Friday, December 13, 2024

Microsoft Windows 11 loses access to certificate private keys

Date:

Apparently, there is a bug in the handling of certificates in Windows 11, which many companies are currently switching to. Many organizations use certificate-based authentication to access networks or resources within them. Especially when connecting from insecure networks, the use of a VPN is a common thing nowadays.

Like its predecessors, Windows 11 offers two certificate stores to store such VPN certificates: a computer certificate store and a user certificate store. In addition to trusted root or intermediate certificate authorities, this also includes your own certificates.

The problem now is that according to reports from some administrators, after changing the user password in Active Directory and then rebooting no more access to own certificates exists in the user certificate store. only one A new import helped in some cases.. Even a private key marked as exportable could not be accessed.

Based on current knowledge, the error only appears with Active Directory clients in combination with specially imported user certificates. Standalone PCs without domain integration do not appear to be affected.

Behavior is leading especially in times of pandemic to massive problems when using certificate-based VPNs, but also in WLAN and LAN networks authenticated with user certificates. Applications with certificate-based client authentication are also affected. According to forum posts, early admins are already breaking the Win 11 release due to the issue.

iX asked Microsoft for a statement, but only received information on May 5 that the manufacturer was “in the process of looking at the issue more closely.” Apparently the search for the cause is ongoing, especially since the error only occurs if the client, for example in the home office, has no connection to the AD immediately after changing the password (as of May 9, 2022 at 2 pm).

[Update: 09.05.2022 – 14:50 Uhr] According to a previous version of this message, a patch already exists for the problem described. Apparently that’s not the case yet.

More from iX Magazine

More from iX Magazine

More from iX Magazine


(you)

to the home page

Ebenezer Robbins
Ebenezer Robbins
Introvert. Beer guru. Communicator. Travel fanatic. Web advocate. Certified alcohol geek. Tv buff. Subtly charming internet aficionado.

Share post:

Popular

More like this
Related

Practice Acrylic Nail Techniques Without Needing a Fake Hand

When you're starting your journey with acrylic nails, practice...

Inside the World of Common Snapping Turtles: Behavior and Habitat

The common snapping turtle (Chelydra serpentina) is one of...

How to Use Video Marketing to Promote B2C Products?

Video marketing has emerged as a powerful tool for...

Adapting to Change: The Future for Leopard Tortoise Environments

Leopard tortoises, known for their striking spotted shells and...