DCOM Hardening and Alike

Problem: When Microsoft's DCOM Hardening patch is applied, Q-Hybrid and Hyper-v agent access fails

Solution: Upgrade to Alike A3, and deploy the new QHB Agent

Since June 8, 2022, DCOM connections to Windows Servers and Hyper-V started to be affected by the DCOM hardening policy activated by the rollout of the Microsoft CVE-2021-26414 security update. This DCOM hardening prevents 3rd party software solutions from accessing DCOM on remote systems. Microsoft's rollout schedule for this CVE is as follows:

• June 8, 2021 Hardening changes were disabled by default but with the ability to enable them using a registry key.
• June 14, 2022 Hardening changes were enabled by default but with the ability to disable them using a registry key.
• March 14, 2023 Hardening changes are enabled with no ability to disable them.

This security update will cause all Alike Q-Hybrid agent access to fail for Q-Hybrid jobs (Physical and Windows guests), as well as all Hyper-V systems.

By March 14th, all Alike users in need of this functionality must upgrade to the new Q-Hybrid agent available in the A3.

Please note- This new version of our Q-Hybrid agent differs from previous versions, as it now must be installed on the target system.

For more information on Microsoft's update, please refer to their KB:

KB5004442—Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414)