As previously announced, security requirements will be increasing later this year for Windows devices which use the Distributed Component Object Model (DCOM) or Remote Procedure Call (RPC) server technologies. Windows updates released starting September 2021 address a vulnerability in the DCOM remote protocol by progressively increasing security hardening in DCOM throughout 2022. This is a second reminder that some server environments might require action before June 14, 2022, to ensure normal operations.
When will this happen
Refer to the below timeline to understand the progressive hardening coming to DCOM.
- June 8, 2021: Hardening changes disabled by default but with the ability to enable them using a registry key.
- June 14, 2022: Hardening changes enabled by default but with the ability to disable them using a registry key.
- March 14, 2023: Hardening changes enabled by default with no ability to disable them. By this point, you must resolve any compatibility issues with the hardening changes and applications in your environment.
Message ID: MC376180
Created: 06 May 2022
Updated: 06 May 2022
Action required by: 14 June 2022
Platform: World tenant, Windows Desktop