We have become aware of new variations of the Win32/DistTrack malware that had
been originally identified in 2012.
As of February 3, 2017, no Foxboro Evo or I/A Series Systems have been affected
by these new variations of the DistTrack malware. We want to make our customers aware
of this recent development so that appropriate protections can
be put in place. We strongly
advise customers to take note of the actions recommended, to test such actions
or patches on non-production systems as able, prior to deployment into
production environments. This approach is recommended in order to minimize risk
and exposure to announced vulnerabilities.
Once infected, the malware uses worm tactics to spread quickly throughout the
network. The probability of a workstation or server being rendered useless is
This advisory applies to all Foxboro Evo Process Automation Systems and I/A
Series systems users:
For systems using standard (non-Active Directory) installation options the risks
For secure (Active Directory-based)
installations the risks are lower but not eliminated.
For Solaris users the risks are speculated to exist as UNIX drives shared
between Windows and Solaris could be used to store dormant copies of the virus
should the windows machine become infected.