Kb5018474

I've tried everything that Google has to offer for solutions. I have a Windows 10 machine and a Surface Pro Win11 machine on 22h2 that can RDP into WinServer2012r2 using the verified credentials. But the other two Win11 machines just come back with "The user name or password is incorrect. Try again." The only common thing with the two machines that cannot RDP is that they're both AMD machines.
Edit: I can't wrap my head around why this is being so wonky

• Server 2012 R2 - Xeon -uninstalled KB5012170 & KB5018474
• Surface Win11 22H2 - Can RDP to server and browse shares
• Win 10 Xeon - Can RDP to server and browse shares
• Win 10 Intel 4820 - Can RDP to server and browse shares
• Win11 - 3700x AMD - Cannot RDP to server, can browse shares and takes credentials to access shares
• Win 11 - 3950x AMD - Profile 1 - Cannot RDP to server, can browse shares and takes credentials to access shares
• Profile 2 - Cannot RDP to server, cannot browse shares and does not take credentials to access shares

​
​
​
​

Via the Microsoft Support website:

REMINDER Windows 8.1 will reach end of support on January 10, 2023 for all editions, at which point technical assistance and software updates will no longer be provided. If you have devices running Windows 8.1, we recommend upgrading them to a more current, in-service, and supported Windows release. If devices do not meet the technical requirements to run a more current release of Windows, we recommend that you replace the device with one that supports Windows 11.
Microsoft will not be offering an Extended Security Update (ESU) program for Windows 8.1. Continuing to use Windows 8.1 after January 10, 2023 may increase an organization’s exposure to security risks or impact its ability to meet compliance obligations.
For more information, see Windows 8.1 support will end on January 10, 2023.
Windows Server 2012 R2 will reach end of support on October 10, 2023 for Datacenter, Essentials, Embedded Systems, Foundation, and Standard.

This cumulative security update includes improvements that are part of update KB5018474 (released October 11, 2022) and includes key changes for the following:

• Addresses a Distributed Component Object Model (DCOM) authentication hardening issue to automatically raise authentication level for all non-anonymous activation requests from DCOM clients. This will occur if the authentication level is less than RPC_C_AUTHN_LEVEL_PKT_INTEGRITY.
  
• Updates the daylight-saving time (DST) for Jordan to prevent moving the clock back 1 hour on October 28, 2022. Additionally, changes the display name of Jordan standard time from “(UTC+02:00) Amman” to “(UTC+03:00) Amman”.
  
• Addresses an issue where Microsoft Azure Active Directory (AAD) Application Proxy Connector cannot retrieve a Kerberos ticket on behalf of the user because of the following general API error: “The handle specified is invalid (0x80090301).”
  
• Addresses an issue where, after installing the January 11, 2022 or later update, the Forest Trust creation process fails to populate the DNS name suffixes into the trust information attributes.
  
• Addresses an issue where the Microsoft Visual C++ Redistributable Runtime does not load into the Local Security Authority Server Service (LSASS) when Protected Process Light (PPL) is enabled.
  
• Addresses security vulnerabilities in the Kerberos and Netlogon protocols as outlined in CVE-2022-38023, CVE-2022-37966, and CVE-2022-37967. For deployment guidance, see the following articles:
  
  • KB5020805: How to manage the Kerberos protocol changes related to CVE-2022-37967
  • KB5021130: How to manage the Netlogon protocol changes related to CVE-2022-38023
  • KB5021131: How to manage the Kerberos protocol changes related to CVE-2022-37966

For more information about the resolved security vulnerabilities, please refer to the Deployments Security Update Guide and the November 2022 Security Updates.

Anyone else going grey from the RDP issues effecting servers from the recent patches.
The reg key fix does not fix the problem for any of my team.
I only observe reset packets to a domain controller during the rdp request. Removing the October and September CU’s from that DC, resolve the issue seemingly.
My problem is that it appears totally random, I will have clients all at the same patch level, remote to the same server using the same dc. It will fail for one client and have no issue with the other. I will reboot the clients and it will start working again.
To add more salt to the wounds the OOB fix MS released does piss all for any win10/11 clients & I’m not sure if they even acknowledged the issue right now
EDIT4: I observed the error from Win10 21h2 and 22h2 as well as the latets win11 build. I am remoting to a multitude of servers from 2008 r2 to 2022. Intermittently will have the issue.
The error appears to be with the DC brokering the authentication process. My DC's are all 2016 and 2019. I have observed the issue with both OS versions.
EDIT: Observing a packet capture, you will see TCP resets to one of your DC's. Removing KB5018474 from the DC and rebooting will resolve the issue.
EDIT2: Appears the remote desktop app from the store is a workaround LOL
EDIT3: To reiterate, any client side reg key fix for the UDP problem does NOT resolve it in my environment atleast. The OOB patch for clients also does not resolve the error.
EDIT WITH Fix: OOB patch detailed here fixed the issues for us: https://learn.microsoft.com/en-us/windows/release-health/windows-message-center#2961
Cumulative updates: Windows Server 2022: KB5021656 Windows Server 2019: KB5021655 Windows Server 2016: KB5021654

Was hoping for some tips. On prem + Azure. Suddenly unable to RDP to any VMs in Azure using hostname. Still can RDP via IP. No updates applied. Running nslookup produces correct results. Can RDP between VMs from Azure and to any on prem servers. Started Monday. Has anyone seen this happen before?
UPDATE: Removing KB5018474 from the on prem DC resolved the issue.

Via the Microsoft Support website:

REMINDER Windows 8.1 will reach end of support on January 10, 2023 for all editions, at which point technical assistance and software updates will no longer be provided. If you have devices running Windows 8.1, we recommend upgrading them to a more current, in-service, and supported Windows release. If devices do not meet the technical requirements to run a more current release of Windows, we recommend that you replace the device with one that supports Windows 11.
Microsoft will not be offering an Extended Security Update (ESU) program for Windows 8.1. Continuing to use Windows 8.1 after January 10, 2023 may increase an organization’s exposure to security risks or impact its ability to meet compliance obligations.
For more information, see Windows 8.1 support will end on January 10, 2023.
Windows Server 2012 R2 will reach end of support on October 10, 2023 for Datacenter, Essentials, Embedded Systems, Foundation, and Standard.

This cumulative security update includes improvements that are part of update KB5017367 (released September 13, 2022) and includes key changes for the following:

• Addresses an issue that leads to User Datagram Protocol (UDP) packet drops from Linux virtual machines (VMs).
• Updates daylight saving time (DST) in Chile to start on September 11, 2022 instead of September 4, 2022.

For more information about the resolved security vulnerabilities, please refer to the Deployments Security Update Guide and the October 2022 Security Updates.