We are using MSCHAPv2 under PEAP against a IAS Radius Server with Windows 2003 Server as authentication method for Wifi and VPN clients. After last Tuesday's (11/11/2014) update on Windows 2003 server, the server does not allow to connect Windows clients. Clients show error 87 ("wrong parameter") and server log shows the EAP type as "unknows", as it seems it does not recognize PEAP. Linux, MacOS, iOS and Android clients are not affected by the problem.
After removing KB2992611 patch, everything seems to work OK again. But of course, we are not confortable with this bypass (in fact, patch removal was not recommended as it was associated to some more).
It is really strange since Microsoft Security Bulletin MS14-066 does not indicate any functional change, but a vulnerability fix and new cipher suites.
Has anybody experienced the same situation? Any news about a problem with this patch? Does Microsoft know anything about this situation?
Many thanks in advance, Jose.