Kerberos
The latest Kerberos coverage — news, analysis, and updates from the WindowsNews.AI desk.
KB5063880: Microsoft Fortifies Server 2022 Netlogon, Raises Red Flag on June 2026 Secure Boot Expiry
Microsoft’s August 12, 2025 cumulative update for Windows Server 2022 doesn’t just patch bugs—it closes a quartet of remotely exploitable denial-of-service flaws in the Netlogon protocol and...
Patch for Windows Netlogon DoS Vulnerability Triggers NAS and Samba Issues, Secure Boot Deadlines Loom
Windows Server administrators juggling urgent patches and looming firmware deadlines just got a stark reminder that security hardening can break third-party integrations. Microsoft’s July 8, 2025...
Microsoft’s August Patches Fix Kerberos dMSA Vulnerability That Lets Attackers Escalate to Domain Admin
A newly disclosed vulnerability in Windows Server 2025’s delegated Managed Service Accounts (dMSA) feature allows an attacker with initial access to specific Kerberos secrets to escalate to full...
Microsoft Patches Publicly Disclosed ‘BadSuccessor’ Kerberos Zero-Day and Exchange Hybrid Cloud Threat in August 2025 Update
Microsoft’s August 2025 security update patches a publicly disclosed Kerberos privilege escalation flaw and a dangerous Exchange hybrid vulnerability that could let attackers hop from on-premises...
Microsoft patches Kerberos 'BadSuccessor' flaw and critical image-parsing bugs in August update
On August 12, 2025, Microsoft shipped its monthly security bundle, and it's one of those months that makes sysadmins reach for extra coffee. Two critical remote code execution (RCE) vulnerabilities...
100+ Patches, a Kerberos Crisis, and Exchange's Last Stand: Unpacking Microsoft's August Security Blitz
Microsoft didn’t just drop a routine Patch Tuesday in August 2025. The company shipped fixes for over 100 security flaws, unveiled a one-time Extended Security Update (ESU) program that gives...
Microsoft’s August Update Plugs Kerberos Zero-Day; Two 9.8-Rated RCEs Demand Immediate Patching
Administrators rushed to patch domain controllers this week as Microsoft’s August 2025 Patch Tuesday landed with a publicly disclosed Kerberos elevation-of-privilege flaw (CVE-2025-53779) and two...
Domain Controllers at Risk: Microsoft’s August Update Closes Kerberos dMSA Vulnerability Amid 100+ Fixes
Microsoft’s August 2025 Patch Tuesday release lands with an urgent fix for a Kerberos vulnerability that could allow attackers to escalate to domain administrator, alongside more than a dozen other...
CVE-2025-53779: New Kerberos Path Traversal Bug Opens Door to Privilege Escalation—Patch Now
Microsoft’s security team has published guidance for CVE-2025-53779, a newly disclosed vulnerability in Windows Kerberos that could let authenticated attackers on the network elevate their...
Windows Admins: CVE-2025-53778 Is a Patch-Now NTLM Privilege Escalation That Threatens Entire Domains
Microsoft has silently added CVE-2025-53778 to its Security Update Guide, flagging a improper authentication flaw in the Windows NTLM implementation that permits an authorized attacker to elevate...
Comprehensive Guide to Joining Windows 11 Devices to Active Directory and Azure AD
Integrating a Windows 11 device into an Active Directory (AD) domain remains one of the foundational tasks in enterprise IT management, even as the cloud era continues to reshape how we think about...
Understanding the Critical Golden dMSA Flaw in Windows Server 2025 and How to Mitigate It
The security landscape surrounding Windows Server 2025 has been shaken by the recent revelations of the critical "Golden dMSA" flaw—a design defect that threatens the core of Active Directory (AD)...