In a highly connected enterprise landscape, cybersecurity is a constant concern. Software and firmware updates are the building blocks for protecting against emerging threats, and Microsoft, as an industry leader, regularly issues updates to enhance the security of its operating systems.
The KB5020805 update is one example, aimed at fixing security vulnerabilities in the Kerberos protocol related to CVE-2022-37967. In this context, DC Parts has emerged as a vital solution to ensure that equipment such as NetApp, Dell EMC, DELL, HPE and IBM storages are up to date with the latest supported firmware versions. This is crucial to avoid adverse impacts such as the KB5020805 update, which will become mandatory for Domain Controllers in October 2023.
Symptoms
The following is a list of updates from Microsoft related to the modifications to the Kerberos protocols, related to CVE-2022-37967, and the Netlogon protocol, related to CVE-2022-37966 and CVE-2022-38023:
– Microsoft KB5020805: Guidance on how to handle the Kerberos protocol changes associated with the CVE-2022-37967 vulnerability.
– Microsoft KB5021131: Instructions on how to handle changes to the Kerberos protocol regarding the CVE-2022-37966 vulnerability.
– Microsoft KB5021130: Guidance on how to manage Netlogon protocol changes associated with the CVE-2022-38023 vulnerability.
Cause
Microsoft is ending support for RC4 encryption and adopting AES encryption as the default.
Solution
Windows updates released on or after November 8, 2022 address problematic issues in the Netlogon protocol when RPC signing is used instead of RPC sealing.
Terminologies explained
RPC signing occurs when the Netlogon protocol employs RPC to sign messages transmitted over the network. The RPC seal, in turn, occurs when the Netlogon protocol performs the signature and encryption of messages that are sent over the network. Topic Link
For companies that have Netapp storage , here is the article explaining the impact Here and Here.
For companies that have DELL EMC arrays, here is the article explaining the impact here.
Importance of Updates to Avoid the Impact of KB5020805
The current scenario involves Microsoft’s decision to end support for the RC4 security protocol in favor of AES. As a result, Windows Domain Controllers in versions 2012, 2016, and 2019 will undergo a change in their security protocols. This will have a significant impact on devices that have not been updated, such as storages that share folders on a Windows network (CIFS), may lose the correct authentication capability, resulting in access issues, data loss, and disruptions to essential operations.
And to ensure that there will be no impact, it is recommended to update the storages and equipment that use authentication via Windows as soon as possible. DC Parts can help, updating to the last time that the equipment supports.
Over the past few months, we’ve updated dozens of pieces of equipment that were affected or outdated.
DC Parts’ Role in Mitigating Risk
A DC Parts se destaca como uma solução confiável para enfrentar esses desafios. Especializada em storages podemos fornecer atualizações de firmware para a última versão suportada em uma ampla variedade de equipamentos, incluindo storages de fabricantes como NetApp, Dell EMC, DELL, HPE e IBM, preenchemos a lacuna deixada por fabricantes que interrompem o suporte. Essa abordagem proativa garante que os storages estejam prontos para enfrentar atualizações crÃticas, como a KB5020805, minimizando riscos de incompatibilidade e potenciais impactos negativos nos negócios.
Benefits of Partnering with DC Parts
1. Enhanced Protection: Upgraded equipment has a greater ability to face emerging threats, protecting the organization’s valuable digital assets.
2. Guaranteed Compatibility: Firmware updates ensure that the arrays are aligned with the changes in the operating system updates.
3. Prevention of Outages: Updating firmware before implementing critical updates reduces the likelihood of unexpected disruptions to operations.
4. Operational Continuity: Upgraded storages minimize the possibility of losing access to critical data and services.
Conclusion
A atualização KB5020805 da Microsoft representa uma etapa crucial para reforçar a segurança em ambientes Windows. Para evitar impactos adversos, é imperativo manter equipamentos como storages NetApp, Dell EMC, DELL, HPE e IBM atualizados com as últimas versões de firmware suportadas. A DC Parts se destaca como uma parceira valiosa, oferecendo a garantia de que os storages estarão prontos para enfrentar as atualizações obrigatórias como a KB5020805, protegendo os dados da empresa e a continuidade operacional. Em um cenário onde a segurança cibernética é essencial, a parceria com a DC Parts é um investimento crucial para a proteção e o sucesso da organização.
