Microsoft Spotted 15 High-Security Vulnerabilities in Industrial SDK Used by Power Plants

Ars Technica reports that Microsoft "disclosed 15 high-severity vulnerabilities in a widely used collection of tools used to program operational devices inside industrial facilities" (like plants for power generation, factory automation, energy automation, and process automation).
On Friday Microsoft "warned that while exploiting the code-execution and denial-of-service vulnerabilities was difficult, it enabled threat actors to 'inflict great damage on targets.'"
The vulnerabilities affect the C