LANDESK Patch News Bulletin: Microsoft has Released KB3038562 which fixes DPAPI 18-MAY-2015

Version 1

    LANDESK Security and Patch News




    ·     (May 18, 2015) Microsoft has released KB3038562  which fixes an issue in which you cannot access DPAPI protected data or certificate private keys in a domain. This issue occurs after the domain controller is upgraded from an earlier version of Windows Server to Windows Server 2012 R2, and after an.

    Assume that a domain controller is upgraded from an earlier version of Windows Server to Windows Server 2012 R2. After an administrator resets a user's password in the domain, the user cannot access Windows Data Protection API (DPAPI) protected data. For example, the user cannot access the certificate private key.

    This issue occurs because of an incompatibility in the authentication mechanism that is used by domain controllers. If DPAPI keys are backed up on domain controllers that are running on pre-Windows Server 2012-based servers, and the same keys are retrieved from domain controllers after an upgrade to Windows Server 2012 R2, key retrieval fails after an administrator changes a user's password.

    Please visit the following page for more details:  


    New Vulnerabilities     

      ·        Vulnerability ID – 3038562_MSU  


    Changed Vulnerabilities     

    ·        Vulnerability ID – N/A    


    New Patch Downloads     

    ·         windows8.1-kb3038562-x86.msu  

    ·         windows8.1-kb3038562-x64.msu  


    Where to Send Feedback           

    At LANDESK, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.    


    Best regards,  

    LANDESK Product Support  


    Copyright © 2015 LANDESK Software.  All rights reserved. LANDESK is either a registered trademark or trademark of LANDESK Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.    


      Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. LANDESK disclaims any liability with respect to this document and LANDESK has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit