Did anyone deploy the patch fail?
Disable hardening changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414) - KB5004442
It seems just to add the registry. All action completed but still show fail.
I’m.not sure that disabling that hardening is possible any more, per KB5004442—Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414) - Microsoft Support
The final phase of DCOM updates will be released in March 2023. It will keep the DCOM hardening enabled and remove the ability to disable it.
1 Like
Thanks for your reply.
But the fixlet still relevance for many machines. If the fixlet will be removed?
It may confuse users if they have to deploy the patch.
That Fixlet should not have a default action, which is an indication that we should read the description and the release notes.
It’s still a valid Fixlet for those who have not applied the March roll-up package (or may need to remove the March roll-up if the new settings cause any major impacts)
1 Like