M
There is a story at the following link that a new virus appears to be targeting HMI/SCADA systems.
http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/
According to the story, it seems to be specifically targeting Siemens WinCC through a Windows security hole, although users of other software shouldn't feel smug about that, because there might be other strains affecting systems from other vendors as well. According to the story, it spreads via USB keys and fully patched versions of MS Windows 7 are vulnerable. It is likely that older versions of MS Windows are also affected (the story doesn't go into that however). This is *not* the familiar "auto-run" vulnerability, so you're not safe just because you've turned that off.
The really interesting point is that this appears to be specifically targeting industrial controls, rather than just the usual attempts by spammers to take over home PCs for botnets. If you are using this type of software, this is probably a story to keep an eye on.
http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/
According to the story, it seems to be specifically targeting Siemens WinCC through a Windows security hole, although users of other software shouldn't feel smug about that, because there might be other strains affecting systems from other vendors as well. According to the story, it spreads via USB keys and fully patched versions of MS Windows 7 are vulnerable. It is likely that older versions of MS Windows are also affected (the story doesn't go into that however). This is *not* the familiar "auto-run" vulnerability, so you're not safe just because you've turned that off.
The really interesting point is that this appears to be specifically targeting industrial controls, rather than just the usual attempts by spammers to take over home PCs for botnets. If you are using this type of software, this is probably a story to keep an eye on.