In addition I would like to clarify the situation here. You can try to roll back the update or remove the registry entry as described in the official document: Īs first workaround you can use the following article to disable the hardening again: Microsoft recently rolled out a patch which hardens the DCOM authentication, which can cause authentication login attempts to fail. See the New DCOM error events section of Managing changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414).Ĭan you confirm that you recently installed this Windows Update KB5014754? The third phase, planned for Q2 2022, enables the hardening on DCOM servers by default and will no longer have the ability to be disabled.Īre there system events available that will help me identify the client devices that will be impacted by the change? The second phase, planned for an early Q1 2022 release, programmatically enables the hardening on DCOM servers by default that can be disabled via the RequireIntegrityActivationAuthenticationLevel registry key if necessary. The updates will enable customers to verify that any client/server applications in their environment work as expected with the hardening changes enabled. The initial deployment phase starts with the Windows updates released on June 8, 2021. Microsoft is addressing this vulnerability in a phased rollout. How does Microsoft plan to address this vulnerability?
0 Comments
Leave a Reply. |