Security information

Meltdown / Spectre

2018-01-001

General Information on Meltdown / Spectre

Meltdown and Spectre can be used to steal sensitive information. Basic measures to protect against malware are described in the DC Security-guideline. According to the actual state of knowledge embedded systems like CML75 only have a higher risk of vulnerability in case the device is additionally infected with malicious code.

More information

2018-01-002

Important product information for Bosch Rexroth IndraWorks Engineering

The Windows-Security-Patches for the risks Meltdown and Spectre seriously compromise the usability and functionality of the Bosch Rexroth engineering- and operating software IndraWorks.

It prevents the start of internal service programs and dialog fields as well as the communication with controls and drives. Reason for that is a mistake on part of Microsoft. Microsoft is working on a solution. We demand, not to install these patches on devices, which use IndraWorks. The installation of the patches through automatic updates needs to be prevented in cooperation with the responsible IT specialists. Instead, it has to be waited until an accurate patch from Microsoft is available.

More information

2018-01-003

Updated product information for Bosch Rexroth IndraWorks Engineering and IndraWorks Operation

This malfunction does only affect the operating systems Windows 8 and Windows 10. The operating system Windows 7 is not, like we orginally published, affected.

More information

WannaCry

2017-06-001

How Rexroth HMI products are at risk from WannaCry ransomware

Industrial PC and embedded PC devices with Windows operating systems Windows XP, Windows 7 and Windows 10 and an operating system version older than March 2017, are susceptible to remote code execution via SMB.

Currently, “WannaCry” ransomware exploits this weakness in order to distribute malware and to encrypt data of affected systems.

More information