Jump to content
  • Microsoft is making DCOM hardening mandatory on Windows 10, 11, and Server soon


    Karlston

    • 603 views
    • 2 minutes
     Share


    • 603 views
    • 2 minutes

    Back in June 2021, Microsoft revealed detailed about the CVE-2021-26414 vulnerability that could exploit the Distributed Component Object Model (DCOM) remote protocol. For those unaware, DCOM leverages remote procedure calls (RPCs) to expose application components to facilitate communication between networked devices. Since the disclosure of this vulnerability, Microsoft has been making changes to DCOM in order to harden it, and the company has now issued a reminder that these configuration modifications will become mandatory in less than a month.

     

    In the first phase of DCOM hardening during June 2021, it was disabled by default and you had to enable it using Windows Registry keys. Then in June 2022, Microsoft rolled out updates to enable it by default with the option to disable it. In November 2022, it had to issue some updates to cater to customer feedback. Now, after the course of almost two years, DCOM hardening changes will become enabled by default from March 14, 2023 (Patch Tuesday), and there will be no option to disable them.

     

    Knowing about this mandatory change and catering to it is important, especially for enterprise customers. The modification can cause interoperability issues between networked devices, so if you were disabling it up until now to bypass issues, now might be the time to work towards a more permanent solution.

     

    If you haven't installed the hardening updates from 2022, now is the time to do so to test your Windows and Windows Server environments. Alternatively, if for some reason, you'd rather not install Patch Tuesday updates from last year, you can still make the DCOM changes by doing the following:

     

    • Enable DCOM Hardening: Set the RequireIntegrityActivationAuthenticationLevel registry key to 1 for all DCOM servers
    • Raise Authentication Level: Set the RaiseActivationAuthenticationLevel registry key to 2 for all Windows-based DCOM clients

     

    If you run into any issues, Microsoft has recommended reaching out to the associated client or server software vendor as soon as possible.

     

     

    Microsoft is making DCOM hardening mandatory on Windows 10, 11, and Server soon


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...