Critical Windows SMB security warning
In response to CVE-2022-38023, Microsoft is removing support for RPC Signing in the Netlogon server, instead requiring Sealing when establishing a 'secure channel'. More details can be found here: KB5021130: How to manage the Netlogon protocol changes related to CVE-2022-38023 - Microsoft Support and here: Security Update Guide - Microsoft Security Response Center
Timeline
June, 13: signing remains possible but cannot disable sealing on Windows server
July, 11: sealing is enforced, no AD authentication without sealing
I have joined Solaris 11.4 cbe to an AD domain server 2019 and got the warning that signing is used instead sealing.
What is the state of RPC sealing in Solaris?
***Moderation action: moved to Infrastructure Software for better alignment***