Kerberos OOB patch for windows 2012/2012R2 relevance

Am I missing something?
I show this as relevant for ALL my 2012 and 2012R2 servers but I thought it only affected domain controllers.

Is the relevance for this fixlet correct?

If the patch can be successfully installed on non-DC systems, then the relevance looks to be correct.

Consider scenarios where you may want to promote a system to a domain controller with kerberos. You’d want to be able to have that patch installed and the issue fixed beforehand.