Red Hat Enterprise Linux And Microsoft Security Update Of November 2022
Red Hat News, November 17th, 2022
November 17, 2022,
Volume 296, Issue 3

On November 8th, 2022, Microsoft released a series of security updates for various Windows operating systems to fix two security issue

Both security issues aren't documented in detail. The security advisories talk about 'Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability' and a generic 'Windows Kerberos Elevation of Privilege Vulnerability,' correspondingly. From the accompanying knowledge base articles we can see that these vulnerabilities affect use of the standard RC4-HMAC encryption type in the Active Directory Kerberos implementation. It has been known for some time that RC4-HMAC is an encryption type that might be broken, and a recommendation has been to disable RC4-HMAC use in Active Directory environment, enforced via various STIG and CIS profiles for Windows systems.

Read More ...


Other articles in the Red Hat News section of Volume 296, Issue 3:

See all archived articles in the Red Hat News section.