Fall Creators Update (Version 1709) of Windows 10 breaks Duo for Windows Logon’s support for Microsoft Accounts


#43

Hi @cclarsen and @johnbize (and everyone else watching this thread),

We understand that this is a frustrating issue without a complete workaround and apologize for the time it’s taking to get this resolved. We are working with Microsoft on a solution and have further escalated this issue with our contacts there. We will promptly update this thread and our documentation as soon as a full solution is available, but we do not have any additional details to share at this time.


#44

We haven’t heard anything in three weeks.

I believe this is a significant enough bug to warrant frequent updates. Will a fix be in the next (March?) release? Has Duo just decided to abandon Windows account users? It broke last November, right?


#45

Hey @johnbize,

I understand the frustration, unfortunately there isn’t much to update at this time other than we are waiting on additional feedback from Microsoft developers. As soon as there is more info we’ll share it here.

Also we are not abandoning Microsoft/LiveID accounts.


#46

Hi Fellow Duo Users,
I used this product a lot and care about this feature. As a workaround I have reverted back to previous version prior to fall creators update and have paused build updates so that I can use feature without issues.

Hi Duo Support,
Are you open to allowing end users to help troubleshoot and in return probably provide bounties / rewards if the provided resolution does work? This would certainly help fast track the resolution of this particular issue. I’m guessing most of the users responding on this forum are either IT Pros or Developers that can help with proper motivation. It’s just a suggestion.


#47

@Jeal138

We don’t have a bug bounty program, but we’re always glad to work with customers.


#48

I also would like to express concern over this bug. There seems to have been little progress made, or at least communicated to the community.

While I am sure this is quite a difficult problem to handle, we are talking about something that was introduced in the FALL 2017 update. Microsoft releases major updates yearly or more often now for Windows 10.

Should we expect a major feature to be broken for half a year before a fix is applied? Another major update is six months away. Will this be resolved before the next huge patch comes and potentially causes more problems? Could this not have been tracked down before 1709 hit by finding the problem in one of the RCs and fixed before the cumulative patch set was pushed to consumers?

The other option is to expect us to hold off on installing vital security fixes to our machines? Obviously, your subscribers are more interested in security than the average user, so that is a non-starter.

Please help us understand how the problem is being worked, and when a resolution can be expected.


#49

We absolutely understand the frustration regarding this issue, but there is not a fix or timeline available at this time.

We are still very much working with Microsoft support on a resolution. You can also reach out to Microsoft Support regarding this issue as well. If you do so, please cite issue #117121217311532.


#50

I am interested in what Microsoft has to say, so I asked.

https://answers.microsoft.com/en-us/windows/forum/windows_10-security/duo-security-broken-after-fall-security-update/ba38be39-6dee-433d-a59b-295b80658342


#51

Also commenting that this is impacting my functionality of the program and I’m really surprised that it is taking this long to resolve.


#52

We have confirmation from Microsoft a bug was introduced in v1709 that causes multiple authentication prompts during RDP sessions. In build 1709, the ICredentialProviderFilter is constructed but IF the user already has a logged-in session (locked or unlocked) then Update RemoteCredential is not called. Build 1703 works.

The ETA provided by Microsoft for shipping the hotfix is 2-4 weeks. The SR# for this issue is: 118041318000260 if anyone else wants to track the issue.

On the the LiveID/Microsoft Account issue we are still engaged with Microsoft developers do not have an eta on resolution currently.