Windows Distributed Component Object Model (DCOM) Hardening changes coming June 14


  • Staff
As previously announced, security requirements will be increasing later this year for Windows devices which use the Distributed Component Object Model (DCOM) or Remote Procedure Call (RPC) server technologies. Windows updates released starting September 2021 address a vulnerability in the DCOM remote protocol by progressively increasing security hardening in DCOM throughout 2022. This is a second reminder that some server environments might require action before June 14, 2022, to ensure normal operations.

Refer to the below timeline to understand the progressive hardening coming to DCOM.
  • June 8, 2021: Hardening changes disabled by default but with the ability to enable them using a registry key.
  • June 14, 2022: Hardening changes enabled by default but with the ability to disable them using a registry key.
  • March 14, 2023: Hardening changes enabled by default with no ability to disable them. By this point, you must resolve any compatibility issues with the hardening changes and applications in your environment.
We recommended that IT administrators conduct testing by manually enabling hardening changes as soon as possible to confirm normal operations.
Click to expand...


Read more:

Windows message center

Windows message center
docs.microsoft.com

KB5004442—Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414)

support.microsoft.com support.microsoft.com
 

Attachments

  • Microsoft.png
    Microsoft.png
    306 bytes · Views: 1
Click to expand...
MessageDate
Reminder: Windows Distributed Component Object Model (DCOM) hardening changes coming March 14, 2023.
As previously announced, security requirements have increased for Windows devices that use the Distributed Component Object Model (DCOM) or Remote Procedure Call (RPC) server technologies. DCOM clients attempting to establish connections to DCOM servers which have applied updates released June 14, 2022, or later, must support an authentication level of RPC_C_AUTHN_LEVEL_PKT_INTEGRITY and higher.

Beginning March 14, 2023, it will no longer be possible to bypass authentication level enforcement by creating a registry key in the DCOM server. Any compatibility issues with the hardening changes must be resolved by this date.

For more information, see KB5004442—Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414).
Click to expand...

Source:
learn.microsoft.com

Windows message center

Windows message center
learn.microsoft.com
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    8TB WD MyCloudEX2Ultra NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Google Chrome
    Antivirus
    Microsoft Defender and Malwarebytes Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    APC SMART-UPS RT 1000 XL - SURT1000XLI,
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    HP Spectre x360 2in1 14-eu0098nr (2024)
    CPU
    Intel Core Ultra 7 155H 4.8 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Graphics card(s)
    Integrated Intel Arc
    Sound Card
    Poly Studio
    Monitor(s) Displays
    14" 2.8K OLED multitouch
    Screen Resolution
    2880 x 1800
    Hard Drives
    2 TB PCIe NVMe M.2 SSD
    Internet Speed
    Intel Wi-Fi 7 BE200 (2x2) and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Windows Defender and Malwarebytes Premium
You must log in or register to reply here.

Similar threads

  • Article
Latest Windows hardening guidance and key dates
Replies
2
Views
1K
BrianInEngland
B
  • Article
Insider SMB client encryption mandate now supported in Windows 11 Insider
Replies
0
Views
392
Brink
Brink
  • Article
Win Update KB5035857 Cumulative Update for Windows Server 2022 Build 20348.2340
Replies
0
Views
564
Brink
Brink
  • Article
Win Update KB5032198 Cumulative Update for Windows Server 2022 Build 20348.2113
Replies
0
Views
646
Brink
Brink
  • Article
Win Update KB5034770 Cumulative Update for Windows Server 2022 Build 20348.2322
Replies
0
Views
487
Brink
Brink

Latest Support Threads

Latest Tutorials

Back
Top Bottom