Loading...

KB5014754: Certificate-based authentication changes on Windows domain controllers

KB5014754: Certificate-based authentication changes on Windows domain controllers

The article KB5014754 outlines important changes to certificate-based authentication requests on Windows domain controllers, including updates to the security requirements timeline. To enhance security, the February 2025 Windows security update will introduce Full Enforcement mode, which will deny authentication for certificates that do not meet expected mapping requirements. Devices that do not already have the StrongCertificateBindingEnforcement registry value set to 2 will be moved to Full Enforcement mode by the February 2025 update, with options to move back to Compatibility mode until September 2025.

Windows updates after September 2025 will no longer support StrongCertificateBindingEnforcement registry values. To prepare for these changes, review the KB5014754 article's Take action, Full Enforcement mode, and Registry key information sections and take the appropriate security measures.

For further details and additional information, consult the KB5014754 article, which can be accessed through the provided link. This article is provided by M365 Admin and was last updated on September 10, 2024.

Published on:

Learn more
M365 Admin
M365 Admin

by João Ferreira

Share post:

Related posts

The August 2024 Windows security update is now available

The August 2024 security update for all supported versions of Windows is now available, and it is highly recommended that you install it promp...

8 months ago

The April 2024 security update is now available

Attention Windows 11 and Windows 10 users! The April 2024 security update is now available. It is highly recommended that you install this upd...

1 year ago

When to use Windows 10 Extended Security Updates

If you are looking to prepare for Windows 10 end-of-life support, then this post has got you covered. The article discusses how to enroll in t...

1 year ago

Expedite non-security updates in Windows 11

With Microsoft Intune or Microsoft Graph, you can now speed up non-security updates in Windows 11. Previously, you could only expedite securit...

1 year ago

Out-of-band updates to address a Windows Server domain controller issue

Microsoft has released out-of-band (OOB) updates for some versions of Windows to address an issue related to a memory leak in the Local Securi...

1 year ago

Non-security preview updates will continue to be released for Windows 11, version 22H2

If you're using or managing Windows 11, version 22H2 devices, you can now expect to receive non-security preview updates for a longer period o...

1 year ago

Device readiness checks for expedited Windows quality updates

If you're using Windows Update for Business deployment service for fast-tracking Windows quality updates, you can now make the process even ea...

1 year ago

Windows Server 2012/R2: Extended Security Updates

If you're still running Windows Server 2012, Windows Server R2 or Windows Embedded Server 2012 R2, you can now purchase up to an additional th...

1 year ago

New security capabilities of Event Tracing for Windows

The Event Tracing for Windows has recently received nine improvements to facilitate better cybersecurity threat diagnosis. Specifically, the s...

1 year ago

Microsoft Edge: Enhanced security mode improvements

Microsoft Edge's enhanced security mode is getting a boost with WebAssembly support for macOS x64 and Linux x64, with cross-platform (ARM64) c...

2 years ago
Stay up to date with latest Microsoft Dynamics 365 and Power Platform news!
* Yes, I agree to the privacy policy