• Dealing with DCOM


    Susan Bradley

    By Susan Bradley

    In the June updates, Microsoft continues its journey to harden the Distributed Component Object Model (DCOM), with the goal of making it more resilient to attack.

    DCOM is a proprietary Microsoft software component that allows COM objects to communicate with each other over a network. Network OLE was the precursor to DCOM (remember Windows 3.1.1?). Because DCOM can run programs on other computers, hackers can leverage it for lateral-movement attacks through your network, gaining access to more data. This activity can be difficult to detect because it’s not malware or hacker tools — all it takes to access DCOM is PowerShell.

    Read the full story in our Plus Newsletter (19.26.0, 2022-06-27).