Windows Report

Microsoft Warns of Kerberos Changes That Could Break Enterprise Logins

Microsoft will enforce stronger Kerberos encryption in April 2026, removing RC4 support and potentially impacting enterprise setups.
Ars Technica

Internet Explorer always using Kerberos authentication... even when unsupported.

Server: Fully-patched 2008 R2, running Certificate Services. The /certsrv virtual directory is using (I believe) default settings. Specifically, this means it's using Windows Authentication, with NTLM ...
Dark Reading

Flawed Deployments Undermine Kerberos Security

Significant weaknesses in the common configuration of Kerberos-based authentication servers could allow attackers to more easily circumvent security measures in networks that rely on the open ...
Bleeping Computer

Windows Kerberos authentication breaks after November updates

Microsoft is investigating a new known issue causing enterprise domain controllers to experience Kerberos sign-in failures and other authentication problems after installing cumulative updates ...
Bleeping Computer

Windows Kerberos authentication breaks due to security updates

Microsoft is investigating a new known issue causing enterprise domain controllers to experience Kerberos authentication problems after installing security updates released to address CVE-2020-17049 ...

Microsoft reminder of next phase of Kerberos RC4 hardening

Microsoft wants to get rid of insecure RC4 encryption. The company points out that the next phase starts in April.
Ars Technica

Kerberos authentication between domains in AD

Heres a quick question I'm having trouble finding a straight answer too in the RK or other sources, and I don't have time to model it in the test lab before our meeting (argument) next week.<P>If an ...