To fully mitigate the vulnerability, you should manually enable Enforcement mode (described in Step 3: ENABLE) on all domain controllers. The installation of Windows Updates released on and after July 2026 will programmatically enable Enforcement Phase.

Pour les jeux PC en mode plein écran (ou plein écran exclusif), la barre de jeu ne s’affiche pas, mais vous pouvez utiliser la touche Windows + Alt + R pour démarrer et arrêter les enregistrements. L’écran clignotera pour indiquer le début et la fin de l’enregistrement.

Set the Server Audit Events to be written to a file instead of to the SQL Server Security log. Note: Server Audits have to be restarted for the new registry setting to take effect. Important: Editing the registry incorrectly can severely damage your system.

To prevent this vulnerability, Microsoft released the following mitigations: SMB Server EPA. SMB Server signing. Customers must either configure SMB Server to require SMB Server signing or enable SMB Server EPA to harden their systems against this class of attack.

If you use the following registry setting, the mail transport logs (POP3, SMTP, and so on) aren't generated. Additionally, the Outlook window title bar doesn't display the "Logging Enabled" string.

Secure Boot configuration settings deployed through Microsoft Intune Mobile Device Management (MDM) are currently blocked on Pro editions of Windows 10 and Windows 11. Attempts to apply these policies result in Microsoft Intune Error Code 65000.

The new auditing events will require the policy and registry settings outlined in the guidance above. There was also an enablement step to see the new audit events.