Update for event log channel in System Center Operations Manager 2019 (KB4601269)

Introduction

This article describes an issue that is fixed for System Center Operations Manager 2019. This article also contains the installation instructions for this update. For more information, see the following Common Vulnerabilities and Exposures (CVE):

• CVE-2021-1728 | System Center Operations Manager Elevation of Privilege Vulnerability

Issues that are fixed in this update

• The read/write permission for network users is revoked for the event log channel in Microsoft System Center Operations Manager 2019.

Prerequisites

To apply this update, you must have Update Rollup 2 for System Center Operations Manager 2019 installed.

Files that are included in this update

• KB4601269-AMD64-Server.msp
• KB4601269-AMD64-Gateway.msp
• KB4601269-AMD64-Agent.msp

Installation Instructions

1. Download the self-extractor from here.
2. Extract the files to a local folder.
3. Run the extracted MSPs in the following order:
   1. On the management servers: Install KB4601269-AMD64-Server.msp. All agents will be moved to the Pending Managementstate. The update will be applied to all the agents upon approval.

If the management servers installation is not done, KB4601269-AMD64-Agent.msp can be applied explicitly on the agents.
2. On the gateway servers: Install KB4601269-AMD64-Gateway.msp on all gateway servers.