Removal of temporary mitigation in Windows updates for printing and scanning devices
A quick reminder that as of August 9, 2022, the security Windows updates removes all temporary mitigation released to all Windows updates between July 27, 2021 and July 26, 2022 for smart card authenticating printers, scanners, and multifunction devices that don’t support either: Diffie-Hellman (DH) for key exchange during PKINIT Kerberos authentication, Or, don’t advertise support for des-ede3-cbc ("triple DES”) during the Kerberos AS request Without this mitigation, smart card authentication (PIV) might fail on non-compliant devices and cause print and scan failures. Firmware on Smartcard-authenticating printers and scanners must be compatible with section 3.2.1 of the https://www.ietf.org/rfc/rfc4556.txt required for https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33764 prior to installing Windows updates released on August 9, 2022 or later on Active Directory domain controllers. Go to https://support.microsoft.com/en-us/topic/kb5005408-smart-card-authentication-might-cause-print-and-scan-failures-514f0bc5-ecde-4e5e-8c5a-2a776d7fb89a for more information.
