Microsoft resolves Windows 11 password rotation issue for Enterprise Devices

The issue was fixed with the latest Patch Tuesday updates.

News

1 min. read

Published on April 9, 2025

by Flavius Floare

published on April 9, 2025

Share this article

Readers help support Windows Report. We may get a commission if you buy through our links.

Microsoft has addressed an authentication issue impacting enterprise devices running Windows 11, version 24H2.

The problem, linked to the Identity Update Manager certificate with Public Key Cryptography for Initial Authentication (PKINIT), caused passwords to fail to rotate every 30 days as intended.

This issue primarily affected Kerberos Authentication devices with the Credential Guard security feature enabled. It led to authentication failures and marked devices as stale, disabled, or deleted.

While the problem was confined to enterprise environments and did not typically affect personal or home users running Windows Home Edition, it created significant challenges for businesses relying on Kerberos Authentication.

Microsoft resolved the issue in its April 2025 Windows security update (KB5055523) and subsequent patches. The update also temporarily disables the affected Credential Guard feature, which relies on password rotation, until a permanent solution is implemented.

Enterprise users are encouraged to install the latest updates to ensure their systems are secure and fully operational.

More about the topics: microsoft, Windows 11

Flavius Floare

Tech Journalist

Flavius is a writer and a media content producer with a particular interest in technology, gaming, media, film and storytelling. He's always curious and ready to take on everything new in the tech world, covering Microsoft's products on a daily basis. The passion for gaming and hardware feeds his journalistic approach, making him a great researcher and news writer that's always ready to bring you the bleeding edge!

User forum

0 messages

Sort by:

Leave a Reply Cancel reply