Are there any known issues, concerns, or recommendations when using the UaGateway (OPC DA client to OPC UA Server) after installing and enabling the Microsoft DCOM hardening patch KB5004442?
More information:
Microsoft patch: https://support.microsoft.com/en-us/topic/kb5004442-manage-changes-for-windows-dcom-server-security-feature-bypass-cve-2021-26414-f1400b52-c141-43d2-941e-37ed901c769c
Possible issues: https://www.industrialcybersecuritypulse.com/strategies/the-permanent-microsoft-dcom-hardening-patch-could-shut-down-your-ics/?oly_enc_id=9130E1754601G1D
Press release from Software toolbox: https://support.softwaretoolbox.com/app/answers/detail/a_id/4005/~/opc-data-client-applications-and-dcom-hardening-%28cve-2021-26414%2C-kb5004442%29
is this a theoretical question, or do you have experienced any issues?
The DCOM hardening patch will NOT EFFECT the UaGateway because UaGateway is configured to run LOCAL ONLY connections without using DCOM.
UaGateway was designed to migrate classic OPC installations, but (of course) is intended to use secured OPC UA remotely (over the wire). The (potentially insecure) classic connections will be configured locally on the same PC only, where the hardening patch has no effect.
Therefore, if you have used UaGateway as intended, there will be no issues with the DCOM hardening patch from Microsoft.
See here how to configure UaGateway:
https://documentation.unified-automation.com/uagateway/1.5.12/html/limitations.html#limitations_only_local_dcom_connections
This is a theoretical question. We have multiple customers using the UaGateway and no one has reported any issues. We just wanted to be ready in case this topic came up.