Email Us at info@n3uron.com

Download N3uron

Press Release / January 12, 2022

N3uron’s OPC DA Client module compliance with new Windows DCOM Server Authentication Requirements

Summary


In June 2021, Microsoft released a security update for fixing a vulnerability related to a DCOM Server security feature bypassing CVE-2021-26414.

The patch fixes and strengthens the authentication used between DCOM clients and servers. Specifically, it phases in stronger authentication (RPC_C_AUTHN_LEVEL_PKT_INTEGRITY) on the DCOM client. The new DCOM security level required by OPC Classic clients is Packet Integrity; this level of integrity ensures that none of the data transferred between the client and server has been modified. Once implemented, this change will cause connection failures between many OPC clients and remote OPC servers.

The change is being rolled out in phases to allow users to test the impact on DCOM and OPC products, according to the next schedule:

  • Planned for early Q1 2022: The new DCOM security level is enabled by default but can be disabled via the Require Integrity Activation Authentication Level registry key if necessary.
  • Planned for Q2 2022: New DCOM security level enabled and cannot be disabled.

More details about managing this change are available in Microsoft KB5004442.

N3uron’s OPC DA Client module is not affected by this security upgrade since it already supports The Package Integrity Authentication Level.

Alternatives

In order to use this new security level, it must be implemented in the client application. If the client application is not updated to support Package Integrity Authentication Level, those users that still want to keep on using their OPC Classis Servers may use a N3uron node to connect to those Classic OPC Servers and expose the data through any of the available protocols in the platform, such as OPC UA Server, MQTT; REST API Server, etc.

If you need us to help you with this issue, don’t hesitate to send us an email at support@n3uron.com.

For further information, visit www.n3uron.com and download the fully-functional trial version.

NewsroomOPC DA clientSecurity VulnerabilityWindows DCOM

Jose Granero

Jose Granero is Head of Customer Success at N3uron Connectivity Systems. He holds a Master of Science degree in Industrial Engineering from the Polytechnic University of Madrid and a Master in Project Management from the School of Industrial Engineers of Madrid. With a strong background in industrial automation and telecommunications, he has performed diverse roles during his career, such as IT/OT Systems Manager and O&M Area Manager, mainly in multinational companies. In his current role, he leads the customer success team, overseeing the customer journey from onboarding to provide the best customer experience.

    Sign-up for our newsfeed and get blog updates sent straight to your inbox.

    By clicking “Sign Me Up,” you agree to the Term of Use and the submission and processing of your data. Privacy Policy.

    Want to stay up-to-date with us?

    Sign up for our News Feed.

    By clicking "Sign Me Up", you agree to the Terms of Use and the submission and processing of your data. Your privacy is important to us. We will never sell or rent your information. Privacy Policy.