Try installing all other updates.
In case you have access to a Windows 10 PC, open Feedback Hub app and under category select Windows Server and submit a bug report including all relevant log files.
CVE-2021-26414 breaks Failover Cluster Manager
Hi Community,
in order to test mitigations for CVE-2021-26414 (Windows DCOM Server Security Feature Bypass) I just recognized that it broke failover cluster manager after applying neccesary june-patches and registry-key RequireIntegrityActivationAuthenticationLevel with value 0x00000001 (which means enabled).
Now I'm getting this error:
In the FailoverClustering-Manager diagnostic-log I have the following entry:
An error occurred connecting to the cluster 'CLUSTER01'. - System.ApplicationException: An error occurred trying to display the cluster information. ---> System.AggregateException: One or more errors occurred. ---> System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
at System.Management.ManagementScope.InitializeGuts(Object o)
at System.Management.ManagementScope.Initialize()
at Microsoft.FailoverClusters.UI.Common.WmiHelper.GetWmiConnection(Tuple`2 connection)
at MS.Internal.ServerClusters.Management.Utilities.<>c__DisplayClass13_0`1.<VerifyUserIsAdminOnNodes>b__0(T item)
at System.Threading.Tasks.Parallel.<>c__DisplayClass17_0`1.<ForWorker>b__1()
at System.Threading.Tasks.Task.InnerInvokeWithArg(Task childTask)
at System.Threading.Tasks.Task.<>c__DisplayClass176_0.<ExecuteSelfReplicating>b__0(Object )
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions)
at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken)
at System.Threading.Tasks.Parallel.ForWorker[TLocal](Int32 fromInclusive, Int32 toExclusive, ParallelOptions parallelOptions, Action`1 body, Action`2 bodyWithState, Func`4 bodyWithLocal, Func`1 localInit, Action`1 localFinally)
at System.Threading.Tasks.Parallel.ForEachWorker[TSource,TLocal](IEnumerable`1 source, ParallelOptions parallelOptions, Action`1 body, Action`2 bodyWithState, Action`3 bodyWithStateAndIndex, Func`4 bodyWithStateAndLocal, Func`5 bodyWithEverything, Func`1 localInit, Action`1 localFinally)
at System.Threading.Tasks.Parallel.ForEach[TSource](IEnumerable`1 source, Action`1 body)
at MS.Internal.ServerClusters.Management.Utilities.VerifyUserIsAdminOnNodes[T](IEnumerable`1 items, String clusterName, Func`2 getNodeName)
at MS.Internal.ServerClusters.Management.Utilities.VerifyUserIsAdminOnNodes(Cluster cluster)
at MS.Internal.ServerClusters.Management.ClusterContext.CommonConstruct()
--- End of inner exception stack trace ---
Server stack trace:
at MS.Internal.ServerClusters.Management.ClusterContext.CommonConstruct()
at MS.Internal.ServerClusters.Management.ClusterContext..ctor(String clusterName)
at MS.Internal.ServerClusters.Management.ClusterConnectionFactory.AttemptClusterConnect(UiUpdate uiUpdate, ClusterConnectSettings connectSettings)
at MS.Internal.ServerClusters.Management.CluadminWaitDialog.BackgroundOperation[I,O](BackgroundWaitDialogOperation`2 backgroundOperation, I data)
at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Object[]& outArgs)
at System.Runtime.Remoting.Messaging.StackBuilderSink.AsyncProcessMessage(IMessage msg, IMessageSink replySink)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.EndInvokeHelper(Message reqMsg, Boolean bProxyCase)
at System.Runtime.Remoting.Proxies.RemotingProxy.Invoke(Object NotUsed, MessageData& msgData)
at MS.Internal.ServerClusters.Management.CluadminWaitDialog.InternalBackgroundOperation`2.EndInvoke(IAsyncResult result)
at MS.Internal.ServerClusters.Management.CluadminWaitDialog.ShowDialog[I,O](INotifyUser notifyUser, BackgroundWaitDialogOperation`2 backgroundOperation, I data)
at MS.Internal.ServerClusters.Management.ClusterConnectionFactory.ConnectToCluster(ClusterConnectSettings connectSettings, INotifyUser notifyUser, String initialMessage)
at MS.Internal.ServerClusters.Management.ClusterConnectionFactory.ConnectToCluster(ConnectedClusterData connectionData, INotifyUser notifyUser, ConnectionType setting)
at MS.Internal.ServerClusters.Management.RootContext.DoConnect(INotifyUser notifyUser, String firstChoice)
When I roll back the registry-key to 0x00000000 (followed by a reboot) everythings back to normal and Failover Cluster Manager is working fine. Because these mitigations will be hard enforced in early 2022 I think this need to be fixed very urgent!
Cheers
Miranda
2 answers
Sort by: Most helpful
-
Reza-Ameri 16,971 Reputation points
2021-07-27T16:03:55.027+00:00 -
Yuhan Deng 3,766 Reputation points Microsoft Vendor
2021-07-28T10:00:33.8+00:00 Hi Miranda,
Thanks for your feedback.
Please try installing the new patch and see what happens.Best regards,
Danny-----------------------------
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.