I'm looking into whether our systems are affected by the KB5014754 update, as my boss raised some concerns. A few years back, someone on my team set up new Active Directory servers running 2022, and they get regular updates through WSUS. I've checked the Event Viewer on all our AD servers, but I haven't seen any of the specific events (39, 40, 41) mentioned in the article. Also, the StrongCertificateBindingEnforcement registry key isn't present. Since updates have been applied after February 2025, I assume we're in full enforcement mode. Additionally, we haven't named any devices with a trailing dollar sign ('$'). Based on all this, can I conclude that we're secure, or is there something else I should look into?
4 Answers
Thanks for the info! I re-read the article—are those events supposed to show up under Windows Logs -> System or in Applications and Services Logs -> Microsoft -> Windows -> Kerberos-Key-Distribution-Center -> Operational? I checked, but it looks like we don’t have the Operational logs enabled.
As long as you have the updates installed, don't have the registry key disabling them, and aren't seeing those event codes on any domain controllers, you're in a good spot. Just a heads up, all computer objects in Active Directory inherently have a '$' at the end, so your devices would match that pattern.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures