How quaint!
Please hold off until next Tuesday, which is Patch Tuesday don't you know, Captain Botnet!
Microsoft has credited security partners at Kaspersky Lab and Symantec for helping to close a critical Windows vulnerability that was being exploited by a sophisticated worm that has attacked industrial plants around the world. The bug in the Windows Print Spooler, which was one of at least 11 vulnerabilities Microsoft patched …
Time for another round of epic point missing by the usual MS bashers - sigh.
The critical factor in this attack is the backdoor password into Siemens software. The attacker, which according to the referenced article is likely a nation state, is targetting that weakness. With the combination of that opportunity, the desire, resources and technical skill of the attacker the distribution method becomes irrelevant. If these vulns had not existed others would have been sought. Had it been another OS then vulns in that would have been sought. And maybe no vulns would be found on [insert fanboi OS of choice]. In which case a nation state certainly has the resources to distribute the attack via other means. Agents, social engineering, honeytrap, extortion of site staff - whatever.
It really doesn't matter how strong you build your bank, whose alarm system you install or how many guards you employ if you fit a vault for which the access code is widely known to be '1234', sooner or later someone will come after you.
The USB stick weakness, print spooler weakness etc are sideshows. Another day, another MS vuln - yawn. Siemens are the newsworthy bad boys here.
A nameless MS shill coming out to try to divert attention from the valid issues in this thread.
If you bothered to look at any of the posts on "the original article" you'll note the same people bashing MS on this thread mercilessly bashed Siemens for their criminal stupidity on that thread. The point of both being in both cases vendors have included default accounts which are easily compromised. Siemens did actually manage to out-bad MS on this one because MS at least allows an admin to alter the default settings.