Subject: The Black Hat Demonstration
Regarding the ‘hacking’ demonstration reported from the Black Hat conference, which showed a potential vulnerability for someone to upload malicious software to the ATM via the RMS (Remote Management) function.
To close this potential hole, we advise customers to update their terminals with the following software:
1700W
Full Install: http://ftp.hantle.com/AP/1700W_AP_V020113W_Full.zip
Update: http://ftp.hantle.com/AP/1700W_AP_V020113W_Update.zip
C4000
Full Install: http://ftp.hantle.com/AP/C4000_AP_V020113C_Full.zip
Update: http://ftp.hantle.com/AP/C4000_AP_V020113C_Update.zip
T4000
Full Install: http://ftp.hantle.com/AP/T4000_AP_V020113T_Full.zip
Update: http://ftp.hantle.com/AP/T4000_AP_V020113T_Update.zip
* Note for T4000, this also includes the Service Panel fix (not allowing access)
Software Install Instructions
http://ftp.hantle.com/Manuals/Software_Update_Instructions.pdf
In the mean time, if you’re concerned about this story and you’re not using RMS to monitor your terminals you can advise your customers to disable the RMS receive function (if not already done) via the Operator Function Menu. This will prevent the ATM from answering RMS requests at all.
(Master or Service password required) Host Setup > Remote Monitor > RMS Receive = Disabled
With RMS disabled, the ATM will not answer the phone.
If you are a customer using RMS, we advise that you download the new software and update your machines.
Demonstrations such as this remind everyone of the threats our industry faces. We take these very seriously and will continue to look for ways to make to our machines secure.
If you have any questions please contact [Hantle] Technical Support.
|