The recent April Patch Tuesday updates have brought an unexpected challenge for enterprise administrators and IT security professionals: broken Kerberos authentication for Windows Hello and certificate-based logins on Active Directory Domain Controllers (DC) running supported versions of Windows...
active directory
authentication
certificate
certificate-basedlogons
cve-2025-26647
domain controller
enterprise identity
enterprise it
kerberos authentication
kerberos delegation
ntauth store
passwordless authentication
patch
pki
pkinit
security
smart card authentication
vulnerabilities
windows hello for business
windows server
