Vulnerabilities in security configuration on your Windows machines should be remediated - Turn off multicast name resolution

Question

Could someone advise if I have missed something please, I'm trying to address the Defender for Cloud security check finding "Turn off multicast name resolution" and have as far as I know dealt with this correctly, yet the finding remains.

I have set the registry per AZ-WIN-00145 Key Path: SOFTWARE\Policies\Microsoft\Windows NT\DNSClient\EnableMulticast to 0 and disabled NetBIOS over TCP-IP on the NIC

What am I missing?

Appreciate any suggestions

Answer 1

Hi,

In order to turn off multicast name resolution, you need to set the DWORD at the registry key listed above to 1.

I hope this answers your question.

-----------------------------------------------------------------------------------------------------------------------------------------------

--If the reply is helpful, please Upvote and Accept as answer--

Answer 2

@Ben Jackson
Thank you for following up on this!

From your Microsoft Defender for Cloud Recommendation, I found a related support case and based off the Windows Security Baseline Administrative Templates - Network documentation, it looks like you'll have to Enable the Turn off multicast name resolution feature.

If you're still having issues with the recommendation after Enabling the Turn off multicast name resolution feature, can you share what the remediation steps are? Along with a screenshot of what you're seeing within the Portal?

I hope this helps!

If you'd like our support team to take a closer look into your environment and issue through a free technical support request, please let me know.
Thank you for your time and patience throughout this issue.

----------

Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.