Skip to Content

MC411583: Reminder: Removal of temporary mitigation in Windows updates requires compliant printing and scanning devices

Firmware on smartcard authenticating printers and scanners must be compatible with section 3.2.1 of RFC 4556 in order to successfully authenticate with Active Directory domain controllers before installing the August 2022 security update.

Windows Updates released on July 13, 2021 introduced protections for CVE-2021-33764 which required all devices with a key exchange during the PKINIT Kerberos authentication, including smartcard authenticating printers, to either support:

  • Diffie-Hellman or,
  • advertise support for the des-ede3-cbc (“triple DES) e-type during the Kerberos AS request.

How this will affect your organization

Windows updates released between July 27, 2021, and July 26, 2022 supported temporary mitigation that allowed non-RFC compliant devices to authenticate with Active Directory. As of August 9, 2022, or later, Windows update removes all temporary mitigation released to Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2.

What you need to do to prepare

Firmware on Smartcard-authenticating printers and scanners must be compatible with section 3.2.1 of the RFC 4556 specification required for CVE-2021-33764 prior to installing Windows updates released on August 9, 2022 or later on Active Directory domain controllers.

When will this happen

August 9, 2022, or later.

Additional information

Review the below documentation

Message ID: MC411583
Published: 10 August 2022
Updated: 10 August 2022
Platform: World tenant, Windows Desktop, Online

Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.