Plant Patchwork Planning: What The Microsoft DCOM Patch Means For Your Business

microsoft dcom patch

Cyber-attackers do not sleep, but you can sleep peacefully if you keep your systems secure with the latest software patch. In today’s world, technology and methods of cyber-attacks are constantly changing. Are you keeping up to date? To improve the security authentication between two computers, Microsoft is releasing a patch to address a vulnerability in Distributed Component Object Model (DCOM). Here is the timeline for this patch, the products it will affect and the action you need to take, so you can plan accordingly.

When is this happening?

Manufacturing is the most targeted industry for cyber-attacks because industrial control systems tend to be older, unpatched and unprotected. Currently, DCOM security is not adequate to meet today’s cybersecurity requirements, so this patch will protect vulnerabilities that hackers commonly attack. DCOM security updates will be enabled by default on June 14, so it is important to prepare now. Here is Microsoft’s timeline for this update:

  • June 8, 2021 – Windows DCOM security updates are implemented but are disabled by default.
  • June 14, 2022 – Windows DCOM security updates are enabled by default. A registry key can disable enforcement.
  • March 14, 2023 – Windows DCOM security updates are enabled by default. Microsoft DCOM changes cannot be disabled.
What products will this affect?

DCOM is used for communication between the software components of networked devices. Many Rockwell Automation software products use DCOM for communication – FactoryTalk® Services Platform, FactoryTalk® Live Data, Classic OPC-DA or use Windows® APIs to establish connections. We encourage you to check out the full list of Rockwell products that will be affected or unaffected by this update.

What do I need to do?

Microsoft recommends updating affected devices to the latest security update to get advanced protection from the latest cybersecurity threats. To enable or disable the hardening changes, you must enter a registry key and then restart your device. Here is a registry key you can use:

  • Path – HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat
  • Value Name – “RequireIntegrityActivationAuthenticationLevel”
  • Type – dword
  • Value Data – default = 0x00000000 means disabled. 0x00000001 means enabled. If this value is not defined, it will default to disabled.

If you are not sure how this patch will affect you, let us help. Contact Ryan Rice, Brian Kroning or Chad Goetsch to learn more and set yourself up for success.

CONTACT US

ryan rice van meter

ARTICLE BY:

RYAN RICE
EMPLOYEE-OWNER,TECHNICAL SPECIALIST - AUTOMATION AND SOFTWARE