Today Microsoft took the unusual step of releasing security updates for Windows XP, Windows 7 as well as Windows Server 2003 and 2008 to address a serious security issue with Remote Desktop Services. This vulnerability can be executed remotely and with no user interaction. The advice from Microsoft is:
"If you are on an out-of-support version, the best way to address this vulnerability is to upgrade to the latest version of Windows. Even so, we are making fixes available for these out-of-support versions of Windows"
In 2017, a very similar vulnerability was exploited by the WannaCry worm which infected hundreds of thousands of machines shutting down several hospitals in the UK as well as Telefonica and other high profile companies.
Industrial Control Systems are particularly vulnerable to these threats because they often have remote desktop services enabled, are often running obsolete versions of windows, may not have regular backups taken and are not regularly patched because in a lot of cases they don't have direct internet access. Some people believe that because a server or PC is not directly connected to the internet, that it is not at risk, however worms like WannaCry are able to quickly jump from machine to machine inside networks, so all it takes is for a user somewhere on the network to be infected and your plant floor systems can be taken down.
If you are concerned about the risk to your business please contact Crossmuller for a no obligation assessment of your control system and automation infrastructure.
