OTORIO releases Microsoft DCOM hardening toolkit for OT systems

TEL AVIV, Israel – Operational technology (OT), cyber and risk management provider OTORIO has launched an open source Microsoft Distributed Component Object Model (DCOM) hardening toolkit to protect OT systems.

OTORIO has said that an upcoming Microsoft patch may cause issues with OT systems which can be resolved with the toolkit. It can be accessed by all organizations and is used to detect issues and supply temporary workarounds for “…weak DCOM authentication applications”. OTORIO also noted that its RAM² users would automatically have access to a new alert in the Safe Active Query, allowing detection across the entire network.

In short, with the toolkit users will be able to determine whether or not their networks contain unsecured DCOM rendered inoperable by the Microsoft patch. It will then provide remediation instruction to help organizations maintain control of their OT devices.

“Organizations need to understand whether or not they have a problem, and that’s where our toolkit comes in,” said Yair Attar, CTO & Co. Founder of OTORIO. “If a company applies the March patch and loses critical visibility and communication between nodes in its network, it could experience significant financial losses. Our goal is to prevent that kind of catastrophe.”

Microsoft recognized a critical vulnerability in its DCOM protocol in 2021 and announced a hardening patch to strengthen authentication between DCOM clients and servers. The patch has been introduced in phases to minimize business disruption. The patching coming on March 14^th, 2023, will entirely remove the option to enable unsecured DCOM.

You can find the tool online here.