Microsoft Security Update Validation Report November 2022

Microsoft’s November 2022 security updates have passed Citrix testing (the updates are listed below). The testing is not all-inclusive; all tests are executed against English-only environments and issues may still be found upon implementation. Follow best practices for testing and installing software updates/patches in a development environment before implementing the updates in a production environment.

  • Virtual Apps and Desktops 7 1912 CU6 LTSR
  • Virtual Apps and Desktops 7 2203 CU1 LTSR
  • Virtual Apps and Desktops 7 2209

Where applicable, the above Citrix products were tested with the below updates.

Product KB Article
Windows 11 v21H2 (Original release) 5019961
Windows 11 v22H2 (2022 Update) 5019980
Windows 10 21H1 (May 2021 Update) / 21H2 (November 2021 Update) / 22H2 (2022 Update)
5019959
Windows Server 2019
5019966
Windows Server 2016 5019964
Windows Server 2022 5019081
Windows Server 2012 R2 5020023, 5020010
.NET Framework 5020801, 5020687, 5020614, 5020686,

5020685, 5020690, 5020679, 5020695, 5020694, 5020622
Office 5002275, 5002253, 5002217, 5002261, 5002223

Note: Patches for Operating Systems (E.g. Windows Vista, Server 2008, Server 2012, Windows 10 v1507 etc) and products (E.g. Office Web Apps, Online Server, SharePoint, Dynamics 365 etc) that are not listed above were not validated.

Known issues

Issue Description

After applying Microsoft Update KB5019966 , DaaS – VDAs are not registering with Cloud Connectors

Problem Cause

This update addresses security bypass and elevation of privilege vulnerability with Authentication Negotiation by using weak RC4-HMAC negotiation. The update will set AES as the default encryption type for session keys on accounts that are not marked with a default encryption type.

Workaround

Follow the workaround outlined on CTX474888 – DAAS – VDAs not registering with Cloud Connectors after applying Microsoft Update KB5019966

Visit the Microsoft Security Response Center (MSRC) page to view Microsoft security updates.

Related:

  • No Related Posts

Leave a Reply