Smart Card printing failure mitigation to be removed by Microsoft

2 min. read

Published onJuly 15, 2022

published onJuly 15, 2022

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Key notes

It’s no secret that, sometimes, Patch Tuesday updates can lead to other issues, been though they are designed for fixing certain problems.

And, since we’re on the topic, such was the case for theJuly 2021 Patch Tuesdaywhich broke printing and scanning while using Smart Card authentication.

Back when this was happening, Microsoft provided mitigation solutions for this issue, so it was about time for the situation to be dealt with accordingly.

What is Microsoft planning to do?

However, the Redmond tech giant hasannouncedthat it will be removing these mitigations soon, starting with the upcoming July 19 update that will be out in a few days time.

As you already know, on July 13, 2021, Microsoft released hardening changes forWindows Key Distribution Center Information Disclosure Vulnerability, CVE-2021-33764.

After these  changes are applied, smart card (PIV) authentication might cause print and scan failures when you install updates released on July 13, 2021, or later versions on a domain controller (DC).

Thus, the affected devices are smart card authenticating printers, scanners, and multifunction devices that don’t support either Diffie-Hellman (DH) for key exchange during PKINIT Kerberos authentication or don’t advertise support for des-ede3-cbc (“triple DES”) during the KerberosASrequest.

As a result, a temporary mitigation was released in Windows Updates between July 29, 2021, and July 12, 2022, and was made available for organizations that encountered this issue and couldn’t bring devices into compliance as required for CVE-2021-33764.

So, according to the latest statements coming out of Redmond, starting in July 2022, this temporary mitigation will not be usable in security updates.

Why, you ask? Well, the Windows July 2022 preview update will remove the temporary mitigation and will require compliant printing and scanning devices.

The conclusion is that, as of July 19, 2022, there will be no further fallback option in later updates, and all non-compliant devices must be identified using the audit events starting in January 2022 and updated or replaced by the mitigation removal.

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low#

Copilot in Outlook will generate personalized themes for you to customize the app#

Microsoft will raise the price of its 365 Suite to include AI capabilities#

Death Stranding Director’s Cut is now Xbox X|S at a huge discount#

Outlook will let users create custom account icons so they can tell their accounts apart easier#

Smart Card printing failure mitigation to be removed by Microsoft#

What is Microsoft planning to do?#

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

Smart Card printing failure mitigation to be removed by Microsoft

What is Microsoft planning to do?