News: Worm hits Windows-based ATMs:
"An unknown number of ATMs running Windows XP Embedded were shut down during the spread of the so-called Nachi worm, said executives at Diebold, which made the ATMs and refused to name the customers affected.

The Nachi worm, also dubbed 'Welchia,' was written to clean up after the MSBlast, or Blaster, worm. Instead it crippled or congested networks around the world, including the check-in system at Air Canada. Both worms spread through a hole in Windows XP, 2000, NT and Server 2003. "

"It's a harbinger of things to come," said Bruce Schneier, chief technical officer of network monitoring company Counterpane Internet Security.

"Specific-purpose machines, like microwave ovens and until now ATM machines, never got viruses," said Schneier, author of "Beyond Fear: Thinking Sensibly About Security in an Uncertain World." "Now that they are using a general purpose operating system, Diebold should expect a lot more of this in the future," he said.

John Pescatore, an analyst at Gartner, agreed.

"It's a horrendous security mistake," he said of specific-purpose machines like ATMs running Windows, which is written for general-purpose computers and for which Microsoft releases security fixes on a regular basis. "I'm a lot more worried about my money than I was before this."

Diebold switched from using IBM's OS/2 on its ATMs because banks were requesting Windows, said Steve Grzymkowski, senior product marketing manager at Diebold.

To help prevent future problems Diebold is shipping ATMs with firewall software designed to block out viruses and other attacks, he said.

"As far as it happening again, I wouldn't want to speculate on that," Grzymkowski said.

Schneier and Pescatore said they were worried about the security of other Windows-based Diebold appliances--voting machines, which run Windows CE.…

http://zdnet.com.com/2100-1105_2-5117285.html