Microsoft confirms Patch Tuesday updates authentication issues

Access Denied

Access denied! There was belief that the latest Patch Tuesday updates that Microsoft released earlier this week would go smoothly. Or, fairly smoothly, unlike some past releases.

But it looks like those beliefs were premature.

And how!

We have tons of reports of all manners of issues and crashes happening after installing the May 2022 cumulative update for the OS. And now, Microsoft has formally updated the Windows Health Dashboard with a notice about these new confirmed bugs, both in Windows 10 and Windows 11.

The software titan notes that KB5013943 and KB5013942 are the culprits, with the former having been released for Windows 11 build 22000.675, while the latter was destined for Windows 10 builds 19043.1706, 19042.1706, and 19041.1706.

Apparently, these cumulative patches cause authentication failures on the server or client for services, you know things like NPS, RRAS, EAP, and PEAP. The problem is related to how the domain controller handles the mapping of certifications to machine accounts.

Worth a mention that the confirmed bug does not affect client Windows devices and non-domain-controlled Windows Servers.

Of course, that’s just one piece of the puzzle.

While the authentication bug does not impact consumer devices, Windows 11 end users are experiencing other hellish problems after installing the May 2022 cumulative update. These include the dreaded Blue Screens of Death, broken Event Viewer, and problems with .NET apps, among others.

But at least, we have an official confirmation from Microsoft on this particular problem, and the company is working on fixing it in a future release.

In the meantime, IT admins have a workaround of sorts around the issue, which includes mapping certificates to a machine account in Active Directory manually.

The needed instructions for this are available in the documentation for Certificate Mapping.