DCOM hardening (Windows DCOM Server Security Feature Bypass CVE-2021-26414), regarding changes in client-application

Stenson, Magnus 1 Reputation point
2022-05-06T14:31:36.39+00:00

Regarding DCOM hardening (Windows DCOM Server Security Feature Bypass CVE-2021-26414).

We are in the process of adjusting our client application to the higher authentication level that seems to be required. We need help understanding the principle solution? Where can we find in depth documentation? Is it absolutely necessary to change the client application or are there are other options?
What will happen if the servers authentication level is changed to packet_integrity but nothing is done about the client?

This application is a large medical record-system with up to 7000 users in one system.

Magnus Stenson

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,612 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Anonymous
    2022-05-06T14:41:50.297+00:00

    Reading on here.
    https://support.microsoft.com/en-us/topic/kb5004442-manage-changes-for-windows-dcom-server-security-feature-bypass-cve-2021-26414-f1400b52-c141-43d2-941e-37ed901c769c

    You must install updates released September 14, 2021 or later and enable the registry key described in your environment. Then complete testing in your environment. If you find issues during testing, you must contact the vendor of the medical record-system application for updates.

    --please don't forget to upvote and Accept as answer if the reply is helpful--