Recent Active X vulnerability

rolfk · ‎05-31-2013

Well if it is a system that needs validation, and has in any form, smell or flavor connection to the internet (even if you can't go from that system to the internet but to an intranet with other computers who can) or can get USB flash drives plugged in, then yes I think it is a wise thing to go through this. Since you haven't used this components in any way anywhere the chances that something in your application is messed up are basically nihil.

Do you have Windows Update disabled too on those systems? And if you have are those computers truely disconnected from anything in the outside world? Would make me however wonder how you get any data from those systems.

Rolf Kalbermatter My Blog

DEMO, Electronic and Mechanical Support department, room 36.LB00.390

Peter_B · ‎05-31-2013

Thanks Rolf. We have many flavours of validated systems here. The most critical systems are controlled by re-imaging them when necessary. While they do have internet access the amount of changes permitted are limited by user account control restricting rights. AFAIK the Windows automatic updates are turned off. We store a master installation that is then duplicated to quite a few of the test stations regularly and when required.

On the less critical systems we only control the version of the S/W and not the state of the OS. As you point out, that approach would have implications for the validation status of the tool, but none I can remember in the last 10 years of exposure to this process.

I will roll out this security fix only to S/W that I know use these ActiveX components (which I think is perhaps only a few out of say 20-30).

Peter

LabVIEW

Recent Active X vulnerability

Re: Recent Active X vulnerability

Re: Recent Active X vulnerability