With respect to Microsoft KB5004442, June Patches included a Security Feature Bypass. Is this needed in our environment? Will there be any impact if we disable the Feature Bypass?
Microsoft Link: KB5004442—Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414) (microsoft.com)
Microsoft is implementing the following changes on this schedule:
Update release |
Behavior change |
June 8, 2021 |
Hardening changes disabled by default but with the ability to enable them using a registry key. |
June 14, 2022 |
Hardening changes enabled by default but with the ability to disable them using a registry key. |
March 14, 2023 |
Hardening changes enabled by default with no ability to disable them. By this point, you must resolve any compatibility issues with the hardening changes and applications in your environment. |
Validation testing was performed for ITMS 8.6 RU2 with following Point Fixes installed (See KB 235538)
- SMA_SMP_8_6_POST_RU2_v1_25Feb_1645793977133.zip
- SMP_8_6_POST_RU2_NC_v1_15Mar_1647347541413.zip
- SMP_TS_8_6_POST_RU2_NC_v2_02May_1651665838496.zip
During testing the SMP, remote Site servers, clients and Domain machines had "RequireIntegrityActivationAuthenticationLevel"=1
There was no impact to ITMS with these features on.
NOTE: Errors are logged in the System Event Log but this is not something new and has not changed since in ITMS 8.0 and so there is no impact due to the DCOM patch.
1. Errors on machines where ITMS plug-ins are installed or upgraded.
2. Errors below are logged if Network Discovery task is executed on ITMS Server (no impact)