Summary

Product Notification 2022-01-001 – Rockwell Automation products unable to establish proper DCOM connection after installing Microsoft DCOM Hardening patch (MS KB5004442)

A potential anomaly that exists with Rockwell Automation products such that they will be unable to establish a proper DCOM connection after installing the upcoming Microsoft DCOM Hardening patch (MS KB5004442). The Microsoft patch is a response to a vulnerability in DCOM, and increases the minimum authentication level used when establishing DCOM connections. The affected Rockwell Automation products use FactoryTalk® Services Platform, FactoryTalk® LiveData, OPC-DA via RSLinx, or are using Windows APIs to establish DCOM connections between two computers.

Multiple Rockwell software products are affected.  You are strongly encouraged to review the notifications and information via the links below for more information and mitigation work, and act accordingly.  Some links may require you to register with Rockwell Automation’s Support website, no support contract is needed to review the content.  Rockwell Automation is in process of developing a patch to address this issue as well, and will release it with instructions on implementation.

Important Dates and Patch Information

June 14, 2022 – Initial Microsoft KB5004442 DCOM Hardening patch update release – Until Rockwell Automation product patches are available, use the temporary workaround Microsoft describes in KB5004442 to disable the Microsoft DCOM Hardening patch.  Important: This mitigation can only be employed until Microsoft releases the final MS KB5004442 patch update on March 14, 2023

March 14, 2023 – Final MS KB5004442 DCOM Hardening patch update release – After Microsoft’s final update it is no longer possible to disable Microsoft’s DCOM Hardening patch. After Microsoft’s March 14, 2023 update, the only mitigation available will be to apply Rockwell Automation patches to affected products. Rockwell Automation will provide patches for Preferred and Managed software revisions of the affected software titles.  Software revisions not considered Preferred or Managed must be upgraded to a Preferred or Managed revision to avoid the effects of the DCOM Hardening patch.

For OPC-DA communications consider moving clients and servers to operate on the same workstation or migrate the system to replace OPC-DA with OPC UA.

Correction requires updating affected products either by applying patches or installing a newer unaffected version. Rockwell Automation is working on product patches for affected products. Rockwell Automation will release the patches on the Rockwell Automation Product Compatibility and Download Center (PCDC) in the future.

Please feel free to reach out to Agilix Solutions or Rockwell Automation should you have any questions.

Links

Product Notification 2022-01-001 – Rockwell Automation products unable to establish proper DCOM connection after installing Microsoft DCOM Hardening patch (MS KB5004442) (custhelp.com)

Microsoft DCOM Hardening Information TOC (custhelp.com)

Mitigating Microsoft DCOM Hardening Patch (CVE-2021-26414) for Affected Rockwell Automation Products (custhelp.com)

KB5004442—Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414) (microsoft.com)