On-premises Identity-related updates and fixes for February 2023

Reading Time: 2 minutes

Windows Serrer

Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses.

This is the list of Identity-related updates and fixes we saw for February 2023:

 

Windows Server 2016

We observed the following update for Windows Server 2016:

KB5022838 February 14, 2023

The February 14, 2023, update for Windows Server 2016 (KB5022838), updating the OS build number to 14393.5717, is a monthly cumulative update that includes an Identity-related improvement: It addresses an issue that puts Domain Controllers in a restart loop. This occurs because the Local Security Authority Subsystem Service (LSASS) stops responding. The error is 0xc0000374. LSASS stops responding if you populate the KrbTGT account with the AltsecID on accounts that Domain Controllers and Read-only Domain Controllers use.

 

Windows Server 2019

We observed the following updates for Windows Server 2019:

KB5022840 February 14, 2023

The February 14, 2023, update for Windows Server 2019 (KB5022840), updating the OS build number to 17763.4010, is a monthly cumulative update that includes the following Identity-related improvements:

  • It  addresses an issue that affects local Kerberos authentication. It fails if the local Key Distribution Center (KDC) service is not active.
  • It addresses an issue that affects Windows Server 2022. Phone activation of a Key Management Services (KMS) key does not work.
  • It improves the replication performance of Active Directory in large environments.

 

Windows Server 2022

We observed the following updates for Windows Server 2022:

KB5022842 February 14, 2023

The February 14, 2023, update for Windows Server 2022 (KB5022842), updating the OS build number to 202348.1547, is a monthly cumulative update that includes the following Identity-related improvements:

  • It addresses an issue that affects local Kerberos authentication. It fails if the local Key Distribution Center (KDC) service is not active.
  • It addresses an issue that affects the Domain Name System (DNS) suffix search list. When you configure it, the parent domain might be missing.
  • It addresses an issue that affects Active Directory Federation Service (AD FS). The issue fails to apply the RequirePDC flag setting of false.

Posted on March 6, 2023 by Sander Berkouwer in Active Directory, Active Directory Federation Services, Security Updates

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.