Microsoft's DCOM Hardening Patch Impact on Industrial Control Systems

Keeping you up to date with the latest software and product updates.

Connect with a Specialist

Microsoft's DCOM Hardening Patch & Impacts

 
On June 14th, 2022, Microsoft will take the next step in rolling out their Distributed Component Object Model (DCOM) Hardening Patch. DCOM is used for communication between software components of networked devices. Microsoft started rolling out this patch on June 8th, 2021, but left changes disabled by default but with the ability to enable them with a registry key if desired. At the time, they recommended testing your environment to enable these hardening changes as soon as possible. Mentioning that any issues with client or server software would need to be taken care of on the vendor's end. 
 
The June 14th rollout will have the hardening changes enabled by default, but you will be able to disable them. The real concern is that on March 14th, 2023 the patch will be enabled with no ability to disable it. Vendors, such as Rockwell Automation, are working hard to prepare an update or workaround before then, but it's still worrisome for some.


What is DCOM?

DCOM provides communication between software components on network devices. It is a core component in many different software packages, including Rockwell Automation software products. The DCOM Hardening Patch strengthens the authentication between DCOM clients and servers.

 

Important Dates

June 14th, 2022 - Next Microsoft Update rolled out. Patch can be disabled.

March 14th, 2023 - Microsoft Update. Patch will not be able to be disabled.

Watch Understanding the Microsoft DCOM Hardening Patch Update Webinar

In this webinar* we cover concerns in regards to the Microsoft DCOM Hardening Patch MS KB5004442 and discuss actions that can be taken to help prevent any potential downtime caused by the instillation of this patch.

*This webinar was hosted before Microsoft updated its rollout dates from March and June 2022 to June 2022 and March 2023.

Connect with a Specialist

What Can I Do To Prepare?

CONTACT your Management and IT/IS Departments to stop this patch from rolling out onto your Automation Systems.

REVIEW & SUBSCRIBE to the Rockwell Automation Knowledge base article regarding this topic. Don't forget to subscribe for future updates that roll out!

View Article Here

CONNECT WITH A SPECIALIST - Our dedicated team of specialists are here to consult with you to help identify your risks and develop a customized plan to ensure your facility is running efficiently today and in the future.

Connect with a Specialist Subscribe to Rockwell Automation Updates

Ensure your network is protected.

Connect with a Specialist

Related Content

Service & Solution Resources

Four Common Challenges to DCS Cybersecurity by Rockwell Automation

Explore the common cybersecurity challenges that producers face, and ways to mitigate threats and secure industrial automation systems.

Read Article

Cybersecurity for Water Utilities by CISCO

This white paper provides a summary of best practices and key approaches for water utilities to identify cyber vulnerabilities and adopt solutions that result in a reliable and robust security foundation, so that they can ensure public health and operational resiliency.

Read Whitepaper

Resolving the IT/OT Connection Paradox by Rockwell Automation

How do you increase IT/OT convergence while combating increasing cyberthreats? One answer lies in a simple approach focused on secure worker connectivity.

Read Article

This website uses cookies to personalize content and improve your experience on our site. By visiting this site, you accept our use of cookies. View our privacy policy and terms of use.