INFORMATICS

On June 14, 2022, Microsoft released a Windows update KB5014692 to address security issues in the Windows 10 and Windows Server 2019 operating systems.

As the update was to fix the security issues, it tightened the security level of the host by raising the authentication level for the DCOM protocol.

A protocol that exposes application objects via remote procedure calls (RPCs) is termed a Distributed Component Object Model (DCOM) Remote Protocol. The software components of networked devices communicate with one another using this DCOM protocol.

To address this, Microsoft shared a workaround by disabling the hardening changes using a registry key that were enabled by default after the update.

Steps to disable the authentication level of the DCOM protocol:

Step 1: Open the registry on the source machine.

Step 2: Navigate to the following registry path- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat

Step 3: Right-click on the screen and create a new DWORD (32-bit) value.

Step 4: After it is created, rename the value name from New Value #1 to RequireIntegrityActivationAuthenticationLevel.

Step 5: Now, enter the data value in hexadecimal format, i.e., 0x00000000 to disable.

Step 6: Upon completing the steps above, restart the machine to apply the changes.

Kindly refer to the following KB5004442 for more details: https://support.microsoft.com/en-us/topic/kb5004442-manage-changes-for-windows-dcom-server-security-feature-bypass-cve-2021-26414-f1400b52-c141-43d2-941e-37ed901c769c

*Note: The above-mentioned workaround changes need to be made on all the machines (hypervisors) on which the update KB 5014692 has been applied.

After installing the hotfix, managing the Remote Desktop Services Collection stops working