Microsoft will disable RC4 by default in Windows Kerberos, pushing organizations to uncover and eliminate longstanding ...

Microsoft eased enterprise security teams into 2024 with a relatively light January security update consisting of patches for 48 unique CVEs, just two of which the company identified as being of ...

Microsoft is moving to disable RC4, an encryption cipher embedded in Windows authentication for more than two decades. The ...

Microsoft has issued out-of-band (OOB) updates to address authentication failures on domain controllers that run all currently supported editions of Windows Server. According to the security advisory, ...

Server: Fully-patched 2008 R2, running Certificate Services. The /certsrv virtual directory is using (I believe) default settings. Specifically, this means it's using Windows Authentication, with NTLM ...

Microsoft has released out-of-band optional updates to fix a known issue that causes Kerberos authentication problems on enterprise domain controllers after installing security updates released ...

Microsoft has released a total of 49 new patches marking the first Patch Tuesday event of 2024, addressing a variety of vulnerabilities across its product estate, among them two critical bugs ...

A bypass bug present in the Kerberos cryptographic authentication protocol for 21 years has now been fixed in patches from Microsoft, Samba, Fedora, FreeBSD, and Debian. The discoverers of the ancient ...

Microsoft has issued security updates to address a Kerberos security feature bypass vulnerability impacting multiple Windows Server versions in a two-phase staged rollout. The vulnerability tracked as ...

Do you think Microsoft’s Kerberos implementation follows the Kerberos standard? Add your comments and questions to the online Kerberos discussion. In Greek mythology , Kerberos is the three-headed ...