After a fix for version 1809 was released a few days ago,Today, Microsoft again released a security update for windows 10 version 2009 / 2004 / 1909 / 1903 / 1607The key point is to fix the high-risk vulnerability in Kerberos authentication system (No. cve-2020-17049).
In the update log
Fixed cve-2020-17049 vulnerability and Kerberos authentication issues related to performticketsignature registry subkey values, which were included in the cumulative update released on November 10.
When performticketsignature is set to 1 (the default), Kerberos service tickets and ticket granting tickets (tgts) may not be renewed for non windows Kerberos clients.
When performticketsignature is set to 0, user service (s4u) scenarios for all clients (such as scheduled tasks, clusters, and line of business application services) may fail.
If the DC in the intermediate domain is updated inconsistently and performticketsignature is set to 1, s4uproxy delegation fails during ticket reference in a cross domain scenario.
The above is the win10 repair Kerberos authentication system vulnerability related introduction, I hope you like, please continue to pay attention to developeppaer.