Microsoft DCOM Video image

Microsoft's DCOM Hardening Patch and the Impact on Industrial Controls

On March 8th, 2022, Microsoft will take the next step in rolling out their Distributed Component Object Model (DCOM) Hardening Patch. DCOM is used for communication between software components of networked devices. 

 

Microsoft started rolling out this patch on June 8th, 2021, but left the changes disabled by default but with the ability to enable them with a registry key if desired. At the time, they recommended testing your environment to enable these hardening changes as soon as possible, mentioning that any issues with client or server software would need to be taken care of on the vendor's end. 

 

March 8th rollout will have the hardening changes enabled by default, but you will be able to disable them. The real concern is that on June 14th, 2022 the patch will be enabled with no ability to disable it. Vendors, such as Rockwell Automation, are working hard to prepare an update or workaround before then, but it's still worrisome for some.

 

Microsoft is rolling out phases 2 and 3 of their DCOM Hardening Patch on March 8, 2022 and June 14, 2022. 

 

DCOM provides communication between software components on network devices. It is a core component in many different software packages, including Rockwell Automation software products. The DCOM Hardening Patch strengthens the authentication between DCOM clients and servers. The DCOM patch could disrupt the functionality of your Rockwell Automation software, preventing devices from communicating with one another.

Rockwell Automation is working on a fix so these patches can be installed without affecting their software products, but until then, we recommend you consider the following: 

 

  •  Note that Microsoft is rolling both patch out as “Critical Vulnerability”, which means it is more likely for IT/IS department to roll them out automatically, which could result in downtime at your facility. 

  •  Contact your Management and IT/IS Departments to prevent this patch from rolling out on your Automation Systems.
  •     
  •  Read Rockwell Automation’s Knowledgebase Article for details on the specific products affected and recommended actions.
  •         
  •  Subscribe to the Knowledgebase Article to receive updates and fixes as they come out.

  •  Apply Rockwell Automation Patches as they are released until it is safe to apply the Microsoft DCOM Hardening Patch


    Do you need help identifying which machines will be impacted?

    Our AIMM Services team can help!

    START PREPARING TODAY

  •  

     

    Learn More

     

    Register for our upcoming webinars:

     

    Read Microsoft’s Patch Notification for more details regarding roll out and what it entails.