Microsoft Reveals Stuxnet Worm Exploits Multiple Zero Days
PCWorld, by Tony Bradley
Microsoft released nine new security bulletins--four
with an overall rating of Critical this week for the September Patch
Tuesday. The big news of the month, though, is the Stuxnet worm.
Microsoft revealed that four additional zero day flaws are exploited by
the worm, and two of those four remain unpatched.
The Stuxnet worm made headlines
earlier this year when it was discovered to be used in sophisticated
attacks against SCADA networks. Microsoft released an out-of-band update
(MS10-046) to address the Windows shortcut flaw
that enabled the malware to execute simply by displaying icons, but the
worm apparently had some additional tricks up its sleeve.
A blog post from Kaspersky
details the Stuxnet findings, "Until now, most of the focus has been on
the LNK/PIF vulnerability which Stuxnet exploits in order to spread via
removable storage media and networks. But this has turned out not to be
Stuxnet's only surprise. The worm doesn't just spread by using the LNK
vulnerability. Once it's infected a computer on a local network, it then
attempts to penetrate other computers using two other propagation