Microsoft is currently investigating a bug which may prevent Windows 10 devices using MIT Kerberos realms to start-up or enter a restart loop after installing a recent cumulative update.
Kerberos is the default authentication protocol on all Windows versions above Windows 2000 for domain controlled devices and it replaces the NTLM authentication protocol.
Authentication protocols enable authentication of users, computers, and services, while the authentication process makes it possible for authorized users and services to access resources in a secure manner.
Domain connected Windows 10 devices using MIT Kerberos realms affected by this newly acknowledge issue include both domain controllers and domain members as explained by Microsoft.
The client and server platforms impacted by this issue are listed in the table below together with the cumulative updates causing the problems after installation:
|Windows 10, version 1903||Windows Server, version 1903||KB4497935|
|Windows 10, version 1809||Windows Server, version 1809/Windows Server 2019||KB4505658|
|Windows 10 Enterprise LTSC 2019||N/A|
|Windows 10, version 1803||Windows Server, version 1803||KB4507466|
|Windows 10, version 1709||Windows Server, version 1709||KB4507465|
|Windows 10, version 1703||KB4507467|
|Windows 10 Enterprise LTSC 2016||N/A|
|Windows 10, version 1607||Windows Server 2016||KB4507459|
Redmond also says that users who don't know if their devices are impacted by this issue should contact their system administrator and ask for more details.
Advanced Windows 10 users can check on their own if their devices are affected by checking if the following registry key exists on their system:
Another method to find out if a Windows 10 device may be impacted by this bug is to look for the "Define interoperable Kerberos v5 realm settings" policy under Computer Configuration > Policies > Administrative Templates > System > Kerberos.
For now, Microsoft recommends that "devices in an affected environment do not install" the problematic cumulative updates.
Redmond's developers are currently working on a resolution for this newly acknowledged issue, with an estimated solution to be available during mid-August.
Today, Microsoft also added a new compatibility hold on Windows 10 devices preventing them from upgrading to Windows 10 1903 if using older Intel Rapid Storage Technology (Intel RST) drivers.
This safeguard has been put in place to prevent users of incompatible devices from experiencing either degraded performance or various issues after installing the Windows 10 May 2019 Feature Update.