QID "91129" or "91017" identifies as a patch available vulnerability, however the patch that is installed per Microsoft does not fix the vulnerability to the state that Qualys determines no longer a vulnerability.
Per Microsoft, and the only way I have found to remove this vulnerability, the following lines must be manually configured:
\\*\NETLOGON RequireMutualAuthentication=1, RequireIntegrity=1
\\*\SYSVOL RequireMutualAuthentication=1, RequireIntegrity=1
This should be looked at further and validated, and re-categorized as no patch available with links to how to manually fix it.