresses an issue that might cause Kerberos.dll to stop working within the Local Security Authority Subsystem Service (LSASS). This occurs when LSASS processes simultaneous Service for User (S4U) and user-to-user (U2U) requests for the same client user.
- It addresses an issue that causes lsass.exe to stop working and the device restarts. This issue occurs when you query Windows NT Directory Services (NTDS) counters after the NTDS service has stopped.
- It addresses an issue that might occur when you enable verbose Active Directory Federation Services (AD FS) audit logging and an invalid parameter is logged. As a result, events with Event ID 207 are logged, which indicates that a failure to write to the audit log occurred.
- It adds an audit event to Active Directory domain controllers that identifies clients that are not compliant with RFC 4456. For more information, see KB5005408: Smart card authentication might cause print and scan failures.
Windows Server 2022
We observed the following update for Windows Server 2022:
KB5010197 January 5, 2022 Out Of Band
The January 5, 2022 update for Windows Server 2022 (KB5010197), updating the OS build number to 20348.407 is an out-of-band update.
It addresses an issue that might prevent you from using Remote Desktop to reach the server. In some circumstances, the server might stop responding. The screen might also appear black, and general performance and signing in might be slow.
KB5009555 January 11, 2022
The January 11, 20222 update for Windows Server 2022 (KB5009555), updating the OS build number to 20348.469 is a monthly cumulative update.
It addresses three Active Directory Domain Services vulnerabilities and a wormable Critical HTTP Protocol Stack Remote Code Execution Vulnerability that affects AD FS servers.
KB5010796 January 17, 2022 Out Of Band
The January 17, 2022 update for Windows Server 2022 (KB5010796), updating the OS build number to 20348.473 is an out-of-band update.
It addresses an issue issue that might cause Windows Servers to restart unexpectedly after installing the January 11, 2022 update on domain controllers.
It also addresses an issue that prevents Active Directory attributes from being written properly during a Lightweight Directory Access Protocol (LDAP) modify operation when you make multiple attribute changes.
KB5009608 January 25, 2022 Preview
The January 25, 2022 update for Windows Server 2022 (KB5009608), updating the OS build number to 20348.502is a preview update that includes the following Identity-related improvements:
- It addresses an issue that causes a device to incorrectly report itself as noncompliant with Conditional Access because of an antivirus or firewall configuration.
- It addresses an issue that might cause Kerberos.dll to stop working within the Local Security Authority Subsystem Service (LSASS). This occurs when LSASS processes simultaneous Service for User (S4U) and user-to-user (U2U) requests for the same client user.
- It addresses an issue that affects the Fast Identity Online 2.0 (FIDO2) credential provider and prevents the display of the PIN entry field.
- It addresses an issue that causes lsass.exe to stop working and the device restarts. This issue occurs when you query Windows NT Directory Services (NTDS) counters after the NTDS service has stopped.
- It addresses an issue that fails to apply the Group Policy Object Do not allow compression on all NTFS Volume in some cases.
- It addresses an issue that might occur when you enable verbose Active Directory Federation Services (AD FS) audit logging and an invalid parameter is logged. As a result, events with Event ID 207 are logged, which indicates that a failure to write to the audit log occurred.
- It adds an audit event to Active Directory domain controllers that identifies clients that are not compliant with RFC 4456. For more information, see KB5005408: Smart card authentication might cause print and scan failures.
Login