To help you identify the applications that might have compatibility issues after we enable DCOM security hardening changes, we added new DCOM error events in the System log. Testing for DCOM hardening compatibility New DCOM Error Events By this point, you must resolve any compatibility issues with the hardening changes and applications in your environment. Phase 3 Release - Hardening changes enabled by default with no ability to disable them. Phase 2 Release - Hardening changes enabled by default but with the ability to disable them using a registry key. Phase 1 Release - Hardening changes disabled by default but with the ability to enable them using a registry key. It will keep the DCOM hardening enabled and remove the ability to disable it. The final phase of DCOM updates will be released in March 2023. That changed the hardening to enabled by default but retained the ability to disable the changes using registry key settings.
The second phase of DCOM updates was released on June 14, 2022.
You can enable them by modifying the registry as described in the “Registry setting to enable or disable the hardening changes” section below. In that update, DCOM hardening was disabled by default. The first phase of DCOM updates was released on June 8, 2021. For more information and context about how we are hardening DCOM, see DCOM authentication hardening: what you need to know. They also provide capabilities that we have added to support migration. They provide advanced protections from the latest security threats. Note We highly recommend that you install the latest security update available.
Therefore, we recommended that you verify if client or server applications in your environment that use DCOM or RPC work as expected with the hardening changes enabled. Hardening changes in DCOM were required for CVE-2021-26414. DCOM is used for communication between the software components of networked devices.
The Distributed Component Object Model (DCOM) Remote Protocol is a protocol for exposing application objects using remote procedure calls (RPCs).
0 kommentar(er)
