Microsoft is planning to release a patch tomorrow in regards to CVE-2021-26414. This hardening patch could affect Check Point customers using AD-query on your gateway for Identity Awareness, depending on what version and Jumbo Hotfix you are using. Starting tomorrow, these hardening changes by Microsoft will be enabled by default, with the ability to disable them; however, come March 2023, you will no longer have the ability to disable them.
Check Point has two different recommendations to avoid issues for customers running AD-query.
- Use Identity Collector as opposed to AD-query
- Apply Jumbo Hotfixes based on your version to continue using AD-query
- Jumbo Hotfix Accumulator for R81.10 starting from Take 55
- Jumbo Hotfix Accumulator for R81 starting from Take 60
- Jumbo Hotfix Accumulator for R80.40 starting from Take 158
- Jumbo Hotfix Accumulator for R80.30 starting from Take 251
- Jumbo Hotfix Accumulator for R80.20 starting from Take 208
For more details, please see sk176148. Feel free to reach out to IntraSystems Support team at 781.986.1700 x3 or via email@example.com with any questions or concerns.