KB5016622 – Window Versions

Even even though Microsoft’s Identity focus actions closer to the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 nonetheless acquire updates of KB5016622.

 

This is the listing of Identity-associated updates and fixes we noticed for August 2022:

 

Windows Server 2016

We found the following replace for Windows Server 2016:

 

KB5016622 AUGUST nine, 2022

The August nine, 2022 replace for Windows Server 2016 (KB5016622) updating the OS construct range to 14393.5291, is a month-to-month cumulative replace that includes the subsequent Identity-associated improvements:

 

It addresses an issue that prevents the Key Distribution Center (KDC) Proxy from nicely receiving Kerberos tickets for Windows Hello for Business authentications in Hybrid Key Trust implementations.

It addresses an difficulty that reasons the KDC code on Domain Controllers to incorrectly go back the subsequent errors message at some stage in shutdown:

KDC_ERR_TGT_REVOKED

 

It addresses an trouble that would cause the Local Security Authority Server Service (lsass.Exe) to leak tokens. This difficulty influences gadgets that have established Windows updates dated June 14, 2022 and later. This trouble occurs whilst the device plays a particular shape of carrier for consumer (S4U) in a non-Trusted Computing Base (TCB) Windows provider that runs as Network Service.

It enforces a hardening exchange that requires printers and scanners that use smart cards for authentication to have firmware that complies with section 3.2.1 of RFC 4556. If they do not comply, domain controllers will not authenticate them.

 

Windows Server 2019

We determined the following updates for Windows Server 2019:

 

KB5016622 AUGUST 9, 2022

The August nine, 2022 replace for Windows Server 2019 (KB5016623) updating the OS construct range to 17763.3287 is a month-to-month cumulative replace that includes the following Identity-associated enhancements:

 

It offers the choice to configure an trade login ID for the Azure Multi-Factor Authentication (MFA) Active Directory Federation Services (AD FS) adapter for on-premises scenarios. By default, the adapter configuration will not forget about exchange login ID (IgnoreAlternateLoginId = $fake) except explicitly set to $actual.

It addresses an trouble that would reason the Local Security Authority Server Service (lsass.Exe) to leak tokens. This trouble impacts gadgets that have set up Windows updates dated June 14, 2022 and later. This issue occurs whilst the tool performs a selected shape of provider for consumer (S4U) in a non-Trusted Computing Base (TCB) Windows provider that runs as Network Service.

It enforces a difficult change that requires printers and scanners that use smart cards for authentication to have firmware that complies with section 3.2.1 of RFC 4556. If they do no longer comply, domain controllers will now not authenticate them.

 

Windows 10 Version 1607 (x64) Patch Details

 

Patch Name

Windows10.0-kb5016622-x64-1607.Msu

Patch Description

2022-08 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5016622) (CVE-2022-34713)

Bulletin Id

MS22-AUG3

Bulletin Title

Cumulative Security Update for Microsoft Edge (KB5016623)

Severity

Critical

Location Path

Windows10.Zero-kb5016622-x64-1607.Msu

Bulletin Summary

The Microsoft Security Response Center (MSRC) investigates all reviews of safety vulnerabilities affecting Microsoft products and services, and presents the records here as a part of the ongoing effort that will help you manage security risks and help maintain your structures covered.

• Superceding Bulletin Id
• MS22-SEP3
• Patch Release Date
• Aug 9, 2022

 

Also Read: loranocarter+nevada