Message To Federal Accounts Utilizing A CAC/PIV Solution

To our valued clients:

The Microsoft July 2021 Cumulative Update for Windows Server Operating Systems caused an authentication failure that directly affects CAC/PIV and SIPRNet enabled MFDs globally. This update not only negatively impacted our Konica Minolta customers, but also others such as Canon, Ricoh, Lexmark, HP.

The Microsoft update KB5004238 (Server 2016) and KB5004244 (Server 2019) enforced enhanced encryption for PKI authentication to Windows Domain Controllers via CAC/PIV or SIPRNet Token. When this update is installed, PKI Card Authentication may fail and the MFP may display the error “PKI Card is invalid and cannot be used”.

Microsoft released a temporary “Out of Band” patch update via the Microsoft Catalog for all currently supported MS Server operating systems on July 29, 2021. This updated patch allows the Domain Controller to accept the current MFP encryption standard. This Out of Band (OOB) Patch will be in effect until July 1, 2022.

Konica Minolta has a resolution for this change with a firmware upgrade. This firmware will eliminate the need for the temporary Microsoft OOB patch. If this firmware is not updated before February 8, 2022, PKI Card Authentication may fail and the MFP may display the error “PKI Card is invalid and cannot be used”.

We are reaching out to prevent this error and arrange firmware updates for all your Konica Minolta MFPs. Please advise Konica Minolta service support of any questions or concerns, at 800-456-6422, and place a service call to register the incident.

The reference to this issue related to the Microsoft cumulative update is in this Knowledge Base page from the Microsoft site:
KB5005408 – Smart card authentication might cause print and scan failures

Sincerely,
Konica Minolta Government Sales Marketing Office