Heads up, Windows users! If you haven’t updated your PCs until now, make sure to do that at the earliest as the May Patch Tuesday bundle from Microsoft fixes 75 vulnerabilities across different components.
Microsoft Patch Tuesday May Updates Overview
The May Patch Tuesday updates from Microsoft address multiple bugs, including three zero-days.
Specifically, the first of these zero-day bugs, CVE-2022-26925, is an important severity spoofing flaw affecting Windows LSA. Microsoft confirmed active exploitation of this important severity bug (CVSS 8.1).
Alongside these bugs, Microsoft has also fixed 6 other critical-severity bugs. These include 2 RCE vulnerabilities in P2P tunneling protocol (CVE-2022-21972 and CVE-2022-23270), privilege escalation flaws in Windows Kerberos (CVE-2022-26931) and Active Directory Domain Services (CVE-2022-26923), and an RCE in Remote Desktop Client (CVE-2022-22017)
In addition, Microsoft’s May updates also patch 64 important severity flaws, and a single low-severity vulnerability DoS vulnerability in the .NET framework (CVE-2022-30130).
Facing AD Authentication Failures? Here’s How To Fix
Reportedly, some users faced AD authentication failures following the updates for CVE-2022-26923 and CVE-2022-22017. Hence, Microsoft has officially acknowledged the problem and shared mitigation.
Describing the issue separately, the firm explained,
An issue has been found related to how the mapping of certificates to machine accounts is being handled by the domain controller.
This glitch typically affects domain controller servers. To address this problem, Microsoft recommends manual certificate mapping to a machine account in Active Directory. If that doesn’t work, users can consider trying the mitigations explained in KB5014754.
With a gradual global roll-out, the updates would surely have reached almost every supported and update-enabled Windows system until now. Yet, it’s wise for the users to manually check for any updates that might not have arrived automatically, to remain safe from potential exploits.