Microsoft confirms it missed Stuxnet print spooler 'zero-day'
22 Sep 2010
Computerworld, By Gregg Keizer
Contrary to reports, a bug that Microsoft patched last week had been publicly discussed a year and a half ago, security researchers said this week.
Microsoft confirmed Wednesday that it overlooked the vulnerability when it was revealed last year.
The vulnerability in Windows Print Spooler service was one of four exploited by Stuxnet, a worm that some have suggested was crafted to sabotage an Iranian nuclear reactor.
Last week, researchers at both Kaspersky Lab and Symantec, the firms that had reported the bug to Microsoft in July and August, respectively, said the print spooler vulnerability had not been publicly disclosed before they found Stuxnet was using the flaw.