Microsoft has confirmed buyer studies of NTLM authentication failures and excessive load after putting in this month’s Home windows Server safety updates.
In response to a brand new entry added to the Home windows well being dashboard on Tuesday, this recognized difficulty will solely have an effect on Home windows area controllers in organizations with lots of NTLM site visitors and few major DCs.
The record of impacted Home windows variations and buggy safety updates consists of Home windows Server 2022 (KB5036909), Home windows Server 2019 (KB5036896), Home windows Server 2016 (KB5036899), Home windows Server 2012 R2 (KB5036960), Home windows Server 2012 (KB5036969), Home windows Server 2008 R2 (KB5036967), and Home windows Server 2008 (KB5036932).
“After installing the April 2024 security update on domain controllers (DCs), you might notice a significant increase in NTLM authentication traffic,” Microsoft says.
“This issue is likely to affect organizations that have a very small percentage of primary domain controllers in their environment and high NTLM traffic.”
Microsoft has but to supply data on the foundation explanation for this recognized difficulty and continues to be engaged on a repair. Nonetheless, it suggested small and enormous enterprise prospects needing assist to succeed in out by the “Help for Enterprise” portal.
Unofficial short-term repair
Whereas a workaround is unavailable till Microsoft supplies a repair, Home windows directors can uninstall the safety updates to handle the NTLM authentication points quickly.
“To remove the LCU after installing the combined SSU and LCU package, use the DISM/Remove-Package command line option with the LCU package name as the argument. You can find the package name by using this command: DISM /online /get-packages,” Microsoft explains.
It is also vital to notice that the newest cumulative updates embrace all safety fixes launched this month. Therefore, eradicating the LCU may also take away all fixes for safety vulnerabilities patched this month.
Two months in the past, Microsoft launched emergency out-of-band updates to repair a problem inflicting Home windows area controller crashes attributable to reminiscence leaks attributable to the March 2024 Home windows Server safety updates.
Redmond resolved extra Home windows Server crash points in December 2022 after the November 2022 safety updates launched one other leak and in March 2022 when Home windows admins reported widespread area controller reboots.
On Tuesday, Microsoft additionally revealed that the April 2024 Home windows safety updates are breaking VPN connections on Home windows 11, Home windows 10, and Home windows Server techniques.
