Conficker - Re-Booted from Windows Embedded

Published: 2009-01-27
Last Updated: 2009-01-28 00:36:25 UTC
by Patrick Nolan (Version: 1)
1 comment(s)

Anyone with funny stories about Conficker infected Windows Embedded systems you can share please submit. I'll respond as resources allow. Thanks!

On a hopefully related note, contact your vendor - Windows Embedded January 2009 Security Updates for Runtimes Are Available

So far the site lists these updates, no mention of MS-08-067 yet;

KB 958687 - Vulnerabilities in SMB Could Allow Remote Code Execution. (MS09-001)

KB 952069 - Vulnerabilities in Windows Media Components Could Allow Remote Code Execution. (MS08-076)

Windows Embedded Products

Update - The Microsoft Windows Embedded December 2008 Updates included MS08-067 - KB 958644 Vulnerability in Server service could allow remote code execution, others and "security updates that were released from July onwards that are now available for (the) two newest versions of the product". Thanks for the pointer David!

Update;

Conficker Capable Crestron TPMC-8X Isys i/O™ 8.4" WiFi Touchpanel

Keywords:
1 comment(s)

Comments

It's been two years since I worked there, but I used to work for a bank. The older ATMs ran Windows XP-E and were known to get infected with Blaster before we installed a centrally managed firewall on them (Sygate, what Diebold supported). I don't know how many ATMs are still vulnerable, but there you go. They were being upgraded to new models that ran Windows XP Pro when I left; regular XP was much easier to keep patched (we had a Windows Update Server specifically for the ATMs).

Diary Archives