Upcoming patches being released by Microsoft will impact automation systems using software products like Factory Talk View, Wonderware and OPC servers like Kepware.
Microsoft’s Distributed Control Object Model (DCOM), provided on Windows based operating systems, is used for the communication between software components (applications) on a local device and remotely between software components on other devices. Microsoft is now Hardening DCOM to address a security vulnerability, CVE-2021-26414. Applications using the lowest level of security could be impacted by this change. Microsoft is giving vendors and developers time to adapt by releasing the updates in stages outlined below.
|8-Jun-2021||Hardening changes disabled by default with ability to enable them using a registry key|
|14-Jun-2022||Hardening changes enabled by default with ability to disable them using a registry key|
|14-Mar-2023||Hardening changes enabled by default with no ability to disable them. By this point, you must resolve any compatibility issues with the hardening changes and applications in your environment.|
Changes to DCOM will have impacts for many of the major software vendors including Rockwell Automation, Kepware, AVEVA and many others in the OT arena. An evaluation of existing systems would need to be done to determine if they would be affected by the changes.
Avid has taken steps to monitor how the major software vendors are addressing the changes to DCOM through updates or patches for their products. We have also set up test environments for Rockwell Automation and AVEVA to gain insight on how the recommended patches will work enabling Avid to assist in evaluating your existing systems. Contact us for support!
Reference: Microsoft KB5004442