Microsoft has credited security partners at Kaspersky Lab and Symantec for helping to close a critical Windows vulnerability that was being exploited by a sophisticated worm that has attacked industrial plants around the world. The bug in the Windows Print Spooler, which was one of at least 11 vulnerabilities Microsoft patched …
Please hold off until next Tuesday, which is Patch Tuesday don't you know, Captain Botnet!
Cash For Gold Bedford
This conversation is going no where. It’s lacking the place of a good leader to head the things to come out on conclusion.
"This wouldn't have happened if they'd be running [insert non-windows OS of choice]....."
Gosh I hope this is the only post of this nature. How unutterably boring and predictable otherwise - time to update the copy-and-paste-comments list.
The butler, in the basement, with a rusty kitchen fork
The bug spread via the print spooler - is that some of the Windows Printer Sharing magic, at work? What a lot of creepy Windows *fail*
Worm attacked industrial plants around the world???
Yikes! I'm fetching the bug spray.
(What qualifies as an industrial plant? Corn? Sugar cane?)
Defective by design
When the hell is MS going to get it through their thick skulls that to share files and printers by default is a security accident waiting to happen. It's always the first thing I disable.
THIS SHOULD NOT BE THE DEFAULT BEHAVIOUR !
Sorry, but the answer is "Never".
Try using Windows before bashing it
I don't know what copy of XP you have used but all the copies I've installed require me to turn on File and Printer Sharing which is required to exploit the print spooler exploit......
Anonymous because I <3 Winders.
When is MS going to make this not the default behaviour?
About six years ago. Where have you been?
Time for another round of epic point missing by the usual MS bashers - sigh.
The critical factor in this attack is the backdoor password into Siemens software. The attacker, which according to the referenced article is likely a nation state, is targetting that weakness. With the combination of that opportunity, the desire, resources and technical skill of the attacker the distribution method becomes irrelevant. If these vulns had not existed others would have been sought. Had it been another OS then vulns in that would have been sought. And maybe no vulns would be found on [insert fanboi OS of choice]. In which case a nation state certainly has the resources to distribute the attack via other means. Agents, social engineering, honeytrap, extortion of site staff - whatever.
It really doesn't matter how strong you build your bank, whose alarm system you install or how many guards you employ if you fit a vault for which the access code is widely known to be '1234', sooner or later someone will come after you.
The USB stick weakness, print spooler weakness etc are sideshows. Another day, another MS vuln - yawn. Siemens are the newsworthy bad boys here.
How equally predictable
A nameless MS shill coming out to try to divert attention from the valid issues in this thread.
If you bothered to look at any of the posts on "the original article" you'll note the same people bashing MS on this thread mercilessly bashed Siemens for their criminal stupidity on that thread. The point of both being in both cases vendors have included default accounts which are easily compromised. Siemens did actually manage to out-bad MS on this one because MS at least allows an admin to alter the default settings.