Microsoft has issued security updates to address a Kerberos security feature bypass vulnerability. The vulnerability tracked as CVE-2020-16996 is exploitable remotely by attackers with low privileges. Microsoft also fixed a similar vulnerability (tracked as CVE 2020-17049) during November 2020’s Patch Tuesday. Microsoft strongly recommends that customers running any of these versions of Windows Server install the updates and then follow the steps outlined in a two-phase staged rollout. The company also published patching guidance with additional details on how to fully mitigate the bug.
Source: https://www.bleepingcomputer.com/news/security/microsoft-fixes-new-windows-kerberos-security-bug-in-staged-rollout/