Active Directory
The latest Active Directory coverage — news, analysis, and updates from the WindowsNews.AI desk.
Microsoft Fixed the .NET Forest Trust Active Directory Bug Two Years Ago—So Why Are We Still Talking About It?
Microsoft resolved a critical regression in the .NET Framework that broke Active Directory forest trust operations back in early 2022, but recent headlines have resurrected the issue as if it...
Microsoft Drops Kerberos Compatibility Workarounds September 10: What You Must Do
On September 10, 2025, Microsoft will flip a permanent switch in Windows domain controllers: the temporary registry settings that have allowed weak certificate-to-user mappings will stop working, and...
Last Call for Certificate Compatibility: Microsoft Mandates Strong Mappings on Windows DCs Sept 10
Microsoft will permanently disable the compatibility mode for certificate-to-account mappings on Windows domain controllers on September 10, 2025, forcing organizations still relying on weak...
Active Directory Disaster Recovery Is a Cybersecurity Emergency—Here’s the Identity-First Playbook
A single corrupted Active Directory forest can lock employees out of every app, revoke access to file shares, break DNS, and sever the sync between on-premises and cloud identities—all within...
Patch Tuesday Deluge: Digest Auth RCE (CVE-2025-21294) Puts IIS Servers at Risk
Administrators running Internet-facing Windows IIS servers must immediately disable Digest Authentication to block a newly discovered remote code execution vulnerability, CVE-2025-21294, confirmed by...
Per-Mailbox Cloud Management Lets Admins Finally Retire the Last Exchange Server
Microsoft has released a per‑mailbox cloud management feature that finally gives hybrid Exchange organizations a clear path to unplugging the last on‑premises Exchange server. With the new...
Patch Domain Controllers Now: Microsoft's August Updates Fix Kerberos Zero-Day, Hybrid Exchange Flaws, and 107 Bugs
Microsoft's August 2025 Patch Tuesday landed with an unusual bang, delivering fixes for 107 vulnerabilities, including a publicly disclosed Kerberos zero-day that can hand attackers the keys to an...
Windows Server 2025 Schema Master Flaw Triggers Duplicate AD Entries, Halts Replication
Administrators deploying Windows Server 2025 domain controllers are grappling with a severe replication failure caused by a bug in the Schema Master FSMO role. The flaw generates duplicate entries...
Identity Kits Breached, NFC Malware Spikes, and Microsoft Patches a Dangerous Kerberos Bug
The cybersecurity news cycle last week delivered a triple blow that no financial institution or Windows enterprise can afford to ignore. On Monday, a Connecticut-based credit union confirmed a data...
Microsoft's 111-CVE August Patch Tuesday Forces CISA Emergency Directive as Kerberos Zero-Day Looms
Microsoft released one of its heaviest Patch Tuesday updates in months this August, shipping fixes for 111 security vulnerabilities and setting off a chain reaction that includes a public zero-day...
KB5063880: Microsoft Fortifies Server 2022 Netlogon, Raises Red Flag on June 2026 Secure Boot Expiry
Microsoft’s August 12, 2025 cumulative update for Windows Server 2022 doesn’t just patch bugs—it closes a quartet of remotely exploitable denial-of-service flaws in the Netlogon protocol and...
Broken Samba, Fixed Vulnerability: Inside Microsoft’s July 2025 Netlogon RPC Hardening
A quiet but critical security hardening in Microsoft’s July 2025 cumulative updates for Windows Server has broken Samba and other third-party file services, while simultaneously closing a dangerous...