In a highly connected business landscape, cybersecurity is a constant concern. Software and firmware updates are a cornerstone of protection against emerging threats, and Microsoft, as an industry leader, regularly issues updates to improve the security of its operating systems.
Update KB5020805 is an example, intended to fix security vulnerabilities in the Kerberos protocol related to CVE-2022-37967. In this context, the DC Parts has emerged as a vital solution to ensure that equipment such as storage NetApp, Dell EMC, DELL, HPE and IBM, are up to date with the latest supported firmware versions. This is crucial to avoid adverse impacts like the KB5020805 update, which will become mandatory for Domain Controllers in October 2023.
Symptoms
Below is a list of Microsoft updates related to modifications to the Kerberos protocols related to CVE-2022-37967 and the Netlogon protocol related to CVE-2022-37966 and CVE-2022-38023:
– Microsoft KB5020805: Guidance on how to manage Kerberos protocol changes associated with vulnerability CVE-2022-37967.
– Microsoft KB5021131: Instructions on how to handle Kerberos protocol changes in relation to vulnerability CVE-2022-37966.
– Microsoft KB5021130: Guidance on how to manage Netlogon protocol changes associated with vulnerability CVE-2022-38023.
Cause
Microsoft is ending support for RC4 encryption and moving to AES encryption as the default.
Solution
Windows updates released on or after November 8, 2022 address problematic issues in the Netlogon protocol when RPC signing is used instead of RPC sealing.
Explanation of terminologies
RPC signing occurs when the Netlogon protocol employs RPC to sign messages transmitted over the network. RPC sealing, in turn, occurs when the Netlogon protocol performs the signing and encryption of messages that are sent over the network. topic link
For companies that have Netapp storage, follow the article explaining the impact Here e Here.
For companies that have DELL EMC storages, follow the article explaining the impact Here.
Importance of Updates to Avoid the Impact of KB5020805
The current scenario involves Microsoft's decision to drop support for the RC4 security protocol in favor of AES. Consequently, Windows Domain Controllers in versions 2012, 2016 and 2019 will undergo a change in their security protocols. This will have a significant impact on devices that have not been updated, such as folder-sharing arrays on a Windows network (CIFS), which can lose the ability to authenticate correctly, resulting in access issues, data loss, and interruptions to essential operations.
And to ensure that there will be no impact, it is recommended to update the storages and equipment that use Windows authentication as soon as possible. A DC Parts manages to help, updating to the last version that the equipment supports.
Over the past few months, we've updated dozens of devices that were affected or outdated.
The role of DC Parts in Mitigate Risks
A DC Parts stands out as a reliable solution to address these challenges. Specializing in storages, we can provide firmware upgrades to the latest version supported on a wide variety of equipment, including storages from manufacturers such as NetApp, Dell EMC, DELL, HPE e IBM, we fill the gap left by manufacturers discontinuing support. This proactive approach ensures that arrays are ready to face critical updates such as KB5020805, minimizing incompatibility risks and potential negative business impacts.
Benefits of Partnering with DC Parts
1. Enhanced Protection: Upgraded equipment is better able to tackle emerging threats, protecting the organization's valuable digital assets.
2. Compatibility Guaranteed: Firmware updates ensure that arrays are in line with changes from operating system updates.
3. Disruption Prevention: Updating firmware before implementing critical updates reduces the likelihood of unexpected interruptions to operations.
4. Operational Continuity: Updated storage minimizes the possibility of losing access to essential data and services.
Conclusion
The update KB5020805 from Microsoft represents a crucial step towards strengthening security in Windows environments. To avoid adverse impacts, it is imperative to maintain equipment such as storages NetApp, Dell EMC, DELL, HPE e IBM updated with the latest supported firmware versions. A DC Parts stands out as a valuable partner, offering the assurance that storages will be ready to face mandatory updates like KB5020805, protecting the company's data and operational continuity. In a scenario where cybersecurity is essential, the partnership with DC Parts it is a crucial investment for the protection and success of the organization.