Kerberos Authentication
The latest Kerberos Authentication coverage — news, analysis, and updates from the WindowsNews.AI desk.
IAKerb & LocalKDC in Windows 11 Kill NTLM Fallbacks
Microsoft is arming upcoming Windows 11 and Windows Server Insider builds with two new Kerberos authentication extensions—IAKerb and LocalKDC—designed to finally sever the long-standing...
Microsoft's KB5037422 OOB Patch Fixes Critical LSASS Memory Leak in Windows Server 2022
Microsoft has taken the unusual step of releasing an out-of-band (OOB) security update, KB5037422, specifically for Windows Server 2022 to address a critical memory leak within the Local Security...
NTLM Deprecated: Microsoft's Push to Kerberos & Negotiate Protocol Explained
Microsoft has officially placed NTLM (NT LAN Manager) on the deprecation list, marking a significant shift in Windows authentication strategy that will impact enterprises worldwide. The company is...
Microsoft Kerberos Security Overhaul: AES Defaults Replace RC4 by 2026
Microsoft's announcement that it will stop issuing RC4-based Kerberos tickets by default on domain controllers marks a significant turning point in Windows enterprise security. After more than two...
CVE-2025-60704: Critical Windows Kerberos Vulnerability Requires Immediate Patching
Microsoft has issued an urgent security alert for CVE-2025-60704, a high-severity elevation of privilege vulnerability affecting Windows Kerberos authentication systems that demands immediate...
Windows Security Updates Trigger Kerberos NTLM Failures: SID Duplication Crisis
Microsoft's recent security updates have unleashed a wave of authentication failures across Windows environments, with Kerberos and NTLM protocols failing due to previously undetected duplicate...
Windows 11 Gets a Boost: KB5062553 Delivers Enhanced Performance, Security, and New Features
Windows 11 Gets a Boost: KB5062553 Delivers Enhanced Performance, Security, and New Features Microsoft has rolled out a significant update for Windows 11 version 24H2, designated KB5062553, bringing...
Critical Windows Kerberos Flaw Allows for Remote Service Disruption
Critical Windows Kerberos Flaw Allows for Remote Service Disruption A significant vulnerability, identified as CVE-2025-47978, has been discovered in the Windows Kerberos authentication system. This...
CVE-2025-49735: Unauthenticated RCE in Windows KDC Proxy Service (CVSS 8.1)
Critical Windows Flaw CVE-2025-49735 Exposes Enterprise Networks to Remote Code Execution A critical use-after-free vulnerability in the Windows Key Distribution Center (KDC) Proxy Service (KPSSVC),...
Critical Windows Server 2025 bugs fixed as June Patch Tuesday targets Kerberos and Credential Guard exploits.
Microsoft's June 2025 Patch Tuesday has delivered crucial security updates addressing multiple critical vulnerabilities in Windows Server 2025, particularly affecting Active Directory authentication...
April 2025 Windows Server Update Causes Kerberos Auth Failures: Fixes Inside
When Microsoft's monthly security updates promise stronger defenses, IT professionals and organizations worldwide often breathe a sigh of relief. Yet, as the April 2025 security updates reached...
CVE-2025-33071 Windows Vulnerability: Critical Patch for KDC Proxy Service Flaw
A newly discovered critical vulnerability, CVE-2025-33071, has sent shockwaves through the cybersecurity community, exposing a severe flaw in Windows' Key Distribution Center (KDC) Proxy Service...