Red Hat Enterprise Linux And Microsoft Security Update Of November 2022
Red Hat News, November 17th, 2022
November 17, 2022,
Volume 296, Issue 3
On November 8th, 2022, Microsoft released a series of security updates for various Windows operating systems to fix two security issue
Both security issues aren't documented in detail. The security advisories talk about 'Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability' and a generic 'Windows Kerberos Elevation of Privilege Vulnerability,' correspondingly. From the accompanying knowledge base articles we can see that these vulnerabilities affect use of the standard RC4-HMAC encryption type in the Active Directory Kerberos implementation. It has been known for some time that RC4-HMAC is an encryption type that might be broken, and a recommendation has been to disable RC4-HMAC use in Active Directory environment, enforced via various STIG and CIS profiles for Windows systems.
Read More ...