Skip to main content
Customer Support Customer Support

Patched Windows Machines Exposed to Stuxnet LNK Flaw All Along

  • March 10, 2015
  • 1 reply
  • 1 view
Jasper_The_Rasper
Moderator
Forum|alt.badge.img+54


 
by Michael Mimoso       March 10, 2015 , 1:00 pm

A five-year-old Microsoft patch for the .LNK vulnerability exploited by Stuxnet failed to properly protect Windows machines, leaving them exposed to exploits since 2010.

Microsoft today is expected to release a security bulletin, MS15-020, patching the vulnerability (CVE-2015-0096). It is unknown whether there have been public exploits of patched machines. The original LNK patch was released Aug. 2, 2010.

The .LNK vulnerability was part of Stuxnet’s arsenal as it went after Iran’s nuclear program with a barrage of  exploits targeting Windows vulnerabilities, as well as shortcomings inside Siemens programmable logic controllers in charge of centrifuge operations inside the Natanz uranium enrichment facility.
 
Full Article
 
 
    TripleHelix
    1 person likes this
    • TripleHelix
      TripleHelix

    1 reply

    Jasper_The_Rasper
    Moderator
    Forum|alt.badge.img+54
     By Graeme Burton 11 Mar 2015
     
    http://www.computing.co.uk/IMG/764/228764/bug-malware-virus-security-threat-breach-370x229.jpg?1422965806
     
    Microsoft has finally patched a security vulnerability in Windows, which was one of four zero-day flaws exploited by the Stuxnet worm, in its latest Patch Tuesday series of updates. The series of patches also includes a total of five to fix flaws Microsoft rates as "critical". However, a security patch intended to replace one withdrawn in October has similarly failed to install, according to some user reports.
     
    The patch, KB3033929, has caused many PCs to struggle to restart until the patch is reversed. KB3033929 is intended to replace KB2949927 and is supposed to add SHA-2 signing and verification capabilities to Windows 7 and Windows Server 2008, R2. KB2949927 was introduced, and quickly withdrawn, in October when it caused a series of Windows failures.
     
    Full Article
     
    Ssherjj
    1 person likes this
    • Ssherjj
      Ssherjj

    Reply


    Terms & Conditions