| Thread Tools |
12th March 2015, 07:23 | #1 |
[M] Reviewer Join Date: May 2010 Location: Romania
Posts: 148,500
| Stuxnet patch didn't work Microsoft's Stuxnet patch did not work properly and has left users open to the vulnerablity for five years. Microsoft today is expected to release a security bulletin, MS15-020, patching the vulnerability (CVE-2015-0096). It is unknown whether there have been public exploits of patched machines. The original LNK patch was released Aug. 2, 2010. The .LNK vulnerability was targeted by Stuxnet as it tried to take apart Iran’s nuclear program. German researcher Michael Heerklotz in January reported the new findings to HP’s Zero Day Initiative. LNK files define shortcuts to files or directories; Windows allows them to use custom icons from control panel files (.CPL). In Windows, ZDI said, those icons are loaded from modules, either executables or DLLs; CPLs are DLLs. An attacker is able to then define which executable module would be loaded, and use the .LNK file to execute arbitrary code inside of the Windows shell. Oddly the vulnerability does not seem to have been exploited in the wild, although the a Metasploit module has been available since 2010 and has been used in countless tests. http://fudzilla.com/news/37237-stuxn...ch-didn-t-work |
Thread Tools | |
| |