I know people may not get notices...
[FONT="]Dear Rockwell Automation Software User:[/FONT]
[FONT="]Rockwell Automation is releasing an update to its notice titled [/FONT][FONT="]"FactoryTalk Activation Unquoted Service Path Privilege Escalation[/FONT][FONT="]".[/FONT][FONT="] [FONT="]You are receiving this notification based on software activation and download records as of the release date of this updated notice.[/FONT][/FONT]
[FONT="]Please click on this link to review Knowledgebase Article ID 1030685 - https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1030685. The full text of the Knowledgebase Article is also provided below for your convenience.[/FONT]
[FONT="]Version 1.2 - August 24, 2017[/FONT][FONT="]
[FONT="]Version 1.1 - March 21, 2017[/FONT]
[FONT="]Version 1.0 - February 16, 2017[/FONT][/FONT]
[FONT="]Update: March 21, 2017[/FONT][FONT="]
[FONT="]A complete list of the software products that distribute versions of FactoryTalk® Activation Manager has been identified and listed under the affected products below. FactoryTalk Activation is a component of the FactoryTalk Services Platform that enables customers to activate and manage Rockwell Automation software products via activation files that are downloaded from the Internet.[/FONT][/FONT]
[FONT="]In those instances where customers using one of the listed software products are unable to update to the latest version of FactoryTalk Activation, please refer to the KnowledgeBase Article ID 939382 to verify and patch any unquoted service paths in a specific system.[/FONT]
[FONT="]An unquoted service path privilege escalation vulnerability is a known and documented vulnerability that affects all versions of Windows that support spaces in file path names. Certain versions of FactoryTalk® Activation Manager are susceptible to this vulnerability. FactoryTalk Activation is a component of the FactoryTalk Services Platform that enables customers to activate and manage Rockwell Automation software products via activation files that are downloaded from the Internet. This vulnerability can be exploited to link to, or run, a malicious executable of the attacker's choosing.[/FONT]
[FONT="]Rockwell Automation has provided a software update containing the remediation for this vulnerability. Rockwell Automation has also provided a series of steps to allow customers to mitigate this vulnerability in previously downloaded versions. Further details about this vulnerability, as well as recommended countermeasures, are contained below.[/FONT]
[FONT="]AFFECTED PRODUCTS[/FONT]
[FONT="]FactoryTalk Activation Service v4.00.02 and earlier[/FONT]
[FONT="]Update: March 21, 2017[/FONT][FONT="]
[FONT="]The following products require FactoryTalk Activation Manager to store and keep track of Rockwell Automation software products and activation files. All versions prior to v4.00.02 of the FactoryTalk Activation Service are affected. In other words, customers who recognize products from the following list are using FactoryTalk Activation Manager, and they may consult the Risk Mitigation section of this advisory for information on how to verify that their systems are affected and how to manually address this vulnerability.[/FONT][/FONT]
[/FONT]
[FONT="]
[/FONT]
[FONT="]Dear Rockwell Automation Software User:[/FONT]
[FONT="]Rockwell Automation is releasing an update to its notice titled [/FONT][FONT="]"FactoryTalk Activation Unquoted Service Path Privilege Escalation[/FONT][FONT="]".[/FONT][FONT="] [FONT="]You are receiving this notification based on software activation and download records as of the release date of this updated notice.[/FONT][/FONT]
[FONT="]Please click on this link to review Knowledgebase Article ID 1030685 - https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1030685. The full text of the Knowledgebase Article is also provided below for your convenience.[/FONT]
[FONT="]Version 1.2 - August 24, 2017[/FONT][FONT="]
[FONT="]Version 1.1 - March 21, 2017[/FONT]
[FONT="]Version 1.0 - February 16, 2017[/FONT][/FONT]
[FONT="]Update: March 21, 2017[/FONT][FONT="]
[FONT="]A complete list of the software products that distribute versions of FactoryTalk® Activation Manager has been identified and listed under the affected products below. FactoryTalk Activation is a component of the FactoryTalk Services Platform that enables customers to activate and manage Rockwell Automation software products via activation files that are downloaded from the Internet.[/FONT][/FONT]
[FONT="]In those instances where customers using one of the listed software products are unable to update to the latest version of FactoryTalk Activation, please refer to the KnowledgeBase Article ID 939382 to verify and patch any unquoted service paths in a specific system.[/FONT]
[FONT="]An unquoted service path privilege escalation vulnerability is a known and documented vulnerability that affects all versions of Windows that support spaces in file path names. Certain versions of FactoryTalk® Activation Manager are susceptible to this vulnerability. FactoryTalk Activation is a component of the FactoryTalk Services Platform that enables customers to activate and manage Rockwell Automation software products via activation files that are downloaded from the Internet. This vulnerability can be exploited to link to, or run, a malicious executable of the attacker's choosing.[/FONT]
[FONT="]Rockwell Automation has provided a software update containing the remediation for this vulnerability. Rockwell Automation has also provided a series of steps to allow customers to mitigate this vulnerability in previously downloaded versions. Further details about this vulnerability, as well as recommended countermeasures, are contained below.[/FONT]
[FONT="]AFFECTED PRODUCTS[/FONT]
[FONT="]FactoryTalk Activation Service v4.00.02 and earlier[/FONT]
[FONT="]Update: March 21, 2017[/FONT][FONT="]
[FONT="]The following products require FactoryTalk Activation Manager to store and keep track of Rockwell Automation software products and activation files. All versions prior to v4.00.02 of the FactoryTalk Activation Service are affected. In other words, customers who recognize products from the following list are using FactoryTalk Activation Manager, and they may consult the Risk Mitigation section of this advisory for information on how to verify that their systems are affected and how to manually address this vulnerability.[/FONT][/FONT]
- [FONT="]Arena®[/FONT]
- [FONT="]Emonitor®[/FONT]
- [FONT="]FactoryTalk® AssetCentre[/FONT]
- [FONT="]FactoryTalk® Batch[/FONT]
- [FONT="]FactoryTalk® EnergyMetrix™[/FONT]
- [FONT="]FactoryTalk® eProcedure®[/FONT]
- [FONT="]FactoryTalk® Gateway[/FONT]
- [FONT="]FactoryTalk® Historian Site Edition (SE)[/FONT]
- [FONT="]FactoryTalk® Historian Classic[/FONT]
- [FONT="]FactoryTalk® Information Server[/FONT]
- [FONT="]FactoryTalk® Metrics[/FONT]
- [FONT="]FactoryTalk® Transaction Manager[/FONT]
- [FONT="]FactoryTalk® VantagePoint®[/FONT]
- [FONT="]FactoryTalk® View Machine Edition (ME)[/FONT]
- [FONT="]FactoryTalk® View Site Edition (SE)[/FONT]
- [FONT="]FactoryTalk® ViewPoint[/FONT]
- [FONT="]RSFieldBus™[/FONT]
- [FONT="]RSLinx® Classic[/FONT]
- [FONT="]RSLogix 500®[/FONT]
- [FONT="]RSLogix 5000®[/FONT]
- [FONT="]RSLogix™ 5[/FONT]
- [FONT="]RSLogix™ Emulate 5000[/FONT]
- [FONT="]RSNetWorx™[/FONT]
- [FONT="]RSView®32[/FONT]
- [FONT="]SoftLogix™ 5800[/FONT]
- [FONT="]Studio 5000 Architect®[/FONT]
- [FONT="]Studio 5000 Logix Designer®[/FONT]
- [FONT="]Studio 5000 View Designer®[/FONT]
- [FONT="]Studio 5000® Logix Emulate™[/FONT]
[/FONT]
[FONT="]
[/FONT]