Restricted DLL loading
- Last UpdatedOct 01, 2025
- 1 minute read
Overview
The registry-based mechanism for restricted DLL loading has been introduced from this release. It is designed to strengthen system security by controlling which directories are permitted for library loading. This mechanism aims to minimize the risk of malicious or unintended DLLs being loaded into the system.
By default, restricted DLL loading is disabled. It is recommended to enable this feature in a test environment first to determine if it affects your application's functionality
You can enable or disable restricted DLL loading by editing the relevant registry key. This key is generated during installation and has a default value of 0, meaning the feature is off.
-
Registry Key Location: HKEY_LOCAL_MACHINE\SOFTWARE\AVEVA\SystemPlatform\Security
-
Value name: EnableRestrictedDllLoading
-
Type: DWORD (0 = Disabled, 1 = Enabled)
Values
-
0x00000000 (0): Restricted DLL loading is disabled (default)
-
0x00000001 (1): Restricted DLL loading is enabled
If the value is not specified or is anything other than 1, restricted DLL loading will remain disabled by default.
Test
If your application is affected by this feature, you might encounter some issues in your system. In the Logger you may see some warning or error messages.
This functionality may affect following:
-
Application Server
-
Custom Application Objects created with the AOT
-
Custom script libraries
-
IDE Extensions
-
GRAccess-based programs
-
-
InTouch HMI
-
Custom script libraries
-
IDEA Toolkit extensions
-
Network Application Development
-
Some Remote Desktop scenarios
-
Plan for moving forward
In the next release, this feature will be enabled by default, but you will still have the option to disable it. In a subsequent release, the feature will be enabled by default with no option to disable it.