Microsoft is one of the world’s biggest tech companies, and its products and services are used by billions of people around the world. For example, many government agencies and private businesses in various countries use Microsoft’s products, such as Windows operating systems, Office productivity suite, and Azure cloud computing platform. While this situation gives the company a special access, Microsoft is also doing its part. The company discovered 15 serious flaws in the CODESYS V3 SDK that could turn off power plants.

Microsoft finds vulnerabilities it says could be used to shut down power plants

Recently, Microsoft found some weak spots in a tool that many factories and power plants use. This tool, called CODESYS V3 SDK, helps factories and power plants run smoothly. The danger is, if some “bad guys” find and use these weak spots, they could cause big problems. They could turn off a whole power plant or mess with how things run.

Microsoft Power Plant

Microsoft said that while it’s hard to do this, if someone manages to, it could lead to serious damage. Now, the good news is that Microsoft told Codesys (the company that makes the tool) about these problems. Codesys made a fix, and many factories and power plants have likely already put this fix in place. But for those that haven’t, they need to do it quickly.

However, to use these weak spots, bad guys need to know a lot about the tool and need a special kind of access. A while ago, there was another weak spot (CVE-2019-9013) that, if not fixed, could give them this access. So, factories and power plants need to make sure they’ve fixed that too. But, these types of attacks are rare. And with many factories and power plants likely having fixed the weak spots, big problems seem less likely. However, we are likely to receive bad news in the near future.

RELATED:

(via)

RELATED ARTICLESMORE FROM AUTHOR