Summary
The January 11, 2022, Windows updates and later Windows updates add protections for CVE-2022-21913.
After you install the January 11, 2022, Windows updates or later Windows updates, Advanced Encryption Standard (AES) encryption will be set as the preferred encryption method on Windows clients when you use the legacy Local Security Authority (Domain Policy) (MS-LSAD) protocol for trusted domain object password operations that are sent over a network. This is true only if AES encryption is supported by the server. If AES encryption is not supported by the server, the system will allow fallback to the legacy RC4 encryption.
Changes in CVE-2022-21913 are specific to the MS-LSAD protocol. They are independent of other protocols. MS-LSAD uses Server Message Block (SMB) over remote procedure call (RPC) and named pipes. Although SMB also supports encryption, it is not enabled by default. By default, the changes in CVE-2022-21913 are enabled and provide additional security at the LSAD layer. No additional configuration changes are required beyond installing the protections for CVE-2022-21913 that are included in the January 11, 2022, Windows updates and later Windows updates on all supported versions of Windows. Unsupported versions of Windows should be discontinued or upgraded to a supported version.
Note CVE-2022-21913 modifies only how trust passwords are encrypted in-transit when you use specific APIs of the MS-LSAD protocol and specifically do not modify how passwords are stored at rest. For more information about how passwords are encrypted at rest in Active Directory and locally in the SAM Database (registry), see Passwords technical overview.
More information
Changes made by the January 11, 2022, updates
-
Policy Object pattern
The updates modify Policy Object pattern of the protocol by adding a new Open Policy method that enables the client and server to share information about AES support.Old method using RC4
New method using AES
LsarOpenPolicy2 (Opnum 44)
LsarOpenPolicy3 (Opnum 130)
For a complete list of MS-LSAR protocol opnums, see [MS-LSAD]: Message Processing Events and Sequencing Rules.
-
Trusted Domain Object pattern
The updates modify Trusted Domain Object Create pattern of the protocol by adding a new method to create a trust that will use AES to encrypt authentication data.
The LsaCreateTrustedDomainEx API will now prefer the new method if the client and server are both updated and fall back to the older method otherwise.
Old method using RC4
New method using AES
LsarCreateTrustedDomainEx2 (Opnum 59)
LsarCreateTrustedDomainEx3 (Opnum 129)
The updates modify the Trusted Domain Object Set pattern of the protocol by adding two new Trusted Information Classes to the LsarSetInformationTrustedDomain (Opnum 27), LsarSetTrustedDomainInfoByName (Opnum 49) methods. You can set Trusted Domain Object information as follows.
Old method using RC4
New method using AES
LsarSetInformationTrustedDomain (Opnum 27) together with TrustedDomainAuthInformationInternal or TrustedDomainFullInformationInternal (holds an encrypted trust password that uses RC4)
LsarSetInformationTrustedDomain (Opnum 27) together with TrustedDomainAuthInformationInternalAes or TrustedDomainFullInformationAes (holds an encrypted trust password that uses AES)
LsarSetTrustedDomainInfoByName (Opnum 49) together with TrustedDomainAuthInformationInternal or TrustedDomainFullInformationInternal (holds an encrypted trust password that uses RC4 and all other attributes)
LsarSetTrustedDomainInfoByName (Opnum 49) together with TrustedDomainAuthInformationInternalAes or TrustedDomainFullInformationInternalAes (holds an encrypted trust password that uses AES and all other attributes)
How the new behavior works
The existing LsarOpenPolicy2 method is typically used to open a context handle to the RPC server. This is the first function that must be called to contact the Local Security Authority (Domain Policy) Remote Protocol database. After you install these updates, the LsarOpenPolicy2 method is superseded by the new LsarOpenPolicy3 method.
An updated client that calls the LsaOpenPolicy API will now call the LsarOpenPolicy3 method first. If the server is not updated and does not implement the LsarOpenPolicy3 method, the client falls back to the LsarOpenPolicy2 method, and it uses the previous methods that uses RC4 encryption.
An updated server will return a new bit in the LsarOpenPolicy3 method response, as defined in LSAPR_REVISION_INFO_V1. For more information, see the "AES Cipher Usage" and "LSAPR_TRUSTED_DOMAIN_AUTH_INFORMATION_INTERNAL_AES" sections in MS-LSAD.
If the server supports AES, the client will use the new methods and new information classes for subsequent trusted domain "create" and "set" operations. If the server does not return this flag, or if the client is not updated, the client will fall back to using the previous methods that use RC4 encryption.
Event logging
The January 11, 2022, updates add a new event to the security event log to help identify devices that are not updated, and to help improve security.
Value |
Meaning |
---|---|
Event source |
Microsoft-Windows-Security |
Event ID |
6425 |
Level |
Information |
Event message text |
A network client used a legacy RPC method to modify authentication information on a trusted domain object. The authentication information was encrypted with a legacy encryption algorithm. Consider upgrading the client operating system or application to use the latest and more secure version of this method. Trusted Domain:
Modified By:
Client Network Address: RPC Method Name:For more information, go to https://go.microsoft.com/fwlink/?linkid=2161080. |
Frequently Asked Questions (FAQ)
Q1: What scenarios trigger a downgrade from AES to RC4?
A1: A downgrade occurs if the server or client does not support AES.
Q2: How can I tell whether RC4 encryption or AES encryption was negotiated?
A2: Updated servers will log event 6425 when legacy methods that use RC4 are used.
Q3: Can I require AES encryption on the server, and will future Windows updates programmatically enforce using AES?
A3: There is currently no enforcement mode available. However, there might be in the future, although no such change is scheduled.
Q4: Do third-party clients support protections for CVE-2022-21913 to negotiate AES when supported by the server? Should I contact Microsoft Support or the third-party support team to address this question?
A4: If a third-party device or application is not using the MS-LSAD protocol, then this is not important. Third-party vendors that implement the MS-LSAD protocol might choose to implement this protocol. For more information, contact the third-party vendor.
Q5: Do any additional configuration changes have to be made?
A5: No additional configuration changes are necessary.
Q6: What uses this protocol?
A6: The MS-LSAD protocol is used by many Windows components, including Active Directory and tools such as the Active Directory Domains and Trusts console. Applications might also use this protocol through advapi32 library APIs, such as LsaOpenPolicy or LsaCreateTrustedDomainEx.