“After installing the November security updates, you might have authentication failures on servers relating to Kerberos Tickets acquired via S4u2self,” Microsoft explains on the Windows health dashboard. On Tuesday after installating of security patches provided during Patch Users on Windows Server Domain Controllers (DCs) may face authentication difficulties, according to Microsoft. With some Kerberos delegation circumstances, these authentication vulnerabilities affect systems running Windows Server 2019 and lower versions.
Event Viewer may appear. The System event log contains the Microsoft-Windows-Kerberos-Key-Distribution-Center event 18.
The Azure AD Application Proxy event log in Microsoft-AAD Application Proxy Connector event 12027 has the error 0x8009030c with the text Web Application Proxy encountered an unexpected.
A signature similar to the following can be found in network traces:
Kerberos authentication will fail on Kerberos delegation scenarios that rely on the front-end service to retrieve a Kerberos ticket on behalf of a user to access a backend service. Important Kerberos delegation scenarios where a Kerberos client provides the front-end service with an evidence ticket are not impacted. Pure Azure Active Directory environments are not impacted by this issue. – Microsoft
Gatlan, S. (2021, November 11). Microsoft: New Security updates Trigger Windows Server Auth issues. BleepingComputer. Retrieved November 12, 2021, from https://www.bleepingcomputer.com/news/microsoft/microsoft-new-security-updates-trigger-windows-server-auth-issues/.