Home > slashdot > Stuxnet Attacks Used 4 Windows Zero-Day Exploits

Stuxnet Attacks Used 4 Windows Zero-Day Exploits

September 14th, 2010 09:06 admin Leave a comment Go to comments

abadnog writes “The attackers behind the recent Stuxnet worm attack used four different zero-day security vulnerabilities to burrow into — and spread around — Microsoft’s Windows operating system, according to a startling disclosure from Microsoft. Two of the four vulnerabilities are still unpatched. Microsoft said the attackers initially targeted the old MS08-067 vulnerability (used in the Conficker attack), a new LNK (Windows Shortcut) flaw to launch exploit code on vulnerable Windows systems and a zero-day bug in the Print Spooler Service that makes it possible for malicious code to be passed to, and then executed on, a remote machine. The malware also exploited two different elevation of privilege holes to gain complete control over the affected system.”

Source: Stuxnet Attacks Used 4 Windows Zero-Day Exploits

Related Articles:

  1. Project Basecamp Adds Stuxnet-Like Attacks To Metasploit
  2. Stuxnet May Represent New Trend In Malware
  3. Stuxnet Virus Now Biggest Threat To Industry
  4. Precursor To the Next Stuxnet?
  5. Stuxnet Authors Made Key Errors
blog comments powered by Disqus