Invensys Information for VU#138633
Invensys Wonderware InTouch creates insecure NetDDE share
- Vendor Information Help Date Notified: 02 Oct 2007
- Statement Date:
- Date Updated: 27 Nov 2007
Wonderware, a business unit of Invensys, is committed to collaborate with our customers and industry standards committees to provide secure applications, security best practices, deployment guidelines, tools and prescriptive guidance for maintaining a secure environment. This issue was addressed in InTouch 9.0 and later versions. In addition to Restricting access per Microsoft Security Bulletin MS04-31, alternative solutions and additional information can be found in Wonderware’s Tech Alert 98 posted on our website. (Please note that access to the Tech Alert will require that you register on our web site.) Wonderware users interested in upgrading should contact Wonderware or their local distributor.
The vendor has not provided us with any further information regarding this vulnerability.