Did you like this?
friends and colleagues.
PCWorld, by Tony Bradley
Microsoft released nine new security bulletins--four with an overall rating of Critical this week for the September Patch Tuesday. The big news of the month, though, is the Stuxnet worm. Microsoft revealed that four additional zero day flaws are exploited by the worm, and two of those four remain unpatched.
The Stuxnet worm made headlines earlier this year when it was discovered to be used in sophisticated attacks against SCADA networks. Microsoft released an out-of-band update (MS10-046) to address the Windows shortcut flaw that enabled the malware to execute simply by displaying icons, but the worm apparently had some additional tricks up its sleeve.
A blog post from Kaspersky details the Stuxnet findings, "Until now, most of the focus has been on the LNK/PIF vulnerability which Stuxnet exploits in order to spread via removable storage media and networks. But this has turned out not to be Stuxnet's only surprise. The worm doesn't just spread by using the LNK vulnerability. Once it's infected a computer on a local network, it then attempts to penetrate other computers using two other propagation routines."
Related Business News Articles
86 percent of consumers 55 years old and over don’t believe they are a target for cybercriminalsLearn more >
Users who have suffered from Polyglot ransomware, also known as MarsJoke, can now restore their files with the decryption tool developed by Kaspersky Lab.Learn more >
Kaspersky Lab today announced that the company was named partner of the month for August 2016 by Citrix Ready, a program that helps customers identify third-party solutions that are recommended to enhance virtualization, networking and cloud computing solutions from Citrix.Learn more >