Vulnerability in customization of Arrive InfoPoint AI-101 using Microsoft XP Embedded Standard OS

Published: Monday, August 20, 2012
Version: 1.0

General Information

Executive Summary

This security update refers to a publicly disclosed vulnerability in customization of a single instance for 12 device units of the discontinued Arrive InfoPoint AI-101 devices that were using Microsoft XP Embedded Standard OS.

The known vulnerability of Windows XP allows execution of Conficker worm on the System 32 file system residing on the customized device.

Please refer to Symantec Virus Alert W32.Downadup | Symantec  and Microsoft Virus alert about the Win32/Conficker worm Article ID: 962007 http://support.microsoft.com/kb/962007 . The information in this Knowledge Base article is intended for business environments that have system administrators who can implement the details in this article. There is no reason to use this article if your antivirus program is cleaning the virus correctly and if your systems are fully updated.

Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.

Microsoft also recommends that users ensure that their network passwords are strong to prevent this worm from spreading via weak administrator passwords. More information is available here.

Microsoft also recommends that users apply an update that changes the AutoPlay functionality in Windows to prevent this worm from spreading via USB drives. More information is available in the Microsoft Knowledgebase Article KB971029.

To confirm that the system is clean of the Conficker virus, perform a quick scan from the following Web page: http://safety.live.com  For detailed information about the Conficker virus, visit the following Microsoft Web page:  http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Win32%2fConficker

Recommendation

The majority of customers do not require any customization of Arrive InfoPoint AI-101 devices and use them “as-is” and will not need to take any action at this point. Customers who have followed customization of the device and have not loaded and Windows XP SP3 updates and virus security on the devices need to scan and check for the presence of malware. For information on customization of Arrive InfoPoint AI-101 please contact Arrive Support.

For administrators and enterprise installations, or end users who want to customize the system at any later date after purchase, Arrive recommends that customers apply reputed Anti-Virus software to the system with Windows XP SP3 updates and keep the virus definitions always current.

For customers who are detecting issues with the presence of malware on  the discontinued Arrive InfoPoint AI-101 Windows XP Embedded OS instances, we recommend that you contact Arrive at Arrive Support.

Known Issues: None

Acknowledgments

Arrive® would like to thank the individuals and organizations who have reported a security vulnerability or vulnerabilities in an Arrive® product or online service, and for working with Arrive® to help protect our customers. We would like to acknowledge the support of Digital Securus who identified and helped investigate the issue.

Disclaimer

The information provided in this bulletin is provided “as is” without warranty of any kind. Arrive Systems disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Arrive Systems or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special, exemplary, or punitive damages, even if Arrive Systems or its suppliers have been advised of the possibility of such damages.  In any event, Arrive Systems total aggregate liability to you for all damages of every kind and type (regardless of whether based in contract or tort) shall not exceed the purchase price of the product. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Revisions

  • V1.0 – Monday, August 20, 2012 : Bulletin published.