Email Us at [email protected]

Download N3uron

Press Release / January 26, 2023

N3uron’s OPC DA Client module compliance with new Windows DCOM Server Authentication Requirements

Summary


In June 2021, Microsoft released a security update for fixing a vulnerability related to a DCOM Server security feature bypassing CVE-2021-26414.

The Microsoft DCOM security logo is displayed on a monitor, laptop, and tablet, set against a sleek blue background.

The patch fixes and strengthens the authentication used between DCOM clients and servers. Specifically, it phases in stronger authentication (RPC_C_AUTHN_LEVEL_PKT_INTEGRITY) on the DCOM client. The new DCOM security level required by OPC Classic clients is Packet Integrity; this level of integrity ensures that none of the data transferred between the client and server has been modified. Once implemented, this change will cause connection failures between many OPC clients and remote OPC servers.

Microsoft strongly recommends to conduct testing in the environment and implement security enhancements as soon as possible. In case any issues are identified during testing, it is necessary to contact the vendor of the affected client or server software for an update or workaround before the release of the March 2023 update.

More details about managing this change are available in Microsoft KB5004442.

N3uron’s OPC DA Client module is not affected by this security upgrade since it already supports The Package Integrity Authentication Level.

Alternatives

In order to use this new security level, it must be implemented in the client application. If the client application is not updated to support Package Integrity Authentication Level, those users that still want to keep on using their OPC Classis Servers may use a N3uron node to connect to those Classic OPC Servers and expose the data through any of the available protocols in the platform, such as OPC UA Server, MQTT Client, Sparkplug Client, REST API Server, etc.

If you need us to help you with this issue, don’t hesitate to send us an email at [email protected].

For further information, visit www.n3uron.com and download the fully-functional trial version.

NewsroomOPC DA clientSecurity VulnerabilityWindows DCOM

Jose Granero

With over 20 years of experience in industrial automation and system integration, Jose Granero has performed diverse technical and strategic roles throughout his career, mainly in multinational companies. He is passionate about using technology to drive innovation and bridge the gap between data and operations.

Jose is the Head of Business Strategy and Customer Experience at N3uron Connectivity Systems. In his current position, he is focused on company strategy, customer and partner success and product management.

Jose holds a Master of Science degree in Industrial Engineering from the Polytechnic University of Madrid and a Master in Project Management from the School of Industrial Engineers of Madrid.

Follow on LinkedIn

    Sign-up for our newsfeed and get blog updates sent straight to your inbox.

    By clicking “Sign Me Up,” you agree to the Term of Use and the submission and processing of your data. Privacy Policy.

    Want to stay up-to-date with us?

    Sign up for our News Feed.

    By clicking "Sign Me Up", you agree to the Terms of Use and the submission and processing of your data. Your privacy is important to us. We will never sell or rent your information. Privacy Policy.

    Privacy Settings
    We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
    Youtube
    Consent to display content from - Youtube
    Vimeo
    Consent to display content from - Vimeo
    Google Maps
    Consent to display content from - Google
    Spotify
    Consent to display content from - Spotify
    Sound Cloud
    Consent to display content from - Sound