据Naked Security媒体的报道，Armis Lab安全研究人员近日在美国风河公司（Wind River System）开发的VxWorks实时操作系统中，发现了11个重大安全性漏洞。该系统广泛应用于航空、国防、工业、医疗、电子、网络及其他关键行业中，包括电梯、路由器及防火墙等系统，预计将影响全球2亿台设备。在这11个漏洞中， 有6个漏洞被分类为关键远程代码执行漏洞（RCE），另外5个则是相对严重性较低的漏洞。Armis Lab安全研究人员对网络攻击者可以在不被计算机发现的情况下找出漏洞并控制相应的设备表示担忧。目前，从6.5版以来的所有VxWorks系统和其他旧版软件都有这些漏洞，而VxWorks 653和Cert Edition则没有受到这些安全行漏洞的影响。风河公司已在7月19日发布安装包试图修复漏洞。

　　　11 FLAWS FOUND IN WIND RIVER REAL-TIME OPERATING SYSTEMS

　　Researchers at Armis Labs discovered 11 potentially serious security flaws in the Wind River VxWorks real-time operating system, Naked Security reports. The flaws reportedly affect about 200 million devices, including elevators, routers and firewalls. The list of 11 flaws includes six remote code execution flaws and five less-serious issues. Armis Labs expressed concern that attackers could exploit the flaws to take control of affected devices without being detected. All versions of VxWorks since 6.5 are affected, as well as some older versions of the software. The VxWorks 653 and Cert Edition are not affected by the security flaws. Wind River issued patches to repair the flaws on July 19.