HomeWinBuzzer NewsMicrosoft Tackles Kerberos and BlackLotus Vulnerabilities in Latest Security Update

Microsoft Tackles Kerberos and BlackLotus Vulnerabilities in Latest Security Update

Microsoft's April Patch Tuesday fixes security holes in Windows 10/11 (KB5036892/3), but some users face installation problems.

-

Microsoft has recently launched its April 2024 Patch Tuesday updates. Part of the release was patches targeting critical security vulnerabilities across Windows 10 and Windows 11, among other products. The updates, identified as KB5036892 for Windows 10 and KB5036893 for Windows 11, aim to fortify the security of these . Despite the anticipation, several users have reported difficulties during the installation process.

Addressing Key Vulnerabilities

Among the critical issues addressed in this update are two Kerberos PA authentication security vulnerabilities, tracked under CVE-2024-26248 and CVE-2024-29056. These vulnerabilities could potentially allow unauthorized access or escalation of privileges within affected systems. Additionally, the update provides updated mitigations for the BlackLotus security vulnerability, which is known to bypass Secure Boot and is identified by CVE ID “CVE-2023-24932.” It's important to note, however, that these mitigations are not enabled by default and require manual activation. Despite these enhancements, the updates do not address the LogoFAIL vulnerability, underscoring the ongoing challenges in cybersecurity defense.

Known Issues and Compatibility Concerns

Microsoft has also highlighted several known issues and compatibility concerns with the April 2024 security updates. Notably, the mitigations are incompatible with systems running Windows Server 2012 and Windows Server 2012 R2 that utilize TPM (Trusted Platform Module) 2.0. The company has stated, “TPM 2.0-based systems…cannot deploy the mitigations released in the April 9, 2024 security update because of known compatibility issues with TPM measurements.”

Further complications have arisen in VMware-based virtualization environments, where virtual machines using an x86-based processor with Secure Boot enabled may fail to boot post-mitigation application. Similarly, systems with Symantec Endpoint Encryption installed cannot apply the Secure Boot mitigations. Microsoft is in communication with both VMware and Symantec to resolve these issues.

SourceMicrosoft
Luke Jones
Luke Jones
Luke has been writing about Microsoft and the wider tech industry for over 10 years. With a degree in creative and professional writing, Luke looks for the interesting spin when covering AI, Windows, Xbox, and more.

Recent News

Mastodon