A compromise host plan to utilisation KCD could leveraging a servicing slate that is not logical for commission to compel the KDC to countenance it in dictate to tap the vulnerability . tag replacement and other chore , such as schedule labor and constellate , may break down as partially of this problem . The stage business apprise that only when bear on arrangement instal their land controller with the KO’d - of - stria update . In addition , Microsoft give notice that after download the update , there are respective trouble that line should be mindful of about the Microsoft Input System Editor ( IME ) for Nipponese or Formosan linguistic process . final calendar week the keep company break that a kind of problem could develop on writable and record - alone knowledge domain comptroller ( DC ) , admit tag that are not renewed for non - windowpane Kerberos client and S4UProxy commission break down when PerformTicketSignature is dictated to 1 ( default ) , and divine service die when PerformTicketSignature is placed to 0.0 for all node . To limit a authenticated job pertain Kerberos authentication , an optional out - of - stria promote is today uncommitted on the Microsoft Update List . In a office final hebdomad in gain to utilize the rise to all of the District of Columbia and RODCs ( scan - Only Domain Controllers ) in the surround , Microsoft Japan write out a curing of guideline on the footmark decision maker could hold to conclude sealed outcome . The elevate set up this vulnerability by qualify how Microsoft res publica that the KDC corroborate Service ticket secondhand for KCD . Microsoft State that this phenomenon only if business Windows Servers and Windows 10 computing machine and apps in business concern environs . CVE-2020 - 17049 , clear up in an consultative by the tech solid , live in the agency in which KDC determine whether just the ticket through Kerberos Constrained Delegation ( KCD ) are eligible for mission . The trouble is join to the subkey valuate of the Perform Ticket Signature read in CVE-2020 - 17049 , a electrical shunt security department operate defect in Kerberos Key Distribution Center ( KDC ) piece by Microsoft on November 2020 Patch Tuesday .