Find notable cyber news and cases, enriched with sources, timelines, and signals.

Windows duplicate SID authentication failures mitigation guidance

Advisory/Mitigation
First reported
Last updated
Happening score
H score 18
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft issued remediation guidance for Windows systems with duplicate SIDs, after updates released since August 29, 2025 started breaking Kerberos and NTLM authentication. The issue affects Windows 11 24H2, Windows 11 25H2, and Windows Server 2025, causing login failures, Remote Desktop problems, and access denied errors. Microsoft says admins should rebuild affected systems or apply a temporary Group Policy workaround to restore authentication.

Related Happenings

Microsoft WUSA network-share Windows update failure

Service Disruption
H score0 First: 12.06.2026 14:44 Last: 12.06.2026 14:44 Sources 1

About this happening: Microsoft has fixed a **WUSA** problem that caused **Windows updates** to fail when installed from a **network share**, disrupting update deployment on **Windows 11 24H2/25H2** an...

Microsoft BitLocker recovery prompt workaround

Advisory/Mitigation
H score25 First: 09.06.2026 21:35 Last: 09.06.2026 21:35 Sources 1

About this happening: Microsoft issued a **temporary workaround** for **BitLocker recovery prompts** on some **Windows** systems after recent updates. The issue affects devices configured with a **BitL...

Microsoft My Sign-Ins MFA outage

Service Disruption
H score25 First: 01.06.2026 14:40 Last: 01.06.2026 14:40 Sources 1

About this happening: **Microsoft** is dealing with an **ongoing outage** that is blocking some users from setting up **multi-factor authentication (MFA)** and accessing **My Sign-Ins**. Affected users...

Microsoft Windows Server 2016 domain controller discovery failure after KB5087537

Service Disruption
H score0 First: 26.05.2026 10:41 Last: 26.05.2026 10:41 Sources 1

About this happening: Microsoft confirmed a **known issue** in **Windows Server 2016** after **KB5087537** that can prevent **domain controller discovery**, disrupting administrative operations and app...

Microsoft Windows Update restricted-network download failure

Service Disruption
H score13 First: 19.05.2026 14:22 Last: 19.05.2026 14:22 Sources 1

About this happening: Microsoft's **Windows Update** is failing in **restricted network environments** after the **January 2026 optional non-security preview updates**, leaving affected systems unable...

Timeline

  1. 21.10.2025 19:56 1 articles · 8mo ago

    Windows updates enforce SID checks on duplicate-SID systems

    Technical Analysis Update

    Windows updates released on and after August 29, 2025 add security protections that enforce checks on Security Identifiers (SIDs), causing Kerberos and NTLM authentication to fail when devices have duplicate SIDs and disrupting remote desktop connections, login attempts, and access to network resources on Windows 11 24H2, Windows 11 25H2, and Windows Server 2025.

    Show sources
  2. 21.10.2025 19:56 2 articles · 8mo ago

    Microsoft confirms duplicate-SID authentication failures and mitigation guidance

    Initial Disclosure

    Microsoft’s support document confirms Kerberos and NTLM authentication failures on devices with duplicate SIDs, identifies cloning or duplicating a Windows installation without Sysprep as a cause, and advises IT administrators to rebuild affected systems using supported cloning methods or temporarily install a special Group Policy obtained through Microsoft Support for business.

    Show sources