For additional details, Microsoft has released a Windows OS Patch for the Domain Controllers that makes corrections to the security vulnerabilities within Netlogon and Kerberos protocols outlined in CVE-2022-38023, CVE-2022-37966, and CVE-2022-37967. The errors were observed after implementing the specific update November 8, 2022—KB5019966 (OS Build 17763.3650) (microsoft.com), on Domain Controllers, Citrix Delivery Controllers and Citrix Cloud Connectors.
For deployment guidance on what this KB corrects, see the following:
- KB5020805: How to manage the Kerberos Protocol changes related to CVE-2022-37967
- KB5021130: How to manage Netlogon Protocol changes related to CVE-2022-38023
- KB5021131: How to manage the Kerberos Protocol changes related to CVE-2022-37966