We are facing several problems with STAS Logoff detection method - WMI after the lasted Windows updates mid of June.All computers are returned Access Denied when we execute WMI test over STAS. This is causing a big problem with discnnection users.
Is there any Sophos Staff or someone that has the solution for this ?
We already try change several Regedit entries, but without sucess.
Hello Carlos Cesario
Could you open a Support Case and share the Case ID with me?
Hi Folks, sorry by delay.Only to report. In some of my environments the solution it was apply this Update KB5015807 and change key as describe in this kb support.microsoft.com/.../kb5004442-manage-changes-for-windows-dcom-server-security-feature-bypass-cve-2021-26414-f1400b52-c141-43d2-941e-37ed901c769c in Windows Servers (Domain Controller) and Windows 11, 10, 07 versions
So you created the RequireIntegrityActivationAuthenticationLevel registry key and set the value to zero to disable it?
I think this means that in 14 March 2023, this solution will not longer be viable, since Microsoft will remove the ability to disable this setting.
Therefore Sophos needs to find a permanent solution which is compatible with these changes to DCOM.