⚡ TL;DR | Go Straight to the Microsoft Out-of-band Updates Report
Microsoft released multiple new out-of-band (OOB) updates for the issues created with the latest May Patch Tuesday including widely reported issues with Active Directory (AD) authentication for Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). Additionally, OOB updates were also released for an issue with Microsoft Store Apps showing 0xC002001B errors.
Windows AD Authentication Issues
The Issue started occurring after updates from the May Patch Tuesday were installed. Reports came in quickly of AD authentication issues which Microsoft later did confirm.
„After installing updates released May 10, 2022 on your Windows servers used as domain controllers, you might see authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). An issue has been found related to how the mapping of certificates to machine accounts is being handled by the domain controller.“
To fix the issue, Microsft released new cumulative updates for Domain Controllers:
- Windows Server 2022: KB5015013
- Windows Server, version 20H2: KB5015020
- Windows Server 2019: KB5015018
- Windows Server 2016: KB5015019
The following standalone updates were also released:
- Windows Server 2012 R2: KB5014986
- Windows Server 2012: KB5014991
- Windows Server 2008 R2 SP1: KB5014987
- Windows Server 2008 SP2: KB5014990
Microsoft Store App
Windows versions running a build released after April 25th might have issues installing or launching Microsoft store apps. Currently, only versions 21H2, 21H1, and 20H2 seem to be affected by this issue. According to info from the Windows health dashboard, the issue seems to be related to the Control-flow Enforcement Technology (CET) used in Intel 11th Gen and later Intel Core Processors or later and certain AMD processors. The result of this issue is that users might receive an error code: 0xC002001B when attempting to install from the Microsoft Store.
To fix the issue, Microsoft released cumulative update KB5015020.
Run the Patch Tuesday May 2022 Audit Report
To help manage your update progress, we’ve created the Microsoft Out-of-band Updates Report that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.